UNPKG

linagora-rse

Version:

Linagora RSE

github.com/linagora/openpaas-esn

linagora/openpaas-esn

216 lines (179 loc) 7.84 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
'use strict'; const request = require('supertest'), expect = require('chai').expect; describe('The update specific user\'s avatar API: PUT /users/:uuid/profile/avatar', () => { let app; let admin1Domain1, member1Domain1; let member1Domain2; let domain1; const password = 'secret'; beforeEach(function(done) { this.testEnv.initCore(err => { expect(err).to.not.exist; app = this.helpers.requireBackend('webserver/application'); this.helpers.api.applyDomainDeployment('linagora_test_domain', (err, models) => { expect(err).to.not.exist; admin1Domain1 = models.users[0]; member1Domain1 = models.users[1]; domain1 = models.domain; this.helpers.api.applyDomainDeployment('linagora_test_domain2', (err, models2) => { expect(err).to.not.exist; member1Domain2 = models2.users[1]; this.helpers.elasticsearch.saveTestConfiguration(this.helpers.callbacks.noError(done)); }); }); }); }); afterEach(function(done) { this.helpers.mongo.dropDatabase(done); }); it('should return 401 if not authenticated', function(done) { this.helpers.api.requireLogin(app, 'put', `/api/users/${member1Domain1._id}/profile/avatar?domain_id=${domain1._id}`, done); }); it('should return 403 if the request user is not domain manager', function(done) { this.helpers.api.loginAsUser(app, member1Domain1.emails[0], password, this.helpers.callbacks.noErrorAnd(loggedInAsUser => { const req = loggedInAsUser(request(app).put(`/api/users/${member1Domain1._id}/profile/avatar?domain_id=${domain1._id}`)); req.send().expect(403).end((err, res) => { expect(err).to.not.exist; expect(res.body.error.details).to.equal('User is not the domain manager'); done(); }); })); }); it('should return 403 if domain manager trying to modify avatar of not domain member', function(done) { this.helpers.api.loginAsUser(app, admin1Domain1.emails[0], password, this.helpers.callbacks.noErrorAnd(loggedInAsAdmin => { const req = loggedInAsAdmin(request(app).put(`/api/users/${member1Domain2._id}/profile/avatar?domain_id=${domain1._id}`)); req.send().expect(403).end((err, res) => { expect(err).to.not.exist; expect(res.body.details).to.equal('User does not belongs to the domain'); done(); }); })); }); it('should return 400 if no "size" query param is given', function(done) { this.helpers.api.loginAsUser(app, admin1Domain1.emails[0], password, this.helpers.callbacks.noErrorAnd(loggedInAsAdmin => { const req = loggedInAsAdmin( request(app).put(`/api/users/${member1Domain1._id}/profile/avatar?domain_id=${domain1._id}&mimetype=image%2Fpng`) ); req.send().expect(400).end((err, res) => { expect(err).to.not.exist; expect(res.body).to.shallowDeepEqual({ error: { code: 400, message: 'Bad Request', details: 'missing size in query' } }); done(); }); })); }); it('should return 400 if the "size" query param is not a number', function(done) { this.helpers.api.loginAsUser(app, admin1Domain1.emails[0], password, this.helpers.callbacks.noErrorAnd(loggedInAsAdmin => { const req = loggedInAsAdmin( request(app).put(`/api/users/${member1Domain1._id}/profile/avatar?domain_id=${domain1._id}&mimetype=image%2Fpng&size=not-a-number`) ); req.send().expect(400).end((err, res) => { expect(err).to.not.exist; expect(res.body).to.shallowDeepEqual({ error: { code: 400, message: 'Bad Request', details: 'size should be positive integer' } }); done(); }); })); }); it('should return 400 if the "size" query param is not a positive number', function(done) { this.helpers.api.loginAsUser(app, admin1Domain1.emails[0], password, this.helpers.callbacks.noErrorAnd(loggedInAsAdmin => { const req = loggedInAsAdmin( request(app).put(`/api/users/${member1Domain1._id}/profile/avatar?domain_id=${domain1._id}&mimetype=image%2Fpng&size=-69`) ); req.send().expect(400).end((err, res) => { expect(err).to.not.exist; expect(res.body).to.shallowDeepEqual({ error: { code: 400, message: 'Bad Request', details: 'size should be positive integer' } }); done(); }); })); }); it('should return 412 if the "size" query string is not equal to the actual image size', function(done) { const fileContent = require('fs').readFileSync(this.helpers.getFixturePath('image.png')); this.helpers.api.loginAsUser(app, admin1Domain1.emails[0], password, this.helpers.callbacks.noErrorAnd(loggedInAsAdmin => { const req = loggedInAsAdmin( request(app).put(`/api/users/${member1Domain1._id}/profile/avatar?domain_id=${domain1._id}`) ); req.query({ size: 123, mimetype: 'image/png' }) .set('Content-Type', 'image/png') .send(fileContent).expect(412).end((err, res) => { expect(err).to.not.exist; expect(res.body).to.shallowDeepEqual({ error: { code: 412, message: 'Precondition Failed', details: 'Avatar size given by user agent is 123 and avatar size returned by storage system is 41096' } }); done(); }); })); }); it('should return 400 if no "mimetype" query param is given', function(done) { this.helpers.api.loginAsUser(app, admin1Domain1.emails[0], password, this.helpers.callbacks.noErrorAnd(loggedInAsAdmin => { const req = loggedInAsAdmin( request(app).put(`/api/users/${member1Domain1._id}/profile/avatar?domain_id=${domain1._id}&size=123`) ); req.send().expect(400).end((err, res) => { expect(err).to.not.exist; expect(res.body).to.shallowDeepEqual({ error: { code: 400, message: 'Bad Request', details: 'missing mimetype in query' } }); done(); }); })); }); it('should return 415 if the "mimetype" query param is not an accepted mime type', function(done) { this.helpers.api.loginAsUser(app, admin1Domain1.emails[0], password, this.helpers.callbacks.noErrorAnd(loggedInAsAdmin => { const req = loggedInAsAdmin( request(app).put(`/api/users/${member1Domain1._id}/profile/avatar?domain_id=${domain1._id}&mimetype=not-accepted-type&size=123`) ); req.send().expect(415).end((err, res) => { expect(err).to.not.exist; expect(res.body).to.shallowDeepEqual({ error: { code: 415, message: 'Unsupported Media Type', details: `Mimetype not-accepted-type is not accepted: should be one in ${this.helpers.requireBackend('core/image').CONSTANTS.ACCEPTED_MIME_TYPES.join(', ')}` } }); done(); }); })); }); it('should return 200 with the ID of updated avatar', function(done) { const fileContent = require('fs').readFileSync(this.helpers.getFixturePath('image.png')); this.helpers.api.loginAsUser(app, admin1Domain1.emails[0], password, this.helpers.callbacks.noErrorAnd(loggedInAsAdmin => { const req = loggedInAsAdmin( request(app).put(`/api/users/${member1Domain1._id}/profile/avatar?domain_id=${domain1._id}`) ); req.query({ size: 41096, mimetype: 'image/png' }) .set('Content-Type', 'image/png') .send(fileContent).expect(200).end((err, res) => { expect(err).to.not.exist; expect(res.body._id).to.exist; done(); }); })); }); });