it('verify updating permissions of a discussion results in a share activity being generated', function(callback) {
TestsUtil.generateTestUsers(camAdminRestContext, 2, function(err, users) {
var simon = _.values(users)[0];
var branden = _.values(users)[1];
// Create a discussion to share
RestAPI.Discussions.createDiscussion(simon.restContext, 'Something something discussworthy', 'Start discussing this sweet topic', 'loggedin', null, null, function(err, discussion) {
assert.ok(!err);
assert.ok(discussion);
var memberUpdates = {};
memberUpdates[branden.user.id] = 'member';
// Simon shares the discussion with Branden
RestAPI.Discussions.updateDiscussionMembers(simon.restContext, discussion.id, memberUpdates, function(err) {
assert.ok(!err);
// Collect the activities
ActivityTestsUtil.collectAndGetActivityStream(simon.restContext, simon.user.id, null, function(err, activityStream) {
assert.ok(!err);
// Verify the discussion-share activity is the newest one in the feed
var activity = activityStream.items[0];
assert.ok(activity);
assert.equal(activity['oae:activityType'], 'discussion-share');
assert.equal(activity.actor['oae:id'], simon.user.id);
assert.equal(activity.object['oae:id'], discussion.id);
assert.equal(activity.target['oae:id'], branden.user.id);
return callback();
});
});
});
});
});
it('verify updating a discussion results in an activity being generated', function(callback) {
TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users) {
var simon = _.values(users)[0];
// Create a discussion to share
RestAPI.Discussions.createDiscussion(simon.restContext, 'Something something discussworthy', 'Start discussing this sweet topic', 'loggedin', null, null, function(err, discussion) {
assert.ok(!err);
assert.ok(discussion);
RestAPI.Discussions.updateDiscussion(simon.restContext, discussion.id, {'displayName': 'Blah!'}, function(err, discussionProfile) {
assert.ok(!err);
assert.ok(discussionProfile);
// Collect the activities
ActivityTestsUtil.collectAndGetActivityStream(simon.restContext, simon.user.id, null, function(err, activityStream) {
assert.ok(!err);
// Verify the discussion-share activity is the newest one in the feed
var activity = activityStream.items[0];
assert.ok(activity);
assert.equal(activity['oae:activityType'], 'discussion-update');
assert.equal(activity.actor['oae:id'], simon.user.id);
assert.equal(activity.object['oae:id'], discussion.id);
return callback();
});
});
});
});
});
it('verify the user thumbnail visibility in member search results', function(callback) {
// Setup the user/group structure.
TestsUtil.generateTestUsers(camAdminRestContext, 4, function(err, users) {
assert.ok(!err);
var publicUser = _.values(users)[0];
var loggedInUser = _.values(users)[1];
var privateUser = _.values(users)[2];
var nonMemberUser = _.values(users)[3];
RestAPI.User.updateUser(loggedInUser.restContext, loggedInUser.user.id, { 'visibility': 'loggedin' }, function(err) {
assert.ok(!err);
RestAPI.User.updateUser(privateUser.restContext, privateUser.user.id, { 'visibility': 'private' }, function(err) {
assert.ok(!err);
// each user has a profile picture.
var selectedArea = createSelectedArea(10, 10, 200, 200);
RestAPI.User.uploadPicture(publicUser.restContext, publicUser.user.id, getPictureStream, selectedArea, function(err) {
assert.ok(!err);
RestAPI.User.uploadPicture(loggedInUser.restContext, loggedInUser.user.id, getPictureStream, selectedArea, function(err) {
assert.ok(!err);
RestAPI.User.uploadPicture(privateUser.restContext, privateUser.user.id, getPictureStream, selectedArea, function(err) {
assert.ok(!err);
// Create a group with the two other members.
var groupName = TestsUtil.generateTestUserId('someGroupName');
RestAPI.Group.createGroup(privateUser.restContext, groupName, groupName, 'public', 'no', [], [loggedInUser.user.id, publicUser.user.id], function(err, group) {
assert.ok(!err);
// Perform one search where we wait for the search index to refresh.
// All subsequent search requests don't have to wait.
SearchTestsUtil.searchAll(anonymousRestContext, 'members', [group.id], null, function(err, results) {
assert.ok(!err);
// anonymous can search the group membership list but can only see the public user his picture.
verifySearchThumbnails(anonymousRestContext, group.id, true, false, false, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, function() {
// a logged in user can see the public and 'logged in' user.
verifySearchThumbnails(nonMemberUser.restContext, group.id, true, true, false, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, function() {
// The public member can only see his own thumbnail and the loggedin user.
verifySearchThumbnails(publicUser.restContext, group.id, true, true, false, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, function() {
// The 'logged in' user can see his own thumbnail and the public one.
verifySearchThumbnails(loggedInUser.restContext, group.id, true, true, false, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, function() {
// The private user can see everyone's thumbnail.
verifySearchThumbnails(privateUser.restContext, group.id, true, true, true, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, callback);
});
});
});
});
});
});
});
});
});
});
});
});
});
it('verify sendEmail validation', function(callback) {
TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users, mrvisser) {
assert.ok(!err);
// Verify error when there is no email
delete mrvisser.user.email;
EmailTestsUtil.sendEmail('oae-email', 'test', mrvisser.user, null, null, function(err, message) {
assert.ok(err);
assert.equal(err.code, 400);
mrvisser.user.email = 'blah blah blah';
// Verify error when there is invalid email
EmailTestsUtil.sendEmail('oae-email', 'test', mrvisser.user, null, null, function(err, message) {
assert.ok(err);
assert.equal(err.code, 400);
// Verify error when there is no user
EmailTestsUtil.sendEmail('oae-email', 'test', null, null, null, function(err, message) {
assert.ok(err);
assert.equal(err.code, 400);
mrvisser.user.email = '*****@*****.**';
// Verify error when there is no module
EmailTestsUtil.sendEmail(null, 'test', mrvisser.user, null, null, function(err, message) {
assert.ok(err);
assert.equal(err.code, 400);
// Verify error when there is no template id
EmailTestsUtil.sendEmail('oae-email', null, mrvisser.user, null, null, function(err, message) {
assert.ok(err);
assert.equal(err.code, 400);
// Verify error with non-existent module
EmailTestsUtil.sendEmail('oae-non-existent', 'test', mrvisser.user, null, null, function(err, message) {
assert.ok(err);
assert.equal(err.code, 500);
// Verify error with non-existent template id
EmailTestsUtil.sendEmail('oae-email', 'TemplateDoesNotExist', mrvisser.user, null, null, function(err, message) {
assert.ok(err);
assert.equal(err.code, 500);
// Sanity check
EmailTestsUtil.sendEmail('oae-email', 'test', mrvisser.user, null, null, function(err, message) {
assert.ok(!err);
assert.ok(message);
return callback();
});
});
});
});
});
});
});
});
});
});
_setupOAuth(function(simong, client, accessToken) {
TestsUtil.generateTestUsers(localAdminRestContext, 1, function(err, users, nico) {
assert.ok(!err);
// Verify an anonymous user cannot delete a client
RestAPI.OAuth.deleteClient(anonymousLocalRestContext, simong.user.id, client.id, function(err, data) {
assert.equal(err.code, 401);
// Verify you cannot delete another user their client
RestAPI.OAuth.deleteClient(nico.restContext, simong.user.id, client.id, function(err, data) {
assert.equal(err.code, 401);
// Verify that a tenant admin cannot delete a client for a user that is not from his tenant
RestAPI.OAuth.deleteClient(camAdminRestContext, simong.user.id, client.id, function(err, data) {
assert.equal(err.code, 401);
// Sanity check the client is still there
RestAPI.OAuth.getClients(localAdminRestContext, simong.user.id, function(err, data) {
assert.ok(!err);
assert.equal(data.results.length, 1);
assert.equal(data.results[0].id, client.id);
assert.equal(data.results[0].displayName, client.displayName);
assert.equal(data.results[0].secret, client.secret);
// Delete the client
RestAPI.OAuth.deleteClient(simong.restContext, simong.user.id, client.id, function(err, data) {
assert.ok(!err);
// Verify that it's been removed
RestAPI.OAuth.getClients(simong.restContext, simong.user.id, function(err, data) {
assert.ok(!err);
assert.equal(data.results.length, 0);
// Create another client and try to delete it as the tenant admin
var clientDisplayName = TestsUtil.generateRandomText(1);
RestAPI.OAuth.createClient(localAdminRestContext, simong.user.id, clientDisplayName, function(err, client) {
assert.ok(!err);
assert.equal(client.displayName, clientDisplayName);
RestAPI.OAuth.deleteClient(localAdminRestContext, simong.user.id, client.id, function(err, data) {
assert.ok(!err);
// Verify that it's been removed
RestAPI.OAuth.getClients(simong.restContext, simong.user.id, function(err, data) {
assert.ok(!err);
assert.equal(data.results.length, 0);
return callback();
});
});
});
});
});
});
});
});
});
});
});
createPreviews((contexts, contentObj, previews) => {
// Share the item with Bert, who is a user in the Cambridge tenant
TestsUtil.generateTestUsers(camAdminRestContext, 1, (err, users) => {
assert.ok(!err);
const bert = _.values(users)[0];
RestAPI.Content.shareContent(contexts.nicolaas.restContext, contentObj.id, [bert.user.id], err => {
assert.ok(!err);
// Bert should receive an activity that Nicolaas shared a piece of content with him
ActivityTestsUtil.collectAndGetActivityStream(bert.restContext, bert.user.id, null, (err, activityStream) => {
assert.ok(!err);
const activity = _.find(activityStream.items, activity => {
return activity.object['oae:id'] === contentObj.id;
});
assert.ok(activity);
// Verify the activity
_verifySignedDownloadUrl(bert.restContext, activity.object.image.url, () => {
// Verify the thumbnailUrl is on the content profile, but not the back-end uri
RestAPI.Content.getContent(bert.restContext, contentObj.id, (err, contentObjOnCamTenant) => {
assert.ok(!err);
assert.ok(!contentObjOnCamTenant.previews.thumbnailUri);
assert.ok(contentObjOnCamTenant.previews.thumbnailUrl);
_verifySignedDownloadUrl(bert.restContext, contentObjOnCamTenant.previews.thumbnailUrl, () => {
// Verify the thumbnailUrl in search results
const randomText = TestsUtil.generateRandomText(5);
RestAPI.Content.updateContent(
contexts.nicolaas.restContext,
contentObj.id,
{ displayName: randomText },
(err, updatedContentObj) => {
assert.ok(!err);
SearchTestsUtil.searchAll(
bert.restContext,
'general',
null,
{ resourceTypes: 'content', q: randomText },
(err, results) => {
assert.ok(!err);
const doc = _.find(results.results, doc => {
return doc.id === contentObj.id;
});
assert.ok(doc);
return _verifySignedDownloadUrl(bert.restContext, doc.thumbnailUrl, callback);
}
);
}
);
});
});
});
});
});
});
});
var _createUser = function(callback) {
TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users) {
assert.ok(!err);
var user = _.values(users)[0];
var ctx = user.restContext;
ctx.user = user.user;
return callback(ctx);
});
};
it('verify publishing a pad respects the content permissions.', function(callback) {
TestsUtil.generateTestUsers(camAdminRestContext, 2, function(err, users) {
assert.ok(!err);
var simonCtx = _.values(users)[0].restContext;
var brandenCtx = _.values(users)[1].restContext;
// Simon creates a collaborative document that's private.
var name = TestsUtil.generateTestUserId();
RestAPI.Content.createCollabDoc(simonCtx, name, 'description', 'private', [], [], function(err, contentObj) {
assert.ok(!err);
RestAPI.Content.publishCollabDoc(simonCtx, contentObj.id, function(err, data) {
assert.ok(!err);
assert.ok(data);
// Branden has no access yet, so this should be a 401
RestAPI.Content.publishCollabDoc(brandenCtx, contentObj.id, function(err, data) {
assert.equal(err.code, 401);
assert.ok(!data);
// Make Branden a viewer.
// He should still not be able to publish it.
var members = {};
members[_.keys(users)[1]] = 'viewer';
RestAPI.Content.updateMembers(simonCtx, contentObj.id, members, function(err) {
assert.ok(!err);
// Branden can't publish this document yet.
RestAPI.Content.publishCollabDoc(brandenCtx, contentObj.id, function(err, data) {
assert.equal(err.code, 401);
assert.ok(!data);
// Now make him a manager
members[_.keys(users)[1]] = 'manager';
RestAPI.Content.updateMembers(simonCtx, contentObj.id, members, function(err) {
assert.ok(!err);
// Branden should now be able to access it.
RestAPI.Content.publishCollabDoc(brandenCtx, contentObj.id, function(err, data) {
assert.ok(!err);
assert.ok(data);
// By now we should have 3 revisions (not 4, as Branden's first publish was unauthorized)
RestAPI.Content.getRevisions(simonCtx, contentObj.id, null, null, function(err, revisions) {
assert.ok(!err);
assert.equal(revisions.length, 3);
callback();
});
});
});
});
});
});
});
});
});
});
const setupFixture = function(callback) {
TestsUtil.generateTestUsers(localAdminRestContext, 2, (err, users, branden, simon) => {
assert.ok(!err);
const contexts = {
branden,
simon
};
// Get the full profile so we have a signature to authenticate ourselves on the WS
RestAPI.User.getMe(simon.restContext, (err, simonFull) => {
assert.ok(!err);
// Create a folder and get the full folder profile so we have a signature that we can use to register for push notifications
FoldersTestUtil.assertCreateFolderSucceeds(
simon.restContext,
'test displayName',
'test description',
'private',
[branden],
[],
folder => {
FoldersTestUtil.assertGetFolderSucceeds(simon.restContext, folder.id, folder => {
// Route and deliver activities
ActivityTestsUtil.collectAndGetActivityStream(simon.restContext, null, null, () => {
// Register for some streams
const data = {
authentication: {
userId: simon.user.id,
tenantAlias: simonFull.tenant.alias,
signature: simonFull.signature
},
streams: [
{
resourceId: folder.id,
streamType: 'activity',
token: folder.signature
},
{
resourceId: folder.id,
streamType: 'message',
token: folder.signature
}
]
};
ActivityTestsUtil.getFullySetupPushClient(data, client => {
callback(contexts, folder, client);
});
});
});
}
);
});
});
};
var createUsers = function(callback) {
TestsUtil.generateTestUsers(camAdminRestContext, 2, function(err, users) {
assert.ok(!err);
var contexts = {};
users = _.values(users);
contexts['simon'] = users[0];
contexts['nicolaas'] = users[1];
callback(contexts);
});
};
it('verifies anonymous cannot mark a notification stream as read', function(callback) {
TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, createdUsers) {
assert.ok(!err);
RestAPI.Activity.markNotificationsRead(anonymousCamRestContext, function(err) {
assert.ok(err);
assert.equal(err.code, 401);
return callback();
});
});
});
var setupFixture = function (callback) {
TestsUtil.generateTestUsers(localAdminRestContext, 2, function (err, users, branden, simon) {
assert.ok(!err);
// Get the full profile so we have a signature to authenticate ourselves on the WS
RestAPI.User.getMe(simon.restContext, function (err, simonFullProfile) {
assert.ok(!err);
// Create a meeting and get the full profile so we have a signature that we can use to register for push notifications
RestAPI.MeetingsJitsi.createMeeting(simon.restContext, 'My meeting', 'My meeting description', false, false, 'private', [branden.user.id], null, function (err, meeting) {
assert.ok(!err);
RestAPI.MeetingsJitsi.getMeeting(simon.restContext, meeting.id, function (err, meeting) {
assert.ok(!err);
// Route and deliver activities
ActivityTestsUtil.collectAndGetActivityStream(simon.restContext, null, null, function () {
// Register for some streams
var data = {
'authentication': {
'userId': simon.user.id,
'tenantAlias': simonFullProfile.tenant.alias,
'signature': simonFullProfile.signature
},
'streams': [
{
'resourceId': meeting.id,
'streamType': 'activity',
'token': meeting.signature
},
{
'resourceId': meeting.id,
'streamType': 'message',
'token': meeting.signature
}
]
};
ActivityTestsUtil.getFullySetupPushClient(data, function (client) {
var contexts = {
'branden': branden,
'simon': simon
};
return callback(contexts, meeting, client);
});
});
});
});
});
});
};
it('verify segregation', function(callback) {
TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users, mrvisser) {
RestAPI.User.getMe(mrvisser.restContext, function(err, mrvisserMeData) {
assert.ok(!err);
RestAPI.Content.createLink(mrvisser.restContext, 'Yahoo', 'Yahoo', 'public', 'http://www.yahoo.ca', [], [], [], function(err, yahooLink) {
assert.ok(!err);
RestAPI.Content.getContent(mrvisser.restContext, yahooLink.id, function(err, yahooLink) {
assert.ok(!err);
RestAPI.Content.createLink(mrvisser.restContext, 'Google', 'Google', 'public', 'http://www.google.ca', [], [], [], function(err, googleLink) {
assert.ok(!err);
RestAPI.Content.getContent(mrvisser.restContext, googleLink.id, function(err, googleLink) {
assert.ok(!err);
// Route and deliver activities
ActivityTestUtil.collectAndGetActivityStream(mrvisser.restContext, null, null, function(err) {
assert.ok(!err);
// Subscribe on the Yahoo link
var data = {
'authentication': {
'userId': mrvisserMeData.id,
'tenantAlias': mrvisserMeData.tenant.alias,
'signature': mrvisserMeData.signature
},
'streams': [{'resourceId': yahooLink.id, 'streamType': 'activity', 'token': yahooLink.signature}]
};
ActivityTestUtil.getFullySetupPushClient(data, function(client) {
client.on('message', function(message) {
if (message) {
assert.fail('No activities should be pushed to this stream as nothing happened on the "yahoo" link');
}
});
// Trigger an update on the google item, we should not get an activity on the websocket for that content item
RestAPI.Content.updateContent(mrvisser.restContext, googleLink.id, {'displayName': 'Google woo'}, function(err) {
assert.ok(!err);
// Route and deliver activities
ActivityTestUtil.collectAndGetActivityStream(mrvisser.restContext, null, null, function(err) {
assert.ok(!err);
client.close(callback);
});
});
});
});
});
});
});
});
});
});
});
it('verify only global administrators can request a signed tenant authentication', callback => {
// Generate a regular user we'll use to try and get a signed tenant authentication request
TestsUtil.generateTestUsers(camAdminRestContext, 1, (err, users, mrvisser) => {
assert.ok(!err);
// Verify anonymous cannot request signed authentication
RestAPI.Admin.getSignedTenantAuthenticationRequestInfo(
anonymousGlobalRestContext,
'localhost',
(err, requestInfo) => {
assert.ok(err);
assert.strictEqual(err.code, 401);
assert.ok(!requestInfo);
// Verify a tenant admin cannot request signed authentication to another tenant
RestAPI.Admin.getSignedTenantAuthenticationRequestInfo(
camAdminRestContext,
'localhost',
(err, requestInfo) => {
assert.ok(err);
// This actually throws 404 because these endpoints are not hooked up to the tenant servers
assert.strictEqual(err.code, 404);
assert.ok(!requestInfo);
// Verify a regular user cannot request signed authentication to another tenant
RestAPI.Admin.getSignedTenantAuthenticationRequestInfo(
mrvisser.restContext,
'localhost',
(err, requestInfo) => {
assert.ok(err);
// This actually throws 404 because these endpoints are not hooked up to the tenant servers
assert.strictEqual(err.code, 404);
assert.ok(!requestInfo);
// Sanity check that global admin is granted the signed authentication request
RestAPI.Admin.getSignedTenantAuthenticationRequestInfo(
globalAdminRestContext,
'localhost',
(err, requestInfo) => {
assert.ok(!err);
assert.ok(requestInfo);
return callback();
}
);
}
);
}
);
}
);
});
});
it('verify users updating their email address need to verify it', function(callback) {
TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users, simong) {
assert.ok(!err);
var oldEmailAddress = simong.user.email;
// Sanity-check the email address is verified
RestAPI.User.getMe(simong.restContext, function(err, me) {
assert.ok(!err);
assert.strictEqual(me.email, oldEmailAddress);
// Sanity-check there's a mapping for it
PrincipalsTestUtil.assertUserEmailMappingEquals(me.email, [me.id], function() {
// Update the email address
var email = TestsUtil.generateTestEmailAddress();
PrincipalsTestUtil.assertUpdateUserSucceeds(simong.restContext, simong.user.id, {'email': email}, function(user, token) {
// Assert the old mapping is still in place
PrincipalsTestUtil.assertUserEmailMappingEquals(oldEmailAddress, [me.id], function() {
// Assert there's no mapping for the new email address as it hasn't been verified yet
PrincipalsTestUtil.assertUserEmailMappingEquals(email, [], function() {
// The old email address should still be in place as the new one hasn't been verified yet
RestAPI.User.getMe(simong.restContext, function(err, me) {
assert.ok(!err);
assert.strictEqual(me.email, oldEmailAddress);
// Assert we can verify the email address
PrincipalsTestUtil.assertVerifyEmailSucceeds(simong.restContext, simong.user.id, token, function() {
// Assert the old mapping is gone
PrincipalsTestUtil.assertUserEmailMappingEquals(oldEmailAddress, [], function() {
// Assert the new mapping is there
PrincipalsTestUtil.assertUserEmailMappingEquals(email, [me.id], function() {
// The new email address should be confirmed
RestAPI.User.getMe(simong.restContext, function(err, me) {
assert.ok(!err);
assert.strictEqual(me.email, email.toLowerCase());
return callback();
});
});
});
});
});
});
});
});
});
});
});
});
it('verifies anonymous cannot get a notification stream', function(callback) {
TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, createdUsers) {
assert.ok(!err);
RestAPI.Activity.getNotificationStream(anonymousCamRestContext, null, function(err, response) {
assert.ok(err);
assert.equal(err.code, 401);
assert.ok(!response);
return callback();
});
});
});
it('should properly add the meeting to the user meeting library when the user gains access to the meeting', callback => {
TestsUtil.generateTestUsers(camAdminRestCtx, 2, (err, users, mrvisser, nicolaas) => {
assert.ok(!err);
// Create a meeting as mrvisser
RestAPI.MeetingsJitsi.createMeeting(
mrvisser.restContext,
'name',
'descr',
false,
false,
'public',
null,
null,
(err, meeting) => {
assert.ok(!err);
// Seed mrvisser's and nicolaas's meeting libraries to ensure it does not get built from scratch
RestAPI.MeetingsJitsi.getMeetingsLibrary(mrvisser.restContext, mrvisser.user.id, err => {
assert.ok(!err);
RestAPI.MeetingsJitsi.getMeetingsLibrary(nicolaas.restContext, nicolaas.user.id, err => {
assert.ok(!err);
// Make nicolaas a member of the meeting
const updates = {};
updates[nicolaas.user.id] = 'member';
RestAPI.MeetingsJitsi.updateMembers(mrvisser.restContext, meeting.id, updates, err => {
assert.ok(!err);
// Ensure the meeting is still in mrvisser's and nicolaas's meeting libraries
RestAPI.MeetingsJitsi.getMeetingsLibrary(mrvisser.restContext, mrvisser.user.id, (err, result) => {
assert.ok(!err);
let libraryEntry = result.results[0];
assert.ok(libraryEntry);
assert.strictEqual(libraryEntry.id, meeting.id);
RestAPI.MeetingsJitsi.getMeetingsLibrary(nicolaas.restContext, nicolaas.user.id, (err, result) => {
assert.ok(!err);
libraryEntry = result.results[0];
assert.ok(libraryEntry);
assert.strictEqual(libraryEntry.id, meeting.id);
return callback();
});
});
});
});
});
}
);
});
});
const createUserAndLibrary = function(restCtx, userVisibility, callback) {
// Create an user with the proper visibility
TestsUtil.generateTestUsers(restCtx, 1, (err, users) => {
const user = _.values(users)[0];
RestAPI.User.updateUser(user.restContext, user.user.id, { visibility: userVisibility }, err => {
assert.ok(!err);
// Fill up the user library with 3 meeting items
RestAPI.MeetingsJitsi.createMeeting(
user.restContext,
'name',
'description',
false,
false,
'private',
null,
null,
(err, privateMeeting) => {
assert.ok(!err);
RestAPI.MeetingsJitsi.createMeeting(
user.restContext,
'name',
'description',
false,
false,
'loggedin',
null,
null,
(err, loggedinMeeting) => {
assert.ok(!err);
RestAPI.MeetingsJitsi.createMeeting(
user.restContext,
'name',
'description',
false,
false,
'public',
null,
null,
(err, publicMeeting) => {
assert.ok(!err);
return callback(user, privateMeeting, loggedinMeeting, publicMeeting);
}
);
}
);
}
);
});
});
};
it('verify validation when checking for a pending email verification token', function(callback) {
TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users, simong) {
assert.ok(!err);
// Invalid user id
PrincipalsTestUtil.assertGetEmailTokenFails(simong.restContext, 'not a user id', 400, function() {
PrincipalsTestUtil.assertGetEmailTokenFails(simong.restContext, 'g:camtest:1234234', 400, function() {
return callback();
});
});
});
});
RestAPI.UI.getSkinVariables(camAdminRestContext, global.oaeTests.tenants.gt.alias, function(err, data) {
assert.equal(err.code, 401);
TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users) {
assert.ok(!err);
var user = _.values(users)[0];
RestAPI.UI.getSkinVariables(user.restContext, global.oaeTests.tenants.gt.alias, function(err, data) {
assert.equal(err.code, 401);
return callback();
});
});
});
it('verify other template files can be included', function(callback) {
TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users, mrvisser) {
assert.ok(!err);
EmailTestsUtil.sendEmail('oae-email', 'test_include', mrvisser.user, {}, null, function(err, message) {
assert.ok(!err);
assert.ok(message.html);
assert.ok(message.html.indexOf('<p\n style="background-color: red;">') > -1);
return callback();
});
});
});
it('verify exception handling from template rendering', function(callback) {
TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users) {
assert.ok(!err);
var mrvisser = _.values(users)[0];
mrvisser.user.email = '*****@*****.**';
var _mailData = function(throwMeta, throwHtml, throwTxt, throwContent) {
return {
'throwMeta': throwMeta,
'throwHtml': throwHtml,
'throwTxt': throwTxt,
'throwContent': throwContent
};
};
// Verify we get an error when exception thrown from meta
EmailTestsUtil.sendEmail('oae-email', 'test_throw_error', mrvisser.user, _mailData(true, false, false, false), null, function(err, message) {
assert.ok(err);
assert.equal(err.code, 500);
assert.strictEqual(err.msg.indexOf('Error parsing email metadata'), 0);
// Verify if an error is thrown from HTML but we still have a valid text, a message is still sent
EmailTestsUtil.sendEmail('oae-email', 'test_throw_error', mrvisser.user, _mailData(false, true, false, false), null, function(err, message) {
assert.ok(!err);
assert.ok(!message.html);
assert.ok(message.text);
assert.ok(message.text.indexOf('OK') > -1);
// Verify if an error is thrown from HTML but we still have a valid text, a message is still sent
EmailTestsUtil.sendEmail('oae-email', 'test_throw_error', mrvisser.user, _mailData(false, false, true, false), null, function(err, message) {
assert.ok(!err);
assert.ok(message.html);
assert.ok(message.html.indexOf('OK') > -1);
// The HTML template gets auto-converted to text if it does not exist
assert.ok(message.text);
assert.ok(message.text.indexOf('OK') > -1);
// Verify we get an error when exception thrown from meta
EmailTestsUtil.sendEmail('oae-email', 'test_throw_error', mrvisser.user, _mailData(false, false, false, true), null, function(err, message) {
assert.ok(err);
assert.equal(err.code, 500);
assert.strictEqual(err.msg.indexOf('Could not parse a suitable content template'), 0);
return callback();
});
});
});
});
});
});
RestAPI.UI.getSkinVariables(camAdminRestContext, null, (err, data) => {
assert.ok(!err);
TestsUtil.generateTestUsers(camAdminRestContext, 1, (err, users) => {
assert.ok(!err);
const user = _.values(users)[0];
RestAPI.UI.getSkinVariables(user.restContext, null, (err, data) => {
assert.strictEqual(err.code, 401);
return callback();
});
});
});
var setupFixture = function(callback) {
TestsUtil.generateTestUsers(localAdminRestContext, 2, function(err, users, branden, simon) {
assert.ok(!err);
var contexts = {
'branden': branden,
'simon': simon
};
// Get the full profile so we have a signature to authenticate ourselves on the WS
RestAPI.User.getMe(contexts['simon'].restContext, function(err, simonFull) {
assert.ok(!err);
// Create a piece of content and get the full content profile so we have a signature that we can use to register for push notifications
RestAPI.Content.createFile(contexts['simon'].restContext, 'A file', 'A proper file', 'private', getFileStream, [contexts['branden'].user.id], [], function(err, contentObj) {
assert.ok(!err);
RestAPI.Content.getContent(contexts['simon'].restContext, contentObj.id, function(err, contentObj) {
assert.ok(!err);
// Route and deliver activities
ActivityTestsUtil.collectAndGetActivityStream(contexts['simon'].restContext, null, null, function() {
// Register for some streams
var data = {
'authentication': {
'userId': contexts['simon'].user.id,
'tenantAlias': simonFull.tenant.alias,
'signature': simonFull.signature
},
'streams': [
{
'resourceId': contentObj.id,
'streamType': 'activity',
'token': contentObj.signature
},
{
'resourceId': contentObj.id,
'streamType': 'message',
'token': contentObj.signature
}
]
};
ActivityTestsUtil.getFullySetupPushClient(data, function(client) {
callback(contexts, contentObj, client);
});
});
});
});
});
});
};
it('should only send the public stream of public users for a loggedin user on *another* tenant', callback => {
TestsUtil.generateTestUsers(gtAdminRestCtx, 1, (err, myUsers) => {
const otherTenantUser = _.values(myUsers)[0];
checkLibrary(otherTenantUser.restContext, users.public.user.user.id, true, [users.public.publicMeeting], () => {
checkLibrary(otherTenantUser.restContext, users.loggedin.user.user.id, false, [], () => {
checkLibrary(otherTenantUser.restContext, users.private.user.user.id, false, [], () => {
return callback();
});
});
});
});
});
it('verify message activity is routed to the managers and recent contributers notification stream of a private discussion', function(callback) {
TestsUtil.generateTestUsers(camAdminRestContext, 4, function(err, users, simon, nico, bert, stuart) {
assert.ok(!err);
RestAPI.Discussions.createDiscussion(simon.restContext, 'Something something discussworthy', 'Start discussing this sweet topic', 'private', [nico.user.id], [bert.user.id, stuart.user.id], function(err, discussion) {
assert.ok(!err);
RestAPI.Discussions.createMessage(bert.restContext, discussion.id, 'Message A', null, function(err, message) {
assert.ok(!err);
// Assert that the managers got it
ActivityTestsUtil.collectAndGetNotificationStream(simon.restContext, null, function(err, activityStream) {
assert.ok(!err);
assert.ok(_.find(activityStream.items, function(activity) { return (activity['oae:activityType'] === 'discussion-message'); }));
ActivityTestsUtil.collectAndGetNotificationStream(nico.restContext, null, function(err, activityStream) {
assert.ok(!err);
assert.ok(_.find(activityStream.items, function(activity) { return (activity['oae:activityType'] === 'discussion-message'); }));
// Create another message and assert that both the managers and the recent contributers get a notification
RestAPI.Discussions.createMessage(nico.restContext, discussion.id, 'Message A', null, function(err, message) {
assert.ok(!err);
// Because Bert made a message previously, he should get a notification as well
ActivityTestsUtil.collectAndGetNotificationStream(bert.restContext, null, function(err, activityStream) {
assert.ok(!err);
var messageActivities = _.filter(activityStream.items, function(activity) { return (activity['oae:activityType'] === 'discussion-message'); });
assert.ok(messageActivities.length, 2);
// Sanity-check that the managers got it as well
ActivityTestsUtil.collectAndGetNotificationStream(nico.restContext, null, function(err, activityStream) {
assert.ok(!err);
var messageActivities = _.filter(activityStream.items, function(activity) { return (activity['oae:activityType'] === 'discussion-message'); });
assert.ok(messageActivities.length, 2);
ActivityTestsUtil.collectAndGetNotificationStream(simon.restContext, null, function(err, activityStream) {
assert.ok(!err);
var messageActivities = _.filter(activityStream.items, function(activity) { return (activity['oae:activityType'] === 'discussion-message'); });
assert.ok(messageActivities.length, 2);
return callback();
});
});
});
});
});
});
});
});
});
});
it('verify imposter cannot get another signed become user request', callback => {
// Generate a test user to try and become
TestsUtil.generateTestUsers(camAdminRestContext, 2, (err, users, mrvisser, simon) => {
assert.ok(!err);
// Make simon a tenant administrator so he can become mrvisser
RestAPI.User.setTenantAdmin(camAdminRestContext, simon.user.id, true, err => {
assert.ok(!err);
// Sanity check that simon can get a signed request to become mrvisser
RestAPI.Admin.getSignedBecomeUserAuthenticationRequestInfo(
simon.restContext,
mrvisser.user.id,
(err, requestInfo) => {
assert.ok(!err);
assert.ok(requestInfo);
// Imposter simon as a the global admin
RestAPI.Admin.loginAsUser(
globalAdminRestContext,
simon.user.id,
'http://' + global.oaeTests.tenants.localhost.host,
(err, globalAdminImposteringSimonRestContext) => {
assert.ok(!err);
// Ensure it is indeed an impostering context
RestAPI.User.getMe(globalAdminImposteringSimonRestContext, (err, me) => {
assert.ok(!err);
assert.ok(me);
assert.strictEqual(me.id, simon.user.id);
assert.ok(me.imposter);
// Ensure the simon imposter cannot get a signed authentication request to become mrvisser
RestAPI.Admin.getSignedBecomeUserAuthenticationRequestInfo(
globalAdminImposteringSimonRestContext,
mrvisser.user.id,
(err, requestInfo) => {
assert.ok(err);
assert.strictEqual(err.code, 401);
assert.ok(!requestInfo);
return callback();
}
);
});
}
);
}
);
});
});
});
it('verify updating the metadata for a discussion, updates the index', callback => {
TestsUtil.generateTestUsers(camAdminRestContext, 1, (err, user) => {
assert.ok(!err);
user = _.values(user)[0];
const randomText1 = TestsUtil.generateRandomText(5);
const randomText2 = TestsUtil.generateRandomText(5);
RestAPI.Discussions.createDiscussion(
user.restContext,
randomText1,
randomText1,
'public',
null,
null,
(err, discussion) => {
assert.ok(!err);
RestAPI.Discussions.updateDiscussion(
user.restContext,
discussion.id,
{ displayName: randomText2, description: randomText2 },
err => {
assert.ok(!err);
SearchTestsUtil.searchAll(
user.restContext,
'general',
null,
{ resourceTypes: 'discussion', q: randomText2 },
(err, results) => {
assert.ok(!err);
const doc = _getDocument(results.results, discussion.id);
assert.ok(doc);
assert.strictEqual(doc.displayName, randomText2);
assert.strictEqual(doc.description, randomText2);
assert.strictEqual(
doc.profilePath,
'/discussion/' +
global.oaeTests.tenants.cam.alias +
'/' +
AuthzUtil.getResourceFromId(discussion.id).resourceId
);
callback();
}
);
}
);
}
);
});
});
it('verify get personal data', callback => {
// Generate user in cam tenant
TestsUtil.generateTestUsers(camAdminRestContext, 1, (err, users, brecke) => {
assert.ok(!err);
brecke.restContext.tenant = () => {
return brecke.user.tenant;
};
brecke.restContext.user = () => {
return brecke.user;
};
// Export personal data
PrincipalsAPI.exportData(brecke.restContext, 'invalidUserId', 'personal-data', (err, zip) => {
assert.ok(err);
assert.strictEqual(400, err.code);
PrincipalsAPI.exportData('invalidContext', brecke.user.id, 'personal-data', (err, zip) => {
assert.ok(err);
assert.strictEqual(401, err.code);
PrincipalsAPI.exportData(brecke.restContext, brecke.user.id, 'invalidExportType', (err, zip) => {
assert.ok(err);
assert.strictEqual(402, err.code);
PrincipalsAPI.exportData(brecke.restContext, brecke.user.id, 'personal-data', (err, zip) => {
assert.ok(!err);
// Verify the personal data on the zip file
zip
.file('personal_data.txt')
.async(TO_STRING)
.then(content => {
const lines = content.split('\n');
const element = [];
_.each(lines, (line, i) => {
element[i] = line
.split(': ')
.reverse()
.shift();
});
assert.strictEqual(brecke.user.id, element[0]);
assert.strictEqual(brecke.user.displayName, element[1]);
assert.strictEqual(brecke.user.email, element[2]);
return callback();
});
});
});
});
});
});
});
var setupFixture = function(callback) {
TestsUtil.generateTestUsers(localAdminRestContext, 2, function(err, users, branden, simon) {
assert.ok(!err);
var contexts = {
'branden': branden,
'simon': simon
};
// Get the full profile so we have a signature to authenticate ourselves on the WS
RestAPI.User.getMe(simon.restContext, function(err, simonFull) {
assert.ok(!err);
// Create a folder and get the full folder profile so we have a signature that we can use to register for push notifications
FoldersTestUtil.assertCreateFolderSucceeds(simon.restContext, 'test displayName', 'test description', 'private', [branden], [], function(folder) {
FoldersTestUtil.assertGetFolderSucceeds(simon.restContext, folder.id, function(folder) {
// Route and deliver activities
ActivityTestsUtil.collectAndGetActivityStream(simon.restContext, null, null, function() {
// Register for some streams
var data = {
'authentication': {
'userId': simon.user.id,
'tenantAlias': simonFull.tenant.alias,
'signature': simonFull.signature
},
'streams': [
{
'resourceId': folder.id,
'streamType': 'activity',
'token': folder.signature
},
{
'resourceId': folder.id,
'streamType': 'message',
'token': folder.signature
}
]
};
ActivityTestsUtil.getFullySetupPushClient(data, function(client) {
callback(contexts, folder, client);
});
});
});
});
});
});
};