it('verify updating permissions of a discussion results in a share activity being generated', function(callback) { TestsUtil.generateTestUsers(camAdminRestContext, 2, function(err, users) { var simon = _.values(users)[0]; var branden = _.values(users)[1]; // Create a discussion to share RestAPI.Discussions.createDiscussion(simon.restContext, 'Something something discussworthy', 'Start discussing this sweet topic', 'loggedin', null, null, function(err, discussion) { assert.ok(!err); assert.ok(discussion); var memberUpdates = {}; memberUpdates[branden.user.id] = 'member'; // Simon shares the discussion with Branden RestAPI.Discussions.updateDiscussionMembers(simon.restContext, discussion.id, memberUpdates, function(err) { assert.ok(!err); // Collect the activities ActivityTestsUtil.collectAndGetActivityStream(simon.restContext, simon.user.id, null, function(err, activityStream) { assert.ok(!err); // Verify the discussion-share activity is the newest one in the feed var activity = activityStream.items[0]; assert.ok(activity); assert.equal(activity['oae:activityType'], 'discussion-share'); assert.equal(activity.actor['oae:id'], simon.user.id); assert.equal(activity.object['oae:id'], discussion.id); assert.equal(activity.target['oae:id'], branden.user.id); return callback(); }); }); }); }); });
it('verify updating a discussion results in an activity being generated', function(callback) { TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users) { var simon = _.values(users)[0]; // Create a discussion to share RestAPI.Discussions.createDiscussion(simon.restContext, 'Something something discussworthy', 'Start discussing this sweet topic', 'loggedin', null, null, function(err, discussion) { assert.ok(!err); assert.ok(discussion); RestAPI.Discussions.updateDiscussion(simon.restContext, discussion.id, {'displayName': 'Blah!'}, function(err, discussionProfile) { assert.ok(!err); assert.ok(discussionProfile); // Collect the activities ActivityTestsUtil.collectAndGetActivityStream(simon.restContext, simon.user.id, null, function(err, activityStream) { assert.ok(!err); // Verify the discussion-share activity is the newest one in the feed var activity = activityStream.items[0]; assert.ok(activity); assert.equal(activity['oae:activityType'], 'discussion-update'); assert.equal(activity.actor['oae:id'], simon.user.id); assert.equal(activity.object['oae:id'], discussion.id); return callback(); }); }); }); }); });
it('verify the user thumbnail visibility in member search results', function(callback) { // Setup the user/group structure. TestsUtil.generateTestUsers(camAdminRestContext, 4, function(err, users) { assert.ok(!err); var publicUser = _.values(users)[0]; var loggedInUser = _.values(users)[1]; var privateUser = _.values(users)[2]; var nonMemberUser = _.values(users)[3]; RestAPI.User.updateUser(loggedInUser.restContext, loggedInUser.user.id, { 'visibility': 'loggedin' }, function(err) { assert.ok(!err); RestAPI.User.updateUser(privateUser.restContext, privateUser.user.id, { 'visibility': 'private' }, function(err) { assert.ok(!err); // each user has a profile picture. var selectedArea = createSelectedArea(10, 10, 200, 200); RestAPI.User.uploadPicture(publicUser.restContext, publicUser.user.id, getPictureStream, selectedArea, function(err) { assert.ok(!err); RestAPI.User.uploadPicture(loggedInUser.restContext, loggedInUser.user.id, getPictureStream, selectedArea, function(err) { assert.ok(!err); RestAPI.User.uploadPicture(privateUser.restContext, privateUser.user.id, getPictureStream, selectedArea, function(err) { assert.ok(!err); // Create a group with the two other members. var groupName = TestsUtil.generateTestUserId('someGroupName'); RestAPI.Group.createGroup(privateUser.restContext, groupName, groupName, 'public', 'no', [], [loggedInUser.user.id, publicUser.user.id], function(err, group) { assert.ok(!err); // Perform one search where we wait for the search index to refresh. // All subsequent search requests don't have to wait. SearchTestsUtil.searchAll(anonymousRestContext, 'members', [group.id], null, function(err, results) { assert.ok(!err); // anonymous can search the group membership list but can only see the public user his picture. verifySearchThumbnails(anonymousRestContext, group.id, true, false, false, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, function() { // a logged in user can see the public and 'logged in' user. verifySearchThumbnails(nonMemberUser.restContext, group.id, true, true, false, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, function() { // The public member can only see his own thumbnail and the loggedin user. verifySearchThumbnails(publicUser.restContext, group.id, true, true, false, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, function() { // The 'logged in' user can see his own thumbnail and the public one. verifySearchThumbnails(loggedInUser.restContext, group.id, true, true, false, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, function() { // The private user can see everyone's thumbnail. verifySearchThumbnails(privateUser.restContext, group.id, true, true, true, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, callback); }); }); }); }); }); }); }); }); }); }); }); }); });
it('verify sendEmail validation', function(callback) { TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users, mrvisser) { assert.ok(!err); // Verify error when there is no email delete mrvisser.user.email; EmailTestsUtil.sendEmail('oae-email', 'test', mrvisser.user, null, null, function(err, message) { assert.ok(err); assert.equal(err.code, 400); mrvisser.user.email = 'blah blah blah'; // Verify error when there is invalid email EmailTestsUtil.sendEmail('oae-email', 'test', mrvisser.user, null, null, function(err, message) { assert.ok(err); assert.equal(err.code, 400); // Verify error when there is no user EmailTestsUtil.sendEmail('oae-email', 'test', null, null, null, function(err, message) { assert.ok(err); assert.equal(err.code, 400); mrvisser.user.email = '*****@*****.**'; // Verify error when there is no module EmailTestsUtil.sendEmail(null, 'test', mrvisser.user, null, null, function(err, message) { assert.ok(err); assert.equal(err.code, 400); // Verify error when there is no template id EmailTestsUtil.sendEmail('oae-email', null, mrvisser.user, null, null, function(err, message) { assert.ok(err); assert.equal(err.code, 400); // Verify error with non-existent module EmailTestsUtil.sendEmail('oae-non-existent', 'test', mrvisser.user, null, null, function(err, message) { assert.ok(err); assert.equal(err.code, 500); // Verify error with non-existent template id EmailTestsUtil.sendEmail('oae-email', 'TemplateDoesNotExist', mrvisser.user, null, null, function(err, message) { assert.ok(err); assert.equal(err.code, 500); // Sanity check EmailTestsUtil.sendEmail('oae-email', 'test', mrvisser.user, null, null, function(err, message) { assert.ok(!err); assert.ok(message); return callback(); }); }); }); }); }); }); }); }); }); });
_setupOAuth(function(simong, client, accessToken) { TestsUtil.generateTestUsers(localAdminRestContext, 1, function(err, users, nico) { assert.ok(!err); // Verify an anonymous user cannot delete a client RestAPI.OAuth.deleteClient(anonymousLocalRestContext, simong.user.id, client.id, function(err, data) { assert.equal(err.code, 401); // Verify you cannot delete another user their client RestAPI.OAuth.deleteClient(nico.restContext, simong.user.id, client.id, function(err, data) { assert.equal(err.code, 401); // Verify that a tenant admin cannot delete a client for a user that is not from his tenant RestAPI.OAuth.deleteClient(camAdminRestContext, simong.user.id, client.id, function(err, data) { assert.equal(err.code, 401); // Sanity check the client is still there RestAPI.OAuth.getClients(localAdminRestContext, simong.user.id, function(err, data) { assert.ok(!err); assert.equal(data.results.length, 1); assert.equal(data.results[0].id, client.id); assert.equal(data.results[0].displayName, client.displayName); assert.equal(data.results[0].secret, client.secret); // Delete the client RestAPI.OAuth.deleteClient(simong.restContext, simong.user.id, client.id, function(err, data) { assert.ok(!err); // Verify that it's been removed RestAPI.OAuth.getClients(simong.restContext, simong.user.id, function(err, data) { assert.ok(!err); assert.equal(data.results.length, 0); // Create another client and try to delete it as the tenant admin var clientDisplayName = TestsUtil.generateRandomText(1); RestAPI.OAuth.createClient(localAdminRestContext, simong.user.id, clientDisplayName, function(err, client) { assert.ok(!err); assert.equal(client.displayName, clientDisplayName); RestAPI.OAuth.deleteClient(localAdminRestContext, simong.user.id, client.id, function(err, data) { assert.ok(!err); // Verify that it's been removed RestAPI.OAuth.getClients(simong.restContext, simong.user.id, function(err, data) { assert.ok(!err); assert.equal(data.results.length, 0); return callback(); }); }); }); }); }); }); }); }); }); }); });
createPreviews((contexts, contentObj, previews) => { // Share the item with Bert, who is a user in the Cambridge tenant TestsUtil.generateTestUsers(camAdminRestContext, 1, (err, users) => { assert.ok(!err); const bert = _.values(users)[0]; RestAPI.Content.shareContent(contexts.nicolaas.restContext, contentObj.id, [bert.user.id], err => { assert.ok(!err); // Bert should receive an activity that Nicolaas shared a piece of content with him ActivityTestsUtil.collectAndGetActivityStream(bert.restContext, bert.user.id, null, (err, activityStream) => { assert.ok(!err); const activity = _.find(activityStream.items, activity => { return activity.object['oae:id'] === contentObj.id; }); assert.ok(activity); // Verify the activity _verifySignedDownloadUrl(bert.restContext, activity.object.image.url, () => { // Verify the thumbnailUrl is on the content profile, but not the back-end uri RestAPI.Content.getContent(bert.restContext, contentObj.id, (err, contentObjOnCamTenant) => { assert.ok(!err); assert.ok(!contentObjOnCamTenant.previews.thumbnailUri); assert.ok(contentObjOnCamTenant.previews.thumbnailUrl); _verifySignedDownloadUrl(bert.restContext, contentObjOnCamTenant.previews.thumbnailUrl, () => { // Verify the thumbnailUrl in search results const randomText = TestsUtil.generateRandomText(5); RestAPI.Content.updateContent( contexts.nicolaas.restContext, contentObj.id, { displayName: randomText }, (err, updatedContentObj) => { assert.ok(!err); SearchTestsUtil.searchAll( bert.restContext, 'general', null, { resourceTypes: 'content', q: randomText }, (err, results) => { assert.ok(!err); const doc = _.find(results.results, doc => { return doc.id === contentObj.id; }); assert.ok(doc); return _verifySignedDownloadUrl(bert.restContext, doc.thumbnailUrl, callback); } ); } ); }); }); }); }); }); }); });
var _createUser = function(callback) { TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users) { assert.ok(!err); var user = _.values(users)[0]; var ctx = user.restContext; ctx.user = user.user; return callback(ctx); }); };
it('verify publishing a pad respects the content permissions.', function(callback) { TestsUtil.generateTestUsers(camAdminRestContext, 2, function(err, users) { assert.ok(!err); var simonCtx = _.values(users)[0].restContext; var brandenCtx = _.values(users)[1].restContext; // Simon creates a collaborative document that's private. var name = TestsUtil.generateTestUserId(); RestAPI.Content.createCollabDoc(simonCtx, name, 'description', 'private', [], [], function(err, contentObj) { assert.ok(!err); RestAPI.Content.publishCollabDoc(simonCtx, contentObj.id, function(err, data) { assert.ok(!err); assert.ok(data); // Branden has no access yet, so this should be a 401 RestAPI.Content.publishCollabDoc(brandenCtx, contentObj.id, function(err, data) { assert.equal(err.code, 401); assert.ok(!data); // Make Branden a viewer. // He should still not be able to publish it. var members = {}; members[_.keys(users)[1]] = 'viewer'; RestAPI.Content.updateMembers(simonCtx, contentObj.id, members, function(err) { assert.ok(!err); // Branden can't publish this document yet. RestAPI.Content.publishCollabDoc(brandenCtx, contentObj.id, function(err, data) { assert.equal(err.code, 401); assert.ok(!data); // Now make him a manager members[_.keys(users)[1]] = 'manager'; RestAPI.Content.updateMembers(simonCtx, contentObj.id, members, function(err) { assert.ok(!err); // Branden should now be able to access it. RestAPI.Content.publishCollabDoc(brandenCtx, contentObj.id, function(err, data) { assert.ok(!err); assert.ok(data); // By now we should have 3 revisions (not 4, as Branden's first publish was unauthorized) RestAPI.Content.getRevisions(simonCtx, contentObj.id, null, null, function(err, revisions) { assert.ok(!err); assert.equal(revisions.length, 3); callback(); }); }); }); }); }); }); }); }); }); });
const setupFixture = function(callback) { TestsUtil.generateTestUsers(localAdminRestContext, 2, (err, users, branden, simon) => { assert.ok(!err); const contexts = { branden, simon }; // Get the full profile so we have a signature to authenticate ourselves on the WS RestAPI.User.getMe(simon.restContext, (err, simonFull) => { assert.ok(!err); // Create a folder and get the full folder profile so we have a signature that we can use to register for push notifications FoldersTestUtil.assertCreateFolderSucceeds( simon.restContext, 'test displayName', 'test description', 'private', [branden], [], folder => { FoldersTestUtil.assertGetFolderSucceeds(simon.restContext, folder.id, folder => { // Route and deliver activities ActivityTestsUtil.collectAndGetActivityStream(simon.restContext, null, null, () => { // Register for some streams const data = { authentication: { userId: simon.user.id, tenantAlias: simonFull.tenant.alias, signature: simonFull.signature }, streams: [ { resourceId: folder.id, streamType: 'activity', token: folder.signature }, { resourceId: folder.id, streamType: 'message', token: folder.signature } ] }; ActivityTestsUtil.getFullySetupPushClient(data, client => { callback(contexts, folder, client); }); }); }); } ); }); }); };
var createUsers = function(callback) { TestsUtil.generateTestUsers(camAdminRestContext, 2, function(err, users) { assert.ok(!err); var contexts = {}; users = _.values(users); contexts['simon'] = users[0]; contexts['nicolaas'] = users[1]; callback(contexts); }); };
it('verifies anonymous cannot mark a notification stream as read', function(callback) { TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, createdUsers) { assert.ok(!err); RestAPI.Activity.markNotificationsRead(anonymousCamRestContext, function(err) { assert.ok(err); assert.equal(err.code, 401); return callback(); }); }); });
var setupFixture = function (callback) { TestsUtil.generateTestUsers(localAdminRestContext, 2, function (err, users, branden, simon) { assert.ok(!err); // Get the full profile so we have a signature to authenticate ourselves on the WS RestAPI.User.getMe(simon.restContext, function (err, simonFullProfile) { assert.ok(!err); // Create a meeting and get the full profile so we have a signature that we can use to register for push notifications RestAPI.MeetingsJitsi.createMeeting(simon.restContext, 'My meeting', 'My meeting description', false, false, 'private', [branden.user.id], null, function (err, meeting) { assert.ok(!err); RestAPI.MeetingsJitsi.getMeeting(simon.restContext, meeting.id, function (err, meeting) { assert.ok(!err); // Route and deliver activities ActivityTestsUtil.collectAndGetActivityStream(simon.restContext, null, null, function () { // Register for some streams var data = { 'authentication': { 'userId': simon.user.id, 'tenantAlias': simonFullProfile.tenant.alias, 'signature': simonFullProfile.signature }, 'streams': [ { 'resourceId': meeting.id, 'streamType': 'activity', 'token': meeting.signature }, { 'resourceId': meeting.id, 'streamType': 'message', 'token': meeting.signature } ] }; ActivityTestsUtil.getFullySetupPushClient(data, function (client) { var contexts = { 'branden': branden, 'simon': simon }; return callback(contexts, meeting, client); }); }); }); }); }); }); };
it('verify segregation', function(callback) { TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users, mrvisser) { RestAPI.User.getMe(mrvisser.restContext, function(err, mrvisserMeData) { assert.ok(!err); RestAPI.Content.createLink(mrvisser.restContext, 'Yahoo', 'Yahoo', 'public', 'http://www.yahoo.ca', [], [], [], function(err, yahooLink) { assert.ok(!err); RestAPI.Content.getContent(mrvisser.restContext, yahooLink.id, function(err, yahooLink) { assert.ok(!err); RestAPI.Content.createLink(mrvisser.restContext, 'Google', 'Google', 'public', 'http://www.google.ca', [], [], [], function(err, googleLink) { assert.ok(!err); RestAPI.Content.getContent(mrvisser.restContext, googleLink.id, function(err, googleLink) { assert.ok(!err); // Route and deliver activities ActivityTestUtil.collectAndGetActivityStream(mrvisser.restContext, null, null, function(err) { assert.ok(!err); // Subscribe on the Yahoo link var data = { 'authentication': { 'userId': mrvisserMeData.id, 'tenantAlias': mrvisserMeData.tenant.alias, 'signature': mrvisserMeData.signature }, 'streams': [{'resourceId': yahooLink.id, 'streamType': 'activity', 'token': yahooLink.signature}] }; ActivityTestUtil.getFullySetupPushClient(data, function(client) { client.on('message', function(message) { if (message) { assert.fail('No activities should be pushed to this stream as nothing happened on the "yahoo" link'); } }); // Trigger an update on the google item, we should not get an activity on the websocket for that content item RestAPI.Content.updateContent(mrvisser.restContext, googleLink.id, {'displayName': 'Google woo'}, function(err) { assert.ok(!err); // Route and deliver activities ActivityTestUtil.collectAndGetActivityStream(mrvisser.restContext, null, null, function(err) { assert.ok(!err); client.close(callback); }); }); }); }); }); }); }); }); }); }); });
it('verify only global administrators can request a signed tenant authentication', callback => { // Generate a regular user we'll use to try and get a signed tenant authentication request TestsUtil.generateTestUsers(camAdminRestContext, 1, (err, users, mrvisser) => { assert.ok(!err); // Verify anonymous cannot request signed authentication RestAPI.Admin.getSignedTenantAuthenticationRequestInfo( anonymousGlobalRestContext, 'localhost', (err, requestInfo) => { assert.ok(err); assert.strictEqual(err.code, 401); assert.ok(!requestInfo); // Verify a tenant admin cannot request signed authentication to another tenant RestAPI.Admin.getSignedTenantAuthenticationRequestInfo( camAdminRestContext, 'localhost', (err, requestInfo) => { assert.ok(err); // This actually throws 404 because these endpoints are not hooked up to the tenant servers assert.strictEqual(err.code, 404); assert.ok(!requestInfo); // Verify a regular user cannot request signed authentication to another tenant RestAPI.Admin.getSignedTenantAuthenticationRequestInfo( mrvisser.restContext, 'localhost', (err, requestInfo) => { assert.ok(err); // This actually throws 404 because these endpoints are not hooked up to the tenant servers assert.strictEqual(err.code, 404); assert.ok(!requestInfo); // Sanity check that global admin is granted the signed authentication request RestAPI.Admin.getSignedTenantAuthenticationRequestInfo( globalAdminRestContext, 'localhost', (err, requestInfo) => { assert.ok(!err); assert.ok(requestInfo); return callback(); } ); } ); } ); } ); }); });
it('verify users updating their email address need to verify it', function(callback) { TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users, simong) { assert.ok(!err); var oldEmailAddress = simong.user.email; // Sanity-check the email address is verified RestAPI.User.getMe(simong.restContext, function(err, me) { assert.ok(!err); assert.strictEqual(me.email, oldEmailAddress); // Sanity-check there's a mapping for it PrincipalsTestUtil.assertUserEmailMappingEquals(me.email, [me.id], function() { // Update the email address var email = TestsUtil.generateTestEmailAddress(); PrincipalsTestUtil.assertUpdateUserSucceeds(simong.restContext, simong.user.id, {'email': email}, function(user, token) { // Assert the old mapping is still in place PrincipalsTestUtil.assertUserEmailMappingEquals(oldEmailAddress, [me.id], function() { // Assert there's no mapping for the new email address as it hasn't been verified yet PrincipalsTestUtil.assertUserEmailMappingEquals(email, [], function() { // The old email address should still be in place as the new one hasn't been verified yet RestAPI.User.getMe(simong.restContext, function(err, me) { assert.ok(!err); assert.strictEqual(me.email, oldEmailAddress); // Assert we can verify the email address PrincipalsTestUtil.assertVerifyEmailSucceeds(simong.restContext, simong.user.id, token, function() { // Assert the old mapping is gone PrincipalsTestUtil.assertUserEmailMappingEquals(oldEmailAddress, [], function() { // Assert the new mapping is there PrincipalsTestUtil.assertUserEmailMappingEquals(email, [me.id], function() { // The new email address should be confirmed RestAPI.User.getMe(simong.restContext, function(err, me) { assert.ok(!err); assert.strictEqual(me.email, email.toLowerCase()); return callback(); }); }); }); }); }); }); }); }); }); }); }); });
it('verifies anonymous cannot get a notification stream', function(callback) { TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, createdUsers) { assert.ok(!err); RestAPI.Activity.getNotificationStream(anonymousCamRestContext, null, function(err, response) { assert.ok(err); assert.equal(err.code, 401); assert.ok(!response); return callback(); }); }); });
it('should properly add the meeting to the user meeting library when the user gains access to the meeting', callback => { TestsUtil.generateTestUsers(camAdminRestCtx, 2, (err, users, mrvisser, nicolaas) => { assert.ok(!err); // Create a meeting as mrvisser RestAPI.MeetingsJitsi.createMeeting( mrvisser.restContext, 'name', 'descr', false, false, 'public', null, null, (err, meeting) => { assert.ok(!err); // Seed mrvisser's and nicolaas's meeting libraries to ensure it does not get built from scratch RestAPI.MeetingsJitsi.getMeetingsLibrary(mrvisser.restContext, mrvisser.user.id, err => { assert.ok(!err); RestAPI.MeetingsJitsi.getMeetingsLibrary(nicolaas.restContext, nicolaas.user.id, err => { assert.ok(!err); // Make nicolaas a member of the meeting const updates = {}; updates[nicolaas.user.id] = 'member'; RestAPI.MeetingsJitsi.updateMembers(mrvisser.restContext, meeting.id, updates, err => { assert.ok(!err); // Ensure the meeting is still in mrvisser's and nicolaas's meeting libraries RestAPI.MeetingsJitsi.getMeetingsLibrary(mrvisser.restContext, mrvisser.user.id, (err, result) => { assert.ok(!err); let libraryEntry = result.results[0]; assert.ok(libraryEntry); assert.strictEqual(libraryEntry.id, meeting.id); RestAPI.MeetingsJitsi.getMeetingsLibrary(nicolaas.restContext, nicolaas.user.id, (err, result) => { assert.ok(!err); libraryEntry = result.results[0]; assert.ok(libraryEntry); assert.strictEqual(libraryEntry.id, meeting.id); return callback(); }); }); }); }); }); } ); }); });
const createUserAndLibrary = function(restCtx, userVisibility, callback) { // Create an user with the proper visibility TestsUtil.generateTestUsers(restCtx, 1, (err, users) => { const user = _.values(users)[0]; RestAPI.User.updateUser(user.restContext, user.user.id, { visibility: userVisibility }, err => { assert.ok(!err); // Fill up the user library with 3 meeting items RestAPI.MeetingsJitsi.createMeeting( user.restContext, 'name', 'description', false, false, 'private', null, null, (err, privateMeeting) => { assert.ok(!err); RestAPI.MeetingsJitsi.createMeeting( user.restContext, 'name', 'description', false, false, 'loggedin', null, null, (err, loggedinMeeting) => { assert.ok(!err); RestAPI.MeetingsJitsi.createMeeting( user.restContext, 'name', 'description', false, false, 'public', null, null, (err, publicMeeting) => { assert.ok(!err); return callback(user, privateMeeting, loggedinMeeting, publicMeeting); } ); } ); } ); }); }); };
it('verify validation when checking for a pending email verification token', function(callback) { TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users, simong) { assert.ok(!err); // Invalid user id PrincipalsTestUtil.assertGetEmailTokenFails(simong.restContext, 'not a user id', 400, function() { PrincipalsTestUtil.assertGetEmailTokenFails(simong.restContext, 'g:camtest:1234234', 400, function() { return callback(); }); }); }); });
RestAPI.UI.getSkinVariables(camAdminRestContext, global.oaeTests.tenants.gt.alias, function(err, data) { assert.equal(err.code, 401); TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users) { assert.ok(!err); var user = _.values(users)[0]; RestAPI.UI.getSkinVariables(user.restContext, global.oaeTests.tenants.gt.alias, function(err, data) { assert.equal(err.code, 401); return callback(); }); }); });
it('verify other template files can be included', function(callback) { TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users, mrvisser) { assert.ok(!err); EmailTestsUtil.sendEmail('oae-email', 'test_include', mrvisser.user, {}, null, function(err, message) { assert.ok(!err); assert.ok(message.html); assert.ok(message.html.indexOf('<p\n style="background-color: red;">') > -1); return callback(); }); }); });
it('verify exception handling from template rendering', function(callback) { TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users) { assert.ok(!err); var mrvisser = _.values(users)[0]; mrvisser.user.email = '*****@*****.**'; var _mailData = function(throwMeta, throwHtml, throwTxt, throwContent) { return { 'throwMeta': throwMeta, 'throwHtml': throwHtml, 'throwTxt': throwTxt, 'throwContent': throwContent }; }; // Verify we get an error when exception thrown from meta EmailTestsUtil.sendEmail('oae-email', 'test_throw_error', mrvisser.user, _mailData(true, false, false, false), null, function(err, message) { assert.ok(err); assert.equal(err.code, 500); assert.strictEqual(err.msg.indexOf('Error parsing email metadata'), 0); // Verify if an error is thrown from HTML but we still have a valid text, a message is still sent EmailTestsUtil.sendEmail('oae-email', 'test_throw_error', mrvisser.user, _mailData(false, true, false, false), null, function(err, message) { assert.ok(!err); assert.ok(!message.html); assert.ok(message.text); assert.ok(message.text.indexOf('OK') > -1); // Verify if an error is thrown from HTML but we still have a valid text, a message is still sent EmailTestsUtil.sendEmail('oae-email', 'test_throw_error', mrvisser.user, _mailData(false, false, true, false), null, function(err, message) { assert.ok(!err); assert.ok(message.html); assert.ok(message.html.indexOf('OK') > -1); // The HTML template gets auto-converted to text if it does not exist assert.ok(message.text); assert.ok(message.text.indexOf('OK') > -1); // Verify we get an error when exception thrown from meta EmailTestsUtil.sendEmail('oae-email', 'test_throw_error', mrvisser.user, _mailData(false, false, false, true), null, function(err, message) { assert.ok(err); assert.equal(err.code, 500); assert.strictEqual(err.msg.indexOf('Could not parse a suitable content template'), 0); return callback(); }); }); }); }); }); });
RestAPI.UI.getSkinVariables(camAdminRestContext, null, (err, data) => { assert.ok(!err); TestsUtil.generateTestUsers(camAdminRestContext, 1, (err, users) => { assert.ok(!err); const user = _.values(users)[0]; RestAPI.UI.getSkinVariables(user.restContext, null, (err, data) => { assert.strictEqual(err.code, 401); return callback(); }); }); });
var setupFixture = function(callback) { TestsUtil.generateTestUsers(localAdminRestContext, 2, function(err, users, branden, simon) { assert.ok(!err); var contexts = { 'branden': branden, 'simon': simon }; // Get the full profile so we have a signature to authenticate ourselves on the WS RestAPI.User.getMe(contexts['simon'].restContext, function(err, simonFull) { assert.ok(!err); // Create a piece of content and get the full content profile so we have a signature that we can use to register for push notifications RestAPI.Content.createFile(contexts['simon'].restContext, 'A file', 'A proper file', 'private', getFileStream, [contexts['branden'].user.id], [], function(err, contentObj) { assert.ok(!err); RestAPI.Content.getContent(contexts['simon'].restContext, contentObj.id, function(err, contentObj) { assert.ok(!err); // Route and deliver activities ActivityTestsUtil.collectAndGetActivityStream(contexts['simon'].restContext, null, null, function() { // Register for some streams var data = { 'authentication': { 'userId': contexts['simon'].user.id, 'tenantAlias': simonFull.tenant.alias, 'signature': simonFull.signature }, 'streams': [ { 'resourceId': contentObj.id, 'streamType': 'activity', 'token': contentObj.signature }, { 'resourceId': contentObj.id, 'streamType': 'message', 'token': contentObj.signature } ] }; ActivityTestsUtil.getFullySetupPushClient(data, function(client) { callback(contexts, contentObj, client); }); }); }); }); }); }); };
it('should only send the public stream of public users for a loggedin user on *another* tenant', callback => { TestsUtil.generateTestUsers(gtAdminRestCtx, 1, (err, myUsers) => { const otherTenantUser = _.values(myUsers)[0]; checkLibrary(otherTenantUser.restContext, users.public.user.user.id, true, [users.public.publicMeeting], () => { checkLibrary(otherTenantUser.restContext, users.loggedin.user.user.id, false, [], () => { checkLibrary(otherTenantUser.restContext, users.private.user.user.id, false, [], () => { return callback(); }); }); }); }); });
it('verify message activity is routed to the managers and recent contributers notification stream of a private discussion', function(callback) { TestsUtil.generateTestUsers(camAdminRestContext, 4, function(err, users, simon, nico, bert, stuart) { assert.ok(!err); RestAPI.Discussions.createDiscussion(simon.restContext, 'Something something discussworthy', 'Start discussing this sweet topic', 'private', [nico.user.id], [bert.user.id, stuart.user.id], function(err, discussion) { assert.ok(!err); RestAPI.Discussions.createMessage(bert.restContext, discussion.id, 'Message A', null, function(err, message) { assert.ok(!err); // Assert that the managers got it ActivityTestsUtil.collectAndGetNotificationStream(simon.restContext, null, function(err, activityStream) { assert.ok(!err); assert.ok(_.find(activityStream.items, function(activity) { return (activity['oae:activityType'] === 'discussion-message'); })); ActivityTestsUtil.collectAndGetNotificationStream(nico.restContext, null, function(err, activityStream) { assert.ok(!err); assert.ok(_.find(activityStream.items, function(activity) { return (activity['oae:activityType'] === 'discussion-message'); })); // Create another message and assert that both the managers and the recent contributers get a notification RestAPI.Discussions.createMessage(nico.restContext, discussion.id, 'Message A', null, function(err, message) { assert.ok(!err); // Because Bert made a message previously, he should get a notification as well ActivityTestsUtil.collectAndGetNotificationStream(bert.restContext, null, function(err, activityStream) { assert.ok(!err); var messageActivities = _.filter(activityStream.items, function(activity) { return (activity['oae:activityType'] === 'discussion-message'); }); assert.ok(messageActivities.length, 2); // Sanity-check that the managers got it as well ActivityTestsUtil.collectAndGetNotificationStream(nico.restContext, null, function(err, activityStream) { assert.ok(!err); var messageActivities = _.filter(activityStream.items, function(activity) { return (activity['oae:activityType'] === 'discussion-message'); }); assert.ok(messageActivities.length, 2); ActivityTestsUtil.collectAndGetNotificationStream(simon.restContext, null, function(err, activityStream) { assert.ok(!err); var messageActivities = _.filter(activityStream.items, function(activity) { return (activity['oae:activityType'] === 'discussion-message'); }); assert.ok(messageActivities.length, 2); return callback(); }); }); }); }); }); }); }); }); }); });
it('verify imposter cannot get another signed become user request', callback => { // Generate a test user to try and become TestsUtil.generateTestUsers(camAdminRestContext, 2, (err, users, mrvisser, simon) => { assert.ok(!err); // Make simon a tenant administrator so he can become mrvisser RestAPI.User.setTenantAdmin(camAdminRestContext, simon.user.id, true, err => { assert.ok(!err); // Sanity check that simon can get a signed request to become mrvisser RestAPI.Admin.getSignedBecomeUserAuthenticationRequestInfo( simon.restContext, mrvisser.user.id, (err, requestInfo) => { assert.ok(!err); assert.ok(requestInfo); // Imposter simon as a the global admin RestAPI.Admin.loginAsUser( globalAdminRestContext, simon.user.id, 'http://' + global.oaeTests.tenants.localhost.host, (err, globalAdminImposteringSimonRestContext) => { assert.ok(!err); // Ensure it is indeed an impostering context RestAPI.User.getMe(globalAdminImposteringSimonRestContext, (err, me) => { assert.ok(!err); assert.ok(me); assert.strictEqual(me.id, simon.user.id); assert.ok(me.imposter); // Ensure the simon imposter cannot get a signed authentication request to become mrvisser RestAPI.Admin.getSignedBecomeUserAuthenticationRequestInfo( globalAdminImposteringSimonRestContext, mrvisser.user.id, (err, requestInfo) => { assert.ok(err); assert.strictEqual(err.code, 401); assert.ok(!requestInfo); return callback(); } ); }); } ); } ); }); }); });
it('verify updating the metadata for a discussion, updates the index', callback => { TestsUtil.generateTestUsers(camAdminRestContext, 1, (err, user) => { assert.ok(!err); user = _.values(user)[0]; const randomText1 = TestsUtil.generateRandomText(5); const randomText2 = TestsUtil.generateRandomText(5); RestAPI.Discussions.createDiscussion( user.restContext, randomText1, randomText1, 'public', null, null, (err, discussion) => { assert.ok(!err); RestAPI.Discussions.updateDiscussion( user.restContext, discussion.id, { displayName: randomText2, description: randomText2 }, err => { assert.ok(!err); SearchTestsUtil.searchAll( user.restContext, 'general', null, { resourceTypes: 'discussion', q: randomText2 }, (err, results) => { assert.ok(!err); const doc = _getDocument(results.results, discussion.id); assert.ok(doc); assert.strictEqual(doc.displayName, randomText2); assert.strictEqual(doc.description, randomText2); assert.strictEqual( doc.profilePath, '/discussion/' + global.oaeTests.tenants.cam.alias + '/' + AuthzUtil.getResourceFromId(discussion.id).resourceId ); callback(); } ); } ); } ); }); });
it('verify get personal data', callback => { // Generate user in cam tenant TestsUtil.generateTestUsers(camAdminRestContext, 1, (err, users, brecke) => { assert.ok(!err); brecke.restContext.tenant = () => { return brecke.user.tenant; }; brecke.restContext.user = () => { return brecke.user; }; // Export personal data PrincipalsAPI.exportData(brecke.restContext, 'invalidUserId', 'personal-data', (err, zip) => { assert.ok(err); assert.strictEqual(400, err.code); PrincipalsAPI.exportData('invalidContext', brecke.user.id, 'personal-data', (err, zip) => { assert.ok(err); assert.strictEqual(401, err.code); PrincipalsAPI.exportData(brecke.restContext, brecke.user.id, 'invalidExportType', (err, zip) => { assert.ok(err); assert.strictEqual(402, err.code); PrincipalsAPI.exportData(brecke.restContext, brecke.user.id, 'personal-data', (err, zip) => { assert.ok(!err); // Verify the personal data on the zip file zip .file('personal_data.txt') .async(TO_STRING) .then(content => { const lines = content.split('\n'); const element = []; _.each(lines, (line, i) => { element[i] = line .split(': ') .reverse() .shift(); }); assert.strictEqual(brecke.user.id, element[0]); assert.strictEqual(brecke.user.displayName, element[1]); assert.strictEqual(brecke.user.email, element[2]); return callback(); }); }); }); }); }); }); });
var setupFixture = function(callback) { TestsUtil.generateTestUsers(localAdminRestContext, 2, function(err, users, branden, simon) { assert.ok(!err); var contexts = { 'branden': branden, 'simon': simon }; // Get the full profile so we have a signature to authenticate ourselves on the WS RestAPI.User.getMe(simon.restContext, function(err, simonFull) { assert.ok(!err); // Create a folder and get the full folder profile so we have a signature that we can use to register for push notifications FoldersTestUtil.assertCreateFolderSucceeds(simon.restContext, 'test displayName', 'test description', 'private', [branden], [], function(folder) { FoldersTestUtil.assertGetFolderSucceeds(simon.restContext, folder.id, function(folder) { // Route and deliver activities ActivityTestsUtil.collectAndGetActivityStream(simon.restContext, null, null, function() { // Register for some streams var data = { 'authentication': { 'userId': simon.user.id, 'tenantAlias': simonFull.tenant.alias, 'signature': simonFull.signature }, 'streams': [ { 'resourceId': folder.id, 'streamType': 'activity', 'token': folder.signature }, { 'resourceId': folder.id, 'streamType': 'message', 'token': folder.signature } ] }; ActivityTestsUtil.getFullySetupPushClient(data, function(client) { callback(contexts, folder, client); }); }); }); }); }); }); };