it('should return 200 OK if authenticated and export first card added to wallet', () => {
const agent = chai.request.agent(app);
return agent
.post('/auth/ldap')
.send({ username: '******', password: '******' })
.then((res) => {
return agent
.post('/api/wallet/import')
.attach('card', aliceCardData, '*****@*****.**');
})
.then(() => {
return agent
.get('/api/wallet/alice1@bond-network/export')
.buffer()
.parse(binaryParser);
})
.then((res) => {
res.should.have.status(200);
res.body.should.be.an.instanceOf(Buffer);
return IdCard.fromArchive(res.body);
})
.then((card) => {
card.getUserName().should.equal('alice1');
should.equal(card.getConnectionProfile().wallet, undefined);
});
});
beforeEach(function(done) {
agent = chai.request.agent(server);
var test = tests.scenarios[testNo];
var tasks = [Promise.resolve()];
Promise.all(DropDbs())
.then(() => {
var testUserLogin = (test.input && test.input.loggedIn === true)
? userLogIn(agent)
: Promise.resolve()
return testUserLogin;
})
.then((res) => {
var authorId = res && res.body.details && res.body.details._id;
if (test.input && test.input.db !== undefined) {
tasks.push( addDbContent(test.input.db, authorId ))
}
return Promise.all(tasks)
}).then(function() {
done();
})
.catch((err) => {
console.log(JSON.stringify(err));
done();
});
});
it('should return 200 OK if authenticated and use header for second card added to wallet', () => {
const agent = chai.request.agent(app);
return agent
.post('/auth/ldap')
.send({ username: '******', password: '******' })
.then((res) => {
return agent
.post('/api/wallet/import')
.attach('card', aliceCardData, '*****@*****.**');
})
.then((res) => {
return agent
.post('/api/wallet/import')
.attach('card', bobCardData, '*****@*****.**');
})
.then(() => {
return agent
.get('/api/system/ping')
.set('X-Composer-Card', 'bob1@bond-network');
})
.then((res) => {
res.should.have.status(200);
res.should.be.json;
res.body.participant.should.equal('org.acme.bond.Member#MEMBER_2');
});
});
it('should return 400 Bad Request if authenticated and default card is deleted from wallet', () => {
const agent = chai.request.agent(app);
return agent
.post('/auth/ldap')
.send({ username: '******', password: '******' })
.then((res) => {
return agent
.post('/api/wallet/import')
.attach('card', aliceCardData, '*****@*****.**');
})
.then((res) => {
return agent
.delete('/api/wallet/alice1@bond-network');
})
.then(() => {
return agent.get('/api/system/ping');
})
.then(() => {
throw new Error('should not get here');
})
.catch((err) => {
err.response.should.have.status(500);
err.response.body.error.message.should.match(/A business network card has not been specified/);
});
});
beforeEach(function () {
agent = chai.request.agent(app);
return agent
.post('/api/user/login')
.send({ name, password });
});
it('add a project', function(done){
var agent = chai.request.agent('http://localhost:3000')
agent
.post('/login')
.set('content-type', 'application/x-www-form-urlencoded')
.send({
username : '******',
password : '******'
})
.then(function(res) {
// The `agent` now has the sessionid cookie saved, and will send it
// back to the server in the next request:
return agent.post('/projects/add')
.set('content-type', 'application/x-www-form-urlencoded')
.set({
name : 'test',
description : 'test',
amount : '12345678.12345678',
token : '1BHPGY7Rb9WaBBkYPKjZTnKYRzt5mC8NPM'
})
.then(function(res){
expect(res).to.have.status(200);
expect(res.body).to.be.a('object');
expect(res).to.redirectTo('http://localhost:3000/');
done();
})
})
.catch(done)
})
createFoldersB2DropUnit.setup(function (err, results)
{
should.equal(err, null);
app = global.tests.app;
agent = chai.request.agent(app);
done();
});
beforeEach(function () {
const name = existingUserName;
const password = existingUserPassword;
agent = chai.request.agent(app);
return agent
.post('/api/user/login')
.send({ name, password });
});
it("Should give an error when the user is not authenticated", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
projectUtils.importProject(true, agent, privateProject, function (err, res)
{
res.statusCode.should.equal(401);
done();
});
});
it("[JSON] should give a 404 error if the user is unauthenticated", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
itemUtils.viewItem(true, agent, invalidProject.handle, testFolder1.name, function (err, res)
{
res.should.have.status(404);// -> At the moment it is responding with an html page
done();
});
});
it("Should give an error when the user is not authenticated", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
itemUtils.deleteItem(true, agent, privateProject.handle, testFolder1.name, function (err, res)
{
res.statusCode.should.equal(401);
done();
});
});
before(function(done) {
// Setup the agent
agent = chai.request.agent(server);
//create test prospect
// Login
done();
});
it("Should give an error when the user is unauthenticated", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
projectUtils.createFolderInProjectRoot(true, agent, publicProject.handle, folder.name, function (err, res)
{
res.statusCode.should.equal(401);
done();
});
});
it("Should give an error if the user is unauthenticated", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
itemUtils.itemRestoreMetadataVersion(true, agent, privateProject.handle, testFolder2.name, 0, function (err, res)
{
res.statusCode.should.equal(401);
done();
});
});
it("[HTML] should NOT access demouser1.username profile when given demouser1.username and NOT logged in", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
userUtils.getUserInfo(demouser1.username, false, agent, function (err, res)
{
res.should.have.status(401);
res.text.should.contain("Permission denied : cannot get information of the user because you are not logged in.");
done();
});
});
it("[HTML] Should give error when the user is not authenticated", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
projectUtils.listAllMyProjects(false, agent, function (err, res)
{
res.statusCode.should.equal(401);
res.text.should.contain("You are not authorized to perform this operation. You must be signed into Dendro.");
done();
});
});
it("[JSON] should NOT access demouser1.username profile when given non-existent username and NOT logged in", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
userUtils.getUserInfo(falseUser, true, agent, function (err, res)
{
res.should.have.status(401);
JSON.parse(res.text).message.should.equal("Permission denied : cannot get information of the user because you are not logged in.");
done();
});
});
it("Should give an error when the user is unauthenticated", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
repositoryUtils.exportFolderToRepository(true, metadataProject.handle, testFolder1.pathInProject + testFolder1.name, agent, {repository: b2shareData}, function (err, res)
{
res.statusCode.should.equal(401);
res.body.message.should.equal("Permission denied : cannot export resource because you do not have permissions to edit this project.");
done();
});
});
it("[JSON] should NOT fetch metadata of the " + metadataProject.handle + "/data/" + testFolder2.name + " folder without authenticating", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
itemUtils.getItemMetadata(true, agent, metadataProject.handle, testFolder2.name, function (err, res)
{
res.statusCode.should.equal(401);
should.not.exist(res.body.descriptors);
done();
});
});
it("[JSON] should fetch metadata of the " + publicProject.handle + "/data/" + testFolder1.name + " folder without authenticating", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
itemUtils.getItemMetadata(true, agent, publicProject.handle, testFolder1.name, function (err, res)
{
res.statusCode.should.equal(200);
res.body.descriptors.should.be.instanceof(Array);
done();
});
});
it("Should get an error when trying to access the html page to import a project when unauthenticated", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
projectUtils.importProjectHTMLPage(false, agent, function (err, res)
{
res.statusCode.should.equal(401);
res.text.should.contain("You are not authorized to perform this operation. You must be signed into Dendro.");
done();
});
});
it('should authenticate to the endpoint with valid credentials and get an access token', () => {
const agent = chai.request.agent(app);
return agent
.post('/auth/ldap')
.send({ username: '******', password: '******' })
.then((res) => {
res.redirects.should.have.lengthOf(2);
res.redirects[0].should.match(/\/?success=true$/);
res.req.should.have.cookie('access_token');
});
});
it.optional("Should give an error when the user is unauthenticated", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
repositoryUtils.calculate_ckan_repository_diffs(true, folderExportCkanData.uri, agent, {repository: ckanData}, function (err, res)
{
res.statusCode.should.equal(401);
res.body.message.should.equal("Permission denied : cannot calculate ckan repository diffs because you do not have permissions to edit this project.");
done();
});
});
it.optional("Should give an error when the user is unauthenticated", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
repositoryUtils.exportFolderByUriToRepository(true, folderExportCkanData.uri, agent, {repository: ckanData}, function (err, res)
{
res.statusCode.should.equal(401);
res.body.message.should.equal("Permission denied : cannot export resource because you do not have permissions to edit resources inside this project.");
done();
});
});
it("[JSON] Should give error when the user is not authenticated", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
projectUtils.listAllMyProjects(true, agent, function (err, res)
{
res.statusCode.should.equal(401);
res.body.message.should.equal("Error detected. You are not authorized to perform this operation. You must be signed into Dendro.");
done();
});
});
it("Should get an error when trying to access the request access to a project HTML page when not authenticated", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
projectUtils.getRequestProjectAccessPage(false, agent, metadataProject.handle, function (err, res)
{
res.statusCode.should.equal(200);
res.text.should.contain("<h1 class=\"page-header\">\n Please sign in\n </h1>");
done();
});
});
it("[JSON] should forbid ontology recommendation requests in project " + privateProject.handle + " if no user is authenticated.", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
itemUtils.getItemRecommendationOntologies(true, agent, privateProject.handle, testFolder1.name, function (err, res)
{
res.statusCode.should.equal(401);
res.body.should.not.be.instanceof(Array);
done();
});
});
it("[JSON] should refuse to fetch the parent_metadata of the " + privateProject.handle + "/data/" + testFolder1.name + " resource without authenticating", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
itemUtils.getItemParentMetadata(true, agent, privateProject.handle, testFolder1.name, function (err, res)
{
res.statusCode.should.equal(401);
should.not.exist(res.body.descriptors);
done();
});
});
it("Should give an error when the user is not authenticated", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
// jsonOnly, agent, projectHandle, itemPath, cb
itemUtils.deleteItem(true, agent, metadataProject.handle, testFolder2.name, function (err, res)
{
res.statusCode.should.equal(401);
done();
}, true);
});
it("[For an unauthenticated user] Should give an unauthorized error", function (done)
{
const app = global.tests.app;
const agent = chai.request.agent(app);
socialDendroUtils.getPostsURIsForUser(true, agent, pageNumber, useRank, function (err, res)
{
res.statusCode.should.equal(401);
res.body.message.should.equal("Error detected. You are not authorized to perform this operation. You must be signed into Dendro.");
done();
});
});