it('verify group-add-member activity gets generated', function(callback) { var username = TestsUtil.generateTestUserId('user'); var groupAlias = TestsUtil.generateTestGroupId('group'); // Create a user with which to create a group, then ensure the user gets the activity RestAPI.User.createUser(camAdminRestContext, username, 'password', 'Jack McJackerson', null, function(err, user) { assert.ok(!err); var userRestContext = TestsUtil.createTenantRestContext(global.oaeTests.tenants.cam.host, username, 'password'); RestAPI.Group.createGroup(camAdminRestContext, groupAlias, groupAlias, groupAlias, 'public', 'yes', [], [], function(err, group) { assert.ok(!err); var memberships = {}; memberships[user.id] = 'member'; RestAPI.Group.setGroupMembers(camAdminRestContext, group.id, memberships, function(err) { assert.ok(!err); ActivityTestsUtil.collectAndGetActivityStream(camAdminRestContext, user.id, null, function(err, activityStream) { assert.ok(!err); assert.ok(_getActivity(activityStream, 'group-add-member', 'target', group.id)); callback(); }); }); }); }); });
TestsUtil.generateTestUsers(camAdminRestContext, 2, function(err, users, mrvisser, simong) { RestAPI.User.getMe(mrvisser.restContext, function(err, mrvisserMeData) { assert.ok(!err); /* * Register a push client for mrvisser who is subscribed to: * * `activity`-stream with the `activitystream` format * * `activity`-stream with the `internal` format * * `notification`-stream with the `internal` format */ var data = { 'authentication': { 'userId': mrvisserMeData.id, 'tenantAlias': mrvisserMeData.tenant.alias, 'signature': mrvisserMeData.signature }, 'streams': [ { 'resourceId': mrvisserMeData.id, 'streamType': 'notification', 'token': mrvisserMeData.signature, 'format': 'internal' } ] }; // Setup the client ActivityTestUtil.getFullySetupPushClient(data, function(client) { // Create/share a discussion with mrvisser RestAPI.Discussions.createDiscussion(simong.restContext, 'Test discussion', 'Test discussion description', 'public', [], [mrvisser.user.id], function(err, discussion) { assert.ok(!err); // We need to force a collection cycle as the notifiation stream gets pushed out after the aggregation phase ActivityTestUtil.collectAndGetNotificationStream(mrvisser.restContext, null, function(err, activityStream) { assert.ok(!err); }); // As this is the first discussion_created activity in mrvisser's notification stream it // can't aggregate with any other activities. That should be indicated on the push message client.once('message', function(message) { assert.ok(message); assert.strictEqual(message.numNewActivities, 1); // When we generate another discussion_created activity it will aggregate with the previous // activity. This should be reflected on the push message RestAPI.Discussions.createDiscussion(simong.restContext, 'Test discussion', 'Test discussion description', 'public', [], [mrvisser.user.id], function(err, discussion) { assert.ok(!err); // We need to force a collection cycle as the notifiation // stream gets pushed out after the aggregation phase ActivityTestUtil.collectAndGetNotificationStream(mrvisser.restContext, null, function(err, activityStream) { assert.ok(!err); }); client.once('message', function(message) { assert.ok(message); assert.strictEqual(message.numNewActivities, 0); // Mark the notifications as read. Because we marked the notifications as read, // this will reset the aggregator for that stream. Any new discussion_created activities // should result in a "new activity". However, if 2 activities aggregate in-memory in the // aggregation phase, they should be counted as 1 RestAPI.Activity.markNotificationsRead(mrvisser.restContext, function(err) { assert.ok(!err); RestAPI.Discussions.createDiscussion(simong.restContext, 'Test discussion', 'Test discussion description', 'public', [], [mrvisser.user.id], function(err, discussion) { assert.ok(!err); RestAPI.Discussions.createDiscussion(simong.restContext, 'Test discussion', 'Test discussion description', 'public', [], [mrvisser.user.id], function(err, discussion) { assert.ok(!err); ActivityTestUtil.collectAndGetNotificationStream(mrvisser.restContext, null, function(err, activityStream) { assert.ok(!err); }); client.once('message', function(message) { assert.ok(message); assert.strictEqual(message.numNewActivities, 1); // If 2 disjoint activities get delivered to the notification stream, the // number of new activities should be 2 RestAPI.Activity.markNotificationsRead(mrvisser.restContext, function(err) { assert.ok(!err); RestAPI.Discussions.createDiscussion(simong.restContext, 'Test discussion', 'Test discussion description', 'public', [], [mrvisser.user.id], function(err, discussion) { assert.ok(!err); RestAPI.Content.createLink(simong.restContext, 'Test link', 'Test link', 'public', 'https://google.com', [], [mrvisser.user.id], [], function(err, discussion) { assert.ok(!err); ActivityTestUtil.collectAndGetNotificationStream(mrvisser.restContext, null, function(err, activityStream) { assert.ok(!err); }); client.once('message', function(message) { assert.ok(message); assert.strictEqual(message.numNewActivities, 2); assert.strictEqual(message.activities.length, 2); return callback(); }); }); }); }); }); }); }); }); }); }); }); }); }); }); });
it('verify public group members visibility', function(callback) { var jackUsername = TestsUtil.generateTestUserId('jack'); var janeUsername = TestsUtil.generateTestUserId('jane'); var darthVaderUsername = TestsUtil.generateTestUserId('darthVader'); RestAPI.User.createUser(gtAdminRestContext, darthVaderUsername, 'password', 'Darth Vader', null, function(err, darthVader) { assert.ok(!err); var darthVaderRestContext = TestsUtil.createTenantRestContext(global.oaeTests.tenants.gt.host, darthVaderUsername, 'password'); RestAPI.User.createUser(camAdminRestContext, jackUsername, 'password', 'Jack McJackerson', null, function(err, jack) { assert.ok(!err); var jackRestContext = TestsUtil.createTenantRestContext(global.oaeTests.tenants.cam.host, jackUsername, 'password'); var changes = {}; changes[jack.id] = 'member'; RestAPI.Group.setGroupMembers(doerRestContext, targetPublicGroup.id, changes, function(err) { assert.ok(!err); RestAPI.User.createUser(camAdminRestContext, janeUsername, 'password', 'Jane McJaneFace', null, function(err, jane) { assert.ok(!err); var janeRestContext = TestsUtil.createTenantRestContext(global.oaeTests.tenants.cam.host, janeUsername, 'password'); // Verify results and visibility for anonymous user SearchTestsUtil.searchAll(anonymousRestContext, 'members', [targetPublicGroup.id], null, function(err, results) { assert.ok(!err); var publicUserResult = _getDocById(results, publicUserMember.id); var loggedinUserResult = _getDocById(results, loggedinUserMember.id); var privateUserResult = _getDocById(results, privateUserMember.id); var privateGroupResult = _getDocById(results, privateGroupMember.id); var publicGroupResult = _getDocById(results, publicGroupMember.id); // Verify anonymous sees all. assert.ok(publicUserResult); assert.ok(loggedinUserResult); assert.ok(privateUserResult); assert.ok(privateGroupResult); assert.ok(publicGroupResult); // Verify user visibility. Loggedin and private should have their publicAlias swapped into the title assert.equal(publicUserResult.displayName, publicUserMember.displayName); assert.equal(loggedinUserResult.displayName, loggedinUserMember.publicAlias); assert.equal(loggedinUserResult.extra, undefined); assert.equal(loggedinUserResult._extra, undefined); assert.equal(loggedinUserResult.q_high, undefined); assert.equal(loggedinUserResult.q_low, undefined); assert.equal(loggedinUserResult.sort, undefined); assert.equal(privateUserResult.displayName, privateUserMember.publicAlias); assert.equal(publicGroupResult.displayName, publicGroupMember.displayName); assert.equal(privateGroupResult.displayName, privateGroupMember.displayName); // Verify that the correct resourceTypes are set assert.equal(publicUserResult.resourceType, 'user'); assert.equal(loggedinUserResult.resourceType, 'user'); assert.equal(privateUserResult.resourceType, 'user'); assert.equal(publicGroupResult.resourceType, 'group'); assert.equal(privateGroupResult.resourceType, 'group'); // Verify that the correct profilePaths are set assert.equal(publicUserResult.profilePath, '/user/' + publicUserResult.id); assert.equal(loggedinUserResult.profilePath, undefined); assert.equal(privateUserResult.profilePath, undefined); assert.equal(publicGroupResult.profilePath, '/group/' + publicGroupResult.id); assert.equal(privateGroupResult.profilePath, '/group/' + privateGroupResult.id); // Verify results and visibility for cross-tenant user SearchTestsUtil.searchAll(darthVaderRestContext, 'members', [targetPublicGroup.id], null, function(err, results) { assert.ok(!err); var publicUserResult = _getDocById(results, publicUserMember.id); var loggedinUserResult = _getDocById(results, loggedinUserMember.id); var privateUserResult = _getDocById(results, privateUserMember.id); var privateGroupResult = _getDocById(results, privateGroupMember.id); var publicGroupResult = _getDocById(results, publicGroupMember.id); // Verify cross-tenant user sees all users assert.ok(publicUserResult); assert.ok(loggedinUserResult); assert.ok(privateUserResult); assert.ok(privateGroupResult); assert.ok(publicGroupResult); // Verify user visibility. Loggedin and private should have their publicAlias swapped into the title assert.equal(publicUserResult.displayName, publicUserMember.displayName); assert.equal(loggedinUserResult.displayName, loggedinUserMember.publicAlias); assert.equal(loggedinUserResult.extra, undefined); assert.equal(loggedinUserResult._extra, undefined); assert.equal(loggedinUserResult.q_high, undefined); assert.equal(loggedinUserResult.q_low, undefined); assert.equal(loggedinUserResult.sort, undefined); assert.equal(privateUserResult.displayName, privateUserMember.publicAlias); assert.equal(publicGroupResult.displayName, publicGroupMember.displayName); assert.equal(privateGroupResult.displayName, privateGroupMember.displayName); // Verify that the correct resourceTypes are set assert.equal(publicUserResult.resourceType, 'user'); assert.equal(loggedinUserResult.resourceType, 'user'); assert.equal(privateUserResult.resourceType, 'user'); assert.equal(publicGroupResult.resourceType, 'group'); assert.equal(privateGroupResult.resourceType, 'group'); // Verify that the correct profilePaths are set assert.equal(publicUserResult.profilePath, '/user/' + publicUserResult.id); assert.equal(loggedinUserResult.profilePath, undefined); assert.equal(privateUserResult.profilePath, undefined); assert.equal(publicGroupResult.profilePath, '/group/' + publicGroupResult.id); assert.equal(privateGroupResult.profilePath, '/group/' + privateGroupResult.id); // Verify results and visibility for loggedin user SearchTestsUtil.searchAll(janeRestContext, 'members', [targetPublicGroup.id], null, function(err, results) { assert.ok(!err); var publicUserResult = _getDocById(results, publicUserMember.id); var loggedinUserResult = _getDocById(results, loggedinUserMember.id); var privateUserResult = _getDocById(results, privateUserMember.id); var privateGroupResult = _getDocById(results, privateGroupMember.id); var publicGroupResult = _getDocById(results, publicGroupMember.id); // Verify user sees all members assert.ok(publicUserResult); assert.ok(loggedinUserResult); assert.ok(privateUserResult); assert.ok(privateGroupResult); assert.ok(publicGroupResult); // Verify user visibility. Private should have their publicAlias swapped into the title assert.equal(publicUserResult.displayName, publicUserMember.displayName); assert.equal(loggedinUserResult.displayName, loggedinUserMember.displayName); assert.ok(loggedinUserResult.extra); assert.equal(loggedinUserResult._extra, undefined); assert.equal(loggedinUserResult.q_high, undefined); assert.equal(loggedinUserResult.q_low, undefined); assert.equal(loggedinUserResult.sort, undefined); assert.equal(loggedinUserResult.extra.extraProp, 'My extra prop'); assert.equal(privateUserResult.displayName, privateUserMember.publicAlias); assert.equal(publicGroupResult.displayName, publicGroupMember.displayName); assert.equal(privateGroupResult.displayName, privateGroupMember.displayName); // Verify that the correct resourceTypes are set assert.equal(publicUserResult.resourceType, 'user'); assert.equal(loggedinUserResult.resourceType, 'user'); assert.equal(privateUserResult.resourceType, 'user'); assert.equal(publicGroupResult.resourceType, 'group'); assert.equal(privateGroupResult.resourceType, 'group'); // Verify that the correct profilePaths are set assert.equal(publicUserResult.profilePath, '/user/' + publicUserResult.id); assert.equal(loggedinUserResult.profilePath, '/user/' + loggedinUserResult.id); assert.equal(privateUserResult.profilePath, undefined); assert.equal(publicGroupResult.profilePath, '/group/' + publicGroupResult.id); assert.equal(privateGroupResult.profilePath, '/group/' + privateGroupResult.id); // Verify results and visibility for member user SearchTestsUtil.searchAll(jackRestContext, 'members', [targetPublicGroup.id], null, function(err, results) { assert.ok(!err); var publicUserResult = _getDocById(results, publicUserMember.id); var loggedinUserResult = _getDocById(results, loggedinUserMember.id); var privateUserResult = _getDocById(results, privateUserMember.id); var privateGroupResult = _getDocById(results, privateGroupMember.id); var publicGroupResult = _getDocById(results, publicGroupMember.id); // Verify user sees all. assert.ok(publicUserResult); assert.ok(loggedinUserResult); assert.ok(privateUserResult); assert.ok(privateGroupResult); assert.ok(publicGroupResult); // Verify user visibility. Private should have their publicAlias swapped into the title assert.equal(publicUserResult.displayName, publicUserMember.displayName); assert.equal(loggedinUserResult.displayName, loggedinUserMember.displayName); assert.ok(loggedinUserResult.extra); assert.equal(loggedinUserResult._extra, undefined); assert.equal(loggedinUserResult.q_high, undefined); assert.equal(loggedinUserResult.q_low, undefined); assert.equal(loggedinUserResult.sort, undefined); assert.equal(loggedinUserResult.extra.extraProp, 'My extra prop'); assert.equal(privateUserResult.displayName, privateUserMember.publicAlias); assert.equal(publicGroupResult.displayName, publicGroupMember.displayName); assert.equal(privateGroupResult.displayName, privateGroupMember.displayName); // Verify that the correct resourceTypes are set assert.equal(publicUserResult.resourceType, 'user'); assert.equal(loggedinUserResult.resourceType, 'user'); assert.equal(privateUserResult.resourceType, 'user'); assert.equal(publicGroupResult.resourceType, 'group'); assert.equal(privateGroupResult.resourceType, 'group'); // Verify that the correct profilePaths are set assert.equal(publicUserResult.profilePath, '/user/' + publicUserResult.id); assert.equal(loggedinUserResult.profilePath, '/user/' + loggedinUserResult.id); assert.equal(privateUserResult.profilePath, undefined); assert.equal(publicGroupResult.profilePath, '/group/' + publicGroupResult.id); assert.equal(privateGroupResult.profilePath, '/group/' + privateGroupResult.id); callback(); }); }); }); }); }); }); }); }); });
RestAPI.OAuth.createClient(simong.restContext, simong.user.id, 'By simong', function(err, client) { assert.equal(err.code, 401); assert.ok(!client); // Make Nico a tenant admin on the `localhost` tenant // We can't use the localAdminRestContext as that is really the global admin on the localhost tenant RestAPI.User.setTenantAdmin(globalAdminRestContext, nico.user.id, true, function(err) { assert.ok(!err); // As Nico is not a tenant on the `camtest` tenant we cannot create an OAuth application for that user RestAPI.OAuth.createClient(nico.restContext, 'u:camtest:foo', 'By admin', function(err, client) { assert.equal(err.code, 401); // Assert that tenant admins can create a client RestAPI.OAuth.createClient(localAdminRestContext, simong.user.id, 'By admin', function(err, client) { assert.ok(!err); assert.ok(client); // Sanity check the client was associated with simong RestAPI.OAuth.getClients(simong.restContext, simong.user.id, function(err, data) { assert.ok(!err); assert.equal(data.results.length, 1); assert.equal(data.results[0].displayName, 'By admin'); return callback(); }); }); }); }); });
ActivityTestUtil.getFullySetupPushClient(data, function(client) { // Simon will now create a discussion and share it with mrvisser, this will trigger an activity that gets delivered on both streams // To ensure proper scrubbing of data, simon will have a private profile RestAPI.User.updateUser(simong.restContext, simong.user.id, {'visibility': 'private'}, function(err, updatedUser) { assert.ok(!err); simong.user = updatedUser; var discussion = null; RestAPI.Discussions.createDiscussion(simong.restContext, 'Test discussion', 'Test discussion description', 'public', [], [mrvisser.user.id], function(err, _discussion) { assert.ok(!err); discussion = _discussion; // Force a collection cycle as notifications only get delivered upon aggregation ActivityTestUtil.collectAndGetActivityStream(mrvisser.restContext, null, null, function(err) { assert.ok(!err); }); }); var activitiesReceived = 0; client.on('message', function(message) { activitiesReceived++; assert.ok(message.activities); assert.strictEqual(message.activities.length, 1); var activity = message.activities[0]; assert.ok(activity); var allowedActorProperties = null; var allowedObjectProperties = null; if (message.streamType === 'notification') { // Assert that the activity entities are internally formatted assert.equal(message.format, 'internal'); // Assert that the actor entity is a user object augmented with an oae:id and objectType assert.ok(activity.actor); assert.equal(activity.actor['oae:id'], simong.user.id); assert.equal(activity.actor['id'], simong.user.id); assert.equal(activity.actor['displayName'], simong.user.publicAlias); assert.equal(activity.actor['lastModified'], simong.user.lastModified); assert.equal(activity.actor['visibility'], 'private'); assert.ok(_.isObject(activity.actor['picture'])); assert.equal(activity.actor['resourceType'], 'user'); assert.equal(activity.actor['objectType'], 'user'); assert.ok(_.isObject(activity.actor['tenant'])); // Ensure only these properties are present allowedActorProperties = ['oae:id', 'id', 'displayName', 'visibility', 'picture', 'resourceType', 'objectType', 'tenant', 'lastModified']; _.each(activity.actor, function(value, key) { assert.ok(_.contains(allowedActorProperties, key) , key + ' is not allowed on an internally formatted activity entity'); }); // Assert that the object entity is a discussion object augmented with an oae:id and objectType assert.ok(activity.object); assert.equal(activity.object['oae:id'], discussion.id); assert.equal(activity.object['id'], discussion.id); assert.equal(activity.object['visibility'], discussion.visibility); assert.equal(activity.object['displayName'], discussion.displayName); assert.equal(activity.object['description'], discussion.description); assert.equal(activity.object['createdBy'], discussion.createdBy); assert.equal(activity.object['created'], discussion.created); assert.equal(activity.object['lastModified'], discussion.lastModified); assert.equal(activity.object['profilePath'], discussion.profilePath); assert.equal(activity.object['resourceType'], discussion.resourceType); assert.equal(activity.object['objectType'], 'discussion'); assert.ok(_.isObject(activity.object['tenant'])); allowedObjectProperties = [ 'tenant', 'id', 'visibility', 'displayName', 'description', 'resourceSubType', 'createdBy', 'created', 'lastModified', 'profilePath', 'resourceType', 'latestRevisionId', 'previews', 'signature', 'objectType', 'oae:id' ]; _.each(activity.object, function(value, key) { assert.ok(_.contains(allowedObjectProperties, key) , key + ' is not allowed on an internally formatted activity entity'); }); } else { // Assert that the activity entities are activitystrea.ms formatted assert.equal(message.format, 'activitystreams'); // Assert that the actor entity is in the proper activitystreams format assert.ok(activity.actor); assert.equal(activity.actor['oae:id'], simong.user.id); assert.equal(activity.actor['oae:visibility'], simong.user.visibility); assert.equal(activity.actor['displayName'], simong.user.publicAlias); assert.equal(activity.actor['objectType'], 'user'); assert.equal(activity.actor['id'], 'http://' + global.oaeTests.tenants.cam.host + '/api/user/' + simong.user.id); assert.ok(_.isObject(activity.actor['oae:tenant'])); allowedActorProperties = ['oae:id', 'oae:visibility', 'displayName', 'objectType', 'id', 'oae:tenant']; _.each(activity.actor, function(value, key) { assert.ok(_.contains(allowedActorProperties, key) , key + ' is not allowed on an ActivityStrea.ms compliant formatted activity entity'); }); // Assert that the object entity is in the proper activitystreams format assert.ok(activity.object); assert.equal(activity.object['oae:id'], discussion.id); assert.equal(activity.object['oae:visibility'], discussion.visibility); assert.equal(activity.object['oae:profilePath'], discussion.profilePath); assert.equal(activity.object['oae:resourceSubType'], discussion.resourceSubType); assert.equal(activity.object['displayName'], discussion.displayName); assert.equal(activity.object['url'], 'http://' + global.oaeTests.tenants.cam.host + '/discussion/camtest/' + discussion.id.split(':')[2]); assert.equal(activity.object['objectType'], 'discussion'); assert.equal(activity.object['id'], 'http://' + global.oaeTests.tenants.cam.host + '/api/discussion/' + discussion.id); assert.ok(_.isObject(activity.object['oae:tenant'])); allowedObjectProperties = [ 'oae:id', 'oae:visibility', 'oae:profilePath', 'displayName', 'url', 'objectType', 'id', 'oae:tenant' ]; _.each(activity.object, function(value, key) { assert.ok(_.contains(allowedObjectProperties, key) , key + ' is not allowed on an ActivityStrea.ms compliant formatted activity entity'); }); } if (activitiesReceived === 2) { return callback(); } }); }); });
createUsers(function(contexts) { RestAPI.User.uploadPicture(contexts['simon'].restContext, contexts['nicolaas'].user.id, getPictureStream, null, function(err) { assert.equal(err.code, 401); verifyCropping(contexts['simon'].restContext, contexts['nicolaas'].user, createSelectedArea(10, 10, 200), 401, callback); }); });
RestAPI.User.uploadPicture(simon.restContext, uiTeam.id, getPictureStream, selectedArea, function(err) { assert.ok(!err); RestAPI.User.uploadPicture(simon.restContext, qaTeam.id, getPictureStream, selectedArea, function(err) { assert.ok(!err); // Make the uiTeam loggedin. RestAPI.Group.updateGroup(simon.restContext, uiTeam.id, { 'visibility': 'loggedin'}, function(err) { assert.ok(!err); // Make the qa team private. RestAPI.Group.updateGroup(simon.restContext, qaTeam.id, { 'visibility': 'private'}, function(err) { assert.ok(!err); // Make the backend, ui and qa teams member of oae team. var changes = {}; changes[backendTeam.id] = 'member'; changes[uiTeam.id] = 'member'; changes[qaTeam.id] = 'member'; RestAPI.Group.setGroupMembers(simon.restContext, oaeTeam.id, changes, function(err) { assert.ok(!err); // Search trough the memberlist of oaeTeam and filter the results so we only get the backend team group back. SearchTestsUtil.searchAll(simon.restContext, 'members', [oaeTeam.id], { 'q': '' }, function(err, results) { assert.ok(!err); assert.equal(results.total, 4); // We only need the groups results.results = _.filter(results.results, function(result) { return result.resourceType !== 'user'; }); // All the groups should expose their thumbnail regardless of their visibility setting. assert.ok(results.results[0].thumbnailUrl); assert.ok(results.results[1].thumbnailUrl); assert.ok(results.results[2].thumbnailUrl); // Try downloading it by just using the returned url. RestUtil.RestRequest(simon.restContext, results.results[0].thumbnailUrl, 'GET', null, function(err, body, response) { assert.ok(!err); // Downloading happens via nginx, so we can't verify the response body. // We can verify if the status code is a 204 and if the appropriate headers are present. assert.equal(response.statusCode, 204); assert.ok(response.headers['x-accel-redirect']); assert.ok(response.headers['content-disposition']); callback(); }); }); }); }); }); }); });
RestAPI.Authentication.getUserLoginIds(globalAdminRestContext, 'u:camtest:abcdefghij', (err, loginIds) => { assert.ok(err); assert.strictEqual(err.code, 404); // Create a test user RestAPI.User.createUser( camAdminRestContext, username, 'password', 'Test User', email, null, (err, createdUser) => { assert.ok(!err); // Verify that an error is thrown when an anonymous user on the global admin router requests the login ids for the test user RestAPI.Authentication.getUserLoginIds(anonymousGlobalRestContext, createdUser.id, (err, loginIds) => { assert.ok(err); assert.strictEqual(err.code, 401); // Verify that an error is thrown when an anonymous user on the tenant router requests the login ids for the test user RestAPI.Authentication.getUserLoginIds(anonymousCamRestContext, createdUser.id, (err, loginIds) => { assert.ok(err); assert.strictEqual(err.code, 401); // Verify that an error is thrown when an unauthorized tenant admin requests the login ids for the test user RestAPI.Authentication.getUserLoginIds(gtAdminRestContext, createdUser.id, (err, loginIds) => { assert.ok(err); assert.strictEqual(err.code, 401); // Verify that a tenant admin can request the login ids for the test user RestAPI.Authentication.getUserLoginIds(camAdminRestContext, createdUser.id, (err, loginIds) => { assert.ok(!err); assert.ok(loginIds); // Verify that a global admin can request the login ids for the test user RestAPI.Authentication.getUserLoginIds( globalAdminRestContext, createdUser.id, (err, loginIds) => { assert.ok(!err); assert.ok(loginIds); return callback(); } ); }); }); }); }); } ); });
TestsUtil.generateTestUsers(localAdminRestContext, 2, (err, users, simong, branden) => { assert.ok(!err); RestAPI.User.getMe(simong.restContext, (err, simonFull) => { assert.ok(!err); const data = { authentication: { userId: simonFull.id, tenantAlias: simonFull.tenant.alias, signature: simonFull.signature }, feeds: [] }; ActivityTestsUtil.getFullySetupPushClient(data, client => { // Create a folder and get its full profile so we have a signature that we can use to register for push notifications FoldersTestUtil.assertCreateFolderSucceeds( simong.restContext, 'test displayName', 'test description', 'private', [branden], [], folder => { FoldersTestUtil.assertGetFolderSucceeds(simong.restContext, folder.id, folder => { // Ensure we get a 400 error with an invalid activity stream id client.subscribe(folder.id, null, folder.signature, null, err => { assert.strictEqual(err.code, 400); // Ensure we get a 400 error with a missing resource id client.subscribe(null, 'activity', folder.signature, null, err => { assert.strictEqual(err.code, 400); // Ensure we get a 400 error with an invalid token client.subscribe(folder.id, 'activity', { signature: folder.signature.signature }, null, err => { assert.strictEqual(err.code, 401); client.subscribe(folder.id, 'activity', { expires: folder.signature.expires }, null, err => { assert.strictEqual(err.code, 401); // Ensure we get a 401 error with an incorrect signature client.subscribe( folder.id, 'activity', { expires: Date.now() + 10000, signature: 'foo' }, null, err => { assert.strictEqual(err.code, 401); // Simon should not be able to use a signature that was generated for Branden FoldersTestUtil.assertGetFolderSucceeds( branden.restContext, folder.id, folderForBranden => { client.subscribe(folder.id, 'activity', folderForBranden.signature, null, err => { assert.strictEqual(err.code, 401); // Sanity check that a valid signature works client.subscribe(folder.id, 'activity', folder.signature, null, err => { assert.ok(!err); return callback(); }); }); } ); } ); }); }); }); }); }); } ); }); }); });
it('verify indexing without full content item', function(callback) { // Create a content item to verify re-indexing var doerUsername = TestsUtil.generateTestUserId('doer'); RestAPI.User.createUser(camAdminRestContext, doerUsername, 'password', 'Doer', null, function(err, doer) { var doerRestContext = TestsUtil.createTenantRestContext(global.oaeTests.tenants.cam.host, doerUsername, 'password'); RestAPI.Content.createLink(doerRestContext, 'Test Content 1', 'Test content description 1', 'public', 'http://www.sakaiproject.org/', [], [], function(err, link) { assert.ok(!err); // Verify the content item exists SearchTestsUtil.searchAll(doerRestContext, 'general', null, {'resourceTypes': 'content', 'q': 'Test'}, function(err, results) { assert.ok(!err); var contentDoc = _getDocById(results, link.id); assert.ok(contentDoc); // Delete the content item from the index under the hood, this is to avoid the automatic index events invalidating the test ElasticSearch.del('resource', link.id, function(err) { assert.ok(!err); // Verify the content item no longer exists SearchTestsUtil.searchAll(doerRestContext, 'general', null, {'resourceTypes': 'content', 'q': 'Test'}, function(err, results) { assert.ok(!err); var contentDoc = _getDocById(results, link.id); assert.ok(!contentDoc); // This is the indexing job data that only provides the id, and not the full content item var indexJob = { 'resourceType': 'content', 'resources': [{ 'id': link.id, 'opts': { 'indexResource': true, 'indexMembers': false } }] }; // Fire off an indexing task using just the content id MQ.submit(SearchConstants.mq.TASK_INDEX_DOCUMENT, indexJob, function() { // Ensure that the full content item is now back in the search index SearchTestsUtil.searchAll(doerRestContext, 'general', null, {'resourceTypes': 'content', 'q': 'Test'}, function(err, results) { assert.ok(!err); var contentDoc = _getDocById(results, link.id); assert.ok(contentDoc); callback(); }); }); }); }); }); }); }); });
RestAPI.Activity.markNotificationsRead(simong.restContext, function(err, result) { var lastReadTime = result.lastReadTime; assert.strictEqual(lastReadTime, OaeUtil.getNumberParam(lastReadTime)); // Verify the notificationsLastRead status RestAPI.User.getMe(simong.restContext, function(err, me) { assert.ok(!err); // We now have no unread notifications, and a lastRead status assert.strictEqual(me.notificationsUnread, 0); assert.strictEqual(me.notificationsLastRead, lastReadTime); // Create 2 content items again with simong as a member RestAPI.Content.createLink(mrvisser.restContext, 'Google', 'Google', 'private', 'http://www.google.ca', [], [simong.user.id], function(err, content) { assert.ok(!err); RestAPI.Content.createLink(mrvisser.restContext, 'Google', 'Google', 'private', 'http://www.google.ca', [], [simong.user.id], function(err, content) { assert.ok(!err); // Ensure the notification gets delivered and aggregated ActivityTestsUtil.collectAndGetNotificationStream(simong.restContext, null, function(err, notificationStream) { assert.ok(!err); assert.equal(notificationStream.items.length, 1); assert.equal(notificationStream.items[0].actor['oae:id'], mrvisser.user.id); assert.equal(notificationStream.items[0].object['oae:collection'].length, 3); // Verify the notificationsUnread is incremented and notificationsLastRead status RestAPI.User.getMe(simong.restContext, function(err, me) { assert.ok(!err); // We now have unread notifications, and a lastRead status assert.strictEqual(me.notificationsUnread, 2); assert.equal(me.notificationsLastRead, lastReadTime); callback(); }); }); }); }); }); });
RestAPI.User.createUser(camAdminRestContext, doerUsername, 'password', 'Doer', null, function(err, doer) { assert.ok(!err); var doerCtx = TestsUtil.createTenantRestContext(global.oaeTests.tenants.cam.host, doerUsername, 'password'); RestAPI.User.createUser(camAdminRestContext, jackUsername, 'password', 'Jack McJackerson', null, function(err, jack) { assert.ok(!err); var jackCtx = TestsUtil.createTenantRestContext(global.oaeTests.tenants.cam.host, jackUsername, 'password'); // Create the 4 groups that will form a cycle RestAPI.Group.createGroup(doerCtx, group1Alias, group1Alias, group1Alias, 'public', 'no', [], [], function(err, group1) { assert.ok(!err); RestAPI.Group.createGroup(doerCtx, group2Alias, group2Alias, group2Alias, 'public', 'no', [group1.id], [], function(err, group2) { assert.ok(!err); // Group 3 will be joinable, so Jack can join it to trigger an activity RestAPI.Group.createGroup(doerCtx, group3Alias, group3Alias, group3Alias, 'public', 'yes', [group2.id], [], function(err, group3) { assert.ok(!err); RestAPI.Group.createGroup(doerCtx, group4Alias, group4Alias, group4Alias, 'public', 'no', [group3.id], [], function(err, group4) { assert.ok(!err); // Add group4 as manager to group1 to complete the cycle var cycleChange = {}; cycleChange[group4.id] = 'manager'; RestAPI.Group.setGroupMembers(doerCtx, group1.id, cycleChange, function(err) { assert.ok(!err); RestAPI.Group.joinGroup(jackCtx, group3.id, function(err) { assert.ok(!err); // Verify that each group now has this as its most recent activity ActivityTestsUtil.collectAndGetActivityStream(jackCtx, group1.id, null, function(err, activityStream) { assert.ok(!err); assert.equal(activityStream.items[0]['oae:activityType'], 'group-join'); assert.equal(activityStream.items[0].object['oae:id'], group3.id); ActivityTestsUtil.collectAndGetActivityStream(jackCtx, group2.id, {'_delay': false}, function(err, activityStream) { assert.ok(!err); assert.equal(activityStream.items[0]['oae:activityType'], 'group-join'); assert.equal(activityStream.items[0].object['oae:id'], group3.id); ActivityTestsUtil.collectAndGetActivityStream(jackCtx, group3.id, {'_delay': false}, function(err, activityStream) { assert.ok(!err); assert.equal(activityStream.items[0]['oae:activityType'], 'group-join'); assert.equal(activityStream.items[0].object['oae:id'], group3.id); ActivityTestsUtil.collectAndGetActivityStream(jackCtx, group4.id, {'_delay': false}, function(err, activityStream) { assert.ok(!err); assert.equal(activityStream.items[0]['oae:activityType'], 'group-join'); assert.equal(activityStream.items[0].object['oae:id'], group3.id); return callback(); }); }); }); }); }); }); }); }); }); }); }); });
it('verify group-add-member activities aggregation', function(callback) { var jackUsername = TestsUtil.generateTestUserId('jack'); var janeUsername = TestsUtil.generateTestUserId('jane'); var brandenUsername = TestsUtil.generateTestUserId('branden'); var groupAlias = TestsUtil.generateTestUserId('targetGroup'); RestAPI.User.createUser(camAdminRestContext, jackUsername, 'password', 'Jack McJackerson', null, function(err, jack) { assert.ok(!err); var jackCtx = TestsUtil.createTenantRestContext(global.oaeTests.tenants.cam.host, jackUsername, 'password'); RestAPI.User.createUser(camAdminRestContext, janeUsername, 'password', 'Jane', null, function(err, jane) { assert.ok(!err); RestAPI.User.createUser(camAdminRestContext, brandenUsername, 'password', 'Branden', null, function(err, branden) { assert.ok(!err); RestAPI.Group.createGroup(jackCtx, groupAlias, groupAlias, groupAlias, 'public', 'yes', [], [], function(err, group) { assert.ok(!err); // Join as jane var membership = {}; membership[jane.id] = 'member'; RestAPI.Group.setGroupMembers(jackCtx, group.id, membership, function(err) { assert.ok(!err); // Join as branden membership = {}; membership[branden.id] = 'member'; RestAPI.Group.setGroupMembers(jackCtx, group.id, membership, function(err) { assert.ok(!err); ActivityTestsUtil.collectAndGetActivityStream(jackCtx, null, null, function(err, activityStream) { assert.ok(!err); // Verify 1 for the group create, plus 1 for the aggregated group-add-member activities assert.equal(activityStream.items.length, 2); // Verify the first is the group join, with a collection of 2 actor entities (jane and branden) var entity = activityStream.items[0].object; assert.ok(entity['oae:collection']); assert.equal(entity['oae:collection'].length, 2); callback(); }); }); }); }); }); }); }); });
RestAPI.User.createUser(camAdminRestContext, janeUsername, 'password', 'Jane', null, function(err, jane) { assert.ok(!err); var janeCtx = TestsUtil.createTenantRestContext(global.oaeTests.tenants.cam.host, janeUsername, 'password'); RestAPI.User.createUser(camAdminRestContext, brandenUsername, 'password', 'Branden', null, function(err, branden) { assert.ok(!err); var brandenCtx = TestsUtil.createTenantRestContext(global.oaeTests.tenants.cam.host, brandenUsername, 'password'); RestAPI.Group.createGroup(jackCtx, groupAlias, groupAlias, groupAlias, 'public', 'yes', [], [], function(err, group) { assert.ok(!err); // Join as jane RestAPI.Group.joinGroup(janeCtx, group.id, function(err) { assert.ok(!err); // Join as branden RestAPI.Group.joinGroup(brandenCtx, group.id, function(err) { assert.ok(!err); // Get jack's own feed ActivityTestsUtil.collectAndGetActivityStream(jackCtx, null, null, function(err, activityStream) { assert.ok(!err); // Verify 1 for the group create, plus 1 for the aggregated group-join activities assert.equal(activityStream.items.length, 2); // Verify the first is the group join, with a collection of 2 actor entities (jane and branden) var entity = activityStream.items[0].actor; assert.ok(entity['oae:collection']); assert.equal(entity['oae:collection'].length, 2); callback(); }); }); }); }); }); });
createUser(function(ctx) { RestAPI.User.uploadPicture(ctx, ctx.user.id, TestsUtil.createFileReadableStream('pic.png', 10 * 1024 * 1024 + 1), null, function(err) { assert.equal(err.code, 400); callback(); }); });
it('verify paging works correctly in memberships search', function(callback) { var jackUsername = TestsUtil.generateTestUserId('jack'); var groupParentAlias = TestsUtil.generateTestUserId('groupParent'); var groupChildAlias = TestsUtil.generateTestUserId('groupChild'); // Create the user with which we'll set up the data var doerUsername = TestsUtil.generateTestUserId('doer'); RestAPI.User.createUser(camAdminRestContext, doerUsername, 'password', 'Doer', null, function(err, doer) { var doerRestContext = TestsUtil.createTenantRestContext(global.oaeTests.tenants.cam.host, doerUsername, 'password'); // Create the user whose memberships to check RestAPI.User.createUser(camAdminRestContext, jackUsername, 'password', 'Jack McJackerson', null, function(err, jack) { assert.ok(!err); // Create a group hierarchy to ensure we have memberships RestAPI.Group.createGroup(doerRestContext, groupParentAlias, groupParentAlias, 'public', 'no', [], [], function(err, groupParent) { assert.ok(!err); RestAPI.Group.createGroup(doerRestContext, groupChildAlias, groupChildAlias, 'public', 'no', [], [], function(err, groupChild) { assert.ok(!err); TestsUtil.generateGroupHierarchy(doerRestContext, [groupParent.id, groupChild.id, jack.id], 'member', function(err) { assert.ok(!err); // Search only 2 documents to get the expected ids for paging afterward SearchTestsUtil.searchRefreshed(doerRestContext, 'memberships', [jack.id], {'limit': 2, 'start': 0}, function(err, results) { assert.ok(!err); assert.ok(results.results); assert.ok(results.results.length, 2); // Get the ids of the first 2 expected results. var firstId = results.results[0].id; var secondId = results.results[1].id; assert.ok(firstId); assert.ok(secondId); // Verify page 1 gives the first id. We don't need to refresh since we haven't updated anything since the first refresh. RestAPI.Search.search(doerRestContext, 'memberships', [jack.id], {'limit': 1, 'start': 0}, function(err, results) { assert.ok(!err); assert.ok(results.results); assert.ok(results.results.length, 1); assert.equal(results.results[0].id, firstId); assert.equal(results.results[0].resourceType, 'group'); assert.equal(results.results[0].profilePath, '/group/' + results.results[0].tenant.alias + '/' + AuthzUtil.getResourceFromId(results.results[0].id).resourceId); // Verify page 2 gives the second id RestAPI.Search.search(doerRestContext, 'memberships', [jack.id], {'limit': 1, 'start': 1}, function(err, results) { assert.ok(!err); assert.ok(results.results); assert.ok(results.results.length, 1); assert.equal(results.results[0].id, secondId); assert.equal(results.results[0].resourceType, 'group'); assert.equal(results.results[0].profilePath, '/group/' + results.results[0].tenant.alias + '/' + AuthzUtil.getResourceFromId(results.results[0].id).resourceId); callback(); }); }); }); }); }); }); }); }); });
createUser(function(ctx) { RestAPI.User.uploadPicture(ctx, ctx.user.id, getPictureStream, null, function(err) { assert.ok(!err); verifyCropping(ctx, ctx.user, createSelectedArea(10, 10, 20000), 400, callback); }); });
it('verify user memberships search', function(callback) { var jackUsername = TestsUtil.generateTestUserId('jack'); var groupParentAlias = TestsUtil.generateTestUserId('groupParent'); var groupChildAlias = TestsUtil.generateTestUserId('groupChild'); var doerUsername = TestsUtil.generateTestUserId('doer'); RestAPI.User.createUser(camAdminRestContext, doerUsername, 'password', 'Doer', null, function(err, doer) { var doerRestContext = TestsUtil.createTenantRestContext(global.oaeTests.tenants.cam.host, doerUsername, 'password'); RestAPI.User.createUser(camAdminRestContext, jackUsername, 'password', 'Jack McJackerson', null, function(err, jack) { assert.ok(!err); // Create a group hierarchy to ensure they all show up in 'jack's group membership search RestAPI.Group.createGroup(doerRestContext, groupParentAlias, groupParentAlias, 'public', 'no', [], [], function(err, groupParent) { assert.ok(!err); RestAPI.Group.createGroup(doerRestContext, groupChildAlias, groupChildAlias, 'public', 'no', [], [], function(err, groupChild) { assert.ok(!err); TestsUtil.generateGroupHierarchy(doerRestContext, [groupParent.id, groupChild.id, jack.id], 'member', function(err) { assert.ok(!err); // Search all and ensure all the groups in the hierarchy are in the results SearchTestsUtil.searchAll(doerRestContext, 'memberships', [jack.id], null, function(err, results) { assert.ok(!err); assert.ok(_getDocById(results, groupChild.id)); assert.ok(_getDocById(results, groupParent.id)); // Unlink the hierarchy by removing jack from the 'bottom' group var changes = {}; changes[jack.id] = false; RestAPI.Group.setGroupMembers(doerRestContext, groupChild.id, changes, function(err) { assert.ok(!err); // Verify the same memberships search is now empty SearchTestsUtil.searchAll(doerRestContext, 'memberships', [jack.id], null, function(err, results) { assert.ok(!err); assert.equal(results.total, 0); assert.equal(results.results.length, 0); callback(); }); }); }); }); }); }); }); }); });
RestAPI.User.uploadPicture(loggedInUser.restContext, loggedInUser.user.id, getPictureStream, selectedArea, function(err) { assert.ok(!err); RestAPI.User.uploadPicture(privateUser.restContext, privateUser.user.id, getPictureStream, selectedArea, function(err) { assert.ok(!err); // Create a group with the two other members. var groupName = TestsUtil.generateTestUserId('someGroupName'); RestAPI.Group.createGroup(privateUser.restContext, groupName, groupName, 'public', 'no', [], [loggedInUser.user.id, publicUser.user.id], function(err, group) { assert.ok(!err); // Perform one search where we wait for the search index to refresh. // All subsequent search requests don't have to wait. SearchTestsUtil.searchAll(anonymousRestContext, 'members', [group.id], null, function(err, results) { assert.ok(!err); // anonymous can search the group membership list but can only see the public user his picture. verifySearchThumbnails(anonymousRestContext, group.id, true, false, false, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, function() { // a logged in user can see the public and 'logged in' user. verifySearchThumbnails(nonMemberUser.restContext, group.id, true, true, false, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, function() { // The public member can only see his own thumbnail and the loggedin user. verifySearchThumbnails(publicUser.restContext, group.id, true, true, false, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, function() { // The 'logged in' user can see his own thumbnail and the public one. verifySearchThumbnails(loggedInUser.restContext, group.id, true, true, false, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, function() { // The private user can see everyone's thumbnail. verifySearchThumbnails(privateUser.restContext, group.id, true, true, true, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, callback); }); }); }); }); }); }); }); });
RestAPI.User.uploadPicture(ctx, ctx.user.id, _getPictureStream, null, function(err) { assert.ok(!err); // Get the new user metadata. RestAPI.User.getUser(ctx, ctx.user.id, function(err, secondRequestUser) { assert.ok(!err); // Get the URIs and check that they are not removed on the filesystem var smallPicturePath = rootFilesDir + '/' + _getUriFromDownloadUrl(firstRequestUser.picture.small).split(':')[1]; var mediumPicturePath = rootFilesDir + '/' + _getUriFromDownloadUrl(firstRequestUser.picture.medium).split(':')[1]; assert.equal(fs.existsSync(smallPicturePath), true, 'The small picture should still exist when uploading a large image'); assert.equal(fs.existsSync(mediumPicturePath), true, 'The medium picture should still exist when uploading a large image'); return callback(); }); });
_setupOAuth(function(simong, client, accessToken) { // Assert that we're authenticated over OAuth RestAPI.User.getMe(simong.oauthRestContext, function(err, data) { assert.ok(!err); assert.equal(data.id, simong.user.id); assert.equal(data.displayName, simong.user.displayName); // Assert that the CSRF middleware isn't blocking us simong.oauthRestContext.refererHeader = 'http://my.app.com'; RestAPI.Content.createLink(simong.oauthRestContext, 'Google', 'Google', 'public', 'http://www.google.com', [], [], function(err, link) { assert.ok(!err); // Sanity check the piece of content has actually beenc reated RestAPI.Content.getLibrary(simong.oauthRestContext, simong.user.id, null, null, function(err, data) { assert.ok(!err); assert.equal(data.results.length, 1); assert.equal(data.results[0].id, link.id); return callback(); }); }); }); });
TestsUtil.generateTestUsers(camAdminRestContext, 4, function(err, users) { assert.ok(!err); var publicUser = _.values(users)[0]; var loggedInUser = _.values(users)[1]; var privateUser = _.values(users)[2]; var nonMemberUser = _.values(users)[3]; RestAPI.User.updateUser(loggedInUser.restContext, loggedInUser.user.id, { 'visibility': 'loggedin' }, function(err) { assert.ok(!err); RestAPI.User.updateUser(privateUser.restContext, privateUser.user.id, { 'visibility': 'private' }, function(err) { assert.ok(!err); // Each user has a profile picture var selectedArea = _createSelectedArea(10, 10, 200, 200); RestAPI.User.uploadPicture(publicUser.restContext, publicUser.user.id, _getPictureStream, selectedArea, function(err) { assert.ok(!err); RestAPI.User.uploadPicture(loggedInUser.restContext, loggedInUser.user.id, _getPictureStream, selectedArea, function(err) { assert.ok(!err); RestAPI.User.uploadPicture(privateUser.restContext, privateUser.user.id, _getPictureStream, selectedArea, function(err) { assert.ok(!err); // Create a group with the two other members var groupName = TestsUtil.generateTestUserId('someGroupName'); RestAPI.Group.createGroup(privateUser.restContext, groupName, groupName, 'public', 'no', [], [loggedInUser.user.id, publicUser.user.id], function(err, group) { assert.ok(!err); // Perform one search where we wait for the search index to refresh so all subsequent search requests don't have to wait SearchTestsUtil.whenIndexingComplete(function() { // The public member can only see his own thumbnail and the loggedin user _verifySearchThumbnails(publicUser.restContext, group.id, true, true, false, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, function() { // The 'logged in' user can see his own thumbnail and the public one _verifySearchThumbnails(loggedInUser.restContext, group.id, true, true, false, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, function() { // The private user can see everyone's thumbnail return _verifySearchThumbnails(privateUser.restContext, group.id, true, true, true, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, callback); }); }); }); }); }); }); }); }); }); });
TestsUtil.generateTestUsers(camAdminRestContext, 1, function(err, users, mrvisser) { RestAPI.User.getMe(mrvisser.restContext, function(err, mrvisserMeData) { assert.ok(!err); // Get 2 clients var data = { 'authentication': { 'userId': mrvisserMeData.id, 'tenantAlias': mrvisserMeData.tenant.alias, 'signature': mrvisserMeData.signature }, 'streams': [ { 'resourceId': mrvisserMeData.id, 'streamType': 'activity', 'token': mrvisserMeData.signature }, { 'resourceId': mrvisserMeData.id, 'streamType': 'notification', 'token': mrvisserMeData.signature } ] }; ActivityTestUtil.collectAndGetActivityStream(mrvisser.restContext, null, null, function(err) { assert.ok(!err); // Setup the clients ActivityTestUtil.getFullySetupPushClient(data, function(clientA) { ActivityTestUtil.getFullySetupPushClient(data, function(clientB) { // Do something that ends up in the `activity` activitystream RestAPI.Content.createLink(mrvisser.restContext, 'Yahoo', 'Yahoo', 'public', 'http://www.yahoo.ca', [], [], [], function(err, link) { assert.ok(!err); }); var clientAReceived = false; var clientBReceived = false; clientA.once('message', function(message) { assert.ok(!message.error); clientAReceived = true; if (clientAReceived && clientBReceived) { bothReceived(); } }); clientB.once('message', function(message) { assert.ok(!message.error); clientBReceived = true; if (clientAReceived && clientBReceived) { bothReceived(); } }); /** * Gets executed when both client A and B have received their message */ var bothReceived = function() { // If we close client B, only A should receive a message clientB.close(function() { clientB.on('message', function() { assert.fail('The socket on client B has been closed, this socket should not receive any more messages'); }); // Do something that ends up in the `activity` activitystream RestAPI.Content.createLink(mrvisser.restContext, 'Yahoo', 'Yahoo', 'public', 'http://www.yahoo.ca', [], [], [], function(err, link) { assert.ok(!err); }); clientA.once('message', function(message) { assert.ok(!message.error); clientA.close(callback); }); }); }; }); }); }); }); });
RestAPI.User.uploadPicture(loggedInUser.restContext, loggedInUser.user.id, _getPictureStream, selectedArea, function(err) { assert.ok(!err); RestAPI.User.uploadPicture(privateUser.restContext, privateUser.user.id, _getPictureStream, selectedArea, function(err) { assert.ok(!err); // Create a group with the two other members var groupName = TestsUtil.generateTestUserId('someGroupName'); RestAPI.Group.createGroup(privateUser.restContext, groupName, groupName, 'public', 'no', [], [loggedInUser.user.id, publicUser.user.id], function(err, group) { assert.ok(!err); // Perform one search where we wait for the search index to refresh so all subsequent search requests don't have to wait SearchTestsUtil.whenIndexingComplete(function() { // The public member can only see his own thumbnail and the loggedin user _verifySearchThumbnails(publicUser.restContext, group.id, true, true, false, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, function() { // The 'logged in' user can see his own thumbnail and the public one _verifySearchThumbnails(loggedInUser.restContext, group.id, true, true, false, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, function() { // The private user can see everyone's thumbnail return _verifySearchThumbnails(privateUser.restContext, group.id, true, true, true, publicUser.user.id, loggedInUser.user.id, privateUser.user.id, callback); }); }); }); }); }); });
TestsUtil.generateTestUsers(camAdminRestContext, 2, function(err, users, mrvisser, simong) { RestAPI.User.getMe(mrvisser.restContext, function(err, mrvisserMeData) { assert.ok(!err); /* * Register a push client for mrvisser who is subscribed to: * * `activity`-stream with the `activitystream` format * * `activity`-stream with the `internal` format * * `notification`-stream with the `internal` format */ var data = { 'authentication': { 'userId': mrvisserMeData.id, 'tenantAlias': mrvisserMeData.tenant.alias, 'signature': mrvisserMeData.signature }, 'streams': [ { 'resourceId': mrvisserMeData.id, 'streamType': 'activity', 'token': mrvisserMeData.signature, 'format': 'activitystreams' }, { 'resourceId': mrvisserMeData.id, 'streamType': 'activity', 'token': mrvisserMeData.signature, 'format': 'internal' }, { 'resourceId': mrvisserMeData.id, 'streamType': 'notification', 'token': mrvisserMeData.signature, 'format': 'internal' } ] }; // Setup the client ActivityTestUtil.getFullySetupPushClient(data, function(client) { // Create/share a discussion with mrvisser RestAPI.Discussions.createDiscussion(simong.restContext, 'Test discussion', 'Test discussion description', 'public', [], [mrvisser.user.id], function(err, discussion) { assert.ok(!err); // Force a collection cycle as notifications are sent out on aggregation ActivityTestUtil.collectAndGetNotificationStream(mrvisser.restContext, null, function(err, activityStream) { assert.ok(!err); }); var activitiesReceived = 0; var formatReceived = { 'internal': 0, 'activitystreams': 0 }; client.on('message', function(message) { activitiesReceived++; formatReceived[message.format]++; if (activitiesReceived === 3) { assert.strictEqual(formatReceived['internal'], 2); assert.strictEqual(formatReceived['activitystreams'], 1); return callback(); } }); }); }); }); });
RestAPI.User.getUser(publicTenant0.publicUser.restContext, publicTenant0.loggedinUser.user.id, function(err, user) { assert.ok(!err); assert.ok(user.following); assert.strictEqual(user.following.canFollow, true); assert.strictEqual(user.following.isFollowing, false); // Ensure user profile reports a user can follow a public user from an external public tenant RestAPI.User.getUser(publicTenant0.publicUser.restContext, publicTenant1.publicUser.user.id, function(err, user) { assert.ok(!err); assert.ok(user.following); assert.strictEqual(user.following.canFollow, true); assert.strictEqual(user.following.isFollowing, false); // Ensure user profile reports a user cannot follow a public user from an external private tenant RestAPI.User.getUser(publicTenant0.publicUser.restContext, privateTenant0.publicUser.user.id, function(err, user) { assert.ok(!err); assert.ok(user.following); assert.strictEqual(user.following.canFollow, false); assert.strictEqual(user.following.isFollowing, false); // Make privateTenant0 public so we can do a cross-tenant follow ConfigTestsUtil.updateConfigAndWait(TestsUtil.createGlobalAdminRestContext(), privateTenant0.tenant.alias, {'oae-tenants/tenantprivacy/tenantprivate': false}, function(err) { assert.ok(!err); var followedIds = [ publicTenant0.loggedinUser.user.id, publicTenant1.publicUser.user.id, privateTenant0.publicUser.user.id ]; // Follow the test subject users FollowingTestsUtil.followAll(publicTenant0.publicUser.restContext, followedIds, function() { // Make the tenant private again ConfigTestsUtil.updateConfigAndWait(TestsUtil.createGlobalAdminRestContext(), privateTenant0.tenant.alias, {'oae-tenants/tenantprivacy/tenantprivate': true}, function(err) { assert.ok(!err); // Ensure user profile now reports that they are followed, and can no longer be followed RestAPI.User.getUser(publicTenant0.publicUser.restContext, publicTenant0.loggedinUser.user.id, function(err, user) { assert.ok(!err); assert.ok(user.following); assert.strictEqual(user.following.canFollow, false); assert.strictEqual(user.following.isFollowing, true); // Ensure user profile now reports that they are followed, and can no longer be followed RestAPI.User.getUser(publicTenant0.publicUser.restContext, publicTenant1.publicUser.user.id, function(err, user) { assert.ok(!err); assert.ok(user.following); assert.strictEqual(user.following.canFollow, false); assert.strictEqual(user.following.isFollowing, true); // Ensure user profile now reports the user from the private tenant is being followed, and still cannot be followed RestAPI.User.getUser(publicTenant0.publicUser.restContext, privateTenant0.publicUser.user.id, function(err, user) { assert.ok(!err); assert.ok(user.following); assert.strictEqual(user.following.canFollow, false); assert.strictEqual(user.following.isFollowing, true); return callback(); }); }); }); }); }); }); }); }); });
before(function(callback) { // Fill up global admin rest context camAdminRestContext = TestsUtil.createTenantAdminRestContext(global.oaeTests.tenants.cam.host); // Fill up the rest context for our test user var userId = TestsUtil.generateTestUserId('john'); RestAPI.User.createUser(camAdminRestContext, userId, 'password', 'John Doe', null, function(err, createdUser) { johnRestContext = TestsUtil.createTenantRestContext(global.oaeTests.tenants.cam.host, userId, 'password'); // Add the full user id onto the REST context for use inside of this test johnRestContext.id = createdUser.id; // We get John's me feed so he is logged in for creating users and groups RestAPI.User.getMe(johnRestContext, function() { callback(); }); }); });
createUser(function(ctx) { RestAPI.User.uploadPicture(ctx, ctx.user.id, getTextStream, null, function(err) { assert.equal(err.code, 400); callback(); }); });
RestAPI.Group.setGroupMembers(doerRestContext, targetLoggedinGroup.id, changes, function(err) { assert.ok(!err); RestAPI.User.createUser(camAdminRestContext, janeUsername, 'password', 'Jane McJaneFace', null, function(err, jane) { assert.ok(!err); var janeRestContext = TestsUtil.createTenantRestContext(global.oaeTests.tenants.cam.host, janeUsername, 'password'); // Verify anonymous cannot see loggedin group SearchTestsUtil.searchAll(anonymousRestContext, 'members', [targetLoggedinGroup.id], null, function(err, results) { assert.ok(err); assert.equal(err.code, 401); assert.ok(!results); // Verify results and visibility for cross-tenant user. Cross-tenant user cannot see memberships of 'loggedin' groups from other tenants SearchTestsUtil.searchAll(darthVaderRestContext, 'members', [targetLoggedinGroup.id], null, function(err, results) { assert.ok(err); assert.equal(err.code, 401); assert.ok(!results); // Verify results and visibility for loggedin user SearchTestsUtil.searchAll(janeRestContext, 'members', [targetLoggedinGroup.id], null, function(err, results) { assert.ok(!err); var publicUserResult = _getDocById(results, publicUserMember.id); var loggedinUserResult = _getDocById(results, loggedinUserMember.id); var privateUserResult = _getDocById(results, privateUserMember.id); var privateGroupResult = _getDocById(results, privateGroupMember.id); var publicGroupResult = _getDocById(results, publicGroupMember.id); // Verify all members are returned assert.ok(publicUserResult); assert.ok(loggedinUserResult); assert.ok(privateUserResult); assert.ok(privateGroupResult); assert.ok(publicGroupResult); // Verify user visibility. Private should have their publicAlias swapped into the title assert.equal(publicUserResult.displayName, publicUserMember.displayName); assert.equal(loggedinUserResult.displayName, loggedinUserMember.displayName); assert.ok(loggedinUserResult.extra); assert.equal(loggedinUserResult._extra, undefined); assert.equal(loggedinUserResult.q_high, undefined); assert.equal(loggedinUserResult.q_low, undefined); assert.equal(loggedinUserResult.sort, undefined); assert.equal(loggedinUserResult.extra.extraProp, 'My extra prop'); assert.equal(privateUserResult.displayName, privateUserMember.publicAlias); assert.equal(publicGroupResult.displayName, publicGroupMember.displayName); assert.equal(privateGroupResult.displayName, privateGroupMember.displayName); // Verify that the correct resourceTypes are set assert.equal(publicUserResult.resourceType, 'user'); assert.equal(loggedinUserResult.resourceType, 'user'); assert.equal(privateUserResult.resourceType, 'user'); assert.equal(publicGroupResult.resourceType, 'group'); assert.equal(privateGroupResult.resourceType, 'group'); // Verify that the correct profilePaths are set assert.equal(publicUserResult.profilePath, '/user/' + publicUserResult.id); assert.equal(loggedinUserResult.profilePath, '/user/' + loggedinUserResult.id); assert.equal(privateUserResult.profilePath, undefined); assert.equal(publicGroupResult.profilePath, '/group/' + publicGroupResult.id); assert.equal(privateGroupResult.profilePath, '/group/' + privateGroupResult.id); // Verify results and visibility for member user SearchTestsUtil.searchAll(jackRestContext, 'members', [targetLoggedinGroup.id], null, function(err, results) { assert.ok(!err); var publicUserResult = _getDocById(results, publicUserMember.id); var loggedinUserResult = _getDocById(results, loggedinUserMember.id); var privateUserResult = _getDocById(results, privateUserMember.id); var privateGroupResult = _getDocById(results, privateGroupMember.id); var publicGroupResult = _getDocById(results, publicGroupMember.id); // Verify member sees all assert.ok(publicUserResult); assert.ok(loggedinUserResult); assert.ok(privateUserResult); assert.ok(privateGroupResult); assert.ok(publicGroupResult); // Verify user visibility. Private should have their publicAlias swapped into the title assert.equal(publicUserResult.displayName, publicUserMember.displayName); assert.equal(loggedinUserResult.displayName, loggedinUserMember.displayName); assert.ok(loggedinUserResult.extra); assert.equal(loggedinUserResult.extra.extraProp, 'My extra prop'); assert.equal(loggedinUserResult._extra, undefined); assert.equal(loggedinUserResult.q_high, undefined); assert.equal(loggedinUserResult.q_low, undefined); assert.equal(loggedinUserResult.sort, undefined); assert.equal(privateUserResult.displayName, privateUserMember.publicAlias); assert.equal(publicGroupResult.displayName, publicGroupMember.displayName); assert.equal(privateGroupResult.displayName, privateGroupMember.displayName); // Verify that the correct resourceTypes are set assert.equal(publicUserResult.resourceType, 'user'); assert.equal(loggedinUserResult.resourceType, 'user'); assert.equal(privateUserResult.resourceType, 'user'); assert.equal(publicGroupResult.resourceType, 'group'); assert.equal(privateGroupResult.resourceType, 'group'); // Verify that the correct profilePaths are set assert.equal(publicUserResult.profilePath, '/user/' + publicUserResult.id); assert.equal(loggedinUserResult.profilePath, '/user/' + loggedinUserResult.id); assert.equal(privateUserResult.profilePath, undefined); assert.equal(publicGroupResult.profilePath, '/group/' + publicGroupResult.id); assert.equal(privateGroupResult.profilePath, '/group/' + privateGroupResult.id); callback(); }); }); }); }); }); });
it('verify group-join activity is delivered', function(callback) { var doerUsername = TestsUtil.generateTestUserId('doer'); var username = TestsUtil.generateTestUserId('user'); var groupAlias = TestsUtil.generateTestGroupId('group'); // Create the user with which to perform setup RestAPI.User.createUser(camAdminRestContext, doerUsername, 'password', 'Doer', null, function(err, doer) { assert.ok(!err); var doerRestContext = TestsUtil.createTenantRestContext(global.oaeTests.tenants.cam.host, doerUsername, 'password'); // Create a user with which to create a group, then ensure the user gets the activity RestAPI.User.createUser(camAdminRestContext, username, 'password', 'Jack McJackerson', null, function(err, user) { assert.ok(!err); var userRestContext = TestsUtil.createTenantRestContext(global.oaeTests.tenants.cam.host, username, 'password'); RestAPI.Group.createGroup(doerRestContext, groupAlias, groupAlias, groupAlias, 'public', 'yes', [], [], function(err, group) { assert.ok(!err); RestAPI.Group.joinGroup(userRestContext, group.id, function(err) { assert.ok(!err); ActivityTestsUtil.collectAndGetActivityStream(userRestContext, user.id, null, function(err, activityStream) { assert.ok(!err); assert.ok(_getActivity(activityStream, 'group-join', 'object', group.id)); callback(); }); }); }); }); }); });