mirror of
https://github.com/Foltik/Shimapan
synced 2024-11-30 14:31:42 -05:00
Change response code, add length test, verify user and invite are processed correctly
This commit is contained in:
parent
883ec62c7a
commit
1fdb121260
15
test/api.js
15
test/api.js
@ -44,7 +44,7 @@ describe('Users', function() {
|
|||||||
const create = invite ? util.createInvite : (invite, cb) => cb();
|
const create = invite ? util.createInvite : (invite, cb) => cb();
|
||||||
async.series([
|
async.series([
|
||||||
(cb) => create(invite, cb),
|
(cb) => create(invite, cb),
|
||||||
(cb) => util.verifyFailedRegister(user, message, 401, cb)
|
(cb) => util.verifyFailedRegister(user, message, 422, cb)
|
||||||
], done);
|
], done);
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -75,7 +75,7 @@ describe('Users', function() {
|
|||||||
const user1 = {username: 'user', password: 'diff', invite: 'code1'};
|
const user1 = {username: 'user', password: 'diff', invite: 'code1'};
|
||||||
async.series([
|
async.series([
|
||||||
(cb) => util.verifySuccessfulRegister(user0, cb),
|
(cb) => util.verifySuccessfulRegister(user0, cb),
|
||||||
(cb) => util.verifyFailedRegister(user1, 'Username in use.', 401, cb)
|
(cb) => util.verifyFailedRegister(user1, 'Username in use.', 422, cb)
|
||||||
], done);
|
], done);
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -84,7 +84,7 @@ describe('Users', function() {
|
|||||||
const user1 = {username: 'ᴮᴵᴳᴮᴵᴿᴰ', password: 'diff', invite: 'code1'};
|
const user1 = {username: 'ᴮᴵᴳᴮᴵᴿᴰ', password: 'diff', invite: 'code1'};
|
||||||
async.series([
|
async.series([
|
||||||
(cb) => util.verifySuccessfulRegister(user0, cb),
|
(cb) => util.verifySuccessfulRegister(user0, cb),
|
||||||
(cb) => util.verifyFailedRegister(user1, 'Username in use.', 401, cb)
|
(cb) => util.verifyFailedRegister(user1, 'Username in use.', 422, cb)
|
||||||
], done);
|
], done);
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -95,13 +95,18 @@ describe('Users', function() {
|
|||||||
{username: 'user name', password: 'pass', invite: 'code2'}
|
{username: 'user name', password: 'pass', invite: 'code2'}
|
||||||
];
|
];
|
||||||
const failMsg = 'Username contains invalid characters.';
|
const failMsg = 'Username contains invalid characters.';
|
||||||
async.each(users, (user, cb) => util.verifyFailedRegister(user, failMsg, 401, cb), done);
|
async.each(users, (user, cb) => util.verifyFailedRegister(user, failMsg, 422, cb), done);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('MUST NOT register a username containing HTML', function(done) {
|
it('MUST NOT register a username containing HTML', function(done) {
|
||||||
const user = {username: 'user<svg/onload=alert("XSS")>', password: 'pass', invite: 'code0'};
|
const user = {username: 'user<svg/onload=alert("XSS")>', password: 'pass', invite: 'code0'};
|
||||||
util.verifyFailedRegister(user, 'Username contains invalid characters.', 401, done);
|
util.verifyFailedRegister(user, 'Username contains invalid characters.', 422, done);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('MUST NOT register a username with too many characters', function(done) {
|
||||||
|
const user = {username: '123456789_123456789_123456789_1234567', password: 'pass', invite: 'code0'};
|
||||||
|
util.verifyFailedRegister(user, 'Username too long.', 422, done);
|
||||||
|
})
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -18,6 +18,10 @@ var expect = chai.expect;
|
|||||||
|
|
||||||
chai.use(http);
|
chai.use(http);
|
||||||
|
|
||||||
|
//TODO: BAD! Move to a util file!
|
||||||
|
// Normalizes, decomposes, and lowercases a utf-8 string
|
||||||
|
const canonicalizeUsername = username => username.normalize('NFKD').toLowerCase();
|
||||||
|
|
||||||
//---------------- DATABASE UTIL ----------------//
|
//---------------- DATABASE UTIL ----------------//
|
||||||
|
|
||||||
var resetDatabase = function(cb) {
|
var resetDatabase = function(cb) {
|
||||||
@ -63,7 +67,13 @@ const verifySuccessfulRegister = function(user, done) {
|
|||||||
res.should.have.status(200);
|
res.should.have.status(200);
|
||||||
res.body.should.be.a('object');
|
res.body.should.be.a('object');
|
||||||
res.body.should.have.property('message').eql('Registration successful.');
|
res.body.should.have.property('message').eql('Registration successful.');
|
||||||
done();
|
User.countDocuments({username: user.username}, function(err, count) {
|
||||||
|
count.should.eql(1);
|
||||||
|
Invite.countDocuments({recipient: canonicalizeUsername(user.username)}, function(err, count) {
|
||||||
|
count.should.eql(1);
|
||||||
|
done();
|
||||||
|
});
|
||||||
|
});
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user