Skip to content

Commit 22c285d

Browse files
ronnmabungaronnmabunga
committed
Add /user route tests (varied authorization)
1 parent 6a37bee commit 22c285d

File tree

1 file changed

+65
-5
lines changed

1 file changed

+65
-5
lines changed

test/test.js

Lines changed: 65 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ let app = require("../index");
1010
describe(`TESTS ON "/users"`, function () {
1111
let userToken;
1212
let adminToken;
13-
this.timeout(60000);
13+
this.timeout(30000);
1414
before(async () => {
1515
console.log("Tests starting:");
1616
await connectDB(MONGO_STRING);
@@ -51,7 +51,7 @@ describe(`TESTS ON "/users"`, function () {
5151
await disconnectDB();
5252
console.log("Testing ends");
5353
});
54-
it(`POST ON "/users/register"`, (done) => {
54+
it(`[Not Authenticated User] POST "/users/register"`, (done) => {
5555
chai.request(app)
5656
.post("/users/register")
5757
.type("json")
@@ -67,7 +67,24 @@ describe(`TESTS ON "/users"`, function () {
6767
done();
6868
});
6969
});
70-
it(`POST ON "/users/login"`, (done) => {
70+
it(`[Authenticated User] POST "/users/register"`, (done) => {
71+
chai.request(app)
72+
.post("/users/register")
73+
.type("json")
74+
.send({
75+
username: "NewUser",
76+
email: "[email protected]",
77+
password: "pAs$w0rd",
78+
})
79+
.set("Authorization", `Bearer ${adminToken}`)
80+
.end((err, res) => {
81+
chai.expect(res.status).to.equal(403);
82+
chai.expect(res.body).to.have.property("success").that.equals(false);
83+
chai.expect(res.body).to.have.property("message").that.equals("You do not have permission to access this resource.");
84+
done();
85+
});
86+
});
87+
it(`[Not Authenticated User] POST "/users/login"`, (done) => {
7188
chai.request(app)
7289
.post("/users/login")
7390
.type("json")
@@ -83,7 +100,33 @@ describe(`TESTS ON "/users"`, function () {
83100
done();
84101
});
85102
});
86-
it(`GET ON "/users"`, (done) => {
103+
it(`[Authenticated User] POST "/users/login"`, (done) => {
104+
chai.request(app)
105+
.post("/users/login")
106+
.type("json")
107+
.send({
108+
email: "[email protected]",
109+
password: "pAs$w0rd",
110+
})
111+
.set("Authorization", `Bearer ${adminToken}`)
112+
.end((err, res) => {
113+
chai.expect(res.status).to.equal(403);
114+
chai.expect(res.body).to.have.property("success").that.equals(false);
115+
chai.expect(res.body).to.have.property("message").that.equals("You do not have permission to access this resource.");
116+
done();
117+
});
118+
});
119+
it(`[Not Authenticated User] GET "/users"`, (done) => {
120+
chai.request(app)
121+
.get("/users")
122+
.end((err, res) => {
123+
chai.expect(res.status).to.equal(403);
124+
chai.expect(res.body).to.have.property("success").that.equals(false);
125+
chai.expect(res.body).to.have.property("message").that.equals("You do not have permission to access this resource.");
126+
done();
127+
});
128+
});
129+
it(`[Authenticated User] GET "/users"`, (done) => {
87130
chai.request(app)
88131
.get("/users")
89132
.set("Authorization", `Bearer ${adminToken}`)
@@ -95,7 +138,24 @@ describe(`TESTS ON "/users"`, function () {
95138
done();
96139
});
97140
});
98-
it(`PATCH on "/users"`, (done) => {
141+
it(`[Not Authenticated User] PATCH "/users"`, (done) => {
142+
let updated = {
143+
username: "UpdatedMainUser",
144+
email: "[email protected]",
145+
password: "pAs$w0rd",
146+
};
147+
chai.request(app)
148+
.patch("/users")
149+
.type("json")
150+
.send(updated)
151+
.end((err, res) => {
152+
chai.expect(res.status).to.equal(403);
153+
chai.expect(res.body).to.have.property("success").that.equals(false);
154+
chai.expect(res.body).to.have.property("message").that.equals("You do not have permission to access this resource.");
155+
done();
156+
});
157+
});
158+
it(`[Authenticated User] PATCH "/users"`, (done) => {
99159
let updated = {
100160
username: "UpdatedMainUser",
101161
email: "[email protected]",

0 commit comments

Comments
 (0)