Commit 09b0184b authored by rlacko's avatar rlacko 💬
Browse files

comment fixes and added mentor tests

parent f25aa298
Pipeline #4716 failed with stages
in 2 minutes and 6 seconds
const { app } = require('../../../server')
const session = require('supertest-session')
const { iteratee, merge, has } = require('lodash')
const { validateKeys } = require('../../../utils/testHelpers')
const { Comment } = require('../commentModel')
const { Solution } = require('../../solution/solutionModel')
const { Task } = require('../../task/taskModel')
const { Attendance } = require('../../attendance/attendanceModel')
const { Activity } = require('../../activity/activityModel')
const { User } = require('../../user/userModel')
const endpointUrl = '/api/v1/comment'
const fakeUserJson = {
internal_id: 'fakeId',
schacc: 'fakeUser',
fullName: 'faker Janos',
secondaryEmail: 'faker@fake.com',
}
const fakeActivityJson = {
_id: '5f1351031185d36ad29687a3',
title: 'One title',
description: 'super desc',
date: '2020-01-01',
type: 'optional',
}
const fakeAttendanceJson = {
_id: '5f1351031185d36ad29687a4',
activity: '5f1351031185d36ad29687a3',
user: 'accepted_test',
}
const fakeTaskJson = {
_id: '5f1351031185d36ad29687a1',
title: 'One title',
description: 'super desc',
deadline: '2020-01-01',
bit: 1,
creator: 'mentor_test',
solutions: ['5f1351031185d36ad29687a2'],
}
const fakeSolutionJson = {
task: '5f1351031185d36ad29687a2',
title: 'One title',
description: 'super desc',
file: 'superfile.txt',
creator: 'accepted_test',
}
const fakeCommentOnSolutionJson = {
parentId: '5f1351031185d36ad29687a2',
parentType: 'solution',
text: 'alma',
}
const fakeCommentOnTaskJson = {
parentId: '5f1351031185d36ad29687a1',
parentType: 'task',
text: 'alma',
}
const fakeCommentOnAttendanceJson = {
parentId: '5f1351031185d36ad29687a4',
parentType: 'attendance',
text: 'alma',
}
const fakeCommentOnActivityJson = {
parentId: '5f1351031185d36ad29687a3',
parentType: 'activity',
text: 'alma',
}
describe('/comment "Mentor" Functionality', () => {
let authSession
// Login as mentor
beforeEach(async function (done) {
let testSession = session(app)
testSession.get(`/api/v1/login/mock/mentor`).end(function (err) {
if (err) return done(err)
authSession = testSession
return done()
})
})
// GET One
test(`GET returns with 404 if not found`, async () => {
let response = await authSession.get(
`${endpointUrl}/id/5f1351031185d36ad29687a1`
)
expect(response.statusCode).toBe(404)
})
test(`GET can get other users comment`, async () => {
await User.create(fakeUserJson)
await Activity.create(fakeActivityJson)
let comment = await Comment.create({
...fakeCommentOnActivityJson,
creator: 'fakeUser',
})
let response = await authSession.get(`${endpointUrl}/id/${comment._id}`)
expect(response.statusCode).toBe(200)
expect(response.body.data.creator.schacc).toBe('fakeUser')
})
test(`GET anonym comment`, async () => {
await User.create(fakeUserJson)
await Activity.create(fakeActivityJson)
let comment = await Comment.create({
...fakeCommentOnActivityJson,
creator: 'fakeUser',
isAnonim: true,
})
let response = await authSession.get(`${endpointUrl}/id/${comment._id}`)
expect(response.statusCode).toBe(200)
expect(response.body.data.creator).toBe('')
})
// Get Many
test(`GET many returns with all comments`, async () => {
await Activity.create(fakeActivityJson)
await Attendance.create(fakeAttendanceJson)
await Comment.create(fakeCommentOnActivityJson)
await Comment.create(fakeCommentOnAttendanceJson)
let response = await authSession.get(endpointUrl)
expect(response.statusCode).toBe(200)
expect(response.body.data.length).toBe(2)
})
// Create
test(`CREATE adds to parent (activity)`, async () => {
let activity = await Activity.create(fakeActivityJson)
let response = await authSession
.post(endpointUrl)
.send({ ...fakeCommentOnActivityJson, _id: '5f2801d8d5b36f6b39562cbb' })
expect(response.statusCode).toBe(200)
expect(response.body.data.parentId).toBe(String(activity._id))
let checkActivity = await Activity.findById(activity._id).lean().exec()
expect(String(checkActivity.comments[0])).toBe('5f2801d8d5b36f6b39562cbb')
})
// Delete
test(`DELETE a comment`, async () => {
let activity = await Activity.create(fakeActivityJson)
let response = await authSession
.post(endpointUrl)
.send({ ...fakeCommentOnActivityJson, _id: '5f2801d8d5b36f6b39562cbb' })
response = await authSession.delete(
`${endpointUrl}/id/5f2801d8d5b36f6b39562cbb`
)
expect(response.statusCode).toBe(200)
})
// Update
test(`UPDATE a comment`, async () => {
let activity = await Activity.create(fakeActivityJson)
let response = await authSession
.post(endpointUrl)
.send({ ...fakeCommentOnActivityJson, _id: '5f2801d8d5b36f6b39562cbb' })
response = await authSession
.put(`${endpointUrl}/id/5f2801d8d5b36f6b39562cbb`)
.send({ creator: 'almafa', text: 'kortefa' })
expect(response.statusCode).toBe(200)
expect(response.body.data.creator).not.toBe('almafa')
expect(response.body.data.text).toBe('kortefa')
})
})
const { app } = require('../../../server')
const { crudPermTest } = require('../../../utils/testHelpers')
const { Comment } = require('../commentModel')
const endpointUrl = '/api/v1/comment'
const fakeCommentJson = {
parentId: '5f1351031185d36ad29687a2',
parentType: 'solution',
text: 'alma',
}
describe('/comment Permission tests', () => {
crudPermTest(
app,
endpointUrl + '/id',
Comment,
'comment',
fakeCommentJson,
[false, false, true, true, true],
[
// [role, create, readAll, readOne, update, delete]
['none', false, false, false, false, false],
['normal', false, false, false, false, false],
['accepted', true, false, true, false, false], // can update or delete own
['mentor', true, true, true, true, true],
]
)
crudPermTest(
app,
endpointUrl,
Comment,
'comment',
fakeCommentJson,
[true, true, false, false, false],
[
// [role, create, readAll, readOne, update, delete]
['none', false, false, false, false, false],
['normal', false, false, false, false, false],
['accepted', true, false, true, false, false],
['mentor', true, true, true, true, true],
]
)
})
......@@ -39,14 +39,13 @@ exports.default.getOne = async (req, res) => {
const comment = await Comment.findOne({
_id: req.params.id,
})
.populate('creator', ['fullName', 'nickName', 'schacc'])
.populate('_creator', ['fullName', 'nickName', 'schacc'])
.lean()
.exec()
if (
comment.creator.schacc !== req.user.schacc &&
req.user.role !== 'mentor'
) {
if (!comment) return res.status(404).end()
if (comment.creator !== req.user.schacc && req.user.role !== 'mentor') {
if (
comment.parentType == 'attendance' ||
comment.parentType == 'activity'
......@@ -58,6 +57,11 @@ exports.default.getOne = async (req, res) => {
// Check if own solution
if (comment.parentType == 'solution') {
const solution = await Solution.findById(comment.parentId).lean().exec()
if (!solution)
return res
.status(404)
.json({ messages: ["Parent Object doesn't exist!"] })
if (solution.creator != req.user.schacc)
return res
.status(403)
......@@ -66,6 +70,7 @@ exports.default.getOne = async (req, res) => {
}
}
comment.creator = comment._creator
if (comment.isAnonim) comment.creator = ''
return res
......@@ -128,6 +133,12 @@ exports.default.createOne = async (req, res) => {
// Add to parent
let updateParent = await getParentModel(comment).findById(comment.parentId)
if (!updateParent) {
await Comment.findByIdAndRemove(comment._id).lean().exec()
return res
.status(404)
.json({ messages: ["Parent Object doesn't exist!"] })
}
if (updateParent.comments.indexOf(comment._id) == -1) {
updateParent.comments.push(comment._id)
try {
......@@ -170,6 +181,8 @@ exports.default.updateOne = async (req, res) => {
try {
const comment = await Comment.findById(req.params.id).lean().exec()
if (!comment) return res.status(404).end()
if (comment.creator !== req.user.schacc && req.user.role != 'mentor')
return res
.status(403)
......
......@@ -123,6 +123,5 @@ components:
required:
- parentId
- parentType
- creator
- text
- isAnonim
......@@ -14,7 +14,6 @@ const CommentSchema = new mongoose.Schema(
},
creator: {
type: String,
required: true,
},
text: {
type: String,
......
const { Router } = require('express')
const controllers = require('./commentControllers')
const { isLoggedIn, isMentor } = require('../../middlewares/auth')
const {
isLoggedIn,
isMentor,
isAcceptedOrMentor,
} = require('../../middlewares/auth')
const router = Router()
......@@ -8,13 +12,13 @@ const router = Router()
router
.route('/')
.get(isLoggedIn, isMentor, controllers.default.getMany)
.post(isLoggedIn, controllers.default.createOne)
.post(isLoggedIn, isAcceptedOrMentor, controllers.default.createOne)
// /api/v1/comment/id/:id
router
.route('/id/:id')
.get(isLoggedIn, controllers.default.getOne)
.put(isLoggedIn, controllers.default.updateOne)
.delete(isLoggedIn, controllers.default.removeOne)
.get(isLoggedIn, isAcceptedOrMentor, controllers.default.getOne)
.put(isLoggedIn, isAcceptedOrMentor, controllers.default.updateOne)
.delete(isLoggedIn, isAcceptedOrMentor, controllers.default.removeOne)
exports.default = router
......@@ -14,10 +14,6 @@ const TaskSchema = new mongoose.Schema(
type: Date,
required: true,
},
createData: {
type: String,
required: false,
},
bit: {
type: Number,
require: true,
......
......@@ -85,7 +85,6 @@ const crudPermTest = async (
const response = await authSession.put(
`${endpointUrl}/${Object.values(keyField)[0]}`
)
console.log(response.statusCode)
if (role === 'none') expect(response.statusCode != 401).toBe(perm[3])
else expect(response.statusCode != 403).toBe(perm[3])
expect(response.statusCode).not.toBeGreaterThanOrEqual(500)
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment