Commit dd81d3b2 authored by rlacko's avatar rlacko 💬
Browse files

comment accepted get tests

parent f4fd12b8
Pipeline #4721 passed with stages
in 1 minute and 53 seconds
......@@ -45,7 +45,8 @@ const fakeTaskJson = {
}
const fakeSolutionJson = {
task: '5f1351031185d36ad29687a2',
_id: '5f1351031185d36ad29687a2',
task: '5f1351031185d36ad29687a1',
title: 'One title',
description: 'super desc',
file: 'superfile.txt',
......@@ -168,3 +169,77 @@ describe('/comment "Mentor" Functionality', () => {
expect(response.body.data.text).toBe('kortefa')
})
})
describe('/comment "Accepted" Functionality', () => {
let authSession
// Login as accepted
beforeEach(async function (done) {
let testSession = session(app)
testSession.get(`/api/v1/login/mock/accepted`).end(function (err) {
if (err) return done(err)
authSession = testSession
return done()
})
})
// GET One
test(`GET cant get comment on Attendance or Activity`, async () => {
await User.create(fakeUserJson)
await Activity.create(fakeActivityJson)
await Attendance.create(fakeAttendanceJson)
let commentOnActivity = await Comment.create(fakeCommentOnActivityJson)
let commentonAttendance = await Comment.create(fakeCommentOnAttendanceJson)
let response = await authSession.get(
`${endpointUrl}/id/${commentOnActivity._id}`
)
expect(response.statusCode).toBe(403)
response = await authSession.get(
`${endpointUrl}/id/${commentonAttendance._id}`
)
expect(response.statusCode).toBe(403)
let ownCommentOnActivity = await Comment.create({
...fakeCommentOnActivityJson,
creator: 'accepted_test',
})
response = await authSession.get(
`${endpointUrl}/id/${ownCommentOnActivity._id}`
)
expect(response.statusCode).toBe(403)
})
test(`GET comment on own Solution`, async () => {
await User.create(fakeUserJson)
await Task.create(fakeTaskJson)
await Solution.create({ ...fakeSolutionJson, creator: 'accepted_test' })
let commentOnSolution = await Comment.create(fakeCommentOnSolutionJson)
let response = await authSession.get(
`${endpointUrl}/id/${commentOnSolution._id}`
)
expect(response.statusCode).toBe(200)
let owncommentOnSolution = await Comment.create({
...fakeCommentOnSolutionJson,
creator: 'accepted_test',
})
response = await authSession.get(
`${endpointUrl}/id/${owncommentOnSolution._id}`
)
expect(response.statusCode).toBe(200)
})
test(`GET comment on others Solution`, async () => {
await User.create(fakeUserJson)
await Task.create(fakeTaskJson)
await Solution.create({ ...fakeSolutionJson, creator: 'jani' })
let commentOnSolution = await Comment.create({
...fakeCommentOnSolutionJson,
})
let response = await authSession.get(
`${endpointUrl}/id/${commentOnSolution._id}`
)
expect(response.statusCode).toBe(403)
let owncommentOnSolution = await Comment.create({
...fakeCommentOnSolutionJson,
creator: 'accepted_test',
})
response = await authSession.get(
`${endpointUrl}/id/${owncommentOnSolution._id}`
)
expect(response.statusCode).toBe(403)
})
})
......@@ -45,15 +45,17 @@ exports.default.getOne = async (req, res) => {
if (!comment) return res.status(404).end()
if (comment.creator !== req.user.schacc && req.user.role !== 'mentor') {
if (
comment.parentType == 'attendance' ||
comment.parentType == 'activity'
)
return res
.status(403)
.json({ messages: ['You cannot get other users comment.'] })
.end()
if (
(comment.parentType == 'attendance' ||
comment.parentType == 'activity') &&
req.user.role !== 'mentor'
)
return res
.status(403)
.json({ messages: ['You cannot get other users comment.'] })
.end()
if (req.user.role !== 'mentor') {
// Check if own solution
if (comment.parentType == 'solution') {
const solution = await Solution.findById(comment.parentId).lean().exec()
......@@ -125,9 +127,10 @@ exports.default.getMany = async (req, res) => {
exports.default.createOne = async (req, res) => {
try {
if (req.user.role != 'mentor' || !req.body.creator)
if (req.user.role != 'mentor' && !req.body.creator)
req.body.creator = req.user.schacc
var comment = await Comment.create({
let comment = await Comment.create({
...req.body,
})
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment