Commit dfb375b2 authored by rlacko's avatar rlacko 💬
Browse files

Application by schacc or id and documentation

parent 3ebc6151
Pipeline #4712 passed with stages
in 1 minute and 42 seconds
......@@ -66,7 +66,7 @@ describe('/application "Mentor" Functionality', () => {
})
})
// GET own
test(`GET own application`, async () => {
test(`GET own application by ID`, async () => {
await createGroups()
const ownUser = await authSession.get('/api/v1/user/me')
const newApplication = await Application.create(
......@@ -74,24 +74,28 @@ describe('/application "Mentor" Functionality', () => {
creator: ownUser.body.data.schacc,
})
)
let response = await authSession.get(`${endpointUrl}/${newApplication._id}`)
let response = await authSession.get(
`${endpointUrl}/id/${newApplication._id}`
)
expect(response.statusCode).toBe(200)
validateKeys(response.body.data, defaultKeys)
response = await authSession.get(`${endpointUrl}/own`)
response = await authSession.get(`${endpointUrl}/id/own`)
expect(response.statusCode).toBe(200)
validateKeys(response.body.data, defaultKeys)
})
// Get others
test(`GET others application`, async () => {
test(`GET others application by ID`, async () => {
await createGroups()
const newApplication = await Application.create(fakeApplicationJson)
let response = await authSession.get(`${endpointUrl}/${newApplication._id}`)
let response = await authSession.get(
`${endpointUrl}/id/${newApplication._id}`
)
expect(response.statusCode).toBe(200)
})
test(`GET invalid ID`, async () => {
let response = await authSession.get(`${endpointUrl}/almafa`)
let response = await authSession.get(`${endpointUrl}/id/almafa`)
expect(response.statusCode).toBe(422)
})
......
const { app } = require('../../../server')
const session = require('supertest-session')
const { crudPermTest } = require('../../../utils/testHelpers')
const { Application } = require('../applicationModel')
const { User } = require('../../user/userModel')
const { Groups } = require('../../groups/groupsModel')
const endpointUrl = '/api/v1/application'
......@@ -9,17 +12,38 @@ let fakeApplicationJson = {
motivation: 'what is motivation?',
expectation: 'I expect a lot',
solution: 'My awesome solution',
groups: ['5f089da3d11dae2a1ff07abc'],
groups: ['5f089da3d11dae2a1ff0aaaa', '5f089da3d11dae2a1f00aaab'],
}
const fakeGroupsJsons = [
{
_id: '5f089da3d11dae2a1ff0aaaa',
name: 'SuperGroup',
description: 'So awesome that you want to join in',
groupPath: 'future image',
},
{
_id: '5f089da3d11dae2a1f00aaab',
name: 'AwesomeGroup',
description: 'So awesome that you want to join in',
groupPath: 'future image',
},
]
const createGroups = async () => {
await Groups.create(fakeGroupsJsons[0])
await Groups.create(fakeGroupsJsons[1])
}
describe('/application Permission tests', () => {
let authSession
crudPermTest(
app,
endpointUrl,
Application,
'application',
fakeApplicationJson,
[true, true, true, false, false],
[true, true, false, false, false],
[
// [role, create, readAll, readOne, update, delete]
['none', false, false, false, false, false],
......@@ -28,4 +52,73 @@ describe('/application Permission tests', () => {
['mentor', true, true, true, false, false],
]
)
crudPermTest(
app,
endpointUrl + '/id',
Application,
'application',
fakeApplicationJson,
[false, false, true, false, false],
[
// [role, create, readAll, readOne, update, delete]
['none', false, false, false, false, false],
['normal', true, false, false, false, false],
['accepted', true, false, false, false, false],
['mentor', true, true, true, false, false],
]
)
describe.each(['normal', 'accepted', 'mentor'])('role: %s', (role) => {
beforeEach(function (done) {
let testSession = session(app)
testSession.get(`/api/v1/login/mock/${role}`).end(function (err) {
if (err) return done(err)
authSession = testSession
return done()
})
})
// All roles
test(`Can Get own application on /id/ or on /schacc`, async () => {
await createGroups()
const ownUser = await authSession.get('/api/v1/user/me')
const newApplication = await Application.create(
Object.assign({}, fakeApplicationJson, {
creator: ownUser.body.data.schacc,
})
)
let response = await authSession.get(
`${endpointUrl}/id/${newApplication._id}`
)
expect(response.statusCode).toBe(200)
response = await authSession.get(
`${endpointUrl}/schacc/${ownUser.body.data.schacc}`
)
expect(response.statusCode).toBe(200)
// get others
const newUser = await User.create({
internal_id: 'fakeId',
schacc: 'fakeUser',
fullName: 'faker Janos',
secondaryEmail: 'faker@fake.com',
})
const newApplication2 = await Application.create(
Object.assign({}, fakeApplicationJson, {
creator: newUser.schacc,
})
)
let responsebyId = await authSession.get(
`${endpointUrl}/id/${newApplication2._id}`
)
let responsebySchacc = await authSession.get(
`${endpointUrl}/schacc/${newUser.schacc}`
)
if (role == 'mentor') {
expect(responsebyId.statusCode).toBe(200)
expect(responsebySchacc.statusCode).toBe(200)
} else {
expect(responsebyId.statusCode).toBe(403)
expect(responsebySchacc.statusCode).toBe(403)
}
})
})
})
......@@ -162,7 +162,7 @@ exports.default.getMany = async (req, res) => {
}
}
exports.default.getOne = async (req, res) => {
exports.default.getOneByID = async (req, res) => {
try {
let doc
if (req.params.id === 'own')
......@@ -179,6 +179,47 @@ exports.default.getOne = async (req, res) => {
return res.status(404).end()
}
if (doc.creator != req.user.schacc && req.user.role != 'mentor')
return res.status(403).end()
doc.creator = doc._creator
res.status(200).json({
data: pick(doc, [
'_id',
'creator',
'motivation',
'expectation',
'solution',
'groups',
'state',
]),
})
} catch (err) {
if (err.name == 'CastError') {
// Throwed by Mongoose
return res.status(422).json('Invalid ID provided')
} else {
console.error(err)
res.status(400).end()
}
}
}
exports.default.getOneBySchacc = async (req, res) => {
try {
let doc = await Application.findOne({ creator: req.params.schacc })
.populate('groups', ['name'])
.populate('_creator', ['schacc', 'fullName', 'secondaryEmail'])
.lean()
.exec()
if (!doc) {
return res.status(404).end()
}
if (doc.creator != req.user.schacc && req.user.role != 'mentor')
return res.status(403).end()
doc.creator = doc._creator
res.status(200).json({
data: pick(doc, [
......
openapi: '3.0.2'
info:
title: 'Application Endpoint'
version: '1.0'
paths:
/application:
get:
tags:
- 'Application'
summary: 'Get a List of applications'
description: 'This can only be done by a mentor.'
operationId: 'getAllApplication'
responses:
'200':
description: OK
content:
application/json:
schema:
type: 'array'
items:
$ref: '#/components/schemas/Application'
post:
tags:
- 'Application'
summary: 'Update an application or create it if doesnt exist'
description: 'Have to be logged in.
To update someones application as a mentor, have to pass in the creator.
After deadline only the mentor can create or update one.'
operationId: 'createAnApplication'
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/Application'
responses:
'200':
description: OK
content:
application/json:
schema:
$ref: '#/components/schemas/Application'
/application/id/{id}:
get:
tags:
- 'Application'
summary: 'Get Application by ID'
description: 'Can get own or have to be mentor.
{id} = own is a shorthand for getting own.'
operationId: 'getApplicationByID'
responses:
'200':
description: OK
content:
application/json:
schema:
type: 'array'
items:
$ref: '#/components/schemas/Application'
/application/schacc/{schacc}:
get:
tags:
- 'Application'
summary: 'Get Application by Schacc'
description: 'Can get own or have to be mentor.'
operationId: 'getApplicationBySchacc'
responses:
'200':
description: OK
content:
application/json:
schema:
type: 'array'
items:
$ref: '#/components/schemas/Application'
components:
schemas:
Application:
type: object
properties:
creator:
type: string
description: Reference to a Users schacc
motivation:
type: string
expectation:
type: string
maxLength: 50
solution:
type: string
groups:
type: array
items:
type: string
description: References to a Group names
state:
type: string
enum:
- 'accepted'
- 'rejected'
- 'nonchecked'
default: 'nonchecked'
required:
- creator
- motivation
- expectation
- solution
- state
......@@ -10,7 +10,11 @@ router
.get(isLoggedIn, isMentor, controllers.default.getMany)
.post(isLoggedIn, controllers.default.createOne)
// /api/application/:id
router.route('/:id').get(isLoggedIn, controllers.default.getOne)
// /api/application/id/:id
router.route('/id/:id').get(isLoggedIn, controllers.default.getOneByID)
// /api/application/schacc/:schacc
router
.route('/schacc/:schacc')
.get(isLoggedIn, controllers.default.getOneBySchacc)
exports.default = router
openapi: '3.0.2'
info:
title: 'User Endpoint'
title: 'Groups Endpoint'
version: '1.0'
paths:
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment