From 58539ce080cbda192460a36f9b15b3e11f911d33 Mon Sep 17 00:00:00 2001 From: Oliver Eyton-Williams Date: Tue, 3 Oct 2023 16:44:25 +0200 Subject: [PATCH] refactor(api): DRY tests (#51776) --- api/src/routes/challenge.test.ts | 48 +++++++------------------ api/src/routes/donate.test.ts | 24 ++++++++----- api/src/routes/settings.test.ts | 33 ++++++++++------- api/src/routes/user.test.ts | 61 +++++++------------------------- api/src/server.test.ts | 2 +- 5 files changed, 64 insertions(+), 104 deletions(-) diff --git a/api/src/routes/challenge.test.ts b/api/src/routes/challenge.test.ts index 50e124456ac..930abd11eea 100644 --- a/api/src/routes/challenge.test.ts +++ b/api/src/routes/challenge.test.ts @@ -994,48 +994,26 @@ describe('challengeRoutes', () => { // Get the CSRF cookies from an unprotected route beforeAll(async () => { - const res = await superRequest('/', { method: 'GET' }); + const res = await superRequest('/status/ping', { method: 'GET' }); setCookies = res.get('Set-Cookie'); }); - describe('/coderoad-challenge-completed', () => { - test('POST returns 401 status code with error message', async () => { - const response = await superRequest('/coderoad-challenge-completed', { - method: 'POST', + const endpoints: { path: string; method: 'POST' }[] = [ + { path: '/coderoad-challenge-completed', method: 'POST' }, + { path: '/project-completed', method: 'POST' }, + { path: '/backend-challenge-completed', method: 'POST' }, + { path: '/modern-challenge-completed', method: 'POST' }, + { path: '/save-challenge', method: 'POST' } + ]; + + endpoints.forEach(({ path, method }) => { + test(`${method} ${path} returns 401 status code with error message`, async () => { + const response = await superRequest(path, { + method, setCookies }); - - expect(response?.statusCode).toBe(401); - }); - }); - - describe('/project-completed', () => { - test('POST returns 401 status code with error message', async () => { - const response = await superRequest('/project-completed', { - method: 'POST', - setCookies - }); - expect(response.statusCode).toBe(401); }); }); - - test('POST /backend-challenge-completed returns 401 status code for un-authenticated-user', async () => { - const response = await superRequest('/backend-challenge-completed', { - method: 'POST', - setCookies - }); - - expect(response.statusCode).toBe(401); - }); - - test('POST /modern-challenge-completed returns 401 status code with error message', async () => { - const response = await superRequest('/modern-challenge-completed', { - method: 'POST', - setCookies - }); - - expect(response?.statusCode).toBe(401); - }); }); }); diff --git a/api/src/routes/donate.test.ts b/api/src/routes/donate.test.ts index cc4f15845dd..9f24c67d47c 100644 --- a/api/src/routes/donate.test.ts +++ b/api/src/routes/donate.test.ts @@ -45,15 +45,23 @@ describe('Donate', () => { }); describe('Unauthenticated User', () => { - describe('POST /donate/add-donation', () => { - it('should return 403', async () => { - const response = await superRequest('/donate/add-donation', { - method: 'POST' - }).send({ - isDonating: true - }); + let setCookies: string[]; + // Get the CSRF cookies from an unprotected route + beforeAll(async () => { + const res = await superRequest('/status/ping', { method: 'GET' }); + setCookies = res.get('Set-Cookie'); + }); + const endpoints: { path: string; method: 'POST' }[] = [ + { path: '/donate/add-donation', method: 'POST' } + ]; - expect(response.status).toBe(403); + endpoints.forEach(({ path, method }) => { + test(`${method} ${path} returns 401 status code with error message`, async () => { + const response = await superRequest(path, { + method, + setCookies + }); + expect(response.statusCode).toBe(401); }); }); }); diff --git a/api/src/routes/settings.test.ts b/api/src/routes/settings.test.ts index 1818d90c148..02308958bfe 100644 --- a/api/src/routes/settings.test.ts +++ b/api/src/routes/settings.test.ts @@ -607,22 +607,31 @@ describe('settingRoutes', () => { // Get the CSRF cookies from an unprotected route beforeAll(async () => { - const res = await superRequest('/', { method: 'GET' }); + const res = await superRequest('/status/ping', { method: 'GET' }); setCookies = res.get('Set-Cookie'); }); - test.each([ - '/update-my-profileui', - '/update-my-theme', - '/update-privacy-terms', - '/update-my-username', - '/update-my-portfolio' - ])('PUT %s should return 401 status code', async endpoint => { - const response = await superRequest(endpoint, { - method: 'PUT', - setCookies + const endpoints: { path: string; method: 'PUT' }[] = [ + { path: '/update-my-profileui', method: 'PUT' }, + { path: '/update-my-theme', method: 'PUT' }, + { path: '/update-my-username', method: 'PUT' }, + { path: '/update-my-keyboard-shortcuts', method: 'PUT' }, + { path: '/update-my-socials', method: 'PUT' }, + { path: '/update-my-quincy-email', method: 'PUT' }, + { path: '/update-my-about', method: 'PUT' }, + { path: '/update-my-honesty', method: 'PUT' }, + { path: '/update-privacy-terms', method: 'PUT' }, + { path: '/update-my-portfolio', method: 'PUT' } + ]; + + endpoints.forEach(({ path, method }) => { + test(`${method} ${path} returns 401 status code with error message`, async () => { + const response = await superRequest(path, { + method, + setCookies + }); + expect(response.statusCode).toBe(401); }); - expect(response.statusCode).toEqual(401); }); }); }); diff --git a/api/src/routes/user.test.ts b/api/src/routes/user.test.ts index b08aa502332..6db961abcc4 100644 --- a/api/src/routes/user.test.ts +++ b/api/src/routes/user.test.ts @@ -564,59 +564,24 @@ describe('userRoutes', () => { let setCookies: string[]; // Get the CSRF cookies from an unprotected route beforeAll(async () => { - const res = await superRequest('/', { method: 'GET' }); + const res = await superRequest('/status/ping', { method: 'GET' }); setCookies = res.get('Set-Cookie'); }); - describe('/account/delete', () => { - test('POST returns 401 status code with error message', async () => { - const response = await superRequest('/account/delete', { - method: 'POST', + const endpoints: { path: string; method: 'GET' | 'POST' | 'DELETE' }[] = [ + { path: '/account/delete', method: 'POST' }, + { path: '/account/reset-progress', method: 'POST' }, + { path: '/user/get-session-user', method: 'GET' }, + { path: '/user/user-token', method: 'DELETE' }, + { path: '/user/user-token', method: 'POST' } + ]; + + endpoints.forEach(({ path, method }) => { + test(`${method} ${path} returns 401 status code with error message`, async () => { + const response = await superRequest(path, { + method, setCookies }); - - expect(response.statusCode).toBe(401); - }); - }); - - describe('/account/reset-progress', () => { - test('POST returns 401 status code with error message', async () => { - const response = await superRequest('/account/reset-progress', { - method: 'POST', - setCookies - }); - - expect(response.statusCode).toBe(401); - }); - }); - - describe('/user/get-user-session', () => { - test('GET returns 401 status code with error message', async () => { - const response = await superRequest('/user/get-session-user', { - method: 'GET', - setCookies - }); - - expect(response.statusCode).toBe(401); - }); - }); - - describe('/user/user-token', () => { - test('DELETE returns 401 status code with error message', async () => { - const response = await superRequest('/user/user-token', { - method: 'DELETE', - setCookies - }); - - expect(response.statusCode).toBe(401); - }); - - test('POST returns 401 status code with error message', async () => { - const response = await superRequest('/user/user-token', { - method: 'POST', - setCookies - }); - expect(response.statusCode).toBe(401); }); }); diff --git a/api/src/server.test.ts b/api/src/server.test.ts index 55f89610472..cbee4ffd4ee 100644 --- a/api/src/server.test.ts +++ b/api/src/server.test.ts @@ -14,7 +14,7 @@ describe('server', () => { describe('CSRF protection', () => { it('should receive a new CSRF token with the expected properties', async () => { - const response = await superRequest('/', { method: 'GET' }); + const response = await superRequest('/status/ping', { method: 'GET' }); const newCookies = response.get('Set-Cookie'); const csrfTokenCookie = newCookies.find(cookie => cookie.includes('csrf_token')