diff --git a/server/admin.routes.js b/server/admin.routes.js index 7445cb3..be83166 100644 --- a/server/admin.routes.js +++ b/server/admin.routes.js @@ -29,26 +29,19 @@ router.delete('/admin/invalid', mw.adminOnly, (req, res, next)=>{ .catch(next); }); -router.get('/admin/lookup/:search', (req, res) => { +router.get('/admin/lookup/:search', mw.adminOnly, (req, res, next) => { //search for mathcing edit id //search for matching share id // search for partial match - BrewData.get({editId : req.params.search}) - .then((brew) => { - - }) - BrewData.get({ $or:[ {editId : { "$regex": req.params.search, "$options": "i" }}, {shareId : { "$regex": req.params.search, "$options": "i" }}, ]}) .then((brews) => { - console.log(brews); return res.json(brews); }) - - -}) + .catch(next); +}); module.exports = router; \ No newline at end of file diff --git a/test/admin.test.js b/test/admin.test.js new file mode 100644 index 0000000..6d2ccce --- /dev/null +++ b/test/admin.test.js @@ -0,0 +1,89 @@ +const testing = require('./test.init.js'); +const request = require('supertest-as-promised'); + +const config = require('nconf'); + +const app = require('app.js'); +const DB = require('db.js'); +const BrewData = require('brew.data.js'); +const Error = require('error.js'); + + +let brewA = { + title : 'good title', + text : 'original text', + authors : ['your_dm'] +}; + +describe('Admin API', ()=>{ + before('Connect DB', DB.connect); + + + describe('Brew Lookup', ()=>{ + before('Clear DB', BrewData.removeAll); + before('Create brew', ()=>{ + return BrewData.create(brewA) + .then((brew)=>{ brewA = brew; }); + }); + + + it('throws an error if not admin', ()=>{ + return request(app) + .get(`/admin/lookup/${brewA.editId}`) + .expect(401); + }); + it('looks up a brew based on the share id', () => { + return request(app) + .get(`/admin/lookup/${brewA.shareId}`) + .query({ admin_key : config.get('admin:key') }) + .expect(200) + .then((res) => { + const brew = res.body; + brew.should.have.property('editId').equal(brewA.editId); + brew.should.have.property('shareId').equal(brewA.shareId); + brew.should.have.property('text').equal(brewA.text); + }); + }); + it('looks up a brew based on the edit id', () => { + return request(app) + .get(`/admin/lookup/${brewA.editId}`) + .query({ admin_key : config.get('admin:key') }) + .expect(200) + .then((res) => { + const brew = res.body; + brew.should.have.property('editId').equal(brewA.editId); + brew.should.have.property('shareId').equal(brewA.shareId); + brew.should.have.property('text').equal(brewA.text); + }); + }); + it('looks up a brew based on a partial id', () => { + const query = brewA.editId.substring(0, brewA.editId.length -2); + return request(app) + .get(`/admin/lookup/${query}`) + .query({ admin_key : config.get('admin:key') }) + .expect(200) + .then((res) => { + const brew = res.body; + brew.should.have.property('editId').equal(brewA.editId); + brew.should.have.property('shareId').equal(brewA.shareId); + brew.should.have.property('text').equal(brewA.text); + }); + }); + it('throws an error if it can not find a brew', ()=>{ + return request(app) + .get(`/admin/lookup/BADID`) + .query({ admin_key : config.get('admin:key') }) + .expect(404); + }); + }); + + describe('Invalid Brew', ()=>{ + before('Clear DB', BrewData.removeAll); + before('Create brew', ()=>{ + return BrewData.create(brewA) + .then((brew)=>{ brewA = brew; }); + }); + }); + + +}); \ No newline at end of file diff --git a/test/middleware.test.js b/test/middleware.test.js index c4fd820..44c822d 100644 --- a/test/middleware.test.js +++ b/test/middleware.test.js @@ -105,8 +105,8 @@ describe('Middleware', () => { it('should detect when you use the admin key', () => { app.use(mw.admin); app.use(requestHandler) - return request(app).get(`/?admin_key=${config.get('admin:key')}`) - .send() + return request(app).get('/') + .query({ admin_key : config.get('admin:key') }) .expect(200) .then((res) => { const req = res.body; @@ -118,7 +118,8 @@ describe('Middleware', () => { app.use(mw.adminOnly); app.get(requestHandler); app.use(Error.expressHandler); - return request(app).get(`/?admin_key=BADKEY`) + return request(app).get('/') + .query({ admin_key : 'BADUSER' }) .send() .expect(401); });