OpenSourceArk/Ghost
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
52b6668955
Ghost/ghost/admin/tests/acceptance/authentication-test.js

197 lines
6.6 KiB
JavaScript
Raw Normal View History

Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
/* jshint expr:true */
import {
describe,
it,
beforeEach,
afterEach
} from 'mocha';
Update code to match eslint rules no issue - switch `jscs` and `jshint` inline config to `eslint` config - fix eslint errors, predominantly in tests where the config now the main app config more closely
2016-11-14 16:16:51 +03:00
import {expect} from 'chai';
convert ember imports to ember-cli-shim imports where possible (#95)
2016-06-30 13:21:47 +03:00
import $ from 'jquery';
import run from 'ember-runloop';
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
import startApp from '../helpers/start-app';
deps: ember-cli@1.13.13
2015-11-30 20:21:39 +03:00
import destroyApp from '../helpers/destroy-app';
Update code to match eslint rules no issue - switch `jscs` and `jshint` inline config to `eslint` config - fix eslint errors, predominantly in tests where the config now the main app config more closely
2016-11-14 16:16:51 +03:00
import {authenticateSession, invalidateSession} from 'ghost-admin/tests/helpers/ember-simple-auth';
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
import Mirage from 'ember-cli-mirage';
Update package.json details, rename module to `ghost-admin` no issue - updates `package.json` details to better reflect the separation from the `Ghost` package - update ember config and all import statements to reflect the new `ghost-admin` module name in `package.json`
2016-05-24 15:06:59 +03:00
import windowProxy from 'ghost-admin/utils/window-proxy';
import ghostPaths from 'ghost-admin/utils/ghost-paths';
Fix 401 error when uploading images closes #6377 - restores ajax prefilter initializer that was removed in #6243 - adds regression test for standard `$.ajax` requests sending Authorization header This can be removed once we no longer have jquery plugins that make internal ajax calls that don't go through ember-ajax.
2016-01-25 14:11:29 +03:00
const Ghost = ghostPaths();
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
describe('Acceptance: Authentication', function () {
let application,
originalReplaceLocation;
beforeEach(function () {
application = startApp();
});
afterEach(function () {
deps: ember-cli@1.13.13
2015-11-30 20:21:39 +03:00
destroyApp(application);
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
});
describe('general page', function () {
beforeEach(function () {
originalReplaceLocation = windowProxy.replaceLocation;
windowProxy.replaceLocation = function (url) {
visit(url);
};
server.loadFixtures();
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 14:36:45 +03:00
let role = server.create('role', {name: 'Administrator'});
Update code to match eslint rules no issue - switch `jscs` and `jshint` inline config to `eslint` config - fix eslint errors, predominantly in tests where the config now the main app config more closely
2016-11-14 16:16:51 +03:00
server.create('user', {roles: [role], slug: 'test-user'});
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
});
afterEach(function () {
windowProxy.replaceLocation = originalReplaceLocation;
});
it('invalidates session on 401 API response', function () {
don't show the nav menu when on a 404 route and not signed in no issue - fixes problem when the nav menu would be shown on an error404 route when the user is not logged in - adds failing test that passes with this change
2016-05-14 04:02:55 +03:00
// return a 401 when attempting to retrieve users
Update code to match eslint rules no issue - switch `jscs` and `jshint` inline config to `eslint` config - fix eslint errors, predominantly in tests where the config now the main app config more closely
2016-11-14 16:16:51 +03:00
server.get('/users/', () => {
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
return new Mirage.Response(401, {}, {
errors: [
{message: 'Access denied.', errorType: 'UnauthorizedError'}
]
});
});
authenticateSession(application);
visit('/team');
andThen(() => {
expect(currentURL(), 'url after 401').to.equal('/signin');
});
});
don't show the nav menu when on a 404 route and not signed in no issue - fixes problem when the nav menu would be shown on an error404 route when the user is not logged in - adds failing test that passes with this change
2016-05-14 04:02:55 +03:00
it('doesn\'t show navigation menu on invalid url when not authenticated', function () {
invalidateSession(application);
visit('/');
andThen(() => {
expect(currentURL(), 'current url').to.equal('/signin');
expect(find('nav.gh-nav').length, 'nav menu presence').to.equal(0);
});
visit('/signin/invalidurl/');
andThen(() => {
expect(currentURL(), 'url after invalid url').to.equal('/signin/invalidurl/');
expect(currentPath(), 'path after invalid url').to.equal('error404');
expect(find('nav.gh-nav').length, 'nav menu presence').to.equal(0);
});
});
it('shows nav menu on invalid url when authenticated', function () {
authenticateSession(application);
visit('/signin/invalidurl/');
andThen(() => {
expect(currentURL(), 'url after invalid url').to.equal('/signin/invalidurl/');
expect(currentPath(), 'path after invalid url').to.equal('error404');
expect(find('nav.gh-nav').length, 'nav menu presence').to.equal(1);
});
});
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
});
Mobile-Doc based editor (#291) refs TryGhost/Ghost#7429, requires TryGhost/Ghost#7437 Added Ghost-Editor (based on mobiled doc). ------------------- - Added mobiledoc editor - Fixed problems with workflow and auto saves - Integrated basic toolbar - Removed all editor related tests, everything bar the most basic acceptance tests will be in the ghost-editor repository. - Commented out tests which relied on Ember Helpers that are not compatable with mobile-doc, workarounds are inbound shortly. This is the first integration of ghost-editor. It's styled enough to work, however it is not anywhere approaching something that looks remotely like what the finished thing will be. Early ALPHA, development build. Tread cautiously.
2016-09-26 16:04:20 +03:00
describe.skip('editor', function () {
deps: grunt-jscs,ember-suave@3.0.0 replaces #41, #60 - update ember-suave and grunt-jscs to 3.0 - standardize Ember global de-structuring rules across app & tests
2016-06-11 19:52:36 +03:00
let origDebounce = run.debounce;
let origThrottle = run.throttle;
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
// we don't want the autosave interfering in this test
beforeEach(function () {
deps: grunt-jscs,ember-suave@3.0.0 replaces #41, #60 - update ember-suave and grunt-jscs to 3.0 - standardize Ember global de-structuring rules across app & tests
2016-06-11 19:52:36 +03:00
run.debounce = function () { };
run.throttle = function () { };
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
});
it('displays re-auth modal attempting to save with invalid session', function () {
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 14:36:45 +03:00
let role = server.create('role', {name: 'Administrator'});
Update code to match eslint rules no issue - switch `jscs` and `jshint` inline config to `eslint` config - fix eslint errors, predominantly in tests where the config now the main app config more closely
2016-11-14 16:16:51 +03:00
server.create('user', {roles: [role]});
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
// simulate an invalid session when saving the edited post
server.put('/posts/:id/', (db, request) => {
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 14:36:45 +03:00
let post = db.posts.find(request.params.id);
let [attrs] = JSON.parse(request.requestBody).posts;
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
if (attrs.markdown === 'Edited post body') {
return new Mirage.Response(401, {}, {
errors: [
{message: 'Access denied.', errorType: 'UnauthorizedError'}
]
});
} else {
return {
posts: [post]
};
}
});
server.loadFixtures();
authenticateSession(application);
visit('/editor');
// create the post
fillIn('#entry-title', 'Test Post');
Mobile-Doc based editor (#291) refs TryGhost/Ghost#7429, requires TryGhost/Ghost#7437 Added Ghost-Editor (based on mobiled doc). ------------------- - Added mobiledoc editor - Fixed problems with workflow and auto saves - Integrated basic toolbar - Removed all editor related tests, everything bar the most basic acceptance tests will be in the ghost-editor repository. - Commented out tests which relied on Ember Helpers that are not compatable with mobile-doc, workarounds are inbound shortly. This is the first integration of ghost-editor. It's styled enough to work, however it is not anywhere approaching something that looks remotely like what the finished thing will be. Early ALPHA, development build. Tread cautiously.
2016-09-26 16:04:20 +03:00
fillIn('.__mobiledoc-editor', 'Test post body');
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
click('.js-publish-button');
andThen(() => {
// we shouldn't have a modal at this point
expect(find('.modal-container #login').length, 'modal exists').to.equal(0);
// we also shouldn't have any alerts
expect(find('.gh-alert').length, 'no of alerts').to.equal(0);
});
// update the post
Mobile-Doc based editor (#291) refs TryGhost/Ghost#7429, requires TryGhost/Ghost#7437 Added Ghost-Editor (based on mobiled doc). ------------------- - Added mobiledoc editor - Fixed problems with workflow and auto saves - Integrated basic toolbar - Removed all editor related tests, everything bar the most basic acceptance tests will be in the ghost-editor repository. - Commented out tests which relied on Ember Helpers that are not compatable with mobile-doc, workarounds are inbound shortly. This is the first integration of ghost-editor. It's styled enough to work, however it is not anywhere approaching something that looks remotely like what the finished thing will be. Early ALPHA, development build. Tread cautiously.
2016-09-26 16:04:20 +03:00
fillIn('.__mobiledoc-editor', 'Edited post body');
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
click('.js-publish-button');
andThen(() => {
// we should see a re-auth modal
Refactor modals refs #5798, closes #5018 - adds new `gh-fullscreen-modal` component - modals are now specified in-context so that they can have deeper interaction with their surrounding components/controller/route, i.e. a modal component can be a thin confirm/deny wrapper over the underlying controller action keeping all context-sensitive logic in one place - adds spin-buttons to all modals with async behaviour - adds/improves behaviour of inline-validation in modals - improves re-authenticate modal to properly handle validation and authentication errors
2015-11-18 13:50:48 +03:00
expect(find('.fullscreen-modal #login').length, 'modal exists').to.equal(1);
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
});
});
// don't clobber debounce/throttle for future tests
afterEach(function () {
deps: grunt-jscs,ember-suave@3.0.0 replaces #41, #60 - update ember-suave and grunt-jscs to 3.0 - standardize Ember global de-structuring rules across app & tests
2016-06-11 19:52:36 +03:00
run.debounce = origDebounce;
run.throttle = origThrottle;
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
});
});
Fix 401 error when uploading images closes #6377 - restores ajax prefilter initializer that was removed in #6243 - adds regression test for standard `$.ajax` requests sending Authorization header This can be removed once we no longer have jquery plugins that make internal ajax calls that don't go through ember-ajax.
2016-01-25 14:11:29 +03:00
it('adds auth headers to jquery ajax', function (done) {
let role = server.create('role', {name: 'Administrator'});
Update code to match eslint rules no issue - switch `jscs` and `jshint` inline config to `eslint` config - fix eslint errors, predominantly in tests where the config now the main app config more closely
2016-11-14 16:16:51 +03:00
server.create('user', {roles: [role]});
Fix 401 error when uploading images closes #6377 - restores ajax prefilter initializer that was removed in #6243 - adds regression test for standard `$.ajax` requests sending Authorization header This can be removed once we no longer have jquery plugins that make internal ajax calls that don't go through ember-ajax.
2016-01-25 14:11:29 +03:00
server.post('/uploads', (db, request) => {
return request;
});
server.loadFixtures();
Update code to match eslint rules no issue - switch `jscs` and `jshint` inline config to `eslint` config - fix eslint errors, predominantly in tests where the config now the main app config more closely
2016-11-14 16:16:51 +03:00
/* eslint-disable camelcase */
Fix 401 error when uploading images closes #6377 - restores ajax prefilter initializer that was removed in #6243 - adds regression test for standard `$.ajax` requests sending Authorization header This can be removed once we no longer have jquery plugins that make internal ajax calls that don't go through ember-ajax.
2016-01-25 14:11:29 +03:00
authenticateSession(application, {
access_token: 'test_token',
expires_in: 3600,
token_type: 'Bearer'
});
Update code to match eslint rules no issue - switch `jscs` and `jshint` inline config to `eslint` config - fix eslint errors, predominantly in tests where the config now the main app config more closely
2016-11-14 16:16:51 +03:00
/* eslint-enable camelcase */
Fix 401 error when uploading images closes #6377 - restores ajax prefilter initializer that was removed in #6243 - adds regression test for standard `$.ajax` requests sending Authorization header This can be removed once we no longer have jquery plugins that make internal ajax calls that don't go through ember-ajax.
2016-01-25 14:11:29 +03:00
// necessary to visit a page to fully boot the app in testing
visit('/').andThen(() => {
$.ajax({
type: 'POST',
url: `${Ghost.apiRoot}/uploads/`,
data: {test: 'Test'}
}).then((request) => {
expect(request.requestHeaders.Authorization, 'Authorization header')
.to.exist;
expect(request.requestHeaders.Authorization, 'Authotization header content')
.to.equal('Bearer test_token');
}).always(() => {
done();
});
});
});
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 18:20:11 +03:00
});
Reference in New Issue Copy Permalink