NodeBB/test/helpers/index.js

'use strict';

var request = require('request');
const requestAsync = require('request-promise-native');
var nconf = require('nconf');
var fs = require('fs');
var winston = require('winston');

var utils = require('../../public/src/utils');

var helpers = module.exports;

helpers.loginUser = function (username, password, callback) {
	var jar = request.jar();

	request({
		url: nconf.get('url') + '/api/config',
		json: true,
		jar: jar,
	}, function (err, res, body) {
		if (err || res.statusCode !== 200) {
			return callback(err || new Error('[[error:invalid-response]]'));
		}

		request.post(nconf.get('url') + '/login', {
			form: {
				username: username,
				password: password,
			},
			json: true,
			jar: jar,
			headers: {
				'x-csrf-token': body.csrf_token,
			},
		}, function (err, res) {
			if (err || res.statusCode !== 200) {
				return callback(err || new Error('[[error:invalid-response]]'));
			}
			callback(null, jar, body.csrf_token);
		});
	});
};


helpers.logoutUser = function (jar, callback) {
	request({
		url: nconf.get('url') + '/api/config',
		json: true,
		jar: jar,
	}, function (err, response, body) {
		if (err) {
			return callback(err, response, body);
		}

		request.post(nconf.get('url') + '/logout', {
			form: {},
			json: true,
			jar: jar,
			headers: {
				'x-csrf-token': body.csrf_token,
			},
		}, function (err, response, body) {
			callback(err, response, body);
		});
	});
};

helpers.connectSocketIO = function (res, callback) {
	var io = require('socket.io-client');
	let cookies = res.headers['set-cookie'];
	cookies = cookies.filter(c => /express.sid=[^;]+;/.test(c));
	const cookie = cookies[0];
	var socket = io(nconf.get('base_url'), {
		path: nconf.get('relative_path') + '/socket.io',
		extraHeaders: {
			Origin: nconf.get('url'),
			Cookie: cookie,
		},
	});

	socket.on('connect', function () {
		callback(null, socket);
	});

	socket.on('error', function (err) {
		callback(err);
	});
};

helpers.uploadFile = function (uploadEndPoint, filePath, body, jar, csrf_token, callback) {
	var formData = {
		files: [
			fs.createReadStream(filePath),
			fs.createReadStream(filePath), // see https://github.com/request/request/issues/2445
		],
	};
	formData = utils.merge(formData, body);
	request.post({
		url: uploadEndPoint,
		formData: formData,
		json: true,
		jar: jar,
		headers: {
			'x-csrf-token': csrf_token,
		},
	}, function (err, res, body) {
		if (err) {
			return callback(err);
		}
		if (res.statusCode !== 200) {
			winston.error(JSON.stringify(body));
		}
		callback(null, res, body);
	});
};

helpers.registerUser = function (data, callback) {
	var jar = request.jar();
	request({
		url: nconf.get('url') + '/api/config',
		json: true,
		jar: jar,
	}, function (err, response, body) {
		if (err) {
			return callback(err);
		}

		request.post(nconf.get('url') + '/register', {
			form: data,
			json: true,
			jar: jar,
			headers: {
				'x-csrf-token': body.csrf_token,
			},
		}, function (err, response, body) {
			callback(err, jar, response, body);
		});
	});
};

// http://stackoverflow.com/a/14387791/583363
helpers.copyFile = function (source, target, callback) {
	var cbCalled = false;

	var rd = fs.createReadStream(source);
	rd.on('error', function (err) {
		done(err);
	});
	var wr = fs.createWriteStream(target);
	wr.on('error', function (err) {
		done(err);
	});
	wr.on('close', function () {
		done();
	});
	rd.pipe(wr);

	function done(err) {
		if (!cbCalled) {
			callback(err);
			cbCalled = true;
		}
	}
};

helpers.invite = async function (body, uid, jar, csrf_token) {
	const res = await requestAsync.post(`${nconf.get('url')}/api/v3/users/${uid}/invites`, {
		jar: jar,
		// using "form" since client "api" module make requests with "application/x-www-form-urlencoded" content-type
		form: body,
		headers: {
			'x-csrf-token': csrf_token,
		},
		simple: false,
		resolveWithFullResponse: true,
	});

	res.body = JSON.parse(res.body);
	return { res, body };
};

require('../../src/promisify')(helpers);
chat controller test 2016-10-25 17:56:32 +03:00			`'use strict';`

			`var request = require('request');`
feat: invites regardless of registration type, invite privilege, groups to join on acceptance (#8786) * feat: allow invites in normal registration mode + invite privilege * feat: select groups to join from an invite * test: check if groups from invitations have been joined * fix: remove unused variable * feat: write API versions of socket calls * docs: openapi specs for the new routes * test: iron out mongo redis difference * refactor: move inviteGroups endpoint into write API * refactor: use GET /api/v3/users/:uid/invites/groups Instead of GET /api/v3/users/:uid/inviteGroups * fix: no need for /api/v3 prefix when using api module * fix: tests * refactor: change POST /api/v3/users/invite To POST /api/v3/users/:uid/invites * refactor: make helpers.invite awaitable * fix: restrict invite API to self-use only * fix: move invite groups controller to write api, +tests * fix: tests Co-authored-by: Julian Lam <julian@nodebb.org> 2020-11-16 22:47:23 +03:00			`const requestAsync = require('request-promise-native');`
chat controller test 2016-10-25 17:56:32 +03:00			`var nconf = require('nconf');`
some upload tests 2016-11-01 17:33:19 +03:00			`var fs = require('fs');`
more tests 2017-05-12 17:53:23 -04:00			`var winston = require('winston');`
chat controller test 2016-10-25 17:56:32 +03:00
some upload tests 2016-11-01 17:33:19 +03:00			`var utils = require('../../public/src/utils');`
fix wrong error returns, more tests 2016-10-26 16:38:42 +03:00
chat controller test 2016-10-25 17:56:32 +03:00			`var helpers = module.exports;`

			`helpers.loginUser = function (username, password, callback) {`
			`var jar = request.jar();`
closes #5642 2017-05-27 23:32:55 -04:00
chat controller test 2016-10-25 17:56:32 +03:00			`request({`
			`url: nconf.get('url') + '/api/config',`
			`json: true,`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`jar: jar,`
fix wrong error returns, more tests 2016-10-26 16:38:42 +03:00			`}, function (err, res, body) {`
			`if (err \|\| res.statusCode !== 200) {`
chat controller test 2016-10-25 17:56:32 +03:00			`return callback(err \|\| new Error('[[error:invalid-response]]'));`
			`}`

			`request.post(nconf.get('url') + '/login', {`
			`form: {`
			`username: username,`
			`password: password,`
			`},`
			`json: true,`
			`jar: jar,`
			`headers: {`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`'x-csrf-token': body.csrf_token,`
			`},`
fix wrong error returns, more tests 2016-10-26 16:38:42 +03:00			`}, function (err, res) {`
			`if (err \|\| res.statusCode !== 200) {`
chat controller test 2016-10-25 17:56:32 +03:00			`return callback(err \|\| new Error('[[error:invalid-response]]'));`
			`}`
reduce usage of io.emit in tests 2017-06-02 16:51:36 -04:00			`callback(null, jar, body.csrf_token);`
fix wrong error returns, more tests 2016-10-26 16:38:42 +03:00			`});`
			`});`
			`};`

closes #5642 2017-05-27 23:32:55 -04:00
			`helpers.logoutUser = function (jar, callback) {`
			`request({`
			`url: nconf.get('url') + '/api/config',`
			`json: true,`
			`jar: jar,`
			`}, function (err, response, body) {`
			`if (err) {`
			`return callback(err, response, body);`
			`}`

			`request.post(nconf.get('url') + '/logout', {`
			`form: {},`
			`json: true,`
			`jar: jar,`
			`headers: {`
			`'x-csrf-token': body.csrf_token,`
			`},`
			`}, function (err, response, body) {`
			`callback(err, response, body);`
			`});`
			`});`
			`};`

fix tests for subfolder installs 2017-02-25 16:04:04 +03:00			`helpers.connectSocketIO = function (res, callback) {`
testing new socket.io-client extraHeaders (#5985) * testing new socket.io-client extraHeaders * change mongodb installation 2017-10-13 13:57:30 -04:00			`var io = require('socket.io-client');`
fix: #8142, broken site if no server-side session (#8148) * fix: #8142, broken site if no server-side session During the `addHeader` middleware, a check is now done to see if `req.session.meta` is present. This value is only present if the user has a valid server-side session. If it is missing, then it is probably safe to assume that the server-side session was deleted (either intentionally or accidentally). In that scenario, the client-side cookie should be cleared. Also, there was an issue where the sessionRefresh flag was never cleared after a successful login, so that was fixed too. * feat: exported method to get cookie config * fix: don't clear cookie if cookie is being set * fix: socket.io tests Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com> 2020-02-06 15:52:37 -05:00			`let cookies = res.headers['set-cookie'];`
			`cookies = cookies.filter(c => /express.sid=[^;]+;/.test(c));`
			`const cookie = cookies[0];`
testing new socket.io-client extraHeaders (#5985) * testing new socket.io-client extraHeaders * change mongodb installation 2017-10-13 13:57:30 -04:00			`var socket = io(nconf.get('base_url'), {`
fix tests for subfolder installs 2017-02-25 16:04:04 +03:00			`path: nconf.get('relative_path') + '/socket.io',`
testing new socket.io-client extraHeaders (#5985) * testing new socket.io-client extraHeaders * change mongodb installation 2017-10-13 13:57:30 -04:00			`extraHeaders: {`
			`Origin: nconf.get('url'),`
			`Cookie: cookie,`
			`},`
fix tests for subfolder installs 2017-02-25 16:04:04 +03:00			`});`
testing new socket.io-client extraHeaders (#5985) * testing new socket.io-client extraHeaders * change mongodb installation 2017-10-13 13:57:30 -04:00
			`socket.on('connect', function () {`
			`callback(null, socket);`
fix tests for subfolder installs 2017-02-25 16:04:04 +03:00			`});`

testing new socket.io-client extraHeaders (#5985) * testing new socket.io-client extraHeaders * change mongodb installation 2017-10-13 13:57:30 -04:00			`socket.on('error', function (err) {`
fix tests for subfolder installs 2017-02-25 16:04:04 +03:00			`callback(err);`
			`});`
			`};`

some upload tests 2016-11-01 17:33:19 +03:00			`helpers.uploadFile = function (uploadEndPoint, filePath, body, jar, csrf_token, callback) {`
			`var formData = {`
			`files: [`
			`fs.createReadStream(filePath),`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`fs.createReadStream(filePath), // see https://github.com/request/request/issues/2445`
			`],`
some upload tests 2016-11-01 17:33:19 +03:00			`};`
			`formData = utils.merge(formData, body);`
			`request.post({`
			`url: uploadEndPoint,`
			`formData: formData,`
			`json: true,`
			`jar: jar,`
			`headers: {`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`'x-csrf-token': csrf_token,`
			`},`
some upload tests 2016-11-01 17:33:19 +03:00			`}, function (err, res, body) {`
			`if (err) {`
			`return callback(err);`
			`}`
show output if upload fails 2017-05-10 22:05:23 -04:00			`if (res.statusCode !== 200) {`
fix: vulnerability in cover and admin uploads (#8419) * fix: vulnerability in cover and admin uploads * fix: remove old test * fix: update tests 2020-06-22 12:08:35 -04:00			`winston.error(JSON.stringify(body));`
show output if upload fails 2017-05-10 22:05:23 -04:00			`}`
			`callback(null, res, body);`
some upload tests 2016-11-01 17:33:19 +03:00			`});`
more tests group cover upload tests registration approval queue tests 2016-12-02 14:05:54 +03:00			`};`

			`helpers.registerUser = function (data, callback) {`
			`var jar = request.jar();`
			`request({`
			`url: nconf.get('url') + '/api/config',`
			`json: true,`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`jar: jar,`
more tests group cover upload tests registration approval queue tests 2016-12-02 14:05:54 +03:00			`}, function (err, response, body) {`
			`if (err) {`
			`return callback(err);`
			`}`

			`request.post(nconf.get('url') + '/register', {`
			`form: data,`
			`json: true,`
			`jar: jar,`
			`headers: {`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`'x-csrf-token': body.csrf_token,`
			`},`
closes #5907 2017-09-01 18:40:34 -04:00			`}, function (err, response, body) {`
			`callback(err, jar, response, body);`
more tests group cover upload tests registration approval queue tests 2016-12-02 14:05:54 +03:00			`});`
			`});`
			`};`

ESlint spaced-comment 2017-02-18 01:25:46 -07:00			`// http://stackoverflow.com/a/14387791/583363`
more tests group cover upload tests registration approval queue tests 2016-12-02 14:05:54 +03:00			`helpers.copyFile = function (source, target, callback) {`
			`var cbCalled = false;`

			`var rd = fs.createReadStream(source);`
ESlint quotes 2017-02-18 01:56:23 -07:00			`rd.on('error', function (err) {`
more tests group cover upload tests registration approval queue tests 2016-12-02 14:05:54 +03:00			`done(err);`
			`});`
			`var wr = fs.createWriteStream(target);`
ESlint quotes 2017-02-18 01:56:23 -07:00			`wr.on('error', function (err) {`
more tests group cover upload tests registration approval queue tests 2016-12-02 14:05:54 +03:00			`done(err);`
			`});`
ESlint quotes 2017-02-18 01:56:23 -07:00			`wr.on('close', function () {`
more tests group cover upload tests registration approval queue tests 2016-12-02 14:05:54 +03:00			`done();`
			`});`
			`rd.pipe(wr);`

			`function done(err) {`
			`if (!cbCalled) {`
			`callback(err);`
			`cbCalled = true;`
			`}`
			`}`
ESlint eol-last 2017-02-18 02:30:48 -07:00			`};`
fix: #7912 2019-09-20 11:44:49 -04:00
feat: invites regardless of registration type, invite privilege, groups to join on acceptance (#8786) * feat: allow invites in normal registration mode + invite privilege * feat: select groups to join from an invite * test: check if groups from invitations have been joined * fix: remove unused variable * feat: write API versions of socket calls * docs: openapi specs for the new routes * test: iron out mongo redis difference * refactor: move inviteGroups endpoint into write API * refactor: use GET /api/v3/users/:uid/invites/groups Instead of GET /api/v3/users/:uid/inviteGroups * fix: no need for /api/v3 prefix when using api module * fix: tests * refactor: change POST /api/v3/users/invite To POST /api/v3/users/:uid/invites * refactor: make helpers.invite awaitable * fix: restrict invite API to self-use only * fix: move invite groups controller to write api, +tests * fix: tests Co-authored-by: Julian Lam <julian@nodebb.org> 2020-11-16 22:47:23 +03:00			`helpers.invite = async function (body, uid, jar, csrf_token) {`
			const res = await requestAsync.post(`${nconf.get('url')}/api/v3/users/${uid}/invites`, {
			`jar: jar,`
			`// using "form" since client "api" module make requests with "application/x-www-form-urlencoded" content-type`
			`form: body,`
			`headers: {`
			`'x-csrf-token': csrf_token,`
			`},`
			`simple: false,`
			`resolveWithFullResponse: true,`
			`});`

			`res.body = JSON.parse(res.body);`
			`return { res, body };`
			`};`

fix: #7912 2019-09-20 11:44:49 -04:00			`require('../../src/promisify')(helpers);`