improve black-box testing

Author: hirsch88

package.json

@@ -56,6 +56,7 @@
     "@types/faker": "^4.1.0",
     "@types/helmet": "0.0.35",
     "@types/jest": "^19.2.3",
+    "@types/jsonwebtoken": "^7.2.0",
     "@types/knex": "0.0.50",
     "@types/lodash": "^4.14.64",
     "@types/morgan": "^1.7.32",
@@ -87,6 +88,7 @@
     "inversify": "^4.1.0",
     "inversify-express-utils": "^3.5.1",
     "jest": "^20.0.3",
+    "jsonwebtoken": "^7.4.1",
     "knex": "^0.12.0",
     "lodash": "^4.17.4",
     "morgan": "^1.7.0",

src/api/models/User.ts

@@ -1,4 +1,4 @@
-import { Bookshelf } from '../../core/Bookshelf';
+import { Bookshelf } from '../../core/Database';
 import { Tables } from '../../constants/Tables';
 
 /**

src/api/requests/UserCreateRequest.ts

@@ -22,5 +22,10 @@ export class UserCreateRequest extends RequestBody {
     @IsEmail()
     email: string;
 
+    picture: string;
+
+    @IsNotEmpty()
+    auth0UserId: string;
+
 }
 

src/api/requests/UserUpdateRequest.ts

@@ -25,6 +25,11 @@ export class UserUpdateRequest extends RequestBody {
     @IsEmail()
     email: string;
 
+    picture: string;
+
+    @IsNotEmpty()
+    auth0UserId: string;
+
     setFirstName(value: string): void {
         this.update('firstName', value);
     }

src/core/Bookshelf.ts

@@ -1,15 +1,16 @@
 import * as knex from 'knex';
+import * as bookshelf from 'bookshelf';
 import { Environment } from './Environment';
 
 
-export const Knex: knex = knex({
+export const Knex = (): knex => knex({
     client: Environment.get<string>('DB_CLIENT'),
     connection: Environment.get<string>('DB_CONNECTION'),
     pool: {
         min: Environment.get<number>('DB_POOL_MIN'),
         max: Environment.get<number>('DB_POOL_MAX')
     }
-    // migrations: {
-    //     tableName: Environment.get<string>('DB_MIGRATION_TABLE')
-    // }
 });
+
+export const Bookshelf: bookshelf = bookshelf(<any>Knex());
+Bookshelf.plugin(['bookshelf-camelcase']);

src/core/Knex.ts src/core/Database.tssrc/core/Knex.ts renamed to src/core/Database.ts

@@ -5,6 +5,7 @@ import { ApiResponeTest } from './ApiResponeTest';
 
 
 export interface ApiOptions<T> {
+    token?: string;
     body?: T;
     headers?: any;
 }
@@ -20,6 +21,11 @@ export const api = async <T>(method: string, path: string, options: ApiOptions<T
         body: options.body
     };
 
+    if (options.token) {
+        o.headers = {};
+        o.headers['authorization'] = `Bearer ${options.token}`;
+    }
+
     let res = undefined;
     let error = null;
     try {

test/black-box/lib/api.ts

@@ -0,0 +1,29 @@
+import * as jwt from 'jsonwebtoken';
+import { Knex } from '../../../src/core/Database';
+import { Tables } from '../../../src/constants/Tables';
+
+
+export const USER = {
+    firstName: 'Bruce',
+    lastName: 'Wayne',
+    email: 'bw@enterprice.com',
+    auth0UserId: 'batman'
+};
+
+export const createAdminUser = async () => {
+    const knex = Knex();
+    const user = await knex(Tables.Users).insert({
+        first_name: USER.firstName,
+        last_name: USER.lastName,
+        email: USER.email,
+        auth_0_user_id: USER.auth0UserId
+    });
+    await knex.destroy();
+    return user;
+};
+
+export const getToken = (auth0UserId?: string) => {
+    return jwt.sign({
+        user_id: `auth0|${auth0UserId || USER.auth0UserId}`
+    }, 'auth0-mock');
+};

test/black-box/lib/auth.ts

@@ -1,38 +1,40 @@
 import { api } from './lib/api';
 import { DatabaseResetCommand } from '../../src/console/DatabaseResetCommand';
+import { createAdminUser, getToken } from './lib/auth';
 
-let createdId;
-const userKeys = ['id', 'firstName', 'lastName', 'email', 'updatedAt', 'createdAt'];
 
-const testUser = {
-    firstName: 'Hans',
-    lastName: 'Muster',
-    email: 'hans@muster.ch'
-};
+describe('User', () => {
 
-const testUserUpdated = {
-    firstName: 'Horst',
-    lastName: 'Maier',
-    email: 'horst@maier.ch'
-};
+    const userKeys = ['id', 'firstName', 'lastName', 'email', 'picture', 'auth0UserId', 'updatedAt', 'createdAt'];
 
+    const testUser = {
+        firstName: 'Hans',
+        lastName: 'Muster',
+        email: 'hans@muster.ch',
+        auth0UserId: '1234'
+    };
 
-describe('User', () => {
+    const testUserUpdated = {
+        firstName: 'Horst',
+        lastName: 'Maier',
+        email: 'horst@maier.ch'
+    };
 
+    let token;
+    let auth;
+    let createdId;
     beforeAll(async () => {
         await DatabaseResetCommand.run();
-    });
-
-    test('GET       /v1/user        Should return a empty list', async () => {
-        const res = await api('GET', '/api/v1/user');
-        res.expectJson();
-        res.expectStatusCode(200);
-        const data = res.getData<any[]>();
-        expect(data.length).toBe(0);
+        await createAdminUser();
+        token = getToken();
+        auth = {
+            token: token
+        };
     });
 
     test('POST      /v1/user        Should create a new user', async () => {
         const res = await api('POST', '/api/v1/user', {
+            token: token,
             body: testUser
         });
         res.expectJson();
@@ -43,28 +45,29 @@ describe('User', () => {
 
     test('POST      /v1/user        Should fail because we want to create a empty user', async () => {
         const res = await api('POST', '/api/v1/user', {
+            token: token,
             body: {}
         });
         res.expectJson();
         res.expectStatusCode(400);
     });
 
     test('GET       /v1/user        Should list of users with our new create one', async () => {
-        const res = await api('GET', '/api/v1/user');
+        const res = await api('GET', '/api/v1/user', auth);
         res.expectJson();
         res.expectStatusCode(200);
         res.expectData(userKeys);
         const data = res.getData<any[]>();
-        expect(data.length).toBe(1);
+        expect(data.length).toBe(2);
 
-        const user = data[0];
+        const user = data[1];
         expect(user.firstName).toBe(testUser.firstName);
         expect(user.lastName).toBe(testUser.lastName);
         expect(user.email).toBe(testUser.email);
     });
 
     test('GET       /v1/user/:id    Should return one user', async () => {
-        const res = await api('GET', `/api/v1/user/${createdId}`);
+        const res = await api('GET', `/api/v1/user/${createdId}`, auth);
         res.expectJson();
         res.expectStatusCode(200);
         res.expectData(userKeys);
@@ -77,6 +80,7 @@ describe('User', () => {
 
     test('PUT       /v1/user/:id    Should update the user', async () => {
         const res = await api('PUT', `/api/v1/user/${createdId}`, {
+            token: token,
             body: testUserUpdated
         });
         res.expectJson();
@@ -91,6 +95,7 @@ describe('User', () => {
 
     test('PUT       /v1/user/:id    Should fail because we want to update the user with a invalid email', async () => {
         const res = await api('PUT', `/api/v1/user/${createdId}`, {
+            token: token,
             body: {
                 email: 'abc'
             }
@@ -100,27 +105,27 @@ describe('User', () => {
     });
 
     test('DELETE    /v1/user/:id    Should delete the user', async () => {
-        const res = await api('DELETE', `/api/v1/user/${createdId}`);
+        const res = await api('DELETE', `/api/v1/user/${createdId}`, auth);
         res.expectStatusCode(204);
     });
 
     /**
      * 404 - NotFound Testing
      */
     test('GET       /v1/user/:id    Should return with a 404, because we just deleted the user', async () => {
-        const res = await api('GET', `/api/v1/user/${createdId}`);
+        const res = await api('GET', `/api/v1/user/${createdId}`, auth);
         res.expectJson();
         res.expectStatusCode(404);
     });
 
     test('DELETE    /v1/user/:id    Should return with a 404, because we just deleted the user', async () => {
-        const res = await api('DELETE', `/api/v1/user/${createdId}`);
+        const res = await api('DELETE', `/api/v1/user/${createdId}`, auth);
         res.expectJson();
         res.expectStatusCode(404);
     });
 
     test('PUT       /v1/user/:id    Should return with a 404, because we just deleted the user', async () => {
-        const res = await api('PUT', `/api/v1/user/${createdId}`);
+        const res = await api('PUT', `/api/v1/user/${createdId}`, auth);
         res.expectJson();
         res.expectStatusCode(404);
     });