houdini/spec/lib/query/query_source_token_spec.rb
2020-06-15 10:26:57 -05:00

119 lines
4.4 KiB
Ruby

# frozen_string_literal: true
# License: AGPL-3.0-or-later WITH WTO-AP-3.0-or-later
# Full license explanation at https://github.com/houdiniproject/houdini/blob/master/LICENSE
require 'rails_helper'
describe QuerySourceToken do
describe '.get_and_increment_source_token' do
let(:our_uuid) { '7ab66a26-05e5-11e8-b4ef-8f19083c3cc7' } # random uuid I generated
let(:not_our_uuid) { 'a96e3c2c-05e5-11e8-80cc-177b86bb74cd' } # ditto
let(:fake_uuid) { '15c13da0-05e8-11e8-9cc0-e7ccb95e5f1f' } # ditto
let(:expired_uuid) { '061124ca-05f1-11e8-8730-57558ad1064d' }
let(:overused_uuid) { '0ac67006-05f1-11e8-902c-035df51dbc79' }
let(:nonprofit) { force_create(:nm_justice) }
let(:event) { force_create(:event, nonprofit: nonprofit) }
let(:user) do
u = force_create(:user)
force_create(:role, name: :nonprofit_admin, host: nonprofit, user: u)
u
end
let(:other_user) { force_create(:user) }
let(:our_source_token) { force_create(:source_token, token: our_uuid, total_uses: 0, expiration: Time.now + 1.day, max_uses: 1, event: event) }
let(:not_our_source_token) { force_create(:source_token, token: not_our_uuid, total_uses: 0, expiration: Time.now + 1.day, max_uses: 1) }
let(:expired_source_token) { force_create(:source_token, token: expired_uuid, total_uses: 0, expiration: Time.now - 1.day) }
let(:overused_source_token) { force_create(:source_token, token: overused_uuid, total_uses: 1, expiration: Time.now + 1.day, max_uses: 1) }
before(:each) do
our_source_token
not_our_source_token
expired_source_token
overused_source_token
end
around(:each) do |example|
Timecop.freeze(2020, 5, 4) do
example.run
end
end
describe 'param validation' do
it 'basic validation' do
expect { QuerySourceToken.get_and_increment_source_token(nil) }.to raise_error { |error|
expect(error).to be_a ParamValidation::ValidationError
expect_validation_errors(error.data, [
{ key: :token, name: :required },
{ key: :token, name: :format }
])
}
end
it 'raises if source_token cant be found' do
expect { QuerySourceToken.get_and_increment_source_token(fake_uuid) }.to raise_error { |error|
expect(error).to be_a ParamValidation::ValidationError
expect_validation_errors(error.data, [
{ key: :token }
])
expect(error.message).to eq "#{fake_uuid} doesn't represent a valid source"
}
end
it 'raises if token already used too much' do
expect { QuerySourceToken.get_and_increment_source_token(overused_uuid) }.to raise_error { |error|
expect(error).to be_a ExpiredTokenError
}
end
it 'raises if token expired' do
expect { QuerySourceToken.get_and_increment_source_token(expired_uuid) }.to raise_error { |error|
expect(error).to be_a ExpiredTokenError
}
end
it 'raises authentication error if event on it but user is nil' do
expect { QuerySourceToken.get_and_increment_source_token(our_uuid) }.to raise_error { |error|
expect(error).to be_a AuthenticationError
}
end
it 'raises authentication error if event on it but user is not with nonprofit' do
expect { QuerySourceToken.get_and_increment_source_token(our_uuid, other_user) }.to raise_error { |error|
expect(error).to be_a AuthenticationError
}
end
end
it 'increments and returns source token' do
result = QuerySourceToken.get_and_increment_source_token(our_uuid, user)
expect(result).to be_a SourceToken
expected = {
total_uses: 1,
max_uses: 1,
created_at: Time.now,
updated_at: Time.now,
event_id: event.id,
expiration: Time.now + 1.day,
token: our_uuid,
tokenizable_id: nil,
tokenizable_type: nil
}.with_indifferent_access
expect(result.attributes).to eq expected
reload_all_tokens
expect(our_source_token.attributes).to eq expected
end
def reload_all_tokens
our_source_token.reload
not_our_source_token.reload
expired_source_token.reload
overused_source_token.reload
end
end
end