krikkert/habitica
1
0
Fork 0
mirror of https://github.com/HabitRPG/habitica.git synced 2025-12-18 07:07:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add tests for protected paths

Browse Source
This commit is contained in:
Blade Barringer
2015-10-26 12:24:02 -05:00
parent 0eac953170
commit 6a6922bb3f
1 changed files with 37 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
test/api/user/PUT-user.test.js
View File

@@ -3,7 +3,9 @@ import {
requester,
} from '../../helpers/api.helper';
describe('PUT /user', () => {
import { each } from 'lodash';
describe.only('PUT /user', () => {
let api, user;
beforeEach(() => {
@@ -13,11 +15,40 @@ describe('PUT /user', () => {
});
});
it('updates the user', () => {
return api.put('/user', {
'profile.name' : 'Frodo',
}).then((updatedUser) => {
expect(updatedUser.profile.name).to.eql('Frodo');
context('allowed paths', () => {
it('updates the user', () => {
return api.put('/user', {
'profile.name' : 'Frodo',
'preferences.costume': true,
}).then((updatedUser) => {
expect(updatedUser.profile.name).to.eql('Frodo');
expect(updatedUser.preferences.costume).to.eql(true);
});
});
});
context('protected paths', () => {
let protectedPaths = {
'gem balance': {balance: 100},
'auth': {'auth.blocked': true, 'auth.timestamps.created': new Date()},
'contributor': {'contributor.level': 9, 'contributor.admin': true, 'contributor.text': 'some text'},
'backer': {'backer.tier': 10, 'backer.npc': 'Bilbo'},
'subscriptions': {'purchased.plan.extraMonths': 500, 'purchased.plan.consecutive.trinkets': 1000},
'customization gem purchases': {'purchased.background.tavern': true, 'purchased.skin.bear': true},
'tasks': {todos: [], habits: [], dailys: [], rewards: []},
};
each(protectedPaths, (data, testName) => {
it(`does not allow updating ${testName}`, () => {
let errorText = [];
each(data, (value, path) => {
errorText.push(`path \`${path}\` was not saved, as it's a protected path. See https://github.com/HabitRPG/habitrpg/blob/develop/API.md for PUT /api/v2/user.`);
});
return expect(api.put('/user', data)).to.eventually.be.rejected.and.eql({
code: 401,
text: errorText,
});
});
});
});
});