add integration test and update swagger docs

Author: emathew5

api-docs/openapi.json

@@ -1209,11 +1209,7 @@
             "content": {
               "application/json": {
                 "schema": {
-                  "oneOf": [
-                    {
-                      "$ref": "../schemas/cve/get-cve-record-count.json"
-                    }
-                  ]
+                  "$ref": "../schemas/cve/get-cve-record-count.json"
                 }
               }
             }

schemas/cve/get-cve-record-count.json

@@ -1,3 +1,10 @@
 {
-    "totalCount": 0
+    "$schema": "http://json-schema.org/draft-04/schema",
+    "type": "object",
+    "properties": {
+        "totalCount": {
+            "type": "integer",
+            "format": "int32"
+        }
+    }
 }

src/controller/cve.controller/index.js

@@ -286,17 +286,12 @@ router.get('/cve_count',
         <p>Retrieves the count of all CVE records for all organizations</p>"
   #swagger.parameters['$ref'] = [
     '#/components/parameters/cveState',
-    '#/components/parameters/countOnly',
   ]
   #swagger.responses[200] = {
     description: 'A count of the total number of filtered CVE records',
     content: {
       "application/json": {
-        schema: {
-            oneOf: [
-                { $ref: '../schemas/cve/get-cve-record-count.json' }
-            ]
-        },
+        schema: { $ref: '../schemas/cve/get-cve-record-count.json' }
       }
     }
   }
@@ -326,7 +321,7 @@ router.get('/cve_count',
   }
   
   */
-  query().custom((query) => { return mw.validateQueryParameterNames(query, ['state']) }),
+  query().custom((query) => { return mw.validateQueryParameterNames(query, ['state', 'count_only']) }),
   query(['state']).optional().isString().trim().customSanitizer(val => { return val.toUpperCase() }).isIn(CHOICES).withMessage(errorMsgs.CVE_FILTERED_STATES),
   parseError,
   parseGetParams,

src/controller/schemas.controller/index.js

@@ -20,6 +20,7 @@ router.get('/cve/create-cve-record-cna-request.json', controller.getCnaFullSchem
 router.get('/cve/create-adp-record-adp-request.json', controller.getAdpFullSchema)
 router.get('/cve/create-cve-record-secretariat-request.json', controller.getCnaSecretariatFullSchema)
 router.get('/cve/cna-minimum-request.json', controller.getCnaMinSchema)
+router.get('/cve/get-cve-record-count.json', controller.getCveCountResponseSchema)
 
 // Schemas relating to CVE IDs
 router.get('/cve-id/create-cve-ids-response.json', controller.getCreateCveIdsResponseSchema)

src/controller/schemas.controller/schemas.controller.js

@@ -222,6 +222,12 @@ async function getUpdateUserResponseSchema (req, res) {
   res.status(200)
 }
 
+async function getCveCountResponseSchema (req, res) {
+  const cveCountResponseSchema = require('../../../schemas/cve/get-cve-record-count.json')
+  res.json(cveCountResponseSchema)
+  res.status(200)
+}
+
 module.exports = {
   getBadRequestSchema: getBadRequestSchema,
   getCreateCveRecordResponseSchema: getCreateCveRecordResponseSchema,
@@ -258,5 +264,6 @@ module.exports = {
   getCnaFullSchema: getCnaFullSchema,
   getAdpFullSchema: getAdpFullSchema,
   getCnaSecretariatFullSchema: getCnaSecretariatFullSchema,
-  getCnaMinSchema: getCnaMinSchema
+  getCnaMinSchema: getCnaMinSchema,
+  getCveCountResponseSchema: getCveCountResponseSchema
 }

test/README.md

@@ -1,7 +1,7 @@
 
 
 # CVE-API-Unit-Tests
-In order to Run Tests, make sure you configure a DB connection in the config/config.json under the `test` environment.
+In order to Run Tests, make sure you configure a DB connection in the config/default.json under the `test` environment.
 
 ## Dependencies
 
@@ -14,11 +14,16 @@ This project uses or depends on software from
 - Mocha https://mochajs.org/
 - Chai https://www.chaijs.com/
 
+In order to pre-populate a new database for testing, run the following command:
+
+```sh
+npm run populate:test
+```
 
 In order to run unit tests, use the following command:
 
 ```sh
-npm run start:test
+npm run test
 ```
 
 ## Notes

test/integration-tests/cve/getCveCount.js

@@ -0,0 +1,72 @@
+/* eslint-disable no-unused-expressions */
+
+const chai = require('chai')
+chai.use(require('chai-http'))
+const expect = chai.expect
+
+const constants = require('../constants.js')
+const app = require('../../../src/index.js')
+
+describe('Test get /cve_count for CVE records', () => {
+  context('Positive Tests', () => {
+    it('Get /cve_count should allow any user to get count', async () => {
+      await chai.request(app)
+        .get('/api/cve_count')
+        .then((res, err) => {
+          expect(err).to.be.undefined
+          expect(res).to.have.status(200)
+          expect(res.body).to.have.property('totalCount').that.is.a('number');
+        })
+    })
+    it('Get /cve_count should allow privledged user to get count also', async () => {
+      await chai.request(app)
+        .get('/api/cve_count')
+        .set(constants.headers)
+        .then((res, err) => {
+          expect(err).to.be.undefined
+          expect(res).to.have.status(200)
+          expect(res.body).to.have.property('totalCount').that.is.a('number');
+        })
+    })
+    it('Get /cve_count should return count with valid parameters', async () => {
+      await chai.request(app)
+        .get('/api/cve_count?state=PUBLISHED')
+        .set(constants.headers)
+        .then((res, err) => {
+          expect(err).to.be.undefined
+          expect(res).to.have.status(200)
+          expect(res.body).to.have.property('totalCount').that.is.a('number');
+        })
+    })
+  })
+  context('Negative Tests', () => {
+    it('Get /cve should NOT allow any user to get count', async () => {
+      await chai.request(app)
+        .get('/api/cve?count_only=1')
+        .then((res, err) => {
+          expect(err).to.be.undefined
+          expect(res).to.have.status(400)
+        })
+    })
+    it('Get /cve_count should fail if it is passed invalid parameters', async () => {
+      await chai.request(app)
+        .get('/api/cve_count?time_modified.gt=2022-13-01T00:00:00Z')
+        .set(constants.headers)
+        .then((res, err) => {
+          expect(err).to.be.undefined
+          expect(res).to.have.status(400)
+          expect(res.body.message).to.contain('Parameters were invalid')
+        })
+    })
+    it('Get /cve_count should fail if it is passed invalid parameters', async () => {
+      await chai.request(app)
+        .get('/api/cve_count?state=SUCESS')
+        .set(constants.headers)
+        .then((res, err) => {
+          expect(err).to.be.undefined
+          expect(res).to.have.status(400)
+          expect(res.body.message).to.contain('Parameters were invalid')
+        })
+    })
+  })
+})