@@ -4,6 +4,7 @@ const chaiHttp = require("chai-http");
44const sinon = require ( "sinon" ) ;
55const firestore = require ( "../../utils/firestore" ) ;
66const profileDiffsModel = firestore . collection ( "profileDiffs" ) ;
7+ const obfuscate = require ( "../../utils/obfuscate" ) ;
78
89const app = require ( "../../server" ) ;
910const authService = require ( "../../services/authService" ) ;
@@ -38,18 +39,33 @@ describe("Profile Diffs API Behind Feature Flag", function () {
3839 } ) ;
3940
4041 describe ( "GET /profileDiffs" , function ( ) {
41- it ( "Should return pending profileDiffs, using authorized user (super_user)" , function ( done ) {
42- chai
42+ it ( "Should return pending profileDiffs with obfuscated email and phone , using authorized user (super_user)" , async function ( ) {
43+ const response = await chai
4344 . request ( app )
4445 . get ( "/profileDiffs?dev=true" )
45- . set ( "cookie" , `${ cookieName } ${ superUserAuthToken } )
46- . end ( ( error , response ) => {
47- expect ( response ) . to . have . status ( 200 ) ;
48- expect ( response . body . message ) . to . equal ( "Profile Diffs returned successfully!" ) ;
49- expect ( response . body . profileDiffs ) . to . be . an ( "array" ) ;
50- expect ( response . body ) . to . have . property ( "next" ) ;
51- done ( error ) ;
52- } ) ;
46+ . set ( "cookie" , `${ cookieName } ${ superUserAuthToken } ) ;
47+
48+ expect ( response ) . to . have . status ( 200 ) ;
49+ expect ( response . body . message ) . to . equal ( "Profile Diffs returned successfully!" ) ;
50+ expect ( response . body ) . to . have . property ( "next" ) ;
51+
52+ const profileDiffs = response . body . profileDiffs ;
53+ expect ( profileDiffs ) . to . be . an ( "array" ) ;
54+
55+ for ( const profileDiff of profileDiffs ) {
56+ const { id, email, phone } = profileDiff ;
57+ const originalProfileDiffDoc = await profileDiffsModel . doc ( id ) . get ( ) ;
58+ const originalProfileDiff = originalProfileDiffDoc . data ( ) ;
59+
60+ if ( originalProfileDiff ?. email ) {
61+ const expectedObfuscatedEmail = obfuscate . obfuscateMail ( originalProfileDiff . email ) ;
62+ expect ( email ) . to . equal ( expectedObfuscatedEmail ) ;
63+ }
64+ if ( originalProfileDiff ?. phone ) {
65+ const expectedObfuscatedPhone = obfuscate . obfuscatePhone ( originalProfileDiff . phone ) ;
66+ expect ( phone ) . to . equal ( expectedObfuscatedPhone ) ;
67+ }
68+ }
5369 } ) ;
5470
5571 it ( "Should return unauthorized error when not authorized" , function ( done ) {
@@ -65,7 +81,7 @@ describe("Profile Diffs API Behind Feature Flag", function () {
6581 } ) ;
6682 } ) ;
6783
68- it ( "Should handle query parameters correctly" , async function ( ) {
84+ it ( "Should handle query parameters correctly and obfuscate email and phone " , async function ( ) {
6985 const profileDiffsSnapshot = await profileDiffsModel . where ( "approval" , "==" , "APPROVED" ) . limit ( 1 ) . get ( ) ;
7086
7187 const res = await chai
@@ -76,8 +92,25 @@ describe("Profile Diffs API Behind Feature Flag", function () {
7692 . set ( "cookie" , `${ cookieName } ${ superUserAuthToken } ) ;
7793 expect ( res ) . to . have . status ( 200 ) ;
7894 expect ( res . body . message ) . to . equal ( "Profile Diffs returned successfully!" ) ;
79- expect ( res . body . profileDiffs ) . to . be . an ( "array" ) ;
8095 expect ( res . body ) . to . have . property ( "next" ) ;
96+
97+ const profileDiffs = res . body . profileDiffs ;
98+ expect ( profileDiffs ) . to . be . an ( "array" ) ;
99+
100+ profileDiffs . forEach ( async ( profileDiff ) => {
101+ const { id, email, phone } = profileDiff ;
102+ const originalProfileDiffDoc = await profileDiffsModel . doc ( id ) . get ( ) ;
103+ const originalProfileDiff = originalProfileDiffDoc . data ( ) ;
104+
105+ if ( originalProfileDiff ?. email ) {
106+ const obfuscatedEmail = obfuscate . obfuscateMail ( originalProfileDiff . email ) ;
107+ expect ( email ) . to . equal ( obfuscatedEmail ) ;
108+ }
109+ if ( originalProfileDiff ?. phone ) {
110+ const obfuscatedPhone = obfuscate . obfuscatePhone ( originalProfileDiff . phone ) ;
111+ expect ( phone ) . to . equal ( obfuscatedPhone ) ;
112+ }
113+ } ) ;
81114 } ) ;
82115
83116 it ( "Should handle server errors" , function ( done ) {
@@ -97,7 +130,7 @@ describe("Profile Diffs API Behind Feature Flag", function () {
97130 } ) ;
98131
99132 describe ( "GET /profileDiffs/:id" , function ( ) {
100- it ( "Should return a specific profile diff for authorized user" , async function ( ) {
133+ it ( "Should return a specific profile diff with obfuscated email and phone for authorized user" , async function ( ) {
101134 const profileDiffsSnapshot = await profileDiffsModel . where ( "approval" , "==" , "PENDING" ) . limit ( 1 ) . get ( ) ;
102135
103136 const response = await chai
@@ -107,6 +140,17 @@ describe("Profile Diffs API Behind Feature Flag", function () {
107140 expect ( response ) . to . have . status ( 200 ) ;
108141 expect ( response . body . message ) . to . equal ( "Profile Diff returned successfully!" ) ;
109142 expect ( response . body . profileDiff ) . to . be . an ( "object" ) ;
143+
144+ const { email, phone } = response . body . profileDiff ;
145+ const originalProfileDiff = profileDiffsSnapshot . docs [ 0 ] . data ( ) ;
146+ if ( originalProfileDiff ?. email ) {
147+ const obfuscatedEmail = obfuscate . obfuscateMail ( originalProfileDiff . email ) ;
148+ expect ( email ) . to . equal ( obfuscatedEmail ) ;
149+ }
150+ if ( originalProfileDiff ?. phone ) {
151+ const obfuscatedPhone = obfuscate . obfuscatePhone ( originalProfileDiff . phone ) ;
152+ expect ( phone ) . to . equal ( obfuscatedPhone ) ;
153+ }
110154 } ) ;
111155
112156 it ( "Should return not found for non-existent profile diff" , function ( done ) {
0 commit comments