Skip to content

Commit fdf074a

Browse files
coratgerlcoratgerl
committed
fix: feedbacks
1 parent 79ed425 commit fdf074a

31 files changed

+268
-61
lines changed

spec/AudienceRouter.spec.js

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@ const auth = require('../lib/Auth');
22
const Config = require('../lib/Config');
33
const rest = require('../lib/rest');
44
const request = require('../lib/request');
5+
const { getSanitizedErrorCall } = require('../lib/TestUtils');
56
const AudiencesRouter = require('../lib/Routers/AudiencesRouter').AudiencesRouter;
67

78
describe('AudiencesRouter', () => {
@@ -263,55 +264,75 @@ describe('AudiencesRouter', () => {
263264
});
264265

265266
it('should only create with master key', done => {
267+
const sanitizedErrorCall = getSanitizedErrorCall();
268+
269+
const callCountBefore = sanitizedErrorCall.callCountBefore();
266270
Parse._request('POST', 'push_audiences', {
267271
name: 'My Audience',
268272
query: JSON.stringify({ deviceType: 'ios' }),
269273
}).then(
270274
() => {},
271275
error => {
272276
expect(error.message).toEqual('Permission denied');
277+
sanitizedErrorCall.checkMessage('unauthorized: master key is required', callCountBefore);
273278
done();
274279
}
275280
);
276281
});
277282

278283
it('should only find with master key', done => {
284+
const sanitizedErrorCall = getSanitizedErrorCall();
285+
286+
const callCountBefore = sanitizedErrorCall.callCountBefore();
279287
Parse._request('GET', 'push_audiences', {}).then(
280288
() => {},
281289
error => {
282290
expect(error.message).toEqual('Permission denied');
291+
sanitizedErrorCall.checkMessage('unauthorized: master key is required', callCountBefore);
283292
done();
284293
}
285294
);
286295
});
287296

288297
it('should only get with master key', done => {
298+
const sanitizedErrorCall = getSanitizedErrorCall();
299+
300+
const callCountBefore = sanitizedErrorCall.callCountBefore();
289301
Parse._request('GET', `push_audiences/someId`, {}).then(
290302
() => {},
291303
error => {
292304
expect(error.message).toEqual('Permission denied');
305+
sanitizedErrorCall.checkMessage('unauthorized: master key is required', callCountBefore);
293306
done();
294307
}
295308
);
296309
});
297310

298311
it('should only update with master key', done => {
312+
const sanitizedErrorCall = getSanitizedErrorCall();
313+
314+
const callCountBefore = sanitizedErrorCall.callCountBefore();
299315
Parse._request('PUT', `push_audiences/someId`, {
300316
name: 'My Audience 2',
301317
}).then(
302318
() => {},
303319
error => {
304320
expect(error.message).toEqual('Permission denied');
321+
sanitizedErrorCall.checkMessage('unauthorized: master key is required', callCountBefore);
305322
done();
306323
}
307324
);
308325
});
309326

310327
it('should only delete with master key', done => {
328+
const sanitizedErrorCall = getSanitizedErrorCall();
329+
330+
const callCountBefore = sanitizedErrorCall.callCountBefore();
311331
Parse._request('DELETE', `push_audiences/someId`, {}).then(
312332
() => {},
313333
error => {
314334
expect(error.message).toEqual('Permission denied');
335+
sanitizedErrorCall.checkMessage('unauthorized: master key is required', callCountBefore);
315336
done();
316337
}
317338
);

spec/LogsRouter.spec.js

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
'use strict';
22

33
const request = require('../lib/request');
4+
const { getSanitizedErrorCall } = require('../lib/TestUtils');
45
const LogsRouter = require('../lib/Routers/LogsRouter').LogsRouter;
56
const LoggerController = require('../lib/Controllers/LoggerController').LoggerController;
67
const WinstonLoggerAdapter = require('../lib/Adapters/Logger/WinstonLoggerAdapter')
@@ -52,6 +53,9 @@ describe_only(() => {
5253
});
5354

5455
it('can check invalid master key of request', done => {
56+
const sanitizedErrorCall = getSanitizedErrorCall();
57+
58+
const callCountBefore = sanitizedErrorCall.callCountBefore();
5559
request({
5660
url: 'http://localhost:8378/1/scriptlog',
5761
headers: {
@@ -62,6 +66,7 @@ describe_only(() => {
6266
const body = response.data;
6367
expect(response.status).toEqual(403);
6468
expect(body.error).toEqual('Permission denied');
69+
sanitizedErrorCall.checkMessage('unauthorized: master key is required', callCountBefore);
6570
done();
6671
});
6772
});

spec/ParseAPI.spec.js

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ const request = require('../lib/request');
66
const Parse = require('parse/node');
77
const Config = require('../lib/Config');
88
const SchemaController = require('../lib/Controllers/SchemaController');
9-
const TestUtils = require('../lib/TestUtils');
9+
const { getSanitizedErrorCall, destroyAllDataPermanently } = require('../lib/TestUtils');
1010

1111
const userSchema = SchemaController.convertSchemaToAdapterSchema({
1212
className: '_User',
@@ -169,7 +169,7 @@ describe('miscellaneous', () => {
169169
}
170170
const config = Config.get('test');
171171
// Remove existing data to clear out unique index
172-
TestUtils.destroyAllDataPermanently()
172+
destroyAllDataPermanently()
173173
.then(() => config.database.adapter.performInitialization({ VolatileClassesSchemas: [] }))
174174
.then(() => config.database.adapter.createClass('_User', userSchema))
175175
.then(() =>
@@ -210,7 +210,7 @@ describe('miscellaneous', () => {
210210
it_id('d00f907e-41b9-40f6-8168-63e832199a8c')(it)('ensure that if people already have duplicate emails, they can still sign up new users', done => {
211211
const config = Config.get('test');
212212
// Remove existing data to clear out unique index
213-
TestUtils.destroyAllDataPermanently()
213+
destroyAllDataPermanently()
214214
.then(() => config.database.adapter.performInitialization({ VolatileClassesSchemas: [] }))
215215
.then(() => config.database.adapter.createClass('_User', userSchema))
216216
.then(() =>
@@ -1710,11 +1710,14 @@ describe('miscellaneous', () => {
17101710
});
17111711

17121712
it('fail on purge all objects in class without master key', done => {
1713+
const sanitizedErrorCall = getSanitizedErrorCall();
1714+
17131715
const headers = {
17141716
'Content-Type': 'application/json',
17151717
'X-Parse-Application-Id': 'test',
17161718
'X-Parse-REST-API-Key': 'rest',
17171719
};
1720+
const callCountBefore = sanitizedErrorCall.callCountBefore();
17181721
request({
17191722
method: 'DELETE',
17201723
headers: headers,
@@ -1725,6 +1728,7 @@ describe('miscellaneous', () => {
17251728
})
17261729
.catch(response => {
17271730
expect(response.data.error).toEqual('Permission denied');
1731+
sanitizedErrorCall.checkMessage('unauthorized: master key is required', callCountBefore);
17281732
done();
17291733
});
17301734
});

spec/ParseFile.spec.js

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55

66
const { FilesController } = require('../lib/Controllers/FilesController');
77
const request = require('../lib/request');
8+
const { getSanitizedErrorCall } = require('../lib/TestUtils');
89

910
const str = 'Hello World!';
1011
const data = [];
@@ -132,6 +133,8 @@ describe('Parse.File testing', () => {
132133
});
133134

134135
it('blocks file deletions with missing or incorrect master-key header', done => {
136+
const sanitizedErrorCall = getSanitizedErrorCall();
137+
135138
const headers = {
136139
'Content-Type': 'image/jpeg',
137140
'X-Parse-Application-Id': 'test',
@@ -146,6 +149,7 @@ describe('Parse.File testing', () => {
146149
const b = response.data;
147150
expect(b.url).toMatch(/^http:\/\/localhost:8378\/1\/files\/test\/.*thefile.jpg$/);
148151
// missing X-Parse-Master-Key header
152+
const callCountBefore = sanitizedErrorCall.callCountBefore();
149153
request({
150154
method: 'DELETE',
151155
headers: {
@@ -157,7 +161,9 @@ describe('Parse.File testing', () => {
157161
const del_b = response.data;
158162
expect(response.status).toEqual(403);
159163
expect(del_b.error).toBe('Permission denied');
164+
sanitizedErrorCall.checkMessage('unauthorized: master key is required', callCountBefore);
160165
// incorrect X-Parse-Master-Key header
166+
const callCountBefore2 = sanitizedErrorCall.callCountBefore();
161167
request({
162168
method: 'DELETE',
163169
headers: {
@@ -170,6 +176,7 @@ describe('Parse.File testing', () => {
170176
const del_b2 = response.data;
171177
expect(response.status).toEqual(403);
172178
expect(del_b2.error).toBe('Permission denied');
179+
sanitizedErrorCall.checkMessage('unauthorized: master key is required', callCountBefore2);
173180
done();
174181
});
175182
});
@@ -756,11 +763,16 @@ describe('Parse.File testing', () => {
756763

757764
describe('getting files', () => {
758765
it('does not crash on file request with invalid app ID', async () => {
766+
const { getSanitizedErrorCall } = require('../lib/TestUtils');
767+
const sanitizedErrorCall = getSanitizedErrorCall();
768+
769+
const callCountBefore = sanitizedErrorCall.callCountBefore();
759770
const res1 = await request({
760771
url: 'http://localhost:8378/1/files/invalid-id/invalid-file.txt',
761772
}).catch(e => e);
762773
expect(res1.status).toBe(403);
763774
expect(res1.data).toEqual({ code: 119, error: 'Permission denied' });
775+
sanitizedErrorCall.checkMessage('Invalid application ID.', callCountBefore);
764776
// Ensure server did not crash
765777
const res2 = await request({ url: 'http://localhost:8378/1/health' });
766778
expect(res2.status).toEqual(200);

spec/ParseGlobalConfig.spec.js

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
const request = require('../lib/request');
44
const Config = require('../lib/Config');
5+
const { getSanitizedErrorCall } = require('../lib/TestUtils');
56

67
describe('a GlobalConfig', () => {
78
beforeEach(async () => {
@@ -220,6 +221,9 @@ describe('a GlobalConfig', () => {
220221
});
221222

222223
it('fail to update if master key is missing', done => {
224+
const sanitizedErrorCall = getSanitizedErrorCall();
225+
226+
const callCountBefore = sanitizedErrorCall.callCountBefore();
223227
request({
224228
method: 'PUT',
225229
url: 'http://localhost:8378/1/config',
@@ -234,6 +238,7 @@ describe('a GlobalConfig', () => {
234238
const body = response.data;
235239
expect(response.status).toEqual(403);
236240
expect(body.error).toEqual('Permission denied');
241+
sanitizedErrorCall.checkMessage('unauthorized: master key is required', callCountBefore);
237242
done();
238243
});
239244
});

spec/ParseGraphQLServer.spec.js

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,7 @@ const { ParseServer } = require('../');
3535
const { ParseGraphQLServer } = require('../lib/GraphQL/ParseGraphQLServer');
3636
const { ReadPreference, Collection } = require('mongodb');
3737
const { v4: uuidv4 } = require('uuid');
38+
const { getSanitizedErrorCall } = require('../lib/TestUtils');
3839

3940
function handleError(e) {
4041
if (e && e.networkError && e.networkError.result && e.networkError.result.errors) {
@@ -3488,6 +3489,9 @@ describe('ParseGraphQLServer', () => {
34883489
});
34893490

34903491
it('should require master key to create a new class', async () => {
3492+
const sanitizedErrorCall = getSanitizedErrorCall();
3493+
3494+
const callCountBefore = sanitizedErrorCall.callCountBefore();
34913495
try {
34923496
await apolloClient.mutate({
34933497
mutation: gql`
@@ -3502,6 +3506,7 @@ describe('ParseGraphQLServer', () => {
35023506
} catch (e) {
35033507
expect(e.graphQLErrors[0].extensions.code).toEqual(Parse.Error.OPERATION_FORBIDDEN);
35043508
expect(e.graphQLErrors[0].message).toEqual('Permission denied');
3509+
sanitizedErrorCall.checkMessage('unauthorized: master key is required', callCountBefore);
35053510
}
35063511
});
35073512

@@ -3858,6 +3863,9 @@ describe('ParseGraphQLServer', () => {
38583863
handleError(e);
38593864
}
38603865

3866+
const sanitizedErrorCall = getSanitizedErrorCall();
3867+
3868+
const callCountBefore = sanitizedErrorCall.callCountBefore();
38613869
try {
38623870
await apolloClient.mutate({
38633871
mutation: gql`
@@ -3872,6 +3880,7 @@ describe('ParseGraphQLServer', () => {
38723880
} catch (e) {
38733881
expect(e.graphQLErrors[0].extensions.code).toEqual(Parse.Error.OPERATION_FORBIDDEN);
38743882
expect(e.graphQLErrors[0].message).toEqual('Permission denied');
3883+
sanitizedErrorCall.checkMessage('unauthorized: master key is required', callCountBefore);
38753884
}
38763885
});
38773886

@@ -4083,6 +4092,10 @@ describe('ParseGraphQLServer', () => {
40834092
handleError(e);
40844093
}
40854094

4095+
const { getSanitizedErrorCall } = require('../lib/TestUtils');
4096+
const sanitizedErrorCall = getSanitizedErrorCall();
4097+
4098+
const callCountBefore = sanitizedErrorCall.callCountBefore();
40864099
try {
40874100
await apolloClient.mutate({
40884101
mutation: gql`
@@ -4097,6 +4110,7 @@ describe('ParseGraphQLServer', () => {
40974110
} catch (e) {
40984111
expect(e.graphQLErrors[0].extensions.code).toEqual(Parse.Error.OPERATION_FORBIDDEN);
40994112
expect(e.graphQLErrors[0].message).toEqual('Permission denied');
4113+
sanitizedErrorCall.checkMessage('unauthorized: master key is required', callCountBefore);
41004114
}
41014115
});
41024116

@@ -4124,6 +4138,10 @@ describe('ParseGraphQLServer', () => {
41244138
});
41254139

41264140
it('should require master key to get an existing class', async () => {
4141+
const { getSanitizedErrorCall } = require('../lib/TestUtils');
4142+
const sanitizedErrorCall = getSanitizedErrorCall();
4143+
4144+
const callCountBefore = sanitizedErrorCall.callCountBefore();
41274145
try {
41284146
await apolloClient.query({
41294147
query: gql`
@@ -4138,10 +4156,15 @@ describe('ParseGraphQLServer', () => {
41384156
} catch (e) {
41394157
expect(e.graphQLErrors[0].extensions.code).toEqual(Parse.Error.OPERATION_FORBIDDEN);
41404158
expect(e.graphQLErrors[0].message).toEqual('Permission denied');
4159+
sanitizedErrorCall.checkMessage('unauthorized: master key is required', callCountBefore);
41414160
}
41424161
});
41434162

41444163
it('should require master key to find the existing classes', async () => {
4164+
const { getSanitizedErrorCall } = require('../lib/TestUtils');
4165+
const sanitizedErrorCall = getSanitizedErrorCall();
4166+
4167+
const callCountBefore = sanitizedErrorCall.callCountBefore();
41454168
try {
41464169
await apolloClient.query({
41474170
query: gql`
@@ -4156,6 +4179,7 @@ describe('ParseGraphQLServer', () => {
41564179
} catch (e) {
41574180
expect(e.graphQLErrors[0].extensions.code).toEqual(Parse.Error.OPERATION_FORBIDDEN);
41584181
expect(e.graphQLErrors[0].message).toEqual('Permission denied');
4182+
sanitizedErrorCall.checkMessage('unauthorized: master key is required', callCountBefore);
41594183
}
41604184
});
41614185
});

spec/ParseQuery.Aggregate.spec.js

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22
const Parse = require('parse/node');
33
const request = require('../lib/request');
44
const Config = require('../lib/Config');
5+
const { getSanitizedErrorCall } = require('../lib/TestUtils');
56

67
const masterKeyHeaders = {
78
'X-Parse-Application-Id': 'test',
@@ -74,10 +75,14 @@ describe('Parse.Query Aggregate testing', () => {
7475
});
7576

7677
it('should only query aggregate with master key', done => {
78+
const sanitizedErrorCall = getSanitizedErrorCall();
79+
80+
const callCountBefore = sanitizedErrorCall.callCountBefore();
7781
Parse._request('GET', `aggregate/someClass`, {}).then(
7882
() => {},
7983
error => {
8084
expect(error.message).toEqual('Permission denied');
85+
sanitizedErrorCall.checkMessage('unauthorized: master key is required', callCountBefore);
8186
done();
8287
}
8388
);

0 commit comments

Comments
 (0)