KevinMidboe/immich
1
0
Fork 0
mirror of https://github.com/KevinMidboe/immich.git synced 2025-10-29 17:40:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(server): non-nullable IsOptional (#3939)

Browse Source 
* custom `IsOptional`

* added link to source

* formatting

* Update server/src/domain/domain.util.ts

Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>

* nullable birth date endpoint

* made `nullable` a property

* formatting

* removed unused dto

* updated decorator arg

* fixed album e2e tests

* add null tests for auth e2e

* add null test for person e2e

* fixed tests

* added null test for user e2e

* removed unusued import

* log key in test name

* chore: add note about mobile not being able to use the endpoint

---------

Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
This commit is contained in:
Mert
2023-09-01 12:40:00 -04:00
committed by GitHub
parent ca35e5557b
commit 9539a361e4
43 changed files with 271 additions and 243 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
server/test/e2e/auth.e2e-spec.ts
View File

@@ -2,7 +2,16 @@ import { AppModule, AuthController } from '@app/immich';
import { INestApplication } from '@nestjs/common';
import { Test, TestingModule } from '@nestjs/testing';
import request from 'supertest';
import { deviceStub, errorStub, loginResponseStub, signupResponseStub, signupStub, uuidStub } from '../fixtures';
import {
changePasswordStub,
deviceStub,
errorStub,
loginResponseStub,
loginStub,
signupResponseStub,
adminSignupStub,
uuidStub,
} from '../fixtures';
import { api, db } from '../test-utils';
const firstName = 'Immich';
@@ -64,7 +73,7 @@ describe(`${AuthController.name} (e2e)`, () => {
it('should sign up the admin with a local domain', async () => {
const { status, body } = await request(server)
.post('/auth/admin-sign-up')
.send({ ...signupStub, email: 'admin@local' });
.send({ ...adminSignupStub, email: 'admin@local' });
expect(status).toEqual(201);
expect(body).toEqual({ ...signupResponseStub, email: 'admin@local' });
});
@@ -72,7 +81,7 @@ describe(`${AuthController.name} (e2e)`, () => {
it('should transform email to lower case', async () => {
const { status, body } = await request(server)
.post('/auth/admin-sign-up')
.send({ ...signupStub, email: 'aDmIn@IMMICH.app' });
.send({ ...adminSignupStub, email: 'aDmIn@IMMICH.app' });
expect(status).toEqual(201);
expect(body).toEqual(signupResponseStub);
});
@@ -80,11 +89,21 @@ describe(`${AuthController.name} (e2e)`, () => {
it('should not allow a second admin to sign up', async () => {
await api.adminSignUp(server);
const { status, body } = await request(server).post('/auth/admin-sign-up').send(signupStub);
const { status, body } = await request(server).post('/auth/admin-sign-up').send(adminSignupStub);
expect(status).toBe(400);
expect(body).toEqual(errorStub.alreadyHasAdmin);
});
for (const key of Object.keys(adminSignupStub)) {
it(`should not allow null ${key}`, async () => {
const { status, body } = await request(server)
.post('/auth/admin-sign-up')
.send({ ...adminSignupStub, [key]: null });
expect(status).toBe(400);
expect(body).toEqual(errorStub.badRequest);
});
}
});
describe(`POST /auth/login`, () => {
@@ -94,6 +113,16 @@ describe(`${AuthController.name} (e2e)`, () => {
expect(status).toBe(401);
});
for (const key of Object.keys(loginStub.admin)) {
it(`should not allow null ${key}`, async () => {
const { status, body } = await request(server)
.post('/auth/login')
.send({ ...loginStub.admin, [key]: null });
expect(status).toBe(400);
expect(body).toEqual(errorStub.badRequest);
});
}
it('should accept a correct password', async () => {
const { status, body, headers } = await request(server).post('/auth/login').send({ email, password });
expect(status).toBe(201);
@@ -183,17 +212,26 @@ describe(`${AuthController.name} (e2e)`, () => {
describe('POST /auth/change-password', () => {
it('should require authentication', async () => {
const { status, body } = await request(server)
.post(`/auth/change-password`)
.send({ password: 'Password123', newPassword: 'Password1234' });
const { status, body } = await request(server).post(`/auth/change-password`).send(changePasswordStub);
expect(status).toBe(401);
expect(body).toEqual(errorStub.unauthorized);
});
for (const key of Object.keys(changePasswordStub)) {
it(`should not allow null ${key}`, async () => {
const { status, body } = await request(server)
.post('/auth/change-password')
.send({ ...changePasswordStub, [key]: null })
.set('Authorization', `Bearer ${accessToken}`);
expect(status).toBe(400);
expect(body).toEqual(errorStub.badRequest);
});
}
it('should require the current password', async () => {
const { status, body } = await request(server)
.post(`/auth/change-password`)
.send({ password: 'wrong-password', newPassword: 'Password1234' })
.send({ ...changePasswordStub, password: 'wrong-password' })
.set('Authorization', `Bearer ${accessToken}`);
expect(status).toBe(400);
expect(body).toEqual(errorStub.wrongPassword);
@@ -202,7 +240,7 @@ describe(`${AuthController.name} (e2e)`, () => {
it('should change the password', async () => {
const { status } = await request(server)
.post(`/auth/change-password`)
.send({ password: 'Password123', newPassword: 'Password1234' })
.send(changePasswordStub)
.set('Authorization', `Bearer ${accessToken}`);
expect(status).toBe(200);

16
server/test/e2e/person.e2e-spec.ts
View File

@@ -40,7 +40,20 @@ describe(`${PersonController.name}`, () => {
expect(body).toEqual(errorStub.unauthorized);
});
it('should not accept invalid dates', async () => {
for (const key of ['name', 'featureFaceAssetId', 'isHidden']) {
it(`should not allow null ${key}`, async () => {
const personRepository = app.get<IPersonRepository>(IPersonRepository);
const person = await personRepository.create({ ownerId: loginResponse.userId });
const { status, body } = await request(server)
.put(`/person/${person.id}`)
.set('Authorization', `Bearer ${accessToken}`)
.send({ [key]: null });
expect(status).toBe(400);
expect(body).toEqual(errorStub.badRequest);
});
}
it('should not accept invalid birth dates', async () => {
for (const birthDate of [false, 'false', '123567', 123456]) {
const { status, body } = await request(server)
.put(`/person/${uuidStub.notFound}`)
@@ -50,6 +63,7 @@ describe(`${PersonController.name}`, () => {
expect(body).toEqual(errorStub.badRequest);
}
});
it('should update a date of birth', async () => {
const personRepository = app.get<IPersonRepository>(IPersonRepository);
const person = await personRepository.create({ ownerId: loginResponse.userId });

28
server/test/e2e/user.e2e-spec.ts
View File

@@ -3,7 +3,7 @@ import { AppModule, UserController } from '@app/immich';
import { INestApplication } from '@nestjs/common';
import { Test, TestingModule } from '@nestjs/testing';
import request from 'supertest';
import { errorStub } from '../fixtures';
import { errorStub, userSignupStub, userStub } from '../fixtures';
import { api, db } from '../test-utils';
describe(`${UserController.name}`, () => {
@@ -118,13 +118,22 @@ describe(`${UserController.name}`, () => {
describe('POST /user', () => {
it('should require authentication', async () => {
const { status, body } = await request(server)
.post(`/user`)
.send({ email: 'user1@immich.app', password: 'Password123', firstName: 'Immich', lastName: 'User' });
const { status, body } = await request(server).post(`/user`).send(userSignupStub);
expect(status).toBe(401);
expect(body).toEqual(errorStub.unauthorized);
});
for (const key of Object.keys(userSignupStub)) {
it(`should not allow null ${key}`, async () => {
const { status, body } = await request(server)
.post(`/user`)
.set('Authorization', `Bearer ${accessToken}`)
.send({ ...userSignupStub, [key]: null });
expect(status).toBe(400);
expect(body).toEqual(errorStub.badRequest);
});
}
it('should ignore `isAdmin`', async () => {
const { status, body } = await request(server)
.post(`/user`)
@@ -170,6 +179,17 @@ describe(`${UserController.name}`, () => {
expect(body).toEqual(errorStub.unauthorized);
});
for (const key of Object.keys(userStub.admin)) {
it(`should not allow null ${key}`, async () => {
const { status, body } = await request(server)
.put(`/user`)
.set('Authorization', `Bearer ${accessToken}`)
.send({ ...userStub.admin, [key]: null });
expect(status).toBe(400);
expect(body).toEqual(errorStub.badRequest);
});
}
it('should not allow a non-admin to become an admin', async () => {
const user = await api.userApi.create(server, accessToken, {
email: 'user1@immich.app',

12
server/test/fixtures/auth.stub.ts vendored
View File

@@ -1,12 +1,17 @@
import { AuthUserDto } from '@app/domain';
export const signupStub = {
export const adminSignupStub = {
firstName: 'Immich',
lastName: 'Admin',
email: 'admin@immich.app',
password: 'Password123',
};
export const userSignupStub = {
...adminSignupStub,
memoriesEnabled: true,
};
export const signupResponseStub = {
id: expect.any(String),
email: 'admin@immich.app',
@@ -22,6 +27,11 @@ export const loginStub = {
},
};
export const changePasswordStub = {
password: 'Password123',
newPassword: 'Password1234',
};
export const authStub = {
admin: Object.freeze<AuthUserDto>({
id: 'admin_id',

4
server/test/test-utils.ts
View File

@@ -14,7 +14,7 @@ import {
} from '@app/domain';
import { dataSource } from '@app/infra';
import request from 'supertest';
import { loginResponseStub, loginStub, signupResponseStub, signupStub } from './fixtures';
import { loginResponseStub, loginStub, signupResponseStub, adminSignupStub } from './fixtures';
export const db = {
reset: async () => {
@@ -49,7 +49,7 @@ export function getAuthUser(): AuthUserDto {
export const api = {
adminSignUp: async (server: any) => {
const { status, body } = await request(server).post('/auth/admin-sign-up').send(signupStub);
const { status, body } = await request(server).post('/auth/admin-sign-up').send(adminSignupStub);
expect(status).toBe(201);
expect(body).toEqual(signupResponseStub);