jcs.org / rubywarden
An unofficial, mostly Bitwarden-compatible API server written in Ruby (Sinatra and ActiveRecord)
fork atom
rubywarden / spec / attachment_spec.rb
at master 82 lines 2.7 kB view raw
Johannes move request helpers to module and include in spec_helper add inital stab at "factory" for creating and logging in users
8208d89c
1require "spec_helper.rb" 2 3@access_token = nil 4@cipher_uuid = nil 5@cipher = nil 6 7describe "attachment module" do 8 before do 9 User.all.delete_all 10 11 Rubywarden::Test::Factory.create_user 12 @access_token = Rubywarden::Test::Factory.login_user 13 14 post_json "/api/ciphers", { 15 :type => 1, 16 :folderId => nil, 17 :organizationId => nil, 18 :name => "2.d7MttWzJTSSKx1qXjHUxlQ==|01Ath5UqFZHk7csk5DVtkQ==|EMLoLREgCUP5Cu4HqIhcLqhiZHn+NsUDp8dAg1Xu0Io=", 19 :notes => nil, 20 :favorite => false, 21 :login => { 22 :uri => "2.T57BwAuV8ubIn/sZPbQC+A==|EhUSSpJWSzSYOdJ/AQzfXuUXxwzcs/6C4tOXqhWAqcM=|OWV2VIqLfoWPs9DiouXGUOtTEkVeklbtJQHkQFIXkC8=", 23 :username => "2.JbFkAEZPnuMm70cdP44wtA==|fsN6nbT+udGmOWv8K4otgw==|JbtwmNQa7/48KszT2hAdxpmJ6DRPZst0EDEZx5GzesI=", 24 :password => "2.e83hIsk6IRevSr/H1lvZhg==|48KNkSCoTacopXRmIZsbWg==|CIcWgNbaIN2ix2Fx1Gar6rWQeVeboehp4bioAwngr0o=", 25 :totp => nil 26 } 27 }, { 28 "HTTP_AUTHORIZATION" => "Bearer #{@access_token}", 29 } 30 @cipher_uuid = last_json_response["Id"] 31 @cipher = Cipher.find_by_uuid(@cipher_uuid) 32 end 33 34 35 it "does not allow access with bogus bearer token" do 36 post_json "/api/ciphers/#{@cipher_uuid}/attachment", { 37 data: "" 38 }, { 39 "HTTP_AUTHORIZATION" => "Bearer #{@access_token.upcase}", 40 } 41 42 last_response.status.wont_equal 200 43 end 44 45 it "allows creating, downloading and deleting an attachment" do 46 post "/api/ciphers/#{@cipher_uuid}/attachment", { 47 data: Rack::Test::UploadedFile.new(StringIO.new("dummy"), original_filename: "test") 48 }, { 49 "HTTP_AUTHORIZATION" => "Bearer #{@access_token}" 50 } 51 last_response.status.must_equal 200 52 attachment = last_json_response["Attachments"].first 53 54 # downloading 55 get attachment["Url"] 56 last_response.status.must_equal 200 57 58 # deleting 59 delete_json "/api/ciphers/#{@cipher_uuid}/attachment/#{attachment["Id"]}", {}, { 60 "HTTP_AUTHORIZATION" => "Bearer #{@access_token}", 61 } 62 63 last_response.status.must_equal 200 64 Cipher.find_by_uuid(@cipher_uuid).attachments.must_be_empty 65 Dir.glob("tmp/spec/data/attachments/#{@cipher_uuid}/*").must_be_empty 66 end 67 68 it "deletes attachments when cipher is deleted" do 69 post "/api/ciphers/#{@cipher_uuid}/attachment", { 70 data: Rack::Test::UploadedFile.new(StringIO.new("dummy"), original_filename: "test") 71 }, { 72 "HTTP_AUTHORIZATION" => "Bearer #{@access_token}" 73 } 74 last_response.status.must_equal 200 75 delete_json "/api/ciphers/#{@cipher_uuid}", {}, { 76 "HTTP_AUTHORIZATION" => "Bearer #{@access_token}", 77 } 78 79 Cipher.find_by_uuid(@cipher_uuid).must_be_nil 80 Attachment.where(cipher_uuid: @cipher_uuid).must_be_empty 81 end 82end