jcs.org / rubywarden
An unofficial, mostly Bitwarden-compatible API server written in Ruby (Sinatra and ActiveRecord)
fork atom
rubywarden / spec / folder_spec.rb
at master 127 lines 3.4 kB view raw
Johannes move request helpers to module and include in spec_helper add inital stab at "factory" for creating and logging in users
8208d89c
1require_relative "spec_helper.rb" 2 3@access_token = nil 4 5describe "folder module" do 6 before do 7 User.all.delete_all 8 9 Rubywarden::Test::Factory.create_user 10 @access_token = Rubywarden::Test::Factory.login_user 11 end 12 13 it "should not allow access with bogus bearer token" do 14 post_json "/api/folders", { 15 :name => "2.d7MttWzJTSSKx1qXjHUxlQ==|01Ath5UqFZHk7csk5DVtkQ==|EMLoLREgCUP5Cu4HqIhcLqhiZHn+NsUDp8dAg1Xu0Io=", 16 }, { 17 "HTTP_AUTHORIZATION" => "Bearer #{@access_token.upcase}", 18 } 19 20 last_response.status.wont_equal 200 21 end 22 23 it "should allow creating, updating, and deleting folders" do 24 post_json "/api/folders", { 25 :name => "2.d7MttWzJTSSKx1qXjHUxlQ==|01Ath5UqFZHk7csk5DVtkQ==|EMLoLREgCUP5Cu4HqIhcLqhiZHn+NsUDp8dAg1Xu0Io=", 26 }, { 27 "HTTP_AUTHORIZATION" => "Bearer #{@access_token}", 28 } 29 30 last_response.status.must_equal 200 31 uuid = last_json_response["Id"] 32 uuid.to_s.wont_equal "" 33 34 f = Folder.find_by_uuid(uuid) 35 f.wont_be_nil 36 f.uuid.must_equal uuid 37 f.name.must_equal "2.d7MttWzJTSSKx1qXjHUxlQ==|01Ath5UqFZHk7csk5DVtkQ==|EMLoLREgCUP5Cu4HqIhcLqhiZHn+NsUDp8dAg1Xu0Io=" 38 39 # update 40 41 ik = Bitwarden.makeKey("asdf", "api@example.com", 42 User::DEFAULT_KDF_TYPE, 43 Bitwarden::KDF::DEFAULT_ITERATIONS[User::DEFAULT_KDF_TYPE]) 44 new_name = Bitwarden.encrypt("some new name", ik).to_s 45 46 put_json "/api/folders/#{uuid}", { 47 :name => new_name, 48 }, { 49 "HTTP_AUTHORIZATION" => "Bearer #{@access_token}", 50 } 51 52 last_response.status.must_equal 200 53 last_json_response["Id"].to_s.wont_equal "" 54 55 f = Folder.find_by_uuid(uuid) 56 f.name.must_equal new_name 57 58 # delete 59 60 delete_json "/api/folders/#{uuid}", {}, { 61 "HTTP_AUTHORIZATION" => "Bearer #{@access_token}", 62 } 63 last_response.status.must_equal 200 64 65 Folder.find_by_uuid(uuid).must_be_nil 66 end 67 68 it "should not allow creating, updating, or deleting bogus ciphers" do 69 post_json "/api/folders", { 70 :name => "junk", 71 }, { 72 "HTTP_AUTHORIZATION" => "Bearer #{@access_token}", 73 } 74 75 last_response.status.wont_equal 200 76 77 # create, then bogus update 78 79 post_json "/api/folders", { 80 :name => "2.d7MttWzJTSSKx1qXjHUxlQ==|01Ath5UqFZHk7csk5DVtkQ==|EMLoLREgCUP5Cu4HqIhcLqhiZHn+NsUDp8dAg1Xu0Io=", 81 }, { 82 "HTTP_AUTHORIZATION" => "Bearer #{@access_token}", 83 } 84 85 last_response.status.must_equal 200 86 uuid = last_json_response["Id"] 87 88 put_json "/api/folders/#{uuid}", { 89 :name => "bogus", 90 }, { 91 "HTTP_AUTHORIZATION" => "Bearer #{@access_token}", 92 } 93 94 last_response.status.wont_equal 200 95 96 # bogus delete 97 98 delete_json "/api/folders/something-bogus", {}, { 99 "HTTP_AUTHORIZATION" => "Bearer #{@access_token}", 100 } 101 last_response.status.wont_equal 200 102 end 103 104 it "should show up in sync" do 105 n = "2.d7MttWzJTSSKx1qXjHUxlQ==|01Ath5UqFZHk7csk5DVtkQ==|EMLoLREgCUP5Cu4HqIhcLqhiZHn+NsUDp8dAg1Xu0Io=" 106 107 post_json "/api/folders", { 108 :name => n, 109 }, { 110 "HTTP_AUTHORIZATION" => "Bearer #{@access_token}", 111 } 112 113 last_response.status.must_equal 200 114 uuid = last_json_response["Id"] 115 116 get "/api/sync", {}, { 117 "HTTP_AUTHORIZATION" => "Bearer #{@access_token}", 118 } 119 last_response.status.must_equal 200 120 121 js = last_json_response 122 f = js["Folders"].select{|tf| tf["Id"] == uuid }.first 123 f.wont_be_nil 124 125 f["Name"].must_equal n 126 end 127end