tqt
/
Ghost-Admin
mirror of https://github.com/TryGhost/Ghost-Admin.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Ghost-Admin/tests/acceptance/authentication-test.js

235 lines
9.2 KiB
JavaScript
Raw Normal View History

convert ember imports to ember-cli-shim imports where possible (#95)
2016-06-30 12:21:47 +02:00
import $ from 'jquery';
💄🐷 sort-imports eslint rule (#712) no issue - adds `eslint-plugin-sort-imports-es6-autofix` dependency - implements ESLint's base `sort-imports` rule but has a distinction in that `import {foo} from 'bar';` is considered `multiple` rather than `single` - fixes ESLint's autofix behaviour so `eslint --fix` will actually fix the sort order - updates all unordered import rules by using `eslint --fix` With the increased number of `import` statements since Ember+ecosystem started moving towards es6 modules I've found it frustrating at times trying to search through randomly ordered import statements. Recently I've been sorting imports manually when I've added new code or touched old code so I thought I'd add an ESLint rule to codify it.
2017-05-29 20:50:03 +02:00
import OAuth2Authenticator from 'ghost-admin/authenticators/oauth2';
import destroyApp from '../helpers/destroy-app';
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
import startApp from '../helpers/start-app';
Update package.json details, rename module to `ghost-admin` no issue - updates `package.json` details to better reflect the separation from the `Ghost` package - update ember config and all import statements to reflect the new `ghost-admin` module name in `package.json`
2016-05-24 14:06:59 +02:00
import windowProxy from 'ghost-admin/utils/window-proxy';
💄🐷 sort-imports eslint rule (#712) no issue - adds `eslint-plugin-sort-imports-es6-autofix` dependency - implements ESLint's base `sort-imports` rule but has a distinction in that `import {foo} from 'bar';` is considered `multiple` rather than `single` - fixes ESLint's autofix behaviour so `eslint --fix` will actually fix the sort order - updates all unordered import rules by using `eslint --fix` With the increased number of `import` statements since Ember+ecosystem started moving towards es6 modules I've found it frustrating at times trying to search through randomly ordered import statements. Recently I've been sorting imports manually when I've added new code or touched old code so I thought I'd add an ESLint rule to codify it.
2017-05-29 20:50:03 +02:00
import {Response} from 'ember-cli-mirage';
import {afterEach, beforeEach, describe, it} from 'mocha';
import {authenticateSession, invalidateSession} from 'ghost-admin/tests/helpers/ember-simple-auth';
import {expect} from 'chai';
Switched from ember-cli-shims to new module imports (#779) no issue - add eslint-plugin-ember, configure no-old-shims rule - run `eslint --fix` on `app`, `lib`, `mirage`, and `tests` to move imports to the new module imports - further cleanup of Ember globals usage - remove event-dispatcher initializer now that `canDispatchToEventManager` is deprecated
2017-08-22 09:53:26 +02:00
import {run} from '@ember/runloop';
Fix 401 error when uploading images closes #6377 - restores ajax prefilter initializer that was removed in #6243 - adds regression test for standard `$.ajax` requests sending Authorization header This can be removed once we no longer have jquery plugins that make internal ajax calls that don't go through ember-ajax.
2016-01-25 12:11:29 +01:00
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
describe('Acceptance: Authentication', function () {
let application,
originalReplaceLocation;
beforeEach(function () {
application = startApp();
});
afterEach(function () {
deps: ember-cli@1.13.13
2015-11-30 18:21:39 +01:00
destroyApp(application);
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
});
🎨 remove usage of ghost's {{asset}} helper in index.html (#574) refs #8140 🎨 remove usage of ghost's {{asset}} helper in built index.html files requires https://github.com/TryGhost/Ghost/pull/8142 - switch to hash-location rather than history-location - remove usage of Ghost's `{{asset}}` helper in index.html - add `content-for` helpers to `asset-delivery` addon that switch asset urls in index.html to `.min` files in production - update the `asset-delivery` addon to copy the production `index.min.html` to `default-prod.hbs` so Ghost can serve production assets when in production mode - change template output path to `core/server/admin/views/` - enable asset fingerprinting - remove `ember-cli-sri` dependency - we weren't using it but now that ember is handling assets it was used automatically and could potentially create issues if users have proxy servers that attempt to compress or otherwise modify asset files ✨ redirect to setup if server says setup isn't finished refs https://github.com/TryGhost/Ghost/issues/8140 - now we're using hash-location the server no longer knows if we're hitting the /setup route so it's not able to redirect for us - extends the default ESA `UnauthenticatedRouteMixin` to add a check against the `/authentication/setup` API endpoint and redirects to `/#/setup/one` if setup isn't complete - this works for all routes because the default behaviour when hitting an authenticated route without the right credentials is to force a logout and redirect to `/#/signin` which utilises the `UnauthenticatedRouteMixin` deps: ember-cli-inject-live-reload@1.6.1
2017-03-14 17:04:46 +01:00
describe('setup redirect', function () {
beforeEach(function () {
Fix Ember deprecations and warnings (#895) no issue - `controller.content` will no longer be an alias to `controller.model` - split relationships and `attrs` in Post model, add missing transforms - fix unknown `error` field in payload warning when `/users/me` returns 404 during tests - fix unsafe style binding warnings
2017-10-13 11:39:49 +02:00
// ensure the /users/me route doesn't error
server.create('user');
🎨 remove usage of ghost's {{asset}} helper in index.html (#574) refs #8140 🎨 remove usage of ghost's {{asset}} helper in built index.html files requires https://github.com/TryGhost/Ghost/pull/8142 - switch to hash-location rather than history-location - remove usage of Ghost's `{{asset}}` helper in index.html - add `content-for` helpers to `asset-delivery` addon that switch asset urls in index.html to `.min` files in production - update the `asset-delivery` addon to copy the production `index.min.html` to `default-prod.hbs` so Ghost can serve production assets when in production mode - change template output path to `core/server/admin/views/` - enable asset fingerprinting - remove `ember-cli-sri` dependency - we weren't using it but now that ember is handling assets it was used automatically and could potentially create issues if users have proxy servers that attempt to compress or otherwise modify asset files ✨ redirect to setup if server says setup isn't finished refs https://github.com/TryGhost/Ghost/issues/8140 - now we're using hash-location the server no longer knows if we're hitting the /setup route so it's not able to redirect for us - extends the default ESA `UnauthenticatedRouteMixin` to add a check against the `/authentication/setup` API endpoint and redirects to `/#/setup/one` if setup isn't complete - this works for all routes because the default behaviour when hitting an authenticated route without the right credentials is to force a logout and redirect to `/#/signin` which utilises the `UnauthenticatedRouteMixin` deps: ember-cli-inject-live-reload@1.6.1
2017-03-14 17:04:46 +01:00
server.get('authentication/setup', function () {
return {setup: [{status: false}]};
});
});
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
it('redirects to setup when setup isn\'t complete', async function () {
await visit('settings/labs');
🎨 remove usage of ghost's {{asset}} helper in index.html (#574) refs #8140 🎨 remove usage of ghost's {{asset}} helper in built index.html files requires https://github.com/TryGhost/Ghost/pull/8142 - switch to hash-location rather than history-location - remove usage of Ghost's `{{asset}}` helper in index.html - add `content-for` helpers to `asset-delivery` addon that switch asset urls in index.html to `.min` files in production - update the `asset-delivery` addon to copy the production `index.min.html` to `default-prod.hbs` so Ghost can serve production assets when in production mode - change template output path to `core/server/admin/views/` - enable asset fingerprinting - remove `ember-cli-sri` dependency - we weren't using it but now that ember is handling assets it was used automatically and could potentially create issues if users have proxy servers that attempt to compress or otherwise modify asset files ✨ redirect to setup if server says setup isn't finished refs https://github.com/TryGhost/Ghost/issues/8140 - now we're using hash-location the server no longer knows if we're hitting the /setup route so it's not able to redirect for us - extends the default ESA `UnauthenticatedRouteMixin` to add a check against the `/authentication/setup` API endpoint and redirects to `/#/setup/one` if setup isn't complete - this works for all routes because the default behaviour when hitting an authenticated route without the right credentials is to force a logout and redirect to `/#/signin` which utilises the `UnauthenticatedRouteMixin` deps: ember-cli-inject-live-reload@1.6.1
2017-03-14 17:04:46 +01:00
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
expect(currentURL()).to.equal('/setup/one');
🎨 remove usage of ghost's {{asset}} helper in index.html (#574) refs #8140 🎨 remove usage of ghost's {{asset}} helper in built index.html files requires https://github.com/TryGhost/Ghost/pull/8142 - switch to hash-location rather than history-location - remove usage of Ghost's `{{asset}}` helper in index.html - add `content-for` helpers to `asset-delivery` addon that switch asset urls in index.html to `.min` files in production - update the `asset-delivery` addon to copy the production `index.min.html` to `default-prod.hbs` so Ghost can serve production assets when in production mode - change template output path to `core/server/admin/views/` - enable asset fingerprinting - remove `ember-cli-sri` dependency - we weren't using it but now that ember is handling assets it was used automatically and could potentially create issues if users have proxy servers that attempt to compress or otherwise modify asset files ✨ redirect to setup if server says setup isn't finished refs https://github.com/TryGhost/Ghost/issues/8140 - now we're using hash-location the server no longer knows if we're hitting the /setup route so it's not able to redirect for us - extends the default ESA `UnauthenticatedRouteMixin` to add a check against the `/authentication/setup` API endpoint and redirects to `/#/setup/one` if setup isn't complete - this works for all routes because the default behaviour when hitting an authenticated route without the right credentials is to force a logout and redirect to `/#/signin` which utilises the `UnauthenticatedRouteMixin` deps: ember-cli-inject-live-reload@1.6.1
2017-03-14 17:04:46 +01:00
});
});
refresh access token on app boot (#524) refs https://github.com/TryGhost/Ghost/issues/5202 - refresh the access token after a successful authenticated application boot so that the session lifetime is continually extended
2017-02-10 14:35:45 +01:00
describe('token handling', function () {
beforeEach(function () {
// replace the default test authenticator with our own authenticator
application.register('authenticator:test', OAuth2Authenticator);
let role = server.create('role', {name: 'Administrator'});
server.create('user', {roles: [role], slug: 'test-user'});
});
🐛 prevent session sync issues with multiple tabs/refreshes (#772) refs https://github.com/TryGhost/Ghost/issues/8616 - only refresh tokens on boot if we last refreshed more than 24hrs ago - this should prevent rapidly changing access/refresh tokens when opening new admin tabs or refreshing whilst other tabs are open - fix token refresh test which was testing it's own behaviour instead of the applications 🙈 This may not be the full solution to the session issues but it closes one potential culprit and should at least reduce token churn which can only help track down the real cause.
2017-07-10 12:18:19 +02:00
it('refreshes tokens on boot if last refreshed > 24hrs ago', async function () {
refresh access token on app boot (#524) refs https://github.com/TryGhost/Ghost/issues/5202 - refresh the access token after a successful authenticated application boot so that the session lifetime is continually extended
2017-02-10 14:35:45 +01:00
/* eslint-disable camelcase */
🐛 prevent session sync issues with multiple tabs/refreshes (#772) refs https://github.com/TryGhost/Ghost/issues/8616 - only refresh tokens on boot if we last refreshed more than 24hrs ago - this should prevent rapidly changing access/refresh tokens when opening new admin tabs or refreshing whilst other tabs are open - fix token refresh test which was testing it's own behaviour instead of the applications 🙈 This may not be the full solution to the session issues but it closes one potential culprit and should at least reduce token churn which can only help track down the real cause.
2017-07-10 12:18:19 +02:00
// the tokens here don't matter, we're using the actual oauth
// authenticator so we get the tokens back from the mirage endpoint
await authenticateSession(application, {
access_token: 'access_token',
refresh_token: 'refresh_token'
refresh access token on app boot (#524) refs https://github.com/TryGhost/Ghost/issues/5202 - refresh the access token after a successful authenticated application boot so that the session lifetime is continually extended
2017-02-10 14:35:45 +01:00
});
🐛 prevent session sync issues with multiple tabs/refreshes (#772) refs https://github.com/TryGhost/Ghost/issues/8616 - only refresh tokens on boot if we last refreshed more than 24hrs ago - this should prevent rapidly changing access/refresh tokens when opening new admin tabs or refreshing whilst other tabs are open - fix token refresh test which was testing it's own behaviour instead of the applications 🙈 This may not be the full solution to the session issues but it closes one potential culprit and should at least reduce token churn which can only help track down the real cause.
2017-07-10 12:18:19 +02:00
// authenticating the session above will trigger a token refresh
// request so we need to clear it to ensure we aren't testing the
// test behaviour instead of application behaviour
server.pretender.handledRequests = [];
// fake a longer session so it appears that we last refreshed > 24hrs ago
let {__container__: container} = application;
let {session} = container.lookup('service:session');
let newSession = session.get('content');
newSession.authenticated.expires_in = 172800 * 2;
session.get('store').persist(newSession);
refresh access token on app boot (#524) refs https://github.com/TryGhost/Ghost/issues/5202 - refresh the access token after a successful authenticated application boot so that the session lifetime is continually extended
2017-02-10 14:35:45 +01:00
/* eslint-enable camelcase */
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
await visit('/');
refresh access token on app boot (#524) refs https://github.com/TryGhost/Ghost/issues/5202 - refresh the access token after a successful authenticated application boot so that the session lifetime is continually extended
2017-02-10 14:35:45 +01:00
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
let requests = server.pretender.handledRequests;
let refreshRequest = requests.findBy('url', '/ghost/api/v0.1/authentication/token');
refresh access token on app boot (#524) refs https://github.com/TryGhost/Ghost/issues/5202 - refresh the access token after a successful authenticated application boot so that the session lifetime is continually extended
2017-02-10 14:35:45 +01:00
🐛 prevent session sync issues with multiple tabs/refreshes (#772) refs https://github.com/TryGhost/Ghost/issues/8616 - only refresh tokens on boot if we last refreshed more than 24hrs ago - this should prevent rapidly changing access/refresh tokens when opening new admin tabs or refreshing whilst other tabs are open - fix token refresh test which was testing it's own behaviour instead of the applications 🙈 This may not be the full solution to the session issues but it closes one potential culprit and should at least reduce token churn which can only help track down the real cause.
2017-07-10 12:18:19 +02:00
expect(refreshRequest, 'token refresh request').to.exist;
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
expect(refreshRequest.method, 'method').to.equal('POST');
refresh access token on app boot (#524) refs https://github.com/TryGhost/Ghost/issues/5202 - refresh the access token after a successful authenticated application boot so that the session lifetime is continually extended
2017-02-10 14:35:45 +01:00
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
let requestBody = $.deparam(refreshRequest.requestBody);
🐛 prevent session sync issues with multiple tabs/refreshes (#772) refs https://github.com/TryGhost/Ghost/issues/8616 - only refresh tokens on boot if we last refreshed more than 24hrs ago - this should prevent rapidly changing access/refresh tokens when opening new admin tabs or refreshing whilst other tabs are open - fix token refresh test which was testing it's own behaviour instead of the applications 🙈 This may not be the full solution to the session issues but it closes one potential culprit and should at least reduce token churn which can only help track down the real cause.
2017-07-10 12:18:19 +02:00
expect(requestBody.grant_type, 'grant_type').to.equal('refresh_token');
expect(requestBody.refresh_token, 'refresh_token').to.equal('MirageRefreshToken');
});
it('doesn\'t refresh tokens on boot if last refreshed < 24hrs ago', async function () {
/* eslint-disable camelcase */
// the tokens here don't matter, we're using the actual oauth
// authenticator so we get the tokens back from the mirage endpoint
await authenticateSession(application, {
access_token: 'access_token',
refresh_token: 'refresh_token'
});
/* eslint-enable camelcase */
// authenticating the session above will trigger a token refresh
// request so we need to clear it to ensure we aren't testing the
// test behaviour instead of application behaviour
server.pretender.handledRequests = [];
// we've only just refreshed tokens above so we should always be < 24hrs
await visit('/');
let requests = server.pretender.handledRequests;
let refreshRequest = requests.findBy('url', '/ghost/api/v0.1/authentication/token');
expect(refreshRequest, 'refresh request').to.not.exist;
refresh access token on app boot (#524) refs https://github.com/TryGhost/Ghost/issues/5202 - refresh the access token after a successful authenticated application boot so that the session lifetime is continually extended
2017-02-10 14:35:45 +01:00
});
});
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
describe('general page', function () {
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
let newLocation;
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
beforeEach(function () {
originalReplaceLocation = windowProxy.replaceLocation;
windowProxy.replaceLocation = function (url) {
New content screen prototype (#503) refs https://github.com/TryGhost/Ghost/issues/7860 - remove preview pane from content screen - add basic post status filters - replace custom infinite scroll with ember-infinity and increase trigger threshold for improved scroll behaviour Commits: * basic content list + filter using existing infinite scroll and pagination * swap our custom pagination + infinite loader for `ember-infinity` * minor cleanups * reset scroll position when changing filter * fix tests * remove client-side sorting step as we no longer have a live collection * remove unused `mobile-index-route` * add acceptance tests for content screen filters
2017-01-25 21:05:28 +01:00
url = url.replace(/^\/ghost\//, '/');
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
newLocation = url;
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
};
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
newLocation = undefined;
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 12:36:45 +01:00
let role = server.create('role', {name: 'Administrator'});
Update code to match eslint rules no issue - switch `jscs` and `jshint` inline config to `eslint` config - fix eslint errors, predominantly in tests where the config now the main app config more closely
2016-11-14 14:16:51 +01:00
server.create('user', {roles: [role], slug: 'test-user'});
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
});
afterEach(function () {
windowProxy.replaceLocation = originalReplaceLocation;
});
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
it('invalidates session on 401 API response', async function () {
don't show the nav menu when on a 404 route and not signed in no issue - fixes problem when the nav menu would be shown on an error404 route when the user is not logged in - adds failing test that passes with this change
2016-05-14 03:02:55 +02:00
// return a 401 when attempting to retrieve users
Switch to eslint-plugin-ghost extending plugin:ghost/ember no issue - fix lint errors in lib/gh-koenig - fix ghost:base eslint errors - update ember plugin refs, remove ember-suave plugin refs - remove old jshint refs - add `lint:js` script - switch to `eslint-plugin-ghost` extending `plugin:ghost/ember`
2018-01-05 16:38:23 +01:00
server.get('/users/', () => new Response(401, {}, {
errors: [
{message: 'Access denied.', errorType: 'UnauthorizedError'}
]
}));
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
await authenticateSession(application);
await visit('/team');
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
// running `visit(url)` inside windowProxy.replaceLocation breaks
// the async behaviour so we need to run `visit` here to simulate
// the browser visiting the new page
if (newLocation) {
await visit(newLocation);
}
🎨 remove usage of ghost's {{asset}} helper in index.html (#574) refs #8140 🎨 remove usage of ghost's {{asset}} helper in built index.html files requires https://github.com/TryGhost/Ghost/pull/8142 - switch to hash-location rather than history-location - remove usage of Ghost's `{{asset}}` helper in index.html - add `content-for` helpers to `asset-delivery` addon that switch asset urls in index.html to `.min` files in production - update the `asset-delivery` addon to copy the production `index.min.html` to `default-prod.hbs` so Ghost can serve production assets when in production mode - change template output path to `core/server/admin/views/` - enable asset fingerprinting - remove `ember-cli-sri` dependency - we weren't using it but now that ember is handling assets it was used automatically and could potentially create issues if users have proxy servers that attempt to compress or otherwise modify asset files ✨ redirect to setup if server says setup isn't finished refs https://github.com/TryGhost/Ghost/issues/8140 - now we're using hash-location the server no longer knows if we're hitting the /setup route so it's not able to redirect for us - extends the default ESA `UnauthenticatedRouteMixin` to add a check against the `/authentication/setup` API endpoint and redirects to `/#/setup/one` if setup isn't complete - this works for all routes because the default behaviour when hitting an authenticated route without the right credentials is to force a logout and redirect to `/#/signin` which utilises the `UnauthenticatedRouteMixin` deps: ember-cli-inject-live-reload@1.6.1
2017-03-14 17:04:46 +01:00
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
expect(currentURL(), 'url after 401').to.equal('/signin');
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
});
don't show the nav menu when on a 404 route and not signed in no issue - fixes problem when the nav menu would be shown on an error404 route when the user is not logged in - adds failing test that passes with this change
2016-05-14 03:02:55 +02:00
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
it('doesn\'t show navigation menu on invalid url when not authenticated', async function () {
don't show the nav menu when on a 404 route and not signed in no issue - fixes problem when the nav menu would be shown on an error404 route when the user is not logged in - adds failing test that passes with this change
2016-05-14 03:02:55 +02:00
invalidateSession(application);
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
await visit('/');
don't show the nav menu when on a 404 route and not signed in no issue - fixes problem when the nav menu would be shown on an error404 route when the user is not logged in - adds failing test that passes with this change
2016-05-14 03:02:55 +02:00
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
expect(currentURL(), 'current url').to.equal('/signin');
expect(find('nav.gh-nav').length, 'nav menu presence').to.equal(0);
don't show the nav menu when on a 404 route and not signed in no issue - fixes problem when the nav menu would be shown on an error404 route when the user is not logged in - adds failing test that passes with this change
2016-05-14 03:02:55 +02:00
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
await visit('/signin/invalidurl/');
don't show the nav menu when on a 404 route and not signed in no issue - fixes problem when the nav menu would be shown on an error404 route when the user is not logged in - adds failing test that passes with this change
2016-05-14 03:02:55 +02:00
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
expect(currentURL(), 'url after invalid url').to.equal('/signin/invalidurl/');
expect(currentPath(), 'path after invalid url').to.equal('error404');
expect(find('nav.gh-nav').length, 'nav menu presence').to.equal(0);
don't show the nav menu when on a 404 route and not signed in no issue - fixes problem when the nav menu would be shown on an error404 route when the user is not logged in - adds failing test that passes with this change
2016-05-14 03:02:55 +02:00
});
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
it('shows nav menu on invalid url when authenticated', async function () {
await authenticateSession(application);
await visit('/signin/invalidurl/');
don't show the nav menu when on a 404 route and not signed in no issue - fixes problem when the nav menu would be shown on an error404 route when the user is not logged in - adds failing test that passes with this change
2016-05-14 03:02:55 +02:00
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
expect(currentURL(), 'url after invalid url').to.equal('/signin/invalidurl/');
expect(currentPath(), 'path after invalid url').to.equal('error404');
expect(find('nav.gh-nav').length, 'nav menu presence').to.equal(1);
don't show the nav menu when on a 404 route and not signed in no issue - fixes problem when the nav menu would be shown on an error404 route when the user is not logged in - adds failing test that passes with this change
2016-05-14 03:02:55 +02:00
});
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
});
Update acceptance tests to use new mirage api
2017-01-02 19:50:36 +01:00
// TODO: re-enable once modal reappears correctly
Mobile-Doc based editor (#291) refs TryGhost/Ghost#7429, requires TryGhost/Ghost#7437 Added Ghost-Editor (based on mobiled doc). ------------------- - Added mobiledoc editor - Fixed problems with workflow and auto saves - Integrated basic toolbar - Removed all editor related tests, everything bar the most basic acceptance tests will be in the ghost-editor repository. - Commented out tests which relied on Ember Helpers that are not compatable with mobile-doc, workarounds are inbound shortly. This is the first integration of ghost-editor. It's styled enough to work, however it is not anywhere approaching something that looks remotely like what the finished thing will be. Early ALPHA, development build. Tread cautiously.
2016-09-26 15:04:20 +02:00
describe.skip('editor', function () {
deps: grunt-jscs,ember-suave@3.0.0 replaces #41, #60 - update ember-suave and grunt-jscs to 3.0 - standardize Ember global de-structuring rules across app & tests
2016-06-11 18:52:36 +02:00
let origDebounce = run.debounce;
let origThrottle = run.throttle;
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
// we don't want the autosave interfering in this test
beforeEach(function () {
deps: grunt-jscs,ember-suave@3.0.0 replaces #41, #60 - update ember-suave and grunt-jscs to 3.0 - standardize Ember global de-structuring rules across app & tests
2016-06-11 18:52:36 +02:00
run.debounce = function () { };
run.throttle = function () { };
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
});
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
it('displays re-auth modal attempting to save with invalid session', async function () {
Use es6 across client and add ember-suave to enforce rules no issue - add ember-suave dependency - upgrade grunt-jscs dependency - add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc - separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc - standardize es6 usage across client
2015-10-28 12:36:45 +01:00
let role = server.create('role', {name: 'Administrator'});
Update code to match eslint rules no issue - switch `jscs` and `jshint` inline config to `eslint` config - fix eslint errors, predominantly in tests where the config now the main app config more closely
2016-11-14 14:16:51 +01:00
server.create('user', {roles: [role]});
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
// simulate an invalid session when saving the edited post
Update acceptance tests to use new mirage api
2017-01-02 19:50:36 +01:00
server.put('/posts/:id/', function ({posts}, {params}) {
let post = posts.find(params.id);
let attrs = this.normalizedRequestAttrs();
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
🔥 remove `markdown` attribute from Post model (#720) refs https://github.com/TryGhost/Ghost/issues/8479 - remove unused `ed-image-manager` util - remove `markdown` attribute from Post model
2017-05-30 15:36:42 +02:00
if (attrs.mobiledoc.cards[0][1].markdown === 'Edited post body') {
Update acceptance tests to use new mirage api
2017-01-02 19:50:36 +01:00
return new Response(401, {}, {
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
errors: [
{message: 'Access denied.', errorType: 'UnauthorizedError'}
]
});
} else {
Update acceptance tests to use new mirage api
2017-01-02 19:50:36 +01:00
return post.update(attrs);
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
}
});
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
await authenticateSession(application);
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
await visit('/editor');
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
// create the post
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
await fillIn('#entry-title', 'Test Post');
await fillIn('.__mobiledoc-editor', 'Test post body');
await click('.js-publish-button');
// we shouldn't have a modal at this point
expect(find('.modal-container #login').length, 'modal exists').to.equal(0);
// we also shouldn't have any alerts
expect(find('.gh-alert').length, 'no of alerts').to.equal(0);
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
// update the post
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
await fillIn('.__mobiledoc-editor', 'Edited post body');
await click('.js-publish-button');
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
💄 refactor acceptance tests to use async/await (#663) no issue - replaces `andThen(() => {}` blocks with usage of `async/await`
2017-04-24 14:29:48 +02:00
// we should see a re-auth modal
expect(find('.fullscreen-modal #login').length, 'modal exists').to.equal(1);
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
});
// don't clobber debounce/throttle for future tests
afterEach(function () {
deps: grunt-jscs,ember-suave@3.0.0 replaces #41, #60 - update ember-suave and grunt-jscs to 3.0 - standardize Ember global de-structuring rules across app & tests
2016-06-11 18:52:36 +02:00
run.debounce = origDebounce;
run.throttle = origThrottle;
Fix auth regressions after ESA 1.0 upgrade refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
2015-11-04 16:20:11 +01:00
});
});
});