Adding test case for creation, updating validator.
This commit is contained in:
mike12345567
parent
c2f7f4a75e
commit
b3ee266023
|
|
@ -13,6 +13,9 @@ function fixView(view: ViewV2, params?: { viewId: string }) {
|
|||
if (!view.version) {
|
||||
view.version = 2
|
||||
}
|
||||
if (!view.query) {
|
||||
view.query = {}
|
||||
}
|
||||
return view
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,10 +1,19 @@
|
|||
import { User, Table, SearchFilters, Row } from "@budibase/types"
|
||||
import {
|
||||
User,
|
||||
Table,
|
||||
SearchFilters,
|
||||
Row,
|
||||
ViewV2Schema,
|
||||
ViewV2,
|
||||
ViewV2Type,
|
||||
} from "@budibase/types"
|
||||
import { HttpMethod, MakeRequestResponse, generateMakeRequest } from "./utils"
|
||||
import TestConfiguration from "../../../../tests/utilities/TestConfiguration"
|
||||
import { Expectations } from "../../../../tests/utilities/api/base"
|
||||
|
||||
type RequestOpts = { internal?: boolean; appId?: string }
|
||||
|
||||
type Response<T> = { data: T }
|
||||
|
||||
export interface PublicAPIExpectations {
|
||||
status?: number
|
||||
body?: Record<string, any>
|
||||
|
|
@ -15,6 +24,7 @@ export class PublicAPIRequest {
|
|||
private appId: string | undefined
|
||||
|
||||
tables: PublicTableAPI
|
||||
views: PublicViewAPI
|
||||
rows: PublicRowAPI
|
||||
apiKey: string
|
||||
|
||||
|
|
@ -28,6 +38,7 @@ export class PublicAPIRequest {
|
|||
this.appId = appId
|
||||
this.tables = new PublicTableAPI(this)
|
||||
this.rows = new PublicRowAPI(this)
|
||||
this.views = new PublicViewAPI(this)
|
||||
}
|
||||
|
||||
static async init(config: TestConfiguration, user: User, opts?: RequestOpts) {
|
||||
|
|
@ -73,7 +84,7 @@ export class PublicTableAPI {
|
|||
async create(
|
||||
table: Table,
|
||||
expectations?: PublicAPIExpectations
|
||||
): Promise<{ data: Table }> {
|
||||
): Promise<Response<Table>> {
|
||||
return this.request.send("post", "/tables", table, expectations)
|
||||
}
|
||||
}
|
||||
|
|
@ -89,7 +100,7 @@ export class PublicRowAPI {
|
|||
tableId: string,
|
||||
query: SearchFilters,
|
||||
expectations?: PublicAPIExpectations
|
||||
): Promise<{ data: Row[] }> {
|
||||
): Promise<Response<Row[]>> {
|
||||
return this.request.send(
|
||||
"post",
|
||||
`/tables/${tableId}/rows/search`,
|
||||
|
|
@ -99,4 +110,67 @@ export class PublicRowAPI {
|
|||
expectations
|
||||
)
|
||||
}
|
||||
|
||||
async viewSearch(
|
||||
viewId: string,
|
||||
query: SearchFilters,
|
||||
expectations?: PublicAPIExpectations
|
||||
): Promise<Response<Row[]>> {
|
||||
return this.request.send(
|
||||
"post",
|
||||
`/views/${viewId}/rows/search`,
|
||||
{
|
||||
query,
|
||||
},
|
||||
expectations
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
export class PublicViewAPI {
|
||||
request: PublicAPIRequest
|
||||
|
||||
constructor(request: PublicAPIRequest) {
|
||||
this.request = request
|
||||
}
|
||||
|
||||
async create(
|
||||
view: Omit<ViewV2, "id" | "version">,
|
||||
expectations?: PublicAPIExpectations
|
||||
): Promise<Response<ViewV2>> {
|
||||
return this.request.send("post", "/views", view, expectations)
|
||||
}
|
||||
|
||||
async update(
|
||||
viewId: string,
|
||||
view: Omit<ViewV2, "id" | "version">,
|
||||
expectations?: PublicAPIExpectations
|
||||
): Promise<Response<ViewV2>> {
|
||||
return this.request.send("put", `/views/${viewId}`, view, expectations)
|
||||
}
|
||||
|
||||
async destroy(
|
||||
viewId: string,
|
||||
expectations?: PublicAPIExpectations
|
||||
): Promise<void> {
|
||||
return this.request.send(
|
||||
"delete",
|
||||
`/views/${viewId}`,
|
||||
undefined,
|
||||
expectations
|
||||
)
|
||||
}
|
||||
|
||||
async find(
|
||||
viewId: string,
|
||||
expectations?: PublicAPIExpectations
|
||||
): Promise<Response<ViewV2>> {
|
||||
return this.request.send("get", `/views/${viewId}`, undefined, expectations)
|
||||
}
|
||||
|
||||
async fetch(
|
||||
expectations?: PublicAPIExpectations
|
||||
): Promise<Response<ViewV2[]>> {
|
||||
return this.request.send("get", "/views", undefined, expectations)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,32 @@
|
|||
import * as setup from "../../tests/utilities"
|
||||
import { basicTable } from "../../../../tests/utilities/structures"
|
||||
import { Table } from "@budibase/types"
|
||||
import { PublicAPIRequest } from "./Request"
|
||||
|
||||
describe("check public API security", () => {
|
||||
const config = setup.getConfig()
|
||||
let request: PublicAPIRequest, table: Table
|
||||
|
||||
beforeAll(async () => {
|
||||
await config.init()
|
||||
request = await PublicAPIRequest.init(config, await config.globalUser())
|
||||
table = (await request.tables.create(basicTable())).data
|
||||
})
|
||||
|
||||
it("should be able to create a view", async () => {
|
||||
await request.views.create(
|
||||
{
|
||||
name: "view",
|
||||
tableId: table._id!,
|
||||
query: {},
|
||||
schema: {
|
||||
name: {
|
||||
readonly: true,
|
||||
visible: true,
|
||||
},
|
||||
},
|
||||
},
|
||||
{ status: 201 }
|
||||
)
|
||||
})
|
||||
})
|
||||
|
|
@ -9,6 +9,9 @@ import {
|
|||
Table,
|
||||
WebhookActionType,
|
||||
BuiltinPermissionID,
|
||||
ViewV2Type,
|
||||
SortOrder,
|
||||
SortType,
|
||||
} from "@budibase/types"
|
||||
import Joi, { CustomValidator } from "joi"
|
||||
import { ValidSnippetNameRegex, helpers } from "@budibase/shared-core"
|
||||
|
|
@ -67,7 +70,26 @@ export function tableValidator() {
|
|||
}
|
||||
|
||||
export function viewValidator() {
|
||||
return auth.joiValidator.body(Joi.object())
|
||||
return auth.joiValidator.body(
|
||||
Joi.object({
|
||||
id: OPTIONAL_STRING,
|
||||
tableId: Joi.string().required(),
|
||||
name: Joi.string().required(),
|
||||
type: Joi.string().optional().valid(null, ViewV2Type.CALCULATION),
|
||||
primaryDisplay: OPTIONAL_STRING,
|
||||
schema: Joi.object().required(),
|
||||
query: searchFiltersValidator().optional(),
|
||||
sort: Joi.object({
|
||||
field: Joi.string().required(),
|
||||
order: Joi.string()
|
||||
.optional()
|
||||
.valid(...Object.values(SortOrder)),
|
||||
type: Joi.string()
|
||||
.optional()
|
||||
.valid(...Object.values(SortType)),
|
||||
}).optional(),
|
||||
})
|
||||
)
|
||||
}
|
||||
|
||||
export function nameValidator() {
|
||||
|
|
@ -95,8 +117,7 @@ export function datasourceValidator() {
|
|||
)
|
||||
}
|
||||
|
||||
function filterObject(opts?: { unknown: boolean }) {
|
||||
const { unknown = true } = opts || {}
|
||||
function searchFiltersValidator() {
|
||||
const conditionalFilteringObject = () =>
|
||||
Joi.object({
|
||||
conditions: Joi.array().items(Joi.link("#schema")).required(),
|
||||
|
|
@ -123,7 +144,14 @@ function filterObject(opts?: { unknown: boolean }) {
|
|||
fuzzyOr: Joi.forbidden(),
|
||||
documentType: Joi.forbidden(),
|
||||
}
|
||||
return Joi.object(filtersValidators).unknown(unknown).id("schema")
|
||||
|
||||
return Joi.object(filtersValidators)
|
||||
}
|
||||
|
||||
function filterObject(opts?: { unknown: boolean }) {
|
||||
const { unknown = true } = opts || {}
|
||||
|
||||
return searchFiltersValidator().unknown(unknown).id("schema")
|
||||
}
|
||||
|
||||
export function internalSearchValidator() {
|
||||
|
|
|
|||
Loading…
Reference in New Issue