Adding test case for creation, updating validator.

This commit is contained in:
mike12345567 2024-11-01 17:53:26 +00:00
parent c2f7f4a75e
commit b3ee266023
4 changed files with 145 additions and 8 deletions

View File

@ -13,6 +13,9 @@ function fixView(view: ViewV2, params?: { viewId: string }) {
if (!view.version) { if (!view.version) {
view.version = 2 view.version = 2
} }
if (!view.query) {
view.query = {}
}
return view return view
} }

View File

@ -1,10 +1,19 @@
import { User, Table, SearchFilters, Row } from "@budibase/types" import {
User,
Table,
SearchFilters,
Row,
ViewV2Schema,
ViewV2,
ViewV2Type,
} from "@budibase/types"
import { HttpMethod, MakeRequestResponse, generateMakeRequest } from "./utils" import { HttpMethod, MakeRequestResponse, generateMakeRequest } from "./utils"
import TestConfiguration from "../../../../tests/utilities/TestConfiguration" import TestConfiguration from "../../../../tests/utilities/TestConfiguration"
import { Expectations } from "../../../../tests/utilities/api/base"
type RequestOpts = { internal?: boolean; appId?: string } type RequestOpts = { internal?: boolean; appId?: string }
type Response<T> = { data: T }
export interface PublicAPIExpectations { export interface PublicAPIExpectations {
status?: number status?: number
body?: Record<string, any> body?: Record<string, any>
@ -15,6 +24,7 @@ export class PublicAPIRequest {
private appId: string | undefined private appId: string | undefined
tables: PublicTableAPI tables: PublicTableAPI
views: PublicViewAPI
rows: PublicRowAPI rows: PublicRowAPI
apiKey: string apiKey: string
@ -28,6 +38,7 @@ export class PublicAPIRequest {
this.appId = appId this.appId = appId
this.tables = new PublicTableAPI(this) this.tables = new PublicTableAPI(this)
this.rows = new PublicRowAPI(this) this.rows = new PublicRowAPI(this)
this.views = new PublicViewAPI(this)
} }
static async init(config: TestConfiguration, user: User, opts?: RequestOpts) { static async init(config: TestConfiguration, user: User, opts?: RequestOpts) {
@ -73,7 +84,7 @@ export class PublicTableAPI {
async create( async create(
table: Table, table: Table,
expectations?: PublicAPIExpectations expectations?: PublicAPIExpectations
): Promise<{ data: Table }> { ): Promise<Response<Table>> {
return this.request.send("post", "/tables", table, expectations) return this.request.send("post", "/tables", table, expectations)
} }
} }
@ -89,7 +100,7 @@ export class PublicRowAPI {
tableId: string, tableId: string,
query: SearchFilters, query: SearchFilters,
expectations?: PublicAPIExpectations expectations?: PublicAPIExpectations
): Promise<{ data: Row[] }> { ): Promise<Response<Row[]>> {
return this.request.send( return this.request.send(
"post", "post",
`/tables/${tableId}/rows/search`, `/tables/${tableId}/rows/search`,
@ -99,4 +110,67 @@ export class PublicRowAPI {
expectations expectations
) )
} }
async viewSearch(
viewId: string,
query: SearchFilters,
expectations?: PublicAPIExpectations
): Promise<Response<Row[]>> {
return this.request.send(
"post",
`/views/${viewId}/rows/search`,
{
query,
},
expectations
)
}
}
export class PublicViewAPI {
request: PublicAPIRequest
constructor(request: PublicAPIRequest) {
this.request = request
}
async create(
view: Omit<ViewV2, "id" | "version">,
expectations?: PublicAPIExpectations
): Promise<Response<ViewV2>> {
return this.request.send("post", "/views", view, expectations)
}
async update(
viewId: string,
view: Omit<ViewV2, "id" | "version">,
expectations?: PublicAPIExpectations
): Promise<Response<ViewV2>> {
return this.request.send("put", `/views/${viewId}`, view, expectations)
}
async destroy(
viewId: string,
expectations?: PublicAPIExpectations
): Promise<void> {
return this.request.send(
"delete",
`/views/${viewId}`,
undefined,
expectations
)
}
async find(
viewId: string,
expectations?: PublicAPIExpectations
): Promise<Response<ViewV2>> {
return this.request.send("get", `/views/${viewId}`, undefined, expectations)
}
async fetch(
expectations?: PublicAPIExpectations
): Promise<Response<ViewV2[]>> {
return this.request.send("get", "/views", undefined, expectations)
}
} }

View File

@ -0,0 +1,32 @@
import * as setup from "../../tests/utilities"
import { basicTable } from "../../../../tests/utilities/structures"
import { Table } from "@budibase/types"
import { PublicAPIRequest } from "./Request"
describe("check public API security", () => {
const config = setup.getConfig()
let request: PublicAPIRequest, table: Table
beforeAll(async () => {
await config.init()
request = await PublicAPIRequest.init(config, await config.globalUser())
table = (await request.tables.create(basicTable())).data
})
it("should be able to create a view", async () => {
await request.views.create(
{
name: "view",
tableId: table._id!,
query: {},
schema: {
name: {
readonly: true,
visible: true,
},
},
},
{ status: 201 }
)
})
})

View File

@ -9,6 +9,9 @@ import {
Table, Table,
WebhookActionType, WebhookActionType,
BuiltinPermissionID, BuiltinPermissionID,
ViewV2Type,
SortOrder,
SortType,
} from "@budibase/types" } from "@budibase/types"
import Joi, { CustomValidator } from "joi" import Joi, { CustomValidator } from "joi"
import { ValidSnippetNameRegex, helpers } from "@budibase/shared-core" import { ValidSnippetNameRegex, helpers } from "@budibase/shared-core"
@ -67,7 +70,26 @@ export function tableValidator() {
} }
export function viewValidator() { export function viewValidator() {
return auth.joiValidator.body(Joi.object()) return auth.joiValidator.body(
Joi.object({
id: OPTIONAL_STRING,
tableId: Joi.string().required(),
name: Joi.string().required(),
type: Joi.string().optional().valid(null, ViewV2Type.CALCULATION),
primaryDisplay: OPTIONAL_STRING,
schema: Joi.object().required(),
query: searchFiltersValidator().optional(),
sort: Joi.object({
field: Joi.string().required(),
order: Joi.string()
.optional()
.valid(...Object.values(SortOrder)),
type: Joi.string()
.optional()
.valid(...Object.values(SortType)),
}).optional(),
})
)
} }
export function nameValidator() { export function nameValidator() {
@ -95,8 +117,7 @@ export function datasourceValidator() {
) )
} }
function filterObject(opts?: { unknown: boolean }) { function searchFiltersValidator() {
const { unknown = true } = opts || {}
const conditionalFilteringObject = () => const conditionalFilteringObject = () =>
Joi.object({ Joi.object({
conditions: Joi.array().items(Joi.link("#schema")).required(), conditions: Joi.array().items(Joi.link("#schema")).required(),
@ -123,7 +144,14 @@ function filterObject(opts?: { unknown: boolean }) {
fuzzyOr: Joi.forbidden(), fuzzyOr: Joi.forbidden(),
documentType: Joi.forbidden(), documentType: Joi.forbidden(),
} }
return Joi.object(filtersValidators).unknown(unknown).id("schema")
return Joi.object(filtersValidators)
}
function filterObject(opts?: { unknown: boolean }) {
const { unknown = true } = opts || {}
return searchFiltersValidator().unknown(unknown).id("schema")
} }
export function internalSearchValidator() { export function internalSearchValidator() {