Merge pull request #1656 from automatisch/api-controller-tests

test: Cover not found responses for API endpoint tests
2024-02-26 13:36:48 +01:00
parent 60b20c4d01 d74b215169
commit 04e06db430
7 changed files with 143 additions and 7 deletions
--- a/packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.test.js
+++ b/packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.test.js
@@ -1,5 +1,6 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
+import Crypto from 'crypto';
 import app from '../../../../../app.js';
 import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
 import { createUser } from '../../../../../../test/factories/user.js';
@@ -31,5 +32,21 @@ describe('GET /api/v1/admin/app-auth-clients/:appAuthClientId', () => {
      const expectedPayload = getAdminAppAuthClientMock(currentAppAuthClient);
      expect(response.body).toEqual(expectedPayload);
    });
+
+    it('should return not found response for not existing app auth client UUID', async () => {
+      const notExistingAppAuthClientUUID = Crypto.randomUUID();
+
+      await request(app)
+        .get(`/api/v1/admin/app-auth-clients/${notExistingAppAuthClientUUID}`)
+        .set('Authorization', token)
+        .expect(404);
+    });
+
+    it('should return bad request response for invalid UUID', async () => {
+      await request(app)
+        .get('/api/v1/admin/app-auth-clients/invalidAppAuthClientUUID')
+        .set('Authorization', token)
+        .expect(400);
+    });
  });
 });
--- a/packages/backend/src/controllers/api/v1/admin/roles/get-role.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/admin/roles/get-role.ee.test.js
@@ -1,5 +1,6 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
+import Crypto from 'crypto';
 import app from '../../../../../app.js';
 import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
 import { createRole } from '../../../../../../test/factories/role.js';
@@ -20,7 +21,7 @@ describe('GET /api/v1/admin/roles/:roleId', () => {
    token = createAuthTokenByUserId(currentUser.id);
  });

-  it('should return roles', async () => {
+  it('should return role', async () => {
    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);

    const response = await request(app)
@@ -35,4 +36,24 @@ describe('GET /api/v1/admin/roles/:roleId', () => {

    expect(response.body).toEqual(expectedPayload);
  });
+
+  it('should return not found response for not existing role UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const notExistingRoleUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/admin/roles/${notExistingRoleUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    await request(app)
+      .get('/api/v1/admin/roles/invalidRoleUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
 });
--- a/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.test.js
@@ -1,5 +1,6 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
+import Crypto from 'crypto';
 import app from '../../../../../app.js';
 import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
 import { createRole } from '../../../../../../test/factories/role.js';
@@ -31,4 +32,26 @@ describe('GET /api/v1/admin/saml-auth-provider/:samlAuthProviderId', () => {

    expect(response.body).toEqual(expectedPayload);
  });
+
+  it('should return not found response for not existing saml auth provider UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const notExistingSamlAuthProviderUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(
+        `/api/v1/admin/saml-auth-providers/${notExistingSamlAuthProviderUUID}`
+      )
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    await request(app)
+      .get('/api/v1/admin/saml-auth-providers/invalidSamlAuthProviderUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
 });
--- a/packages/backend/src/controllers/api/v1/admin/users/get-user.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/admin/users/get-user.ee.test.js
@@ -1,5 +1,6 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
+import Crypto from 'crypto';
 import app from '../../../../../app.js';
 import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id';
 import { createUser } from '../../../../../../test/factories/user';
@@ -31,4 +32,24 @@ describe('GET /api/v1/admin/users/:userId', () => {
    const expectedPayload = getUserMock(anotherUser, anotherUserRole);
    expect(response.body).toEqual(expectedPayload);
  });
+
+  it('should return not found response for not existing user UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const notExistingUserUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/admin/users/${notExistingUserUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    await request(app)
+      .get('/api/v1/admin/users/invalidUserUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
 });
--- a/packages/backend/src/controllers/api/v1/app-auth-clients/get-app-auth-client.test.js
+++ b/packages/backend/src/controllers/api/v1/app-auth-clients/get-app-auth-client.test.js
@@ -1,5 +1,6 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
+import Crypto from 'crypto';
 import app from '../../../../app.js';
 import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
 import { createUser } from '../../../../../test/factories/user.js';
@@ -28,4 +29,20 @@ describe('GET /api/v1/app-auth-clients/:id', () => {
    const expectedPayload = getAppAuthClientMock(currentAppAuthClient);
    expect(response.body).toEqual(expectedPayload);
  });
+
+  it('should return not found response for not existing app auth client ID', async () => {
+    const notExistingAppAuthClientUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/app-auth-clients/${notExistingAppAuthClientUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await request(app)
+      .get('/api/v1/app-auth-clients/invalidAppAuthClientUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
 });
--- a/packages/backend/src/controllers/api/v1/flows/get-flow.test.js
+++ b/packages/backend/src/controllers/api/v1/flows/get-flow.test.js
@@ -1,5 +1,6 @@
 import { describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
+import Crypto from 'crypto';
 import app from '../../../../app.js';
 import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
 import { createUser } from '../../../../../test/factories/user';
@@ -68,4 +69,34 @@ describe('GET /api/v1/flows/:flowId', () => {

    expect(response.body).toEqual(expectedPayload);
  });
+
+  it('should return not found response for not existing flow UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const notExistingFlowUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/flows/${notExistingFlowUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await request(app)
+      .get('/api/v1/flows/invalidFlowUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
 });
--- a/packages/backend/src/helpers/error-handler.js
+++ b/packages/backend/src/helpers/error-handler.js
@@ -1,14 +1,20 @@
 import logger from './logger.js';
+import objection from 'objection';
+const { NotFoundError, DataError } = objection;

 // Do not remove `next` argument as the function signature will not fit for an error handler middleware
 // eslint-disable-next-line no-unused-vars
-const errorHandler = (err, req, res, next) => {
-  if (err.message === 'Not Found') {
-    res.status(404).end();
-  } else {
-    logger.error(err.message + '\n' + err.stack);
-    res.status(err.statusCode || 500).send(err.message);
+const errorHandler = (error, request, response, next) => {
+  if (error.message === 'Not Found' || error instanceof NotFoundError) {
+    response.status(404).end();
  }
+
+  if (error instanceof DataError) {
+    response.status(400).end();
+  }
+
+  logger.error(error.message + '\n' + error.stack);
+  response.status(error.statusCode || 500);
 };

 export default errorHandler;