|
4 | 4 | 'use strict'; |
5 | 5 |
|
6 | 6 | const request = require('../lib/request'); |
| 7 | +const Definitions = require('../src/Options/Definitions'); |
7 | 8 |
|
8 | 9 | const str = 'Hello World!'; |
9 | 10 | const data = []; |
@@ -861,161 +862,183 @@ describe('Parse.File testing', () => { |
861 | 862 | }); |
862 | 863 | }); |
863 | 864 |
|
864 | | - describe('disable file upload', () => { |
865 | | - it('can reject file upload with unspecified', async () => { |
| 865 | + describe('file upload configuration', () => { |
| 866 | + it('allows file upload only for authenticated user by default', async () => { |
866 | 867 | await reconfigureServer({ |
867 | | - fileUpload: {}, |
| 868 | + fileUpload: { |
| 869 | + enableForPublic: Definitions.FileUploadOptions.enableForPublic.default, |
| 870 | + enableForAnonymousUser: Definitions.FileUploadOptions.enableForAnonymousUser.default, |
| 871 | + enableForAuthenticatedUser: Definitions.FileUploadOptions.enableForAuthenticatedUser.default, |
| 872 | + } |
868 | 873 | }); |
869 | | - try { |
870 | | - const file = new Parse.File('hello.txt', data, 'text/plain'); |
871 | | - await file.save(); |
872 | | - fail('should not have been able to save file.'); |
873 | | - } catch (e) { |
874 | | - expect(e.code).toBe(130); |
875 | | - expect(e.message).toBe('File upload by public is not enabled.'); |
876 | | - } |
| 874 | + let file = new Parse.File('hello.txt', data, 'text/plain'); |
| 875 | + await expectAsync(file.save()).toBeRejectedWith( |
| 876 | + new Parse.Error(Parse.Error.FILE_SAVE_ERROR, 'File upload by public is disabled.') |
| 877 | + ); |
| 878 | + file = new Parse.File('hello.txt', data, 'text/plain'); |
| 879 | + const anonUser = await Parse.AnonymousUtils.logIn(); |
| 880 | + await expectAsync(file.save({ sessionToken: anonUser.getSessionToken() })).toBeRejectedWith( |
| 881 | + new Parse.Error(Parse.Error.FILE_SAVE_ERROR, 'File upload by anonymous user is disabled.') |
| 882 | + ); |
| 883 | + file = new Parse.File('hello.txt', data, 'text/plain'); |
| 884 | + const authUser = await Parse.User.signUp('user', 'password'); |
| 885 | + await expectAsync(file.save({ sessionToken: authUser.getSessionToken() })).toBeResolved(); |
877 | 886 | }); |
878 | 887 |
|
879 | | - it('disable all file upload', async () => { |
| 888 | + it('rejects all file uploads', async () => { |
880 | 889 | await reconfigureServer({ |
881 | 890 | fileUpload: { |
882 | 891 | enableForPublic: false, |
883 | 892 | enableForAnonymousUser: false, |
884 | 893 | enableForAuthenticatedUser: false, |
885 | 894 | }, |
886 | 895 | }); |
887 | | - try { |
888 | | - const file = new Parse.File('hello.txt', data, 'text/plain'); |
889 | | - await file.save(); |
890 | | - fail('should not have been able to save file.'); |
891 | | - } catch (e) { |
892 | | - expect(e.code).toBe(130); |
893 | | - expect(e.message).toBe('File upload by public is not enabled.'); |
894 | | - } |
895 | | - }); |
896 | | - |
897 | | - it('disable public file upload', async () => { |
898 | | - await reconfigureServer({ |
899 | | - fileUpload: { |
900 | | - enableForPublic: false, |
901 | | - }, |
902 | | - }); |
903 | | - try { |
904 | | - const file = new Parse.File('hello.txt', data, 'text/plain'); |
905 | | - await file.save(); |
906 | | - fail('should not have been able to save file.'); |
907 | | - } catch (e) { |
908 | | - expect(e.code).toBe(130); |
909 | | - expect(e.message).toBe('File upload by public is not enabled.'); |
910 | | - } |
| 896 | + let file = new Parse.File('hello.txt', data, 'text/plain'); |
| 897 | + await expectAsync(file.save()).toBeRejectedWith( |
| 898 | + new Parse.Error(Parse.Error.FILE_SAVE_ERROR, 'File upload by public is disabled.') |
| 899 | + ); |
| 900 | + file = new Parse.File('hello.txt', data, 'text/plain'); |
| 901 | + const anonUser = await Parse.AnonymousUtils.logIn(); |
| 902 | + await expectAsync(file.save({ sessionToken: anonUser.getSessionToken() })).toBeRejectedWith( |
| 903 | + new Parse.Error(Parse.Error.FILE_SAVE_ERROR, 'File upload by anonymous user is disabled.') |
| 904 | + ); |
| 905 | + file = new Parse.File('hello.txt', data, 'text/plain'); |
| 906 | + const authUser = await Parse.User.signUp('user', 'password'); |
| 907 | + await expectAsync(file.save({ sessionToken: authUser.getSessionToken() })).toBeRejectedWith( |
| 908 | + new Parse.Error(Parse.Error.FILE_SAVE_ERROR, 'File upload by authenticated user is disabled.') |
| 909 | + ); |
911 | 910 | }); |
912 | 911 |
|
913 | | - it('disable file upload for public but allow for user', async () => { |
| 912 | + it('allows all file uploads', async () => { |
914 | 913 | await reconfigureServer({ |
915 | 914 | fileUpload: { |
916 | | - enableForPublic: false, |
| 915 | + enableForPublic: true, |
| 916 | + enableForAnonymousUser: true, |
917 | 917 | enableForAuthenticatedUser: true, |
918 | 918 | }, |
919 | 919 | }); |
920 | | - try { |
921 | | - const user = await Parse.User.signUp('myUser', 'password'); |
922 | | - const file = new Parse.File('hello.txt', data, 'text/plain'); |
923 | | - await file.save({ sessionToken: user.getSessionToken() }); |
924 | | - } catch (e) { |
925 | | - fail('should have allowed file to save.'); |
926 | | - } |
| 920 | + let file = new Parse.File('hello.txt', data, 'text/plain'); |
| 921 | + await expectAsync(file.save()).toBeResolved(); |
| 922 | + file = new Parse.File('hello.txt', data, 'text/plain'); |
| 923 | + const anonUser = await Parse.AnonymousUtils.logIn(); |
| 924 | + await expectAsync(file.save({ sessionToken: anonUser.getSessionToken() })).toBeResolved(); |
| 925 | + file = new Parse.File('hello.txt', data, 'text/plain'); |
| 926 | + const authUser = await Parse.User.signUp('user', 'password'); |
| 927 | + await expectAsync(file.save({ sessionToken: authUser.getSessionToken() })).toBeResolved(); |
927 | 928 | }); |
928 | 929 |
|
929 | | - it('disable file upload for anonymous', async () => { |
| 930 | + it('allows file upload only for public', async () => { |
930 | 931 | await reconfigureServer({ |
931 | 932 | fileUpload: { |
| 933 | + enableForPublic: true, |
932 | 934 | enableForAnonymousUser: false, |
| 935 | + enableForAuthenticatedUser: false, |
933 | 936 | }, |
934 | 937 | }); |
935 | | - try { |
936 | | - const user = await Parse.AnonymousUtils.logIn(); |
937 | | - const file = new Parse.File('hello.txt', data, 'text/plain'); |
938 | | - await file.save({ sessionToken: user.getSessionToken() }); |
939 | | - fail('should not have been able to save file.'); |
940 | | - } catch (e) { |
941 | | - expect(e.code).toBe(130); |
942 | | - expect(e.message).toBe('File upload by anonymous user is not allowed.'); |
943 | | - } |
| 938 | + let file = new Parse.File('hello.txt', data, 'text/plain'); |
| 939 | + await expectAsync(file.save()).toBeResolved(); |
| 940 | + file = new Parse.File('hello.txt', data, 'text/plain'); |
| 941 | + const anonUser = await Parse.AnonymousUtils.logIn(); |
| 942 | + await expectAsync(file.save({ sessionToken: anonUser.getSessionToken() })).toBeRejectedWith( |
| 943 | + new Parse.Error(Parse.Error.FILE_SAVE_ERROR, 'File upload by anonymous user is disabled.') |
| 944 | + ); |
| 945 | + file = new Parse.File('hello.txt', data, 'text/plain'); |
| 946 | + const authUser = await Parse.User.signUp('user', 'password'); |
| 947 | + await expectAsync(file.save({ sessionToken: authUser.getSessionToken() })).toBeRejectedWith( |
| 948 | + new Parse.Error(Parse.Error.FILE_SAVE_ERROR, 'File upload by authenticated user is disabled.') |
| 949 | + ); |
944 | 950 | }); |
945 | 951 |
|
946 | | - it('enable file upload for anonymous', async () => { |
| 952 | + it('allows file upload only for anonymous user', async () => { |
947 | 953 | await reconfigureServer({ |
948 | 954 | fileUpload: { |
949 | 955 | enableForPublic: false, |
950 | 956 | enableForAnonymousUser: true, |
| 957 | + enableForAuthenticatedUser: false, |
951 | 958 | }, |
952 | 959 | }); |
953 | | - try { |
954 | | - const user = await Parse.AnonymousUtils.logIn(); |
955 | | - const file = new Parse.File('hello.txt', data, 'text/plain'); |
956 | | - await file.save({ sessionToken: user.getSessionToken() }); |
957 | | - } catch (e) { |
958 | | - fail('should have allowed file to save.'); |
959 | | - } |
| 960 | + let file = new Parse.File('hello.txt', data, 'text/plain'); |
| 961 | + await expectAsync(file.save()).toBeRejectedWith( |
| 962 | + new Parse.Error(Parse.Error.FILE_SAVE_ERROR, 'File upload by public is disabled.') |
| 963 | + ); |
| 964 | + file = new Parse.File('hello.txt', data, 'text/plain'); |
| 965 | + const anonUser = await Parse.AnonymousUtils.logIn(); |
| 966 | + await expectAsync(file.save({ sessionToken: anonUser.getSessionToken() })).toBeResolved(); |
| 967 | + file = new Parse.File('hello.txt', data, 'text/plain'); |
| 968 | + const authUser = await Parse.User.signUp('user', 'password'); |
| 969 | + await expectAsync(file.save({ sessionToken: authUser.getSessionToken() })).toBeRejectedWith( |
| 970 | + new Parse.Error(Parse.Error.FILE_SAVE_ERROR, 'File upload by authenticated user is disabled.') |
| 971 | + ); |
960 | 972 | }); |
961 | 973 |
|
962 | | - it('enable file upload for anonymous but not authenticated users', async () => { |
| 974 | + it('allows file upload only for authenticated user', async () => { |
963 | 975 | await reconfigureServer({ |
964 | 976 | fileUpload: { |
965 | 977 | enableForPublic: false, |
966 | | - enableForAnonymousUser: true, |
967 | | - enableForAuthenticatedUser: false, |
| 978 | + enableForAnonymousUser: false, |
| 979 | + enableForAuthenticatedUser: true, |
968 | 980 | }, |
969 | 981 | }); |
970 | | - try { |
971 | | - const user = await Parse.AnonymousUtils.logIn(); |
972 | | - const file = new Parse.File('hello.txt', data, 'text/plain'); |
973 | | - await file.save({ sessionToken: user.getSessionToken() }); |
974 | | - } catch (e) { |
975 | | - fail('should have allowed file to save.'); |
| 982 | + let file = new Parse.File('hello.txt', data, 'text/plain'); |
| 983 | + await expectAsync(file.save()).toBeRejectedWith( |
| 984 | + new Parse.Error(Parse.Error.FILE_SAVE_ERROR, 'File upload by public is disabled.') |
| 985 | + ); |
| 986 | + file = new Parse.File('hello.txt', data, 'text/plain'); |
| 987 | + const anonUser = await Parse.AnonymousUtils.logIn(); |
| 988 | + await expectAsync(file.save({ sessionToken: anonUser.getSessionToken() })).toBeRejectedWith( |
| 989 | + new Parse.Error(Parse.Error.FILE_SAVE_ERROR, 'File upload by anonymous user is disabled.') |
| 990 | + ); |
| 991 | + file = new Parse.File('hello.txt', data, 'text/plain'); |
| 992 | + const authUser = await Parse.User.signUp('user', 'password'); |
| 993 | + await expectAsync(file.save({ sessionToken: authUser.getSessionToken() })).toBeResolved(); |
| 994 | + }); |
| 995 | + |
| 996 | + it('rejects invalid fileUpload configuration', async () => { |
| 997 | + const invalidConfigs = [ |
| 998 | + { fileUpload: [] }, |
| 999 | + { fileUpload: 1 }, |
| 1000 | + { fileUpload: "string" }, |
| 1001 | + ]; |
| 1002 | + const validConfigs = [ |
| 1003 | + { fileUpload: {} }, |
| 1004 | + { fileUpload: null }, |
| 1005 | + { fileUpload: undefined }, |
| 1006 | + ]; |
| 1007 | + const keys = [ |
| 1008 | + "enableForPublic", |
| 1009 | + "enableForAnonymousUser", |
| 1010 | + "enableForAuthenticatedUser", |
| 1011 | + ]; |
| 1012 | + const invalidValues = [ |
| 1013 | + [], |
| 1014 | + {}, |
| 1015 | + 1, |
| 1016 | + "string", |
| 1017 | + null, |
| 1018 | + ]; |
| 1019 | + const validValues = [ |
| 1020 | + undefined, |
| 1021 | + true, |
| 1022 | + false, |
| 1023 | + ]; |
| 1024 | + for (const config of invalidConfigs) { |
| 1025 | + await expectAsync(reconfigureServer(config)).toBeRejectedWith( |
| 1026 | + 'fileUpload must be an object value.' |
| 1027 | + ); |
976 | 1028 | } |
977 | | - try { |
978 | | - const user = await Parse.User.signUp('myUser', 'password'); |
979 | | - const file = new Parse.File('hello.txt', data, 'text/plain'); |
980 | | - await file.save({ sessionToken: user.getSessionToken() }); |
981 | | - fail('should have not allowed file to save.'); |
982 | | - } catch (e) { |
983 | | - expect(e.code).toBe(130); |
984 | | - expect(e.message).toBe('File upload by authenticated users is not enabled.'); |
| 1029 | + for (const config of validConfigs) { |
| 1030 | + await expectAsync(reconfigureServer(config)).toBeResolved(); |
| 1031 | + } |
| 1032 | + for (const key of keys) { |
| 1033 | + for (const value of invalidValues) { |
| 1034 | + await expectAsync(reconfigureServer({ fileUpload: { [key]: value }})).toBeRejectedWith( |
| 1035 | + `fileUpload.${key} must be a boolean value.` |
| 1036 | + ); |
| 1037 | + } |
| 1038 | + for (const value of validValues) { |
| 1039 | + await expectAsync(reconfigureServer({ fileUpload: { [key]: value }})).toBeResolved(); |
| 1040 | + } |
985 | 1041 | } |
986 | 1042 | }); |
987 | 1043 | }); |
988 | | - |
989 | | - it('setup with invalid configuration', async () => { |
990 | | - try { |
991 | | - await reconfigureServer({ |
992 | | - fileUpload: { |
993 | | - enableForPublic: [], |
994 | | - }, |
995 | | - }); |
996 | | - fail('should not allow invalid configuration'); |
997 | | - } catch (e) { |
998 | | - expect(e).toBe('enableForPublic must be a boolean value'); |
999 | | - } |
1000 | | - try { |
1001 | | - await reconfigureServer({ |
1002 | | - fileUpload: { |
1003 | | - enableForAnonymousUser: [], |
1004 | | - }, |
1005 | | - }); |
1006 | | - fail('should not allow invalid configuration'); |
1007 | | - } catch (e) { |
1008 | | - expect(e).toBe('enableForAnonymousUser must be a boolean value'); |
1009 | | - } |
1010 | | - try { |
1011 | | - await reconfigureServer({ |
1012 | | - fileUpload: { |
1013 | | - enableForAuthenticatedUser: [], |
1014 | | - }, |
1015 | | - }); |
1016 | | - fail('should not allow invalid configuration'); |
1017 | | - } catch (e) { |
1018 | | - expect(e).toBe('enableForAuthenticatedUser must be a boolean value'); |
1019 | | - } |
1020 | | - }); |
1021 | 1044 | }); |
0 commit comments