DELETE and GET methods for condition
This commit is contained in:
VLE2FE
@ -9,7 +9,7 @@ describe('/condition', () => {
|
||||
beforeEach(done => server = TestHelper.beforeEach(server, done));
|
||||
afterEach(done => TestHelper.afterEach(server, done));
|
||||
|
||||
describe('GET /condition/id', () => {
|
||||
describe('GET /condition/{id}', () => {
|
||||
it('returns the right condition', done => {
|
||||
TestHelper.request(server, done, {
|
||||
method: 'get',
|
||||
@ -19,10 +19,117 @@ describe('/condition', () => {
|
||||
res: {_id: '700000000000000000000001', sample_id: '400000000000000000000001', number: 'B1', parameters: {material: 'copper', weeks: 3}, treatment_template: '200000000000000000000001'}
|
||||
});
|
||||
});
|
||||
it('returns the right condition for an API key');
|
||||
it('rejects an invalid id');
|
||||
it('rejects an unknown id');
|
||||
it('rejects unauthorized requests');
|
||||
it('returns the right condition for an API key', done => {
|
||||
TestHelper.request(server, done, {
|
||||
method: 'get',
|
||||
url: '/condition/700000000000000000000001',
|
||||
auth: {key: 'janedoe'},
|
||||
httpStatus: 200,
|
||||
res: {_id: '700000000000000000000001', sample_id: '400000000000000000000001', number: 'B1', parameters: {material: 'copper', weeks: 3}, treatment_template: '200000000000000000000001'}
|
||||
});
|
||||
});
|
||||
it('rejects an invalid id', done => {
|
||||
TestHelper.request(server, done, {
|
||||
method: 'get',
|
||||
url: '/condition/70000000000t000000000001',
|
||||
auth: {basic: 'janedoe'},
|
||||
httpStatus: 404
|
||||
});
|
||||
});
|
||||
it('rejects an unknown id', done => {
|
||||
TestHelper.request(server, done, {
|
||||
method: 'get',
|
||||
url: '/condition/000000000000000000000001',
|
||||
auth: {basic: 'janedoe'},
|
||||
httpStatus: 404
|
||||
});
|
||||
});
|
||||
it('rejects unauthorized requests', done => {
|
||||
TestHelper.request(server, done, {
|
||||
method: 'get',
|
||||
url: '/condition/700000000000000000000001',
|
||||
httpStatus: 401
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe('DELETE /condition/{id}', () => {
|
||||
it('deletes the condition', done => {
|
||||
TestHelper.request(server, done, {
|
||||
method: 'delete',
|
||||
url: '/condition/700000000000000000000002',
|
||||
auth: {basic: 'janedoe'},
|
||||
httpStatus: 200
|
||||
}).end((err, res) => {
|
||||
if (err) return done(err);
|
||||
should(res.body).be.eql({status: 'OK'});
|
||||
ConditionModel.findById('700000000000000000000002').lean().exec((err, data) => {
|
||||
if (err) return done(err);
|
||||
should(data).be.null();
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
it('rejects a deleting a condition referenced by measurements');
|
||||
it('rejects an invalid id', done => {
|
||||
TestHelper.request(server, done, {
|
||||
method: 'delete',
|
||||
url: '/condition/70000000000w000000000002',
|
||||
auth: {basic: 'janedoe'},
|
||||
httpStatus: 404
|
||||
});
|
||||
});
|
||||
it('rejects an API key', done => {
|
||||
TestHelper.request(server, done, {
|
||||
method: 'delete',
|
||||
url: '/condition/700000000000000000000002',
|
||||
auth: {key: 'janedoe'},
|
||||
httpStatus: 401
|
||||
});
|
||||
});
|
||||
it('rejects requests from a read user', done => {
|
||||
TestHelper.request(server, done, {
|
||||
method: 'delete',
|
||||
url: '/condition/700000000000000000000002',
|
||||
auth: {basic: 'user'},
|
||||
httpStatus: 403
|
||||
});
|
||||
});
|
||||
it('rejects a write user deleting a condition belonging to a sample of another user', done => {
|
||||
TestHelper.request(server, done, {
|
||||
method: 'delete',
|
||||
url: '/condition/700000000000000000000003',
|
||||
auth: {basic: 'janedoe'},
|
||||
httpStatus: 403
|
||||
});
|
||||
});
|
||||
it('accepts an maintain/admin user deleting a condition belonging to a sample of another user', done => {
|
||||
TestHelper.request(server, done, {
|
||||
method: 'delete',
|
||||
url: '/condition/700000000000000000000002',
|
||||
auth: {basic: 'admin'},
|
||||
httpStatus: 200
|
||||
}).end((err, res) => {
|
||||
if (err) return done(err);
|
||||
should(res.body).be.eql({status: 'OK'});
|
||||
done();
|
||||
});
|
||||
});
|
||||
it('returns 404 for an unknown id', done => {
|
||||
TestHelper.request(server, done, {
|
||||
method: 'delete',
|
||||
url: '/condition/00000000000w000000000002',
|
||||
auth: {basic: 'janedoe'},
|
||||
httpStatus: 404
|
||||
});
|
||||
});
|
||||
it('rejects unauthorized requests', done => {
|
||||
TestHelper.request(server, done, {
|
||||
method: 'delete',
|
||||
url: '/condition/700000000000000000000002',
|
||||
httpStatus: 401
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe('POST /condition/new', () => {
|
||||
|
||||
@ -7,10 +7,41 @@ import res400 from './validate/res400';
|
||||
import SampleModel from '../models/sample';
|
||||
import ConditionModel from '../models/condition';
|
||||
import TreatmentTemplateModel from '../models/treatment_template';
|
||||
import IdValidate from './validate/id';
|
||||
|
||||
|
||||
const router = express.Router();
|
||||
|
||||
router.get('/condition/' + IdValidate.parameter(), (req, res, next) => {
|
||||
if (!req.auth(res, ['read', 'write', 'maintain', 'dev', 'admin'], 'all')) return;
|
||||
|
||||
ConditionModel.findById(req.params.id).lean().exec((err, data) => {
|
||||
if (err) return next(err);
|
||||
if (data) {
|
||||
res.json(ConditionValidate.output(data));
|
||||
}
|
||||
else {
|
||||
res.status(404).json({status: 'Not found'});
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
router.delete('/condition/' + IdValidate.parameter(), (req, res, next) => {
|
||||
if (!req.auth(res, ['write', 'maintain', 'dev', 'admin'], 'basic')) return;
|
||||
|
||||
ConditionModel.findById(req.params.id).lean().exec(async (err, data: any) => {
|
||||
if (err) return next(err);
|
||||
if (!data) {
|
||||
res.status(404).json({status: 'Not found'});
|
||||
}
|
||||
if (!await sampleIdCheck(data, req, res, next)) return;
|
||||
ConditionModel.findByIdAndDelete(req.params.id).lean().exec(async err => {
|
||||
if (err) return next(err);
|
||||
res.json({status: 'OK'});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
router.post('/condition/new', async (req, res, next) => {
|
||||
if (!req.auth(res, ['write', 'maintain', 'dev', 'admin'], 'basic')) return;
|
||||
|
||||
|
||||
@ -80,7 +80,7 @@ router.delete('/material/' + IdValidate.parameter(), (req, res, next) => {
|
||||
MaterialModel.findByIdAndDelete(req.params.id).lean().exec((err, data) => {
|
||||
if (err) return next(err);
|
||||
if (data) {
|
||||
res.json({status: 'OK'})
|
||||
res.json({status: 'OK'});
|
||||
}
|
||||
else {
|
||||
res.status(404).json({status: 'Not found'});
|
||||
|
||||
@ -194,6 +194,28 @@
|
||||
},
|
||||
"treatment_template": {"$oid":"200000000000000000000001"},
|
||||
"__v": 0
|
||||
},
|
||||
{
|
||||
"_id": {"$oid":"700000000000000000000002"},
|
||||
"sample_id": {"$oid":"400000000000000000000002"},
|
||||
"number": "B1",
|
||||
"parameters": {
|
||||
"material": "copper",
|
||||
"weeks": 3
|
||||
},
|
||||
"treatment_template": {"$oid":"200000000000000000000001"},
|
||||
"__v": 0
|
||||
},
|
||||
{
|
||||
"_id": {"$oid":"700000000000000000000003"},
|
||||
"sample_id": {"$oid":"400000000000000000000004"},
|
||||
"number": "B1",
|
||||
"parameters": {
|
||||
"material": "copper",
|
||||
"weeks": 3
|
||||
},
|
||||
"treatment_template": {"$oid":"200000000000000000000001"},
|
||||
"__v": 0
|
||||
}
|
||||
],
|
||||
"treatment_templates": [
|
||||
|
||||
Reference in New Issue
Block a user