storage-upload/test/media/security.test.mjs

import { Eltro as t, assert} from 'eltro'
import { HttpError } from 'flaska'

import { createContext } from '../helper.server.mjs'
import { verifyToken, verifyBody, throwIfNotPublic } from '../../api/media/security.mjs'
import encode from '../../api/jwt/encode.mjs'
import config from '../../api/config.mjs'

t.describe('#throwIfNotPublic()', function() {
  let backup = {}

  t.before(function() {
    backup = config.sources[1].store
    config.sources[1].store = {
      sites: {
        justatest: {
        },
        justatest2: {
          public: false,
        },
        justatest3: {
          public: true,
        },
      },
    }
  })

  t.after(function() {
    config.sources[1].store = backup
  })

  t.test('should throw for sites that do not exist or are null', function() {
    let tests = [
      'justatest',
      'justatest2',
      'nonexisting1',
      null,
    ]

    tests.forEach(function(test) {
      assert.throws(function() { throwIfNotPublic(test) }, function(err) {
        assert.ok(err instanceof HttpError)
        assert.ok(err instanceof Error)
        assert.strictEqual(err.status, 404)
        assert.match(err.message, new RegExp(test))
        assert.match(err.message, /exist/i)
        return true
      }, `should throw with site ${test}`)
    })
  })
  

  t.test('should pass for sites that allow public listing', function() {
    let tests = [
      'justatest3',
    ]

    tests.forEach(function(test) {
      assert.doesNotThrow(function() { throwIfNotPublic(test) }, `should not throw with site ${test}`)
    })
  })
})

t.describe('#verifyToken()', function() {
  let backup = {}
  t.before(function() {
    backup = config.sources[1].store
    config.sources[1].store = {
      sites: {
        justatest: {
          keys: {
            'default@HS512': 'mysharedkey',
          }
        },
      },
    }
  })

  t.after(function() {
    config.sources[1].store = backup
  })

  t.test('should fail if query token is missing', function() {
    let ctx = createContext({ })
    ctx.query.delete('token')

    assert.throws(function() { verifyToken(ctx) }, function(err) {
      assert.ok(err instanceof HttpError)
      assert.ok(err instanceof Error)
      assert.strictEqual(err.status, 422)
      assert.match(err.message, /query/i)
      assert.match(err.message, /token/i)
      return true
    })
  })

  function assertInvalidToken(err) {
    assert.ok(err instanceof HttpError)
    assert.ok(err instanceof Error)
    assert.strictEqual(err.status, 422)
    assert.match(err.message, /invalid/i)
    assert.match(err.message, /token/i)
    return true
  }

  t.test('should fail if token is invalid', function() {
    let ctx = createContext({ })
    ctx.query.set('token', 'asdfasdgassdga')

    assert.throws(function() { verifyToken(ctx) }, assertInvalidToken)
    assert.ok(ctx.log.error.lastCall)
    assert.match(ctx.log.error.lastCall[0].message, /3 dots/)

    ctx.query.set('token', 'asdfasdgassdga.asdfasdg.sadfsadfas')

    assert.throws(function() { verifyToken(ctx) }, assertInvalidToken)
    assert.match(ctx.log.error.lastCall[0].message, /invalid/i)
    
    ctx.query.set('token', encode(
      { typ: 'JWT', alg: 'HS256' },
      { iss: 'justatest' },
      'mysharedkey'
    ))
    assert.throws(function() { verifyToken(ctx) }, assertInvalidToken)
    assert.match(ctx.log.error.lastCall[0].message, /pubkey/)

    ctx.query.set('token', encode(
      { typ: 'JWT', alg: 'HS512' },
      { iss: 'notexist' },
      'mysharedkey'
    ))
    assert.throws(function() { verifyToken(ctx) }, assertInvalidToken)
    assert.match(ctx.log.error.lastCall[0].message, /notexist/)

    ctx.query.set('token', encode(
      { typ: 'JWT', alg: 'HS512' },
      { iss: 'justatest' },
      'mysharedkey2'
    ))
    assert.throws(function() { verifyToken(ctx) }, assertInvalidToken)
    assert.match(ctx.log.error.lastCall[0].message, /HS512/)
    assert.match(ctx.log.error.lastCall[0].message, /Verification/i)
  })

  t.test('should otherwise return the issuer', function() {
    let ctx = createContext({ })
    ctx.query.set('token', encode(
      { typ: 'JWT', alg: 'HS512' },
      { iss: 'justatest' },
      'mysharedkey'
    ))
    let site = verifyToken(ctx)
    assert.strictEqual(site, 'justatest')
  })
})

t.describe('#verifyBody()', function() {
  t.test('should succeed with empty body', function() {
    let ctx = createContext({ req: { body: { } } })

    verifyBody(ctx)
  })
  
  t.test('should fail with invalid body', function() {
    let ctx = createContext({ req: { body: {
      item: {}
    } } })

    let tests = [
      [null, 'null'],
      ['', 'empty string'],
      ['asdf', 'string'],
      [0, 'empty number'],
      [123, 'number'],
      [[], 'array'],
    ]

    tests.forEach(function (check) {
      ctx.req.body.item = check[0]

      assert.throws(function() { verifyBody(ctx) }, function(err) {
        assert.ok(err instanceof HttpError)
        assert.ok(err instanceof Error)
        assert.strictEqual(err.status, 422)
        assert.match(err.message, /body/i)
        assert.match(err.message, /item/i)
        assert.match(err.message, /valid/i)
        return true
      }, `should fail if body entry is ${check[1]}`)
    })
  })

  let testInvalidNames = ['filename', 'path']

  testInvalidNames.forEach(function(invalidName) {
    t.test(`should fail if an item has the name ${invalidName}`, function() {
      let ctx = createContext({ req: { body: {
        [invalidName]: {}
      } } })
  
      assert.throws(function() { verifyBody(ctx) }, function(err) {
        assert.ok(err instanceof HttpError)
        assert.ok(err instanceof Error)
        assert.strictEqual(err.status, 422)
        assert.match(err.message, /body/i)
        assert.match(err.message, /name/i)
        assert.match(err.message, new RegExp(invalidName))
        assert.match(err.message, /allowed/i)
        return true
      }, 'should fail if body item has the name original')
    })
  })

  t.test('should require format string present in item', function() {
    let ctx = createContext({ req: { body: {
      item: {}
    } } })

    let tests = [
      [undefined, 'undefined'],
      [null, 'null'],
      ['', 'empty string'],
      [{}, 'object'],
      [0, 'empty number'],
      [123, 'number'],
      [[], 'array'],
      ['resize', 'not allow resize'],
      ['out', 'not allow out'],
    ]

    tests.forEach(function (check) {
      ctx.req.body.item = {
        format: check[0],
      }

      assert.throws(function() { verifyBody(ctx) }, function(err) {
        assert.ok(err instanceof HttpError)
        assert.ok(err instanceof Error)
        assert.strictEqual(err.status, 422)
        assert.match(err.message, /body/i)
        assert.match(err.message, /format/i)
        assert.match(err.message, /missing/i)
        return true
      }, `should fail if body item format is ${check[1]}`)
    })
  })

  t.test('should require object of same name as format', function() {
    let ctx = createContext({ req: { body: {
      item: {}
    } } })

    let tests = [
      [undefined, 'undefined'],
      [null, 'null'],
      ['', 'emptystring'],
      ['asdf', 'string'],
      [0, 'emptynumber'],
      [123, 'number'],
      [[], 'array'],
    ]

    tests.forEach(function (check) {
      ctx = createContext({ req: { body: {
        item: {}
      } } })

      ctx.req.body.item.format = check[1]
      ctx.req.body.item[check[1]] = check[0]

      assert.throws(function() { verifyBody(ctx) }, function(err) {
        assert.ok(err instanceof HttpError)
        assert.ok(err instanceof Error)
        assert.strictEqual(err.status, 422)
        assert.match(err.message, /body/i)
        assert.match(err.message, /format/i)
        assert.match(err.message, /options/i)
        assert.match(err.message, /valid/i)
        return true
      }, `should fail if body item format options is ${check[1]}`)
    })
  })

  t.test('should allow empty value or string in out in item', function() {
    let ctx = createContext({ req: { body: {
      item: {
        format: 'test',
        test: {},
      }
    } } })

    let tests = [
      [undefined, 'undefined'],
      [null, 'null'],
      ['', 'empty string'],
      ['file', 'allow string file'],
      ['base64', 'allow base64'],
    ]

    tests.forEach(function (check) {
      ctx.req.body.item.out = check[0]

      assert.doesNotThrow(function() {
        verifyBody(ctx)
      }, `should not throw with ${check[1]} in out`)
    })
  })
  
  t.test('should fail if out is invalid value', function() {
    let ctx = createContext({ req: { body: {
      item: {
        format: 'test',
        test: {},
      }
    } } })

    let tests = [
      [{}, 'object'],
      [0, 'empty number'],
      [123, 'number'],
      [[], 'array'],
      ['resize', 'not allow resize'],
      ['out', 'not allow out'],
      ['example', 'not allow example'],
    ]

    tests.forEach(function (check) {
      ctx.req.body.item.out = check[0]

      assert.throws(function() { verifyBody(ctx) }, function(err) {
        assert.ok(err instanceof HttpError)
        assert.ok(err instanceof Error)
        assert.strictEqual(err.status, 422)
        assert.match(err.message, /body/i)
        assert.match(err.message, /item/i)
        assert.match(err.message, /out/i)
        assert.match(err.message, /valid/i)
        return true
      }, `should fail if body item out is ${check[1]}`)
    })
  })

  let validObjectOperations = [
    'resize',
    'extend',
    'flatten',
  ]

  validObjectOperations.forEach(function(operation) {
    t.test(`should allow empty value or object in ${operation}`, function() {
      let ctx = createContext({ req: { body: {
        item: {
          format: 'test',
          test: {},
        }
      } } })
  
      let tests = [
        [undefined, 'undefined'],
        [null, 'null'],
        [{}, 'object'],
      ]
  
      tests.forEach(function (check) {
        ctx.req.body.item[operation] = check[0]
  
        assert.doesNotThrow(function() {
          verifyBody(ctx)
        }, `should not throw with ${check[1]} in ${operation}`)
      })
    })
  
    t.test(`should fail if ${operation} if specified is invalid`, function() {
      let ctx = createContext({ req: { body: {
        item: {
          format: 'test',
          test: {},
        }
      } } })
  
      let tests = [
        ['', 'emptystring'],
        ['asdf', 'string'],
        [0, 'emptynumber'],
        [123, 'number'],
        [[], 'array'],
      ]
  
      tests.forEach(function (check) {
        ctx.req.body.item[operation] = check[0]
  
        assert.throws(function() { verifyBody(ctx) }, function(err) {
          assert.ok(err instanceof HttpError)
          assert.ok(err instanceof Error)
          assert.strictEqual(err.status, 422)
          assert.match(err.message, /body/i)
          assert.match(err.message, /item/i)
          assert.match(err.message, new RegExp(operation))
          assert.match(err.message, /valid/i)
          return true
        }, `should fail if body item ${operation} is ${check[1]}`)
      })
    })
  })

  let validNumberOperations = [
    'blur',
    'trim',
  ]

  validNumberOperations.forEach(function(operation) {
    t.test(`should allow empty value or number in ${operation}`, function() {
      let ctx = createContext({ req: { body: {
        item: {
          format: 'test',
          test: {},
        }
      } } })
  
      let tests = [
        [undefined, 'undefined'],
        [null, 'null'],
        [0, 'number'],
        [0.5, 'positive number'],
      ]
  
      tests.forEach(function (check) {
        ctx.req.body.item[operation] = check[0]
  
        assert.doesNotThrow(function() {
          verifyBody(ctx)
        }, `should not throw with ${check[1]} in ${operation}`)
      })
    })
  
    t.test(`should fail if ${operation} if specified is invalid`, function() {
      let ctx = createContext({ req: { body: {
        item: {
          format: 'test',
          test: {},
        }
      } } })
  
      let tests = [
        ['', 'emptystring'],
        ['asdf', 'string'],
        [{}, 'object'],
        [[], 'array'],
      ]
  
      tests.forEach(function (check) {
        ctx.req.body.item[operation] = check[0]
  
        assert.throws(function() { verifyBody(ctx) }, function(err) {
          assert.ok(err instanceof HttpError)
          assert.ok(err instanceof Error)
          assert.strictEqual(err.status, 422)
          assert.match(err.message, /body/i)
          assert.match(err.message, /item/i)
          assert.match(err.message, new RegExp(operation))
          assert.match(err.message, /valid/i)
          return true
        }, `should fail if body item ${operation} is ${check[1]}`)
      })
    })
  })
})
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00			`import { Eltro as t, assert} from 'eltro'`
Use service-core 2022-08-13 21:52:45 +00:00			`import { HttpError } from 'flaska'`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00
			`import { createContext } from '../helper.server.mjs'`
Complete refactor, features and optimization of code Removed large amount of dependencies. Added vips support and automatically resizing based on any criteria. Faster and leaner. Added ability to fetch listing of files in folders. 2022-01-05 14:47:51 +00:00			`import { verifyToken, verifyBody, throwIfNotPublic } from '../../api/media/security.mjs'`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00			`import encode from '../../api/jwt/encode.mjs'`
			`import config from '../../api/config.mjs'`

Complete refactor, features and optimization of code Removed large amount of dependencies. Added vips support and automatically resizing based on any criteria. Faster and leaner. Added ability to fetch listing of files in folders. 2022-01-05 14:47:51 +00:00			`t.describe('#throwIfNotPublic()', function() {`
Use service-core 2022-08-13 21:52:45 +00:00			`let backup = {}`

Complete refactor, features and optimization of code Removed large amount of dependencies. Added vips support and automatically resizing based on any criteria. Faster and leaner. Added ability to fetch listing of files in folders. 2022-01-05 14:47:51 +00:00			`t.before(function() {`
Use service-core 2022-08-13 21:52:45 +00:00			`backup = config.sources[1].store`
			`config.sources[1].store = {`
			`sites: {`
			`justatest: {`
			`},`
			`justatest2: {`
			`public: false,`
			`},`
			`justatest3: {`
			`public: true,`
			`},`
Complete refactor, features and optimization of code Removed large amount of dependencies. Added vips support and automatically resizing based on any criteria. Faster and leaner. Added ability to fetch listing of files in folders. 2022-01-05 14:47:51 +00:00			`},`
Use service-core 2022-08-13 21:52:45 +00:00			`}`
			`})`

			`t.after(function() {`
			`config.sources[1].store = backup`
Complete refactor, features and optimization of code Removed large amount of dependencies. Added vips support and automatically resizing based on any criteria. Faster and leaner. Added ability to fetch listing of files in folders. 2022-01-05 14:47:51 +00:00			`})`

			`t.test('should throw for sites that do not exist or are null', function() {`
			`let tests = [`
			`'justatest',`
			`'justatest2',`
			`'nonexisting1',`
			`null,`
			`]`

			`tests.forEach(function(test) {`
			`assert.throws(function() { throwIfNotPublic(test) }, function(err) {`
			`assert.ok(err instanceof HttpError)`
			`assert.ok(err instanceof Error)`
			`assert.strictEqual(err.status, 404)`
			`assert.match(err.message, new RegExp(test))`
			`assert.match(err.message, /exist/i)`
			`return true`
			}, `should throw with site ${test}`)
			`})`
			`})`


			`t.test('should pass for sites that allow public listing', function() {`
			`let tests = [`
			`'justatest3',`
			`]`

			`tests.forEach(function(test) {`
			assert.doesNotThrow(function() { throwIfNotPublic(test) }, `should not throw with site ${test}`)
			`})`
			`})`
			`})`

Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00			`t.describe('#verifyToken()', function() {`
Use service-core 2022-08-13 21:52:45 +00:00			`let backup = {}`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00			`t.before(function() {`
Use service-core 2022-08-13 21:52:45 +00:00			`backup = config.sources[1].store`
			`config.sources[1].store = {`
			`sites: {`
			`justatest: {`
			`keys: {`
			`'default@HS512': 'mysharedkey',`
			`}`
			`},`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00			`},`
Use service-core 2022-08-13 21:52:45 +00:00			`}`
			`})`

			`t.after(function() {`
			`config.sources[1].store = backup`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00			`})`

			`t.test('should fail if query token is missing', function() {`
			`let ctx = createContext({ })`
Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`ctx.query.delete('token')`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00
Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`assert.throws(function() { verifyToken(ctx) }, function(err) {`
			`assert.ok(err instanceof HttpError)`
			`assert.ok(err instanceof Error)`
			`assert.strictEqual(err.status, 422)`
Complete refactor, features and optimization of code Removed large amount of dependencies. Added vips support and automatically resizing based on any criteria. Faster and leaner. Added ability to fetch listing of files in folders. 2022-01-05 14:47:51 +00:00			`assert.match(err.message, /query/i)`
			`assert.match(err.message, /token/i)`
Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`return true`
			`})`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00			`})`

Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`function assertInvalidToken(err) {`
			`assert.ok(err instanceof HttpError)`
			`assert.ok(err instanceof Error)`
			`assert.strictEqual(err.status, 422)`
Complete refactor, features and optimization of code Removed large amount of dependencies. Added vips support and automatically resizing based on any criteria. Faster and leaner. Added ability to fetch listing of files in folders. 2022-01-05 14:47:51 +00:00			`assert.match(err.message, /invalid/i)`
			`assert.match(err.message, /token/i)`
Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`return true`
			`}`

Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00			`t.test('should fail if token is invalid', function() {`
			`let ctx = createContext({ })`
Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`ctx.query.set('token', 'asdfasdgassdga')`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00
Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`assert.throws(function() { verifyToken(ctx) }, assertInvalidToken)`
			`assert.ok(ctx.log.error.lastCall)`
			`assert.match(ctx.log.error.lastCall[0].message, /3 dots/)`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00
Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`ctx.query.set('token', 'asdfasdgassdga.asdfasdg.sadfsadfas')`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00
Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`assert.throws(function() { verifyToken(ctx) }, assertInvalidToken)`
Complete refactor, features and optimization of code Removed large amount of dependencies. Added vips support and automatically resizing based on any criteria. Faster and leaner. Added ability to fetch listing of files in folders. 2022-01-05 14:47:51 +00:00			`assert.match(ctx.log.error.lastCall[0].message, /invalid/i)`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00
Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`ctx.query.set('token', encode(`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00			`{ typ: 'JWT', alg: 'HS256' },`
			`{ iss: 'justatest' },`
			`'mysharedkey'`
Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`))`
			`assert.throws(function() { verifyToken(ctx) }, assertInvalidToken)`
			`assert.match(ctx.log.error.lastCall[0].message, /pubkey/)`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00
Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`ctx.query.set('token', encode(`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00			`{ typ: 'JWT', alg: 'HS512' },`
			`{ iss: 'notexist' },`
			`'mysharedkey'`
Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`))`
			`assert.throws(function() { verifyToken(ctx) }, assertInvalidToken)`
			`assert.match(ctx.log.error.lastCall[0].message, /notexist/)`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00
Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`ctx.query.set('token', encode(`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00			`{ typ: 'JWT', alg: 'HS512' },`
			`{ iss: 'justatest' },`
			`'mysharedkey2'`
Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`))`
			`assert.throws(function() { verifyToken(ctx) }, assertInvalidToken)`
			`assert.match(ctx.log.error.lastCall[0].message, /HS512/)`
Complete refactor, features and optimization of code Removed large amount of dependencies. Added vips support and automatically resizing based on any criteria. Faster and leaner. Added ability to fetch listing of files in folders. 2022-01-05 14:47:51 +00:00			`assert.match(ctx.log.error.lastCall[0].message, /Verification/i)`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00			`})`

			`t.test('should otherwise return the issuer', function() {`
			`let ctx = createContext({ })`
Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`ctx.query.set('token', encode(`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00			`{ typ: 'JWT', alg: 'HS512' },`
			`{ iss: 'justatest' },`
			`'mysharedkey'`
Finished unit test, refactored to use flaska instead of koa 2021-10-11 00:21:57 +00:00			`))`
Lots of development and cleanup of dependencies 2021-10-09 00:11:52 +00:00			`let site = verifyToken(ctx)`
			`assert.strictEqual(site, 'justatest')`
			`})`
			`})`
Complete refactor, features and optimization of code Removed large amount of dependencies. Added vips support and automatically resizing based on any criteria. Faster and leaner. Added ability to fetch listing of files in folders. 2022-01-05 14:47:51 +00:00
			`t.describe('#verifyBody()', function() {`
			`t.test('should succeed with empty body', function() {`
			`let ctx = createContext({ req: { body: { } } })`

			`verifyBody(ctx)`
			`})`

			`t.test('should fail with invalid body', function() {`
			`let ctx = createContext({ req: { body: {`
			`item: {}`
			`} } })`

			`let tests = [`
			`[null, 'null'],`
			`['', 'empty string'],`
			`['asdf', 'string'],`
			`[0, 'empty number'],`
			`[123, 'number'],`
			`[[], 'array'],`
			`]`

			`tests.forEach(function (check) {`
			`ctx.req.body.item = check[0]`

			`assert.throws(function() { verifyBody(ctx) }, function(err) {`
			`assert.ok(err instanceof HttpError)`
			`assert.ok(err instanceof Error)`
			`assert.strictEqual(err.status, 422)`
			`assert.match(err.message, /body/i)`
			`assert.match(err.message, /item/i)`
			`assert.match(err.message, /valid/i)`
			`return true`
			}, `should fail if body entry is ${check[1]}`)
			`})`
			`})`

Many updates. Added ability to upload prefix-less files. Added ability to remove files. Breaking: Renamed name to filename when listing files in folder. Breaking: Fixed the schema response for /media/resize. It is now consistent with other upload methods. 2022-01-06 09:01:10 +00:00			`let testInvalidNames = ['filename', 'path']`
Complete refactor, features and optimization of code Removed large amount of dependencies. Added vips support and automatically resizing based on any criteria. Faster and leaner. Added ability to fetch listing of files in folders. 2022-01-05 14:47:51 +00:00
Many updates. Added ability to upload prefix-less files. Added ability to remove files. Breaking: Renamed name to filename when listing files in folder. Breaking: Fixed the schema response for /media/resize. It is now consistent with other upload methods. 2022-01-06 09:01:10 +00:00			`testInvalidNames.forEach(function(invalidName) {`
			t.test(`should fail if an item has the name ${invalidName}`, function() {
			`let ctx = createContext({ req: { body: {`
			`[invalidName]: {}`
			`} } })`

			`assert.throws(function() { verifyBody(ctx) }, function(err) {`
			`assert.ok(err instanceof HttpError)`
			`assert.ok(err instanceof Error)`
			`assert.strictEqual(err.status, 422)`
			`assert.match(err.message, /body/i)`
			`assert.match(err.message, /name/i)`
			`assert.match(err.message, new RegExp(invalidName))`
			`assert.match(err.message, /allowed/i)`
			`return true`
			`}, 'should fail if body item has the name original')`
			`})`
Complete refactor, features and optimization of code Removed large amount of dependencies. Added vips support and automatically resizing based on any criteria. Faster and leaner. Added ability to fetch listing of files in folders. 2022-01-05 14:47:51 +00:00			`})`

			`t.test('should require format string present in item', function() {`
			`let ctx = createContext({ req: { body: {`
			`item: {}`
			`} } })`

			`let tests = [`
			`[undefined, 'undefined'],`
			`[null, 'null'],`
			`['', 'empty string'],`
			`[{}, 'object'],`
			`[0, 'empty number'],`
			`[123, 'number'],`
			`[[], 'array'],`
			`['resize', 'not allow resize'],`
			`['out', 'not allow out'],`
			`]`

			`tests.forEach(function (check) {`
			`ctx.req.body.item = {`
			`format: check[0],`
			`}`

			`assert.throws(function() { verifyBody(ctx) }, function(err) {`
			`assert.ok(err instanceof HttpError)`
			`assert.ok(err instanceof Error)`
			`assert.strictEqual(err.status, 422)`
			`assert.match(err.message, /body/i)`
			`assert.match(err.message, /format/i)`
			`assert.match(err.message, /missing/i)`
			`return true`
			}, `should fail if body item format is ${check[1]}`)
			`})`
			`})`

			`t.test('should require object of same name as format', function() {`
			`let ctx = createContext({ req: { body: {`
			`item: {}`
			`} } })`

			`let tests = [`
			`[undefined, 'undefined'],`
			`[null, 'null'],`
			`['', 'emptystring'],`
			`['asdf', 'string'],`
			`[0, 'emptynumber'],`
			`[123, 'number'],`
			`[[], 'array'],`
			`]`

			`tests.forEach(function (check) {`
			`ctx = createContext({ req: { body: {`
			`item: {}`
			`} } })`

			`ctx.req.body.item.format = check[1]`
			`ctx.req.body.item[check[1]] = check[0]`

			`assert.throws(function() { verifyBody(ctx) }, function(err) {`
			`assert.ok(err instanceof HttpError)`
			`assert.ok(err instanceof Error)`
			`assert.strictEqual(err.status, 422)`
			`assert.match(err.message, /body/i)`
			`assert.match(err.message, /format/i)`
			`assert.match(err.message, /options/i)`
			`assert.match(err.message, /valid/i)`
			`return true`
			}, `should fail if body item format options is ${check[1]}`)
			`})`
			`})`

			`t.test('should allow empty value or string in out in item', function() {`
			`let ctx = createContext({ req: { body: {`
			`item: {`
			`format: 'test',`
			`test: {},`
			`}`
			`} } })`

			`let tests = [`
			`[undefined, 'undefined'],`
			`[null, 'null'],`
			`['', 'empty string'],`
			`['file', 'allow string file'],`
			`['base64', 'allow base64'],`
			`]`

			`tests.forEach(function (check) {`
			`ctx.req.body.item.out = check[0]`

			`assert.doesNotThrow(function() {`
			`verifyBody(ctx)`
			}, `should not throw with ${check[1]} in out`)
			`})`
			`})`

			`t.test('should fail if out is invalid value', function() {`
			`let ctx = createContext({ req: { body: {`
			`item: {`
			`format: 'test',`
			`test: {},`
			`}`
			`} } })`

			`let tests = [`
			`[{}, 'object'],`
			`[0, 'empty number'],`
			`[123, 'number'],`
			`[[], 'array'],`
			`['resize', 'not allow resize'],`
			`['out', 'not allow out'],`
			`['example', 'not allow example'],`
			`]`

			`tests.forEach(function (check) {`
			`ctx.req.body.item.out = check[0]`

			`assert.throws(function() { verifyBody(ctx) }, function(err) {`
			`assert.ok(err instanceof HttpError)`
			`assert.ok(err instanceof Error)`
			`assert.strictEqual(err.status, 422)`
			`assert.match(err.message, /body/i)`
			`assert.match(err.message, /item/i)`
			`assert.match(err.message, /out/i)`
			`assert.match(err.message, /valid/i)`
			`return true`
			}, `should fail if body item out is ${check[1]}`)
			`})`
			`})`

Added few more operation support in the API 2022-01-06 09:51:43 +00:00			`let validObjectOperations = [`
			`'resize',`
			`'extend',`
			`'flatten',`
			`]`

			`validObjectOperations.forEach(function(operation) {`
			t.test(`should allow empty value or object in ${operation}`, function() {
			`let ctx = createContext({ req: { body: {`
			`item: {`
			`format: 'test',`
			`test: {},`
			`}`
			`} } })`

			`let tests = [`
			`[undefined, 'undefined'],`
			`[null, 'null'],`
			`[{}, 'object'],`
			`]`

			`tests.forEach(function (check) {`
			`ctx.req.body.item[operation] = check[0]`

			`assert.doesNotThrow(function() {`
			`verifyBody(ctx)`
			}, `should not throw with ${check[1]} in ${operation}`)
			`})`
			`})`

			t.test(`should fail if ${operation} if specified is invalid`, function() {
			`let ctx = createContext({ req: { body: {`
			`item: {`
			`format: 'test',`
			`test: {},`
			`}`
			`} } })`

			`let tests = [`
			`['', 'emptystring'],`
			`['asdf', 'string'],`
			`[0, 'emptynumber'],`
			`[123, 'number'],`
			`[[], 'array'],`
			`]`

			`tests.forEach(function (check) {`
			`ctx.req.body.item[operation] = check[0]`

			`assert.throws(function() { verifyBody(ctx) }, function(err) {`
			`assert.ok(err instanceof HttpError)`
			`assert.ok(err instanceof Error)`
			`assert.strictEqual(err.status, 422)`
			`assert.match(err.message, /body/i)`
			`assert.match(err.message, /item/i)`
			`assert.match(err.message, new RegExp(operation))`
			`assert.match(err.message, /valid/i)`
			`return true`
			}, `should fail if body item ${operation} is ${check[1]}`)
			`})`
Complete refactor, features and optimization of code Removed large amount of dependencies. Added vips support and automatically resizing based on any criteria. Faster and leaner. Added ability to fetch listing of files in folders. 2022-01-05 14:47:51 +00:00			`})`
			`})`

Added few more operation support in the API 2022-01-06 09:51:43 +00:00			`let validNumberOperations = [`
			`'blur',`
			`'trim',`
			`]`
Complete refactor, features and optimization of code Removed large amount of dependencies. Added vips support and automatically resizing based on any criteria. Faster and leaner. Added ability to fetch listing of files in folders. 2022-01-05 14:47:51 +00:00
Added few more operation support in the API 2022-01-06 09:51:43 +00:00			`validNumberOperations.forEach(function(operation) {`
			t.test(`should allow empty value or number in ${operation}`, function() {
			`let ctx = createContext({ req: { body: {`
			`item: {`
			`format: 'test',`
			`test: {},`
			`}`
			`} } })`

			`let tests = [`
			`[undefined, 'undefined'],`
			`[null, 'null'],`
			`[0, 'number'],`
			`[0.5, 'positive number'],`
			`]`

			`tests.forEach(function (check) {`
			`ctx.req.body.item[operation] = check[0]`

			`assert.doesNotThrow(function() {`
			`verifyBody(ctx)`
			}, `should not throw with ${check[1]} in ${operation}`)
			`})`
			`})`

			t.test(`should fail if ${operation} if specified is invalid`, function() {
			`let ctx = createContext({ req: { body: {`
			`item: {`
			`format: 'test',`
			`test: {},`
			`}`
			`} } })`

			`let tests = [`
			`['', 'emptystring'],`
			`['asdf', 'string'],`
			`[{}, 'object'],`
			`[[], 'array'],`
			`]`

			`tests.forEach(function (check) {`
			`ctx.req.body.item[operation] = check[0]`

			`assert.throws(function() { verifyBody(ctx) }, function(err) {`
			`assert.ok(err instanceof HttpError)`
			`assert.ok(err instanceof Error)`
			`assert.strictEqual(err.status, 422)`
			`assert.match(err.message, /body/i)`
			`assert.match(err.message, /item/i)`
			`assert.match(err.message, new RegExp(operation))`
			`assert.match(err.message, /valid/i)`
			`return true`
			}, `should fail if body item ${operation} is ${check[1]}`)
			`})`
Complete refactor, features and optimization of code Removed large amount of dependencies. Added vips support and automatically resizing based on any criteria. Faster and leaner. Added ability to fetch listing of files in folders. 2022-01-05 14:47:51 +00:00			`})`
			`})`
			`})`