#175 - Update tests

Author: callmekatootie

test/common/testData.js

@@ -155,7 +155,7 @@ const testSubmissionWoLegacy = {
 
 const testSubmissionWReview = {
   Item: {
-    challengeId: 30055732,
+    challengeId: 30055733,
     id: 'a12a4180-65aa-42ec-a945-5fd21dec0503',
     type: 'ContestSubmission',
     url: 'https://s3.amazonaws.com/test-submission/123456',
@@ -164,13 +164,13 @@ const testSubmissionWReview = {
     submissionPhaseId: 'b24d4180-65aa-42ec-a945-5fd21dec0501',
     review: [
       {
-        id: 'd24d4180-65aa-42ec-a945-5fd21dec0501',
+        id: 'd24d4180-65aa-42ec-a945-5fd21dec0502',
         score: 95.5,
         legacyReviewId: 1234567891,
         typeId: 'c56a4180-65aa-42ec-a945-5fd21dec0503',
         reviewerId: 'c23a4180-65aa-42ec-a945-5fd21dec0503',
         scoreCardId: 123456789,
-        submissionId: 'a12a4180-65aa-42ec-a945-5fd21dec0501',
+        submissionId: 'a12a4180-65aa-42ec-a945-5fd21dec0503',
         metadata: {
           public: 'public data',
           private: 'private data'
@@ -184,7 +184,7 @@ const testSubmissionWReview = {
     reviewSummation: [
       {
         id: 'e45e4180-65aa-42ec-a945-5fd21dec1504',
-        submissionId: 'a12a4180-65aa-42ec-a945-5fd21dec0501',
+        submissionId: 'a12a4180-65aa-42ec-a945-5fd21dec0503',
         aggregateScore: 99.0,
         scoreCardId: 123456789,
         isPassing: true,

test/e2e/SubmissionService.test.js

@@ -35,7 +35,8 @@ const binaryParser = function (res, cb) {
   })
 }
 
-let submissionId // Used to store submissionId after creating submission
+let submissionId // Used to store submissionId after creating submission (Admin user role)
+let userSubmissionId // Used to store submissionId after creating submission (Topcoder user role)
 let fileSubmissionId // Used to store submissionId after upload file
 let fileWithLegacySubmissionId // Used to store submissionId after upload file with legacy
 
@@ -232,6 +233,25 @@ describe('Submission Service tests', () => {
           done()
         })
     }).timeout(20000)
+
+    it('Creating another submission with url passing should get succeeded with user token', (done) => {
+      chai.request(app)
+        .post(`${config.API_VERSION}/submissions`)
+        .set('Authorization', `Bearer ${config.ADMIN_TOKEN}`)
+        .send(_.omit(testSubmission.Item, ['id', 'created', 'updated', 'createdBy', 'updatedBy']))
+        .end((err, res) => {
+          res.should.have.status(200)
+          res.body.should.have.keys(Object.keys(_.extend({ fileType: 'zip' }, testSubmission.Item)))
+          res.body.id.should.not.be.eql(null)
+          userSubmissionId = res.body.id // To be used in future requests
+          res.body.challengeId.should.be.eql(testSubmission.Item.challengeId)
+          res.body.type.should.be.eql(testSubmission.Item.type)
+          res.body.url.should.be.eql(testSubmission.Item.url)
+          res.body.fileType.should.be.eql('zip')
+          res.body.submissionPhaseId.should.be.eql(testSubmission.Item.submissionPhaseId)
+          done()
+        })
+    }).timeout(20000)
   })
 
   /*
@@ -624,17 +644,6 @@ describe('Submission Service tests', () => {
         })
     })
 
-    it('Deleting submission with user token should throw 403', (done) => {
-      chai.request(app)
-        .delete(`${config.API_VERSION}/submissions/${submissionId}`)
-        .set('Authorization', `Bearer ${config.USER_TOKEN}`)
-        .end((err, res) => {
-          res.should.have.status(403)
-          res.body.message.should.be.eql('You are not allowed to perform this action!')
-          done()
-        })
-    })
-
     it('Deleting non-existent submission should throw 404', (done) => {
       chai.request(app)
         .delete(`${config.API_VERSION}/submissions/${nonExSubmissionId}`)
@@ -646,6 +655,17 @@ describe('Submission Service tests', () => {
         })
     }).timeout(20000)
 
+    it('Deleting submission with copilot token should throw 403', (done) => {
+      chai.request(app)
+        .delete(`${config.API_VERSION}/submissions/${userSubmissionId}`)
+        .set('Authorization', `Bearer ${config.COPILOT_TOKEN}`)
+        .end((err, res) => {
+          res.should.have.status(403)
+          res.body.message.should.be.eql('You cannot access other member\'s submission')
+          done()
+        })
+    }).timeout(20000)
+
     it('Deleting submission with Admin token should get succeeded', (done) => {
       chai.request(app)
         .delete(`${config.API_VERSION}/submissions/${submissionId}`)

test/unit/SubmissionService.test.js

@@ -519,31 +519,59 @@ describe('Submission Service tests', () => {
         })
     })
 
+    /**
+     * START
+     */
+    it('Deleting non-existent submission should throw 404', (done) => {
+      chai.request(app)
+        .delete(`${config.API_VERSION}/submissions/${nonExSubmissionId}`)
+        .set('Authorization', `Bearer ${config.ADMIN_TOKEN}`)
+        .end((err, res) => {
+          res.should.have.status(404)
+          res.body.message.should.be.eql(`Submission with ID = ${nonExSubmissionId} is not found`)
+          done()
+        })
+    })
+
+    // Non admin users should not be able to delete submissions that they don't own
     it('Deleting submission with copilot token should throw 403', (done) => {
       chai.request(app)
         .delete(`${config.API_VERSION}/submissions/${testSubmission.Item.id}`)
         .set('Authorization', `Bearer ${config.COPILOT_TOKEN}`)
         .end((err, res) => {
           res.should.have.status(403)
-          res.body.message.should.be.eql('You are not allowed to perform this action!')
+          res.body.message.should.be.eql('You cannot access other member\'s submission')
           done()
         })
     })
 
-    it('Deleting non-existent submission should throw 404', (done) => {
+    it('Deleting submission while submission phase is inactive should throw 403', (done) => {
       chai.request(app)
-        .delete(`${config.API_VERSION}/submissions/${nonExSubmissionId}`)
-        .set('Authorization', `Bearer ${config.ADMIN_TOKEN}`)
+        .delete(`${config.API_VERSION}/submissions/${testSubmissionWReview.Item.id}`)
+        .set('Authorization', `Bearer ${config.USER_TOKEN}`)
         .end((err, res) => {
-          res.should.have.status(404)
-          res.body.message.should.be.eql(`Submission with ID = ${nonExSubmissionId} is not found`)
+          res.should.have.status(403)
+          res.body.message.should.be.eql('You cannot delete the submission because submission phase is not active')
           done()
         })
     })
 
-    it('Deleting submission with Admin token should get succeeded', (done) => {
+    it('Deleting submission with User token should get succeeded', (done) => {
       chai.request(app)
         .delete(`${config.API_VERSION}/submissions/${testSubmission.Item.id}`)
+        .set('Authorization', `Bearer ${config.USER_TOKEN}`)
+        .end((err, res) => {
+          res.should.have.status(204)
+          done()
+        })
+    }).timeout(10000)
+    /**
+     * END
+     */
+
+    it('Deleting submission with Admin token should get succeeded', (done) => {
+      chai.request(app)
+        .delete(`${config.API_VERSION}/submissions/${testSubmissionWReview.Item.id}`)
         .set('Authorization', `Bearer ${config.ADMIN_TOKEN}`)
         .end((err, res) => {
           res.should.have.status(204)

test/unit/prepare.js

@@ -101,6 +101,7 @@ prepare(function (done) {
   const authUrl = URL.parse(config.AUTH0_URL)
   const busUrl = URL.parse(config.BUSAPI_EVENTS_URL)
   const challengeApiUrl = URL.parse(`${config.CHALLENGEAPI_URL}/${testData.testSubmissionWoLegacy.Item.challengeId}/phases`)
+  const challengeApiUrl2 = URL.parse(`${config.CHALLENGEAPI_URL}/${testData.testSubmission.Item.challengeId}/phases`)
   const challengeDetailUrl = URL.parse(`${config.CHALLENGEAPI_URL}?filter=id=${testData.testSubmission.Item.challengeId}`)
   const challengeWoLegacyUrl = URL.parse(`${config.CHALLENGEAPI_URL}?filter=id=${testData.testSubmissionWoLegacy.Item.challengeId}`)
 
@@ -130,6 +131,8 @@ prepare(function (done) {
     .reply(204)
     .get(challengeApiUrl.path)
     .reply(200, testData.testChallengeAPIResponse)
+    .get(challengeApiUrl2.path)
+    .reply(200, testData.testChallengeAPIResponse)
     .get(challengeDetailUrl.path)
     .reply(200, testData.testChallengeDetailResponse)
     .get(challengeWoLegacyUrl.path)