Calculation Endpoints: Adds Validation and Tests

.github/workflows/tdm-server-tests.yml

@@ -5,7 +5,7 @@ on:
     branches:
       - develop
 jobs:
-  build:
+  test:
     runs-on: ubuntu-latest
 
     steps:
@@ -39,6 +39,8 @@ jobs:
         echo "APPLICATIONINSIGHTS_CONNECTION_STRING=InstrumentationKey=00000000-0000-0000-0000-000000000000;IngestionEndpoint=https://westus-0.in.applicationinsights.azure.com/;LiveEndpoint=https://westus.livediagnostics.monitor.azure.com/" >> .env
         echo "[email protected]" >> .env
         echo "SECURITY_ADMIN_PASSWORD=Dogfood1!" >> .env
+        echo "[email protected]" >> .env
+        echo "ADMIN_PASSWORD=Dogfood1!" >> .env
         echo "SQL_SERVER_NAME=localhost" >> .env
         echo "SQL_SERVER_PORT=1434" >> .env
         echo "SQL_DATABASE_NAME=tdmtestdb" >> .env

server/.example.env → server/.env.example

@@ -67,31 +67,33 @@ APPLICATIONINSIGHTS_CONNECTION_STRING=
 ###############################################################
 ##      Testing (Comment out ALL the above variables)        ##
 ###############################################################
-# TEST_ENV=
+# TEST_ENV=true
 
-# PORT=
-# NODE_OPTIONS=
+# PORT=5002
+# NODE_OPTIONS=--trace-deprecation
 
-# JWT_SECRET_KEY=
+# JWT_SECRET_KEY=testingSecretKey
 
-# CLIENT_URL=
-# SERVER_URL=
+# CLIENT_URL=http://localhost:3001
+# SERVER_URL=http://localhost:5002
 
-# SENDGRID_API_KEY=
-# EMAIL_SENDER=
-# EMAIL_PUBLIC_COMMENT_LA_CITY=
-# EMAIL_PUBLIC_COMMENT_WEB_TEAM=
+# SENDGRID_API_KEY=SG.testAPIkey
+# EMAIL_SENDER=[email protected]
+# EMAIL_PUBLIC_COMMENT_LA_CITY=[email protected]
+# EMAIL_PUBLIC_COMMENT_WEB_TEAM=[email protected]
 
-# APPLICATIONINSIGHTS_CONNECTION_STRING=
+# APPLICATIONINSIGHTS_CONNECTION_STRING=InstrumentationKey=00000000-0000-0000-0000-000000000000;IngestionEndpoint=https://westus-0.in.applicationinsights.azure.com/;LiveEndpoint=https://westus.livediagnostics.monitor.azure.com/
 
-## Server Test Accounts
-# SECURITY_ADMIN_EMAIL=
-# SECURITY_ADMIN_PASSWORD=
+# # Server Test Accounts
+# [email protected]
+# SECURITY_ADMIN_PASSWORD=Dogfood1!
+# [email protected]
+# ADMIN_PASSWORD=Dogfood1!
 
-## testingcontainer Environment Variables
-# SQL_SERVER_NAME=
-# SQL_SERVER_PORT=
-# SQL_DATABASE_NAME=
-# SQL_USER_NAME=
-# SQL_PASSWORD=
-# SQL_ENCRYPT =
+# # testingcontainer Environment Variables
+# SQL_SERVER_NAME=localhost
+# SQL_SERVER_PORT=1434
+# SQL_DATABASE_NAME=tdmtestdb
+# SQL_USER_NAME=sa
+# SQL_PASSWORD=TestPassw0rd
+# SQL_ENCRYPT = false

server/__tests__/calculation.test.js

@@ -0,0 +1,122 @@
+const request = require("supertest");
+const {
+  setupServer,
+  teardownServer
+} = require("../_jest-setup_/utils/server-setup");
+
+let server;
+
+beforeAll(async () => {
+  server = await setupServer();
+});
+
+afterAll(async () => {
+  await teardownServer();
+});
+
+describe("Calculation API Endpoints", () => {
+  //////////////////////////////
+  //          general          //
+  //////////////////////////////
+  let calcId; // id of the calculation
+
+  // GET "/" all calculations
+  it("should get all calculations", async () => {
+    const res = await request(server).get("/api/calculations");
+    expect(Array.isArray(res.body)).toBeTruthy();
+    res.body.forEach(calc => {
+      expect(calc).toHaveProperty("id");
+      expect(calc).toHaveProperty("name");
+      expect(calc).toHaveProperty("description");
+      expect(calc).toHaveProperty("deprecated");
+      expect(calc).toHaveProperty("dateCreated");
+      expect(calc).toHaveProperty("dateModified");
+    });
+    calcId = res.body[0].id;
+  });
+
+  // GET "/:calcId" calculation by id
+  it("should get calculation by id", async () => {
+    const res = await request(server).get(`/api/calculations/${calcId}`);
+    expect(res.statusCode).toEqual(200);
+    expect(res.body.id).toEqual(calcId);
+  });
+
+  // GET "/:calcId" calculation by inexistent id
+  it("should get calculation by id", async () => {
+    const res = await request(server).get(`/api/calculations/9999999`);
+    expect(res.statusCode).toEqual(404);
+  });
+
+  // GET "/:calcId/rules" all rules for a calculation
+  it("should get all rules for a calculation", async () => {
+    const res = await request(server).get(`/api/calculations/${calcId}/rules`);
+    expect(res.statusCode).toEqual(200);
+    expect(Array.isArray(res.body)).toBeTruthy();
+    res.body.forEach(calc => {
+      expect(calc).toHaveProperty("id");
+      expect(calc).toHaveProperty("calculationId");
+      expect(calc.calculationId).toEqual(calcId);
+    });
+  });
+
+  //////////////////////////////
+  //      admin endpoints      //
+  //////////////////////////////
+  let adminToken; // token of the admin
+  let newCalcId; // id of the new calculation
+
+  // POST "accounts/login/:email?" Login as admin to get token
+  it("should login as a security admin", async () => {
+    const res = await request(server).post("/api/accounts/login").send({
+      email: process.env.ADMIN_EMAIL,
+      password: process.env.ADMIN_PASSWORD
+    });
+    expect(res.statusCode).toEqual(200);
+    expect(res.body).toHaveProperty("token");
+    adminToken = res.body.token;
+  });
+
+  // POST "/" Create a calculation (Admin only)
+  it("should create a calculation", async () => {
+    const res = await request(server)
+      .post("/api/calculations")
+      .set("Authorization", `Bearer ${adminToken}`)
+      .send({
+        name: "Test Name",
+        description: "Test Description",
+        deprecated: false
+      });
+    expect(res.statusCode).toEqual(201);
+    expect(res.body).toHaveProperty("id");
+    newCalcId = res.body.id;
+  });
+
+  // PUT "/:id" Update calculation (Admin only)
+  it("should update a calculation", async () => {
+    const res = await request(server)
+      .put(`/api/calculations/${newCalcId}`)
+      .set("Authorization", `Bearer ${adminToken}`)
+      .send({
+        name: "New Test Name",
+        description: "New Test Description",
+        deprecated: true,
+        id: newCalcId
+      });
+    expect(res.statusCode).toEqual(200);
+  });
+
+  // PUT "/:id" Update calculation using inexistent id (Admin only)
+  //TODO: this endpoint logic needs error handling for inexistent ids
+
+  // DELETE "/:id" Delete a calculation (Admin only)
+  it("should delete a calculation", async () => {
+    const res = await request(server)
+      .delete(`/api/calculations/${newCalcId}`)
+      .set("Authorization", `Bearer ${adminToken}`);
+    expect(res.statusCode).toEqual(200);
+  });
+
+  // DELETE "/:id" Delete a calculation using inexistent id (Admin only)
+  //TODO: this endpoint needs error handling for inexistent ids
+});

server/app/controllers/calculation.controller.js

@@ -1,4 +1,10 @@
 const calculationService = require("../services/calculation.service");
+const {
+  validate,
+  validationErrorMiddleware
+} = require("../../middleware/validate");
+const calculationPost = require("../schemas/calculation.post");
+const calculationPut = require("../schemas/calculation.put");
 
 const getAll = async (req, res) => {
   try {
@@ -52,7 +58,7 @@ const del = async (req, res) => {
 module.exports = {
   getAll,
   getById,
-  post,
-  put,
+  post: [validate({ body: calculationPost }), post, validationErrorMiddleware],
+  put: [validate({ body: calculationPut }), put, validationErrorMiddleware],
   del
 };

server/app/schemas/calculation.post.js

@@ -0,0 +1,19 @@
+module.exports = {
+  type: "object",
+  required: ["name", "description", "deprecated"],
+  properties: {
+    name: {
+      type: "string",
+      minLength: 1,
+      pattern: "^[a-zA-Z '.-]+$"
+    },
+    description: {
+      type: "string",
+      minLength: 1,
+      pattern: "^[a-zA-Z '.-]+$"
+    },
+    deprecated: {
+      type: "boolean"
+    }
+  }
+};

server/app/schemas/calculation.put.js

@@ -0,0 +1,22 @@
+module.exports = {
+  type: "object",
+  required: ["name", "description", "deprecated", "id"],
+  properties: {
+    name: {
+      type: "string",
+      minLength: 1,
+      pattern: "^[a-zA-Z '.-]+$"
+    },
+    description: {
+      type: "string",
+      minLength: 1,
+      pattern: "^[a-zA-Z '.-]+$"
+    },
+    deprecated: {
+      type: "boolean"
+    },
+    id: {
+      type: "integer"
+    }
+  }
+};

server/app/services/calculation.service.js

@@ -38,7 +38,7 @@ const post = async item => {
     request.output("id", mssql.Int, null);
     const response = await request.execute("Calculation_Insert");
 
-    return response.outputParameters;
+    return response.output;
   } catch (err) {
     return Promise.reject(err);
   }