feature(search): rewrite test and edit search.js

rewrite test and edit user.id in file to test authenticated route
andela · Dec 13, 2016 · ea44a0d · ea44a0d
1 parent d5d30a5
commit ea44a0d
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 33 deletions.
diff --git a/app/controllers/api/search.js b/app/controllers/api/search.js
@@ -1,4 +1,3 @@
-/* eslint no-underscore-dangle: ["error", { "allow": ["_id"] }]*/
 /* eslint amd:true */
 
 /**
@@ -12,15 +11,19 @@ const User = mongoose.model('User');
  * Gets all users from the database
  */
 exports.users = (req, res) => {
-  const query = req.params.email || '';
-  User.find({ email: { $regex: query } }).limit(10)
+  if (req.user && req.user.id) {
+    const query = req.params.email || '';
+    User.find({ email: { $regex: query } }).limit(10)
     .exec((err, result) => {
       if (err) {
         return res.status(500).json(err);
       } else if (!result) {
         // hope this never happens.
         return res.status(404).send('I did not find any data');
       }
-      res.status(200).json(result);
+      return res.status(200).json(result);
     });
+  } else {
+    return res.status(404).json({ message: 'You do not have permission to visit this route'});
+  }
 };
diff --git a/test/api/search.js b/test/api/search.js
@@ -1,55 +1,62 @@
 /* eslint amd:true */
+const should = require('should');
 const app = require('../../server');
 const request = require('supertest');
 const mongoose = require('mongoose');
 
 const User = mongoose.model('User');
+const agent = request.agent(app);
 
 let user = '';
 
 describe('Search api', () => {
-  beforeEach((done) => {
-    user = new User({
+  before((done) => {
+    User.remove().exec();
+    const user1 = new User({
       name: 'Full name',
       email: 'search@search.com',
       username: 'user',
       password: 'password'
     });
-    user.save(done);
-  });
-
-  afterEach((done) => {
-    done();
-  });
-
-  describe('login route', () => {
-    it('should login for valid user', (done) => {
-      request(app).post('/users/session')
-        .send({ email: user.email, password: user.password })
-        .expect(302, done());
+    user1.save();
+    agent.post('/users/session')
+    .send({ email: user1.email, password: user1.password })
+    .end((err, res) => {
+      if (err) return done(err);
+      res.should.have.status(302);
+      done();
     });
   });
 
   describe('Search route', () => {
     it('routes successfully', (done) => {
-      request(app)
-        .get('/api/search/users/search@search.com')
-        .set('Accept', 'application/json')
-        .expect(200)
-        .end(function(err, res){
-          if (err) return done(err);
-        });
-      done();
+      agent
+      .get('/api/search/users/search@search.com')
+      .set('Accept', 'application/json')
+      .end(function(err, res){
+        if (err) return done(err);
+        res.should.have.status(200);
+        done();
+      });
     });
     it('returns not found when no word is entered', (done) => {
+      agent
+      .get('/api/search/users/')
+      .set('Accept', 'application/json')
+      .end(function(err, res) {
+        if (err) return done(err);
+        res.should.have.status(404);
+        done();
+      });
+    });
+    it('should not search for anything when the user is not logged in', (done) => {
       request(app)
-        .get('/api/search/users/')
-        .set('Accept', 'application/json')
-        .expect(404)
-        .end(function(err, res) {
-          if (err) return done(err);
-        });
-      done();
+      .get('/api/search/users/')
+      .end(function(err, res) {
+        if (err) return done(err);
+        res.should.have.status(404);
+        done();
+      });
     });
   });
 });