Update and improve the documentation on Testing

[alex-marquette]

Node version:
Sails version (sails):
ORM hook version (sails-hook-orm):
Sockets hook version (sails-hook-sockets):
Organics hook version (sails-hook-organics):
Grunt hook version (sails-hook-grunt):
Uploads hook version (sails-hook-uploads):
DB adapter & version (e.g. sails-mysql@5.55.5):
Skipper adapter & version (e.g. skipper-s3@5.55.5):

---

Basically, the title. After going through the course on Platzi, looking at the Ration.io source code and the official documentation I don't think I ever really had a decent testing setup run the way it probably was expected to for this framework. The closest I got was following this blog by Kevin, https://blog.sailscasts.com/testing-sails-applications-with-mocha-and-supertest and that blog post is for a Sails JS API with no front-end option set.

Looking specifically at the official documentation on the website, if you need to test with a front-end there's no mention of disabling the CSRF in the test environment or creating a fake endpoint to get a cookie and the CSRF as shown in the ration.io source code. So if you are brand new, you can end up with 403 or 401 on a 200 request because of not having a cookie or the CSRF token present both of which aren't mentioned in the official documentation on the website. There are also a lot of baked assumptions in the documentation themselves which can make it hard for anyone starting out with the framework to figure out what is really happening behind the scenes in the testing environment. At bare minimum the documentation should be able to provide a developer with a simple setup and be able to handle authenticating a user and doing something with that authenticated user (like viewing a restricted page) if they have the front-end generated for the application.

[sailsbot]

@alex-marquette Thanks for posting! We'll take a look as soon as possible.

In the mean time, there are a few ways you can help speed things along:

• look for a workaround. (Even if it's just temporary, sharing your solution can save someone else a lot of time and effort.)
• tell us why this issue is important to you and your team. What are you trying to accomplish? (Submissions with a little bit of human context tend to be easier to understand and faster to resolve.)
• make sure you've provided clear instructions on how to reproduce the bug from a clean install.
• double-check that you've provided all of the requested version and dependency information. (Some of this info might seem irrelevant at first, like which database adapter you're using, but we ask that you include it anyway. Oftentimes an issue is caused by a confluence of unexpected factors, and it can save everybody a ton of time to know all the details up front.)
• read the code of conduct.
• if appropriate, ask your business to sponsor your issue. (Open source is our passion, and our core maintainers volunteer many of their nights and weekends working on Sails. But you only get so many nights and weekends in life, and stuff gets done a lot faster when you can work on it during normal daylight hours.)
• let us know if you are using a 3rd party plugin; whether that's a database adapter, a non-standard view engine, or any other dependency maintained by someone other than our core team. (Besides the name of the 3rd party package, it helps to include the exact version you're using. If you're unsure, check out this list of all the core packages we maintain.)

---

Please remember: never post in a public forum if you believe you've found a genuine security vulnerability. Instead, disclose it responsibly.

For help with questions about Sails, click here.

[eashaw]

Thanks for the suggestion/feedback @alex-marquette, I'll bring this up with the team when we meet next.

[vr-varad]

@eashaw can i work on it?

[eashaw]

@vr-varad Of course! We're always happy to take a look at PRs that improve the Sails documentation.