Exposing some more API endpoints and tests

2019-06-15 21:16:10 +09:30 · 2019-06-15 21:16:10 +09:30 · a39a87609c
parent 0871de9802
commit a39a87609c
3 changed files with 57 additions and 8 deletions
--- a/routes/customer.js
+++ b/routes/customer.js
@ -63,14 +63,19 @@ router.post('/customer/create', (req, res) => {
 router.get('/admin/customer/view/:id?', restrict, (req, res) => {
    const db = req.app.db;

-    db.customers.findOne({ _id: common.getId(req.params.id) }, (err, result) => {
+    db.customers.findOne({ _id: common.getId(req.params.id) }, (err, customer) => {
        if(err){
            console.info(err.stack);
        }

-        res.render('customer', {
+        // If API request, return json
+        if(req.apiAuthenticated){
+            return res.status(200).json(customer);
+        }
+
+        return res.render('customer', {
            title: 'View customer',
-            result: result,
+            result: customer,
            admin: true,
            session: req.session,
            message: common.clearSessionValue(req.session, 'message'),
@ -87,7 +92,12 @@ router.get('/admin/customers', restrict, (req, res) => {
    const db = req.app.db;

    db.customers.find({}).limit(20).sort({ created: -1 }).toArray((err, customers) => {
-        res.render('customers', {
+        // If API request, return json
+        if(req.apiAuthenticated){
+            return res.status(200).json(customers);
+        }
+
+        return res.render('customers', {
            title: 'Customers - List',
            admin: true,
            customers: customers,
@ -116,7 +126,15 @@ router.get('/admin/customers/filter/:search', restrict, (req, res, next) => {
        if(err){
            console.error(colors.red('Error searching', err));
        }
-        res.render('customers', {
+
+        // If API request, return json
+        if(req.apiAuthenticated){
+            return res.status(200).json({
+                customers
+            });
+        }
+
+        return res.render('customers', {
            title: 'Customer results',
            customers: customers,
            admin: true,
--- a/routes/order.js
+++ b/routes/order.js
@ -135,7 +135,7 @@ router.get('/admin/orders/filter/:search', restrict, (req, res, next) => {
 router.get('/admin/order/delete/:id', restrict, (req, res) => {
    const db = req.app.db;

-    // remove the article
+    // remove the order
    db.orders.remove({ _id: common.getId(req.params.id) }, {}, (err, numRemoved) => {
        if(err){
            console.info(err.stack);
@ -157,8 +157,9 @@ router.post('/admin/order/statusupdate', restrict, checkAccess, (req, res) => {
    db.orders.update({ _id: common.getId(req.body.order_id) }, { $set: { orderStatus: req.body.status } }, { multi: false }, (err, numReplaced) => {
        if(err){
            console.info(err.stack);
+            return res.status(400).json({ message: 'Failed to update the order status' });
        }
-        res.status(200).json({ message: 'Status successfully updated' });
+        return res.status(200).json({ message: 'Status successfully updated' });
    });
 });

--- a/test/test.js
+++ b/test/test.js
@ -254,7 +254,7 @@ test.serial('[Success] Get orders', async t => {
    t.deepEqual(jsonData.orders.length, res.body.orders.length);
 });

-test.serial('[Fail] Try get orderes with a bogus apiKey', async t => {
+test.serial('[Fail] Try get orders with a bogus apiKey', async t => {
    const res = await request
        .get('/admin/orders')
        .set('apiKey', '123456789012345678901234')
@ -304,3 +304,33 @@ test.serial('[Fail] Try create a duplicate customer', async t => {

    t.deepEqual(res.body.err, 'A customer already exists with that email address');
 });
+
+test.serial('[Success] Get customer list', async t => {
+    const res = await request
+        .get('/admin/customers')
+        .set('apiKey', users[0].apiKey)
+        .expect(200);
+
+    // Check the returned customers length
+    t.deepEqual(2, res.body.length);
+});
+
+test.serial('[Success] Filter customers', async t => {
+    const res = await request
+        .get('/admin/customers')
+        .set('apiKey', users[0].apiKey)
+        .expect(200);
+
+    // Check the returned customers length
+    t.deepEqual(2, res.body.length);
+});
+
+test.serial('[Success] Get single customer', async t => {
+    const res = await request
+        .get('/admin/customer/view/' + customers[0]._id)
+        .set('apiKey', users[0].apiKey)
+        .expect(200);
+
+    // Check the returned customer matches ID
+    t.deepEqual(customers[0]._id.toString(), res.body._id);
+});