diff --git a/server/controllers/bookingController.js b/server/controllers/bookingController.js index b38dd78..ff206c9 100644 --- a/server/controllers/bookingController.js +++ b/server/controllers/bookingController.js @@ -55,14 +55,14 @@ const bookingController = { const user = database.users.find(user => user.email == tokens.decoded(req, res).email); if (user) { let { trip_id } = req.body; - const result = Joi.validate({ trip_id }, schema.trips); + const result = Joi.validate({ trip_id }, schema.bookings); if (result.error) { return res.status(400).json({ status: 400, message: `${result.error.details[0].message}` }); }; const trip = database.trips.find(trip => trip.id == trip_id); - if (!trip) {; return res.status(404).json({ status: 404, message: "the trip to book was not found" }) }; + if (!trip) { return res.status(404).json({ status: 404, message: "the trip to book was not found" }) }; const newBooking = { trip_id: trip.id, @@ -75,9 +75,10 @@ const bookingController = { user_email: user.email, createdon: moment().format('ll'), } - if (trip.seats_left < 1) { return res.status(404).json({ status: 404, message: "There are no seats left on tthis trip" }) }; - database.bookings.push(newBooking); database.trips.find(trip => trip.id == newBooking.trip_id).seats_left -= 1; + if (trip.seats_left < 1) { return res.status(404).json({ status: 404, message: "There are no seats left on this trip" }) }; + database.bookings.push(newBooking); + return res.status(201).json({ status: 201, message: "Booking created", data: newBooking }) } return res.status(401).json({ status: 401, message: "You are unauthorized for this operation. Sign in first" }); diff --git a/server/controllers/tripController.js b/server/controllers/tripController.js index 1f604dc..a2158d9 100644 --- a/server/controllers/tripController.js +++ b/server/controllers/tripController.js @@ -22,7 +22,7 @@ const tripController = { }, getSpecificTrip(req, res) { const user = database.users.find(user => user.email == tokens.decoded(req, res).email); - console.log(tokens.decoded(req, res)); + const id = req.params.trip_id; const trip = database.trips.find(trip => trip.id === parseInt(id, 10)); @@ -47,7 +47,9 @@ const tripController = { database.trips.find(trip => trip.id === parseInt(id, 10)).status = "cancelled"; return res.status(200).json({ status: 200, message: "Trip cancelled successfully", data: database.trips.find(trip => trip.id === parseInt(id, 10)) }); + } + return res.status(401).json({ status: 401, message: "You are not registered as an admin" }); }; return res.status(401).json({ status: 401, message: "You are unauthorized to access trips... You are not yet registered" }); diff --git a/server/middlewares/validation.js b/server/middlewares/validation.js index fb81c78..0ebd180 100644 --- a/server/middlewares/validation.js +++ b/server/middlewares/validation.js @@ -27,14 +27,17 @@ const schema = { }), trips: Joi.object().keys({ - trip_id: Joi.number().required(), - origin: Joi.string().min(3).max(30), - destination: Joi.string().min(3).max(30), - trip_date: Joi.date(), // .format('DD-MM-YYYY'). - fare: Joi.number(), - bus_license_number: Joi.string().regex(/^[a-zA-Z0-9 ]*$/), - seating_capacity: Joi.number().min(10).max(120), - status: Joi.string().valid('active', 'cancelled') + trip_id: Joi.number(), + origin: Joi.string().min(3).max(30).required(), + destination: Joi.string().min(3).max(30).required(), + trip_date: Joi.date().required(), // .format('DD-MM-YYYY'). + fare: Joi.number().required(), + bus_license_number: Joi.string().regex(/^[a-zA-Z0-9 ]*$/).required(), + seating_capacity: Joi.number().min(10).max(120).required(), + status: Joi.string().valid('active', 'cancelled'), + }), + bookings: Joi.object().keys({ + trip_id: Joi.number().required() }) }; diff --git a/server/tests/tripTests.js b/server/tests/tripTests.js new file mode 100644 index 0000000..bd3a82c --- /dev/null +++ b/server/tests/tripTests.js @@ -0,0 +1,249 @@ +import mocha from 'mocha'; +import chai from 'chai'; +import chaiHttp from 'chai-http'; +import app from '../app'; +import tokens from '../helpers/tokens'; + +chai.use(chaiHttp); +chai.should(); + +const admin_payload = { + id: 1, + email: 'baraka@gmail.com', + first_name: 'baraka', + last_name: 'jean' +}; +const user_payload = { + id: 2, + email: 'jean@gmail.com', + first_name: 'jean', + last_name: 'pierre' +}; +const nau_payload = { + id: 432, + email: 'email@mail.org', + first_name: 'notauser', + last_name: 'peter' +} +const token = tokens.getToken(user_payload); +const tokenNAU = tokens.getToken(nau_payload); +const tokenAd = tokens.getToken(admin_payload); + +describe('before each', () => { + beforeEach((done) => { + done(); + }) +}) +describe('Trip tests', () => { + + it('should be able to view specific trip when he is a user', () => { + chai.request(app).get("api/v1/trips/1") + .set('authorization', `Bearer ${token}`) + .end((err, res) => { + res.should.has.status(200); + done(); + }) + }); + it('should be able to view specific trip when he is an admin', () => { + chai.request(app).get("api/v1/trips/1") + .set('authorization', `Bearer ${tokenAd}`) + .end((err, res) => { + res.should.has.status(200); + done(); + }) + }); + it('should not be able to view specific trip when he is not a user', () => { + chai.request(app).get("api/v1/trips/1") + .set('authorization', `Bearer ${tokenNAU}`) + .end((err, res) => { + res.should.has.status(401); + done(); + }) + }); + + + it('should be able to view all trips when he is a user', () => { + chai.request(app).get("api/v1/trips") + .set('authorization', `Bearer ${token}`) + .end((err, res) => { + res.should.has.status(200); + done(); + }) + }); + it('should be able to view all trips when he is an admin', () => { + chai.request(app).get("api/v1/trips") + .set('authorization', `Bearer ${tokenAd}`) + .end((err, res) => { + res.should.has.status(200); + done(); + }) + }); + it('should not be able to view all trips when he is not a user', () => { + chai.request(app).get("api/v1/trips") + .set('authorization', `Bearer fsdfsfgdhrefs`) + .end((err, res) => { + res.should.has.status(401); + done(); + }) + }); + it('should not be able to view specific trip which does not exist', () => { + chai.request(app).get("api/v1/trips/23") + .set('authorization', `Bearer ${token}`) + .end((err, res) => { + res.should.has.status(404); + done(); + }) + }); + it('should be able to view an existing trip', () => { + chai.request(app).get("api/v1/trips/1") + .set('authorization', `Bearer ${token}`) + .end((err, res) => { + res.should.has.status(200); + done(); + }) + }); + + it('should not be able to view a non existing trip', () => { + chai.request(app).get("api/v1/trips/1234") + .set('authorization', `Bearer ${token}`) + .end((err, res) => { + res.should.has.status(404); + done(); + }) + }); + + //for cancelling a trip + it('should be able to cancel trip when he is an admin', () => { + chai.request(app).patch("api/v1/trips/1/cancel") + .set('authorization', `Bearer ${tokenAd}`) + .end((err, res) => { + res.should.has.status(200); + done(); + }) + }); + it('should not be able to cancel trip when he is a user', () => { + chai.request(app).patch("api/v1/trips/1/cancel") + .set('authorization', `Bearer ${token}`) + .end((err, res) => { + res.should.has.status(401); + done(); + }) + }); + it('should not be able to cancel trip when he is not a user', () => { + chai.request(app).patch("api/v1/trips/1/cancel") + .set('authorization', `Bearer ${tokenNAU}`) + .end((err, res) => { + res.should.has.status(401); + done(); + }) + }); + it('should not be able to cancel trip which does not exist', () => { + chai.request(app).patch("api/v1/trips/3545/cancel") + .set('authorization', `Bearer ${token}`) + .end((err, res) => { + res.should.has.status(404); + done(); + }) + }); + //for creating a new trip + it('should not be able to create trip when he is not an admin', () => { + chai.request(app).post("api/v1/trips") + .send({ + origin: "kigali", + destination: "musanze", + seating_capacity: "50", + trip_date: "5090", + fare: "400", + bus_license_number: "RAB 483A", + }) + .set('authorization', `Bearer ${token}`) + .end((err, res) => { + res.should.has.status(401); + done(); + }) + }); + it('should not be able to create trip when origin is empty', () => { + chai.request(app).post("api/v1/trips") + .send({ + origin: "", + destination: "musanze", + seating_capacity: "50", + trip_date: "5090", + fare: "400", + bus_license_number: "RAB 483A", + }) + .set('authorization', `Bearer ${tokenAd}`) + .end((err, res) => { + res.should.has.status(400); + done(); + }) + }); + it('should not be able to create trip when destination is empty', () => { + chai.request(app).post("api/v1/trips") + .send({ + origin: "rubavu", + destination: "", + seating_capacity: "50", + trip_date: "5090", + fare: "400", + bus_license_number: "RAB 483A", + }) + .set('authorization', `Bearer ${tokenAd}`) + .end((err, res) => { + res.should.has.status(400); + done(); + }) + }); + it('should not be able to create trip when fare is empty', () => { + chai.request(app).post("api/v1/trips") + .send({ + origin: "rubavu", + destination: "kigali", + seating_capacity: "50", + trip_date: "5090", + fare: "", + bus_license_number: "RAB 483A", + }) + .set('authorization', `Bearer ${tokenAd}`) + .end((err, res) => { + + res.should.has.status(400); + done(); + }) + }); + it('should not be able to create trip when bus_license_number is empty', () => { + chai.request(app).post("api/v1/trips") + .send({ + origin: "rubavu", + destination: "kigali", + seating_capacity: "50", + trip_date: "5090", + fare: "230", + bus_license_number: "", + }) + .set('authorization', `Bearer ${tokenAd}`) + .end((err, res) => { + + res.should.has.status(400); + done(); + }) + }); + it('should not be able to create trip when fare is empty', () => { + chai.request(app).post("api/v1/trips") + .send({ + origin: "rubavu", + destination: "kigali", + seating_capacity: "50", + trip_date: "5090", + fare: "", + bus_license_number: "RAB 483A", + }) + .set('authorization', `Bearer ${tokenAd}`) + .end((err, res) => { + + res.should.has.status(400); + done(); + }) + }); + +}) \ No newline at end of file diff --git a/server/tests/userTests.js b/server/tests/userTests.js index 1bc4d08..2b104a6 100644 --- a/server/tests/userTests.js +++ b/server/tests/userTests.js @@ -23,7 +23,7 @@ describe('Authentication test', () => { }) .end((err, res) => { res.should.has.status(404); - + done(); }) }); @@ -33,7 +33,8 @@ describe('Authentication test', () => { password: "f3425fsfsfsfsf4", }) .end((err, res) => { - res.should.has.status(400) + res.should.has.status(400); + done(); }) }); it('should not be able to sign in when password is empty', () => { @@ -42,7 +43,8 @@ describe('Authentication test', () => { password: "", }) .end((err, res) => { - res.should.has.status(400) + res.should.has.status(400); + done(); }) }); @@ -52,17 +54,19 @@ describe('Authentication test', () => { password: "ty", }) .end((err, res) => { - res.should.has.status(400) + res.should.has.status(400); + done(); }) }); it('should not be able to sign in when email is invalid', () => { chai.request(app).post("api/v1/auth/signin").send({ - email: "abcs876", + email: "abcs@876", password: "f3425fsfsfsfsf4", }) .end((err, res) => { - res.should.has.status(400) + res.should.has.status(400); + done(); }) }); @@ -75,7 +79,7 @@ describe('Authentication test', () => { res.should.has.status(400); done(); }) - }) + }); it('should not be able to sign in when all the fields have whitespaces', () => { chai.request(app).post("api/v1/auth/signin").send({ @@ -86,7 +90,7 @@ describe('Authentication test', () => { rs.should.has.status(400); done(); }) - }) + }); //for sign up auth @@ -205,9 +209,6 @@ describe('Authentication test', () => { }); - - - //when they contain whitespaces it('should not be able to sign up when last name fied has white spaces', (done) => { @@ -274,7 +275,7 @@ describe('Authentication test', () => { res.should.has.status(400); done(); }) - }) + }); it('should not be able tosign up when all the fields have whitespaces', () => { chai.request(app).post("api/v1/auth/signup").send({ @@ -287,7 +288,7 @@ describe('Authentication test', () => { res.should.has.status(400); done(); }) - }) + }); it('should return an error when the api does not exist', () => { chai.request(app).post("api/v1/autgfgdp").send({ @@ -296,6 +297,6 @@ describe('Authentication test', () => { res.should.has.status(500); done(); }) - }) + }); }) \ No newline at end of file