From 082bea9b5e88f30cc4b9cc599b8fdfd3299c2f96 Mon Sep 17 00:00:00 2001
From: juancarmore <juancar_more2@hotmail.com>
Date: Tue, 10 Jun 2025 12:49:19 +0200
Subject: [PATCH] test: add validation checks for recording URL responses and
 refactor related tests

---
 backend/tests/helpers/assertion-helpers.ts    | 12 +++++++++++
 .../api/recordings/get-recording-url.test.ts  | 21 ++++++++-----------
 .../api/security/recording-security.test.ts   | 18 +++++++++++++---
 3 files changed, 36 insertions(+), 15 deletions(-)

diff --git a/backend/tests/helpers/assertion-helpers.ts b/backend/tests/helpers/assertion-helpers.ts
index ae11bc7..31b6c70 100644
--- a/backend/tests/helpers/assertion-helpers.ts
+++ b/backend/tests/helpers/assertion-helpers.ts
@@ -441,6 +441,18 @@ export const expectSuccessListRecordingResponse = (
 	expect(response.body.pagination.maxItems).toBe(maxItems);
 };
 
+export const expectValidGetRecordingUrlResponse = (response: any, recordingId: string) => {
+	expect(response.status).toBe(200);
+	const recordingUrl = response.body.url;
+	expect(recordingUrl).toBeDefined();
+	
+	const parsedUrl = new URL(recordingUrl);
+	expect(parsedUrl.pathname).toBe(
+		`${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings/${recordingId}/media`
+	);
+	expect(parsedUrl.searchParams.get('secret')).toBeDefined();
+};
+
 export const expectValidRoomRolesAndPermissionsResponse = (response: any, roomId: string) => {
 	expect(response.status).toBe(200);
 	expect(response.body).toEqual(
diff --git a/backend/tests/integration/api/recordings/get-recording-url.test.ts b/backend/tests/integration/api/recordings/get-recording-url.test.ts
index c2ac2a8..757ff76 100644
--- a/backend/tests/integration/api/recordings/get-recording-url.test.ts
+++ b/backend/tests/integration/api/recordings/get-recording-url.test.ts
@@ -10,6 +10,7 @@ import {
 	startTestServer
 } from '../../../helpers/request-helpers.js';
 import { setupSingleRoomWithRecording } from '../../../helpers/test-scenarios.js';
+import { expectValidGetRecordingUrlResponse } from '../../../helpers/assertion-helpers.js';
 
 describe('Recording API Tests', () => {
 	let app: Express;
@@ -31,14 +32,12 @@ describe('Recording API Tests', () => {
 	describe('Get Recording URL Tests', () => {
 		it('should get public recording URL', async () => {
 			const response = await getRecordingUrl(recordingId);
-			expect(response.status).toBe(200);
-			const recordingUrl = response.body.url;
-			expect(recordingUrl).toBeDefined();
+			expectValidGetRecordingUrlResponse(response, recordingId);
 
 			// Parse the URL to extract the path
-			const parsedUrl = new URL(recordingUrl);
+			const parsedUrl = new URL(response.body.url);
 			const recordingPath = parsedUrl.pathname + parsedUrl.search;
-			
+
 			// Verify that the URL is publicly accessible
 			const publicResponse = await request(app).get(recordingPath);
 			expect(publicResponse.status).toBe(200);
@@ -46,17 +45,15 @@ describe('Recording API Tests', () => {
 
 		it('should get private recording URL', async () => {
 			const response = await getRecordingUrl(recordingId, true);
-			expect(response.status).toBe(200);
-			const recordingUrl = response.body.url;
-			expect(recordingUrl).toBeDefined();
+			expectValidGetRecordingUrlResponse(response, recordingId);
 
 			// Parse the URL to extract the path
-			const parsedUrl = new URL(recordingUrl);
+			const parsedUrl = new URL(response.body.url);
 			const recordingPath = parsedUrl.pathname + parsedUrl.search;
 
-            // Verify that the URL is not publicly accessible
-            const publicResponse = await request(app).get(recordingPath);
-            expect(publicResponse.status).toBe(401);
+			// Verify that the URL is not publicly accessible
+			const publicResponse = await request(app).get(recordingPath);
+			expect(publicResponse.status).toBe(401);
 		});
 
 		it('should fail with a 404 error when the recording does not exist', async () => {
diff --git a/backend/tests/integration/api/security/recording-security.test.ts b/backend/tests/integration/api/security/recording-security.test.ts
index e087049..babcc79 100644
--- a/backend/tests/integration/api/security/recording-security.test.ts
+++ b/backend/tests/integration/api/security/recording-security.test.ts
@@ -525,7 +525,11 @@ describe('Recording API Security Tests', () => {
 			const recordingUrl = recordingUrlResponse.body.url;
 			expect(recordingUrl).toBeDefined();
 
-			const response = await request(app).get(recordingUrl);
+			// Parse the URL to extract the path
+			const parsedUrl = new URL(recordingUrl);
+			const recordingPath = parsedUrl.pathname + parsedUrl.search;
+
+			const response = await request(app).get(recordingPath);
 			expect(response.status).toBe(200);
 		});
 
@@ -535,7 +539,11 @@ describe('Recording API Security Tests', () => {
 			const recordingUrl = recordingUrlResponse.body.url;
 			expect(recordingUrl).toBeDefined();
 
-			const response = await request(app).get(recordingUrl);
+			// Parse the URL to extract the path
+			const parsedUrl = new URL(recordingUrl);
+			const recordingPath = parsedUrl.pathname + parsedUrl.search;
+
+			const response = await request(app).get(recordingPath);
 			expect(response.status).toBe(401);
 		});
 
@@ -545,7 +553,11 @@ describe('Recording API Security Tests', () => {
 			const recordingUrl = recordingUrlResponse.body.url;
 			expect(recordingUrl).toBeDefined();
 
-			const response = await request(app).get(recordingUrl).set('Cookie', adminCookie);
+			// Parse the URL to extract the path
+			const parsedUrl = new URL(recordingUrl);
+			const recordingPath = parsedUrl.pathname + parsedUrl.search;
+
+			const response = await request(app).get(recordingPath).set('Cookie', adminCookie);
 			expect(response.status).toBe(200);
 		});