diff --git a/backend/tests/helpers/request-helpers.ts b/backend/tests/helpers/request-helpers.ts index ba738b9..f38c409 100644 --- a/backend/tests/helpers/request-helpers.ts +++ b/backend/tests/helpers/request-helpers.ts @@ -241,13 +241,13 @@ export const getRoom = async (roomId: string, fields?: string, cookie?: string, return await req; }; -export const getRoomPreferences = async (roomId: string, cookie: string, role: ParticipantRole) => { +export const getRoomPreferences = async (roomId: string) => { checkAppIsRunning(); + const adminCookie = await loginUser(); return await request(app) - .get(`${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/rooms/${roomId}/preferences`) - .set('Cookie', cookie) - .set(INTERNAL_CONFIG.PARTICIPANT_ROLE_HEADER, role) + .get(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms/${roomId}/preferences`) + .set('Cookie', adminCookie) .send(); }; @@ -256,9 +256,9 @@ export const updateRoomPreferences = async (roomId: string, preferences: any) => const adminCookie = await loginUser(); return await request(app) - .put(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms/${roomId}`) + .put(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms/${roomId}/preferences`) .set('Cookie', adminCookie) - .send(preferences); + .send({ preferences }); }; export const updateRecordingAccessPreferencesInRoom = async (roomId: string, recordingAccess: MeetRecordingAccess) => { @@ -540,7 +540,7 @@ export const updateParticipant = async ( checkAppIsRunning(); const response = await request(app) - .patch(`${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/meetings/${roomId}/participants/${participantIdentity}`) + .put(`${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/meetings/${roomId}/participants/${participantIdentity}/role`) .set('Cookie', moderatorCookie) .set(INTERNAL_CONFIG.PARTICIPANT_ROLE_HEADER, ParticipantRole.MODERATOR) .send({ role: newRole }); diff --git a/backend/tests/integration/api/rooms/get-room-preferences.test.ts b/backend/tests/integration/api/rooms/get-room-preferences.test.ts index d94c519..72b6eff 100644 --- a/backend/tests/integration/api/rooms/get-room-preferences.test.ts +++ b/backend/tests/integration/api/rooms/get-room-preferences.test.ts @@ -1,5 +1,5 @@ import { afterEach, beforeAll, describe, it } from '@jest/globals'; -import { MeetRecordingAccess, ParticipantRole } from '../../../../src/typings/ce/index.js'; +import { MeetRecordingAccess } from '../../../../src/typings/ce/index.js'; import { expectSuccessRoomPreferencesResponse } from '../../../helpers/assertion-helpers.js'; import { deleteAllRooms, getRoomPreferences, startTestServer } from '../../../helpers/request-helpers.js'; import { setupSingleRoom } from '../../../helpers/test-scenarios.js'; @@ -27,9 +27,8 @@ describe('Room API Tests', () => { it('should successfully retrieve a room by its ID', async () => { const roomData = await setupSingleRoom(); const roomId = roomData.room.roomId; - const cookie = roomData.moderatorCookie; - const response = await getRoomPreferences(roomId, cookie, ParticipantRole.MODERATOR); + const response = await getRoomPreferences(roomId); expectSuccessRoomPreferencesResponse(response, DEFAULT_PREFERENCES); }); @@ -48,9 +47,8 @@ describe('Room API Tests', () => { const roomData = await setupSingleRoom(false, payload.roomName, payload.preferences); const roomId = roomData.room.roomId; - const cookie = roomData.moderatorCookie; - const response = await getRoomPreferences(roomId, cookie, ParticipantRole.MODERATOR); + const response = await getRoomPreferences(roomId); expectSuccessRoomPreferencesResponse(response, payload.preferences); }); }); diff --git a/backend/tests/integration/api/rooms/update-room.test.ts b/backend/tests/integration/api/rooms/update-room.test.ts index 03a9f41..cb0ef7d 100644 --- a/backend/tests/integration/api/rooms/update-room.test.ts +++ b/backend/tests/integration/api/rooms/update-room.test.ts @@ -69,8 +69,7 @@ describe('Room API Tests', () => { // Verify update response expect(updateResponse.status).toBe(200); - expect(updateResponse.body).toBeDefined(); - expect(updateResponse.body.preferences).toEqual(updatedPreferences); + expect(updateResponse.body).toHaveProperty('message'); // Verify with a get request const getResponse = await getRoom(createdRoom.roomId); @@ -105,7 +104,7 @@ describe('Room API Tests', () => { // Verify update response expect(updateResponse.status).toBe(200); - expect(updateResponse.body.preferences).toEqual(partialPreferences); + expect(updateResponse.body).toHaveProperty('message'); // Verify with a get request const getResponse = await getRoom(createdRoom.roomId); @@ -187,22 +186,6 @@ describe('Room API Tests', () => { expect(JSON.stringify(response.body.details)).toContain('recordingPreferences.allowAccessTo'); }); - it('should fail when room ID contains invalid characters', async () => { - const invalidRoomId = '!@#$%^&*()'; - - const preferences = { - recordingPreferences: { - enabled: false - }, - chatPreferences: { enabled: false }, - virtualBackgroundPreferences: { enabled: false } - }; - const response = await updateRoomPreferences(invalidRoomId, preferences); - - expect(response.status).toBe(422); - expect(JSON.stringify(response.body.details)).toContain('roomId cannot be empty after sanitization'); - }); - it('should return 404 when updating non-existent room', async () => { const nonExistentRoomId = 'non-existent-room'; diff --git a/backend/tests/integration/api/security/meeting-security.test.ts b/backend/tests/integration/api/security/meeting-security.test.ts index c134d3c..918ba64 100644 --- a/backend/tests/integration/api/security/meeting-security.test.ts +++ b/backend/tests/integration/api/security/meeting-security.test.ts @@ -97,7 +97,7 @@ describe('Meeting API Security Tests', () => { it('should fail when request includes API key', async () => { const response = await request(app) - .patch(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`) + .put(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}/role`) .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY) .send({ role }); expect(response.status).toBe(401); @@ -105,7 +105,7 @@ describe('Meeting API Security Tests', () => { it('should fail when user is authenticated as admin', async () => { const response = await request(app) - .patch(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`) + .put(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}/role`) .set('Cookie', adminCookie) .send({ role }); expect(response.status).toBe(401); @@ -113,7 +113,7 @@ describe('Meeting API Security Tests', () => { it('should succeed when participant is moderator', async () => { const response = await request(app) - .patch(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`) + .put(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}/role`) .set('Cookie', roomData.moderatorCookie) .set(INTERNAL_CONFIG.PARTICIPANT_ROLE_HEADER, ParticipantRole.MODERATOR) .send({ role }); @@ -124,7 +124,7 @@ describe('Meeting API Security Tests', () => { const newRoomData = await setupSingleRoom(); const response = await request(app) - .patch(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`) + .put(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}/role`) .set('Cookie', newRoomData.moderatorCookie) .set(INTERNAL_CONFIG.PARTICIPANT_ROLE_HEADER, ParticipantRole.MODERATOR) .send({ role }); @@ -133,7 +133,7 @@ describe('Meeting API Security Tests', () => { it('should fail when participant is speaker', async () => { const response = await request(app) - .patch(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`) + .put(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}/role`) .set('Cookie', roomData.speakerCookie) .set(INTERNAL_CONFIG.PARTICIPANT_ROLE_HEADER, ParticipantRole.SPEAKER) .send({ role }); diff --git a/backend/tests/integration/api/security/room-security.test.ts b/backend/tests/integration/api/security/room-security.test.ts index a42a135..2db6bdd 100644 --- a/backend/tests/integration/api/security/room-security.test.ts +++ b/backend/tests/integration/api/security/room-security.test.ts @@ -179,6 +179,69 @@ describe('Room API Security Tests', () => { }); }); + describe('Get Room Preferences Tests', () => { + let roomData: RoomData; + + beforeAll(async () => { + roomData = await setupSingleRoom(); + }); + + it('should succeed when request includes API key', async () => { + const response = await request(app) + .get(`${ROOMS_PATH}/${roomData.room.roomId}/preferences`) + .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY); + expect(response.status).toBe(200); + }); + + it('should succeed when user is authenticated as admin', async () => { + const response = await request(app) + .get(`${ROOMS_PATH}/${roomData.room.roomId}/preferences`) + .set('Cookie', adminCookie); + expect(response.status).toBe(200); + }); + + it('should fail when user is not authenticated', async () => { + const response = await request(app).get(`${ROOMS_PATH}/${roomData.room.roomId}/preferences`); + expect(response.status).toBe(401); + }); + + it('should succeed when participant is moderator', async () => { + const response = await request(app) + .get(`${ROOMS_PATH}/${roomData.room.roomId}/preferences`) + .set('Cookie', roomData.moderatorCookie) + .set(INTERNAL_CONFIG.PARTICIPANT_ROLE_HEADER, ParticipantRole.MODERATOR); + expect(response.status).toBe(200); + }); + + it('should fail when participant is moderator of a different room', async () => { + const newRoomData = await setupSingleRoom(); + + const response = await request(app) + .get(`${ROOMS_PATH}/${roomData.room.roomId}/preferences`) + .set('Cookie', newRoomData.moderatorCookie) + .set(INTERNAL_CONFIG.PARTICIPANT_ROLE_HEADER, ParticipantRole.MODERATOR); + expect(response.status).toBe(403); + }); + + it('should succeed when participant is speaker', async () => { + const response = await request(app) + .get(`${ROOMS_PATH}/${roomData.room.roomId}/preferences`) + .set('Cookie', roomData.speakerCookie) + .set(INTERNAL_CONFIG.PARTICIPANT_ROLE_HEADER, ParticipantRole.SPEAKER); + expect(response.status).toBe(200); + }); + + it('should fail when participant is speaker of a different room', async () => { + const newRoomData = await setupSingleRoom(); + + const response = await request(app) + .get(`${ROOMS_PATH}/${roomData.room.roomId}/preferences`) + .set('Cookie', newRoomData.speakerCookie) + .set(INTERNAL_CONFIG.PARTICIPANT_ROLE_HEADER, ParticipantRole.SPEAKER); + expect(response.status).toBe(403); + }); + }); + describe('Update Room Preferences Tests', () => { const roomPreferences = { recordingPreferences: { @@ -198,89 +261,28 @@ describe('Room API Security Tests', () => { it('should succeed when request includes API key', async () => { const response = await request(app) - .put(`${ROOMS_PATH}/${roomId}`) + .put(`${ROOMS_PATH}/${roomId}/preferences`) .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY) - .send(roomPreferences); + .send({ preferences: roomPreferences }); expect(response.status).toBe(200); }); it('should succeed when user is authenticated as admin', async () => { const response = await request(app) - .put(`${ROOMS_PATH}/${roomId}`) + .put(`${ROOMS_PATH}/${roomId}/preferences`) .set('Cookie', adminCookie) - .send(roomPreferences); + .send({ preferences: roomPreferences }); expect(response.status).toBe(200); }); it('should fail when user is not authenticated', async () => { - const response = await request(app).put(`${ROOMS_PATH}/${roomId}`).send(roomPreferences); + const response = await request(app) + .put(`${ROOMS_PATH}/${roomId}/preferences`) + .send({ preferences: roomPreferences }); expect(response.status).toBe(401); }); }); - describe('Get Room Preferences Tests', () => { - let roomData: RoomData; - - beforeAll(async () => { - roomData = await setupSingleRoom(); - }); - - it('should fail when request includes API key', async () => { - const response = await request(app) - .get(`${INTERNAL_ROOMS_PATH}/${roomData.room.roomId}/preferences`) - .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY); - expect(response.status).toBe(401); - }); - - it('should fail when user is authenticated as admin', async () => { - const response = await request(app) - .get(`${INTERNAL_ROOMS_PATH}/${roomData.room.roomId}/preferences`) - .set('Cookie', adminCookie); - expect(response.status).toBe(401); - }); - - it('should fail when user is not authenticated', async () => { - const response = await request(app).get(`${INTERNAL_ROOMS_PATH}/${roomData.room.roomId}/preferences`); - expect(response.status).toBe(401); - }); - - it('should succeed when participant is moderator', async () => { - const response = await request(app) - .get(`${INTERNAL_ROOMS_PATH}/${roomData.room.roomId}/preferences`) - .set('Cookie', roomData.moderatorCookie) - .set(INTERNAL_CONFIG.PARTICIPANT_ROLE_HEADER, ParticipantRole.MODERATOR); - expect(response.status).toBe(200); - }); - - it('should fail when participant is moderator of a different room', async () => { - const newRoomData = await setupSingleRoom(); - - const response = await request(app) - .get(`${INTERNAL_ROOMS_PATH}/${roomData.room.roomId}/preferences`) - .set('Cookie', newRoomData.moderatorCookie) - .set(INTERNAL_CONFIG.PARTICIPANT_ROLE_HEADER, ParticipantRole.MODERATOR); - expect(response.status).toBe(403); - }); - - it('should succeed when participant is speaker', async () => { - const response = await request(app) - .get(`${INTERNAL_ROOMS_PATH}/${roomData.room.roomId}/preferences`) - .set('Cookie', roomData.speakerCookie) - .set(INTERNAL_CONFIG.PARTICIPANT_ROLE_HEADER, ParticipantRole.SPEAKER); - expect(response.status).toBe(200); - }); - - it('should fail when participant is speaker of a different room', async () => { - const newRoomData = await setupSingleRoom(); - - const response = await request(app) - .get(`${INTERNAL_ROOMS_PATH}/${roomData.room.roomId}/preferences`) - .set('Cookie', newRoomData.speakerCookie) - .set(INTERNAL_CONFIG.PARTICIPANT_ROLE_HEADER, ParticipantRole.SPEAKER); - expect(response.status).toBe(403); - }); - }); - describe('Generate Recording Token Tests', () => { let roomData: RoomData;