diff --git a/internal/models/desk.go b/internal/models/desk.go index d510f267972cdf9edf940be1cc4f64bd6a40bb20..45bdfa28baf403a57b73c29de114990da07ae6ad 100644 --- a/internal/models/desk.go +++ b/internal/models/desk.go @@ -55,14 +55,14 @@ func (d *DataHandler) handleDesk(w http.ResponseWriter, r *http.Request) { func (d *DataHandler) getDesk(w http.ResponseWriter, r *http.Request, id int) { if id != 0 { var o Desk - if err := d.db.First(&o, id).Error; err != nil { + if err := d.db.Preload("DeskRounds").First(&o, id).Error; err != nil { http.Error(w, ErrorIDIsMissing, http.StatusNotFound) return } json.NewEncoder(w).Encode(o) } else { var o []Desk - d.db.Find(&o) + d.db.Preload("DeskRounds").Find(&o) json.NewEncoder(w).Encode(o) } } @@ -89,7 +89,7 @@ func (d *DataHandler) postDesk(w http.ResponseWriter, r *http.Request) { func (d *DataHandler) putDesk(w http.ResponseWriter, r *http.Request, id int) { var o Desk - if err := d.db.First(&o, id).Error; err != nil { + if err := d.db.Preload("DeskRounds").First(&o, id).Error; err != nil { http.Error(w, ErrorIDIsMissing, http.StatusNotFound) return } diff --git a/internal/models/deskRound.go b/internal/models/deskRound.go new file mode 100644 index 0000000000000000000000000000000000000000..1a73c09ab40bc2b09ff5ddb4a8ae5e1aabc7108f --- /dev/null +++ b/internal/models/deskRound.go @@ -0,0 +1,16 @@ +package models + +func (d *DataHandler) createDeskRound(roundID uint, deskID uint) { + var o DeskRound + o.RoundID = roundID + o.DeskID = deskID + o.Completed = false + o.Validated = false + + d.db.Create(&o) +} + +func (d *DataHandler) deleteDeskRound(deskRound DeskRound) { + + d.db.Delete(&deskRound) +} diff --git a/internal/models/models.go b/internal/models/models.go index 38eb6d2315618ae594525a3bd73c03f629a2138a..83d12c1958b905b0beaa3196dee6d5cc7fac210f 100644 --- a/internal/models/models.go +++ b/internal/models/models.go @@ -82,6 +82,7 @@ type Desk struct { Name string WitnessDesk bool Subscribed uint + DeskRounds []DeskRound } // Party represent a political party or tendance @@ -112,7 +113,7 @@ type Parameter struct { CreatedAt time.Time `json:"-"` UpdatedAt time.Time `json:"-"` DeletedAt *time.Time `json:"-"` - CountBalnkAndNull bool + CountBlankAndNull bool ShowOnlyCompleted bool ShowMap bool } @@ -125,9 +126,8 @@ type Round struct { DeletedAt *time.Time `json:"-"` ElectionID uint Parameter Parameter - Name string - Date time.Time - Tour uint + Date string + Round uint DeskRounds []DeskRound CandidateLists []CandidateList } @@ -139,6 +139,7 @@ type DeskRound struct { UpdatedAt time.Time `json:"-"` DeletedAt *time.Time `json:"-"` RoundID uint + DeskID uint Capturers []Capturer `gorm:"many2many:capturer_deskrounds;"` Completed bool DateCompletion time.Time @@ -226,6 +227,8 @@ func (d *DataHandler) ProcessAPI(w http.ResponseWriter, r *http.Request) { d.handleSection(w, r) case "Desk": d.handleDesk(w, r) + case "Round": + d.handleRound(w, r) } } diff --git a/internal/models/round.go b/internal/models/round.go new file mode 100644 index 0000000000000000000000000000000000000000..9fac65a19101b3d0922232c9eabcebd1a6bc252b --- /dev/null +++ b/internal/models/round.go @@ -0,0 +1,132 @@ +package models + +import ( + "encoding/json" + "net/http" + "strconv" + "strings" + + "forge.grandlyon.com/apoyen/elections/internal/auth" +) + +func (d *DataHandler) handleRound(w http.ResponseWriter, r *http.Request) { + id, _ := strconv.Atoi(strings.TrimPrefix(r.URL.Path, "/api/Round/")) + switch method := r.Method; method { + case "GET": + switch auth.GetLoggedUserTechnical(w, r).Role { + case "ADMIN", "CAPTURER", "VISUALIZER": + d.getRound(w, r, id) + default: + http.Error(w, ErrorRoleOfLoggedUser, http.StatusInternalServerError) + } + case "POST": + switch auth.GetLoggedUserTechnical(w, r).Role { + case "ADMIN": + d.postRound(w, r) + case "CAPTURER", "VISUALIZER": + http.Error(w, ErrorNotAuthorizeMethodOnRessource, http.StatusMethodNotAllowed) + default: + http.Error(w, ErrorRoleOfLoggedUser, http.StatusInternalServerError) + } + + case "PUT": + switch auth.GetLoggedUserTechnical(w, r).Role { + case "ADMIN": + d.putRound(w, r, id) + case "CAPTURER", "VISUALIZER": + http.Error(w, ErrorNotAuthorizeMethodOnRessource, http.StatusMethodNotAllowed) + default: + http.Error(w, ErrorRoleOfLoggedUser, http.StatusInternalServerError) + } + case "DELETE": + switch auth.GetLoggedUserTechnical(w, r).Role { + case "ADMIN": + d.deleteRound(w, r, id) + case "CAPTURER", "VISUALIZER": + http.Error(w, ErrorNotAuthorizeMethodOnRessource, http.StatusMethodNotAllowed) + default: + http.Error(w, ErrorRoleOfLoggedUser, http.StatusInternalServerError) + } + default: + http.Error(w, "method not allowed", 400) + } +} + +func (d *DataHandler) getRound(w http.ResponseWriter, r *http.Request, id int) { + if id != 0 { + var o Round + if err := d.db.Preload("DeskRounds").Preload("CandidateLists").First(&o, id).Error; err != nil { + http.Error(w, ErrorIDIsMissing, http.StatusNotFound) + return + } + json.NewEncoder(w).Encode(o) + } else { + var o []Round + d.db.Preload("DeskRounds").Preload("CandidateLists").Find(&o) + json.NewEncoder(w).Encode(o) + } +} + +func (d *DataHandler) postRound(w http.ResponseWriter, r *http.Request) { + var o Round + err := json.NewDecoder(r.Body).Decode(&o) + if err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } + + d.db.Create(&o) + d.db.Last(&o) + + var election Election + d.db.Preload("Areas").First(&election, o.ElectionID) + for _, area := range election.Areas { + d.db.Preload("Sections").First(&area, area.ID) + for _, section := range area.Sections { + d.db.Preload("Desks").First(§ion, section.ID) + for _, desk := range section.Desks { + d.createDeskRound(o.ID, desk.ID) + } + } + } + json.NewEncoder(w).Encode(o) + +} + +func (d *DataHandler) putRound(w http.ResponseWriter, r *http.Request, id int) { + var o Round + if err := d.db.Preload("DeskRounds").Preload("CandidateLists").First(&o, id).Error; err != nil { + http.Error(w, ErrorIDIsMissing, http.StatusNotFound) + return + } + + var round Round + err := json.NewDecoder(r.Body).Decode(&round) + if err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } + o.Date = round.Date + o.Round = round.Round + d.db.Save(&o) + json.NewEncoder(w).Encode(o) + +} + +func (d *DataHandler) deleteRound(w http.ResponseWriter, r *http.Request, id int) { + if id != 0 { + var o Round + if err := d.db.Preload("DeskRounds").Preload("CandidateLists").First(&o, id).Error; err != nil { + http.Error(w, ErrorIDIsMissing, http.StatusNotFound) + return + } + + for _, deskRound := range o.DeskRounds { + d.deleteDeskRound(deskRound) + } + + d.db.Delete(&o) + } else { + http.Error(w, ErrorIDIsMissing, http.StatusNotFound) + } +} diff --git a/internal/rootmux/admin_test.go b/internal/rootmux/admin_test.go index a18624e1607c260db95199ddba59812cf20397dc..4230e940f753bd09d63cdd2acd6d16d0e9c77200 100644 --- a/internal/rootmux/admin_test.go +++ b/internal/rootmux/admin_test.go @@ -61,14 +61,25 @@ func AdminTests(t *testing.T) { do("PUT", "/api/Section/1", xsrfHeader, `{"ID":1,"AreaID":1,"Name":"Section 1","MapID":"5"}`, 200, `{"ID":1,"AreaID":1,"Name":"Section 1","MapID":"5","Desks":[]}`) // Create a Desk - do("POST", "/api/Desk", xsrfHeader, `{"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}`, 200, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}`) + do("POST", "/api/Desk", xsrfHeader, `{"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}`, 200, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587,"DeskRounds":null}`) // Get the desk - do("GET", "/api/Desk/1", xsrfHeader, ``, 200, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}`) + do("GET", "/api/Desk/1", xsrfHeader, ``, 200, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587,"DeskRounds":[]}`) // Get all the desks - do("GET", "/api/Desk/", xsrfHeader, ``, 200, `[{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}]`) + do("GET", "/api/Desk/", xsrfHeader, ``, 200, `[{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587,"DeskRounds":[]}]`) // Update a desk - do("PUT", "/api/Desk/1", xsrfHeader, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":false,"Subscribed":3587}`, 200, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":false,"Subscribed":3587}`) + do("PUT", "/api/Desk/1", xsrfHeader, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":false,"Subscribed":3587}`, 200, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":false,"Subscribed":3587,"DeskRounds":[]}`) + // Create a Round + do("POST", "/api/Round", xsrfHeader, `{"ElectionID":1,"Date":"2020-06-28","Round":1}`, 200, `{"ID":1,"ElectionID":1,"Parameter":{"ID":0,"CountBlankAndNull":false,"ShowOnlyCompleted":false,"ShowMap":false},"Date":"2020-06-28","Round":1,"DeskRounds":null,"CandidateLists":null}`) + // Get a Round + do("GET", "/api/Round/1", xsrfHeader, ``, 200, `{"ID":1,"ElectionID":1,"Parameter":{"ID":0,"CountBlankAndNull":false,"ShowOnlyCompleted":false,"ShowMap":false},"Date":"2020-06-28","Round":1,"DeskRounds":[{"ID":1,"RoundID":1,"DeskID":1,"Capturers":null,"Completed":false,"DateCompletion":"0001-01-01T00:00:00Z","Validated":false,"Votes":null}],"CandidateLists":[]}`) + // Get Rounds + do("GET", "/api/Round/", xsrfHeader, ``, 200, `[{"ID":1,"ElectionID":1,"Parameter":{"ID":0,"CountBlankAndNull":false,"ShowOnlyCompleted":false,"ShowMap":false},"Date":"2020-06-28","Round":1,"DeskRounds":[{"ID":1,"RoundID":1,"DeskID":1,"Capturers":null,"Completed":false,"DateCompletion":"0001-01-01T00:00:00Z","Validated":false,"Votes":null}],"CandidateLists":[]}]`) + // Update a Round + do("PUT", "/api/Round/1", xsrfHeader, `{"ID":1,"ElectionID":1,"Date":"2020-07-28","Round":2}`, 200, `{"ID":1,"ElectionID":1,"Parameter":{"ID":0,"CountBlankAndNull":false,"ShowOnlyCompleted":false,"ShowMap":false},"Date":"2020-07-28","Round":2,"DeskRounds":[{"ID":1,"RoundID":1,"DeskID":1,"Capturers":null,"Completed":false,"DateCompletion":"0001-01-01T00:00:00Z","Validated":false,"Votes":null}],"CandidateLists":[]}`) + + // Delete a Round + do("DELETE", "/api/Round/1", xsrfHeader, ``, 200, ``) // Delete a desk do("DELETE", "/api/Desk/1", xsrfHeader, ``, 200, ``) // Delete a section diff --git a/internal/rootmux/capturer_test.go b/internal/rootmux/capturer_test.go index 3c2e872b808d00a5cd3fc1036077578cea80cf89..ea08e37b20375784a10b7515ed5c305b34a89414 100644 --- a/internal/rootmux/capturer_test.go +++ b/internal/rootmux/capturer_test.go @@ -60,9 +60,9 @@ func CapturerTests(t *testing.T) { // Create a section should fail with 405 do("POST", "/api/Section", xsrfHeader, `{"AreaID":1,"Name":"Section 1","MapID":"1"}`, 405, `You're not authorize to execute this method on this ressource.`) // Get a section - do("GET", "/api/Section/1", xsrfHeader, "", 200, `{"ID":1,"AreaID":1,"Name":"Section 1","MapID":"1","Desks":[{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}]}`) + do("GET", "/api/Section/1", xsrfHeader, "", 200, `{"ID":1,"AreaID":1,"Name":"Section 1","MapID":"1","Desks":[{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587,"DeskRounds":null}]}`) // Get all the sections - do("GET", "/api/Section/", xsrfHeader, "", 200, `[{"ID":1,"AreaID":1,"Name":"Section 1","MapID":"1","Desks":[{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}]}]`) + do("GET", "/api/Section/", xsrfHeader, "", 200, `[{"ID":1,"AreaID":1,"Name":"Section 1","MapID":"1","Desks":[{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587,"DeskRounds":null}]}]`) // Update a section should fail with 405 do("PUT", "/api/Section/1", xsrfHeader, `{"ID":1,"AreaID":1,"Name":"Section 1","MapID":"1"}`, 405, `You're not authorize to execute this method on this ressource.`) // Delete a section should fail with 405 @@ -71,14 +71,24 @@ func CapturerTests(t *testing.T) { // Create a desk should fail with 405 do("POST", "/api/Desk", xsrfHeader, `{"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}`, 405, `You're not authorize to execute this method on this ressource.`) // Get a desk - do("GET", "/api/Desk/1", xsrfHeader, "", 200, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}`) + do("GET", "/api/Desk/1", xsrfHeader, "", 200, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587,"DeskRounds":[{"ID":1,"RoundID":1,"DeskID":1,"Capturers":null,"Completed":false,"DateCompletion":"0001-01-01T00:00:00Z","Validated":false,"Votes":null}]}`) // Get all the desks - do("GET", "/api/Desk/", xsrfHeader, "", 200, `[{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}]`) + do("GET", "/api/Desk/", xsrfHeader, "", 200, `[{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587,"DeskRounds":[{"ID":1,"RoundID":1,"DeskID":1,"Capturers":null,"Completed":false,"DateCompletion":"0001-01-01T00:00:00Z","Validated":false,"Votes":null}]}]`) // Update a desk should fail with 405 do("PUT", "/api/Desk/1", xsrfHeader, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":false,"Subscribed":3587}`, 405, `You're not authorize to execute this method on this ressource.`) // Delete a desk should fail with 405 do("DELETE", "/api/Desk/1", xsrfHeader, ``, 405, `You're not authorize to execute this method on this ressource.`) + // Create a round should fail with 405 + do("POST", "/api/Round", xsrfHeader, `{"ElectionID":1,"Date":"2020-06-28","Round":1}`, 405, `You're not authorize to execute this method on this ressource.`) + // Get a desk + do("GET", "/api/Round/1", xsrfHeader, "", 200, `{"ID":1,"ElectionID":1,"Parameter":{"ID":0,"CountBlankAndNull":false,"ShowOnlyCompleted":false,"ShowMap":false},"Date":"2020-06-28","Round":1,"DeskRounds":[{"ID":1,"RoundID":1,"DeskID":1,"Capturers":null,"Completed":false,"DateCompletion":"0001-01-01T00:00:00Z","Validated":false,"Votes":null}],"CandidateLists":[]}`) + // Get all the desks + do("GET", "/api/Round/", xsrfHeader, "", 200, `[{"ID":1,"ElectionID":1,"Parameter":{"ID":0,"CountBlankAndNull":false,"ShowOnlyCompleted":false,"ShowMap":false},"Date":"2020-06-28","Round":1,"DeskRounds":[{"ID":1,"RoundID":1,"DeskID":1,"Capturers":null,"Completed":false,"DateCompletion":"0001-01-01T00:00:00Z","Validated":false,"Votes":null}],"CandidateLists":[]}]`) + // Update a desk should fail with 405 + do("PUT", "/api/Round/1", xsrfHeader, `{"ID":1,"ElectionID":1,"Date":"2020-07-28","Round":2}`, 405, `You're not authorize to execute this method on this ressource.`) + // Delete a desk should fail with 405 + do("DELETE", "/api/Round/1", xsrfHeader, ``, 405, `You're not authorize to execute this method on this ressource.`) } // Do a in memory login with an known admin do("POST", "/Login", noH, `{"login": "capturer","password": "password"}`, 200, "") diff --git a/internal/rootmux/rootmux_test.go b/internal/rootmux/rootmux_test.go index 9ec0ac68dbd79e121e6fc838b2f342d68ddf0422..e16227632c3e13dde4c5ab7dc264c6e32ae6481d 100644 --- a/internal/rootmux/rootmux_test.go +++ b/internal/rootmux/rootmux_test.go @@ -53,8 +53,12 @@ func TestAll(t *testing.T) { os.Setenv("AUTH_URL", oAuth2Server.URL+"/auth") // Set the server to access the correct OAuth2Endpoint os.Setenv("USERINFO_URL", oAuth2Server.URL+"/admininfo") - resetData(t) + resetDataWithData(t) appTests(t) + resetDataWithData(t) + deletionInCascadeTest(t) + resetDataWithData(t) + removeRoundRemoveDeskRoundsTest(t) resetData(t) AdminTests(t) resetDataWithData(t) @@ -90,12 +94,30 @@ func appTests(t *testing.T) { // Add a capturer to an already bind UserID should fail do("POST", "/api/Capturer", xsrfHeader, `{"UserID":2,"Name":"Capturer"}`, 500, `UserID is already bind to a Capturer`) - // Test deletion in cascade for generic election - do("POST", "/api/Election", xsrfHeader, `{"Name":"Grand Lyon 2020","BallotType":"metropolitan-direct"}`, 200, `{"ID":1,"Name":"Grand Lyon 2020","BallotType":"metropolitan-direct","Areas":null,"Rounds":null}`) - do("POST", "/api/Area", xsrfHeader, `{"ElectionID":1,"Name":"Area 1","SeatNumber":9,"MapID":"1"}`, 200, `{"ID":1,"ElectionID":1,"Name":"Area 1","SeatNumber":9,"MapID":"1","Sections":null}`) - do("POST", "/api/Section", xsrfHeader, `{"AreaID":1,"Name":"Section 1","MapID":"1"}`, 200, `{"ID":1,"AreaID":1,"Name":"Section 1","MapID":"1","Desks":null}`) - do("POST", "/api/Desk", xsrfHeader, `{"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}`, 200, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}`) + // Verify that RoundDesks have been created on Round Creation + do("GET", "/api/Round/1", xsrfHeader, ``, 200, `{"ID":1,"ElectionID":1,"Parameter":{"ID":0,"CountBlankAndNull":false,"ShowOnlyCompleted":false,"ShowMap":false},"Date":"2020-06-28","Round":1,"DeskRounds":[{"ID":1,"RoundID":1,"DeskID":1,"Capturers":null,"Completed":false,"DateCompletion":"0001-01-01T00:00:00Z","Validated":false,"Votes":null}],"CandidateLists":[]}`) + do("GET", "/api/Desk/1", xsrfHeader, ``, 200, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587,"DeskRounds":[{"ID":1,"RoundID":1,"DeskID":1,"Capturers":null,"Completed":false,"DateCompletion":"0001-01-01T00:00:00Z","Validated":false,"Votes":null}]}`) + + } + // Do an OAuth2 login with an known admin + do("GET", "/OAuth2Login", noH, "", 200, "<!DOCTYPE html>") + tests() + // Try to logout (must pass) + do("GET", "/Logout", noH, "", 200, "Logout OK") +} + +func deletionInCascadeTest(t *testing.T) { + + ts, do, _ := createTester(t) + defer ts.Close() // Close the tester + tests := func() { + // Get the XSRF Token + response := do("GET", "/api/common/WhoAmI", noH, "", 200, "") + token := auth.TokenData{} + json.Unmarshal([]byte(response), &token) + xsrfHeader := tester.Header{Key: "XSRF-TOKEN", Value: token.XSRFToken} + // Test deletion in cascade for generic election do("DELETE", "/api/Election/1", xsrfHeader, ``, 200, ``) do("GET", "/api/Area/1", xsrfHeader, ``, 404, `id is missing`) do("GET", "/api/Section/1", xsrfHeader, ``, 404, `id is missing`) @@ -107,7 +129,33 @@ func appTests(t *testing.T) { tests() // Try to logout (must pass) do("GET", "/Logout", noH, "", 200, "Logout OK") +} + +func removeRoundRemoveDeskRoundsTest(t *testing.T) { + ts, do, _ := createTester(t) + defer ts.Close() // Close the tester + tests := func() { + // Get the XSRF Token + response := do("GET", "/api/common/WhoAmI", noH, "", 200, "") + token := auth.TokenData{} + json.Unmarshal([]byte(response), &token) + xsrfHeader := tester.Header{Key: "XSRF-TOKEN", Value: token.XSRFToken} + + // Remove a Round should remove all DeskRounds + // Verify DeskRounds creation + do("GET", "/api/Desk/1", xsrfHeader, ``, 200, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587,"DeskRounds":[{"ID":1,"RoundID":1,"DeskID":1,"Capturers":null,"Completed":false,"DateCompletion":"0001-01-01T00:00:00Z","Validated":false,"Votes":null}]}`) + // Delete a Round + do("DELETE", "/api/Round/1", xsrfHeader, ``, 200, ``) + // Verify DeskRounds doesnt exist anymore + do("GET", "/api/Desk/1", xsrfHeader, ``, 200, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587,"DeskRounds":[]}`) + + } + // Do an OAuth2 login with an known admin + do("GET", "/OAuth2Login", noH, "", 200, "<!DOCTYPE html>") + tests() + // Try to logout (must pass) + do("GET", "/Logout", noH, "", 200, "Logout OK") } func resetData(t *testing.T) { @@ -158,8 +206,8 @@ func resetDataWithData(t *testing.T) { do("POST", "/api/Election", xsrfHeader, `{"Name":"Grand Lyon 2020","BallotType":"metropolitan-direct"}`, 200, `{"ID":1,"Name":"Grand Lyon 2020","BallotType":"metropolitan-direct","Areas":null,"Rounds":null}`) do("POST", "/api/Area", xsrfHeader, `{"ElectionID":1,"Name":"Area 1","SeatNumber":9,"MapID":"1"}`, 200, `{"ID":1,"ElectionID":1,"Name":"Area 1","SeatNumber":9,"MapID":"1","Sections":null}`) do("POST", "/api/Section", xsrfHeader, `{"AreaID":1,"Name":"Section 1","MapID":"1"}`, 200, `{"ID":1,"AreaID":1,"Name":"Section 1","MapID":"1","Desks":null}`) - do("POST", "/api/Desk", xsrfHeader, `{"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}`, 200, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}`) - + do("POST", "/api/Desk", xsrfHeader, `{"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}`, 200, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587,"DeskRounds":null}`) + do("POST", "/api/Round", xsrfHeader, `{"ElectionID":1,"Date":"2020-06-28","Round":1}`, 200, `{"ID":1,"ElectionID":1,"Parameter":{"ID":0,"CountBlankAndNull":false,"ShowOnlyCompleted":false,"ShowMap":false},"Date":"2020-06-28","Round":1,"DeskRounds":null,"CandidateLists":null}`) } do("POST", "/Login", noH, `{"login": "admin","password": "password"}`, 200, "") init() diff --git a/internal/rootmux/visualizer_test.go b/internal/rootmux/visualizer_test.go index e956018f6953a8d98d1ec8120311fa56647be389..d84f2b208a9bcfee40ec133d926f4e0ae13dea7a 100644 --- a/internal/rootmux/visualizer_test.go +++ b/internal/rootmux/visualizer_test.go @@ -44,27 +44,38 @@ func VisualizerTests(t *testing.T) { // Delete an election should fail with 405 do("DELETE", "/api/Election/1", xsrfHeader, ``, 405, `You're not authorize to execute this method on this ressource.`) - // Create an area should fail with 405 - do("POST", "/api/Area", xsrfHeader, `{"ElectionID":1,"Name":"Area 1","SeatNumber":9,"MapID":"1"}`, 405, `You're not authorize to execute this method on this ressource.`) - // Get an area - do("GET", "/api/Area/1", xsrfHeader, "", 200, `{"ID":1,"ElectionID":1,"Name":"Area 1","SeatNumber":9,"MapID":"1","Sections":[{"ID":1,"AreaID":1,"Name":"Section 1","MapID":"1","Desks":null}]}`) - // Get all the areas - do("GET", "/api/Area/", xsrfHeader, "", 200, `[{"ID":1,"ElectionID":1,"Name":"Area 1","SeatNumber":9,"MapID":"1","Sections":[{"ID":1,"AreaID":1,"Name":"Section 1","MapID":"1","Desks":null}]}]`) - // Update an area should fail with 405 - do("PUT", "/api/Area/1", xsrfHeader, `{"ID":1,"ElectionID":1,"Name":"Area 1","SeatNumber":9,"MapID":"1"}`, 405, `You're not authorize to execute this method on this ressource.`) - // Delete an area should fail with 405 - do("DELETE", "/api/Area/1", xsrfHeader, ``, 405, `You're not authorize to execute this method on this ressource.`) - // Create a section should fail with 405 do("POST", "/api/Section", xsrfHeader, `{"AreaID":1,"Name":"Section 1","MapID":"1"}`, 405, `You're not authorize to execute this method on this ressource.`) // Get a section - do("GET", "/api/Section/1", xsrfHeader, "", 200, `{"ID":1,"AreaID":1,"Name":"Section 1","MapID":"1","Desks":[{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}]}`) + do("GET", "/api/Section/1", xsrfHeader, "", 200, `{"ID":1,"AreaID":1,"Name":"Section 1","MapID":"1","Desks":[{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587,"DeskRounds":null}]}`) // Get all the sections - do("GET", "/api/Section/", xsrfHeader, "", 200, `[{"ID":1,"AreaID":1,"Name":"Section 1","MapID":"1","Desks":[{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}]}]`) + do("GET", "/api/Section/", xsrfHeader, "", 200, `[{"ID":1,"AreaID":1,"Name":"Section 1","MapID":"1","Desks":[{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587,"DeskRounds":null}]}]`) // Update a section should fail with 405 do("PUT", "/api/Section/1", xsrfHeader, `{"ID":1,"AreaID":1,"Name":"Section 1","MapID":"1"}`, 405, `You're not authorize to execute this method on this ressource.`) // Delete a section should fail with 405 do("DELETE", "/api/Section/1", xsrfHeader, ``, 405, `You're not authorize to execute this method on this ressource.`) + + // Create a desk should fail with 405 + do("POST", "/api/Desk", xsrfHeader, `{"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587}`, 405, `You're not authorize to execute this method on this ressource.`) + // Get a desk + do("GET", "/api/Desk/1", xsrfHeader, "", 200, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587,"DeskRounds":[{"ID":1,"RoundID":1,"DeskID":1,"Capturers":null,"Completed":false,"DateCompletion":"0001-01-01T00:00:00Z","Validated":false,"Votes":null}]}`) + // Get all the desks + do("GET", "/api/Desk/", xsrfHeader, "", 200, `[{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":true,"Subscribed":9587,"DeskRounds":[{"ID":1,"RoundID":1,"DeskID":1,"Capturers":null,"Completed":false,"DateCompletion":"0001-01-01T00:00:00Z","Validated":false,"Votes":null}]}]`) + // Update a desk should fail with 405 + do("PUT", "/api/Desk/1", xsrfHeader, `{"ID":1,"SectionID":1,"Name":"Desk 1","WitnessDesk":false,"Subscribed":3587}`, 405, `You're not authorize to execute this method on this ressource.`) + // Delete a desk should fail with 405 + do("DELETE", "/api/Desk/1", xsrfHeader, ``, 405, `You're not authorize to execute this method on this ressource.`) + + // Create a round should fail with 405 + do("POST", "/api/Round", xsrfHeader, `{"ElectionID":1,"Date":"2020-06-28","Round":1}`, 405, `You're not authorize to execute this method on this ressource.`) + // Get a desk + do("GET", "/api/Round/1", xsrfHeader, "", 200, `{"ID":1,"ElectionID":1,"Parameter":{"ID":0,"CountBlankAndNull":false,"ShowOnlyCompleted":false,"ShowMap":false},"Date":"2020-06-28","Round":1,"DeskRounds":[{"ID":1,"RoundID":1,"DeskID":1,"Capturers":null,"Completed":false,"DateCompletion":"0001-01-01T00:00:00Z","Validated":false,"Votes":null}],"CandidateLists":[]}`) + // Get all the desks + do("GET", "/api/Round/", xsrfHeader, "", 200, `[{"ID":1,"ElectionID":1,"Parameter":{"ID":0,"CountBlankAndNull":false,"ShowOnlyCompleted":false,"ShowMap":false},"Date":"2020-06-28","Round":1,"DeskRounds":[{"ID":1,"RoundID":1,"DeskID":1,"Capturers":null,"Completed":false,"DateCompletion":"0001-01-01T00:00:00Z","Validated":false,"Votes":null}],"CandidateLists":[]}]`) + // Update a desk should fail with 405 + do("PUT", "/api/Round/1", xsrfHeader, `{"ID":1,"ElectionID":1,"Date":"2020-07-28","Round":2}`, 405, `You're not authorize to execute this method on this ressource.`) + // Delete a desk should fail with 405 + do("DELETE", "/api/Round/1", xsrfHeader, ``, 405, `You're not authorize to execute this method on this ressource.`) } // Do a in memory login with an known admin do("POST", "/Login", noH, `{"login": "visualizer","password": "password"}`, 200, "")