Home Explore Help
Sign In
epsylon
/
Elgg-Lorea-Hydra
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0
Branch: master
Branches Tags
Elgg-Lorea-H...
/
js
/
tests
/
ElggSecurityTest.js

ElggSecurityTest.js 2.0 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081 
  1. define(function(require) {
    2. 

  2. 	
    3. 

  3. 	var elgg = require('elgg');
    4. 

  4. 	
    5. 

  5. 	describe('elgg.security', function() {
    6. 

  6. 		var ts, token;
    7. 

  7. 		
    8. 

  8. 		beforeEach(function() {
    9. 

  9. 			ts = elgg.security.token.__elgg_ts = 12345;
    10. 

  10. 			token = elgg.security.token.__elgg_token = 'abcdef';
    11. 

  11. 		});
    12. 

  12. 	
    13. 

  13. 		describe("setToken", function() {
    14. 

  14. 			it("sets global security token state", function() {
    15. 

  15. 				var json = {
    16. 

  16. 					__elgg_ts: 4567,
    17. 

  17. 					__elgg_token: 'abcdef'
    18. 

  18. 				};
    19. 

  19. 				
    20. 

  20. 				elgg.security.setToken(json);
    21. 

  21. 				expect(elgg.security.token).toBe(json);
    22. 

  22. 			});
    23. 

  23. 		});
    24. 

  24. 	
    25. 

  25. 		describe("addToken", function() {
    26. 

  26. 			it("accepts undefined", function() {
    27. 

  27. 				var expected = {
    28. 

  28. 					__elgg_ts: ts,
    29. 

  29. 					__elgg_token: token
    30. 

  30. 				};
    31. 

  31. 		
    32. 

  32. 				expect(elgg.security.addToken(undefined)).toEqual(expected);
    33. 

  33. 			});
    34. 

  34. 			
    35. 

  35. 			it("accepts an object", function() {
    36. 

  36. 				var expected = {
    37. 

  37. 					__elgg_ts: ts,
    38. 

  38. 					__elgg_token: token
    39. 

  39. 				};
    40. 

  40. 		
    41. 

  41. 				expect(elgg.security.addToken({})).toEqual(expected);
    42. 

  42. 			});
    43. 

  43. 			
    44. 

  44. 			
    45. 

  45. 			it("accepts relative urls", function() {
    46. 

  46. 				var str = "__elgg_ts=" + ts + "&__elgg_token=" + token;
    47. 

  47. 			
    48. 

  48. 				expect(elgg.security.addToken("/test"), '/test?' + str);
    49. 

  49. 			});
    50. 

  50. 			
    51. 

  51. 			it("accepts full urls", function() {
    52. 

  52. 				var str = "__elgg_ts=" + ts + "&__elgg_token=" + token;
    53. 

  53. 			
    54. 

  54. 				var url = "http://elgg.org/";
    55. 

  55. 				expect(elgg.security.addToken(url)).toEqual(url + '?' + str);
    56. 

  56. 			});
    57. 

  57. 			
    58. 

  58. 			it("accepts query strings", function() {
    59. 

  59. 				var str = "__elgg_ts=" + ts + "&__elgg_token=" + token;
    60. 

  60. 				var url;
    61. 

  61. 				
    62. 

  62. 				url = "?data=sofar";
    63. 

  63. 				expect(elgg.security.addToken(url), url + '&' + str);
    64. 

  64. 			
    65. 

  65. 				url = "test?data=sofar";
    66. 

  66. 				expect(elgg.security.addToken(url), url + '&' + str);
    67. 

  67. 			
    68. 

  68. 				url = "http://elgg.org/?data=sofar";
    69. 

  69. 				expect(elgg.security.addToken(url), url + '&' + str);
    70. 

  70. 			});
    71. 

  71. 			
    72. 

  72. 			it("overwrites existing query string tokens", function() {
    73. 

  73. 				var expectedUrl = "http://elgg.org/?__elgg_ts=" + ts + "&__elgg_token=" + token + "&data=sofar";
    74. 

  74. 				var inputUrl = "http://elgg.org/?__elgg_ts=54321&__elgg_token=fedcba&data=sofar"
    75. 

  75. 				
    76. 

  76. 				expect(elgg.security.addToken(inputUrl)).toBe(expectedUrl);
    77. 

  77. 			});
    78. 

  78. 		});
    79. 

  79. 	});
    80. 

  80. });
    81. 

  81.