hobbyhimmel/Project-Image-Uploader
8
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
cdb2aa95e6
Project-Image-Uploader/backend/tests/api/migration.test.js
matthias.lotz cdb2aa95e6 feat: Add comprehensive test suite and admin API authentication 
🧪 Testing Infrastructure (45 tests, 100% passing)
- Implemented Jest + Supertest framework for automated testing
- Unit tests: 5 tests for auth middleware (100% coverage)
- Integration tests: 40 tests covering admin, consent, migration, upload APIs
- Test execution time: ~10 seconds for full suite
- Coverage: 26% statements, 15% branches (realistic start)
- In-memory SQLite database for isolated testing
- Singleton server pattern for fast test execution
- Automatic cleanup and teardown

🔒 Admin API Authentication
- Bearer token authentication for all admin endpoints
- requireAdminAuth middleware with ADMIN_API_KEY validation
- Protected routes: /api/admin/*, /api/system/migration/migrate|rollback
- Complete authentication guide in AUTHENTICATION.md
- HTTP 403 for missing/invalid tokens, 500 if not configured
- Ready for production with token rotation support

📋 API Route Documentation
- Single Source of Truth: backend/src/routes/routeMappings.js
- Comprehensive route overview in backend/src/routes/README.md
- Express routing order documented (specific before generic)
- Frontend integration guide with authentication examples
- OpenAPI auto-generation integrated

🐛 Bug Fixes
- Fixed SQLite connection not properly awaited (caused test hangs)
- Fixed upload validation checking req.files.file before req.files
- Fixed Express route order (consent before admin router)
- Fixed test environment using /tmp for uploads (permission issues)

📚 Documentation Updates
- Updated README.md with testing and authentication features
- Updated README.dev.md with testing section and API development guide
- Updated CHANGELOG.md with complete feature documentation
- Updated FEATURE_PLAN-autogen-openapi.md (status: 100% complete)
- Added frontend/MIGRATION-GUIDE.md for frontend team

🚀 Frontend Impact
Frontend needs to add Bearer token to all /api/admin/* calls.
See frontend/MIGRATION-GUIDE.md for detailed instructions.

Test Status:  45/45 passing (100%)
Backend:  Production ready
Frontend: ⚠️ Migration required (see MIGRATION-GUIDE.md)
2025-11-16 18:08:48 +01:00

69 lines
2.4 KiB
JavaScript
Raw Blame History

const { getRequest } = require('../testServer');
describe('System Migration API', () => {
describe('GET /api/system/migration/health', () => {
it('should return 200 with healthy status', async () => {
const response = await getRequest()
.get('/api/system/migration/health')
.expect('Content-Type', /json/)
.expect(200);
expect(response.body).toHaveProperty('database');
expect(response.body.database).toHaveProperty('healthy');
expect(response.body.database).toHaveProperty('status');
expect(response.body.database.healthy).toBe(true);
});
it('should include database connection status', async () => {
const response = await getRequest()
.get('/api/system/migration/health');
expect(response.body.database).toHaveProperty('healthy');
expect(typeof response.body.database.healthy).toBe('boolean');
expect(response.body.database.status).toBe('OK');
});
});
describe('GET /api/system/migration/status', () => {
it('should return current migration status', async () => {
const response = await getRequest()
.get('/api/system/migration/status')
.expect('Content-Type', /json/)
.expect(200);
expect(response.body).toHaveProperty('database');
expect(response.body).toHaveProperty('json');
expect(response.body).toHaveProperty('migrated');
expect(response.body).toHaveProperty('needsMigration');
expect(typeof response.body.migrated).toBe('boolean');
});
it('should return migration metadata', async () => {
const response = await getRequest()
.get('/api/system/migration/status');
expect(response.body.database).toHaveProperty('groups');
expect(response.body.database).toHaveProperty('images');
expect(response.body.database).toHaveProperty('initialized');
expect(typeof response.body.database.groups).toBe('number');
expect(typeof response.body.database.images).toBe('number');
});
});
describe('POST /api/system/migration/migrate', () => {
it('should require admin authorization', async () => {
await getRequest()
.post('/api/system/migration/migrate')
.expect(403); // Should be protected by auth
});
});
describe('POST /api/system/migration/rollback', () => {
it('should require admin authorization', async () => {
await getRequest()
.post('/api/system/migration/rollback')
.expect(403);
});
});
});
Reference in New Issue View Git Blame Copy Permalink