Fix ITs (#183)

binary-coffee-dev · Apr 17, 2023 · 152e27f · 152e27f
1 parent b30d484
commit 152e27f
Show file tree

Hide file tree

Showing 48 changed files with 413 additions and 346 deletions.
diff --git a/api/comment/config/policies/canComment.js b/api/comment/config/policies/canComment.js
@@ -1,20 +1,19 @@
 'use strict';
 
-const LIMIT_OF_COMMENT_PER_ARTICLE = 20;
-
 /**
  * `canComment` policy.
  */
 module.exports = async (ctx, next) => {
   if (!strapi.services.post.isAdmin(ctx)) {
     const startOfDay = strapi.config.functions.dateUtil.getStartDay();
     const nextDay = strapi.config.functions.dateUtil.getEndDay();
-    const commentsCount = await strapi.models.comment.count({
-      createdAt: {$gte: startOfDay, $lt: nextDay},
-      post: ctx.request.body.post,
+    const commentsCount = await strapi.query('comment').count({
+      created_at_lte: nextDay,
+      created_at_gte: startOfDay,
+      post: ctx.request.body.post.id,
       user: ctx.state.user.id
     });
-    if (commentsCount >= LIMIT_OF_COMMENT_PER_ARTICLE) {
+    if (commentsCount >= strapi.config.custom.maxNumberOfCommentsPerDay) {
       ctx.forbidden('Limit of comments by post');
       throw new Error('Limit of comments by post');
     }

diff --git a/api/comment/config/policies/canRemove.js b/api/comment/config/policies/canRemove.js
@@ -5,8 +5,8 @@
  */
 module.exports = async (ctx, next) => {
   if (!strapi.services.post.isAdmin(ctx) && !strapi.services.post.isStaff(ctx)) {
-    const comment = await strapi.models.comment.findOne({_id: ctx.params.id}).populate('user');
-    if (comment.user.id.toString() !== ctx.state.user.id.toString()) {
+    const comment = await strapi.query('comment').findOne({id: ctx.params.id});
+    if (+comment.user.id !== +ctx.state.user.id) {
       ctx.forbidden('Can not remove the comment');
       throw new Error('Can not remove the comment');
     }

diff --git a/api/comment/config/policies/canUpdateComment.js b/api/comment/config/policies/canUpdateComment.js
@@ -5,8 +5,8 @@
  */
 module.exports = async (ctx, next) => {
   if (!strapi.services.post.isAdmin(ctx) && !strapi.services.post.isStaff(ctx)) {
-    const comment = await strapi.models.comment.findOne({_id: ctx.params.id}).populate('user');
-    if (comment.user.id.toString() !== ctx.state.user.id.toString()) {
+    const comment = await strapi.query('comment').findOne({id: ctx.params.id});
+    if (comment.user.id !== ctx.state.user.id) {
       ctx.forbidden('Can not edit the comment');
       throw new Error('Can not edit the comment');
     }

diff --git a/api/comment/controllers/comment.js b/api/comment/controllers/comment.js
@@ -42,7 +42,7 @@ module.exports = {
         email: ctx.request.body.input.email,
         name: ctx.request.body.input.name,
         post: ctx.request.body.input.post,
-        publishedAt: new Date()
+        published_at: new Date()
       };
 
       const response = await strapi.services.comment.create(comment);
@@ -57,12 +57,12 @@ module.exports = {
       body: ctx.request.body.body,
       post: ctx.request.body.post,
       user: ctx.state.user.id,
-      publishedAt: new Date()
+      published_at: new Date()
     };
     if (obj.body && obj.post && obj.user) {
-      const comment = await strapi.services.comment.create(obj);
+      const comment = await strapi.query('comment').create(obj);
 
-      const post = await strapi.models.post.findOne({_id: comment.post});
+      const post = await strapi.query('post').findOne({id: comment.post.id});
       const postUrl = strapi.config.custom.siteUrl + '/post/' + post.name;
       const postTitle = post.title;
 
@@ -83,8 +83,8 @@ module.exports = {
 
   async update(ctx) {
     if (ctx.request.body.body && ctx.params.id) {
-      await strapi.models.comment.update({_id: ctx.params.id}, {body: ctx.request.body.body});
-      const comment = await strapi.models.comment.findOne({_id: ctx.params.id});
+      await strapi.query('comment').update({id: ctx.params.id}, {body: ctx.request.body.body});
+      const comment = await strapi.query('comment').findOne({id: ctx.params.id});
       return sanitizeEntity(comment, {model: strapi.models.comment});
     }
     throw new Error('invalid data');

diff --git a/api/comment/models/comment.js b/api/comment/models/comment.js
@@ -8,11 +8,15 @@ module.exports = {
   lifecycles: {
     // After destroying a value.
     afterDelete: async (model) => {
-      await strapi.services.post.updateComments(model.post);
+      if (model.post && model.post.id) {
+        await strapi.services.post.updateComments(model.post.id);
+      }
     },
     // After comment is created
     afterCreate: async (model) => {
-      await strapi.services.post.updateComments(model.post);
+      if (model.post && model.post.id) {
+        await strapi.services.post.updateComments(model.post.id);
+      }
     }
   }
 };
diff --git a/api/comment/models/comment.settings.json b/api/comment/models/comment.settings.json
@@ -15,9 +15,6 @@
     "body": {
       "type": "richtext"
     },
-    "publishedAt": {
-      "type": "datetime"
-    },
     "email": {
       "type": "email"
     },

diff --git a/api/comment/services/comment.js b/api/comment/services/comment.js
@@ -41,11 +41,10 @@ module.exports = {
 
   async recentComments(limit = 8) {
     // todo: this should be optimized for when the application is big enough to make this query to slow
-    const comments = await strapi.models.comment
-      .find()
-      .populate(['post', 'user'])
-      .sort({createdAt: 'desc'})
-      .limit(limit);
+    const comments = await strapi.query('comment').find({
+      _limit: limit,
+      _sort: 'created_at:DESC'
+    });
     return comments.filter(comment => {
       return strapi.services.post.isPublish(comment.post);
     });

diff --git a/api/opinion/config/policies/canCreateOpinion.js b/api/opinion/config/policies/canCreateOpinion.js
@@ -6,8 +6,8 @@
 
 module.exports = async (ctx, next) => {
   const {post, user, type} = ctx.request.body;
-  if (ctx && ctx.state && ctx.state.user && ctx.state.user.id === ctx.request.body.user) {
-    const opinions = await strapi.models.opinion.find({user, post, type});
+  if (ctx && ctx.state && ctx.state.user && ctx.state.user.id === +ctx.request.body.user) {
+    const opinions = await strapi.query('opinion').find({user, post, type});
     if (opinions.length === 0 && !!post && !!user && !!type) {
       return await next();
     }

diff --git a/api/opinion/config/policies/canRemoveOpinion.js b/api/opinion/config/policies/canRemoveOpinion.js
@@ -6,10 +6,10 @@
 
 module.exports = async (ctx, next) => {
   const id = ctx.request.body.input && ctx.request.body.input.where.id || ctx.request.body.id;
-  const post = await strapi.models.post.findOne({_id: id});
+  const post = await strapi.query('post').findOne({id});
   const currentUser = ctx.state && ctx.state.user || undefined;
-  const opinion = await strapi.models.opinion.findOne({post: post.id, user: currentUser.id});
-  if (ctx && ctx.state && ctx.state.user && opinion && ctx.state.user.id === opinion.user._id.toString()) {
+  const opinion = await strapi.query('opinion').findOne({post: post.id, user: currentUser.id});
+  if (ctx && ctx.state && ctx.state.user && opinion && ctx.state.user.id === opinion.user.id) {
     ctx.request.body = ctx.params = {...ctx.params, id: opinion.id};
     return await next();
   }

diff --git a/api/opinion/models/opinion.js b/api/opinion/models/opinion.js
@@ -8,12 +8,20 @@
 module.exports = {
   lifecycles: {
     afterCreate: async (result) => {
-      const post = await strapi.services.post.findOne({id: result.post});
-      await strapi.models.post.update({_id: post._id}, {$set: {likes: post.likes.toNumber() + 1}});
+      const post = await strapi.query('post').findOne({id: result.post.id});
+      await strapi.query('post').update({id: post.id}, {likes: (+post.likes) + 1});
     },
     afterDelete: async (result) => {
-      const post = await strapi.services.post.findOne({id: result.post});
-      await strapi.models.post.update({_id: post._id}, {$set: {likes: post.likes.toNumber() - 1}});
+      const posts = [];
+      if (Array.isArray(result)) {
+        result.forEach(r => r.post && posts.push(r.post.id));
+      } else {
+        posts.push(result.post.id);
+      }
+      for (const id of posts) {
+        const post = await strapi.query('post').findOne({id});
+        await strapi.query('post').update({id}, {likes: (+post.likes) - 1});
+      }
     }
   }
 };
diff --git a/api/opinion/services/opinion.js b/api/opinion/services/opinion.js
@@ -12,12 +12,12 @@ module.exports = {
     }
     if (where.post) {
       const link = await strapi.query('link').findOne({name: where.post});
-      const post = await strapi.query('post').findOne({id: link.post});
+      const post = await strapi.query('post').findOne({id: link.post.id});
       if (post) {
         const query = {...where, post: post.id};
         return await strapi.query('opinion').count(query);
       }
     }
-    return await strapi.models.opinion.count(where);
+    return await strapi.query('opinion').count(where);
   }
 };
diff --git a/api/post/config/policies/canModifyPost.js b/api/post/config/policies/canModifyPost.js
@@ -13,7 +13,7 @@ module.exports = async (ctx, next) => {
   if (strapi.services.post.isStaff(ctx) || strapi.services.post.isAdmin(ctx)) {
     return await next();
   } else if (strapi.services.post.isAuthenticated(ctx) && ctx.params.id) {
-    const post = await strapi.services.post.findOne({id: ctx.params.id});
+    const post = await strapi.query('post').findOne({id: ctx.params.id});
     if (Boolean(post.author) && post.author.id === ctx.state.user.id) {
       delete ctx.request.body.tags;
       delete ctx.request.body.author;

diff --git a/api/post/config/policies/canPublishPost.js b/api/post/config/policies/canPublishPost.js
@@ -6,7 +6,7 @@
 
 module.exports = async (ctx, next) => {
   if (!strapi.services.post.isAdmin(ctx)) {
-    delete ctx.request.body.published_at;
+    ctx.request.body.published_at = null;
   }
   return await next();
 };
diff --git a/api/post/services/Post.js b/api/post/services/Post.js
@@ -134,8 +134,8 @@ module.exports = {
   },
 
   async updateComments(postId) {
-    const countOfComments = await strapi.services.comment.count({post: postId});
-    await strapi.services.post.update({id: postId}, {comments: countOfComments});
+    const countOfComments = await strapi.query('comment').count({post: postId});
+    await strapi.query('post').update({id: postId}, {comments: countOfComments});
   },
 
   async getPublicPostsOfLastDays(days) {
@@ -264,6 +264,6 @@ module.exports = {
   },
 
   isPublish(post) {
-    return post && post.enable && post.publishedAt && new Date(post.published_at).getTime() <= new Date().getTime();
+    return post && post.enable && post.published_at && new Date(post.published_at).getTime() <= new Date().getTime();
   }
 };
diff --git a/config/custom.js b/config/custom.js
@@ -11,6 +11,8 @@ module.exports = ({env}) => ({
   maxPostRequestLimit: 20,
   maxSimilarPostRequestLimit: 20,
   maxNumberOfArticlesPerDay: 5,
+  maxNumberOfCommentsPerDay: 20,
+  maxNumberOfUploadsPerDay: 10,
 
   googleClientId: env('GOOGLE_CLIENT_ID', ''),
   googleClientSecret: env('GOOGLE_CLIENT_SECRET', ''),

diff --git a/config/env/test/admin.js b/config/env/test/admin.js
@@ -13,5 +13,6 @@ module.exports = ({ env }) => ({
   //     salt: env('TRANSFER_TOKEN_SALT', 'anotherRandomLongString'),
   //   }
   // },
+  browser: false,
   autoOpen: false
 });
diff --git a/config/functions/db/migrations/1.0.0-initial_migration.js b/config/functions/db/migrations/1.0.0-initial_migration.js
@@ -42,6 +42,13 @@ module.exports = {
         enabled: true,
         type: 'application'
       },
+      {
+        roles: [authRole, publicRole, staffRole, adminRole],
+        controller: 'episode',
+        actions: ['count', 'find', 'findone'],
+        enabled: true,
+        type: 'application'
+      },
       {
         roles: [authRole, staffRole, adminRole],
         controller: 'post',
@@ -56,13 +63,62 @@ module.exports = {
         enabled: true,
         type: 'application'
       },
+      {
+        roles: [authRole, publicRole, staffRole, adminRole],
+        controller: 'upload',
+        actions: ['count', 'find', 'findone', 'findconnection', 'search'],
+        enabled: true,
+        type: 'upload'
+      },
+      {
+        roles: [authRole, staffRole, adminRole],
+        controller: 'upload',
+        actions: ['upload', 'destroy'],
+        enabled: true,
+        type: 'upload'
+      },
       {
         roles: [authRole, publicRole, staffRole, adminRole],
         controller: 'opinion',
         actions: ['count', 'find', 'findone'],
         enabled: true,
         type: 'application'
-      }
+      },
+      {
+        roles: [authRole, staffRole, adminRole],
+        controller: 'opinion',
+        actions: ['create', 'delete'],
+        enabled: true,
+        type: 'application'
+      },
+      {
+        roles: [publicRole, authRole, staffRole, adminRole],
+        controller: 'user',
+        actions: ['toppopularusers', 'topactiveusers', 'find', 'findone', 'find2'],
+        enabled: true,
+        type: 'users-permissions'
+      },
+      {
+        roles: [authRole, publicRole, staffRole, adminRole],
+        controller: 'comment',
+        actions: ['count', 'find', 'findone', 'recentcomments'],
+        enabled: true,
+        type: 'application'
+      },
+      {
+        roles: [authRole, staffRole, adminRole],
+        controller: 'comment',
+        actions: ['create', 'update', 'delete'],
+        enabled: true,
+        type: 'application'
+      },
+      {
+        roles: [authRole, publicRole, staffRole, adminRole],
+        controller: 'image',
+        actions: ['find', 'findone', 'findextra', 'count'],
+        enabled: true,
+        type: 'application'
+      },
     ];
 
     for (let controller of controllers) {

diff --git a/extensions/upload/config/policies/canRemoveFile.js b/extensions/upload/config/policies/canRemoveFile.js
@@ -3,14 +3,13 @@
 /**
  * `canRemoveFile` policy.
  */
-
 module.exports = async (ctx, next) => {
   if (strapi.services.post.isAdmin(ctx)) {
     return await next();
   }
   if (ctx.state.user) {
-    const image = await strapi.services.image.findOne({user: ctx.state.user, image: [ctx.params.id]});
-    if (image) {
+    const uploadFile = await strapi.query('file', 'upload').findOne({id: ctx.params.id});
+    if (uploadFile && uploadFile.related.length && uploadFile.related[0].user === ctx.state.user.id) {
       return await next();
     }
   }

diff --git a/extensions/upload/config/policies/canUpload.js b/extensions/upload/config/policies/canUpload.js
@@ -1,19 +1,18 @@
 'use strict';
 
-const MAX_UPLOAD_PER_DAY = 10;
-
 /**
  * `canUpload` policy.
  */
 module.exports = async (ctx, next) => {
   if (!strapi.services.post.isAdmin(ctx) && !strapi.services.post.isStaff(ctx)) {
     const startOfDay = strapi.config.functions.dateUtil.getStartDay();
     const nextDay = strapi.config.functions.dateUtil.getEndDay();
-    const imageCount = await strapi.models.image.count({
-      createdAt: {$gte: startOfDay, $lt: nextDay},
-      user: ctx.state.user
+    const imageCount = await strapi.query('image').count({
+      created_at_lte: nextDay,
+      created_at_gte: startOfDay,
+      user: ctx.state.user.id
     });
-    if (imageCount >= MAX_UPLOAD_PER_DAY) {
+    if (imageCount >= strapi.config.custom.maxNumberOfUploadsPerDay) {
       return ctx.forbidden();
     }
   }