refactoring code

Author: Andela Developer

server/config/config.js

@@ -10,7 +10,12 @@ module.exports = {
     dialect: 'postgres'
   },
   test: {
-    use_env_variable: 'TEST_DB'
+    username: 'andeladeveloper',
+    password: null,
+    database: 'docmanager-test',
+    host: '127.0.0.1',
+    port: 5432,
+    dialect: 'postgres'
   },
   production: {
     use_env_variable: 'PRODUCTION_DB',

server/controllers/users.js

@@ -140,12 +140,12 @@ function login(req, res) {
 function findUser(req, res) {
   const userQuery = Number(req.params.id);
   if ((req.decoded.id !== userQuery) && (req.decoded.roleId !== 1)) {
-    return res.status(401).json({
-      message: 'Unauthorized Access'
+    return res.status(403).json({
+      message: 'Please register or login'
     });
   }
   if (isNaN(userQuery)) {
-    return res.status(401).json({
+    return res.status(400).json({
       message: `invalid input syntax for integer: "${req.params.id}"`
     });
   }
@@ -176,7 +176,7 @@ function findUser(req, res) {
 function updateUser(req, res) {
   if (Number(req.decoded.id) !== Number(req.params.id)) {
     return res.status(401).json({
-      message: 'You are not authorized to access this user'
+      message: 'You are not authorized to update this user'
     });
   }
   const userId = Number(req.params.id);

server/middlewares/auth.js

@@ -22,9 +22,9 @@ function verifyToken(req, res, next) {
       }
     });
   } else {
-    return res.status(403).send({
+    return res.status(401).send({
       success: false,
-      message: 'No token provided.'
+      message: 'Please register or login.'
     });
   }
 }
@@ -41,7 +41,7 @@ function adminAccess(req, res, next) {
   if (req.decoded.roleId === 1) {
     next();
   } else {
-    return res.status(401).json({
+    return res.status(403).json({
       message: 'You are not authorized',
     });
   }

server/test/controllers/document.spec.js

@@ -80,9 +80,9 @@ describe('Documents', () => {
       .post('/api/v1/documents')
       .send(document)
       .end((err, res) => {
-        expect(res.status).to.equal(403);
+        expect(res.status).to.equal(401);
         expect(res.body).to.be.a('object');
-        expect(res.body.message).to.eql('No token provided.');
+        expect(res.body.message).to.eql('Please register or login.');
         done();
       });
     });
@@ -163,9 +163,9 @@ describe('Documents', () => {
       superRequest
       .get('/api/v1/documents/')
       .end((err, res) => {
-        expect(res.status).to.equal(403);
+        expect(res.status).to.equal(401);
         expect(res.body).to.be.a('object');
-        expect(res.body.message).be.eql('No token provided.');
+        expect(res.body.message).be.eql('Please register or login.');
         expect(res.body.success).to.eql(false);
         done();
       });

server/test/controllers/mockData.js

@@ -19,6 +19,10 @@ export default {
     email: '[email protected]',
     password: 'test'
   },
+  blessing: {
+    email: '[email protected]',
+    password: process.env.PASSWORD
+  },
   user1: {
     email: '[email protected]',
     password: 'test'
@@ -27,7 +31,7 @@ export default {
     fullName: 'Baasbank Adams',
     userName: 'tiaandela',
     email: '[email protected]',
-    password: 'pass123',
+    password: process.env.PASSWORD,
     roleId: 1,
     createdAt: new Date(),
     updatedAt: new Date()
@@ -36,7 +40,16 @@ export default {
     fullName: 'Baas Bank',
     userName: 'bank',
     email: '[email protected]',
-    password: 'pass123',
+    password: process.env.PASSWORD,
+    roleId: 1,
+    createdAt: new Date(),
+    updatedAt: new Date()
+  },
+  JohnB: {
+    fullName: 'John Bosco',
+    userName: 'john',
+    email: '[email protected]',
+    password: process.env.PASSWORD,
     roleId: 1,
     createdAt: new Date(),
     updatedAt: new Date()
@@ -45,7 +58,7 @@ export default {
     fullName: 'Daniel Cfh',
     userName: 'cfh',
     email: '[email protected]',
-    password: 'pass123',
+    password: process.env.PASSWORD,
     roleId: 2,
     createdAt: 'date',
     updatedAt: new Date()

server/test/controllers/role.spec.js

@@ -62,7 +62,7 @@ describe('Roles', () => {
         .set({ authorization: userToken })
       .send(role)
       .end((err, res) => {
-        expect(res.status).to.equal(401);
+        expect(res.status).to.equal(403);
         expect(res.body).to.be.a('object');
         expect(res.body.message).to.eql('You are not authorized');
         done();
@@ -91,7 +91,7 @@ describe('Roles', () => {
         .get('/api/v1/roles')
         .set({ authorization: userToken })
         .end((err, res) => {
-          expect(res.status).to.equal(401);
+          expect(res.status).to.equal(403);
           expect(res.body.message)
           .to.eql('You are not authorized');
           done();
@@ -120,7 +120,7 @@ describe('Roles', () => {
         .get(`/api/v1/roles/${id}`)
         .set({ authorization: userToken })
         .end((err, res) => {
-          expect(res.status).to.equal(401);
+          expect(res.status).to.equal(403);
           expect(res.body.message).to.eql('You are not authorized');
           done();
         });
@@ -184,7 +184,7 @@ describe('Roles', () => {
          .set({ authorization: userToken })
         .send({ title: 'boromir' })
         .end((err, res) => {
-          expect(res.status).to.equal(401);
+          expect(res.status).to.equal(403);
           expect(res.body).to.be.a('object');
           expect(res.body.message).to.eql('You are not authorized');
           done();
@@ -228,7 +228,7 @@ describe('Roles', () => {
         .delete(`/api/v1/roles/${id}`)
         .set({ authorization: userToken })
         .end((err, res) => {
-          expect(res.status).to.equal(401);
+          expect(res.status).to.equal(403);
           expect(res.body).to.be.a('object');
           expect(res.body.message).to.eql('You are not authorized');
           done();