remove hard coded data in spec

Author: Andela Developer

codeclimate.yml

@@ -17,4 +17,4 @@ ratings:
   - "**.jsx"
 exclude_paths:
 - node_modules/**/*
-- server/test/**
+- test/

server/config/config.js

@@ -10,7 +10,12 @@ module.exports = {
     dialect: 'postgres'
   },
   test: {
-    use_env_variable: 'TEST_DB'
+    username: 'andeladeveloper',
+    password: null,
+    database: 'docmanager-test',
+    host: '127.0.0.1',
+    port: 5432,
+    dialect: 'postgres'
   },
   production: {
     use_env_variable: 'PRODUCTION_DB',

server/controllers/documents.js

@@ -93,9 +93,23 @@ function getAllDocument(req, res) {
       limit,
       offset,
       where: {
-        access: {
-          $ne: 'private'
-        }
+        $or: [
+          {
+            access: {
+              $eq: 'private'
+            }
+          },
+          {
+            access: {
+              $eq: 'public'
+            }
+          },
+          {
+            access: {
+              $eq: 'role'
+            }
+          }
+        ]
       },
       include: [
         {
@@ -161,7 +175,7 @@ function findDocument(req, res) {
       }
       if (document.access === 'private') {
         if (document.userId !== req.decoded.id) {
-          return res.status(401).json({
+          return res.status(403).json({
             message: 'You are not authorized to view this document'
           });
         }
@@ -174,7 +188,7 @@ function findDocument(req, res) {
             if (
               Number(documentOwner.roleId) !== Number(req.decoded.roleId)
             ) {
-              return res.status(401).json({
+              return res.status(403).json({
                 message: 'You are not authorized to view this document'
               });
             }

server/controllers/search.js

@@ -3,7 +3,7 @@ import models from '../models';
 
 const Document = models.Document;
 const User = models.User;
-const metaData = helper.paginationMetaData;
+const pagination = helper.paginationMetaData;
 
 /**
  * Search for user using a query string
@@ -36,7 +36,7 @@ function searchUser(req, res) {
     }
     res.status(200).send({
       user,
-      pagination: metaData(count, limit, offset)
+      pagination: pagination(count, limit, offset)
     });
   }).catch(error => res.status(400).send(error));
 }
@@ -84,7 +84,7 @@ function searchDocuments(req, res) {
       }
       res.status(200).send({
         document,
-        pagination: metaData(count, limit, offset),
+        pagination: pagination(count, limit, offset),
       });
     })
     .catch(error => res.status(400).send(error));
@@ -119,7 +119,7 @@ function searchDocuments(req, res) {
       }
       res.status(200).send({
         document,
-        pagination: metaData(count, limit, offset),
+        pagination: pagination(count, limit, offset),
       });
     })
     .catch(error => res.status(400).send(error));

server/controllers/users.js

@@ -9,7 +9,7 @@ require('dotenv').config();
 const jwtSecret = process.env.JWT_SECRET;
 const Document = models.Document;
 const User = models.User;
-const metaData = helper.paginationMetaData;
+const pagination = helper.paginationMetaData;
 
 /**
  * Get all users
@@ -29,7 +29,7 @@ function getUsers(req, res) {
   .then(({ rows: user, count }) => {
     res.status(200).send({
       user,
-      pagination: metaData(count, limit, offset)
+      pagination: pagination(count, limit, offset)
     });
   })
   .catch(error => res.status(400).send(error));
@@ -66,8 +66,10 @@ function createUser(req, res) {
           roleId: req.body.roleId || 2
         }).then((userDetails) => {
           res.status(200).json({
-            userDetails,
-            success: true,
+            email: userDetails.email,
+            fullName: userDetails.fullName,
+            id: userDetails.id,
+            roleId: userDetails.roleId,
             message: 'You have successfully registered.'
           });
         }).catch((error) => {
@@ -141,7 +143,7 @@ function findUser(req, res) {
   const userQuery = Number(req.params.id);
   if ((req.decoded.id !== userQuery) && (req.decoded.roleId !== 1)) {
     return res.status(403).json({
-      message: 'Please register or login'
+      message: 'Unauthorized Access'
     });
   }
   if (isNaN(userQuery)) {
@@ -266,7 +268,7 @@ function getUserDocuments(req, res) {
         .then(({ rows: document, count }) => {
           res.status(200).send({
             document,
-            pagination: metaData(count, limit, offset),
+            pagination: pagination(count, limit, offset),
           });
         })
         .catch(error => res.status(400).send(error));

server/routes/documents.js

@@ -176,8 +176,8 @@ router.route('/:id')
  *             "$ref": "#/definitions/Document"
  *         400:
  *           description: Error.
- *         401:
- *           description: You do not have access to this document.
+ *         403:
+ *           description: You do not have permission to access this document.
  *         404:
  *           description: Document not found.
  *       security:

server/routes/users.js

@@ -36,11 +36,11 @@ const router = express.Router();
  *       createdAt:
  *         type: string
  *         format: int32
- *         example: 2016-08-29T09:12:33.001Z
+ *         example: 2016-08-29
  *       updatedAt:
  *         type: string
  *         format: int32
- *         example: 2016-08-29T09:12:33.001Z
+ *         example: 2016-08-29
  *   Document:
  *     type: object
  *     required:
@@ -67,11 +67,11 @@ const router = express.Router();
  *       createdAt:
  *         type: string
  *         format: int32
- *         example: 2016-08-29T09:12:33.001Z
+ *         example: 2016-08-29
  *       updatedAt:
  *         type: string
  *         format: int32
- *         example: 2016-08-29T09:12:33.001Z
+ *         example: 2016-08-29
  */
 // Security schema definition
 /**
@@ -95,7 +95,7 @@ router.route('/login')
   *         - User
   *       summary: Login a user
   *       operationId: login
-  *       description: Logs in a user and provides them with a jwt token to access other routes
+  *       description: Logs in a user and provides them with a jwt token
   *       consumes:
   *         - application/x-www-form-urlencoded
   *       produces:
@@ -134,7 +134,7 @@ router.route('/')
 /**
  * @swagger
  * paths:
- *   /api/v1/users/:
+ *   /api/v1/users:
  *     post:
  *       tags:
  *         - User
@@ -162,13 +162,11 @@ router.route('/')
  *           name: password
  *           description: User's password
  *           required: true
- *           schema:
- *             type: array
- *             items:
- *               $ref: '#/definitions/User'
  *       responses:
  *         200:
- *           description: You have successfully registered.
+ *           description: Succesfull Operation.
+ *           schema:
+ *             $ref: "#/definitions/User"
  *         400:
  *           description: Error.
  *     get:
@@ -177,7 +175,7 @@ router.route('/')
  *       summary: Get all users
  *       operationId: getUsers
  *       description:
- *         This route is only accessible to an admin to enable her get all users.
+ *         This route is only accessible to an admin.
  *       produces:
  *         - application/json
  *       parameters:
@@ -346,7 +344,7 @@ router.route('/:id/documents')
 /**
  * @swagger
  * paths:
- *   /api/v1/users/{id}/documents/ :
+ *   /api/v1/users/{id}/documents :
  *     get:
  *       tags:
  *         - User