Merge pull request #100 from SpringRoll/release/1.8.1

chipbell4 · web-flow · commit 162ff07a2718 · 2020-02-19T11:38:09.000-05:00
Release/1.8.1
diff --git a/app/public/js/embed.js b/app/public/js/embed.js
diff --git a/app/routes/api/games.js b/app/routes/api/games.js
@@ -4,6 +4,7 @@ var router = require('express').Router(),
   Group = require('../../models/group'),
   Game = require('../../models/game'),
   cache = require('../../helpers/cache'),
+  log = require('../../helpers/logger'),
   response = require('../../helpers/response');
 
 router.use(function(req, res, next) {
@@ -26,7 +27,15 @@ router.get('/', cache, function(req, res) {
     .isToken();
 
   if (req.validationErrors()) {
-    return response.call(res, 'Invalid Arguments');
+    let message = '';
+    req.validationErrors().forEach(error => {
+      message += `${error.msg}: ${error.param}. `;
+    });
+
+    return res.status(422).send({
+      success: false,
+      error: message.trim()
+    });
   }
 
   var status = req.query.status || 'prod';
@@ -72,10 +81,19 @@ router.get('/', cache, function(req, res) {
       }
     ],
     function(err, games) {
-      if (err) {
-        return response.call(res, err);
-      } else if (games.length === 0) {
-        return response.call(res, 'No games');
+      if (err === 'No token' || err === 'Invalid token') {
+        log.warn(err + ' request for api/games');
+        return res.status(403).send({
+          success: false,
+          error: err
+        });
+      } else if (err) {
+        log.warn(err);
+
+        return res.status(400).send({
+          success: false,
+          error: err
+        });
       }
 
       games = games.reduce((filteredGames, game) => {
@@ -96,11 +114,10 @@ router.get('/', cache, function(req, res) {
         return filteredGames;
       }, []);
 
-      if (games.length <= 0) {
-        return response.call(res, 'No games');
-      }
-
-      response.call(res, err, games);
+      return res.send({
+        success: true,
+        data: games
+      });
     }
   );
 });
diff --git a/app/routes/api/release.js b/app/routes/api/release.js
@@ -174,9 +174,19 @@ router.get('/:slugOrBundleId', cache, function(req, res) {
     .checkQuery('version')
     .optional()
     .isSemver();
+
   if (req.validationErrors()) {
-    return response.call(res, 'Invalid arguments');
+    let message = '';
+    req.validationErrors().forEach(error => {
+      message += `${error.msg}: ${error.param}. `;
+    });
+
+    return res.status(422).send({
+      success: false,
+      error: message.trim()
+    });
   }
+
   Release.getByGame(
     req.params.slugOrBundleId,
     {
@@ -187,7 +197,30 @@ router.get('/:slugOrBundleId', cache, function(req, res) {
       token: req.query.token,
       debug: req.query.debug
     },
-    response.bind(res)
+    function(err, release) {
+      if (err === null && release !== null) {
+        // if there's no error and a release was found
+        return res.send({ success: true, data: release });
+      } else if (err === null && release === null) {
+        // no release was found, so it's a 404
+        log.warn(`No release found for slug "${req.params.slugOrBundleId}"`);
+        return res.status(404).send({ success: false, data: null });
+      }
+
+      if (err === 'Invalid game slug') {
+        // If the slug doesn't exist, it's a 404
+        log.warn(`Invalid game slug "${req.params.slugOrBundleId}"`);
+        return res.status(404).send({ success: false, error: err });
+      } else if (err === 'Token is required') {
+        // If the request was for a dev game without a token, it's a 403
+        log.warn(`Request for game "${req.params.slugOrBundleId}" without token`);
+        return res.status(403).send({ success: false, error: err });
+      } else {
+        // Otherwise, we don't know what it is so it's probably a 500
+        log.warn(err);
+        return res.status(500).send({ success: false, data: null });
+      }
+    }
   );
 });
 
diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json
diff --git a/package.json b/package.json
@@ -13,7 +13,7 @@
     "babel-loader": "^8.0.6",
     "bootstrap-sass": "^3.4.1",
     "chai": "^4.2.0",
-    "chromedriver": "^77.0.0",
+    "chromedriver": "^79.0.0",
     "concurrently": "^4.1.0",
     "css-loader": "^2.1.1",
     "exports-loader": "^0.7.0",
@@ -74,7 +74,7 @@
     "passport": "^0.2.1",
     "passport-local": "^1.0.0",
     "semver": "^5.0.1",
-    "springroll-container": "git+https://github.com/SpringRoll/SpringRollContainer.git",
+    "springroll-container": "github:SpringRoll/SpringRollContainer#develop",
     "uuid": "^3.2.1"
   },
   "scripts": {
diff --git a/test/api/games.js b/test/api/games.js
@@ -81,5 +81,21 @@ describe('api/games', () => {
 
       expect(response.headers.get('Cache-Control')).to.equal(null);
     });
+
+    it('should return a 422 if the provided input is invalid', async function() {
+      const response = await fetch(`${API_GAMES_URL}?token=invalid&status=invalid`);
+
+      expect(response.status).to.equal(422);
+    });
+
+    it('should return a 403 if dev games are requested without a token', async function() {
+      const response = await fetch(`${API_GAMES_URL}?status=dev`);
+      expect(response.status).to.equal(403);
+    });
+
+    it('should return a 403 if the provided token is a not a real token', async function() {
+      const response = await fetch(`${API_GAMES_URL}?status=dev&token=1234567890123456789012345678901234567890`);
+      expect(response.status).to.equal(403);
+    });
   });
 });
diff --git a/test/api/release.js b/test/api/release.js
@@ -62,6 +62,30 @@ describe('api/release', () => {
       const response = await fetch(`http://localhost:3000/api/release/${game.slug}?status=dev`);
       expect(response.headers.get('Cache-Control')).to.equal(null);
     });
+
+    it('should respond with a 404 if a request is made for a slug that does not exist', async function() {
+      const response = await fetch(`http://localhost:3000/api/release/dont-exists`);
+      expect(response.status).to.equal(404);
+    });
+
+    it('should respond with a 404 if a request is made for a game that does not have a prod release', async function() {
+      const game = await dataMakers.makeGame('dev');
+      const response = await fetch(`http://localhost:3000/api/release/${game.slug}`);
+      expect(response.status).to.equal(404);
+    });
+
+    it('should respond with a 403 if a request is made for a dev release without a token', async function() {
+      const game = await dataMakers.makeGame('dev');
+      const response = await fetch(`http://localhost:3000/api/release/${game.slug}?status=dev`);
+      const json = await response.json();
+
+      expect(response.status).to.equal(403);
+    });
+
+    it('should respond with a 422 if the request had invalid fields', async function() {
+      const response = await fetch('http://localhost:3000/api/release/doesntmatter?status=NOPE&token=tooshort');
+      expect(response.status).to.equal(422);
+    });
   });
 
   describe('POST', () => {
diff --git a/test/pages/embed.js b/test/pages/embed.js
@@ -47,7 +47,7 @@ describe('Embed Pages', () => {
 
     const text = await alert.getText();
     await alert.accept();
-    expect(text).to.equal('Invalid arguments');
+    expect(text).to.equal('Invalid value: token.');
   });
 
   it('should allow valid tokens to view dev releases of a game', async () => {
