Skip to content

Commit

Permalink
EMA-145 - Security findings
Browse files Browse the repository at this point in the history
  • Loading branch information
Sanyi committed Jun 28, 2024
1 parent 51bfed0 commit a6786ef
Show file tree
Hide file tree
Showing 15 changed files with 108 additions and 110 deletions.
22 changes: 11 additions & 11 deletions dev/testv2/attributes/index.spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,13 +6,13 @@ const websiteId = 1;

const mapAttributes = attributes => attributes.map(attribute => ({ code: attribute.code, name: attribute.name }));

describe('Attributes endpoint', function() {
afterEach(async function() {});
describe('Attributes endpoint', function () {
afterEach(async function () {});

after(async function() {});
after(async function () {});

describe('get', function() {
it('should fetch attributes including extra fields for customer', async function() {
describe('get', function () {
it('should fetch attributes including extra fields for customer', async function () {
const { attributes } = await this.magentoApi.execute('attributes', 'get', { type: 'customer' });
const mappedAttributes = mapAttributes(attributes);

Expand All @@ -29,7 +29,7 @@ describe('Attributes endpoint', function() {
}
});

it('should fetch attributes including extra fields for customer_address', async function() {
it('should fetch attributes including extra fields for customer_address', async function () {
const { attributes } = await this.magentoApi.execute('attributes', 'get', { type: 'customer_address' });
const mappedAttributes = mapAttributes(attributes);

Expand All @@ -40,7 +40,7 @@ describe('Attributes endpoint', function() {
}
});

it('should fetch attributes including extra fields for products', async function() {
it('should fetch attributes including extra fields for products', async function () {
const { attributes } = await this.magentoApi.execute('attributes', 'get', { type: 'product' });
const mappedAttributes = attributes.map(attribute => {
return { code: attribute.code, name: attribute.name };
Expand All @@ -58,8 +58,8 @@ describe('Attributes endpoint', function() {
});
});

describe('set', function() {
it('should modify customer attribute config for website', async function() {
describe('set', function () {
it('should modify customer attribute config for website', async function () {
await this.magentoApi.execute('attributes', 'set', {
websiteId,
type: 'customer',
Expand All @@ -76,7 +76,7 @@ describe('Attributes endpoint', function() {
expect(config.value).to.equal(JSON.stringify(['hello_attribute']));
});

it('should modify customer_address attribute config for website', async function() {
it('should modify customer_address attribute config for website', async function () {
await this.magentoApi.execute('attributes', 'set', {
websiteId,
type: 'customer_address',
Expand All @@ -93,7 +93,7 @@ describe('Attributes endpoint', function() {
expect(config.value).to.equal(JSON.stringify(['hello_attribute']));
});

it('should modify product attribute config for website', async function() {
it('should modify product attribute config for website', async function () {
await this.magentoApi.execute('attributes', 'set', {
websiteId: 0,
type: 'product',
Expand Down
12 changes: 6 additions & 6 deletions dev/testv2/config/index.spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,21 +21,21 @@ const dbKeys = {
};

const websiteId = 1;
describe('Config endpoint', function() {
before(async function() {
describe('Config endpoint', function () {
before(async function () {
await this.turnOffEverySetting(1);
});

afterEach(async function() {
afterEach(async function () {
await this.turnOffEverySetting(1);
});

after(async function() {
after(async function () {
await this.setDefaultStoreSettings();
});

describe('set', function() {
it('should modify config values for website', async function() {
describe('set', function () {
it('should modify config values for website', async function () {
await this.magentoApi.execute('config', 'set', {
websiteId,
config: fullConfig
Expand Down
10 changes: 5 additions & 5 deletions dev/testv2/customers/list.spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,8 @@ const customers = [
}
];

describe('Customers endpoint', function() {
before(async function() {
describe('Customers endpoint', function () {
before(async function () {
await this.magentoApi.execute('attributes', 'set', {
websiteId: 1,
type: 'customer',
Expand All @@ -35,7 +35,7 @@ describe('Customers endpoint', function() {
}
});

after(async function() {
after(async function () {
await this.magentoApi.execute('attributes', 'set', {
websiteId: 1,
type: 'customer',
Expand All @@ -44,7 +44,7 @@ describe('Customers endpoint', function() {
await this.db.raw(`DELETE FROM ${this.getTableName('customer_entity')} where email like "%@customer.net"`);
});

it('returns customers according to page and page_size inlcuding last_page', async function() {
it('returns customers according to page and page_size inlcuding last_page', async function () {
const page = 1;
const limit = 2;

Expand All @@ -66,7 +66,7 @@ describe('Customers endpoint', function() {
expect(customer).to.have.property('shipping_address');
});

it('returns extra_fields for customers', async function() {
it('returns extra_fields for customers', async function () {
const page = 1;
const limit = 1;

Expand Down
20 changes: 10 additions & 10 deletions dev/testv2/cypress/integration/default-behaviour.spec.js
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
'use strict';

describe('Default behaviour with everything turned off', function() {
describe('Default behaviour with everything turned off', function () {
before(() => {
cy.task('setConfig', {});
});
Expand All @@ -14,13 +14,13 @@ describe('Default behaviour with everything turned off', function() {
cy.task('clearMails');
});

context('MarketingEvents - Customer', function() {
context('MarketingEvents - Customer', function () {
afterEach(() => {
cy.task('clearEvents');
cy.logout();
});

it('should not create customer_password_reset event', function() {
it('should not create customer_password_reset event', function () {
const newPassword = 'newPassword1';

cy.loginWithCustomer(this.defaultCustomer);
Expand All @@ -36,7 +36,7 @@ describe('Default behaviour with everything turned off', function() {
});
});

it('should not create customer_email_changed event', function() {
it('should not create customer_email_changed event', function () {
const oldEmail = this.defaultCustomer.email;
const newEmail = '[email protected]';

Expand All @@ -52,7 +52,7 @@ describe('Default behaviour with everything turned off', function() {
});
});

it('should not create customer_email_and_password_changed event', function() {
it('should not create customer_email_and_password_changed event', function () {
const newEmail = '[email protected]';
const newPassword = 'newPassword4';

Expand All @@ -70,7 +70,7 @@ describe('Default behaviour with everything turned off', function() {
});
});

context('MarketingEvents - Subscription', function() {
context('MarketingEvents - Subscription', function () {
const unsubscribe = email => {
cy.task('getSubscription', email).then(subscription => {
cy.visit(`/newsletter/subscriber/unsubscribe?id=${subscription.subscriber_id}\
Expand All @@ -84,8 +84,8 @@ describe('Default behaviour with everything turned off', function() {
cy.get('.action.subscribe.primary[type="submit"]').click();
};

context('guest with double optin off', function() {
it('should not create subscription events', function() {
context('guest with double optin off', function () {
it('should not create subscription events', function () {
const guestEmail = '[email protected]';
subscribe(guestEmail);

Expand All @@ -110,7 +110,7 @@ describe('Default behaviour with everything turned off', function() {
});
});

context('guest with double optin on', function() {
context('guest with double optin on', function () {
before(() => {
cy.task('setDoubleOptin', true);
cy.task('flushMagentoCache');
Expand All @@ -120,7 +120,7 @@ describe('Default behaviour with everything turned off', function() {
cy.task('setDoubleOptin', false);
});

it('should not create subscription events', function() {
it('should not create subscription events', function () {
const guestEmail = '[email protected]';
subscribe(guestEmail);

Expand Down
18 changes: 9 additions & 9 deletions dev/testv2/cypress/integration/marketing-events-customer.spec.js
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
'use strict';

describe('Marketing Events', function() {
describe('Marketing Events', function () {
beforeEach(() => {
cy.task('clearMails');
cy.task('getDefaultCustomer').as('defaultCustomer');
Expand All @@ -10,7 +10,7 @@ describe('Marketing Events', function() {
cy.logout();
});

context('magentoSendEmails config is disabled', function() {
context('magentoSendEmails config is disabled', function () {
before(() => {
cy.task('setConfig', {
collectMarketingEvents: 'enabled',
Expand All @@ -19,7 +19,7 @@ describe('Marketing Events', function() {
cy.task('clearEvents');
});

it('should create customer_password_reset event', function() {
it('should create customer_password_reset event', function () {
const newPassword = 'newPassword2';

cy.loginWithCustomer(this.defaultCustomer);
Expand All @@ -36,7 +36,7 @@ describe('Marketing Events', function() {
});
});

it('should create customer_email_changed event', function() {
it('should create customer_email_changed event', function () {
const newEmail = '[email protected]';

cy.loginWithCustomer(this.defaultCustomer);
Expand All @@ -53,7 +53,7 @@ describe('Marketing Events', function() {
});
});

it('should create customer_email_and_password_changed event', function() {
it('should create customer_email_and_password_changed event', function () {
const newEmail = '[email protected]';
const newPassword = 'newPassword3';

Expand All @@ -72,7 +72,7 @@ describe('Marketing Events', function() {
});
});

context('magentoSendEmails config is enabled', function() {
context('magentoSendEmails config is enabled', function () {
before(() => {
cy.task('setConfig', {
collectMarketingEvents: 'enabled',
Expand All @@ -81,7 +81,7 @@ describe('Marketing Events', function() {
cy.task('clearEvents');
});

it('should create customer_password_reset event', function() {
it('should create customer_password_reset event', function () {
const newPassword = 'newPassword2';

cy.loginWithCustomer(this.defaultCustomer);
Expand All @@ -98,7 +98,7 @@ describe('Marketing Events', function() {
});
});

it('should create customer_email_changed event', function() {
it('should create customer_email_changed event', function () {
const oldEmail = this.defaultCustomer.email;
const newEmail = '[email protected]';

Expand All @@ -116,7 +116,7 @@ describe('Marketing Events', function() {
});
});

it('should create customer_email_and_password_changed event', function() {
it('should create customer_email_and_password_changed event', function () {
const oldEmail = this.defaultCustomer.email;
const newEmail = '[email protected]';
const newPassword = 'newPassword3';
Expand Down
22 changes: 11 additions & 11 deletions dev/testv2/cypress/integration/marketing-events-subscription.spec.js
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
'use strict';

describe('Marketing Events', function() {
describe('Marketing Events', function () {
const unsubscribe = email => {
cy.task('getSubscription', email).then(subscription => {
cy.visit(`/newsletter/subscriber/unsubscribe?id=${subscription.subscriber_id}\
Expand All @@ -19,16 +19,16 @@ describe('Marketing Events', function() {
cy.task('clearEvents');
});

context('magentoSendEmails config is disabled', function() {
context('magentoSendEmails config is disabled', function () {
before(() => {
cy.task('setConfig', {
collectMarketingEvents: 'enabled',
magentoSendEmail: 'disabled'
});
});

context('guest with double optin off', function() {
it('should create subscription events', function() {
context('guest with double optin off', function () {
it('should create subscription events', function () {
const guestEmail = '[email protected]';
subscribe(guestEmail);

Expand Down Expand Up @@ -56,7 +56,7 @@ describe('Marketing Events', function() {
});
});

context('guest with double optin on', function() {
context('guest with double optin on', function () {
before(() => {
cy.task('setDoubleOptin', true);
cy.task('flushMagentoCache');
Expand All @@ -66,7 +66,7 @@ describe('Marketing Events', function() {
cy.task('setDoubleOptin', false);
});

it('should create newsletter_send_confirmation_request_email event', function() {
it('should create newsletter_send_confirmation_request_email event', function () {
const guestEmail = '[email protected]';
subscribe(guestEmail);

Expand Down Expand Up @@ -95,16 +95,16 @@ describe('Marketing Events', function() {
});
});

context('magentoSendEmails config is enabled', function() {
context('magentoSendEmails config is enabled', function () {
before(() => {
cy.task('setConfig', {
collectMarketingEvents: 'enabled',
magentoSendEmail: 'enabled'
});
});

context('guest with double optin off', function() {
it('should create subscription events', function() {
context('guest with double optin off', function () {
it('should create subscription events', function () {
const guestEmail = '[email protected]';
subscribe(guestEmail);

Expand Down Expand Up @@ -133,7 +133,7 @@ describe('Marketing Events', function() {
});
});

context('guest with double optin on', function() {
context('guest with double optin on', function () {
before(() => {
cy.task('setDoubleOptin', true);
cy.task('flushMagentoCache');
Expand All @@ -143,7 +143,7 @@ describe('Marketing Events', function() {
cy.task('setDoubleOptin', false);
});

it('should create newsletter_send_confirmation_request_email event', function() {
it('should create newsletter_send_confirmation_request_email event', function () {
const guestEmail = '[email protected]';
subscribe(guestEmail);

Expand Down
Loading

0 comments on commit a6786ef

Please sign in to comment.