#1258 fixes for pr pipeline

jack-flores · jack-flores · commit b94e2c251694 · 2024-07-31T12:01:20.000-04:00
diff --git a/src/controller/org.controller/org.controller.js b/src/controller/org.controller/org.controller.js
@@ -331,15 +331,14 @@ async function updateOrg (req, res, next) {
     const org = await orgRepo.findOneByShortName(shortName)
     const orgMakingChanges = req.ctx.org
     let agt = setAggregateOrgObj({ short_name: shortName })
-    
+
     // org doesn't exist
     if (!org) {
       logger.info({ uuid: req.ctx.uuid, message: shortName + ' organization could not be updated in MongoDB because it does not exist.' })
       return res.status(404).json(error.orgDnePathParam(shortName))
     }
 
     newOrg.last_active = Date.now()
-    
     const isSec = await orgRepo.isSecretariat(orgMakingChanges)
 
     if (isSec) {
@@ -367,36 +366,36 @@ async function updateOrg (req, res, next) {
           }
         }
       })
+    }
 
-      // updating the org's roles
-      if (org) {
-        const roles = org.authority.active_roles
+    // updating the org's roles
+    if (org) {
+      const roles = org.authority.active_roles
 
-        // adding roles
-        addRoles.forEach(role => {
-          if (!roles.includes(role)) {
-            roles.push(role)
-          }
-        })
+      // adding roles
+      addRoles.forEach(role => {
+        if (!roles.includes(role)) {
+          roles.push(role)
+        }
+      })
 
-        // removing roles
-        removeRoles.forEach(role => {
-          const index = roles.indexOf(role)
+      // removing roles
+      removeRoles.forEach(role => {
+        const index = roles.indexOf(role)
 
-          if (index > -1) {
-            roles.splice(index, 1)
-          }
-        })
+        if (index > -1) {
+          roles.splice(index, 1)
+        }
+      })
 
-        newOrg.authority.active_roles = roles
-      }
+      newOrg.authority.active_roles = roles
+    }
 
-      if (newOrg.short_name) {
-        const result = await orgRepo.findOneByShortName(newOrg.short_name)
+    if (newOrg.short_name) {
+      const result = await orgRepo.findOneByShortName(newOrg.short_name)
 
-        if (result) {
-          return res.status(403).json(error.duplicateShortname(newOrg.short_name))
-        }
+      if (result) {
+        return res.status(403).json(error.duplicateShortname(newOrg.short_name))
       }
     }
 
diff --git a/src/middleware/middleware.js b/src/middleware/middleware.js
@@ -142,11 +142,11 @@ async function validateOrg (req, res, next) {
   const CONSTANTS = getConstants()
 
   try {
-    logger.info({ uuid: req.ctx.uuid, message: 'Authenticating org: ' + org }) 
+    logger.info({ uuid: req.ctx.uuid, message: 'Authenticating org: ' + org })
 
     const isSec = await orgRepo.isSecretariat(org)
     if (!isSec) {
-      if (!(org == reqOrg)) {
+      if (!(org === reqOrg)) {
         logger.info({ uuid: req.ctx.uuid, message: org + ' is not a ' + CONSTANTS.AUTH_ROLE_ENUM.SECRETARIAT + ' or the same as ' + reqOrg + ' and is not allowed to make these changes.' })
         return res.status(401).json(error.unauthorized())
       }
diff --git a/test/integration-tests/org/putOrgTest.js b/test/integration-tests/org/putOrgTest.js
@@ -6,104 +6,104 @@ const constants = require('../constants.js')
 const app = require('../../../src/index.js')
 
 const params = { name: 'Test Organization', id_quota: 100 }
-const secretariat_params = { name: 'MITRE Corporation', id_quota: 100000 }
-const cna_params = { name: 'Adams, Nielsen and Hensley', id_quota: 1309 }
+const secretariatParams = { name: 'MITRE Corporation', id_quota: 100000 }
+const cnaParams = { name: 'Adams, Nielsen and Hensley', id_quota: 1309 }
 
 describe('Testing org put endpoint', () => {
-    context('Positive Tests', () => {
-        it('Allows update made by a secretariat to itself', async () => {
-            await chai.request(app)
-            .put('/api/org/mitre')
-            .set({ ...constants.headers })
-            .query(params)
-            .send()
-            .then((res, err) => {
-                expect(res).to.have.status(200)
-                expect(res.body.updated.name).to.equal(params.name)
-                expect(res.body.updated.policies.id_quota).to.equal(params.id_quota)
-                expect(err).to.be.undefined
-            })
-            await chai.request(app)
-            .put(`/api/org/mitre`)
-            .set({ ...constants.headers })
-            .query(secretariat_params)
-            .send()
-            .then((res, err) => {
-                expect(res).to.have.status(200)
-                expect(res.body.updated.name).to.equal(secretariat_params.name)
-                expect(res.body.updated.policies.id_quota).to.equal(secretariat_params.id_quota)
-                expect(err).to.be.undefined
-            })
+  context('Positive Tests', () => {
+    it('Allows update made by a secretariat to itself', async () => {
+      await chai.request(app)
+        .put('/api/org/mitre')
+        .set({ ...constants.headers })
+        .query(params)
+        .send()
+        .then((res, err) => {
+          expect(res).to.have.status(200)
+          expect(res.body.updated.name).to.equal(params.name)
+          expect(res.body.updated.policies.id_quota).to.equal(params.id_quota)
+          expect(err).to.be.undefined
         })
-        it('Allows update made by a secretariat to another org', async () => {
-            await chai.request(app)
-            .put('/api/org/win_5')
-            .set({ ...constants.headers })
-            .query(params)
-            .send()
-            .then((res, err) => {
-                expect(res).to.have.status(200)
-                expect(res.body.updated.name).to.equal(params.name)
-                expect(res.body.updated.policies.id_quota).to.equal(params.id_quota)
-                expect(err).to.be.undefined
-            })
-            await chai.request(app)
-            .put('/api/org/win_5')
-            .set({ ...constants.headers })
-            .query(cna_params)
-            .send()
-            .then((res, err) => {
-                expect(res).to.have.status(200)
-                expect(res.body.updated.name).to.equal(cna_params.name)
-                expect(res.body.updated.policies.id_quota).to.equal(cna_params.id_quota)
-                expect(err).to.be.undefined
-            })
+      await chai.request(app)
+        .put('/api/org/mitre')
+        .set({ ...constants.headers })
+        .query(secretariatParams)
+        .send()
+        .then((res, err) => {
+          expect(res).to.have.status(200)
+          expect(res.body.updated.name).to.equal(secretariatParams.name)
+          expect(res.body.updated.policies.id_quota).to.equal(secretariatParams.id_quota)
+          expect(err).to.be.undefined
         })
-        it('Update made by non secretariat org to itself ONLY updates last_active field', async () => {
-            let now = Date.now()
-            await chai.request(app)
-            .put('/api/org/win_5')
-            .set({ ...constants.nonSecretariatUserHeaders })
-            .query(params)
-            .send()
-            .then((res, err) => {
-                // Assert that that the last_active field was updated under 2 seconds ago
-                let last_active = Date.parse(res.body.updated.last_active)
-                let diff = Math.abs(now - last_active)
-                let within_two_seconds = diff < 2000
-                expect(within_two_seconds).to.be.true
-                // Assert no other fields were changed
-                expect(res).to.have.status(200)
-                expect(res.body.updated.name).to.equal(cna_params.name)
-                expect(res.body.updated.policies.id_quota).to.equal(cna_params.id_quota)
-                expect(err).to.be.undefined
-            })
+    })
+    it('Allows update made by a secretariat to another org', async () => {
+      await chai.request(app)
+        .put('/api/org/win_5')
+        .set({ ...constants.headers })
+        .query(params)
+        .send()
+        .then((res, err) => {
+          expect(res).to.have.status(200)
+          expect(res.body.updated.name).to.equal(params.name)
+          expect(res.body.updated.policies.id_quota).to.equal(params.id_quota)
+          expect(err).to.be.undefined
+        })
+      await chai.request(app)
+        .put('/api/org/win_5')
+        .set({ ...constants.headers })
+        .query(cnaParams)
+        .send()
+        .then((res, err) => {
+          expect(res).to.have.status(200)
+          expect(res.body.updated.name).to.equal(cnaParams.name)
+          expect(res.body.updated.policies.id_quota).to.equal(cnaParams.id_quota)
+          expect(err).to.be.undefined
         })
     })
-    context('Negative Tests', () => {
-        it('Fails update made by a non-secretariat org to a different org', async () => {
-            await chai.request(app)
-            .put('/api/org/cause_8')
-            .set({ ...constants.nonSecretariatUserHeaders })
-            .send()
-            .then((res, err) => {
-                expect(res).to.have.status(401)
-                expect(err).to.be.undefined
-                expect(res.body).to.haveOwnProperty('error')
-                expect(res.body.error).to.equal('UNAUTHORIZED')
-            })
+    it('Update made by non secretariat org to itself ONLY updates last_active field', async () => {
+      const now = Date.now()
+      await chai.request(app)
+        .put('/api/org/win_5')
+        .set({ ...constants.nonSecretariatUserHeaders })
+        .query(params)
+        .send()
+        .then((res, err) => {
+          // Assert that that the last_active field was updated under 2 seconds ago
+          const lastActive = Date.parse(res.body.updated.last_active)
+          const diff = Math.abs(now - lastActive)
+          const withinTwoSeconds = diff < 2000
+          expect(withinTwoSeconds).to.be.true
+          // Assert no other fields were changed
+          expect(res).to.have.status(200)
+          expect(res.body.updated.name).to.equal(cnaParams.name)
+          expect(res.body.updated.policies.id_quota).to.equal(cnaParams.id_quota)
+          expect(err).to.be.undefined
         })
-        it('Fails update made by a non-secretariat org to a secretariat', async () => {
-            await chai.request(app)
-            .put('/api/org/mitre')
-            .set({ ...constants.nonSecretariatUserHeaders })
-            .send()
-            .then((res, err) => {
-                expect(res).to.have.status(401)
-                expect(err).to.be.undefined
-                expect(res.body).to.haveOwnProperty('error')
-                expect(res.body.error).to.equal('UNAUTHORIZED')
-            })
+    })
+  })
+  context('Negative Tests', () => {
+    it('Fails update made by a non-secretariat org to a different org', async () => {
+      await chai.request(app)
+        .put('/api/org/cause_8')
+        .set({ ...constants.nonSecretariatUserHeaders })
+        .send()
+        .then((res, err) => {
+          expect(res).to.have.status(401)
+          expect(err).to.be.undefined
+          expect(res.body).to.haveOwnProperty('error')
+          expect(res.body.error).to.equal('UNAUTHORIZED')
+        })
+    })
+    it('Fails update made by a non-secretariat org to a secretariat', async () => {
+      await chai.request(app)
+        .put('/api/org/mitre')
+        .set({ ...constants.nonSecretariatUserHeaders })
+        .send()
+        .then((res, err) => {
+          expect(res).to.have.status(401)
+          expect(err).to.be.undefined
+          expect(res.body).to.haveOwnProperty('error')
+          expect(res.body.error).to.equal('UNAUTHORIZED')
         })
     })
-})
+  })
+})
diff --git a/test/unit-tests/org/orgUpdateTest.js b/test/unit-tests/org/orgUpdateTest.js
@@ -48,6 +48,10 @@ class OrgUpdatedAddingRole {
   async getOrgUUID () {
     return null
   }
+
+  async isSecretariat () {
+    return true
+  }
 }
 
 class OrgUpdatedRemovingRole {
@@ -66,6 +70,10 @@ class OrgUpdatedRemovingRole {
   async getOrgUUID () {
     return null
   }
+
+  async isSecretariat () {
+    return true
+  }
 }
 
 describe('Testing the PUT /org/:shortname endpoint in Org Controller', () => {
@@ -102,8 +110,11 @@ describe('Testing the PUT /org/:shortname endpoint in Org Controller', () => {
         async findOneByShortName () {
           return orgFixtures.existentOrg
         }
-      }
 
+        async isSecretariat () {
+          return true
+        }
+      }
       app.route('/org-not-updated-shortname-exists/:shortname')
         .put((req, res, next) => {
           const factory = {
@@ -112,15 +123,13 @@ describe('Testing the PUT /org/:shortname endpoint in Org Controller', () => {
           req.ctx.repositories = factory
           next()
         }, orgParams.parsePostParams, orgController.ORG_UPDATE_SINGLE)
-
       chai.request(app)
         .put(`/org-not-updated-shortname-exists/${orgFixtures.existentOrg.short_name}?new_short_name=cisco`)
         .set(orgFixtures.secretariatHeader)
         .end((err, res) => {
           if (err) {
             done(err)
           }
-
           expect(res).to.have.status(403)
           expect(res).to.have.property('body').and.to.be.a('object')
           const errObj = error.duplicateShortname('cisco')
@@ -288,6 +297,10 @@ describe('Testing the PUT /org/:shortname endpoint in Org Controller', () => {
         async aggregate () {
           return [orgFixtures.existentOrg]
         }
+
+        async isSecretariat () {
+          return true
+        }
       }
 
       app.route('/org-not-updated-no-query-parameters/:shortname')
