Skip to content

Commit 73a97a9

Browse files
ar2rsawseenar2rsawseen
authored
Merge pull request #7466 from Countly/codex/upload-validation-guards
Fix CMS clear write validation
2 parents d672454 + 7bca5af commit 73a97a9

File tree

3 files changed

+60
-2
lines changed

3 files changed

+60
-2
lines changed

api/utils/requestProcessor.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3319,7 +3319,7 @@ const processRequest = (params) => {
33193319
validateUserForWrite(params, countlyApi.mgmt.cms.saveEntries);
33203320
break;
33213321
case 'clear':
3322-
validateUserForWrite(countlyApi.mgmt.cms.clearCache, params);
3322+
validateUserForWrite(params, countlyApi.mgmt.cms.clearCache);
33233323
break;
33243324
default:
33253325
if (!plugins.dispatch(apiPath, {

plugins/crashes/api/api.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -647,7 +647,7 @@ const FEATURE_NAME = 'crashes';
647647
try {
648648
[crash] = await getCrashesTable({
649649
query: { _id: id },
650-
fields: { error: 1 },
650+
fields: { binary_crash_dump: 1 },
651651
limit: 1,
652652
});
653653
}

test/2.api/08b.cms.js

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
var request = require('supertest');
2+
var should = require('should');
3+
var testUtils = require("../testUtils");
4+
request = request(testUtils.url);
5+
6+
describe('CMS API', function() {
7+
it('should save, read and clear CMS cache entries', async() => {
8+
const API_KEY_ADMIN = testUtils.get("API_KEY_ADMIN");
9+
const APP_ID = testUtils.get("APP_ID");
10+
const namespace = 'server-guides';
11+
const entryId = `${namespace}_docs_${Date.now()}`;
12+
13+
let sp = new URLSearchParams();
14+
sp.append('api_key', API_KEY_ADMIN);
15+
sp.append('app_id', APP_ID);
16+
sp.append('_id', namespace);
17+
sp.append('entries', JSON.stringify([
18+
{_id: entryId, title: 'Validator Guide', body: 'Welcome'}
19+
]));
20+
21+
const saveResponse = await request.get(`/i/cms/save_entries?${sp.toString()}`);
22+
should(saveResponse.status).equal(200);
23+
saveResponse.body.should.have.property('result', 'Entries saved');
24+
25+
sp = new URLSearchParams();
26+
sp.append('api_key', API_KEY_ADMIN);
27+
sp.append('app_id', APP_ID);
28+
sp.append('_id', namespace);
29+
sp.append('query', JSON.stringify({title: 'Validator Guide'}));
30+
31+
const readResponse = await request.get(`/o/cms/entries?${sp.toString()}`);
32+
should(readResponse.status).equal(200);
33+
readResponse.body.should.have.property('data');
34+
should(readResponse.body.data).be.Array();
35+
should.exist(readResponse.body.data.find((entry) => entry._id === entryId));
36+
37+
sp = new URLSearchParams();
38+
sp.append('api_key', API_KEY_ADMIN);
39+
sp.append('app_id', APP_ID);
40+
sp.append('_id', namespace);
41+
42+
const clearResponse = await request.get(`/i/cms/clear?${sp.toString()}`);
43+
should(clearResponse.status).equal(200);
44+
clearResponse.body.should.have.property('result', 'CMS cache cleared');
45+
46+
sp = new URLSearchParams();
47+
sp.append('api_key', API_KEY_ADMIN);
48+
sp.append('app_id', APP_ID);
49+
sp.append('_id', namespace);
50+
sp.append('query', JSON.stringify({_id: entryId}));
51+
52+
const postClearResponse = await request.get(`/o/cms/entries?${sp.toString()}`);
53+
should(postClearResponse.status).equal(200);
54+
postClearResponse.body.should.have.property('data');
55+
should(postClearResponse.body.data).be.Array();
56+
should.not.exist(postClearResponse.body.data.find((entry) => entry._id === entryId));
57+
});
58+
});

0 commit comments

Comments
 (0)