Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Live-Site] Test/event kickout peer api #1387

Open
wants to merge 58 commits into
base: develop
Choose a base branch
from
Open

[Live-Site] Test/event kickout peer api #1387

wants to merge 58 commits into from

Conversation

prerana1821
Copy link
Contributor

Description:

Tests for kickout peer API for live site.

PATCH - /:id/peers/kickout - Removes peer from the event & update the database.

Main PR

#1375

More details:

Fixes: #1374

prerana1821 and others added 30 commits February 28, 2023 21:31
@prerana1821
docs: made the prerequisites setup more clear
9411540
@prerana1821
docs: fixed an unwanted change
3eaa83a
@prerana1821
feat: initial setup for 100ms
6f673cf
@prerana1821
fix: private variable issue
977ae7a
@prerana1821
feat: rooms apis
1685f2a
@prerana1821
feat: added jsdoc comments to the controller and model
63a7955
@prerana1821
fix: added object destructuring to payloads
36e2c32
@prerana1821
test: added unit tests for models
5fa4698
@prerana1821
test: added integration tests for room APIs
01a4074
@prerana1821
fix: removed logs
59ba22a
@prerana1821
fix: added constant and refresh token function.
bf07589
@prerana1821
fix: replaced uuid with crypto package to generate the unique ids.
768d981
@prerana1821
Merge branch 'feat/100ms-setup' into feat/event-room-apis
d3161cc
@prerana1821
fix: unit test for event update API
814cdf6
@prerana1821
fix: removed crypto module
4735ba3
@prerana1821
Merge branch 'feat/100ms-setup' into feat/event-room-apis
c369d84
@prerana1821
fix: rooms to events
0397fb4
@prerana1821
Merge branch 'Real-Dev-Squad:develop' into develop
9eca2cb
@prerana1821
fix: merge conflicts with develop
85f28a7
@prerana1821
fix: fallback for env variables in prod
670e917
@prerana1821
fix: changed the endActiveRoom from delete to patch
64f17be
@prerana1821
fix: env variables in prod
6513643
@prerana1821
feat: added removeUnwantedProperties utility function
9774f82
@prerana1821
fix: added env in test config
5df9ee2
@prerana1821
fix: getAllRooms controller
83132fe
@prerana1821
chore: added env variables to the config
7c50cd5
@prerana1821
fix: sinon variable naming
8284536
@prerana1821
fix: added www-authenticate header check and removed payload check in…
fc90417 
… post method
@prerana1821
fix: added config default value and removed extra expiration check in…
7b0004f 
… isTokenExpired method
@prerana1821
fix: changed naming from rooms to events everywhere
6471dbb
@prerana1821 prerana1821 self-assigned this Aug 8, 2023
github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 8, 2023
View reviewed changes
routes/events.js
@@ -10,5 +10,7 @@
router.get("/:id", eventsValidator.getEventById, events.getEventById);
router.patch("/", authenticate, eventsValidator.updateEvent, events.updateEvent);
router.patch("/end", authenticate, eventsValidator.endActiveEvent, events.endActiveEvent);
router.patch("/:id/peer", authenticate, eventsValidator.addPeerToEvent, events.addPeerToEvent);

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
Loading
, but is not rate-limited.
This route handler performs
authorization
Loading
, but is not rate-limited.
This route handler performs
authorization
Loading
, but is not rate-limited.
routes/events.js Dismissed Show dismissed Hide dismissed
@prerana1821 prerana1821 marked this pull request as ready for review August 8, 2023 01:36
iamitprakash
iamitprakash requested changes Aug 8, 2023
View reviewed changes
Copy link
Member

@iamitprakash iamitprakash left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Change accordingly as per main PR

@prerana1821
Copy link
Contributor Author

Yes, done. Thank you

Pratiyushkumar
Pratiyushkumar previously approved these changes Aug 8, 2023
View reviewed changes
vvaibhavdesai
vvaibhavdesai suggested changes Aug 8, 2023
View reviewed changes
controllers/events.js Outdated
logger.error({ error });
return res.status(500).json({
error: error.code,
message: "You can't remove selected Participant from Remove, Please ask Admin or Host for help.",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same move all strings to constants they become easier to manage

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, I have fixed it.

iamitprakash
iamitprakash previously approved these changes Aug 9, 2023
View reviewed changes
vvaibhavdesai
vvaibhavdesai reviewed Aug 10, 2023
View reviewed changes
controllers/events.js Outdated
};

try {
await apiService.post(`/active-rooms/${id}/remove-peers`, payload);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will suggest to keep all the strings in constant

  1. easier to maintain
  2. easier to replace
  3. you remember constant names more often than long strings so they are easier to navigate and search

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for your review, @vvaibhavdesai.
I have made all the strings as constant.

controllers/events.js
await apiService.post(`/active-rooms/${id}/remove-peers`, payload);
await eventQuery.kickoutPeer({ eventId: id, peerId: payload.peer_id, reason: req.body.reason });
return res.status(200).json({
message: SUCCESS_MESSAGES.CONTROLLERS.KICKOUT_PEER,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nicely done 👌

@prerana1821 prerana1821 mentioned this pull request Aug 10, 2023
Merged
1 task
iamitprakash
iamitprakash requested changes Aug 11, 2023
View reviewed changes
controllers/events.js
*/
const createEvent = async (req, res) => {
const { name, description, region, userId } = req.body;
const payload = { name, description, region };
try {
const eventData = await apiService.post("/rooms", payload);
const eventData = await apiService.post(API_URLS.CREATE_EVENT, payload);
const event = removeUnwantedProperties(UNWANTED_PROPERTIES_FROM_100MS, eventData);
const eventDataFromDB = await eventQuery.createEvent({ room_id: eventData.id, created_by: userId, ...event });
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we need to save room_id in DB..?

controllers/events.js
@@ -86,7 +94,7 @@ const getAllEvents = async (req, res) => {
* @param {Object} req - The Express request object.
* @param {Object} res - The Express response object.
* @returns {Object} An object containing the generated token and a success message in JSON format.
* @throws {Error} If an error occurs while generating the token.
* @returns {Object} If an error occurs while generating the token.
*/
const joinEvent = async (req, res) => {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

function is not checking the role property of the req.body object. This means that the function will allow users to join events with any role, even if they are not supposed to have access to the event.

is my understanding correct..?

controllers/events.js
@@ -173,22 +182,86 @@ const updateEvent = async (req, res) => {
* @param {Object} req - The Express request object.
* @param {Object} res - The Express response object.
* @returns {Promise<Object>} The JSON response with a message indicating the session has ended.
* @throws {Object} The JSON response with an error message if an error occurred while ending the event.
* @returns {Promise<Object>} The JSON response with an error message if an error occurred while ending the event.
*/
const endActiveEvent = async (req, res) => {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

endActiveEvent() function is not checking the lock property of the req.body object. This means that the function will allow users to end active events, even if the event is locked.

to fix this change to below
if (payload.lock === true) {
return res.status(403).json({
error: 'Forbidden',
message: 'The event is locked and cannot be ended',
});
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@iamitprakash iamitprakash iamitprakash requested changes

@SanketDhabarde SanketDhabarde Awaiting requested review from SanketDhabarde

@satyam73 satyam73 Awaiting requested review from satyam73

@Pratiyushkumar Pratiyushkumar Awaiting requested review from Pratiyushkumar

@vvaibhavdesai vvaibhavdesai Awaiting requested review from vvaibhavdesai

Requested changes must be addressed to merge this pull request.

Assignees

@prerana1821 prerana1821

Labels
live-site
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Live-Site] Feat/event kickout peer api
4 participants
@prerana1821 @iamitprakash @vvaibhavdesai @Pratiyushkumar