diff --git a/server/routes/folder.coffee b/server/routes/folder.coffee index 7ac5e187a..d63701605 100644 --- a/server/routes/folder.coffee +++ b/server/routes/folder.coffee @@ -4,7 +4,7 @@ errors = require '../commons/errors' module.exports.setup = (app) -> app.all '/folder*', (req, res) -> return folderGet(req, res) if req.route.method is 'get' - return errors.badMethod(res) + return errors.badMethod(res, ['GET']) folderGet = (req, res) -> folder = req.path[7..] @@ -15,4 +15,4 @@ folderGet = (req, res) -> mongoose.connection.db.collection 'media.files', (errors, collection) -> collection.find({'metadata.path': folder}).toArray (err, results) -> res.send(results) - res.end() \ No newline at end of file + res.end() diff --git a/server/routes/languages.coffee b/server/routes/languages.coffee index a959e823d..b29cc8fdb 100644 --- a/server/routes/languages.coffee +++ b/server/routes/languages.coffee @@ -11,7 +11,7 @@ module.exports.setup = (app) -> app.all '/languages', (req, res) -> # Now that these are in the client, not sure when we would use this, but hey - return errors.badMethod(res) if req.route.method isnt 'get' + return errors.badMethod(res, ['GET']) if req.route.method isnt 'get' res.send(languages) return res.end() diff --git a/server/routes/queue.coffee b/server/routes/queue.coffee index 388bce4e0..e69ae720e 100644 --- a/server/routes/queue.coffee +++ b/server/routes/queue.coffee @@ -28,7 +28,7 @@ module.exports.setup = (app) -> app.all '/queue/*', (req, res) -> setResponseHeaderToJSONContentType res - + queueName = getQueueNameFromPath req.path try handler = loadQueueHandler queueName @@ -64,7 +64,7 @@ isHTTPMethodPost = (req) -> return req.route.method is 'post' isHTTPMethodPut = (req) -> return req.route.method is 'put' -sendMethodNotSupportedError = (req, res) -> errors.badMethod(res,"Queues do not support the HTTP method used." ) +sendMethodNotSupportedError = (req, res) -> errors.badMethod(res, ['GET', 'POST', 'PUT'], "Queues do not support the HTTP method used." ) sendQueueError = (req,res, error) -> errors.serverError(res, "Route #{req.path} had a problem: #{error}") diff --git a/test/server/functional/folder.spec.coffee b/test/server/functional/folder.spec.coffee new file mode 100644 index 000000000..e79ef6d63 --- /dev/null +++ b/test/server/functional/folder.spec.coffee @@ -0,0 +1,35 @@ +require '../common' + +describe 'folder', -> + url = getURL('/folder') + allowHeader = 'GET' + + it 'can\'t be requested with HTTP POST method', (done) -> + request.post {uri: url}, (err, res, body) -> + expect(res.statusCode).toBe(405) + expect(res.headers.allow).toBe(allowHeader) + done() + + it 'can\'t be requested with HTTP PUT method', (done) -> + request.put {uri: url}, (err, res, body) -> + expect(res.statusCode).toBe(405) + expect(res.headers.allow).toBe(allowHeader) + done() + + it 'can\'t be requested with HTTP PATCH method', (done) -> + request {method:'patch', uri: url}, (err, res, body) -> + expect(res.statusCode).toBe(405) + expect(res.headers.allow).toBe(allowHeader) + done() + + it 'can\'t be requested with HTTP HEAD method', (done) -> + request.head {uri: url}, (err, res, body) -> + expect(res.statusCode).toBe(405) + expect(res.headers.allow).toBe(allowHeader) + done() + + it 'can\'t be requested with HTTP DELETE method', (done) -> + request.del {uri: url}, (err, res, body) -> + expect(res.statusCode).toBe(405) + expect(res.headers.allow).toBe(allowHeader) + done() diff --git a/test/server/functional/languages.spec.coffee b/test/server/functional/languages.spec.coffee new file mode 100644 index 000000000..f8ccba0df --- /dev/null +++ b/test/server/functional/languages.spec.coffee @@ -0,0 +1,35 @@ +require '../common' + +describe 'languages', -> + url = getURL('/languages') + allowHeader = 'GET' + + it 'can\'t be requested with HTTP POST method', (done) -> + request.post {uri: url}, (err, res, body) -> + expect(res.statusCode).toBe(405) + expect(res.headers.allow).toBe(allowHeader) + done() + + it 'can\'t be requested with HTTP PUT method', (done) -> + request.put {uri: url}, (err, res, body) -> + expect(res.statusCode).toBe(405) + expect(res.headers.allow).toBe(allowHeader) + done() + + it 'can\'t be requested with HTTP PATCH method', (done) -> + request {method:'patch', uri: url}, (err, res, body) -> + expect(res.statusCode).toBe(405) + expect(res.headers.allow).toBe(allowHeader) + done() + + it 'can\'t be requested with HTTP HEAD method', (done) -> + request.head {uri: url}, (err, res, body) -> + expect(res.statusCode).toBe(405) + expect(res.headers.allow).toBe(allowHeader) + done() + + it 'can\'t be requested with HTTP DELETE method', (done) -> + request.del {uri: url}, (err, res, body) -> + expect(res.statusCode).toBe(405) + expect(res.headers.allow).toBe(allowHeader) + done() diff --git a/test/server/functional/queue.spec.coffee b/test/server/functional/queue.spec.coffee new file mode 100644 index 000000000..c59ff409b --- /dev/null +++ b/test/server/functional/queue.spec.coffee @@ -0,0 +1,25 @@ +require '../common' + +describe 'queue', -> + someURL = getURL('/queue/') + allowHeader = 'GET, POST, PUT' + + xit 'can\'t be requested with HTTP PATCH method', (done) -> + request {method:'patch', uri: someURL}, (err, res, body) -> + expect(res.statusCode).toBe(405) + expect(res.headers.allow).toBe(allowHeader) + done() + + xit 'can\'t be requested with HTTP HEAD method', (done) -> + request.head {uri: someURL}, (err, res, body) -> + expect(res.statusCode).toBe(405) + expect(res.headers.allow).toBe(allowHeader) + done() + + xit 'can\'t be requested with HTTP DELETE method', (done) -> + request.del {uri: someURL}, (err, res, body) -> + expect(res.statusCode).toBe(405) + expect(res.headers.allow).toBe(allowHeader) + done() + +