← To the list of documents
Версия:

Testing

The system currently does not have full test coverage, and module testing is conducted during the development process.

Within the framework of project development using the system, you can use any testing approach. Below are the system tools that may be useful for this.

API

First of all, the API can be useful for testing. You can use it via HTTP(S) as well as through a socket connection with or without using the go_core_query library. For more details, see the API and go_core_query section.

apiSys

Inside any function, you can use apiSys. This is a function imported from the api library that allows you to call any method of any class (in kernel terminology) on behalf of a system user.

loginAsUser

This is a mechanism that allows authorizing as a specific user inside the backend, obtaining a request object (with their session), and then performing any chain of actions.

This allows writing functions for, for example, End-to-end testing, simulating the behavior of various users.

To obtain a user session, it is necessary to call User_session.loginAsUser. For security reasons, calling this method is allowed only from methods defined in libs/api/apiConfig.

Configuring Allowed Methods

The object that needs to be supplemented: grandAccessToLoginAsUserOperation.

To allow a new method from which User_session.loginAsUser can be called:

  1. Go to the apiConfig configuration for a specific project (libs/api/apiConfig/project.ts).
  2. Find the grandAccessToLoginAsUserOperation_ object and supplement it. This is an object where the key is the class name and the value is an array of methods of that class.

You can create, for example, a Testing class and write all methods (entry points) in it. Example of adding methods to allowed:

export const grandAccessToLoginAsUserOperation_: IGrandAccessToLoginAsUserOperation = {
   Testing: ['testOrderingRoute', 'emulateManyOrders'],
}

reLoginAsUser

There is also a grandAccessToReLoginAsUserOperation object, which defines access to the reLoginAsUser method. This method, unlike loginAsUser, allows specifically switching the current session to the session of a certain user.

This mechanism can be used not only in testing but also in the main business logic of your project. For example, if a user can delegate part of the actions to their manager, such logic can be implemented through this mechanism, limiting the list of those who can be switched to by the “Trusted Persons” table.

Such a scenario is quite common, and many commercial solutions do not have a built-in mechanism for its implementation, solving the problem by simply passing the login and password to another person, which is a security problem.