Implemented Route Testing for Issue 1489#1568
Implemented Route Testing for Issue 1489#1568Andrew-Bonner wants to merge 88 commits intoOpenEnergyDashboard:developmentfrom
Conversation
squid game
…tizer imports and tests"
…ss/failure responses
…fy sanitizer and patch XSS in success/failure responses"
up to date. package-lock.json and package.json should match now.
Cross Site Scripting fix.
Normalize all line endings to LF
Changed the installOED.sh file to generate randomized values for OED_TOKEN_SECRET and POSTGRES_PASSWORD, which are then stored in .env file. Changed docker.compose.yml to draw from the .env file if variables exist there. When in dev mode with the default values the user will be warned in the console when OED is started. Also implemented a warning for the mailing variables, if the method is set and a default remains in the rest the user will be warned in production.
Remove line endings fix, will be implemented separately.
Restoring default value of OED_PRODUCTION
Added meeting notes for the client meeting held on November 5, 2025, including agenda items and group progress updates.
Updated meeting notes with group progress and mentor suggestions.
Added meeting notes for the client meeting on November 12th, 2025.
Added meeting notes for client meeting on November 12th, 2025, detailing issues discussed and progress made.
Added each issue as a risk, with probability, impact, and solution.
Add a single instance before the tests
|
Thank you to @Andrew-Bonner for this PR. Two items:
I'm not going to review this PR until these two items are resolved. Please let me know if anything is not clear or you need something. |
@Andrew-Bonner I thought you had indicated to me a while back that this was ready for review. However, when I looked at it now it seems there are still extra changes in files. Did I make a mistake about it being ready? Do you know what is up? |
|
I just noticed that the associated issue this fixes is issue #1527 and not PR 1489 as in the description. If I'm correct then that should be updated so it properly closes the issue. |
7 participants
Description
This change adds tests that verify all user roles against the various authMiddleware functions for each route to ensure proper access control is enforced where required. The tests also include a check that scans all routes in OED to confirm they are covered. Additionally, the tests flag any routes that are either missing from the test suite or included in the tests but no longer exist in OED.
Fixes #1489
(In general, OED likes to have at least one issue associated with each pull request. Replace [issue] with the OED GitHub issue number. In the preview you will see an issue description if you hover over that number. You can create one yourself before doing this pull request. This is where details are normally given on what is being addressed. Note you should not use the word "Fixes" if it does not completely address the issue since the issue would automatically be closed on merging the pull request. In that case use "Partly Addresses #[issue].)
Type of change
(Check the ones that apply by placing an "x" instead of the space in the [ ] so it becomes [x])
Checklist
(Note what you have done by placing an "x" instead of the space in the [ ] so it becomes [x]. It is hoped you do all of them.)
Limitations
(Describe any issues that remain or work that should still be done.)