juice-shop
37 строк · 1.1 Кб
1/*
2* Copyright (c) 2014-2024 Bjoern Kimminich & the OWASP Juice Shop contributors.
3* SPDX-License-Identifier: MIT
4*/
5
6import frisby = require('frisby')
7const Joi = frisby.Joi
8
9const REST_URL = 'http://localhost:3000/rest'
10
11describe('/rest/track-order/:id', () => {
12it('GET tracking results for the order id', () => {
13return frisby.get(REST_URL + '/track-order/5267-f9cd5882f54c75a3')
14.expect('status', 200)
15.expect('json', {})
16})
17
18it('GET all orders by injecting into orderId', () => {
19const product = Joi.object().keys({
20quantity: Joi.number(),
21name: Joi.string(),
22price: Joi.number(),
23total: Joi.number()
24})
25return frisby.get(REST_URL + '/track-order/%27%20%7C%7C%20true%20%7C%7C%20%27')
26.expect('status', 200)
27.expect('header', 'content-type', /application\/json/)
28.expect('jsonTypes', 'data.*', {
29orderId: Joi.string(),
30email: Joi.string(),
31totalPrice: Joi.number(),
32products: Joi.array().items(product),
33eta: Joi.string(),
34_id: Joi.string()
35})
36})
37})
38