Refrezsh:
There is also an option to test private points using an API key with full or partial access. Maybe it will be useful for someone. The key can be created in the global scope or in the test scope
const getRandomID = () => {
return Math.round(Math.random() * 10000).toString();
};
const getFullAPIToken = async () => {
const tokenService = strapi.service("admin::api-token");
const attributes = {
name: `token${getRandomID()}`,
description: "",
type: "full-access",
lifespan: null,
};
const apiToken = await tokenService.create(attributes);
return apiToken.accessKey;
};
// Test
let token;
beforeAll(async () => {
token = await getFullAPIToken();
});
it("should get categories", async () => {
await request(strapi.server.httpServer)
.get("/api/category-list")
.set("accept", "application/json")
.set("Authorization", `Bearer ${token}`)
.expect("Content-Type", /json/)
.expect(200)
});
Thanks for the code snippet for the getFullAPIToken(), it’s really helpful for API token related tests.
Curious on how I can add specific permissions to my API token, let’s say only add api::restaurant.restaurant.find if type of my API token is custom (if there’s such value).
1 Like