README.md

 # My Application
 
 The project is generated by [LoopBack](http://loopback.io).
+
+## Setup
+
+1) You should create a PostgreSQL database, and change de SMPPIR_CheckIn2 connection in the file `server/datasources.json`
+
+2) Temporarily change the first acls rule from `common/end_user.json` from `DENY` to `ALLOW` 
+
+3) Create the admin user following the example 
+
+
+```bash
+curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' -d '{ \ 
+       "name": "Administrador Supimpa", \ 
+       "email": "abc%40admin.com", \ 
+       "permission": "admin", \ 
+       "registration": "NMBR#123456789", \ 
+       "username": "admin", \ 
+       "password": "admin" \ 
+     }' 'http://localhost:3000/api/end_users'
+
+```
+
+4) Now that you created an admin, we can reverse what we made in the 2nd step. To do so, it is needed that you change the first acls rule from the file `common/end_user.json` from `DENY` to `ALLOW`
+
+5) Now, access you API URL under the route `/explorer`
+
+6) Log in using the route `POST /end_users_login` and the information that you used to create the admin
+
+Example:
+
+```json
+{
+  "email": "abc@admin.com",
+  "password": "admin"
+}
+```
+The result will be something similar to:
+```json
+{
+  "result": {
+    "id": "2AMlMt9SaMGtjqvi1mjxOWx5Leq8vZgIUOA2vBwTORFAhbmIhgVwRpSICRB7xARE",
+    "ttl": 1209600,
+    "created": "2018-06-04T13:14:02.316Z",
+    "userId": 1
+  }
+}
+```
+
+
+7) Copy the id resulted of this query and set the Acces token in the top of the page
+
+8) Now create an user's account using the route `POST /end_user` and:
+
+```json
+{
+    "name": "Usuário Incial",
+    "email": "user@user.com",
+    "permission": "user",
+    "registration": "USR#123",
+    "username": "user",
+    "password": "user"
+}
+```
+
+9)  Create a category type using the route `POST /categories` and:
+
+```json
+{
+  "category_name": "Categoria teste",
+  "category_description": "Categoria usada para testar funcionalidades"
+}
\ No newline at end of file

common/models/category.json

@@ -27,6 +27,31 @@
       "foreignKey": "id"
     }
   },
-  "acls": [],
+  "acls": [
+    {
+      "accessType": "*",
+      "principalType": "ROLE",
+      "principalId": "$everyone",
+      "permission": "DENY"
+    },
+    {
+      "accessType": "READ",
+      "principalType": "ROLE",
+      "principalId": "$everyone",
+      "permission": "ALLOW"
+    },
+    {
+      "accessType": "*",
+      "principalType": "ROLE",
+      "principalId": "admin",
+      "permission": "ALLOW"
+    },
+    {
+      "accessType": "count",
+      "principalType": "ROLE",
+      "principalId": "$authenticated",
+      "permission": "ALLOW"
+    }
+  ],
   "methods": {}
 }

common/models/end_user.json

@@ -21,6 +21,10 @@
     },
     "registration": {
       "type": "string"
+    },
+    "name": {
+      "type": "string",
+      "required": true
     }
   },
   "validations": [],
@@ -36,6 +40,31 @@
       "foreignKey": "id"
     }
   },
-  "acls": [],
+  "acls": [
+    {
+      "accessType": "*",
+      "principalType": "ROLE",
+      "principalId": "$everyone",
+      "permission": "DENY"
+    },
+    {
+      "accessType": "READ",
+      "principalType": "ROLE",
+      "principalId": "$owner",
+      "permission": "ALLOW"
+    },
+    {
+      "accessType": "EXECUTE",
+      "principalType": "ROLE",
+      "principalId": "$owner",
+      "permission": "ALLOW"
+    },
+    {
+      "accessType": "*",
+      "principalType": "ROLE",
+      "principalId": "admin",
+      "permission": "ALLOW"
+    }
+  ],
   "methods": {}
 }

common/models/geolocation.json

@@ -17,17 +17,17 @@
     },
     "latitude": {
       "type": "number",
+      "required": true,
       "postgresql": {
         "dataType": "float"
-      },
-      "required": true
+      }
     },
     "longitude": {
       "type": "number",
+      "required": true,
       "postgresql": {
         "dataType": "float"
-      },
-      "required": true
+      }
     },
     "android_id": {
       "type": "string"
@@ -40,7 +40,7 @@
     },
     "user_id": {
       "type": "number",
-      "required": true
+      "required": false
     }
   },
   "validations": [],
@@ -56,6 +56,32 @@
       "foreignKey": "id"
     }
   },
-  "acls": [],
+  "acls": [
+    {
+      "accessType": "*",
+      "principalType": "ROLE",
+      "principalId": "$everyone",
+      "permission": "DENY"
+    },
+    {
+      "accessType": "READ",
+      "principalType": "ROLE",
+      "principalId": "$everyone",
+      "permission": "ALLOW"
+    },
+    {
+      "accessType": "*",
+      "principalType": "ROLE",
+      "principalId": "admin",
+      "permission": "ALLOW"
+    },
+    {
+      "accessType": "EXECUTE",
+      "principalType": "ROLE",
+      "principalId": "$everyone",
+      "permission": "ALLOW",
+      "property": "create"
+    }
+  ],
   "methods": {}
 }

enviroment.js

+const URL = 'http://localhost:3000/api/';
+
+const randomLowerCase = function() {
+  let possible = 'abcdefghijklmnopqrstuvwxyz';
+  return (possible.charAt(Math.floor(Math.random() * possible.length)));
+};
+
+const randomUpperCase = function() {
+  let possible = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
+  return (possible.charAt(Math.floor(Math.random() * possible.length)));
+};
+
+const randomNumber = function(min, max) {
+  min = Math.ceil(min);
+  max = Math.floor(max);
+  return (Math.floor(Math.random() * (max - min + 1)) + min);
+};
+
+const randomWord = function(num, allUpper = false, firstUpper = false) {
+  let word = '';
+  for (let i = 0; i < num; i++) {
+    if (!allUpper) {
+      if (i == 0 && firstUpper) {
+        word = word + randomUpperCase();
+      } else {
+        word = word + randomLowerCase();
+      }
+    } else {
+      word = word + randomUpperCase();
+    }
+  }
+  return word;
+};
+
+const randomId = function(num) {
+  let word = '';
+  for (let i = 0; i < num; i++) {
+    if (randomNumber(0, 1) == 0) {
+      word = word + randomNumber(0, 9);
+    } else {
+      word = word + randomLowerCase();
+    }
+  }
+  return word;
+};
+
+module.exports = {
+  URL,
+  randomLowerCase,
+  randomUpperCase,
+  randomNumber,
+  randomWord,
+  randomId,
+};

package-lock.json

@@ -142,6 +142,12 @@
       "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz",
       "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU="
     },
+    "assertion-error": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/assertion-error/-/assertion-error-1.1.0.tgz",
+      "integrity": "sha512-jgsaNduz+ndvGyFt3uSuWqvy4lCnIJiovtouQN5JZHOKCS2QuhEdbcQHFhVksz2N2U9hXJo8odG7ETyWlEeuDw==",
+      "dev": true
+    },
     "async": {
       "version": "2.6.1",
       "resolved": "https://registry.npmjs.org/async/-/async-2.6.1.tgz",
@@ -374,6 +380,45 @@
       "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz",
       "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw="
     },
+    "chai": {
+      "version": "3.5.0",
+      "resolved": "https://registry.npmjs.org/chai/-/chai-3.5.0.tgz",
+      "integrity": "sha1-TQJjewZ/6Vi9v906QOxW/vc3Mkc=",
+      "dev": true,
+      "requires": {
+        "assertion-error": "^1.0.1",
+        "deep-eql": "^0.1.3",
+        "type-detect": "^1.0.0"
+      }
+    },
+    "chai-as-promised": {
+      "version": "5.3.0",
+      "resolved": "https://registry.npmjs.org/chai-as-promised/-/chai-as-promised-5.3.0.tgz",
+      "integrity": "sha1-CdekApCKpw39vq1T5YU/x50+8hw=",
+      "dev": true
+    },
+    "chai-subset": {
+      "version": "1.6.0",
+      "resolved": "https://registry.npmjs.org/chai-subset/-/chai-subset-1.6.0.tgz",
+      "integrity": "sha1-pdDKFOMpp5WW7XAFi2ZGvWmIz+k=",
+      "dev": true
+    },
+    "chakram": {
+      "version": "1.5.0",
+      "resolved": "https://registry.npmjs.org/chakram/-/chakram-1.5.0.tgz",
+      "integrity": "sha1-PYsKiPdo3WraWSpSRmPMDcFKwc8=",
+      "dev": true,
+      "requires": {
+        "chai": "3.x.x",
+        "chai-as-promised": "5.x.x",
+        "chai-subset": "1.x.x",
+        "extend-object": "1.x.x",
+        "q": "1.x.x",
+        "request": "2.x.x",
+        "request-debug": "0.x.x",
+        "tv4": "1.x.x"
+      }
+    },
     "chalk": {
       "version": "2.4.1",
       "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.1.tgz",
@@ -722,6 +767,23 @@
       "integrity": "sha1-9lNNFRSCabIDUue+4m9QH5oZEpA=",
       "dev": true
     },
+    "deep-eql": {
+      "version": "0.1.3",
+      "resolved": "https://registry.npmjs.org/deep-eql/-/deep-eql-0.1.3.tgz",
+      "integrity": "sha1-71WKyrjeJSBs1xOQbXTlaTDrafI=",
+      "dev": true,
+      "requires": {
+        "type-detect": "0.1.1"
+      },
+      "dependencies": {
+        "type-detect": {
+          "version": "0.1.1",
+          "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-0.1.1.tgz",
+          "integrity": "sha1-C6XsKohWQORw6k6FBZcZANrFiCI=",
+          "dev": true
+        }
+      }
+    },
     "deep-equal": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/deep-equal/-/deep-equal-1.0.1.tgz",
@@ -1473,6 +1535,12 @@
       "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.1.tgz",
       "integrity": "sha1-p1Xqe8Gt/MWjHOfnYtuq3F5jZEQ="
     },
+    "extend-object": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/extend-object/-/extend-object-1.0.0.tgz",
+      "integrity": "sha1-QlFPhAFdE1bK9Rh5ad+yvBvaCCM=",
+      "dev": true
+    },
     "external-editor": {
       "version": "2.2.0",
       "resolved": "https://registry.npmjs.org/external-editor/-/external-editor-2.2.0.tgz",
@@ -3179,6 +3247,12 @@
       "resolved": "https://registry.npmjs.org/punycode/-/punycode-1.3.2.tgz",
       "integrity": "sha1-llOgNvt8HuQjQvIyXM7v6jkmxI0="
     },
+    "q": {
+      "version": "1.5.1",
+      "resolved": "https://registry.npmjs.org/q/-/q-1.5.1.tgz",
+      "integrity": "sha1-fjL3W0E4EpHQRhHxvxQQmsAGUdc=",
+      "dev": true
+    },
     "qs": {
       "version": "6.5.2",
       "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz",
@@ -3336,6 +3410,15 @@
         }
       }
     },
+    "request-debug": {
+      "version": "0.2.0",
+      "resolved": "https://registry.npmjs.org/request-debug/-/request-debug-0.2.0.tgz",
+      "integrity": "sha1-/AVOyBcYGwTKQaBSwTb2HEirr3g=",
+      "dev": true,
+      "requires": {
+        "stringify-clone": "^1.0.0"
+      }
+    },
     "require-directory": {
       "version": "2.1.1",
       "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz",
@@ -3670,6 +3753,12 @@
         "safe-buffer": "~5.1.0"
       }
     },
+    "stringify-clone": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/stringify-clone/-/stringify-clone-1.1.1.tgz",
+      "integrity": "sha1-MJojX7Ts/M19OI2+GLqQT6yvQzs=",
+      "dev": true
+    },
     "strip-ansi": {
       "version": "4.0.0",
       "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz",
@@ -3888,6 +3977,12 @@
         "safe-buffer": "^5.0.1"
       }
     },
+    "tv4": {
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/tv4/-/tv4-1.3.0.tgz",
+      "integrity": "sha1-0CDIRvrdUMhVq7JeuuzGj8EPeWM=",
+      "dev": true
+    },
     "tweetnacl": {
       "version": "0.14.5",
       "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz",
@@ -3902,6 +3997,12 @@
         "prelude-ls": "~1.1.2"
       }
     },
+    "type-detect": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-1.0.0.tgz",
+      "integrity": "sha1-diIXzAbbJY7EiQihKY6LlRIejqI=",
+      "dev": true
+    },
     "type-is": {
       "version": "1.6.16",
       "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.16.tgz",

package.json

@@ -8,7 +8,8 @@
   "scripts": {
     "lint": "eslint .",
     "start": "node .",
-    "posttest": "npm run lint && nsp check"
+    "posttest": "npm run lint && nsp check",
+    "tests": "mocha ./test"
   },
   "dependencies": {
     "compression": "^1.0.3",
@@ -22,6 +23,7 @@
     "strong-error-handler": "^2.0.0"
   },
   "devDependencies": {
+    "chakram": "^1.5.0",
     "eslint": "^3.17.1",
     "eslint-config-loopback": "^8.0.0",
     "nsp": "^3.2.1"

server/boot/access-control.js

@@ -21,7 +21,6 @@ module.exports = function(app) {
           });
         }   
 
-
         switch (context.modelName){
             case 'end_user':
                 break;
@@ -33,34 +32,20 @@ module.exports = function(app) {
                 return reject();
         }
 
-        // // if the target model is not project
-        // if (context.modelName !== 'project') {
-        //   return reject();
-        // }
-    
-        // do not allow anonymous users
         var userId = context.accessToken.userId;
         if (!userId) {
           return reject();
         }
   
-        // check if userId is in team table for the given project id
-        context.model.findById(context.modelId, function(err, model) {
-            if (err || !model)
+        context.model.findById(userId, function(err, model) {
+            app.models.EndUser.findById(userId, function(err2, user){
+                if ((err || !model ) && (err2 || !user))
                     return reject();
-        
-            var EndUser = app.models.EndUser;
-            EndUser.count({
-                ownerId: model.ownerId,
-                memberId: userId
-            }, function(err, count) {
-                if (err) {
-                    console.log(err);
-                    return cb(null, false);
-                }
-        
-                cb(null, count > 0); // true = is a team member
-            });
+                if(user.permission !== role)
+                    return reject();
+                else 
+                    return cb(null,true)
+            })            
         });
     });
 
@@ -83,34 +68,21 @@ module.exports = function(app) {
                 return reject();
         }
 
-        // // if the target model is not project
-        // if (context.modelName !== 'project') {
-        //   return reject();
-        // }
-
-        // do not allow anonymous users
         var userId = context.accessToken.userId;
         if (!userId) {
           return reject();
         }
   
-        // check if userId is in team table for the given project id
-        context.model.findById(context.modelId, function(err, model) {
-            if (err || !model)
-                return reject();
-
-            var EndUser = app.models.EndUser;
-            EndUser.count({
-                ownerId: model.ownerId,
-                memberId: userId
-            }, function(err, count) {
-                if (err) {
-                    console.log(err);
-                    return cb(null, false);
-                }
+        context.model.findById(userId, function(err, model) {
 
-                cb(null, count > 0); // true = is a team member
-            });
+            app.models.EndUser.findById(userId, function(err2, user){
+                if ((err || !model ) && (err2 || !user))
+                    return reject();
+                if(user.permission !== role)
+                    return reject();
+                else 
+                    return cb(null,true)
+            })            
         });
     });
   };
\ No newline at end of file

server/boot/authentication.js

@@ -2,5 +2,5 @@
 
 module.exports = function enableAuthentication(server) {
   // enable authentication
-  // server.enableAuth();
+  server.enableAuth();
 };

server/boot/hook.js

+module.exports = function(server) {
+    var remotes = server.remotes();
+    // modify all returned values
+    remotes.after('**', function (ctx, next) {
+      ctx.result = {
+        result: ctx.result
+      };
+  
+      next();
+    });
+  };
\ No newline at end of file

test/account.js

+var chakram = require('chakram'), expect = chakram.expect;
+var env = require('../enviroment');
+const URL = env.URL;
+
+describe('Account', function() {
+  it('should create an admin account', function() {
+    let name = env.randomWord(env.randomNumber(1, 25));
+    let testObject = {
+      'email': `${name}@admin.com`,
+      'permission': 'admin',
+      'registration': 'NMBR#123456789',
+      'username': `${name}`,
+      'name': `${name.replace(/\b\w/g, l => l.toUpperCase())}`,
+      'password': 'admin',
+    };
+    return chakram.post(`${URL}end_users`, testObject).then(function(myResponse) {
+      expect(myResponse).to.have.status(200);
+      expect(myResponse.body.result.permission).to.contain('admin');
+    });
+  });
+  it('should create an user account', function() {
+    let name = env.randomWord(env.randomNumber(1, 25));
+    let testObject = {
+      'email': `${name}@enduser.com`,
+      'permission': 'user',
+      'registration': 'NMBR#321654987',
+      'username': `${name}`,
+      'name': `${name.replace(/\b\w/g, l => l.toUpperCase())}`,
+      'password': 'end_user',
+    };
+    return chakram.post(`${URL}end_users`, testObject).then(function(myResponse) {
+      expect(myResponse).to.have.status(200);
+      expect(myResponse.body.result.permission).to.contain('user');
+    });
+  });
+  it('should login to an admin account', function() {
+    let testObject = {
+      'email': 'abc@admin.com',
+      'password': 'admin',
+    };
+    return chakram.post(`${URL}end_users/login`, testObject).then(function(myResponse) {
+      expect(myResponse).to.have.status(200);
+      expect(myResponse.body.result).to.be.a('object');
+    });
+  });
+  it('should login to an user account', function() {
+    let testObject = {
+      'email': 'user@user.com',
+      'password': 'user',
+    };
+    return chakram.post(`${URL}end_users/login`, testObject).then(function(myResponse) {
+      expect(myResponse).to.have.status(200);
+      expect(myResponse.body.result).to.be.a('object');
+    });
+  });
+  it('should logout', function() {
+    let testObject = {
+      'email': 'user@user.com',
+      'password': 'user',
+    };
+    return chakram.post(`${URL}end_users/login`, testObject).then(function(myResponse) {
+      return chakram.post(`${URL}end_users/logout?access_token=${myResponse.body.result.id}`).then(function(myResponse2) {
+        expect(myResponse2).to.have.status(200);
+      });
+    });
+  });
+});

test/category.js

+var chakram = require('chakram'), expect = chakram.expect;
+var env = require('../enviroment');
+const URL = env.URL;
+
+describe('Categories', function() {
+  it('should return all categories', function() {
+    return chakram.get(`${URL}categories`).then(function(myResponse) {
+      expect(myResponse).to.have.status(200);
+      expect(myResponse.body.result).to.be.a('array');
+    });
+  });
+  it('should return one category', function() {
+    return chakram.get(`${URL}categories`).then(function(myResponse) {
+      let category = myResponse.body.result[0];
+      return chakram.get(`${URL}categories/${myResponse.body.result[0].id}`).then(function(myResponse2) {
+        expect(myResponse2).to.have.status(200);
+        expect(myResponse2.body.result.category_name).to.contain(category.category_name);
+      });
+    });
+  });
+  it('should try to create a new category', function() {
+    let testObject = {
+      'category_name': 'Terreiro',
+      'category_description': 'Lugar que mantém as tradições dos afrodescendentes',
+    };
+    return chakram.post(`${URL}categories`, testObject).then(function(myResponse) {
+      expect(myResponse).to.have.status(401);
+      expect(myResponse.body.error.code).to.contain('AUTHORIZATION_REQUIRED');
+    });
+  });
+  it('should try to create a new category as user', function(){
+    let testObject = {
+      'email': 'user@user.com',
+      'password': 'user',
+    };
+
+    let testObject2 = {
+      'category_name': 'Terreiro',
+      'category_description': 'Lugar que mantém as tradições dos afrodescendentes',
+    };
+    return chakram.post(`${URL}end_users/login`, testObject).then(function(myResponse) {
+      return chakram.post(`${URL}categories?access_token=${myResponse.body.result.id}`, testObject2).then(function(myResponse2) {
+        expect(myResponse2).to.have.status(401);
+        expect(myResponse2.body.error.code).to.contain('AUTHORIZATION_REQUIRED');
+      });
+    });
+  });
+  it('should create a new category as admin', function() {
+    let testObject = {
+      'email': 'abc@admin.com',
+      'password': 'admin',
+    };
+
+    let testObject2 = {
+      'category_name': 'Terreiro' + env.randomWord(15, true),
+      'category_description': 'Lugar que mantém as tradições dos afrodescendentes',
+    };
+    return chakram.post(`${URL}end_users/login`, testObject).then(function(myResponse) {
+      return chakram.post(`${URL}categories?access_token=${myResponse.body.result.id}`, testObject2).then(function(myResponse2) {
+        expect(myResponse2).to.have.status(200);
+        expect(myResponse2.body.result).to.be.a('object');
+      });
+    });
+  });
+});

test/geolocation.js

+var chakram = require('chakram'), expect = chakram.expect;
+var env = require('../enviroment');
+const URL = env.URL;
+
+describe('Geolocation', function() {
+  it('should create a geolocation as an android user', function() {
+    let credential = {
+      'email': 'user@user.com',
+      'password': 'user',
+    };
+    return chakram.post(`${URL}end_users/login`, credential).then(function(loginResponse) {
+      let testObject = {
+        'category_id': 1,
+        'geolocation_name': env.randomWord(10),
+        'latitude': 10.2123,
+        'longitude': 112.2124214,
+        'when_sent': new Date(Date.now()),
+        'android_id': env.randomId(20),
+        'user_id': loginResponse.body.result.userId,
+        'description_location': env.randomWord(6, false, true) + ' ' + env.randomWord(6),
+      };
+      return chakram.post(`${URL}geolocations`, testObject).then(function(myResponse) {
+        expect(myResponse).to.have.status(200);
+        expect(myResponse.body.result).to.be.a('object');
+      });
+    });
+  });
+  it('should create a geolocation as a logged user', function() {
+    let testObject = {
+      'category_id': 1,
+      'geolocation_name': env.randomWord(10),
+      'latitude': 116.2123,
+      'longitude': 50.2124214,
+      'when_sent': new Date(Date.now()),
+      'description_location': env.randomWord(6, false, true) + ' ' + env.randomWord(6),
+    };
+    return chakram.post(`${URL}geolocations`, testObject).then(function(myResponse) {
+      expect(myResponse).to.have.status(200);
+      expect(myResponse.body.result).to.be.a('object');
+    });
+  });
+  it('should return all geolocations', function() {
+    return chakram.get(`${URL}geolocations`).then(function(myResponse) {
+      expect(myResponse).to.have.status(200);
+      expect(myResponse.body.result).to.be.a('array');
+    });
+  });
+  it('should return one geolocation', function() {
+    return chakram.get(`${URL}geolocations`).then(function(myResponse) {
+      let geolocation = myResponse.body.result[0];
+      return chakram.get(`${URL}geolocations/${myResponse.body.result[0].id}`).then(function(myResponse2) {
+        expect(myResponse2).to.have.status(200);
+        expect(myResponse2.body.result.geolocation_name).to.contain(geolocation.geolocation_name);
+      });
+    });
+  });
+  it('should try to remove one geolocation', function() {
+    return chakram.get(`${URL}geolocations`).then(function(myResponse) {
+      let id = myResponse.body.result[0].id;
+      return chakram.delete(`${URL}geolocations/${id}`).then(function(myResponse2) {
+        expect(myResponse2).to.have.status(401);
+        expect(myResponse2.body.error.code).to.contain('AUTHORIZATION_REQUIRED');
+      });
+    });
+  });
+});
+