Cleanup and use masterkey middleware in FeaturesRouter.

spec/features.spec.js

@@ -1,4 +1,7 @@
-var features = require('../src/features')
+'use strict';
+
+var features = require('../src/features');
+const request = require("request");
 
 describe('features', () => {
   it('set and get features', (done) => {
@@ -23,4 +26,19 @@ describe('features', () => {
     expect(_features.test).toBeUndefined();
     done();
   });
+
+  it('requires the master key to get all schemas', done => {
+    request.get({
+      url: 'http://localhost:8378/1/features',
+      json: true,
+      headers: {
+        'X-Parse-Application-Id': 'test',
+        'X-Parse-REST-API-Key': 'rest'
+      }
+    }, (error, response, body) => {
+      expect(response.statusCode).toEqual(403);
+      expect(body.error).toEqual('unauthorized: master key is required');
+      done();
+    });
+  });
 });

src/Routers/FeaturesRouter.js

@@ -1,32 +1,13 @@
 import PromiseRouter from '../PromiseRouter';
-import {getFeatures} from '../features';
+import * as middleware from "../middlewares";
-
+import { getFeatures } from '../features';
-let masterKeyRequiredResponse = () => {
-  return Promise.resolve({
-    status: 401,
-    response: {error: 'master key not specified'},
-  })
-}
 
 export class FeaturesRouter extends PromiseRouter {
-  
   mountRoutes() {
-    this.route('GET','/features', (req) => {
+    this.route('GET','/features', middleware.promiseEnforceMasterKeyAccess, () => {
-      return this.handleGET(req);
+      return { response: {
-    });
-  }
-
-  handleGET(req) {
-    if (!req.auth.isMaster) {
-      return masterKeyRequiredResponse();
-    }
-    
-    return Promise.resolve({
-      response: {
         results: [getFeatures()]
-      }
+      } };
     });
   }
 }
-
-export default FeaturesRouter;