Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-26 16:46:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: broken tests from api change

Browse Source
This commit is contained in:
Julian Lam
2020-10-15 19:33:20 -04:00
parent 2d252f2fa4
commit 222b4c9533
2 changed files with 19 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/api/users.js
View File

@@ -23,19 +23,28 @@ usersAPI.create = async function (caller, data) {
}; };
usersAPI.update = async function (caller, data) { usersAPI.update = async function (caller, data) {
if (!caller.uid) {
throw new Error('[[error:invalid-uid]]');
}
if (!data || !data.uid) {
throw new Error('[[error:invalid-data]]');
}
const oldUserData = await user.getUserFields(data.uid, ['email', 'username']); const oldUserData = await user.getUserFields(data.uid, ['email', 'username']);
if (!oldUserData || !oldUserData.username) { if (!oldUserData || !oldUserData.username) {
throw new Error('[[error:invalid-data]]'); throw new Error('[[error:invalid-data]]');
} }
const [isAdminOrGlobalMod, canEdit, passwordMatch] = await Promise.all([ const [isAdminOrGlobalMod, canEdit, hasPassword, passwordMatch] = await Promise.all([
user.isAdminOrGlobalMod(caller.uid), user.isAdminOrGlobalMod(caller.uid),
privileges.users.canEdit(caller.uid, data.uid), privileges.users.canEdit(caller.uid, data.uid),
user.hasPassword(data.uid),
data.password ? user.isPasswordCorrect(data.uid, data.password, caller.ip) : false, data.password ? user.isPasswordCorrect(data.uid, data.password, caller.ip) : false,
]); ]);
// Changing own email/username requires password confirmation // Changing own email/username requires password confirmation
if (['email', 'username'].some(prop => Object.keys(data).includes(prop)) && !isAdminOrGlobalMod && caller.uid === data.uid && !passwordMatch) { if (['email', 'username'].some(prop => Object.keys(data).includes(prop)) && !isAdminOrGlobalMod && caller.uid === data.uid && hasPassword && !passwordMatch) {
throw new Error('[[error:invalid-password]]'); throw new Error('[[error:invalid-password]]');
} }
@@ -69,6 +78,8 @@ usersAPI.update = async function (caller, data) {
if (userData.username !== oldUserData.username) { if (userData.username !== oldUserData.username) {
await log('username-change', { oldUsername: oldUserData.username, newUsername: userData.username }); await log('username-change', { oldUsername: oldUserData.username, newUsername: userData.username });
} }
return userData;
}; };
usersAPI.delete = async function (caller, data) { usersAPI.delete = async function (caller, data) {

7
test/user.js
View File

@@ -805,6 +805,7 @@ describe('User', function () {
groupTitle: 'testGroup', groupTitle: 'testGroup',
birthday: '01/01/1980', birthday: '01/01/1980',
signature: 'nodebb is good', signature: 'nodebb is good',
password: '123456',
}; };
socketUser.updateProfile({ uid: uid }, data, function (err, result) { socketUser.updateProfile({ uid: uid }, data, function (err, result) {
assert.ifError(err); assert.ifError(err);
@@ -816,7 +817,11 @@ describe('User', function () {
db.getObject('user:' + uid, function (err, userData) { db.getObject('user:' + uid, function (err, userData) {
assert.ifError(err); assert.ifError(err);
Object.keys(data).forEach(function (key) { Object.keys(data).forEach(function (key) {
assert.equal(data[key], userData[key]); if (key !== 'password') {
assert.equal(data[key], userData[key]);
} else {
assert(userData[key].startsWith('$2a$'));
}
}); });
done(); done();
}); });