Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-26 16:46:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: broken tests from api change

Browse Source
This commit is contained in:
Julian Lam
2020-10-15 19:33:20 -04:00
parent 2d252f2fa4
commit 222b4c9533
2 changed files with 19 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/api/users.js
View File

@@ -23,19 +23,28 @@ usersAPI.create = async function (caller, data) {
};
usersAPI.update = async function (caller, data) {
if (!caller.uid) {
throw new Error('[[error:invalid-uid]]');
}
if (!data || !data.uid) {
throw new Error('[[error:invalid-data]]');
}
const oldUserData = await user.getUserFields(data.uid, ['email', 'username']);
if (!oldUserData || !oldUserData.username) {
throw new Error('[[error:invalid-data]]');
}
const [isAdminOrGlobalMod, canEdit, passwordMatch] = await Promise.all([
const [isAdminOrGlobalMod, canEdit, hasPassword, passwordMatch] = await Promise.all([
user.isAdminOrGlobalMod(caller.uid),
privileges.users.canEdit(caller.uid, data.uid),
user.hasPassword(data.uid),
data.password ? user.isPasswordCorrect(data.uid, data.password, caller.ip) : false,
]);
// Changing own email/username requires password confirmation
if (['email', 'username'].some(prop => Object.keys(data).includes(prop)) && !isAdminOrGlobalMod && caller.uid === data.uid && !passwordMatch) {
if (['email', 'username'].some(prop => Object.keys(data).includes(prop)) && !isAdminOrGlobalMod && caller.uid === data.uid && hasPassword && !passwordMatch) {
throw new Error('[[error:invalid-password]]');
}
@@ -69,6 +78,8 @@ usersAPI.update = async function (caller, data) {
if (userData.username !== oldUserData.username) {
await log('username-change', { oldUsername: oldUserData.username, newUsername: userData.username });
}
return userData;
};
usersAPI.delete = async function (caller, data) {

7
test/user.js
View File

@@ -805,6 +805,7 @@ describe('User', function () {
groupTitle: 'testGroup',
birthday: '01/01/1980',
signature: 'nodebb is good',
password: '123456',
};
socketUser.updateProfile({ uid: uid }, data, function (err, result) {
assert.ifError(err);
@@ -816,7 +817,11 @@ describe('User', function () {
db.getObject('user:' + uid, function (err, userData) {
assert.ifError(err);
Object.keys(data).forEach(function (key) {
assert.equal(data[key], userData[key]);
if (key !== 'password') {
assert.equal(data[key], userData[key]);
} else {
assert(userData[key].startsWith('$2a$'));
}
});
done();
});