mirror of
https://github.com/NodeBB/NodeBB.git
synced 2025-10-30 02:25:55 +01:00
feat: v3 user email tests
This commit is contained in:
Julian Lam
15
test/user.js
15
test/user.js
@@ -20,6 +20,7 @@ const groups = require('../src/groups');
|
|||||||
const messaging = require('../src/messaging');
|
const messaging = require('../src/messaging');
|
||||||
const helpers = require('./helpers');
|
const helpers = require('./helpers');
|
||||||
const meta = require('../src/meta');
|
const meta = require('../src/meta');
|
||||||
|
const file = require('../src/file');
|
||||||
const socketUser = require('../src/socket.io/user');
|
const socketUser = require('../src/socket.io/user');
|
||||||
const apiUser = require('../src/api/users');
|
const apiUser = require('../src/api/users');
|
||||||
|
|
||||||
@@ -2849,4 +2850,18 @@ describe('User', () => {
|
|||||||
});
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
describe('User\'s', async () => {
|
||||||
|
let files;
|
||||||
|
|
||||||
|
before(async () => {
|
||||||
|
files = await file.walk(path.resolve(__dirname, './user'));
|
||||||
|
});
|
||||||
|
|
||||||
|
it('subfolder tests', () => {
|
||||||
|
files.forEach((filePath) => {
|
||||||
|
require(filePath);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
});
|
});
|
||||||
|
|||||||
107
test/user/emails.js
Normal file
107
test/user/emails.js
Normal file
@@ -0,0 +1,107 @@
|
|||||||
|
'use strict';
|
||||||
|
|
||||||
|
const assert = require('assert');
|
||||||
|
const nconf = require('nconf');
|
||||||
|
const util = require('util');
|
||||||
|
|
||||||
|
const db = require('../mocks/databasemock');
|
||||||
|
|
||||||
|
const helpers = require('../helpers');
|
||||||
|
|
||||||
|
const user = require('../../src/user');
|
||||||
|
const groups = require('../../src/groups');
|
||||||
|
|
||||||
|
describe('email confirmation (v3 api)', () => {
|
||||||
|
let userObj;
|
||||||
|
let jar;
|
||||||
|
const register = data => new Promise((resolve, reject) => {
|
||||||
|
helpers.registerUser(data, (err, jar, response, body) => {
|
||||||
|
if (err) {
|
||||||
|
return reject(err);
|
||||||
|
}
|
||||||
|
|
||||||
|
resolve({ jar, response, body });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
const login = util.promisify(helpers.loginUser);
|
||||||
|
|
||||||
|
before(async () => {
|
||||||
|
// If you're running this file directly, uncomment these lines
|
||||||
|
await register({
|
||||||
|
username: 'fake-user',
|
||||||
|
password: 'derpioansdosa',
|
||||||
|
email: 'b@c.com',
|
||||||
|
gdpr_consent: true,
|
||||||
|
});
|
||||||
|
|
||||||
|
({ body: userObj, jar } = await register({
|
||||||
|
username: 'email-test',
|
||||||
|
password: 'abcdef',
|
||||||
|
email: 'test@example.org',
|
||||||
|
gdpr_consent: true,
|
||||||
|
}));
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should have a pending validation', async () => {
|
||||||
|
const code = await db.get(`confirm:byUid:${userObj.uid}`);
|
||||||
|
assert.strictEqual(await user.email.isValidationPending(userObj.uid, 'test@example.org'), true);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should not list their email', async () => {
|
||||||
|
const { res, body } = await helpers.request('get', `/api/v3/users/${userObj.uid}/emails`, {
|
||||||
|
jar,
|
||||||
|
json: true,
|
||||||
|
});
|
||||||
|
|
||||||
|
assert.strictEqual(res.statusCode, 200);
|
||||||
|
assert.deepStrictEqual(body, JSON.parse('{"status":{"code":"ok","message":"OK"},"response":{"emails":[]}}'));
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should not allow confirmation if they are not an admin', async () => {
|
||||||
|
const { res } = await helpers.request('post', `/api/v3/users/${userObj.uid}/emails/${encodeURIComponent('test@example.org')}/confirm`, {
|
||||||
|
jar,
|
||||||
|
json: true,
|
||||||
|
});
|
||||||
|
|
||||||
|
assert.strictEqual(res.statusCode, 403);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should not confirm an email that is not pending or set', async () => {
|
||||||
|
await groups.join('administrators', userObj.uid);
|
||||||
|
const { res, body } = await helpers.request('post', `/api/v3/users/${userObj.uid}/emails/${encodeURIComponent('fake@example.org')}/confirm`, {
|
||||||
|
jar,
|
||||||
|
json: true,
|
||||||
|
});
|
||||||
|
|
||||||
|
assert.strictEqual(res.statusCode, 404);
|
||||||
|
await groups.leave('administrators', userObj.uid);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should confirm their email (using the pending validation)', async () => {
|
||||||
|
await groups.join('administrators', userObj.uid);
|
||||||
|
const { res, body } = await helpers.request('post', `/api/v3/users/${userObj.uid}/emails/${encodeURIComponent('test@example.org')}/confirm`, {
|
||||||
|
jar,
|
||||||
|
json: true,
|
||||||
|
});
|
||||||
|
|
||||||
|
assert.strictEqual(res.statusCode, 200);
|
||||||
|
assert.deepStrictEqual(body, JSON.parse('{"status":{"code":"ok","message":"OK"},"response":{}}'));
|
||||||
|
await groups.leave('administrators', userObj.uid);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should still confirm the email (as email is set in user hash)', async () => {
|
||||||
|
await user.email.remove(userObj.uid);
|
||||||
|
await user.setUserField(userObj.uid, 'email', 'test@example.org');
|
||||||
|
({ jar } = await login('email-test', 'abcdef')); // email removal logs out everybody
|
||||||
|
await groups.join('administrators', userObj.uid);
|
||||||
|
|
||||||
|
const { res, body } = await helpers.request('post', `/api/v3/users/${userObj.uid}/emails/${encodeURIComponent('test@example.org')}/confirm`, {
|
||||||
|
jar,
|
||||||
|
json: true,
|
||||||
|
});
|
||||||
|
|
||||||
|
assert.strictEqual(res.statusCode, 200);
|
||||||
|
assert.deepStrictEqual(body, JSON.parse('{"status":{"code":"ok","message":"OK"},"response":{}}'));
|
||||||
|
await groups.leave('administrators', userObj.uid);
|
||||||
|
});
|
||||||
|
});
|
||||||
Reference in New Issue
Block a user