From e32cd31ec6fb6688d95dfd3040b94f575377bba1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bar=C4=B1=C5=9F=20Soner=20U=C5=9Fakl=C4=B1?= Date: Wed, 25 Nov 2020 14:33:19 -0500 Subject: [PATCH] fix: #8918 --- src/api/users.js | 6 +++--- src/socket.io/user.js | 1 + test/user.js | 35 +++++++++++++++++++++++------------ 3 files changed, 27 insertions(+), 15 deletions(-) diff --git a/src/api/users.js b/src/api/users.js index 4256ca8634..8080a9ca0d 100644 --- a/src/api/users.js +++ b/src/api/users.js @@ -82,15 +82,15 @@ usersAPI.update = async function (caller, data) { }; usersAPI.delete = async function (caller, { uid, password }) { - processDeletion({ uid: uid, method: 'delete', password, caller }); + await processDeletion({ uid: uid, method: 'delete', password, caller }); }; usersAPI.deleteContent = async function (caller, { uid, password }) { - processDeletion({ uid, method: 'deleteContent', password, caller }); + await processDeletion({ uid, method: 'deleteContent', password, caller }); }; usersAPI.deleteAccount = async function (caller, { uid, password }) { - processDeletion({ uid, method: 'deleteAccount', password, caller }); + await processDeletion({ uid, method: 'deleteAccount', password, caller }); }; usersAPI.deleteMany = async function (caller, data) { diff --git a/src/socket.io/user.js b/src/socket.io/user.js index b9ba83097d..ed7466a377 100644 --- a/src/socket.io/user.js +++ b/src/socket.io/user.js @@ -37,6 +37,7 @@ SocketUser.exists = async function (socket, data) { SocketUser.deleteAccount = async function (socket, data) { sockets.warnDeprecated(socket, 'DELETE /api/v3/users/:uid/account'); + data.uid = socket.uid; await api.users.deleteAccount(socket, data); }; diff --git a/test/user.js b/test/user.js index 02e3d010f8..f87fe2bfe5 100644 --- a/test/user.js +++ b/test/user.js @@ -1593,18 +1593,29 @@ describe('User', function () { }); }); - it('should delete user', function (done) { - User.create({ username: 'tobedeleted' }, function (err, _uid) { - assert.ifError(err); - socketUser.deleteAccount({ uid: _uid }, {}, function (err) { - assert.ifError(err); - socketUser.exists({ uid: testUid }, { username: 'doesnot exist' }, function (err, exists) { - assert.ifError(err); - assert(!exists); - done(); - }); - }); - }); + it('should delete user', async function () { + const uid = await User.create({ username: 'willbedeleted' }); + await socketUser.deleteAccount({ uid: uid }, {}); + const exists = await socketUser.exists({ uid: testUid }, { username: 'willbedeleted' }); + assert(!exists); + }); + + it('should fail to delete user with wrong password', async function () { + const uid = await User.create({ username: 'willbedeletedpwd', password: '123456' }); + let err; + try { + await socketUser.deleteAccount({ uid: uid }, { password: '654321' }); + } catch (_err) { + err = _err; + } + assert.strictEqual(err.message, '[[error:invalid-password]]'); + }); + + it('should delete user with correct password', async function () { + const uid = await User.create({ username: 'willbedeletedcorrectpwd', password: '123456' }); + await socketUser.deleteAccount({ uid: uid }, { password: '123456' }); + const exists = await User.exists(uid); + assert(!exists); }); it('should fail to delete user if account deletion is not allowed', async function () {