nodebb/test/groups.js

'use strict';

const assert = require('assert');
const async = require('async');
const fs = require('fs');
const path = require('path');
const nconf = require('nconf');

const db = require('./mocks/databasemock');
const helpers = require('./helpers');
const Groups = require('../src/groups');
const User = require('../src/user');
const utils = require('../src/utils');
const socketGroups = require('../src/socket.io/groups');
const apiGroups = require('../src/api/groups');
const meta = require('../src/meta');
const navigation = require('../src/navigation/admin');


describe('Groups', () => {
	let adminUid;
	let testUid;
	before(async () => {
		const navData = require('../install/data/navigation.json');
		await navigation.save(navData);

		await Groups.create({
			name: 'Test',
			description: 'Foobar!',
		});

		await Groups.create({
			name: 'PrivateNoJoin',
			description: 'Private group',
			private: 1,
			disableJoinRequests: 1,
		});

		await Groups.create({
			name: 'PrivateCanJoin',
			description: 'Private group',
			private: 1,
			disableJoinRequests: 0,
		});

		await Groups.create({
			name: 'PrivateNoLeave',
			description: 'Private group',
			private: 1,
			disableLeave: 1,
		});

		await Groups.create({
			name: 'Global Moderators',
			userTitle: 'Global Moderator',
			description: 'Forum wide moderators',
			hidden: 0,
			private: 1,
			disableJoinRequests: 1,
		});

		// Also create a hidden group
		await Groups.join('Hidden', 'Test');
		// create another group that starts with test for search/sort
		await Groups.create({ name: 'Test2', description: 'Foobar!' });

		testUid = await User.create({
			username: 'testuser',
			email: '[email protected]',
		});

		adminUid = await User.create({
			username: 'admin',
			email: '[email protected]',
			password: '123456',
		});
		await Groups.join('administrators', adminUid);
	});

	describe('.list()', () => {
		it('should list the groups present', (done) => {
			Groups.getGroupsFromSet('groups:visible:createtime', 0, -1, (err, groups) => {
				assert.ifError(err);
				assert.equal(groups.length, 5);
				done();
			});
		});
	});

	describe('.get()', () => {
		before((done) => {
			Groups.join('Test', testUid, done);
		});

		it('with no options, should show group information', (done) => {
			Groups.get('Test', {}, (err, groupObj) => {
				assert.ifError(err);
				assert.equal(typeof groupObj, 'object');
				assert(Array.isArray(groupObj.members));
				assert.strictEqual(groupObj.name, 'Test');
				assert.strictEqual(groupObj.description, 'Foobar!');
				assert.strictEqual(groupObj.memberCount, 1);
				assert.equal(typeof groupObj.members[0], 'object');

				done();
			});
		});

		it('should return null if group does not exist', (done) => {
			Groups.get('doesnotexist', {}, (err, groupObj) => {
				assert.ifError(err);
				assert.strictEqual(groupObj, null);
				done();
			});
		});
	});

	describe('.search()', () => {
		const socketGroups = require('../src/socket.io/groups');

		it('should return empty array if query is falsy', (done) => {
			Groups.search(null, {}, (err, groups) => {
				assert.ifError(err);
				assert.equal(0, groups.length);
				done();
			});
		});

		it('should return the groups when search query is empty', (done) => {
			socketGroups.search({ uid: adminUid }, { query: '' }, (err, groups) => {
				assert.ifError(err);
				assert.equal(5, groups.length);
				done();
			});
		});

		it('should return the "Test" group when searched for', (done) => {
			socketGroups.search({ uid: adminUid }, { query: 'test' }, (err, groups) => {
				assert.ifError(err);
				assert.equal(2, groups.length);
				assert.strictEqual('Test', groups[0].name);
				done();
			});
		});

		it('should return the "Test" group when searched for and sort by member count', (done) => {
			Groups.search('test', { filterHidden: true, sort: 'count' }, (err, groups) => {
				assert.ifError(err);
				assert.equal(2, groups.length);
				assert.strictEqual('Test', groups[0].name);
				done();
			});
		});

		it('should return the "Test" group when searched for and sort by creation time', (done) => {
			Groups.search('test', { filterHidden: true, sort: 'date' }, (err, groups) => {
				assert.ifError(err);
				assert.equal(2, groups.length);
				assert.strictEqual('Test', groups[1].name);
				done();
			});
		});

		it('should return all users if no query', (done) => {
			function createAndJoinGroup(username, email, callback) {
				async.waterfall([
					function (next) {
						User.create({ username: username, email: email }, next);
					},
					function (uid, next) {
						Groups.join('Test', uid, next);
					},
				], callback);
			}
			async.series([
				function (next) {
					createAndJoinGroup('newuser', '[email protected]', next);
				},
				function (next) {
					createAndJoinGroup('bob', '[email protected]', next);
				},
			], (err) => {
				assert.ifError(err);

				socketGroups.searchMembers({ uid: adminUid }, { groupName: 'Test', query: '' }, (err, data) => {
					assert.ifError(err);
					assert.equal(data.users.length, 3);
					done();
				});
			});
		});

		it('should search group members', (done) => {
			socketGroups.searchMembers({ uid: adminUid }, { groupName: 'Test', query: 'test' }, (err, data) => {
				assert.ifError(err);
				assert.strictEqual('testuser', data.users[0].username);
				done();
			});
		});

		it('should not return hidden groups', async () => {
			await Groups.create({
				name: 'hiddenGroup',
				hidden: '1',
			});
			const result = await socketGroups.search({ uid: testUid }, { query: 'hiddenGroup' });
			assert.equal(result.length, 0);
		});
	});

	describe('.isMember()', () => {
		it('should return boolean true when a user is in a group', async () => {
			const isMember = await Groups.isMember(1, 'Test');
			assert.strictEqual(isMember, true);
		});

		it('should return boolean false when a user is not in a group', async () => {
			const isMember = await Groups.isMember(2, 'Test');
			assert.strictEqual(isMember, false);
		});

		it('should return true for uid 0 and guests group', async () => {
			const isMember = await Groups.isMember(0, 'guests');
			assert.strictEqual(isMember, true);
		});

		it('should return false for uid 0 and spiders group', async () => {
			const isMember = await Groups.isMember(0, 'spiders');
			assert.strictEqual(isMember, false);
		});

		it('should return true for uid -1 and spiders group', async () => {
			const isMember = await Groups.isMember(-1, 'spiders');
			assert.strictEqual(isMember, true);
		});

		it('should return false for uid -1 and guests group', async () => {
			const isMember = await Groups.isMember(-1, 'guests');
			assert.strictEqual(isMember, false);
		});

		it('should return true for uid 0, false for uid -1 with guests group', async () => {
			const isMembers = await Groups.isMembers([1, 0, -1], 'guests');
			assert.deepStrictEqual(isMembers, [false, true, false]);
		});

		it('should return false for uid 0, true for uid -1 with spiders group', async () => {
			const isMembers = await Groups.isMembers([1, 0, -1], 'spiders');
			assert.deepStrictEqual(isMembers, [false, false, true]);
		});

		it('should return true for uid 0 and guests group', async () => {
			const isMembers = await Groups.isMemberOfGroups(0, ['guests', 'registered-users', 'spiders']);
			assert.deepStrictEqual(isMembers, [true, false, false]);
		});

		it('should return true for uid -1 and spiders group', async () => {
			const isMembers = await Groups.isMemberOfGroups(-1, ['guests', 'registered-users', 'spiders']);
			assert.deepStrictEqual(isMembers, [false, false, true]);
		});
	});

	describe('.isMemberOfGroupList', () => {
		it('should report that a user is part of a groupList, if they are', (done) => {
			Groups.isMemberOfGroupList(1, 'Hidden', (err, isMember) => {
				assert.ifError(err);
				assert.strictEqual(isMember, true);
				done();
			});
		});

		it('should report that a user is not part of a groupList, if they are not', (done) => {
			Groups.isMemberOfGroupList(2, 'Hidden', (err, isMember) => {
				assert.ifError(err);
				assert.strictEqual(isMember, false);
				done();
			});
		});
	});

	describe('.exists()', () => {
		it('should verify that the test group exists', (done) => {
			Groups.exists('Test', (err, exists) => {
				assert.ifError(err);
				assert.strictEqual(exists, true);
				done();
			});
		});

		it('should verify that a fake group does not exist', (done) => {
			Groups.exists('Derp', (err, exists) => {
				assert.ifError(err);
				assert.strictEqual(exists, false);
				done();
			});
		});

		it('should check if group exists using an array', (done) => {
			Groups.exists(['Test', 'Derp'], (err, groupsExists) => {
				assert.ifError(err);
				assert.strictEqual(groupsExists[0], true);
				assert.strictEqual(groupsExists[1], false);
				done();
			});
		});
	});

	describe('.create()', () => {
		it('should create another group', (done) => {
			Groups.create({
				name: 'foo',
				description: 'bar',
			}, (err) => {
				assert.ifError(err);
				Groups.get('foo', {}, done);
			});
		});

		it('should create a hidden group if hidden is 1', (done) => {
			Groups.create({
				name: 'hidden group',
				hidden: '1',
			}, (err) => {
				assert.ifError(err);
				db.isSortedSetMember('groups:visible:memberCount', 'visible group', (err, isMember) => {
					assert.ifError(err);
					assert(!isMember);
					done();
				});
			});
		});

		it('should create a visible group if hidden is 0', (done) => {
			Groups.create({
				name: 'visible group',
				hidden: '0',
			}, (err) => {
				assert.ifError(err);
				db.isSortedSetMember('groups:visible:memberCount', 'visible group', (err, isMember) => {
					assert.ifError(err);
					assert(isMember);
					done();
				});
			});
		});

		it('should create a visible group if hidden is not passed in', (done) => {
			Groups.create({
				name: 'visible group 2',
			}, (err) => {
				assert.ifError(err);
				db.isSortedSetMember('groups:visible:memberCount', 'visible group 2', (err, isMember) => {
					assert.ifError(err);
					assert(isMember);
					done();
				});
			});
		});

		it('should fail to create group with duplicate group name', (done) => {
			Groups.create({ name: 'foo' }, (err) => {
				assert(err);
				assert.equal(err.message, '[[error:group-already-exists]]');
				done();
			});
		});

		it('should fail to create group if slug is empty', (done) => {
			Groups.create({ name: '>>>>' }, (err) => {
				assert.equal(err.message, '[[error:invalid-group-name]]');
				done();
			});
		});

		it('should fail if group name is invalid', (done) => {
			Groups.create({ name: 'not/valid' }, (err) => {
				assert.equal(err.message, '[[error:invalid-group-name]]');
				done();
			});
		});

		it('should fail if group name is invalid', (done) => {
			Groups.create({ name: ['array/'] }, (err) => {
				assert.equal(err.message, '[[error:invalid-group-name]]');
				done();
			});
		});

		it('should fail if group name is invalid', async () => {
			try {
				await apiGroups.create({ uid: adminUid }, { name: ['test', 'administrators'] });
			} catch (err) {
				return assert.equal(err.message, '[[error:invalid-group-name]]');
			}
			assert(false);
		});

		it('should not create a system group', async () => {
			await apiGroups.create({ uid: adminUid }, { name: 'mysystemgroup', system: true });
			const data = await Groups.getGroupData('mysystemgroup');
			assert.strictEqual(data.system, 0);
		});

		it('should fail if group name is invalid', (done) => {
			Groups.create({ name: 'not:valid' }, (err) => {
				assert.equal(err.message, '[[error:invalid-group-name]]');
				done();
			});
		});

		it('should return falsy for userTitleEnabled', (done) => {
			Groups.create({ name: 'userTitleEnabledGroup' }, (err) => {
				assert.ifError(err);
				Groups.setGroupField('userTitleEnabledGroup', 'userTitleEnabled', 0, (err) => {
					assert.ifError(err);
					Groups.getGroupData('userTitleEnabledGroup', (err, data) => {
						assert.ifError(err);
						assert.strictEqual(data.userTitleEnabled, 0);
						done();
					});
				});
			});
		});
	});

	describe('.hide()', () => {
		it('should mark the group as hidden', async () => {
			await Groups.hide('foo');
			const groupObj = await Groups.get('foo', {});
			assert.strictEqual(1, groupObj.hidden);
			const isMember = await db.isSortedSetMember('groups:visible:createtime', 'foo');
			assert.strictEqual(isMember, false);
		});
	});

	describe('.update()', () => {
		before((done) => {
			Groups.create({
				name: 'updateTestGroup',
				description: 'bar',
				system: 0,
				hidden: 0,
			}, done);
		});

		it('should change an aspect of a group', (done) => {
			Groups.update('updateTestGroup', {
				description: 'baz',
			}, (err) => {
				assert.ifError(err);

				Groups.get('updateTestGroup', {}, (err, groupObj) => {
					assert.ifError(err);
					assert.strictEqual('baz', groupObj.description);
					done();
				});
			});
		});

		it('should rename a group and not break navigation routes', async () => {
			await Groups.update('updateTestGroup', {
				name: 'updateTestGroup?',
			});

			const groupObj = await Groups.get('updateTestGroup?', {});
			assert.strictEqual('updateTestGroup?', groupObj.name);
			assert.strictEqual('updatetestgroup', groupObj.slug);

			const navItems = await navigation.get();
			assert.strictEqual(navItems[0].route, '/categories');
		});

		it('should fail if system groups is being renamed', (done) => {
			Groups.update('administrators', {
				name: 'administrators_fail',
			}, (err) => {
				assert.equal(err.message, '[[error:not-allowed-to-rename-system-group]]');
				done();
			});
		});

		it('should fail to rename if group name is invalid', async () => {
			try {
				await apiGroups.update({ uid: adminUid }, { slug: ['updateTestGroup?'], values: {} });
			} catch (err) {
				return assert.strictEqual(err.message, '[[error:invalid-group-name]]');
			}
			assert(false);
		});

		it('should fail to rename if group name is too short', async () => {
			try {
				const slug = await Groups.getGroupField('updateTestGroup?', 'slug');
				await apiGroups.update({ uid: adminUid }, { slug: slug, name: '' });
			} catch (err) {
				return assert.strictEqual(err.message, '[[error:group-name-too-short]]');
			}
			assert(false);
		});

		it('should fail to rename if group name is invalid', async () => {
			try {
				const slug = await Groups.getGroupField('updateTestGroup?', 'slug');
				await apiGroups.update({ uid: adminUid }, { slug: slug, name: ['invalid'] });
			} catch (err) {
				return assert.strictEqual(err.message, '[[error:invalid-group-name]]');
			}
			assert(false);
		});

		it('should fail to rename if group name is invalid', async () => {
			try {
				const slug = await Groups.getGroupField('updateTestGroup?', 'slug');
				await apiGroups.update({ uid: adminUid }, { slug: slug, name: 'cid:0:privileges:ban' });
			} catch (err) {
				return assert.strictEqual(err.message, '[[error:invalid-group-name]]');
			}
			assert(false);
		});

		it('should fail to rename if group name is too long', async () => {
			try {
				const slug = await Groups.getGroupField('updateTestGroup?', 'slug');
				await apiGroups.update({ uid: adminUid }, { slug: slug, name: 'verylongstringverylongstringverylongstringverylongstringverylongstringverylongstringverylongstringverylongstringverylongstringverylongstringverylongstringverylongstringverylongstringverylongstringverylongstringverylongstringverylongstringverylongstringverylongstringverylongstring' });
			} catch (err) {
				return assert.strictEqual(err.message, '[[error:group-name-too-long]]');
			}
			assert(false);
		});

		it('should fail to rename if group name is invalid', async () => {
			const slug = await Groups.getGroupField('updateTestGroup?', 'slug');
			const invalidNames = ['test:test', 'another/test', '---'];
			for (const name of invalidNames) {
				try {
					// eslint-disable-next-line no-await-in-loop
					await apiGroups.update({ uid: adminUid }, { slug: slug, name: name });
					assert(false);
				} catch (err) {
					assert.strictEqual(err.message, '[[error:invalid-group-name]]');
				}
			}
		});

		it('should fail to rename group to an existing group', (done) => {
			Groups.create({
				name: 'group2',
				system: 0,
				hidden: 0,
			}, (err) => {
				assert.ifError(err);
				Groups.update('group2', {
					name: 'updateTestGroup?',
				}, (err) => {
					assert.equal(err.message, '[[error:group-already-exists]]');
					done();
				});
			});
		});
	});

	describe('.destroy()', () => {
		before((done) => {
			Groups.join('foobar?', 1, done);
		});

		it('should destroy a group', (done) => {
			Groups.destroy('foobar?', (err) => {
				assert.ifError(err);

				Groups.get('foobar?', {}, (err, groupObj) => {
					assert.ifError(err);
					assert.strictEqual(groupObj, null);
					done();
				});
			});
		});

		it('should also remove the members set', (done) => {
			db.exists('group:foo:members', (err, exists) => {
				assert.ifError(err);
				assert.strictEqual(false, exists);
				done();
			});
		});

		it('should remove group from privilege groups', (done) => {
			const privileges = require('../src/privileges');
			const cid = 1;
			const groupName = '1';
			const uid = 1;
			async.waterfall([
				function (next) {
					Groups.create({ name: groupName }, next);
				},
				function (groupData, next) {
					privileges.categories.give(['groups:topics:create'], cid, groupName, next);
				},
				function (next) {
					Groups.isMember(groupName, 'cid:1:privileges:groups:topics:create', next);
				},
				function (isMember, next) {
					assert(isMember);
					Groups.destroy(groupName, next);
				},
				function (next) {
					Groups.isMember(groupName, 'cid:1:privileges:groups:topics:create', next);
				},
				function (isMember, next) {
					assert(!isMember);
					Groups.isMember(uid, 'registered-users', next);
				},
				function (isMember, next) {
					assert(isMember);
					next();
				},
			], done);
		});
	});

	describe('.join()', () => {
		before((done) => {
			Groups.leave('Test', testUid, done);
		});

		it('should add a user to a group', (done) => {
			Groups.join('Test', testUid, (err) => {
				assert.ifError(err);

				Groups.isMember(testUid, 'Test', (err, isMember) => {
					assert.ifError(err);
					assert.strictEqual(true, isMember);

					done();
				});
			});
		});

		it('should fail to add user to admin group', async () => {
			const oldValue = meta.config.allowPrivateGroups;
			try {
				meta.config.allowPrivateGroups = false;
				const newUid = await User.create({ username: 'newadmin' });
				await apiGroups.join({ uid: newUid }, { slug: ['test', 'administrators'], uid: newUid }, 1);
				const isMember = await Groups.isMember(newUid, 'administrators');
				assert(!isMember);
			} catch (err) {
				assert.strictEqual(err.message, '[[error:no-group]]');
			}
			meta.config.allowPrivateGroups = oldValue;
		});

		it('should fail to add user to group if group name is invalid', (done) => {
			Groups.join(0, 1, (err) => {
				assert.equal(err.message, '[[error:invalid-data]]');
				Groups.join(null, 1, (err) => {
					assert.equal(err.message, '[[error:invalid-data]]');
					Groups.join(undefined, 1, (err) => {
						assert.equal(err.message, '[[error:invalid-data]]');
						done();
					});
				});
			});
		});

		it('should fail to add user to group if uid is invalid', (done) => {
			Groups.join('Test', 0, (err) => {
				assert.equal(err.message, '[[error:invalid-uid]]');
				Groups.join('Test', null, (err) => {
					assert.equal(err.message, '[[error:invalid-uid]]');
					Groups.join('Test', undefined, (err) => {
						assert.equal(err.message, '[[error:invalid-uid]]');
						done();
					});
				});
			});
		});

		it('should add user to Global Moderators group', async () => {
			const uid = await User.create({ username: 'glomod' });
			const slug = await Groups.getGroupField('Global Moderators', 'slug');
			await apiGroups.join({ uid: adminUid }, { slug: slug, uid: uid });
			const isGlobalMod = await User.isGlobalModerator(uid);
			assert.strictEqual(isGlobalMod, true);
		});

		it('should add user to multiple groups', (done) => {
			const groupNames = ['test-hidden1', 'Test', 'test-hidden2', 'empty group'];
			Groups.create({ name: 'empty group' }, (err) => {
				assert.ifError(err);
				Groups.join(groupNames, testUid, (err) => {
					assert.ifError(err);
					Groups.isMemberOfGroups(testUid, groupNames, (err, isMembers) => {
						assert.ifError(err);
						assert(isMembers.every(Boolean));
						db.sortedSetScores('groups:visible:memberCount', groupNames, (err, memberCounts) => {
							assert.ifError(err);
							// hidden groups are not in "groups:visible:memberCount" so they are null
							assert.deepEqual(memberCounts, [null, 3, null, 1]);
							done();
						});
					});
				});
			});
		});

		it('should set group title when user joins the group', (done) => {
			const groupName = 'this will be title';
			User.create({ username: 'needstitle' }, (err, uid) => {
				assert.ifError(err);
				Groups.create({ name: groupName }, (err) => {
					assert.ifError(err);
					Groups.join([groupName], uid, (err) => {
						assert.ifError(err);
						User.getUserData(uid, (err, data) => {
							assert.ifError(err);
							assert.equal(data.groupTitle, `["${groupName}"]`);
							assert.deepEqual(data.groupTitleArray, [groupName]);
							done();
						});
					});
				});
			});
		});

		it('should fail to add user to system group', async () => {
			const uid = await User.create({ username: 'eviluser' });
			const oldValue = meta.config.allowPrivateGroups;
			meta.config.allowPrivateGroups = 0;
			async function test(groupName) {
				let err;
				try {
					const slug = await Groups.getGroupField(groupName, 'slug');
					await apiGroups.join({ uid: uid }, { slug: slug, uid: uid });
					const isMember = await Groups.isMember(uid, groupName);
					assert.strictEqual(isMember, false);
				} catch (_err) {
					err = _err;
				}
				assert.strictEqual(err.message, '[[error:not-allowed]]');
			}
			const groups = ['Global Moderators', 'verified-users', 'unverified-users'];
			for (const g of groups) {
				// eslint-disable-next-line no-await-in-loop
				await test(g);
			}
			meta.config.allowPrivateGroups = oldValue;
		});

		it('should fail to add user to group if calling uid is non-self and non-admin', async () => {
			const uid1 = await User.create({ username: utils.generateUUID().slice(0, 8) });
			const uid2 = await User.create({ username: utils.generateUUID().slice(0, 8) });

			await assert.rejects(
				apiGroups.join({ uid: uid1 }, { slug: 'test', uid: uid2 }),
				{ message: '[[error:not-allowed]]' }
			);
		});

		it('should allow admins to join private groups', async () => {
			await apiGroups.join({ uid: adminUid }, { uid: adminUid, slug: 'global-moderators' });
			assert(await Groups.isMember(adminUid, 'Global Moderators'));
		});
	});

	describe('.leave()', () => {
		it('should remove a user from a group', (done) => {
			Groups.leave('Test', testUid, (err) => {
				assert.ifError(err);

				Groups.isMember(testUid, 'Test', (err, isMember) => {
					assert.ifError(err);
					assert.strictEqual(false, isMember);

					done();
				});
			});
		});
	});

	describe('.leaveAllGroups()', () => {
		it('should remove a user from all groups', (done) => {
			Groups.leaveAllGroups(testUid, (err) => {
				assert.ifError(err);

				const groups = ['Test', 'Hidden'];
				async.every(groups, (group, next) => {
					Groups.isMember(testUid, group, (err, isMember) => {
						next(err, !isMember);
					});
				}, (err, result) => {
					assert.ifError(err);
					assert(result);

					done();
				});
			});
		});
	});

	describe('.show()', () => {
		it('should make a group visible', (done) => {
			Groups.show('Test', function (err) {
				assert.ifError(err);
				assert.equal(arguments.length, 1);
				db.isSortedSetMember('groups:visible:createtime', 'Test', (err, isMember) => {
					assert.ifError(err);
					assert.strictEqual(isMember, true);
					done();
				});
			});
		});
	});

	describe('socket methods', () => {
		it('should error if data is null', (done) => {
			socketGroups.before({ uid: 0 }, 'groups.join', null, (err) => {
				assert.equal(err.message, '[[error:invalid-data]]');
				done();
			});
		});

		it('should not error if data is valid', (done) => {
			socketGroups.before({ uid: 0 }, 'groups.join', {}, (err) => {
				assert.ifError(err);
				done();
			});
		});

		it('should return error if not logged in', async () => {
			try {
				await apiGroups.join({ uid: 0 }, {});
				assert(false);
			} catch (err) {
				assert.equal(err.message, '[[error:invalid-uid]]');
			}
		});

		it('should return error if group name is special', async () => {
			try {
				await apiGroups.join({ uid: testUid }, { slug: 'administrators', uid: testUid });
				assert(false);
			} catch (err) {
				assert.equal(err.message, '[[error:not-allowed]]');
			}
		});

		it('should error if group does not exist', async () => {
			try {
				await apiGroups.join({ uid: adminUid }, { slug: 'doesnotexist', uid: adminUid });
				assert(false);
			} catch (err) {
				assert.equal(err.message, '[[error:no-group]]');
			}
		});

		it('should join test group', async () => {
			meta.config.allowPrivateGroups = 0;
			await apiGroups.join({ uid: adminUid }, { slug: 'test', uid: adminUid });
			const isMember = await Groups.isMember(adminUid, 'Test');
			assert(isMember);
		});

		it('should error if not logged in', async () => {
			try {
				await apiGroups.leave({ uid: 0 }, {});
				assert(false);
			} catch (err) {
				assert.equal(err.message, '[[error:invalid-uid]]');
			}
		});

		it('should return error if group name is special', async () => {
			try {
				await apiGroups.leave({ uid: adminUid }, { slug: 'administrators', uid: adminUid });
				assert(false);
			} catch (err) {
				assert.equal(err.message, '[[error:cant-remove-self-as-admin]]');
			}
		});

		it('should leave test group', async () => {
			await apiGroups.leave({ uid: adminUid }, { slug: 'test', uid: adminUid });
			const isMember = await Groups.isMember(adminUid, 'Test');
			assert(!isMember);
		});

		it('should fail to join if group is private and join requests are disabled', async () => {
			meta.config.allowPrivateGroups = 1;
			try {
				await apiGroups.join({ uid: testUid }, { slug: 'privatenojoin', uid: testUid });
				assert(false);
			} catch (err) {
				assert.equal(err.message, '[[error:group-join-disabled]]');
			}
		});

		it('should fail to leave if group is private and leave is disabled', async () => {
			await Groups.join('PrivateNoLeave', testUid);
			const isMember = await Groups.isMember(testUid, 'PrivateNoLeave');
			assert(isMember);
			try {
				await apiGroups.leave({ uid: testUid }, { slug: 'privatenoleave', uid: testUid });
				assert(false);
			} catch (err) {
				assert.equal(err.message, '[[error:group-leave-disabled]]');
			}
		});

		it('should join if user is admin', async () => {
			await apiGroups.join({ uid: adminUid }, { slug: 'privatecanjoin', uid: adminUid });
			const isMember = await Groups.isMember(adminUid, 'PrivateCanJoin');
			assert(isMember);
		});

		it('should request membership for regular user', async () => {
			await apiGroups.join({ uid: testUid }, { slug: 'privatecanjoin', uid: testUid });
			const isPending = await Groups.isPending(testUid, 'PrivateCanJoin');
			assert(isPending);
		});

		it('should reject membership of user', async () => {
			await apiGroups.reject({ uid: adminUid }, { slug: 'privatecanjoin', uid: testUid });
			const invited = await Groups.isInvited(testUid, 'PrivateCanJoin');
			assert.equal(invited, false);
		});

		it('should error if not owner or admin', async () => {
			await assert.rejects(
				apiGroups.accept({ uid: 0 }, { slug: 'privatecanjoin', uid: testUid }),
				{ message: '[[error:no-privileges]]' }
			);
		});

		it('should accept membership of user', async () => {
			await apiGroups.join({ uid: testUid }, { slug: 'privatecanjoin', uid: testUid });
			await apiGroups.accept({ uid: adminUid }, { slug: 'privatecanjoin', uid: testUid });
			const isMember = await Groups.isMember(testUid, 'PrivateCanJoin');
			assert(isMember);
		});

		it('should issue invite to user', async () => {
			const uid = await User.create({ username: 'invite1' });
			await apiGroups.issueInvite({ uid: adminUid }, { slug: 'privatecanjoin', uid });
			const isInvited = await Groups.isInvited(uid, 'PrivateCanJoin');
			assert(isInvited);
		});

		it('should rescind invite', async () => {
			const uid = await User.create({ username: 'invite3' });
			await apiGroups.issueInvite({ uid: adminUid }, { slug: 'privatecanjoin', uid });
			await apiGroups.rejectInvite({ uid: adminUid }, { slug: 'privatecanjoin', uid });

			const isInvited = await Groups.isInvited(uid, 'PrivateCanJoin');
			assert(!isInvited);
		});

		it('should error if user is not invited', async () => {
			await assert.rejects(
				apiGroups.acceptInvite({ uid: adminUid }, { slug: 'privatecanjoin', uid: adminUid }),
				{ message: '[[error:not-invited]]' }
			);
		});

		it('should accept invite', async () => {
			const uid = await User.create({ username: 'invite4' });
			await apiGroups.issueInvite({ uid: adminUid }, { slug: 'privatecanjoin', uid });
			await apiGroups.acceptInvite({ uid }, { slug: 'privatecanjoin', uid });
			const isMember = await Groups.isMember(uid, 'PrivateCanJoin');
			assert(isMember);
		});

		it('should reject invite', async () => {
			const uid = await User.create({ username: 'invite5' });
			await apiGroups.issueInvite({ uid: adminUid }, { slug: 'privatecanjoin', uid });
			await apiGroups.rejectInvite({ uid }, { slug: 'privatecanjoin', uid });
			const isInvited = await Groups.isInvited(uid, 'PrivateCanJoin');
			assert(!isInvited);
		});

		it('should grant ownership to user', async () => {
			await apiGroups.grant({ uid: adminUid }, { slug: 'privatecanjoin', uid: testUid });
			const isOwner = await Groups.ownership.isOwner(testUid, 'PrivateCanJoin');
			assert(isOwner);
		});

		it('should rescind ownership from user', async () => {
			await apiGroups.rescind({ uid: adminUid }, { slug: 'privatecanjoin', uid: testUid });
			const isOwner = await Groups.ownership.isOwner(testUid, 'PrivateCanJoin');
			assert(!isOwner);
		});

		it('should fail to kick user with invalid data', async () => {
			await assert.rejects(
				apiGroups.leave({ uid: adminUid }, { slug: 'privatecanjoin', uid: 8721632 }),
				{ message: '[[error:group-not-member]]' }
			);
		});

		it('should kick user from group', async () => {
			await apiGroups.leave({ uid: adminUid }, { slug: 'privatecanjoin', uid: testUid });
			const isMember = await Groups.isMember(testUid, 'PrivateCanJoin');
			assert(!isMember);
		});

		it('should fail to create group with invalid data', async () => {
			await assert.rejects(
				apiGroups.create({ uid: 0 }, {}),
				{ message: '[[error:no-privileges]]' }
			);
		});

		it('should fail to create group if group creation is disabled', async () => {
			await assert.rejects(
				apiGroups.create({ uid: testUid }, { name: 'avalidname' }),
				{ message: '[[error:no-privileges]]' }
			);
		});

		it('should fail to create group if name is privilege group', async () => {
			try {
				await apiGroups.create({ uid: 1 }, { name: 'cid:1:privileges:groups:find' });
				assert(false);
			} catch (err) {
				assert.equal(err.message, '[[error:invalid-group-name]]');
			}
		});

		it('should create/update group', async () => {
			const groupData = await apiGroups.create({ uid: adminUid }, { name: 'createupdategroup' });
			assert(groupData);
			const data = {
				slug: 'createupdategroup',
				name: 'renamedupdategroup',
				description: 'cat group',
				userTitle: 'cats',
				userTitleEnabled: 1,
				disableJoinRequests: 1,
				hidden: 1,
				private: 0,
			};
			await apiGroups.update({ uid: adminUid }, data);
			const updatedData = await Groups.get('renamedupdategroup', {});
			assert.equal(updatedData.name, 'renamedupdategroup');
			assert.equal(updatedData.userTitle, 'cats');
			assert.equal(updatedData.description, 'cat group');
			assert.equal(updatedData.hidden, true);
			assert.equal(updatedData.disableJoinRequests, true);
			assert.equal(updatedData.private, false);
		});

		it('should fail to create a group with name guests', async () => {
			try {
				await apiGroups.create({ uid: adminUid }, { name: 'guests' });
				assert(false);
			} catch (err) {
				assert.equal(err.message, '[[error:invalid-group-name]]');
			}
		});

		it('should fail to rename guests group', async () => {
			const data = {
				slug: 'guests',
				name: 'guests2',
			};

			try {
				await apiGroups.update({ uid: adminUid }, data);
				assert(false);
			} catch (err) {
				assert.equal(err.message, '[[error:invalid-group-name]]');
			}
		});

		it('should delete group', async () => {
			await apiGroups.delete({ uid: adminUid }, { slug: 'renamedupdategroup' });
			const exists = await Groups.exists('renamedupdategroup');
			assert(!exists);
		});

		it('should fail to delete group if name is special', async () => {
			const specialGroups = [
				'administrators', 'registered-users', 'verified-users',
				'unverified-users', 'global-moderators',
			];
			for (const slug of specialGroups) {
				try {
					// eslint-disable-next-line no-await-in-loop
					await apiGroups.delete({ uid: adminUid }, { slug: slug });
					assert(false);
				} catch (err) {
					assert.equal(err.message, '[[error:not-allowed]]');
				}
			}
		});

		it('should fail to delete group if name is special', async () => {
			try {
				await apiGroups.delete({ uid: adminUid }, { slug: 'guests' });
				assert(false);
			} catch (err) {
				assert.equal(err.message, '[[error:invalid-group-name]]');
			}
		});

		it('should fail to load more groups with invalid data', (done) => {
			socketGroups.loadMore({ uid: adminUid }, {}, (err) => {
				assert.equal(err.message, '[[error:invalid-data]]');
				done();
			});
		});

		it('should load more groups', (done) => {
			socketGroups.loadMore({ uid: adminUid }, { after: 0, sort: 'count' }, (err, data) => {
				assert.ifError(err);
				assert(Array.isArray(data.groups));
				done();
			});
		});

		it('should fail to load more members with invalid data', (done) => {
			socketGroups.loadMoreMembers({ uid: adminUid }, {}, (err) => {
				assert.equal(err.message, '[[error:invalid-data]]');
				done();
			});
		});

		it('should load more members', (done) => {
			socketGroups.loadMoreMembers({ uid: adminUid }, { after: 0, groupName: 'PrivateCanJoin' }, (err, data) => {
				assert.ifError(err);
				assert(Array.isArray(data.users));
				done();
			});
		});
	});

	describe('api methods', () => {
		const apiGroups = require('../src/api/groups');
		it('should fail to create group with invalid data', async () => {
			let err;
			try {
				await apiGroups.create({ uid: adminUid }, null);
			} catch (_err) {
				err = _err;
			}
			assert.strictEqual(err.message, '[[error:invalid-data]]');
		});

		it('should fail to create group if group name is privilege group', async () => {
			let err;
			try {
				await apiGroups.create({ uid: adminUid }, { name: 'cid:1:privileges:read' });
			} catch (_err) {
				err = _err;
			}
			assert.strictEqual(err.message, '[[error:invalid-group-name]]');
		});

		it('should create a group', async () => {
			const groupData = await apiGroups.create({ uid: adminUid }, { name: 'newgroup', description: 'group created by admin' });
			assert.equal(groupData.name, 'newgroup');
			assert.equal(groupData.description, 'group created by admin');
			assert.equal(groupData.private, 1);
			assert.equal(groupData.hidden, 0);
			assert.equal(groupData.memberCount, 1);
		});

		it('should fail to join with invalid data', async () => {
			let err;
			try {
				await apiGroups.join({ uid: adminUid }, null);
			} catch (_err) {
				err = _err;
			}
			assert.strictEqual(err.message, '[[error:invalid-data]]');
		});

		it('should add user to group', async () => {
			await apiGroups.join({ uid: adminUid }, { uid: testUid, slug: 'newgroup' });
			const isMember = await Groups.isMember(testUid, 'newgroup');
			assert(isMember);
		});

		it('should not error if user is already member', async () => {
			await apiGroups.join({ uid: adminUid }, { uid: testUid, slug: 'newgroup' });
		});

		it('it should fail with invalid data', async () => {
			let err;
			try {
				await apiGroups.leave({ uid: adminUid }, null);
			} catch (_err) {
				err = _err;
			}
			assert.strictEqual(err.message, '[[error:invalid-data]]');
		});

		it('it should fail if admin tries to remove self', async () => {
			let err;
			try {
				await apiGroups.leave({ uid: adminUid }, { uid: adminUid, slug: 'administrators' });
			} catch (_err) {
				err = _err;
			}
			assert.strictEqual(err.message, '[[error:cant-remove-self-as-admin]]');
		});

		it('should error if user is not member', async () => {
			await assert.rejects(
				apiGroups.leave({ uid: adminUid }, { uid: 3, slug: 'newgroup' }),
				{ message: '[[error:group-not-member]]' }
			);
		});

		it('should fail if trying to remove someone else from group', async () => {
			await assert.rejects(
				apiGroups.leave({ uid: testUid }, { uid: adminUid, slug: 'newgroup' }),
				{ message: '[[error:no-privileges]]' },
			);
		});

		it('should remove user from group', async () => {
			await apiGroups.leave({ uid: adminUid }, { uid: testUid, slug: 'newgroup' });
			const isMember = await Groups.isMember(testUid, 'newgroup');
			assert(!isMember);
		});

		it('should fail with invalid data', async () => {
			let err;
			try {
				await apiGroups.update({ uid: adminUid }, null);
			} catch (_err) {
				err = _err;
			}
			assert.strictEqual(err.message, '[[error:invalid-data]]');
		});

		it('should update group', async () => {
			const data = {
				slug: 'newgroup',
				name: 'renamedgroup',
				description: 'cat group',
				userTitle: 'cats',
				userTitleEnabled: 1,
				disableJoinRequests: 1,
				hidden: 1,
				private: 0,
			};
			await apiGroups.update({ uid: adminUid }, data);
			const groupData = await Groups.get('renamedgroup', {});
			assert.equal(groupData.name, 'renamedgroup');
			assert.equal(groupData.userTitle, 'cats');
			assert.equal(groupData.description, 'cat group');
			assert.equal(groupData.hidden, true);
			assert.equal(groupData.disableJoinRequests, true);
			assert.equal(groupData.private, false);
		});
	});

	describe('groups cover', () => {
		const socketGroups = require('../src/socket.io/groups');
		let regularUid;
		const logoPath = path.join(__dirname, '../test/files/test.png');
		const imagePath = path.join(__dirname, '../test/files/groupcover.png');
		before((done) => {
			User.create({ username: 'regularuser', password: '123456' }, (err, uid) => {
				assert.ifError(err);
				regularUid = uid;
				async.series([
					function (next) {
						Groups.join('Test', adminUid, next);
					},
					function (next) {
						Groups.join('Test', regularUid, next);
					},
					function (next) {
						helpers.copyFile(logoPath, imagePath, next);
					},
				], done);
			});
		});

		it('should fail if user is not logged in or not owner', (done) => {
			socketGroups.cover.update({ uid: 0 }, { imageData: 'asd' }, (err) => {
				assert.equal(err.message, '[[error:no-privileges]]');
				socketGroups.cover.update({ uid: regularUid }, { groupName: 'Test', imageData: 'asd' }, (err) => {
					assert.equal(err.message, '[[error:no-privileges]]');
					done();
				});
			});
		});

		it('should upload group cover image from file', (done) => {
			const data = {
				groupName: 'Test',
				file: {
					path: imagePath,
					type: 'image/png',
				},
			};
			Groups.updateCover({ uid: adminUid }, data, (err, data) => {
				assert.ifError(err);
				Groups.getGroupFields('Test', ['cover:url'], (err, groupData) => {
					assert.ifError(err);
					assert.equal(nconf.get('relative_path') + data.url, groupData['cover:url']);
					if (nconf.get('relative_path')) {
						assert(!data.url.startsWith(nconf.get('relative_path')));
						assert(groupData['cover:url'].startsWith(nconf.get('relative_path')), groupData['cover:url']);
					}
					done();
				});
			});
		});


		it('should upload group cover image from data', (done) => {
			const data = {
				groupName: 'Test',
				imageData: 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAgCAYAAAABtRhCAAAACXBIWXMAAC4jAAAuIwF4pT92AAAKT2lDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAHjanVNnVFPpFj333vRCS4iAlEtvUhUIIFJCi4AUkSYqIQkQSoghodkVUcERRUUEG8igiAOOjoCMFVEsDIoK2AfkIaKOg6OIisr74Xuja9a89+bN/rXXPues852zzwfACAyWSDNRNYAMqUIeEeCDx8TG4eQuQIEKJHAAEAizZCFz/SMBAPh+PDwrIsAHvgABeNMLCADATZvAMByH/w/qQplcAYCEAcB0kThLCIAUAEB6jkKmAEBGAYCdmCZTAKAEAGDLY2LjAFAtAGAnf+bTAICd+Jl7AQBblCEVAaCRACATZYhEAGg7AKzPVopFAFgwABRmS8Q5ANgtADBJV2ZIALC3AMDOEAuyAAgMADBRiIUpAAR7AGDIIyN4AISZABRG8lc88SuuEOcqAAB4mbI8uSQ5RYFbCC1xB1dXLh4ozkkXKxQ2YQJhmkAuwnmZGTKBNA/g88wAAKCRFRHgg/P9eM4Ors7ONo62Dl8t6r8G/yJiYuP+5c+rcEAAAOF0ftH+LC+zGoA7BoBt/qIl7gRoXgugdfeLZrIPQLUAoOnaV/Nw+H48PEWhkLnZ2eXk5NhKxEJbYcpXff5nwl/AV/1s+X48/Pf14L7iJIEyXYFHBPjgwsz0TKUcz5IJhGLc5o9H/LcL//wd0yLESWK5WCoU41EScY5EmozzMqUiiUKSKcUl0v9k4t8s+wM+3zUAsGo+AXuRLahdYwP2SycQWHTA4vcAAPK7b8HUKAgDgGiD4c93/+8//UegJQCAZkmScQAAXkQkLlTKsz/HCAAARKCBKrBBG/TBGCzABhzBBdzBC/xgNoRCJMTCQhBCCmSAHHJgKayCQiiGzbAdKmAv1EAdNMBRaIaTcA4uwlW4Dj1wD/phCJ7BKLyBCQRByAgTYSHaiAFiilgjjggXmYX4IcFIBBKLJCDJiBRRIkuRNUgxUopUIFVIHfI9cgI5h1xGupE7yAAygvyGvEcxlIGyUT3UDLVDuag3GoRGogvQZHQxmo8WoJvQcrQaPYw2oefQq2gP2o8+Q8cwwOgYBzPEbDAuxsNCsTgsCZNjy7EirAyrxhqwVqwDu4n1Y8+xdwQSgUXACTYEd0IgYR5BSFhMWE7YSKggHCQ0EdoJNwkDhFHCJyKTqEu0JroR+cQYYjIxh1hILCPWEo8TLxB7iEPENyQSiUMyJ7mQAkmxpFTSEtJG0m5SI+ksqZs0SBojk8naZGuyBzmULCAryIXkneTD5DPkG+Qh8lsKnWJAcaT4U+IoUspqShnlEOU05QZlmDJBVaOaUt2ooVQRNY9aQq2htlKvUYeoEzR1mjnNgxZJS6WtopXTGmgXaPdpr+h0uhHdlR5Ol9BX0svpR+iX6AP0dwwNhhWDx4hnKBmbGAcYZxl3GK+YTKYZ04sZx1QwNzHrmOeZD5lvVVgqtip8FZHKCpVKlSaVGyovVKmqpqreqgtV81XLVI+pXlN9rkZVM1PjqQnUlqtVqp1Q61MbU2epO6iHqmeob1Q/pH5Z/YkGWcNMw09DpFGgsV/jvMYgC2MZs3gsIWsNq4Z1gTXEJrHN2Xx2KruY/R27iz2qqaE5QzNKM1ezUvOUZj8H45hx+Jx0TgnnKKeX836K3hTvKeIpG6Y0TLkxZVxrqpaXllirSKtRq0frvTau7aedpr1Fu1n7gQ5Bx0onXCdHZ4/OBZ3nU9lT3acKpxZNPTr1ri6qa6UbobtEd79up+6Ynr5egJ5Mb6feeb3n+hx9L/1U/W36p/VHDFgGswwkBtsMzhg8xTVxbzwdL8fb8VFDXcNAQ6VhlWGX4YSRudE8o9VGjUYPjGnGXOMk423GbcajJgYmISZLTepN7ppSTbmmKaY7TDtMx83MzaLN1pk1mz0x1zLnm+eb15vft2BaeFostqi2uGVJsuRaplnutrxuhVo5WaVYVVpds0atna0l1rutu6cRp7lOk06rntZnw7Dxtsm2qbcZsOXYBtuutm22fWFnYhdnt8Wuw+6TvZN9un2N/T0HDYfZDqsdWh1+c7RyFDpWOt6azpzuP33F9JbpL2dYzxDP2DPjthPLKcRpnVOb00dnF2e5c4PziIuJS4LLLpc+Lpsbxt3IveRKdPVxXeF60vWdm7Obwu2o26/uNu5p7ofcn8w0nymeWTNz0MPIQ+BR5dE/C5+VMGvfrH5PQ0+BZ7XnIy9jL5FXrdewt6V3qvdh7xc+9j5yn+M+4zw33jLeWV/MN8C3yLfLT8Nvnl+F30N/I/9k/3r/0QCngCUBZwOJgUGBWwL7+Hp8Ib+OPzrbZfay2e1BjKC5QRVBj4KtguXBrSFoyOyQrSH355jOkc5pDoVQfujW0Adh5mGLw34MJ4WHhVeGP45wiFga0TGXNXfR3ENz30T6RJZE3ptnMU85ry1KNSo+qi5qPNo3ujS6P8YuZlnM1VidWElsSxw5LiquNm5svt/87fOH4p3iC+N7F5gvyF1weaHOwvSFpxapLhIsOpZATIhOOJTwQRAqqBaMJfITdyWOCnnCHcJnIi/RNtGI2ENcKh5O8kgqTXqS7JG8NXkkxTOlLOW5hCepkLxMDUzdmzqeFpp2IG0yPTq9MYOSkZBxQqohTZO2Z+pn5mZ2y6xlhbL+xW6Lty8elQfJa7OQrAVZLQq2QqboVFoo1yoHsmdlV2a/zYnKOZarnivN7cyzytuQN5zvn//tEsIS4ZK2pYZLVy0dWOa9rGo5sjxxedsK4xUFK4ZWBqw8uIq2Km3VT6vtV5eufr0mek1rgV7ByoLBtQFr6wtVCuWFfevc1+1dT1gvWd+1YfqGnRs+FYmKrhTbF5cVf9go3HjlG4dvyr+Z3JS0qavEuWTPZtJm6ebeLZ5bDpaql+aXDm4N2dq0Dd9WtO319kXbL5fNKNu7g7ZDuaO/PLi8ZafJzs07P1SkVPRU+lQ27tLdtWHX+G7R7ht7vPY07NXbW7z3/T7JvttVAVVN1WbVZftJ+7P3P66Jqun4lvttXa1ObXHtxwPSA/0HIw6217nU1R3SPVRSj9Yr60cOxx++/p3vdy0NNg1VjZzG4iNwRHnk6fcJ3/ceDTradox7rOEH0x92HWcdL2pCmvKaRptTmvtbYlu6T8w+0dbq3nr8R9sfD5w0PFl5SvNUyWna6YLTk2fyz4ydlZ19fi753GDborZ752PO32oPb++6EHTh0kX/i+c7vDvOXPK4dPKy2+UTV7hXmq86X23qdOo8/pPTT8e7nLuarrlca7nuer21e2b36RueN87d9L158Rb/1tWeOT3dvfN6b/fF9/XfFt1+cif9zsu72Xcn7q28T7xf9EDtQdlD3YfVP1v+3Njv3H9qwHeg89HcR/cGhYPP/pH1jw9DBY+Zj8uGDYbrnjg+OTniP3L96fynQ89kzyaeF/6i/suuFxYvfvjV69fO0ZjRoZfyl5O/bXyl/erA6xmv28bCxh6+yXgzMV70VvvtwXfcdx3vo98PT+R8IH8o/2j5sfVT0Kf7kxmTk/8EA5jz/GMzLdsAAAAgY0hSTQAAeiUAAICDAAD5/wAAgOkAAHUwAADqYAAAOpgAABdvkl/FRgAACcJJREFUeNqMl9tvnNV6xn/f+s5z8DCeg88Zj+NYdhJH4KShFoJAIkzVphLVJnsDaiV6gUKaC2qQUFVATbnoValAakuQYKMqBKUUJCgI9XBBSmOROMqGoCStHbA9sWM7nrFn/I3n9B17kcwoabfarj9gvet53+d9nmdJAwMDAAgh8DyPtbU1XNfFMAwkScK2bTzPw/M8dF1/SAhxKAiCxxVF2aeqqqTr+q+Af+7o6Ch0d3f/69TU1KwkSRiGwbFjx3jmmWd47rnn+OGHH1BVFYX/5QRBkPQ87xeSJP22YRi/oapqStM0PM/D931kWSYIgnHf98cXFxepVqtomjZt2/Zf2bb990EQ4Pv+PXfeU1CSpGYhfN9/TgjxQTQaJQgCwuEwQ
			};
			socketGroups.cover.update({ uid: adminUid }, data, (err, data) => {
				assert.ifError(err);
				Groups.getGroupFields('Test', ['cover:url'], (err, groupData) => {
					assert.ifError(err);
					assert.equal(nconf.get('relative_path') + data.url, groupData['cover:url']);
					done();
				});
			});
		});

		it('should fail to upload group cover with invalid image', (done) => {
			const data = {
				groupName: 'Test',
				file: {
					path: imagePath,
					type: 'image/png',
				},
			};
			socketGroups.cover.update({ uid: adminUid }, data, (err) => {
				assert.equal(err.message, '[[error:invalid-data]]');
				done();
			});
		});

		it('should fail to upload group cover with invalid image', (done) => {
			const data = {
				groupName: 'Test',
				imageData: 'data:image/svg;base64,iVBORw0KGgoAAAANSUhEUgAAABwA',
			};
			socketGroups.cover.update({ uid: adminUid }, data, (err, data) => {
				assert.equal(err.message, '[[error:invalid-image]]');
				done();
			});
		});

		it('should update group cover position', (done) => {
			const data = {
				groupName: 'Test',
				position: '50% 50%',
			};
			socketGroups.cover.update({ uid: adminUid }, data, (err) => {
				assert.ifError(err);
				Groups.getGroupFields('Test', ['cover:position'], (err, groupData) => {
					assert.ifError(err);
					assert.equal('50% 50%', groupData['cover:position']);
					done();
				});
			});
		});

		it('should fail to update cover position if group name is missing', (done) => {
			Groups.updateCoverPosition('', '50% 50%', (err) => {
				assert.equal(err.message, '[[error:invalid-data]]');
				done();
			});
		});

		it('should fail to remove cover if not logged in', (done) => {
			socketGroups.cover.remove({ uid: 0 }, { groupName: 'Test' }, (err) => {
				assert.equal(err.message, '[[error:no-privileges]]');
				done();
			});
		});

		it('should fail to remove cover if not owner', (done) => {
			socketGroups.cover.remove({ uid: regularUid }, { groupName: 'Test' }, (err) => {
				assert.equal(err.message, '[[error:no-privileges]]');
				done();
			});
		});

		it('should remove cover', async () => {
			const fields = ['cover:url', 'cover:thumb:url'];
			const values = await Groups.getGroupFields('Test', fields);
			await socketGroups.cover.remove({ uid: adminUid }, { groupName: 'Test' });

			fields.forEach((field) => {
				const filename = values[field].split('/').pop();
				const filePath = path.join(nconf.get('upload_path'), 'files', filename);
				assert.strictEqual(fs.existsSync(filePath), false);
			});

			const groupData = await db.getObjectFields('group:Test', ['cover:url']);
			assert(!groupData['cover:url']);
		});
	});

	describe('isPrivilegeGroup', () => {
		assert.strictEqual(Groups.isPrivilegeGroup('cid:1:privileges:topics:find'), true);
		assert.strictEqual(Groups.isPrivilegeGroup('cid:1:privileges:groups:topics:find'), true);
		assert.strictEqual(Groups.isPrivilegeGroup('cid:0:privileges:groups:search:users'), true);
		assert.strictEqual(Groups.isPrivilegeGroup('cid:admin:privileges:admin:users'), true);
		assert.strictEqual(Groups.isPrivilegeGroup('cid::privileges:admin:users'), false);
		assert.strictEqual(Groups.isPrivilegeGroup('cid:string:privileges:admin:users'), false);
		assert.strictEqual(Groups.isPrivilegeGroup('admin'), false);
		assert.strictEqual(Groups.isPrivilegeGroup('registered-users'), false);
		assert.strictEqual(Groups.isPrivilegeGroup(''), false);
		assert.strictEqual(Groups.isPrivilegeGroup(null), false);
		assert.strictEqual(Groups.isPrivilegeGroup(undefined), false);
		assert.strictEqual(Groups.isPrivilegeGroup(false), false);
		assert.strictEqual(Groups.isPrivilegeGroup(true), false);
	});
});