more tests

group cover upload tests registration approval queue tests
8 years ago · 4b6e4f085d
parent 68f8f57a34
commit 4b6e4f085d
11 changed files with 356 additions and 70 deletions
--- a/src/controllers/groups.js
+++ b/src/controllers/groups.js
@ -162,14 +162,24 @@ groupsController.members = function (req, res, callback) {
 groupsController.uploadCover = function (req, res, next) {
 	var params = JSON.parse(req.body.params);

-	groups.updateCover(req.uid, {
-		file: req.files.files[0].path,
-		groupName: params.groupName
-	}, function (err, image) {
+	async.waterfall([
+		function (next) {
+			groups.ownership.isOwner(req.uid, params.groupName, next);
+		},
+		function (isOwner, next) {
+			if (!isOwner) {
+				return next(new Error('[[error:no-privileges]]'));
+			}
+
+			groups.updateCover(req.uid, {
+				file: req.files.files[0].path,
+				groupName: params.groupName
+			}, next);
+		}
+	], function (err, image) {
 		if (err) {
 			return next(err);
 		}
-
 		res.json([{url: image.url.startsWith('http') ? image.url : nconf.get('relative_path') + image.url}]);
 	});
 };
--- a/src/controllers/helpers.js
+++ b/src/controllers/helpers.js
@ -26,13 +26,15 @@ helpers.notAllowed = function (req, res, error) {
 			if (res.locals.isAPI) {
 				res.status(403).json({
 					path: req.path.replace(/^\/api/, ''),
-					loggedIn: !!req.uid, error: error,
+					loggedIn: !!req.uid,
+					error: error,
 					title: '[[global:403.title]]'
 				});
 			} else {
 				res.status(403).render('403', {
 					path: req.path,
-					loggedIn: !!req.uid, error: error,
+					loggedIn: !!req.uid,
+					error: error,
 					title: '[[global:403.title]]'
 				});
 			}
--- a/src/emailer.js
+++ b/src/emailer.js
@ -132,7 +132,12 @@ var fallbackTransport;
 		delete data.from_name;

 		winston.verbose('[emailer] Sending email to uid ' + data.uid);
-		fallbackTransport.sendMail(data, callback);
+		fallbackTransport.sendMail(data, function (err) {
+			if (err) {
+				winston.error(err);
+			}
+			callback();
+		});
 	};

 	function render(tpl, params, next) {
--- a/src/groups/cover.js
+++ b/src/groups/cover.js
@ -10,7 +10,6 @@ var mime = require('mime');
 var winston = require('winston');

 var db = require('../database');
-var file = require('../file');
 var uploadsController = require('../controllers/uploads');

 module.exports = function (Groups) {
@ -25,7 +24,7 @@ module.exports = function (Groups) {
 	Groups.updateCover = function (uid, data, callback) {

 		// Position only? That's fine
-		if (!data.imageData && data.position) {
+		if (!data.imageData && !data.file && data.position) {
 			return Groups.updateCoverPosition(data.groupName, data.position, callback);
 		}

@ -66,26 +65,19 @@ module.exports = function (Groups) {
 				Groups.setGroupField(data.groupName, 'cover:thumb:url', uploadData.url, next);
 			},
 			function (next) {
-				fs.unlink(tempPath, next);	// Delete temporary file
+				if (data.position) {
+					Groups.updateCoverPosition(data.groupName, data.position, next);
+				} else {
+					next(null);
+				}
 			}
 		], function (err) {
-			if (err) {
-				return fs.unlink(tempPath, function (unlinkErr) {
-					if (unlinkErr) {
-						winston.error(unlinkErr);
-					}
-
-					callback(err);	// send back original error
-				});
-			}
-
-			if (data.position) {
-				Groups.updateCoverPosition(data.groupName, data.position, function (err) {
-					callback(err, {url: url});
-				});
-			} else {
+			fs.unlink(tempPath, function (unlinkErr) {
+				if (unlinkErr) {
+					winston.error(unlinkErr);
+				}
 				callback(err, {url: url});
-			}
+			});
 		});
 	};

--- a/src/socket.io/admin/user.js
+++ b/src/socket.io/admin/user.js
@ -220,33 +220,37 @@ User.deleteInvitation = function (socket, data, callback) {
 };

 User.acceptRegistration = function (socket, data, callback) {
-	user.acceptRegistration(data.username, function (err, uid) {
-		if (err) {
-			return callback(err);
+	async.waterfall([
+		function (next) {
+			user.acceptRegistration(data.username, next);
+		},
+		function (uid, next) {
+			events.log({
+				type: 'registration-approved',
+				uid: socket.uid,
+				ip: socket.ip,
+				targetUid: uid
+			});
+			next(null, uid);
 		}
-		events.log({
-			type: 'registration-approved',
-			uid: socket.uid,
-			ip: socket.ip,
-			targetUid: uid,
-		});
-		callback();
-	});
+	], callback);
 };

 User.rejectRegistration = function (socket, data, callback) {
-	user.rejectRegistration(data.username, function (err) {
-		if (err) {
-			return callback(err);
+	async.waterfall([
+		function (next) {
+			user.rejectRegistration(data.username, next);
+		},
+		function (next) {
+			events.log({
+				type: 'registration-rejected',
+				uid: socket.uid,
+				ip: socket.ip,
+				username: data.username,
+			});
+			next();
 		}
-		events.log({
-			type: 'registration-rejected',
-			uid: socket.uid,
-			ip: socket.ip,
-			username: data.username,
-		});
-		callback();
-	});
+	], callback);
 };

 User.restartJobs = function (socket, data, callback) {
--- a/src/socket.io/groups.js
+++ b/src/socket.io/groups.js
@ -277,13 +277,18 @@ SocketGroups.cover.update = function (socket, data, callback) {
 		return callback(new Error('[[error:no-privileges]]'));
 	}

-	groups.ownership.isOwner(socket.uid, data.groupName, function (err, isOwner) {
-		if (err || !isOwner) {
-			return callback(err || new Error('[[error:no-privileges]]'));
-		}
+	async.waterfall([
+		function (next) {
+			groups.ownership.isOwner(socket.uid, data.groupName, next);
+		},
+		function (isOwner, next) {
+			if (!isOwner) {
+				return next(new Error('[[error:no-privileges]]'));
+			}

-		groups.updateCover(socket.uid, data, callback);
-	});
+			groups.updateCover(socket.uid, data, next);
+		}
+	], callback);
 };

 SocketGroups.cover.remove = function (socket, data, callback) {
@ -291,13 +296,18 @@ SocketGroups.cover.remove = function (socket, data, callback) {
 		return callback(new Error('[[error:no-privileges]]'));
 	}

-	groups.ownership.isOwner(socket.uid, data.groupName, function (err, isOwner) {
-		if (err || !isOwner) {
-			return callback(err || new Error('[[error:no-privileges]]'));
-		}
+	async.waterfall([
+		function (next) {
+			groups.ownership.isOwner(socket.uid, data.groupName, next);
+		},
+		function (isOwner, next) {
+			if (!isOwner) {
+				return next(new Error('[[error:no-privileges]]'));
+			}

-		groups.removeCover(data, callback);
-	});
+			groups.removeCover(data, next);
+		}
+	], callback);
 };

 module.exports = SocketGroups;
--- a/src/user/approval.js
+++ b/src/user/approval.js
@ -78,6 +78,12 @@ module.exports = function (User) {
 				uid = _uid;
 				User.setUserField(uid, 'password', userData.hashedPassword, next);
 			},
+			function (next) {
+				removeFromQueue(username, next);
+			},
+			function (next) {
+				markNotificationRead(username, next);
+			},
 			function (next) {
 				var title = meta.config.title || meta.config.browserTitle || 'NodeBB';
 				translator.translate('[[email:welcome-to, ' + title + ']]', meta.config.defaultLang, function (subject) {
@ -92,12 +98,6 @@ module.exports = function (User) {
 					emailer.send('registration_accepted', uid, data, next);
 				});
 			},
-			function (next) {
-				removeFromQueue(username, next);
-			},
-			function (next) {
-				markNotificationRead(username, next);
-			},
 			function (next) {
 				next(null, uid);
 			}
--- a/test/groups.js
+++ b/test/groups.js
--- a/test/helpers/index.js
+++ b/test/helpers/index.js
@ -112,4 +112,58 @@ helpers.uploadFile = function (uploadEndPoint, filePath, body, jar, csrf_token,
 		}
 		callback(err, res, body);
 	});
+};
+
+helpers.registerUser = function (data, callback) {
+	var jar = request.jar();
+	request({
+		url: nconf.get('url') + '/api/config',
+		json: true,
+		jar: jar
+	}, function (err, response, body) {
+		if (err) {
+			return callback(err);
+		}
+
+		request.post(nconf.get('url') + '/register', {
+			form: data,
+			json: true,
+			jar: jar,
+			headers: {
+				'x-csrf-token': body.csrf_token
+			}
+		}, function (err, res, body) {
+			if (err) {
+				return callback(err);
+			}
+
+			callback(null, jar);
+		});
+	});
+};
+
+//http://stackoverflow.com/a/14387791/583363
+helpers.copyFile = function (source, target, callback) {
+
+	var cbCalled = false;
+
+	var rd = fs.createReadStream(source);
+	rd.on("error", function (err) {
+		done(err);
+	});
+	var wr = fs.createWriteStream(target);
+	wr.on("error", function (err) {
+		done(err);
+	});
+	wr.on("close", function () {
+		done();
+	});
+	rd.pipe(wr);
+
+	function done(err) {
+		if (!cbCalled) {
+			callback(err);
+			cbCalled = true;
+		}
+	}
 };
--- a/test/mocks/databasemock.js
+++ b/test/mocks/databasemock.js
@ -138,7 +138,7 @@
 				nconf.set('base_templates_path', path.join(nconf.get('themes_path'), 'nodebb-theme-persona/templates'));
 				nconf.set('theme_templates_path', meta.config['theme:templates'] ? path.join(nconf.get('themes_path'), meta.config['theme:id'], meta.config['theme:templates']) : nconf.get('base_templates_path'));
 				nconf.set('theme_config', path.join(nconf.get('themes_path'), 'nodebb-theme-persona', 'theme.json'));
-				nconf.set('bcrypt_rounds', 4);
+				nconf.set('bcrypt_rounds', 1);

 				require('../../build').buildTargets(['js', 'clientCSS', 'acpCSS', 'tpl'], next);
 			},
--- a/test/user.js
+++ b/test/user.js
@ -661,6 +661,80 @@ describe('User', function () {
 		});
 	});

+	describe('approval queue', function () {
+		var socketAdmin = require('../src/socket.io/admin');
+
+		var oldRegistrationType;
+		var adminUid;
+		before(function (done) {
+			oldRegistrationType = Meta.config.registrationType;
+			Meta.config.registrationType = 'admin-approval';
+			User.create({username: 'admin', password: '123456'}, function (err, uid) {
+				assert.ifError(err);
+				adminUid = uid;
+				groups.join('administrators', uid, done);
+			});
+		});
+
+		after(function (done) {
+			Meta.config.registrationType = oldRegistrationType;
+			done();
+		});
+
+		it('should add user to approval queue', function (done) {
+			helpers.registerUser({
+				username: 'rejectme',
+				password: '123456',
+				email: 'reject@me.com'
+			}, function (err) {
+				assert.ifError(err);
+				helpers.loginUser('admin', '123456', function (err, jar) {
+					assert.ifError(err);
+					request(nconf.get('url') + '/api/admin/manage/registration', {jar: jar, json: true}, function (err, res, body) {
+						assert.ifError(err);
+						assert.equal(body.users[0].username, 'rejectme');
+						assert.equal(body.users[0].email, 'reject@me.com');
+						done();
+					});
+				});
+			});
+		});
+
+		it('should reject user registration', function (done) {
+			socketAdmin.user.rejectRegistration({uid: adminUid}, {username: 'rejectme'}, function (err) {
+				assert.ifError(err);
+				User.getRegistrationQueue(0, -1, function (err, users) {
+					assert.ifError(err);
+					assert.equal(users.length, 0);
+					done();
+				});
+			});
+		});
+
+		it('should accept user registration', function (done) {
+			helpers.registerUser({
+				username: 'acceptme',
+				password: '123456',
+				email: 'accept@me.com'
+			}, function (err) {
+				assert.ifError(err);
+				socketAdmin.user.acceptRegistration({uid: adminUid}, {username: 'acceptme'}, function (err, uid) {
+					assert.ifError(err);
+					User.exists(uid, function (err, exists) {
+						assert.ifError(err);
+						assert(exists);
+						User.getRegistrationQueue(0, -1, function (err, users) {
+							assert.ifError(err);
+							assert.equal(users.length, 0);
+							done();
+						});
+					});
+				});
+			});
+		});
+
+	});
+

 	after(function (done) {
 		db.emptydb(done);