From c5f08fdc814598c1f8d0956a803f990149c53bc2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bar=C4=B1=C5=9F=20Soner=20U=C5=9Fakl=C4=B1?= Date: Mon, 22 Nov 2021 19:23:51 -0500 Subject: [PATCH] breaking: remove socket.io/flags.js refactor: helpers.loginUser returns a single object {jar, csrf_token} --- src/routes/write/flags.js | 1 - src/socket.io/flags.js | 52 ------------------ src/socket.io/index.js | 7 +-- test/api.js | 4 +- test/authentication.js | 6 +-- test/controllers-admin.js | 111 ++++++++++++++++++++++---------------- test/controllers.js | 73 ++++++++----------------- test/feeds.js | 8 +-- test/flags.js | 65 +++++++++------------- test/helpers/index.js | 14 ++++- test/messaging.js | 12 ++--- test/posts.js | 10 ++-- test/topics.js | 5 +- test/topics/thumbs.js | 24 +++------ test/uploads.js | 49 +++++------------ test/user.js | 34 +++++------- 16 files changed, 175 insertions(+), 300 deletions(-) delete mode 100644 src/socket.io/flags.js diff --git a/src/routes/write/flags.js b/src/routes/write/flags.js index c713b24dfa..a718f8f3f0 100644 --- a/src/routes/write/flags.js +++ b/src/routes/write/flags.js @@ -11,7 +11,6 @@ module.exports = function () { const middlewares = [middleware.ensureLoggedIn]; setupApiRoute(router, 'post', '/', [...middlewares], controllers.write.flags.create); - // setupApiRoute(router, 'delete', ...); // does not exist setupApiRoute(router, 'get', '/:flagId', [...middlewares, middleware.assert.flag], controllers.write.flags.get); setupApiRoute(router, 'put', '/:flagId', [...middlewares, middleware.assert.flag], controllers.write.flags.update); diff --git a/src/socket.io/flags.js b/src/socket.io/flags.js deleted file mode 100644 index 7992aa8541..0000000000 --- a/src/socket.io/flags.js +++ /dev/null @@ -1,52 +0,0 @@ -'use strict'; - -const sockets = require('.'); -const api = require('../api'); - -const SocketFlags = module.exports; - -SocketFlags.create = async function (socket, data) { - sockets.warnDeprecated(socket, 'POST /api/v3/flags'); - const response = await api.flags.create(socket, data); - if (response) { - return response.flagId; - } -}; - -SocketFlags.update = async function (socket, data) { - sockets.warnDeprecated(socket, 'PUT /api/v3/flags/:flagId'); - if (!data || !(data.flagId && data.data)) { // check only req'd in socket.io - throw new Error('[[error:invalid-data]]'); - } - - // Old socket method took input directly from .serializeArray(), v3 expects fully-formed obj. - let payload = { - flagId: data.flagId, - }; - payload = data.data.reduce((memo, cur) => { - memo[cur.name] = cur.value; - return memo; - }, payload); - - return await api.flags.update(socket, payload); -}; - -SocketFlags.appendNote = async function (socket, data) { - sockets.warnDeprecated(socket, 'POST /api/v3/flags/:flagId/notes'); - if (!data || !(data.flagId && data.note)) { - throw new Error('[[error:invalid-data]]'); - } - - return await api.flags.appendNote(socket, data); -}; - -SocketFlags.deleteNote = async function (socket, data) { - sockets.warnDeprecated(socket, 'DELETE /api/v3/flags/:flagId/notes/:datetime'); - if (!data || !(data.flagId && data.datetime)) { - throw new Error('[[error:invalid-data]]'); - } - - return await api.flags.deleteNote(socket, data); -}; - -require('../promisify')(SocketFlags); diff --git a/src/socket.io/index.js b/src/socket.io/index.js index 4dd74db26f..6d07cfa991 100644 --- a/src/socket.io/index.js +++ b/src/socket.io/index.js @@ -171,9 +171,10 @@ async function onMessage(socket, payload) { } function requireModules() { - const modules = ['admin', 'categories', 'groups', 'meta', 'modules', - 'notifications', 'plugins', 'posts', 'topics', 'user', 'blacklist', - 'flags', 'uploads', + const modules = [ + 'admin', 'categories', 'groups', 'meta', 'modules', + 'notifications', 'plugins', 'posts', 'topics', 'user', + 'blacklist', 'uploads', ]; modules.forEach((module) => { diff --git a/test/api.js b/test/api.js index f855e157aa..114f9ccfd0 100644 --- a/test/api.js +++ b/test/api.js @@ -208,7 +208,7 @@ describe('API', async () => { }); // All tests run as admin user - jar = await helpers.loginUser('admin', '123456'); + ({ jar } = await helpers.loginUser('admin', '123456')); // Retrieve CSRF token using cookie, to test Write API const config = await request({ @@ -457,7 +457,7 @@ describe('API', async () => { it('should successfully re-login if needed', async () => { const reloginPaths = ['PUT /users/{uid}/password', 'DELETE /users/{uid}/sessions/{uuid}']; if (reloginPaths.includes(`${method.toUpperCase()} ${path}`)) { - jar = await helpers.loginUser('admin', '123456'); + ({ jar } = await helpers.loginUser('admin', '123456')); const sessionUUIDs = await db.getObject('uid:1:sessionUUID:sessionId'); mocks.delete['/users/{uid}/sessions/{uuid}'][1].example = Object.keys(sessionUUIDs).pop(); diff --git a/test/authentication.js b/test/authentication.js index 87d3b9f186..b65c95f2dd 100644 --- a/test/authentication.js +++ b/test/authentication.js @@ -187,14 +187,12 @@ describe('authentication', () => { }); it('should regenerate the session identifier on successful login', async () => { - const login = util.promisify(helpers.loginUser); - const logout = util.promisify(helpers.logoutUser); const matchRegexp = /express\.sid=s%3A(.+?);/; const { hostname, path } = url.parse(nconf.get('url')); const sid = String(jar._jar.store.idx[hostname][path]['express.sid']).match(matchRegexp)[1]; - await logout(jar); - const newJar = await login('regular', 'regularpwd'); + await helpers.logoutUser(jar); + const newJar = (await helpers.loginUser('regular', 'regularpwd')).jar; const newSid = String(newJar._jar.store.idx[hostname][path]['express.sid']).match(matchRegexp)[1]; assert.notStrictEqual(newSid, sid); diff --git a/test/controllers-admin.js b/test/controllers-admin.js index 467652d88a..beb81ccc4c 100644 --- a/test/controllers-admin.js +++ b/test/controllers-admin.js @@ -36,7 +36,7 @@ describe('Admin Controllers', () => { user.create({ username: 'admin', password: 'barbar' }, next); }, regularUid: function (next) { - user.create({ username: 'regular' }, next); + user.create({ username: 'regular', password: 'regularpwd' }, next); }, regular2Uid: function (next) { user.create({ username: 'regular2' }, next); @@ -66,9 +66,9 @@ describe('Admin Controllers', () => { }); it('should 403 if user is not admin', (done) => { - helpers.loginUser('admin', 'barbar', (err, _jar) => { + helpers.loginUser('admin', 'barbar', (err, data) => { assert.ifError(err); - jar = _jar; + jar = data.jar; request(`${nconf.get('url')}/admin`, { jar: jar }, (err, res, body) => { assert.ifError(err); assert.equal(res.statusCode, 403); @@ -602,14 +602,11 @@ describe('Admin Controllers', () => { describe('mods page', () => { let moderatorJar; - - before((done) => { - helpers.loginUser('moderator', 'modmod', (err, _jar) => { - assert.ifError(err); - moderatorJar = _jar; - - groups.join(`cid:${cid}:privileges:moderate`, moderatorUid, done); - }); + let regularJar; + before(async () => { + moderatorJar = (await helpers.loginUser('moderator', 'modmod')).jar; + regularJar = (await helpers.loginUser('regular', 'regularpwd')).jar; + await groups.join(`cid:${cid}:privileges:moderate`, moderatorUid); }); it('should error with no privileges', (done) => { @@ -652,42 +649,69 @@ describe('Admin Controllers', () => { }); it('should error when you attempt to flag a privileged user\'s post', async () => { - const socketFlags = require('../src/socket.io/flags'); - const oldValue = meta.config['min:rep:flag']; - try { - await socketFlags.create({ uid: regularUid }, { id: pid, type: 'post', reason: 'spam' }); - } catch (err) { - assert.strictEqual(err.message, '[[error:cant-flag-privileged]]'); - } + const { res, body } = await helpers.request('post', '/api/v3/flags', { + json: true, + jar: regularJar, + form: { + id: pid, + type: 'post', + reason: 'spam', + }, + }); + assert.strictEqual(res.statusCode, 400); + assert.strictEqual(body.status.code, 'bad-request'); + assert.strictEqual(body.status.message, 'You are not allowed to flag the profiles or content of privileged users (moderators/global moderators/admins)'); }); - it('should error with not enough reputation to flag', (done) => { - const socketFlags = require('../src/socket.io/flags'); + it('should error with not enough reputation to flag', async () => { const oldValue = meta.config['min:rep:flag']; meta.config['min:rep:flag'] = 1000; - socketFlags.create({ uid: regularUid }, { id: regularPid, type: 'post', reason: 'spam' }, (err) => { - assert.strictEqual(err.message, '[[error:not-enough-reputation-to-flag]]'); - meta.config['min:rep:flag'] = oldValue; - done(); + const { res, body } = await helpers.request('post', '/api/v3/flags', { + json: true, + jar: regularJar, + form: { + id: regularPid, + type: 'post', + reason: 'spam', + }, }); + assert.strictEqual(res.statusCode, 400); + assert.strictEqual(body.status.code, 'bad-request'); + assert.strictEqual(body.status.message, 'You do not have enough reputation to flag this post'); + + meta.config['min:rep:flag'] = oldValue; }); - it('should return flag details', (done) => { - const socketFlags = require('../src/socket.io/flags'); + it('should return flag details', async () => { const oldValue = meta.config['min:rep:flag']; meta.config['min:rep:flag'] = 0; - socketFlags.create({ uid: regularUid }, { id: regularPid, type: 'post', reason: 'spam' }, (err, flagId) => { - meta.config['min:rep:flag'] = oldValue; - assert.ifError(err); - request(`${nconf.get('url')}/api/flags/${flagId}`, { jar: moderatorJar, json: true }, (err, res, body) => { - assert.ifError(err); - assert(body); - assert(body.reports); - assert(Array.isArray(body.reports)); - assert.strictEqual(body.reports[0].reporter.username, 'regular'); - done(); - }); + const result = await helpers.request('post', '/api/v3/flags', { + json: true, + jar: regularJar, + form: { + id: regularPid, + type: 'post', + reason: 'spam', + }, }); + meta.config['min:rep:flag'] = oldValue; + + const flagsResult = await helpers.request('get', `/api/flags`, { + json: true, + jar: moderatorJar, + }); + + assert(flagsResult.body); + assert(Array.isArray(flagsResult.body.flags)); + const { flagId } = flagsResult.body.flags[0]; + + const { body } = await helpers.request('get', `/api/flags/${flagId}`, { + json: true, + jar: moderatorJar, + }); + assert(body.reports); + assert(Array.isArray(body.reports)); + assert.strictEqual(body.reports[0].reporter.username, 'regular'); }); }); @@ -724,16 +748,9 @@ describe('Admin Controllers', () => { let userJar; let uid; const privileges = require('../src/privileges'); - before((done) => { - user.create({ username: 'regularjoe', password: 'barbar' }, (err, _uid) => { - assert.ifError(err); - uid = _uid; - helpers.loginUser('regularjoe', 'barbar', (err, _jar) => { - assert.ifError(err); - userJar = _jar; - done(); - }); - }); + before(async () => { + uid = await user.create({ username: 'regularjoe', password: 'barbar' }); + userJar = (await helpers.loginUser('regularjoe', 'barbar')).jar; }); it('should allow normal user access to admin pages', async function () { diff --git a/test/controllers.js b/test/controllers.js index 4ac33196d5..e3d0dda050 100644 --- a/test/controllers.js +++ b/test/controllers.js @@ -853,17 +853,11 @@ describe('Controllers', () => { let jar; let csrf_token; - before((done) => { - user.create({ username: 'revokeme', password: 'barbar' }, (err, _uid) => { - assert.ifError(err); - uid = _uid; - helpers.loginUser('revokeme', 'barbar', (err, _jar, _csrf_token) => { - assert.ifError(err); - jar = _jar; - csrf_token = _csrf_token; - done(); - }); - }); + before(async () => { + uid = await user.create({ username: 'revokeme', password: 'barbar' }); + const login = await helpers.loginUser('revokeme', 'barbar'); + jar = login.jar; + csrf_token = login.csrf_token; }); it('should fail to revoke session with missing uuid', (done) => { @@ -1081,12 +1075,8 @@ describe('Controllers', () => { describe('account pages', () => { let jar; - before((done) => { - helpers.loginUser('foo', 'barbar', (err, _jar) => { - assert.ifError(err); - jar = _jar; - done(); - }); + before(async () => { + ({ jar } = await helpers.loginUser('foo', 'barbar')); }); it('should redirect to account page with logged in user', (done) => { @@ -1449,8 +1439,9 @@ describe('Controllers', () => { it('should return false if user can not edit user', (done) => { user.create({ username: 'regularJoe', password: 'barbar' }, (err) => { assert.ifError(err); - helpers.loginUser('regularJoe', 'barbar', (err, jar) => { + helpers.loginUser('regularJoe', 'barbar', (err, data) => { assert.ifError(err); + const { jar } = data; request(`${nconf.get('url')}/api/user/foo/info`, { jar: jar, json: true }, (err, res) => { assert.ifError(err); assert.equal(res.statusCode, 403); @@ -1518,8 +1509,9 @@ describe('Controllers', () => { }); it('should increase profile view', (done) => { - helpers.loginUser('regularJoe', 'barbar', (err, jar) => { + helpers.loginUser('regularJoe', 'barbar', (err, data) => { assert.ifError(err); + const { jar } = data; request(`${nconf.get('url')}/api/user/foo`, { jar: jar }, (err, res) => { assert.ifError(err); assert.equal(res.statusCode, 200); @@ -1706,12 +1698,8 @@ describe('Controllers', () => { describe('post redirect', () => { let jar; - before((done) => { - helpers.loginUser('foo', 'barbar', (err, _jar) => { - assert.ifError(err); - jar = _jar; - done(); - }); + before(async () => { + ({ jar } = await helpers.loginUser('foo', 'barbar')); }); it('should 404 for invalid pid', (done) => { @@ -1966,12 +1954,8 @@ describe('Controllers', () => { describe('category', () => { let jar; - before((done) => { - helpers.loginUser('foo', 'barbar', (err, _jar) => { - assert.ifError(err); - jar = _jar; - done(); - }); + before(async () => { + ({ jar } = await helpers.loginUser('foo', 'barbar')); }); it('should return 404 if cid is not a number', (done) => { @@ -2238,12 +2222,8 @@ describe('Controllers', () => { describe('unread', () => { let jar; - before((done) => { - helpers.loginUser('foo', 'barbar', (err, _jar) => { - assert.ifError(err); - jar = _jar; - done(); - }); + before(async () => { + ({ jar } = await helpers.loginUser('foo', 'barbar')); }); it('should load unread page', (done) => { @@ -2305,21 +2285,10 @@ describe('Controllers', () => { let csrf_token; let jar; - before((done) => { - helpers.loginUser('foo', 'barbar', (err, _jar) => { - assert.ifError(err); - jar = _jar; - - request({ - url: `${nconf.get('url')}/api/config`, - json: true, - jar: jar, - }, (err, response, body) => { - assert.ifError(err); - csrf_token = body.csrf_token; - done(); - }); - }); + before(async () => { + const login = await helpers.loginUser('foo', 'barbar'); + jar = login.jar; + csrf_token = login.csrf_token; }); it('should load the composer route', (done) => { diff --git a/test/feeds.js b/test/feeds.js index 3e3780b210..6f1c9d0b08 100644 --- a/test/feeds.js +++ b/test/feeds.js @@ -127,12 +127,8 @@ describe('feeds', () => { describe('private feeds and tokens', () => { let jar; let rssToken; - before((done) => { - helpers.loginUser('foo', 'barbar', (err, _jar) => { - assert.ifError(err); - jar = _jar; - done(); - }); + before(async () => { + ({ jar } = await helpers.loginUser('foo', 'barbar')); }); it('should load feed if its not private', (done) => { diff --git a/test/flags.js b/test/flags.js index d812a9d939..9e07974bc4 100644 --- a/test/flags.js +++ b/test/flags.js @@ -451,20 +451,20 @@ describe('Flags', () => { }); it('should rescind notification if flag is resolved', async () => { - const SocketFlags = require('../src/socket.io/flags'); + const flagsAPI = require('../src/api/flags'); const result = await Topics.post({ cid: category.cid, uid: uid3, title: 'Topic to flag', content: 'This is flaggable content', }); - const flagId = await SocketFlags.create({ uid: uid1 }, { type: 'post', id: result.postData.pid, reason: 'spam' }); + const flagObj = await flagsAPI.create({ uid: uid1 }, { type: 'post', id: result.postData.pid, reason: 'spam' }); await sleep(2000); let userNotifs = await User.notifications.getAll(adminUid); assert(userNotifs.includes(`flag:post:${result.postData.pid}`)); - await Flags.update(flagId, adminUid, { + await Flags.update(flagObj.flagId, adminUid, { state: 'resolved', }); @@ -554,34 +554,22 @@ describe('Flags', () => { }); }); - it('should not error if user blocked target', (done) => { - const SocketFlags = require('../src/socket.io/flags'); - let reporterUid; - let reporteeUid; - async.waterfall([ - function (next) { - User.create({ username: 'reporter' }, next); - }, - function (uid, next) { - reporterUid = uid; - User.create({ username: 'reportee' }, next); - }, - function (uid, next) { - reporteeUid = uid; - User.blocks.add(reporteeUid, reporterUid, next); - }, - function (next) { - Topics.post({ - cid: 1, - uid: reporteeUid, - title: 'Another topic', - content: 'This is flaggable content', - }, next); - }, - function (data, next) { - SocketFlags.create({ uid: reporterUid }, { type: 'post', id: data.postData.pid, reason: 'spam' }, next); - }, - ], done); + it('should not error if user blocked target', async () => { + const apiFlags = require('../src/api/flags'); + const reporterUid = await User.create({ username: 'reporter' }); + const reporteeUid = await User.create({ username: 'reportee' }); + await User.blocks.add(reporteeUid, reporterUid); + const data = await Topics.post({ + cid: 1, + uid: reporteeUid, + title: 'Another topic', + content: 'This is flaggable content', + }); + await apiFlags.create({ uid: reporterUid }, { + type: 'post', + id: data.postData.pid, + reason: 'spam', + }); }); it('should send back error if reporter does not exist', (done) => { @@ -704,20 +692,14 @@ describe('Flags', () => { }); describe('(v3 API)', () => { - const SocketFlags = require('../src/socket.io/flags'); let pid; let tid; let jar; let csrfToken; before(async () => { - const login = util.promisify(helpers.loginUser); - jar = await login('testUser2', 'abcdef'); - const config = await request({ - url: `${nconf.get('url')}/api/config`, - json: true, - jar: jar, - }); - csrfToken = config.csrf_token; + const login = await helpers.loginUser('testUser2', 'abcdef'); + jar = login.jar; + csrfToken = login.csrf_token; const result = await Topics.post({ cid: 1, @@ -787,7 +769,8 @@ describe('Flags', () => { title: 'private topic', content: 'private post', }); - const jar3 = await util.promisify(helpers.loginUser)('unprivileged', 'abcdef'); + const login = await helpers.loginUser('unprivileged', 'abcdef'); + const jar3 = login.jar; const config = await request({ url: `${nconf.get('url')}/api/config`, json: true, diff --git a/test/helpers/index.js b/test/helpers/index.js index 79a0e9e41e..800e3b7d0b 100644 --- a/test/helpers/index.js +++ b/test/helpers/index.js @@ -20,6 +20,18 @@ helpers.getCsrfToken = async (jar) => { return token; }; +helpers.request = async function (method, uri, options) { + const csrf_token = await helpers.getCsrfToken(options.jar); + return new Promise((resolve, reject) => { + options.headers = options.headers || {}; + options.headers['x-csrf-token'] = csrf_token; + request[method](`${nconf.get('url')}${uri}`, options, (err, res, body) => { + if (err) reject(err); + else resolve({ res, body }); + }); + }); +}; + helpers.loginUser = function (username, password, callback) { const jar = request.jar(); @@ -46,7 +58,7 @@ helpers.loginUser = function (username, password, callback) { if (err || res.statusCode !== 200) { return callback(err || new Error('[[error:invalid-response]]')); } - callback(null, jar, body.csrf_token); + callback(null, { jar, csrf_token: body.csrf_token }); }); }); }; diff --git a/test/messaging.js b/test/messaging.js index 83665b1dc0..7cabd94cb2 100644 --- a/test/messaging.js +++ b/test/messaging.js @@ -793,12 +793,8 @@ describe('Messaging Library', () => { describe('logged in chat controller', () => { let jar; - before((done) => { - helpers.loginUser('herp', 'derpderp', (err, _jar) => { - assert.ifError(err); - jar = _jar; - done(); - }); + before(async () => { + ({ jar } = await helpers.loginUser('herp', 'derpderp')); }); it('should return chats page data', (done) => { @@ -833,9 +829,9 @@ describe('Messaging Library', () => { }); it('should return 404 if user is not in room', (done) => { - helpers.loginUser('baz', 'quuxquux', (err, jar) => { + helpers.loginUser('baz', 'quuxquux', (err, data) => { assert.ifError(err); - request(`${nconf.get('url')}/api/user/baz/chats/${roomId}`, { json: true, jar: jar }, (err, response) => { + request(`${nconf.get('url')}/api/user/baz/chats/${roomId}`, { json: true, jar: data.jar }, (err, response) => { assert.ifError(err); assert.equal(response.statusCode, 404); done(); diff --git a/test/posts.js b/test/posts.js index 71dfa74a74..268082ffb0 100644 --- a/test/posts.js +++ b/test/posts.js @@ -390,11 +390,9 @@ describe('Post\'s', () => { privileges.categories.rescind(['groups:posts:view_deleted'], cid, 'Global Moderators', next); }, function (next) { - helpers.loginUser('global mod', '123456', (err, _jar) => { + helpers.loginUser('global mod', '123456', (err, data) => { assert.ifError(err); - const jar = _jar; - - request(`${nconf.get('url')}/api/topic/${tid}`, { jar: jar, json: true }, (err, res, body) => { + request(`${nconf.get('url')}/api/topic/${tid}`, { jar: data.jar, json: true }, (err, res, body) => { assert.ifError(err); assert.equal(body.posts[1].content, '[[topic:post_is_deleted]]'); privileges.categories.give(['groups:posts:view_deleted'], cid, 'Global Moderators', next); @@ -1050,8 +1048,8 @@ describe('Post\'s', () => { }); it('should load queued posts', (done) => { - helpers.loginUser('globalmod', 'globalmodpwd', (err, _jar) => { - jar = _jar; + helpers.loginUser('globalmod', 'globalmodpwd', (err, data) => { + jar = data.jar; assert.ifError(err); request(`${nconf.get('url')}/api/post-queue`, { jar: jar, json: true }, (err, res, body) => { assert.ifError(err); diff --git a/test/topics.js b/test/topics.js index dc48d829c3..53720c5045 100644 --- a/test/topics.js +++ b/test/topics.js @@ -38,8 +38,9 @@ describe('Topic\'s', () => { adminUid = await User.create({ username: 'admin', password: '123456' }); fooUid = await User.create({ username: 'foo' }); await groups.join('administrators', adminUid); - adminJar = await helpers.loginUser('admin', '123456'); - csrf_token = (await requestType('get', `${nconf.get('url')}/api/config`, { json: true, jar: adminJar })).body.csrf_token; + const adminLogin = await helpers.loginUser('admin', '123456'); + adminJar = adminLogin.jar; + csrf_token = adminLogin.csrf_token; categoryObj = await categories.create({ name: 'Test Category', diff --git a/test/topics/thumbs.js b/test/topics/thumbs.js index 8020cfd323..a03ad058f6 100644 --- a/test/topics/thumbs.js +++ b/test/topics/thumbs.js @@ -47,24 +47,12 @@ describe('Topic thumbs', () => { adminUid = await user.create({ username: 'admin', password: '123456' }); fooUid = await user.create({ username: 'foo', password: '123456' }); await groups.join('administrators', adminUid); - ({ adminJar, adminCSRF } = await new Promise((resolve, reject) => { - helpers.loginUser('admin', '123456', (err, adminJar, adminCSRF) => { - if (err) { - return reject(err); - } - - resolve({ adminJar, adminCSRF }); - }); - })); - ({ fooJar, fooCSRF } = await new Promise((resolve, reject) => { - helpers.loginUser('foo', '123456', (err, fooJar, fooCSRF) => { - if (err) { - return reject(err); - } - - resolve({ fooJar, fooCSRF }); - }); - })); + const adminLogin = await helpers.loginUser('admin', '123456'); + adminJar = adminLogin.jar; + adminCSRF = adminLogin.csrf_token; + const fooLogin = await helpers.loginUser('foo', '123456'); + fooJar = fooLogin.jar; + fooCSRF = fooLogin.csrf_token; categoryObj = await categories.create({ name: 'Test Category', diff --git a/test/uploads.js b/test/uploads.js index 7d7186ca02..831c466458 100644 --- a/test/uploads.js +++ b/test/uploads.js @@ -68,13 +68,9 @@ describe('Upload Controllers', () => { let jar; let csrf_token; - before((done) => { - helpers.loginUser('malicioususer', 'herpderp', (err, _jar, _csrf_token) => { - assert.ifError(err); - jar = _jar; - csrf_token = _csrf_token; - privileges.global.give(['groups:upload:post:file'], 'registered-users', done); - }); + before(async () => { + ({ jar, csrf_token } = await helpers.loginUser('malicioususer', 'herpderp')); + await privileges.global.give(['groups:upload:post:file'], 'registered-users'); }); it('should fail if the user exceeds the upload rate limit threshold', (done) => { @@ -110,14 +106,10 @@ describe('Upload Controllers', () => { let jar; let csrf_token; - before((done) => { + before(async () => { meta.config.uploadRateLimitThreshold = 1000; - helpers.loginUser('regular', 'zugzug', (err, _jar, _csrf_token) => { - assert.ifError(err); - jar = _jar; - csrf_token = _csrf_token; - privileges.global.give(['groups:upload:post:file'], 'registered-users', done); - }); + ({ jar, csrf_token } = await helpers.loginUser('regular', 'zugzug')); + await privileges.global.give(['groups:upload:post:file'], 'registered-users'); }); it('should upload an image to a post', (done) => { @@ -286,7 +278,6 @@ describe('Upload Controllers', () => { }); it('should delete users uploads if account is deleted', (done) => { - let jar; let uid; let url; const file = require('../src/file'); @@ -299,8 +290,8 @@ describe('Upload Controllers', () => { uid = _uid; helpers.loginUser('uploader', 'barbar', next); }, - function (jar, csrf_token, next) { - helpers.uploadFile(`${nconf.get('url')}/api/post/upload`, path.join(__dirname, '../test/files/test.png'), {}, jar, csrf_token, next); + function (data, next) { + helpers.uploadFile(`${nconf.get('url')}/api/post/upload`, path.join(__dirname, '../test/files/test.png'), {}, data.jar, data.csrf_token, next); }, function (res, body, next) { assert(body && body.status && body.response && body.response.images); @@ -328,25 +319,11 @@ describe('Upload Controllers', () => { let regularJar; let regular_csrf_token; - before((done) => { - async.parallel([ - function (next) { - helpers.loginUser('admin', 'barbar', (err, _jar, _csrf_token) => { - assert.ifError(err); - jar = _jar; - csrf_token = _csrf_token; - next(); - }); - }, - function (next) { - helpers.loginUser('regular', 'zugzug', (err, _jar, _csrf_token) => { - assert.ifError(err); - regularJar = _jar; - regular_csrf_token = _csrf_token; - next(); - }); - }, - ], done); + before(async () => { + ({ jar, csrf_token} = await helpers.loginUser('admin', 'barbar')); + const regularLogin = await helpers.loginUser('regular', 'zugzug'); + regularJar = regularLogin.jar; + regular_csrf_token = regularLogin.csrf_token; }); it('should upload site logo', (done) => { diff --git a/test/user.js b/test/user.js index 308d68b4b8..d1893cf788 100644 --- a/test/user.js +++ b/test/user.js @@ -820,8 +820,7 @@ describe('User', () => { await User.email.confirmByUid(uid); - const _jar = await helpers.loginUser('updateprofile', '123456'); - jar = _jar; + ({ jar } = await helpers.loginUser('updateprofile', '123456')); }); it('should return error if data is invalid', (done) => { @@ -1948,9 +1947,9 @@ describe('User', () => { gdpr_consent: true, }, (err) => { assert.ifError(err); - helpers.loginUser('admin', '123456', (err, jar) => { + helpers.loginUser('admin', '123456', (err, data) => { assert.ifError(err); - request(`${nconf.get('url')}/api/admin/manage/registration`, { jar: jar, json: true }, (err, res, body) => { + request(`${nconf.get('url')}/api/admin/manage/registration`, { jar: data.jar, json: true }, (err, res, body) => { assert.ifError(err); assert.equal(body.users[0].username, 'rejectme'); assert.equal(body.users[0].email, '<script>alert("ok")<script>reject@me.com'); @@ -2080,9 +2079,9 @@ describe('User', () => { let jar; before((done) => { - helpers.loginUser('notAnInviter', COMMON_PW, (err, _jar) => { + helpers.loginUser('notAnInviter', COMMON_PW, (err, data) => { assert.ifError(err); - jar = _jar; + jar = data.jar; request({ url: `${nconf.get('url')}/api/config`, @@ -2116,9 +2115,9 @@ describe('User', () => { let jar; before((done) => { - helpers.loginUser('inviter', COMMON_PW, (err, _jar) => { + helpers.loginUser('inviter', COMMON_PW, (err, data) => { assert.ifError(err); - jar = _jar; + jar = data.jar; request({ url: `${nconf.get('url')}/api/config`, @@ -2218,9 +2217,9 @@ describe('User', () => { let jar; before((done) => { - helpers.loginUser('adminInvite', COMMON_PW, (err, _jar) => { + helpers.loginUser('adminInvite', COMMON_PW, (err, data) => { assert.ifError(err); - jar = _jar; + jar = data.jar; request({ url: `${nconf.get('url')}/api/config`, @@ -2369,9 +2368,9 @@ describe('User', () => { let jar; before((done) => { - helpers.loginUser('inviter', COMMON_PW, (err, _jar) => { + helpers.loginUser('inviter', COMMON_PW, (err, data) => { assert.ifError(err); - jar = _jar; + jar = data.jar; request({ url: `${nconf.get('url')}/api/config`, @@ -2518,14 +2517,7 @@ describe('User', () => { username: 'regularUser', password: COMMON_PW, }); - jar = await new Promise((resolve, reject) => { - helpers.loginUser('regularUser', COMMON_PW, async (err, _jar) => { - if (err) { - reject(err); - } - resolve(_jar); - }); - }); + ({ jar } = await helpers.loginUser('regularUser', COMMON_PW)); }); after((done) => { @@ -2818,7 +2810,7 @@ describe('User', () => { assert.ifError(err); const oldValue = meta.config.minimumPasswordStrength; meta.config.minimumPasswordStrength = 3; - helpers.loginUser('weakpwd', '123456', (err, jar, csrfs_token) => { + helpers.loginUser('weakpwd', '123456', (err) => { assert.ifError(err); meta.config.minimumPasswordStrength = oldValue; done();