fix: #8918

4 years ago · e32cd31ec6
parent 3af4d13fa5
commit e32cd31ec6
3 changed files with 27 additions and 15 deletions
--- a/src/api/users.js
+++ b/src/api/users.js
@ -82,15 +82,15 @@ usersAPI.update = async function (caller, data) {
 };

 usersAPI.delete = async function (caller, { uid, password }) {
-	processDeletion({ uid: uid, method: 'delete', password, caller });
+	await processDeletion({ uid: uid, method: 'delete', password, caller });
 };

 usersAPI.deleteContent = async function (caller, { uid, password }) {
-	processDeletion({ uid, method: 'deleteContent', password, caller });
+	await processDeletion({ uid, method: 'deleteContent', password, caller });
 };

 usersAPI.deleteAccount = async function (caller, { uid, password }) {
-	processDeletion({ uid, method: 'deleteAccount', password, caller });
+	await processDeletion({ uid, method: 'deleteAccount', password, caller });
 };

 usersAPI.deleteMany = async function (caller, data) {
--- a/src/socket.io/user.js
+++ b/src/socket.io/user.js
@ -37,6 +37,7 @@ SocketUser.exists = async function (socket, data) {

 SocketUser.deleteAccount = async function (socket, data) {
 	sockets.warnDeprecated(socket, 'DELETE /api/v3/users/:uid/account');
+	data.uid = socket.uid;
 	await api.users.deleteAccount(socket, data);
 };

--- a/test/user.js
+++ b/test/user.js
@ -1593,18 +1593,29 @@ describe('User', function () {
 			});
 		});

-		it('should delete user', function (done) {
-			User.create({ username: 'tobedeleted' }, function (err, _uid) {
-				assert.ifError(err);
-				socketUser.deleteAccount({ uid: _uid }, {}, function (err) {
-					assert.ifError(err);
-					socketUser.exists({ uid: testUid }, { username: 'doesnot exist' }, function (err, exists) {
-						assert.ifError(err);
-						assert(!exists);
-						done();
-					});
-				});
-			});
+		it('should delete user', async function () {
+			const uid = await User.create({ username: 'willbedeleted' });
+			await socketUser.deleteAccount({ uid: uid }, {});
+			const exists = await socketUser.exists({ uid: testUid }, { username: 'willbedeleted' });
+			assert(!exists);
+		});
+
+		it('should fail to delete user with wrong password', async function () {
+			const uid = await User.create({ username: 'willbedeletedpwd', password: '123456' });
+			let err;
+			try {
+				await socketUser.deleteAccount({ uid: uid }, { password: '654321' });
+			} catch (_err) {
+				err = _err;
+			}
+			assert.strictEqual(err.message, '[[error:invalid-password]]');
+		});
+
+		it('should delete user with correct password', async function () {
+			const uid = await User.create({ username: 'willbedeletedcorrectpwd', password: '123456' });
+			await socketUser.deleteAccount({ uid: uid }, { password: '123456' });
+			const exists = await User.exists(uid);
+			assert(!exists);
 		});

 		it('should fail to delete user if account deletion is not allowed', async function () {