Server: Add NSFW in user profile

9 files changed, 90 insertions, 8 deletions

diff --git a/server/controllers/api/users.js b/server/controllers/api/users.js
index f854b3082..6b6c0774f 100644
--- a/server/controllers/api/users.js
+++ b/server/controllers/api/users.js
@@ -71,6 +71,7 @@ function createUser (req, res, next) {
     username: req.body.username,
     password: req.body.password,
     email: req.body.email,
+    displayNSFW: false,
     role: constants.USER_ROLES.USER
   })
 
@@ -136,7 +137,9 @@ function updateUser (req, res, next) {
   db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
     if (err) return next(err)
 
-    user.password = req.body.password
+    if (req.body.password) user.password = req.body.password
+    if (req.body.displayNSFW !== undefined) user.displayNSFW = req.body.displayNSFW
+
     user.save().asCallback(function (err) {
       if (err) return next(err)
 
diff --git a/server/helpers/custom-validators/users.js b/server/helpers/custom-validators/users.js
index 88fa1592e..2fc026e98 100644
--- a/server/helpers/custom-validators/users.js
+++ b/server/helpers/custom-validators/users.js
@@ -9,7 +9,8 @@ const USERS_CONSTRAINTS_FIELDS = constants.CONSTRAINTS_FIELDS.USERS
 const usersValidators = {
   isUserPasswordValid,
   isUserRoleValid,
-  isUserUsernameValid
+  isUserUsernameValid,
+  isUserDisplayNSFWValid
 }
 
 function isUserPasswordValid (value) {
@@ -26,6 +27,10 @@ function isUserUsernameValid (value) {
   return validator.matches(value, new RegExp(`^[a-zA-Z0-9._]{${min},${max}}$`))
 }
 
+function isUserDisplayNSFWValid (value) {
+  return validator.isBoolean(value)
+}
+
 // ---------------------------------------------------------------------------
 
 module.exports = usersValidators
diff --git a/server/initializers/constants.js b/server/initializers/constants.js
index f3799ba0f..6352d7c46 100644
--- a/server/initializers/constants.js
+++ b/server/initializers/constants.js
@@ -5,7 +5,7 @@ const path = require('path')
 
 // ---------------------------------------------------------------------------
 
-const LAST_MIGRATION_VERSION = 40
+const LAST_MIGRATION_VERSION = 45
 
 // ---------------------------------------------------------------------------
 
diff --git a/server/initializers/migrations/0045-user-display-nsfw.js b/server/initializers/migrations/0045-user-display-nsfw.js
new file mode 100644
index 000000000..03624e593
--- /dev/null
+++ b/server/initializers/migrations/0045-user-display-nsfw.js
@@ -0,0 +1,19 @@
+'use strict'
+
+// utils = { transaction, queryInterface, sequelize, Sequelize }
+exports.up = function (utils, finalCallback) {
+  const q = utils.queryInterface
+  const Sequelize = utils.Sequelize
+
+  const data = {
+    type: Sequelize.BOOLEAN,
+    allowNull: false,
+    defaultValue: false
+  }
+
+  q.addColumn('Users', 'displayNSFW', data, { transaction: utils.transaction }).asCallback(finalCallback)
+}
+
+exports.down = function (options, callback) {
+  throw new Error('Not implemented.')
+}
diff --git a/server/middlewares/validators/users.js b/server/middlewares/validators/users.js
index ce83fc074..1e7a64793 100644
--- a/server/middlewares/validators/users.js
+++ b/server/middlewares/validators/users.js
@@ -56,7 +56,8 @@ function usersRemove (req, res, next) {
 function usersUpdate (req, res, next) {
   req.checkParams('id', 'Should have a valid id').notEmpty().isInt()
   // Add old password verification
-  req.checkBody('password', 'Should have a valid password').isUserPasswordValid()
+  req.checkBody('password', 'Should have a valid password').optional().isUserPasswordValid()
+  req.checkBody('displayNSFW', 'Should have a valid display Not Safe For Work attribute').optional().isUserDisplayNSFWValid()
 
   logger.debug('Checking usersUpdate parameters', { parameters: req.body })
 
diff --git a/server/models/user.js b/server/models/user.js
index 24e710fa7..e64bab8ab 100644
--- a/server/models/user.js
+++ b/server/models/user.js
@@ -39,6 +39,17 @@ module.exports = function (sequelize, DataTypes) {
           isEmail: true
         }
       },
+      displayNSFW: {
+        type: DataTypes.BOOLEAN,
+        allowNull: false,
+        defaultValue: false,
+        validate: {
+          nsfwValid: function (value) {
+            const res = customUsersValidators.isUserDisplayNSFWValid(value)
+            if (res === false) throw new Error('Display NSFW is not valid.')
+          }
+        }
+      },
       role: {
         type: DataTypes.ENUM(values(constants.USER_ROLES)),
         allowNull: false
@@ -101,6 +112,7 @@ function toFormatedJSON () {
     id: this.id,
     username: this.username,
     email: this.email,
+    displayNSFW: this.displayNSFW,
     role: this.role,
     createdAt: this.createdAt
   }
diff --git a/server/tests/api/check-params/users.js b/server/tests/api/check-params/users.js
index b04f9f4a6..4a176e6c2 100644
--- a/server/tests/api/check-params/users.js
+++ b/server/tests/api/check-params/users.js
@@ -270,6 +270,14 @@ describe('Test users API validators', function () {
       requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done)
     })
 
+    it('Should fail with an invalid display NSFW attribute', function (done) {
+      const data = {
+        displayNSFW: -1
+      }
+
+      requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done)
+    })
+
     it('Should fail with an non authenticated user', function (done) {
       const data = {
         password: 'my super password'
@@ -280,7 +288,8 @@ describe('Test users API validators', function () {
 
     it('Should succeed with the correct params', function (done) {
       const data = {
-        password: 'my super password'
+        password: 'my super password',
+        displayNSFW: true
       }
 
       requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done, 204)
diff --git a/server/tests/api/users.js b/server/tests/api/users.js
index 2b6956baa..a5e8a7edf 100644
--- a/server/tests/api/users.js
+++ b/server/tests/api/users.js
@@ -209,6 +209,7 @@ describe('Test users', function () {
 
       expect(user.username).to.equal('user_1')
       expect(user.email).to.equal('user_1@example.com')
+      expect(user.displayNSFW).to.be.falsy
       expect(user.id).to.exist
 
       done()
@@ -237,10 +238,13 @@ describe('Test users', function () {
       const user = users[0]
       expect(user.username).to.equal('user_1')
       expect(user.email).to.equal('user_1@example.com')
+      expect(user.displayNSFW).to.be.falsy
 
       const rootUser = users[1]
       expect(rootUser.username).to.equal('root')
       expect(rootUser.email).to.equal('admin1@example.com')
+      expect(rootUser.displayNSFW).to.be.falsy
+
       userId = user.id
 
       done()
@@ -261,6 +265,7 @@ describe('Test users', function () {
       const user = users[0]
       expect(user.username).to.equal('root')
       expect(user.email).to.equal('admin1@example.com')
+      expect(user.displayNSFW).to.be.falsy
 
       done()
     })
@@ -280,6 +285,7 @@ describe('Test users', function () {
       const user = users[0]
       expect(user.username).to.equal('user_1')
       expect(user.email).to.equal('user_1@example.com')
+      expect(user.displayNSFW).to.be.falsy
 
       done()
     })
@@ -299,6 +305,7 @@ describe('Test users', function () {
       const user = users[0]
       expect(user.username).to.equal('user_1')
       expect(user.email).to.equal('user_1@example.com')
+      expect(user.displayNSFW).to.be.falsy
 
       done()
     })
@@ -317,15 +324,18 @@ describe('Test users', function () {
 
       expect(users[0].username).to.equal('root')
       expect(users[0].email).to.equal('admin1@example.com')
+      expect(users[0].displayNSFW).to.be.falsy
+
       expect(users[1].username).to.equal('user_1')
       expect(users[1].email).to.equal('user_1@example.com')
+      expect(users[1].displayNSFW).to.be.falsy
 
       done()
     })
   })
 
   it('Should update the user password', function (done) {
-    usersUtils.updateUser(server.url, userId, accessTokenUser, 'new password', function (err, res) {
+    usersUtils.updateUser(server.url, userId, accessTokenUser, 'new password', null, function (err, res) {
       if (err) throw err
 
       server.user.password = 'new password'
@@ -333,6 +343,25 @@ describe('Test users', function () {
     })
   })
 
+  it('Should be able to change the NSFW display attribute', function (done) {
+    usersUtils.updateUser(server.url, userId, accessTokenUser, null, true, function (err, res) {
+      if (err) throw err
+
+      usersUtils.getUserInformation(server.url, accessTokenUser, function (err, res) {
+        if (err) throw err
+
+        const user = res.body
+
+        expect(user.username).to.equal('user_1')
+        expect(user.email).to.equal('user_1@example.com')
+        expect(user.displayNSFW).to.be.truthy
+        expect(user.id).to.exist
+
+        done()
+      })
+    })
+  })
+
   it('Should be able to remove this user', function (done) {
     usersUtils.removeUser(server.url, userId, accessToken, done)
   })
diff --git a/server/tests/utils/users.js b/server/tests/utils/users.js
index 7817160b9..8138074d0 100644
--- a/server/tests/utils/users.js
+++ b/server/tests/utils/users.js
@@ -101,14 +101,18 @@ function removeUser (url, userId, accessToken, expectedStatus, end) {
     .end(end)
 }
 
-function updateUser (url, userId, accessToken, newPassword, end) {
+function updateUser (url, userId, accessToken, newPassword, displayNSFW, end) {
   const path = '/api/v1/users/' + userId
 
+  const toSend = {}
+  if (newPassword !== undefined && newPassword !== null) toSend.password = newPassword
+  if (displayNSFW !== undefined && displayNSFW !== null) toSend.displayNSFW = displayNSFW
+
   request(url)
     .put(path)
     .set('Accept', 'application/json')
     .set('Authorization', 'Bearer ' + accessToken)
-    .send({ password: newPassword })
+    .send(toSend)
     .expect(204)
     .end(end)
 }