aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--server/controllers/api/users.js5
-rw-r--r--server/helpers/custom-validators/users.js7
-rw-r--r--server/initializers/constants.js2
-rw-r--r--server/initializers/migrations/0045-user-display-nsfw.js19
-rw-r--r--server/middlewares/validators/users.js3
-rw-r--r--server/models/user.js12
-rw-r--r--server/tests/api/check-params/users.js11
-rw-r--r--server/tests/api/users.js31
-rw-r--r--server/tests/utils/users.js8
9 files changed, 90 insertions, 8 deletions
diff --git a/server/controllers/api/users.js b/server/controllers/api/users.js
index f854b3082..6b6c0774f 100644
--- a/server/controllers/api/users.js
+++ b/server/controllers/api/users.js
@@ -71,6 +71,7 @@ function createUser (req, res, next) {
71 username: req.body.username, 71 username: req.body.username,
72 password: req.body.password, 72 password: req.body.password,
73 email: req.body.email, 73 email: req.body.email,
74 displayNSFW: false,
74 role: constants.USER_ROLES.USER 75 role: constants.USER_ROLES.USER
75 }) 76 })
76 77
@@ -136,7 +137,9 @@ function updateUser (req, res, next) {
136 db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) { 137 db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
137 if (err) return next(err) 138 if (err) return next(err)
138 139
139 user.password = req.body.password 140 if (req.body.password) user.password = req.body.password
141 if (req.body.displayNSFW !== undefined) user.displayNSFW = req.body.displayNSFW
142
140 user.save().asCallback(function (err) { 143 user.save().asCallback(function (err) {
141 if (err) return next(err) 144 if (err) return next(err)
142 145
diff --git a/server/helpers/custom-validators/users.js b/server/helpers/custom-validators/users.js
index 88fa1592e..2fc026e98 100644
--- a/server/helpers/custom-validators/users.js
+++ b/server/helpers/custom-validators/users.js
@@ -9,7 +9,8 @@ const USERS_CONSTRAINTS_FIELDS = constants.CONSTRAINTS_FIELDS.USERS
9const usersValidators = { 9const usersValidators = {
10 isUserPasswordValid, 10 isUserPasswordValid,
11 isUserRoleValid, 11 isUserRoleValid,
12 isUserUsernameValid 12 isUserUsernameValid,
13 isUserDisplayNSFWValid
13} 14}
14 15
15function isUserPasswordValid (value) { 16function isUserPasswordValid (value) {
@@ -26,6 +27,10 @@ function isUserUsernameValid (value) {
26 return validator.matches(value, new RegExp(`^[a-zA-Z0-9._]{${min},${max}}$`)) 27 return validator.matches(value, new RegExp(`^[a-zA-Z0-9._]{${min},${max}}$`))
27} 28}
28 29
30function isUserDisplayNSFWValid (value) {
31 return validator.isBoolean(value)
32}
33
29// --------------------------------------------------------------------------- 34// ---------------------------------------------------------------------------
30 35
31module.exports = usersValidators 36module.exports = usersValidators
diff --git a/server/initializers/constants.js b/server/initializers/constants.js
index f3799ba0f..6352d7c46 100644
--- a/server/initializers/constants.js
+++ b/server/initializers/constants.js
@@ -5,7 +5,7 @@ const path = require('path')
5 5
6// --------------------------------------------------------------------------- 6// ---------------------------------------------------------------------------
7 7
8const LAST_MIGRATION_VERSION = 40 8const LAST_MIGRATION_VERSION = 45
9 9
10// --------------------------------------------------------------------------- 10// ---------------------------------------------------------------------------
11 11
diff --git a/server/initializers/migrations/0045-user-display-nsfw.js b/server/initializers/migrations/0045-user-display-nsfw.js
new file mode 100644
index 000000000..03624e593
--- /dev/null
+++ b/server/initializers/migrations/0045-user-display-nsfw.js
@@ -0,0 +1,19 @@
1'use strict'
2
3// utils = { transaction, queryInterface, sequelize, Sequelize }
4exports.up = function (utils, finalCallback) {
5 const q = utils.queryInterface
6 const Sequelize = utils.Sequelize
7
8 const data = {
9 type: Sequelize.BOOLEAN,
10 allowNull: false,
11 defaultValue: false
12 }
13
14 q.addColumn('Users', 'displayNSFW', data, { transaction: utils.transaction }).asCallback(finalCallback)
15}
16
17exports.down = function (options, callback) {
18 throw new Error('Not implemented.')
19}
diff --git a/server/middlewares/validators/users.js b/server/middlewares/validators/users.js
index ce83fc074..1e7a64793 100644
--- a/server/middlewares/validators/users.js
+++ b/server/middlewares/validators/users.js
@@ -56,7 +56,8 @@ function usersRemove (req, res, next) {
56function usersUpdate (req, res, next) { 56function usersUpdate (req, res, next) {
57 req.checkParams('id', 'Should have a valid id').notEmpty().isInt() 57 req.checkParams('id', 'Should have a valid id').notEmpty().isInt()
58 // Add old password verification 58 // Add old password verification
59 req.checkBody('password', 'Should have a valid password').isUserPasswordValid() 59 req.checkBody('password', 'Should have a valid password').optional().isUserPasswordValid()
60 req.checkBody('displayNSFW', 'Should have a valid display Not Safe For Work attribute').optional().isUserDisplayNSFWValid()
60 61
61 logger.debug('Checking usersUpdate parameters', { parameters: req.body }) 62 logger.debug('Checking usersUpdate parameters', { parameters: req.body })
62 63
diff --git a/server/models/user.js b/server/models/user.js
index 24e710fa7..e64bab8ab 100644
--- a/server/models/user.js
+++ b/server/models/user.js
@@ -39,6 +39,17 @@ module.exports = function (sequelize, DataTypes) {
39 isEmail: true 39 isEmail: true
40 } 40 }
41 }, 41 },
42 displayNSFW: {
43 type: DataTypes.BOOLEAN,
44 allowNull: false,
45 defaultValue: false,
46 validate: {
47 nsfwValid: function (value) {
48 const res = customUsersValidators.isUserDisplayNSFWValid(value)
49 if (res === false) throw new Error('Display NSFW is not valid.')
50 }
51 }
52 },
42 role: { 53 role: {
43 type: DataTypes.ENUM(values(constants.USER_ROLES)), 54 type: DataTypes.ENUM(values(constants.USER_ROLES)),
44 allowNull: false 55 allowNull: false
@@ -101,6 +112,7 @@ function toFormatedJSON () {
101 id: this.id, 112 id: this.id,
102 username: this.username, 113 username: this.username,
103 email: this.email, 114 email: this.email,
115 displayNSFW: this.displayNSFW,
104 role: this.role, 116 role: this.role,
105 createdAt: this.createdAt 117 createdAt: this.createdAt
106 } 118 }
diff --git a/server/tests/api/check-params/users.js b/server/tests/api/check-params/users.js
index b04f9f4a6..4a176e6c2 100644
--- a/server/tests/api/check-params/users.js
+++ b/server/tests/api/check-params/users.js
@@ -270,6 +270,14 @@ describe('Test users API validators', function () {
270 requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done) 270 requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done)
271 }) 271 })
272 272
273 it('Should fail with an invalid display NSFW attribute', function (done) {
274 const data = {
275 displayNSFW: -1
276 }
277
278 requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done)
279 })
280
273 it('Should fail with an non authenticated user', function (done) { 281 it('Should fail with an non authenticated user', function (done) {
274 const data = { 282 const data = {
275 password: 'my super password' 283 password: 'my super password'
@@ -280,7 +288,8 @@ describe('Test users API validators', function () {
280 288
281 it('Should succeed with the correct params', function (done) { 289 it('Should succeed with the correct params', function (done) {
282 const data = { 290 const data = {
283 password: 'my super password' 291 password: 'my super password',
292 displayNSFW: true
284 } 293 }
285 294
286 requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done, 204) 295 requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done, 204)
diff --git a/server/tests/api/users.js b/server/tests/api/users.js
index 2b6956baa..a5e8a7edf 100644
--- a/server/tests/api/users.js
+++ b/server/tests/api/users.js
@@ -209,6 +209,7 @@ describe('Test users', function () {
209 209
210 expect(user.username).to.equal('user_1') 210 expect(user.username).to.equal('user_1')
211 expect(user.email).to.equal('user_1@example.com') 211 expect(user.email).to.equal('user_1@example.com')
212 expect(user.displayNSFW).to.be.falsy
212 expect(user.id).to.exist 213 expect(user.id).to.exist
213 214
214 done() 215 done()
@@ -237,10 +238,13 @@ describe('Test users', function () {
237 const user = users[0] 238 const user = users[0]
238 expect(user.username).to.equal('user_1') 239 expect(user.username).to.equal('user_1')
239 expect(user.email).to.equal('user_1@example.com') 240 expect(user.email).to.equal('user_1@example.com')
241 expect(user.displayNSFW).to.be.falsy
240 242
241 const rootUser = users[1] 243 const rootUser = users[1]
242 expect(rootUser.username).to.equal('root') 244 expect(rootUser.username).to.equal('root')
243 expect(rootUser.email).to.equal('admin1@example.com') 245 expect(rootUser.email).to.equal('admin1@example.com')
246 expect(rootUser.displayNSFW).to.be.falsy
247
244 userId = user.id 248 userId = user.id
245 249
246 done() 250 done()
@@ -261,6 +265,7 @@ describe('Test users', function () {
261 const user = users[0] 265 const user = users[0]
262 expect(user.username).to.equal('root') 266 expect(user.username).to.equal('root')
263 expect(user.email).to.equal('admin1@example.com') 267 expect(user.email).to.equal('admin1@example.com')
268 expect(user.displayNSFW).to.be.falsy
264 269
265 done() 270 done()
266 }) 271 })
@@ -280,6 +285,7 @@ describe('Test users', function () {
280 const user = users[0] 285 const user = users[0]
281 expect(user.username).to.equal('user_1') 286 expect(user.username).to.equal('user_1')
282 expect(user.email).to.equal('user_1@example.com') 287 expect(user.email).to.equal('user_1@example.com')
288 expect(user.displayNSFW).to.be.falsy
283 289
284 done() 290 done()
285 }) 291 })
@@ -299,6 +305,7 @@ describe('Test users', function () {
299 const user = users[0] 305 const user = users[0]
300 expect(user.username).to.equal('user_1') 306 expect(user.username).to.equal('user_1')
301 expect(user.email).to.equal('user_1@example.com') 307 expect(user.email).to.equal('user_1@example.com')
308 expect(user.displayNSFW).to.be.falsy
302 309
303 done() 310 done()
304 }) 311 })
@@ -317,15 +324,18 @@ describe('Test users', function () {
317 324
318 expect(users[0].username).to.equal('root') 325 expect(users[0].username).to.equal('root')
319 expect(users[0].email).to.equal('admin1@example.com') 326 expect(users[0].email).to.equal('admin1@example.com')
327 expect(users[0].displayNSFW).to.be.falsy
328
320 expect(users[1].username).to.equal('user_1') 329 expect(users[1].username).to.equal('user_1')
321 expect(users[1].email).to.equal('user_1@example.com') 330 expect(users[1].email).to.equal('user_1@example.com')
331 expect(users[1].displayNSFW).to.be.falsy
322 332
323 done() 333 done()
324 }) 334 })
325 }) 335 })
326 336
327 it('Should update the user password', function (done) { 337 it('Should update the user password', function (done) {
328 usersUtils.updateUser(server.url, userId, accessTokenUser, 'new password', function (err, res) { 338 usersUtils.updateUser(server.url, userId, accessTokenUser, 'new password', null, function (err, res) {
329 if (err) throw err 339 if (err) throw err
330 340
331 server.user.password = 'new password' 341 server.user.password = 'new password'
@@ -333,6 +343,25 @@ describe('Test users', function () {
333 }) 343 })
334 }) 344 })
335 345
346 it('Should be able to change the NSFW display attribute', function (done) {
347 usersUtils.updateUser(server.url, userId, accessTokenUser, null, true, function (err, res) {
348 if (err) throw err
349
350 usersUtils.getUserInformation(server.url, accessTokenUser, function (err, res) {
351 if (err) throw err
352
353 const user = res.body
354
355 expect(user.username).to.equal('user_1')
356 expect(user.email).to.equal('user_1@example.com')
357 expect(user.displayNSFW).to.be.truthy
358 expect(user.id).to.exist
359
360 done()
361 })
362 })
363 })
364
336 it('Should be able to remove this user', function (done) { 365 it('Should be able to remove this user', function (done) {
337 usersUtils.removeUser(server.url, userId, accessToken, done) 366 usersUtils.removeUser(server.url, userId, accessToken, done)
338 }) 367 })
diff --git a/server/tests/utils/users.js b/server/tests/utils/users.js
index 7817160b9..8138074d0 100644
--- a/server/tests/utils/users.js
+++ b/server/tests/utils/users.js
@@ -101,14 +101,18 @@ function removeUser (url, userId, accessToken, expectedStatus, end) {
101 .end(end) 101 .end(end)
102} 102}
103 103
104function updateUser (url, userId, accessToken, newPassword, end) { 104function updateUser (url, userId, accessToken, newPassword, displayNSFW, end) {
105 const path = '/api/v1/users/' + userId 105 const path = '/api/v1/users/' + userId
106 106
107 const toSend = {}
108 if (newPassword !== undefined && newPassword !== null) toSend.password = newPassword
109 if (displayNSFW !== undefined && displayNSFW !== null) toSend.displayNSFW = displayNSFW
110
107 request(url) 111 request(url)
108 .put(path) 112 .put(path)
109 .set('Accept', 'application/json') 113 .set('Accept', 'application/json')
110 .set('Authorization', 'Bearer ' + accessToken) 114 .set('Authorization', 'Bearer ' + accessToken)
111 .send({ password: newPassword }) 115 .send(toSend)
112 .expect(204) 116 .expect(204)
113 .end(end) 117 .end(end)
114} 118}