aboutsummaryrefslogtreecommitdiffhomepage
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/controllers/api/users.js1
-rw-r--r--server/initializers/installer.js2
-rw-r--r--server/middlewares/validators/users.js3
-rw-r--r--server/models/author.js4
-rw-r--r--server/models/pod.js5
-rw-r--r--server/models/user.js25
-rw-r--r--server/tests/api/check-params/pods.js24
-rw-r--r--server/tests/api/check-params/users.js39
-rw-r--r--server/tests/api/users.js8
-rw-r--r--server/tests/utils/users.js7
10 files changed, 112 insertions, 6 deletions
diff --git a/server/controllers/api/users.js b/server/controllers/api/users.js
index 6cd0e84f7..324c99b4c 100644
--- a/server/controllers/api/users.js
+++ b/server/controllers/api/users.js
@@ -61,6 +61,7 @@ function createUser (req, res, next) {
61 const user = db.User.build({ 61 const user = db.User.build({
62 username: req.body.username, 62 username: req.body.username,
63 password: req.body.password, 63 password: req.body.password,
64 email: req.body.email,
64 role: constants.USER_ROLES.USER 65 role: constants.USER_ROLES.USER
65 }) 66 })
66 67
diff --git a/server/initializers/installer.js b/server/initializers/installer.js
index fb63b81ac..837a987dd 100644
--- a/server/initializers/installer.js
+++ b/server/initializers/installer.js
@@ -96,6 +96,7 @@ function createOAuthAdminIfNotExist (callback) {
96 96
97 const username = 'root' 97 const username = 'root'
98 const role = constants.USER_ROLES.ADMIN 98 const role = constants.USER_ROLES.ADMIN
99 const email = constants.CONFIG.ADMIN.EMAIL
99 const createOptions = {} 100 const createOptions = {}
100 let password = '' 101 let password = ''
101 102
@@ -115,6 +116,7 @@ function createOAuthAdminIfNotExist (callback) {
115 116
116 const userData = { 117 const userData = {
117 username, 118 username,
119 email,
118 password, 120 password,
119 role 121 role
120 } 122 }
diff --git a/server/middlewares/validators/users.js b/server/middlewares/validators/users.js
index 0629550bc..3089370ff 100644
--- a/server/middlewares/validators/users.js
+++ b/server/middlewares/validators/users.js
@@ -13,11 +13,12 @@ const validatorsUsers = {
13function usersAdd (req, res, next) { 13function usersAdd (req, res, next) {
14 req.checkBody('username', 'Should have a valid username').isUserUsernameValid() 14 req.checkBody('username', 'Should have a valid username').isUserUsernameValid()
15 req.checkBody('password', 'Should have a valid password').isUserPasswordValid() 15 req.checkBody('password', 'Should have a valid password').isUserPasswordValid()
16 req.checkBody('email', 'Should have a valid email').isEmail()
16 17
17 logger.debug('Checking usersAdd parameters', { parameters: req.body }) 18 logger.debug('Checking usersAdd parameters', { parameters: req.body })
18 19
19 checkErrors(req, res, function () { 20 checkErrors(req, res, function () {
20 db.User.loadByUsername(req.body.username, function (err, user) { 21 db.User.loadByUsernameOrEmail(req.body.username, req.body.email, function (err, user) {
21 if (err) { 22 if (err) {
22 logger.error('Error in usersAdd request validator.', { error: err }) 23 logger.error('Error in usersAdd request validator.', { error: err })
23 return res.sendStatus(500) 24 return res.sendStatus(500)
diff --git a/server/models/author.js b/server/models/author.js
index f036193c8..34b013097 100644
--- a/server/models/author.js
+++ b/server/models/author.js
@@ -84,7 +84,9 @@ function findOrCreateAuthor (name, podId, userId, transaction, callback) {
84 if (transaction) query.transaction = transaction 84 if (transaction) query.transaction = transaction
85 85
86 this.findOrCreate(query).asCallback(function (err, result) { 86 this.findOrCreate(query).asCallback(function (err, result) {
87 if (err) return callback(err)
88
87 // [ instance, wasCreated ] 89 // [ instance, wasCreated ]
88 return callback(err, result[0]) 90 return callback(null, result[0])
89 }) 91 })
90} 92}
diff --git a/server/models/pod.js b/server/models/pod.js
index 575ebbc61..79afb737a 100644
--- a/server/models/pod.js
+++ b/server/models/pod.js
@@ -35,7 +35,10 @@ module.exports = function (sequelize, DataTypes) {
35 }, 35 },
36 email: { 36 email: {
37 type: DataTypes.STRING(400), 37 type: DataTypes.STRING(400),
38 allowNull: false 38 allowNull: false,
39 validate: {
40 isEmail: true
41 }
39 } 42 }
40 }, 43 },
41 { 44 {
diff --git a/server/models/user.js b/server/models/user.js
index 6cb9eec3f..35a98dd6b 100644
--- a/server/models/user.js
+++ b/server/models/user.js
@@ -32,6 +32,13 @@ module.exports = function (sequelize, DataTypes) {
32 } 32 }
33 } 33 }
34 }, 34 },
35 email: {
36 type: DataTypes.STRING,
37 allowNull: false,
38 validate: {
39 isEmail: true
40 }
41 },
35 role: { 42 role: {
36 type: DataTypes.ENUM(values(constants.USER_ROLES)), 43 type: DataTypes.ENUM(values(constants.USER_ROLES)),
37 allowNull: false 44 allowNull: false
@@ -42,6 +49,10 @@ module.exports = function (sequelize, DataTypes) {
42 { 49 {
43 fields: [ 'username' ], 50 fields: [ 'username' ],
44 unique: true 51 unique: true
52 },
53 {
54 fields: [ 'email' ],
55 unique: true
45 } 56 }
46 ], 57 ],
47 classMethods: { 58 classMethods: {
@@ -52,7 +63,8 @@ module.exports = function (sequelize, DataTypes) {
52 list, 63 list,
53 listForApi, 64 listForApi,
54 loadById, 65 loadById,
55 loadByUsername 66 loadByUsername,
67 loadByUsernameOrEmail
56 }, 68 },
57 instanceMethods: { 69 instanceMethods: {
58 isPasswordMatch, 70 isPasswordMatch,
@@ -88,6 +100,7 @@ function toFormatedJSON () {
88 return { 100 return {
89 id: this.id, 101 id: this.id,
90 username: this.username, 102 username: this.username,
103 email: this.email,
91 role: this.role, 104 role: this.role,
92 createdAt: this.createdAt 105 createdAt: this.createdAt
93 } 106 }
@@ -151,3 +164,13 @@ function loadByUsername (username, callback) {
151 164
152 return this.findOne(query).asCallback(callback) 165 return this.findOne(query).asCallback(callback)
153} 166}
167
168function loadByUsernameOrEmail (username, email, callback) {
169 const query = {
170 where: {
171 $or: [ { username }, { email } ]
172 }
173 }
174
175 return this.findOne(query).asCallback(callback)
176}
diff --git a/server/tests/api/check-params/pods.js b/server/tests/api/check-params/pods.js
index 8d52b69b1..22cbdb30f 100644
--- a/server/tests/api/check-params/pods.js
+++ b/server/tests/api/check-params/pods.js
@@ -39,7 +39,7 @@ describe('Test pods API validators', function () {
39 ], done) 39 ], done)
40 }) 40 })
41 41
42 describe('When making friends', function () { 42 describe('When managing friends', function () {
43 let userAccessToken = null 43 let userAccessToken = null
44 44
45 before(function (done) { 45 before(function (done) {
@@ -156,13 +156,32 @@ describe('Test pods API validators', function () {
156 156
157 it('Should fail without public key', function (done) { 157 it('Should fail without public key', function (done) {
158 const data = { 158 const data = {
159 email: 'testexample.com',
159 host: 'coucou.com' 160 host: 'coucou.com'
160 } 161 }
161 requestsUtils.makePostBodyRequest(server.url, path, null, data, done) 162 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
162 }) 163 })
163 164
165 it('Should fail without an email', function (done) {
166 const data = {
167 host: 'coucou.com',
168 publicKey: 'mysuperpublickey'
169 }
170 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
171 })
172
173 it('Should fail without an invalid email', function (done) {
174 const data = {
175 host: 'coucou.com',
176 email: 'testexample.com',
177 publicKey: 'mysuperpublickey'
178 }
179 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
180 })
181
164 it('Should fail without an host', function (done) { 182 it('Should fail without an host', function (done) {
165 const data = { 183 const data = {
184 email: 'testexample.com',
166 publicKey: 'mysuperpublickey' 185 publicKey: 'mysuperpublickey'
167 } 186 }
168 requestsUtils.makePostBodyRequest(server.url, path, null, data, done) 187 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
@@ -171,6 +190,7 @@ describe('Test pods API validators', function () {
171 it('Should fail with an incorrect host', function (done) { 190 it('Should fail with an incorrect host', function (done) {
172 const data = { 191 const data = {
173 host: 'http://coucou.com', 192 host: 'http://coucou.com',
193 email: 'testexample.com',
174 publicKey: 'mysuperpublickey' 194 publicKey: 'mysuperpublickey'
175 } 195 }
176 requestsUtils.makePostBodyRequest(server.url, path, null, data, function () { 196 requestsUtils.makePostBodyRequest(server.url, path, null, data, function () {
@@ -185,6 +205,7 @@ describe('Test pods API validators', function () {
185 it('Should succeed with the correct parameters', function (done) { 205 it('Should succeed with the correct parameters', function (done) {
186 const data = { 206 const data = {
187 host: 'coucou.com', 207 host: 'coucou.com',
208 email: 'test@example.com',
188 publicKey: 'mysuperpublickey' 209 publicKey: 'mysuperpublickey'
189 } 210 }
190 requestsUtils.makePostBodyRequest(server.url, path, null, data, done, 200) 211 requestsUtils.makePostBodyRequest(server.url, path, null, data, done, 200)
@@ -193,6 +214,7 @@ describe('Test pods API validators', function () {
193 it('Should fail with a host that already exists', function (done) { 214 it('Should fail with a host that already exists', function (done) {
194 const data = { 215 const data = {
195 host: 'coucou.com', 216 host: 'coucou.com',
217 email: 'test@example.com',
196 publicKey: 'mysuperpublickey' 218 publicKey: 'mysuperpublickey'
197 } 219 }
198 requestsUtils.makePostBodyRequest(server.url, path, null, data, done, 409) 220 requestsUtils.makePostBodyRequest(server.url, path, null, data, done, 409)
diff --git a/server/tests/api/check-params/users.js b/server/tests/api/check-params/users.js
index c1fcf34a4..debf63cf6 100644
--- a/server/tests/api/check-params/users.js
+++ b/server/tests/api/check-params/users.js
@@ -92,6 +92,7 @@ describe('Test users API validators', function () {
92 it('Should fail with a too small username', function (done) { 92 it('Should fail with a too small username', function (done) {
93 const data = { 93 const data = {
94 username: 'ji', 94 username: 'ji',
95 email: 'test@example.com',
95 password: 'mysuperpassword' 96 password: 'mysuperpassword'
96 } 97 }
97 98
@@ -101,6 +102,7 @@ describe('Test users API validators', function () {
101 it('Should fail with a too long username', function (done) { 102 it('Should fail with a too long username', function (done) {
102 const data = { 103 const data = {
103 username: 'mysuperusernamewhichisverylong', 104 username: 'mysuperusernamewhichisverylong',
105 email: 'test@example.com',
104 password: 'mysuperpassword' 106 password: 'mysuperpassword'
105 } 107 }
106 108
@@ -110,6 +112,26 @@ describe('Test users API validators', function () {
110 it('Should fail with an incorrect username', function (done) { 112 it('Should fail with an incorrect username', function (done) {
111 const data = { 113 const data = {
112 username: 'my username', 114 username: 'my username',
115 email: 'test@example.com',
116 password: 'mysuperpassword'
117 }
118
119 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
120 })
121
122 it('Should fail with a missing email', function (done) {
123 const data = {
124 username: 'ji',
125 password: 'mysuperpassword'
126 }
127
128 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
129 })
130
131 it('Should fail with an invalid email', function (done) {
132 const data = {
133 username: 'mysuperusernamewhichisverylong',
134 email: 'testexample.com',
113 password: 'mysuperpassword' 135 password: 'mysuperpassword'
114 } 136 }
115 137
@@ -119,6 +141,7 @@ describe('Test users API validators', function () {
119 it('Should fail with a too small password', function (done) { 141 it('Should fail with a too small password', function (done) {
120 const data = { 142 const data = {
121 username: 'myusername', 143 username: 'myusername',
144 email: 'test@example.com',
122 password: 'bla' 145 password: 'bla'
123 } 146 }
124 147
@@ -128,6 +151,7 @@ describe('Test users API validators', function () {
128 it('Should fail with a too long password', function (done) { 151 it('Should fail with a too long password', function (done) {
129 const data = { 152 const data = {
130 username: 'myusername', 153 username: 'myusername',
154 email: 'test@example.com',
131 password: 'my super long password which is very very very very very very very very very very very very very very' + 155 password: 'my super long password which is very very very very very very very very very very very very very very' +
132 'very very very very very very very very very very very very very very very veryv very very very very' + 156 'very very very very very very very very very very very very very very very veryv very very very very' +
133 'very very very very very very very very very very very very very very very very very very very very long' 157 'very very very very very very very very very very very very very very very very very very very very long'
@@ -139,6 +163,7 @@ describe('Test users API validators', function () {
139 it('Should fail with an non authenticated user', function (done) { 163 it('Should fail with an non authenticated user', function (done) {
140 const data = { 164 const data = {
141 username: 'myusername', 165 username: 'myusername',
166 email: 'test@example.com',
142 password: 'my super password' 167 password: 'my super password'
143 } 168 }
144 169
@@ -148,6 +173,17 @@ describe('Test users API validators', function () {
148 it('Should fail if we add a user with the same username', function (done) { 173 it('Should fail if we add a user with the same username', function (done) {
149 const data = { 174 const data = {
150 username: 'user1', 175 username: 'user1',
176 email: 'test@example.com',
177 password: 'my super password'
178 }
179
180 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 409)
181 })
182
183 it('Should fail if we add a user with the same email', function (done) {
184 const data = {
185 username: 'myusername',
186 email: 'user1@example.com',
151 password: 'my super password' 187 password: 'my super password'
152 } 188 }
153 189
@@ -157,6 +193,7 @@ describe('Test users API validators', function () {
157 it('Should succeed with the correct params', function (done) { 193 it('Should succeed with the correct params', function (done) {
158 const data = { 194 const data = {
159 username: 'user2', 195 username: 'user2',
196 email: 'test@example.com',
160 password: 'my super password' 197 password: 'my super password'
161 } 198 }
162 199
@@ -166,6 +203,7 @@ describe('Test users API validators', function () {
166 it('Should fail with a non admin user', function (done) { 203 it('Should fail with a non admin user', function (done) {
167 server.user = { 204 server.user = {
168 username: 'user1', 205 username: 'user1',
206 email: 'test@example.com',
169 password: 'my super password' 207 password: 'my super password'
170 } 208 }
171 209
@@ -176,6 +214,7 @@ describe('Test users API validators', function () {
176 214
177 const data = { 215 const data = {
178 username: 'user3', 216 username: 'user3',
217 email: 'test@example.com',
179 password: 'my super password' 218 password: 'my super password'
180 } 219 }
181 220
diff --git a/server/tests/api/users.js b/server/tests/api/users.js
index e6d937eb0..df075f48a 100644
--- a/server/tests/api/users.js
+++ b/server/tests/api/users.js
@@ -186,6 +186,7 @@ describe('Test users', function () {
186 const user = res.body 186 const user = res.body
187 187
188 expect(user.username).to.equal('user_1') 188 expect(user.username).to.equal('user_1')
189 expect(user.email).to.equal('user_1@example.com')
189 expect(user.id).to.exist 190 expect(user.id).to.exist
190 191
191 done() 192 done()
@@ -216,9 +217,11 @@ describe('Test users', function () {
216 217
217 const user = users[0] 218 const user = users[0]
218 expect(user.username).to.equal('user_1') 219 expect(user.username).to.equal('user_1')
220 expect(user.email).to.equal('user_1@example.com')
219 221
220 const rootUser = users[1] 222 const rootUser = users[1]
221 expect(rootUser.username).to.equal('root') 223 expect(rootUser.username).to.equal('root')
224 expect(rootUser.email).to.equal('admin1@example.com')
222 userId = user.id 225 userId = user.id
223 226
224 done() 227 done()
@@ -238,6 +241,7 @@ describe('Test users', function () {
238 241
239 const user = users[0] 242 const user = users[0]
240 expect(user.username).to.equal('root') 243 expect(user.username).to.equal('root')
244 expect(user.email).to.equal('admin1@example.com')
241 245
242 done() 246 done()
243 }) 247 })
@@ -256,6 +260,7 @@ describe('Test users', function () {
256 260
257 const user = users[0] 261 const user = users[0]
258 expect(user.username).to.equal('user_1') 262 expect(user.username).to.equal('user_1')
263 expect(user.email).to.equal('user_1@example.com')
259 264
260 done() 265 done()
261 }) 266 })
@@ -274,6 +279,7 @@ describe('Test users', function () {
274 279
275 const user = users[0] 280 const user = users[0]
276 expect(user.username).to.equal('user_1') 281 expect(user.username).to.equal('user_1')
282 expect(user.email).to.equal('user_1@example.com')
277 283
278 done() 284 done()
279 }) 285 })
@@ -291,7 +297,9 @@ describe('Test users', function () {
291 expect(users.length).to.equal(2) 297 expect(users.length).to.equal(2)
292 298
293 expect(users[0].username).to.equal('root') 299 expect(users[0].username).to.equal('root')
300 expect(users[0].email).to.equal('admin1@example.com')
294 expect(users[1].username).to.equal('user_1') 301 expect(users[1].username).to.equal('user_1')
302 expect(users[1].email).to.equal('user_1@example.com')
295 303
296 done() 304 done()
297 }) 305 })
diff --git a/server/tests/utils/users.js b/server/tests/utils/users.js
index 2bf9c6e3e..a2c010f64 100644
--- a/server/tests/utils/users.js
+++ b/server/tests/utils/users.js
@@ -20,12 +20,17 @@ function createUser (url, accessToken, username, password, specialStatus, end) {
20 } 20 }
21 21
22 const path = '/api/v1/users' 22 const path = '/api/v1/users'
23 const body = {
24 username,
25 password,
26 email: username + '@example.com'
27 }
23 28
24 request(url) 29 request(url)
25 .post(path) 30 .post(path)
26 .set('Accept', 'application/json') 31 .set('Accept', 'application/json')
27 .set('Authorization', 'Bearer ' + accessToken) 32 .set('Authorization', 'Bearer ' + accessToken)
28 .send({ username: username, password: password }) 33 .send(body)
29 .expect(specialStatus) 34 .expect(specialStatus)
30 .end(end) 35 .end(end)
31} 36}