diff options
Diffstat (limited to 'server')
-rw-r--r-- | server/controllers/api/users.js | 5 | ||||
-rw-r--r-- | server/helpers/custom-validators/users.js | 7 | ||||
-rw-r--r-- | server/initializers/constants.js | 2 | ||||
-rw-r--r-- | server/initializers/migrations/0045-user-display-nsfw.js | 19 | ||||
-rw-r--r-- | server/middlewares/validators/users.js | 3 | ||||
-rw-r--r-- | server/models/user.js | 12 | ||||
-rw-r--r-- | server/tests/api/check-params/users.js | 11 | ||||
-rw-r--r-- | server/tests/api/users.js | 31 | ||||
-rw-r--r-- | server/tests/utils/users.js | 8 |
9 files changed, 90 insertions, 8 deletions
diff --git a/server/controllers/api/users.js b/server/controllers/api/users.js index f854b3082..6b6c0774f 100644 --- a/server/controllers/api/users.js +++ b/server/controllers/api/users.js | |||
@@ -71,6 +71,7 @@ function createUser (req, res, next) { | |||
71 | username: req.body.username, | 71 | username: req.body.username, |
72 | password: req.body.password, | 72 | password: req.body.password, |
73 | email: req.body.email, | 73 | email: req.body.email, |
74 | displayNSFW: false, | ||
74 | role: constants.USER_ROLES.USER | 75 | role: constants.USER_ROLES.USER |
75 | }) | 76 | }) |
76 | 77 | ||
@@ -136,7 +137,9 @@ function updateUser (req, res, next) { | |||
136 | db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) { | 137 | db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) { |
137 | if (err) return next(err) | 138 | if (err) return next(err) |
138 | 139 | ||
139 | user.password = req.body.password | 140 | if (req.body.password) user.password = req.body.password |
141 | if (req.body.displayNSFW !== undefined) user.displayNSFW = req.body.displayNSFW | ||
142 | |||
140 | user.save().asCallback(function (err) { | 143 | user.save().asCallback(function (err) { |
141 | if (err) return next(err) | 144 | if (err) return next(err) |
142 | 145 | ||
diff --git a/server/helpers/custom-validators/users.js b/server/helpers/custom-validators/users.js index 88fa1592e..2fc026e98 100644 --- a/server/helpers/custom-validators/users.js +++ b/server/helpers/custom-validators/users.js | |||
@@ -9,7 +9,8 @@ const USERS_CONSTRAINTS_FIELDS = constants.CONSTRAINTS_FIELDS.USERS | |||
9 | const usersValidators = { | 9 | const usersValidators = { |
10 | isUserPasswordValid, | 10 | isUserPasswordValid, |
11 | isUserRoleValid, | 11 | isUserRoleValid, |
12 | isUserUsernameValid | 12 | isUserUsernameValid, |
13 | isUserDisplayNSFWValid | ||
13 | } | 14 | } |
14 | 15 | ||
15 | function isUserPasswordValid (value) { | 16 | function isUserPasswordValid (value) { |
@@ -26,6 +27,10 @@ function isUserUsernameValid (value) { | |||
26 | return validator.matches(value, new RegExp(`^[a-zA-Z0-9._]{${min},${max}}$`)) | 27 | return validator.matches(value, new RegExp(`^[a-zA-Z0-9._]{${min},${max}}$`)) |
27 | } | 28 | } |
28 | 29 | ||
30 | function isUserDisplayNSFWValid (value) { | ||
31 | return validator.isBoolean(value) | ||
32 | } | ||
33 | |||
29 | // --------------------------------------------------------------------------- | 34 | // --------------------------------------------------------------------------- |
30 | 35 | ||
31 | module.exports = usersValidators | 36 | module.exports = usersValidators |
diff --git a/server/initializers/constants.js b/server/initializers/constants.js index f3799ba0f..6352d7c46 100644 --- a/server/initializers/constants.js +++ b/server/initializers/constants.js | |||
@@ -5,7 +5,7 @@ const path = require('path') | |||
5 | 5 | ||
6 | // --------------------------------------------------------------------------- | 6 | // --------------------------------------------------------------------------- |
7 | 7 | ||
8 | const LAST_MIGRATION_VERSION = 40 | 8 | const LAST_MIGRATION_VERSION = 45 |
9 | 9 | ||
10 | // --------------------------------------------------------------------------- | 10 | // --------------------------------------------------------------------------- |
11 | 11 | ||
diff --git a/server/initializers/migrations/0045-user-display-nsfw.js b/server/initializers/migrations/0045-user-display-nsfw.js new file mode 100644 index 000000000..03624e593 --- /dev/null +++ b/server/initializers/migrations/0045-user-display-nsfw.js | |||
@@ -0,0 +1,19 @@ | |||
1 | 'use strict' | ||
2 | |||
3 | // utils = { transaction, queryInterface, sequelize, Sequelize } | ||
4 | exports.up = function (utils, finalCallback) { | ||
5 | const q = utils.queryInterface | ||
6 | const Sequelize = utils.Sequelize | ||
7 | |||
8 | const data = { | ||
9 | type: Sequelize.BOOLEAN, | ||
10 | allowNull: false, | ||
11 | defaultValue: false | ||
12 | } | ||
13 | |||
14 | q.addColumn('Users', 'displayNSFW', data, { transaction: utils.transaction }).asCallback(finalCallback) | ||
15 | } | ||
16 | |||
17 | exports.down = function (options, callback) { | ||
18 | throw new Error('Not implemented.') | ||
19 | } | ||
diff --git a/server/middlewares/validators/users.js b/server/middlewares/validators/users.js index ce83fc074..1e7a64793 100644 --- a/server/middlewares/validators/users.js +++ b/server/middlewares/validators/users.js | |||
@@ -56,7 +56,8 @@ function usersRemove (req, res, next) { | |||
56 | function usersUpdate (req, res, next) { | 56 | function usersUpdate (req, res, next) { |
57 | req.checkParams('id', 'Should have a valid id').notEmpty().isInt() | 57 | req.checkParams('id', 'Should have a valid id').notEmpty().isInt() |
58 | // Add old password verification | 58 | // Add old password verification |
59 | req.checkBody('password', 'Should have a valid password').isUserPasswordValid() | 59 | req.checkBody('password', 'Should have a valid password').optional().isUserPasswordValid() |
60 | req.checkBody('displayNSFW', 'Should have a valid display Not Safe For Work attribute').optional().isUserDisplayNSFWValid() | ||
60 | 61 | ||
61 | logger.debug('Checking usersUpdate parameters', { parameters: req.body }) | 62 | logger.debug('Checking usersUpdate parameters', { parameters: req.body }) |
62 | 63 | ||
diff --git a/server/models/user.js b/server/models/user.js index 24e710fa7..e64bab8ab 100644 --- a/server/models/user.js +++ b/server/models/user.js | |||
@@ -39,6 +39,17 @@ module.exports = function (sequelize, DataTypes) { | |||
39 | isEmail: true | 39 | isEmail: true |
40 | } | 40 | } |
41 | }, | 41 | }, |
42 | displayNSFW: { | ||
43 | type: DataTypes.BOOLEAN, | ||
44 | allowNull: false, | ||
45 | defaultValue: false, | ||
46 | validate: { | ||
47 | nsfwValid: function (value) { | ||
48 | const res = customUsersValidators.isUserDisplayNSFWValid(value) | ||
49 | if (res === false) throw new Error('Display NSFW is not valid.') | ||
50 | } | ||
51 | } | ||
52 | }, | ||
42 | role: { | 53 | role: { |
43 | type: DataTypes.ENUM(values(constants.USER_ROLES)), | 54 | type: DataTypes.ENUM(values(constants.USER_ROLES)), |
44 | allowNull: false | 55 | allowNull: false |
@@ -101,6 +112,7 @@ function toFormatedJSON () { | |||
101 | id: this.id, | 112 | id: this.id, |
102 | username: this.username, | 113 | username: this.username, |
103 | email: this.email, | 114 | email: this.email, |
115 | displayNSFW: this.displayNSFW, | ||
104 | role: this.role, | 116 | role: this.role, |
105 | createdAt: this.createdAt | 117 | createdAt: this.createdAt |
106 | } | 118 | } |
diff --git a/server/tests/api/check-params/users.js b/server/tests/api/check-params/users.js index b04f9f4a6..4a176e6c2 100644 --- a/server/tests/api/check-params/users.js +++ b/server/tests/api/check-params/users.js | |||
@@ -270,6 +270,14 @@ describe('Test users API validators', function () { | |||
270 | requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done) | 270 | requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done) |
271 | }) | 271 | }) |
272 | 272 | ||
273 | it('Should fail with an invalid display NSFW attribute', function (done) { | ||
274 | const data = { | ||
275 | displayNSFW: -1 | ||
276 | } | ||
277 | |||
278 | requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done) | ||
279 | }) | ||
280 | |||
273 | it('Should fail with an non authenticated user', function (done) { | 281 | it('Should fail with an non authenticated user', function (done) { |
274 | const data = { | 282 | const data = { |
275 | password: 'my super password' | 283 | password: 'my super password' |
@@ -280,7 +288,8 @@ describe('Test users API validators', function () { | |||
280 | 288 | ||
281 | it('Should succeed with the correct params', function (done) { | 289 | it('Should succeed with the correct params', function (done) { |
282 | const data = { | 290 | const data = { |
283 | password: 'my super password' | 291 | password: 'my super password', |
292 | displayNSFW: true | ||
284 | } | 293 | } |
285 | 294 | ||
286 | requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done, 204) | 295 | requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done, 204) |
diff --git a/server/tests/api/users.js b/server/tests/api/users.js index 2b6956baa..a5e8a7edf 100644 --- a/server/tests/api/users.js +++ b/server/tests/api/users.js | |||
@@ -209,6 +209,7 @@ describe('Test users', function () { | |||
209 | 209 | ||
210 | expect(user.username).to.equal('user_1') | 210 | expect(user.username).to.equal('user_1') |
211 | expect(user.email).to.equal('user_1@example.com') | 211 | expect(user.email).to.equal('user_1@example.com') |
212 | expect(user.displayNSFW).to.be.falsy | ||
212 | expect(user.id).to.exist | 213 | expect(user.id).to.exist |
213 | 214 | ||
214 | done() | 215 | done() |
@@ -237,10 +238,13 @@ describe('Test users', function () { | |||
237 | const user = users[0] | 238 | const user = users[0] |
238 | expect(user.username).to.equal('user_1') | 239 | expect(user.username).to.equal('user_1') |
239 | expect(user.email).to.equal('user_1@example.com') | 240 | expect(user.email).to.equal('user_1@example.com') |
241 | expect(user.displayNSFW).to.be.falsy | ||
240 | 242 | ||
241 | const rootUser = users[1] | 243 | const rootUser = users[1] |
242 | expect(rootUser.username).to.equal('root') | 244 | expect(rootUser.username).to.equal('root') |
243 | expect(rootUser.email).to.equal('admin1@example.com') | 245 | expect(rootUser.email).to.equal('admin1@example.com') |
246 | expect(rootUser.displayNSFW).to.be.falsy | ||
247 | |||
244 | userId = user.id | 248 | userId = user.id |
245 | 249 | ||
246 | done() | 250 | done() |
@@ -261,6 +265,7 @@ describe('Test users', function () { | |||
261 | const user = users[0] | 265 | const user = users[0] |
262 | expect(user.username).to.equal('root') | 266 | expect(user.username).to.equal('root') |
263 | expect(user.email).to.equal('admin1@example.com') | 267 | expect(user.email).to.equal('admin1@example.com') |
268 | expect(user.displayNSFW).to.be.falsy | ||
264 | 269 | ||
265 | done() | 270 | done() |
266 | }) | 271 | }) |
@@ -280,6 +285,7 @@ describe('Test users', function () { | |||
280 | const user = users[0] | 285 | const user = users[0] |
281 | expect(user.username).to.equal('user_1') | 286 | expect(user.username).to.equal('user_1') |
282 | expect(user.email).to.equal('user_1@example.com') | 287 | expect(user.email).to.equal('user_1@example.com') |
288 | expect(user.displayNSFW).to.be.falsy | ||
283 | 289 | ||
284 | done() | 290 | done() |
285 | }) | 291 | }) |
@@ -299,6 +305,7 @@ describe('Test users', function () { | |||
299 | const user = users[0] | 305 | const user = users[0] |
300 | expect(user.username).to.equal('user_1') | 306 | expect(user.username).to.equal('user_1') |
301 | expect(user.email).to.equal('user_1@example.com') | 307 | expect(user.email).to.equal('user_1@example.com') |
308 | expect(user.displayNSFW).to.be.falsy | ||
302 | 309 | ||
303 | done() | 310 | done() |
304 | }) | 311 | }) |
@@ -317,15 +324,18 @@ describe('Test users', function () { | |||
317 | 324 | ||
318 | expect(users[0].username).to.equal('root') | 325 | expect(users[0].username).to.equal('root') |
319 | expect(users[0].email).to.equal('admin1@example.com') | 326 | expect(users[0].email).to.equal('admin1@example.com') |
327 | expect(users[0].displayNSFW).to.be.falsy | ||
328 | |||
320 | expect(users[1].username).to.equal('user_1') | 329 | expect(users[1].username).to.equal('user_1') |
321 | expect(users[1].email).to.equal('user_1@example.com') | 330 | expect(users[1].email).to.equal('user_1@example.com') |
331 | expect(users[1].displayNSFW).to.be.falsy | ||
322 | 332 | ||
323 | done() | 333 | done() |
324 | }) | 334 | }) |
325 | }) | 335 | }) |
326 | 336 | ||
327 | it('Should update the user password', function (done) { | 337 | it('Should update the user password', function (done) { |
328 | usersUtils.updateUser(server.url, userId, accessTokenUser, 'new password', function (err, res) { | 338 | usersUtils.updateUser(server.url, userId, accessTokenUser, 'new password', null, function (err, res) { |
329 | if (err) throw err | 339 | if (err) throw err |
330 | 340 | ||
331 | server.user.password = 'new password' | 341 | server.user.password = 'new password' |
@@ -333,6 +343,25 @@ describe('Test users', function () { | |||
333 | }) | 343 | }) |
334 | }) | 344 | }) |
335 | 345 | ||
346 | it('Should be able to change the NSFW display attribute', function (done) { | ||
347 | usersUtils.updateUser(server.url, userId, accessTokenUser, null, true, function (err, res) { | ||
348 | if (err) throw err | ||
349 | |||
350 | usersUtils.getUserInformation(server.url, accessTokenUser, function (err, res) { | ||
351 | if (err) throw err | ||
352 | |||
353 | const user = res.body | ||
354 | |||
355 | expect(user.username).to.equal('user_1') | ||
356 | expect(user.email).to.equal('user_1@example.com') | ||
357 | expect(user.displayNSFW).to.be.truthy | ||
358 | expect(user.id).to.exist | ||
359 | |||
360 | done() | ||
361 | }) | ||
362 | }) | ||
363 | }) | ||
364 | |||
336 | it('Should be able to remove this user', function (done) { | 365 | it('Should be able to remove this user', function (done) { |
337 | usersUtils.removeUser(server.url, userId, accessToken, done) | 366 | usersUtils.removeUser(server.url, userId, accessToken, done) |
338 | }) | 367 | }) |
diff --git a/server/tests/utils/users.js b/server/tests/utils/users.js index 7817160b9..8138074d0 100644 --- a/server/tests/utils/users.js +++ b/server/tests/utils/users.js | |||
@@ -101,14 +101,18 @@ function removeUser (url, userId, accessToken, expectedStatus, end) { | |||
101 | .end(end) | 101 | .end(end) |
102 | } | 102 | } |
103 | 103 | ||
104 | function updateUser (url, userId, accessToken, newPassword, end) { | 104 | function updateUser (url, userId, accessToken, newPassword, displayNSFW, end) { |
105 | const path = '/api/v1/users/' + userId | 105 | const path = '/api/v1/users/' + userId |
106 | 106 | ||
107 | const toSend = {} | ||
108 | if (newPassword !== undefined && newPassword !== null) toSend.password = newPassword | ||
109 | if (displayNSFW !== undefined && displayNSFW !== null) toSend.displayNSFW = displayNSFW | ||
110 | |||
107 | request(url) | 111 | request(url) |
108 | .put(path) | 112 | .put(path) |
109 | .set('Accept', 'application/json') | 113 | .set('Accept', 'application/json') |
110 | .set('Authorization', 'Bearer ' + accessToken) | 114 | .set('Authorization', 'Bearer ' + accessToken) |
111 | .send({ password: newPassword }) | 115 | .send(toSend) |
112 | .expect(204) | 116 | .expect(204) |
113 | .end(end) | 117 | .end(end) |
114 | } | 118 | } |