Server: Add NSFW in user profile

2017-04-03 21:24:36 +02:00 · 2017-04-03 21:24:36 +02:00 · 1d49e1e27d
parent 31b59b4774
commit 1d49e1e27d
9 changed files with 90 additions and 8 deletions
--- a/server/controllers/api/users.js
+++ b/server/controllers/api/users.js
@ -71,6 +71,7 @@ function createUser (req, res, next) {
    username: req.body.username,
    password: req.body.password,
    email: req.body.email,
    displayNSFW: false,
    role: constants.USER_ROLES.USER
  })
@ -136,7 +137,9 @@ function updateUser (req, res, next) {
  db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
    if (err) return next(err)
-    user.password = req.body.password
+    if (req.body.password) user.password = req.body.password
    if (req.body.displayNSFW !== undefined) user.displayNSFW = req.body.displayNSFW
    user.save().asCallback(function (err) {
      if (err) return next(err)
--- a/server/helpers/custom-validators/users.js
+++ b/server/helpers/custom-validators/users.js
@ -9,7 +9,8 @@ const USERS_CONSTRAINTS_FIELDS = constants.CONSTRAINTS_FIELDS.USERS
 const usersValidators = {
  isUserPasswordValid,
  isUserRoleValid,
-  isUserUsernameValid
+  isUserUsernameValid,
  isUserDisplayNSFWValid
 }
 function isUserPasswordValid (value) {
@ -26,6 +27,10 @@ function isUserUsernameValid (value) {
  return validator.matches(value, new RegExp(`^[a-zA-Z0-9._]{${min},${max}}$`))
 }
 function isUserDisplayNSFWValid (value) {
  return validator.isBoolean(value)
 }
 // ---------------------------------------------------------------------------
 module.exports = usersValidators
--- a/server/initializers/constants.js
+++ b/server/initializers/constants.js
@ -5,7 +5,7 @@ const path = require('path')
 // ---------------------------------------------------------------------------
-const LAST_MIGRATION_VERSION = 40
+const LAST_MIGRATION_VERSION = 45
 // ---------------------------------------------------------------------------
--- a/server/initializers/migrations/0045-user-display-nsfw.js
+++ b/server/initializers/migrations/0045-user-display-nsfw.js
@ -0,0 +1,19 @@
 'use strict'
 // utils = { transaction, queryInterface, sequelize, Sequelize }
 exports.up = function (utils, finalCallback) {
  const q = utils.queryInterface
  const Sequelize = utils.Sequelize
  const data = {
    type: Sequelize.BOOLEAN,
    allowNull: false,
    defaultValue: false
  }
  q.addColumn('Users', 'displayNSFW', data, { transaction: utils.transaction }).asCallback(finalCallback)
 }
 exports.down = function (options, callback) {
  throw new Error('Not implemented.')
 }
--- a/server/middlewares/validators/users.js
+++ b/server/middlewares/validators/users.js
@ -56,7 +56,8 @@ function usersRemove (req, res, next) {
 function usersUpdate (req, res, next) {
  req.checkParams('id', 'Should have a valid id').notEmpty().isInt()
  // Add old password verification
-  req.checkBody('password', 'Should have a valid password').isUserPasswordValid()
+  req.checkBody('password', 'Should have a valid password').optional().isUserPasswordValid()
  req.checkBody('displayNSFW', 'Should have a valid display Not Safe For Work attribute').optional().isUserDisplayNSFWValid()
  logger.debug('Checking usersUpdate parameters', { parameters: req.body })
--- a/server/models/user.js
+++ b/server/models/user.js
@ -39,6 +39,17 @@ module.exports = function (sequelize, DataTypes) {
          isEmail: true
        }
      },
      displayNSFW: {
        type: DataTypes.BOOLEAN,
        allowNull: false,
        defaultValue: false,
        validate: {
          nsfwValid: function (value) {
            const res = customUsersValidators.isUserDisplayNSFWValid(value)
            if (res === false) throw new Error('Display NSFW is not valid.')
          }
        }
      },
      role: {
        type: DataTypes.ENUM(values(constants.USER_ROLES)),
        allowNull: false
@ -101,6 +112,7 @@ function toFormatedJSON () {
    id: this.id,
    username: this.username,
    email: this.email,
    displayNSFW: this.displayNSFW,
    role: this.role,
    createdAt: this.createdAt
  }
--- a/server/tests/api/check-params/users.js
+++ b/server/tests/api/check-params/users.js
@ -270,6 +270,14 @@ describe('Test users API validators', function () {
      requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done)
    })
    it('Should fail with an invalid display NSFW attribute', function (done) {
      const data = {
        displayNSFW: -1
      }
      requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done)
    })
    it('Should fail with an non authenticated user', function (done) {
      const data = {
        password: 'my super password'
@ -280,7 +288,8 @@ describe('Test users API validators', function () {
    it('Should succeed with the correct params', function (done) {
      const data = {
-        password: 'my super password'
+        password: 'my super password',
        displayNSFW: true
      }
      requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done, 204)
--- a/server/tests/api/users.js
+++ b/server/tests/api/users.js
@ -209,6 +209,7 @@ describe('Test users', function () {
      expect(user.username).to.equal('user_1')
      expect(user.email).to.equal('user_1@example.com')
      expect(user.displayNSFW).to.be.falsy
      expect(user.id).to.exist
      done()
@ -237,10 +238,13 @@ describe('Test users', function () {
      const user = users[0]
      expect(user.username).to.equal('user_1')
      expect(user.email).to.equal('user_1@example.com')
      expect(user.displayNSFW).to.be.falsy
      const rootUser = users[1]
      expect(rootUser.username).to.equal('root')
      expect(rootUser.email).to.equal('admin1@example.com')
      expect(rootUser.displayNSFW).to.be.falsy
      userId = user.id
      done()
@ -261,6 +265,7 @@ describe('Test users', function () {
      const user = users[0]
      expect(user.username).to.equal('root')
      expect(user.email).to.equal('admin1@example.com')
      expect(user.displayNSFW).to.be.falsy
      done()
    })
@ -280,6 +285,7 @@ describe('Test users', function () {
      const user = users[0]
      expect(user.username).to.equal('user_1')
      expect(user.email).to.equal('user_1@example.com')
      expect(user.displayNSFW).to.be.falsy
      done()
    })
@ -299,6 +305,7 @@ describe('Test users', function () {
      const user = users[0]
      expect(user.username).to.equal('user_1')
      expect(user.email).to.equal('user_1@example.com')
      expect(user.displayNSFW).to.be.falsy
      done()
    })
@ -317,15 +324,18 @@ describe('Test users', function () {
      expect(users[0].username).to.equal('root')
      expect(users[0].email).to.equal('admin1@example.com')
      expect(users[0].displayNSFW).to.be.falsy
      expect(users[1].username).to.equal('user_1')
      expect(users[1].email).to.equal('user_1@example.com')
      expect(users[1].displayNSFW).to.be.falsy
      done()
    })
  })
  it('Should update the user password', function (done) {
-    usersUtils.updateUser(server.url, userId, accessTokenUser, 'new password', function (err, res) {
+    usersUtils.updateUser(server.url, userId, accessTokenUser, 'new password', null, function (err, res) {
      if (err) throw err
      server.user.password = 'new password'
@ -333,6 +343,25 @@ describe('Test users', function () {
    })
  })
  it('Should be able to change the NSFW display attribute', function (done) {
    usersUtils.updateUser(server.url, userId, accessTokenUser, null, true, function (err, res) {
      if (err) throw err
      usersUtils.getUserInformation(server.url, accessTokenUser, function (err, res) {
        if (err) throw err
        const user = res.body
        expect(user.username).to.equal('user_1')
        expect(user.email).to.equal('user_1@example.com')
        expect(user.displayNSFW).to.be.truthy
        expect(user.id).to.exist
        done()
      })
    })
  })
  it('Should be able to remove this user', function (done) {
    usersUtils.removeUser(server.url, userId, accessToken, done)
  })
--- a/server/tests/utils/users.js
+++ b/server/tests/utils/users.js
@ -101,14 +101,18 @@ function removeUser (url, userId, accessToken, expectedStatus, end) {
    .end(end)
 }
-function updateUser (url, userId, accessToken, newPassword, end) {
+function updateUser (url, userId, accessToken, newPassword, displayNSFW, end) {
  const path = '/api/v1/users/' + userId
  const toSend = {}
  if (newPassword !== undefined && newPassword !== null) toSend.password = newPassword
  if (displayNSFW !== undefined && displayNSFW !== null) toSend.displayNSFW = displayNSFW
  request(url)
    .put(path)
    .set('Accept', 'application/json')
    .set('Authorization', 'Bearer ' + accessToken)
-    .send({ password: newPassword })
+    .send(toSend)
    .expect(204)
    .end(end)
 }