Server: delete user with the id and not the username
This commit is contained in:
parent
45b81debd6
commit
68a3b9f2aa
|
@ -34,7 +34,7 @@ router.put('/:id',
|
||||||
updateUser
|
updateUser
|
||||||
)
|
)
|
||||||
|
|
||||||
router.delete('/:username',
|
router.delete('/:id',
|
||||||
oAuth.authenticate,
|
oAuth.authenticate,
|
||||||
admin.ensureIsAdmin,
|
admin.ensureIsAdmin,
|
||||||
validatorsUsers.usersRemove,
|
validatorsUsers.usersRemove,
|
||||||
|
@ -83,7 +83,7 @@ function listUsers (req, res, next) {
|
||||||
function removeUser (req, res, next) {
|
function removeUser (req, res, next) {
|
||||||
waterfall([
|
waterfall([
|
||||||
function getUser (callback) {
|
function getUser (callback) {
|
||||||
User.loadByUsername(req.params.username, callback)
|
User.loadById(req.params.id, callback)
|
||||||
},
|
},
|
||||||
|
|
||||||
function getVideos (user, callback) {
|
function getVideos (user, callback) {
|
||||||
|
|
|
@ -25,12 +25,12 @@ function usersAdd (req, res, next) {
|
||||||
}
|
}
|
||||||
|
|
||||||
function usersRemove (req, res, next) {
|
function usersRemove (req, res, next) {
|
||||||
req.checkParams('username', 'Should have a valid username').isUserUsernameValid()
|
req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId()
|
||||||
|
|
||||||
logger.debug('Checking usersRemove parameters', { parameters: req.params })
|
logger.debug('Checking usersRemove parameters', { parameters: req.params })
|
||||||
|
|
||||||
checkErrors(req, res, function () {
|
checkErrors(req, res, function () {
|
||||||
User.loadByUsername(req.params.username, function (err, user) {
|
User.loadById(req.params.id, function (err, user) {
|
||||||
if (err) {
|
if (err) {
|
||||||
logger.error('Error in usersRemove request validator.', { error: err })
|
logger.error('Error in usersRemove request validator.', { error: err })
|
||||||
return res.sendStatus(500)
|
return res.sendStatus(500)
|
||||||
|
@ -44,6 +44,7 @@ function usersRemove (req, res, next) {
|
||||||
}
|
}
|
||||||
|
|
||||||
function usersUpdate (req, res, next) {
|
function usersUpdate (req, res, next) {
|
||||||
|
req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId()
|
||||||
// Add old password verification
|
// Add old password verification
|
||||||
req.checkBody('password', 'Should have a valid password').isUserPasswordValid()
|
req.checkBody('password', 'Should have a valid password').isUserPasswordValid()
|
||||||
|
|
||||||
|
|
|
@ -21,6 +21,7 @@ UserSchema.methods = {
|
||||||
UserSchema.statics = {
|
UserSchema.statics = {
|
||||||
getByUsernameAndPassword: getByUsernameAndPassword,
|
getByUsernameAndPassword: getByUsernameAndPassword,
|
||||||
list: list,
|
list: list,
|
||||||
|
loadById: loadById,
|
||||||
loadByUsername: loadByUsername
|
loadByUsername: loadByUsername
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -36,6 +37,10 @@ function list (callback) {
|
||||||
return this.find(callback)
|
return this.find(callback)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function loadById (id, callback) {
|
||||||
|
return this.findById(id, callback)
|
||||||
|
}
|
||||||
|
|
||||||
function loadByUsername (username, callback) {
|
function loadByUsername (username, callback) {
|
||||||
return this.findOne({ username: username }, callback)
|
return this.findOne({ username: username }, callback)
|
||||||
}
|
}
|
||||||
|
|
|
@ -610,23 +610,23 @@ describe('Test parameters validator', function () {
|
||||||
})
|
})
|
||||||
|
|
||||||
describe('When removing an user', function () {
|
describe('When removing an user', function () {
|
||||||
it('Should fail with an incorrect username', function (done) {
|
it('Should fail with an incorrect id', function (done) {
|
||||||
request(server.url)
|
request(server.url)
|
||||||
.delete(path + 'bla-bla')
|
.delete(path + 'bla-bla')
|
||||||
.set('Authorization', 'Bearer ' + server.accessToken)
|
.set('Authorization', 'Bearer ' + server.accessToken)
|
||||||
.expect(400, done)
|
.expect(400, done)
|
||||||
})
|
})
|
||||||
|
|
||||||
it('Should return 404 with a non existing username', function (done) {
|
it('Should return 404 with a non existing id', function (done) {
|
||||||
request(server.url)
|
request(server.url)
|
||||||
.delete(path + 'qzzerg')
|
.delete(path + '579f982228c99c221d8092b8')
|
||||||
.set('Authorization', 'Bearer ' + server.accessToken)
|
.set('Authorization', 'Bearer ' + server.accessToken)
|
||||||
.expect(404, done)
|
.expect(404, done)
|
||||||
})
|
})
|
||||||
|
|
||||||
it('Should success with the correct parameters', function (done) {
|
it('Should success with the correct parameters', function (done) {
|
||||||
request(server.url)
|
request(server.url)
|
||||||
.delete(path + 'user1')
|
.delete(path + userId)
|
||||||
.set('Authorization', 'Bearer ' + server.accessToken)
|
.set('Authorization', 'Bearer ' + server.accessToken)
|
||||||
.expect(204, done)
|
.expect(204, done)
|
||||||
})
|
})
|
||||||
|
|
|
@ -235,7 +235,7 @@ describe('Test users', function () {
|
||||||
})
|
})
|
||||||
|
|
||||||
it('Should be able to remove this user', function (done) {
|
it('Should be able to remove this user', function (done) {
|
||||||
usersUtils.removeUser(server.url, accessToken, 'user_1', done)
|
usersUtils.removeUser(server.url, userId, accessToken, done)
|
||||||
})
|
})
|
||||||
|
|
||||||
it('Should not be able to login with this user', function (done) {
|
it('Should not be able to login with this user', function (done) {
|
||||||
|
|
|
@ -52,7 +52,7 @@ function getUsersList (url, end) {
|
||||||
.end(end)
|
.end(end)
|
||||||
}
|
}
|
||||||
|
|
||||||
function removeUser (url, token, username, expectedStatus, end) {
|
function removeUser (url, userId, accessToken, expectedStatus, end) {
|
||||||
if (!end) {
|
if (!end) {
|
||||||
end = expectedStatus
|
end = expectedStatus
|
||||||
expectedStatus = 204
|
expectedStatus = 204
|
||||||
|
@ -61,9 +61,9 @@ function removeUser (url, token, username, expectedStatus, end) {
|
||||||
const path = '/api/v1/users'
|
const path = '/api/v1/users'
|
||||||
|
|
||||||
request(url)
|
request(url)
|
||||||
.delete(path + '/' + username)
|
.delete(path + '/' + userId)
|
||||||
.set('Accept', 'application/json')
|
.set('Accept', 'application/json')
|
||||||
.set('Authorization', 'Bearer ' + token)
|
.set('Authorization', 'Bearer ' + accessToken)
|
||||||
.expect(expectedStatus)
|
.expect(expectedStatus)
|
||||||
.end(end)
|
.end(end)
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue