2015-07-20 00:09:47 -07:00
|
|
|
/* global it:false */
|
|
|
|
|
/* global describe:false */
|
|
|
|
|
/* global before:false */
|
|
|
|
|
/* global after:false */
|
|
|
|
|
|
|
|
|
|
'use strict';
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
const BoxError = require('../boxerror.js'),
|
|
|
|
|
common = require('./common.js'),
|
2015-07-20 00:09:47 -07:00
|
|
|
expect = require('expect.js'),
|
2021-06-26 09:57:07 -07:00
|
|
|
safe = require('safetydance'),
|
2024-01-06 13:15:55 +01:00
|
|
|
speakeasy = require('speakeasy'),
|
2020-02-21 12:17:06 -08:00
|
|
|
users = require('../users.js'),
|
2020-02-13 20:45:00 -08:00
|
|
|
_ = require('underscore');
|
2015-07-20 00:09:47 -07:00
|
|
|
|
|
|
|
|
describe('User', function () {
|
2021-08-13 14:43:08 -07:00
|
|
|
const { domainSetup, cleanup, admin, user, auditSource, checkMails, clearMailQueue } = common;
|
2015-07-20 00:09:47 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
async function cleanupUsers() {
|
2021-08-20 11:30:35 -07:00
|
|
|
for (const u of await users.list()) {
|
2021-08-13 10:41:10 -07:00
|
|
|
await users.del(u, auditSource);
|
2021-07-15 09:50:11 -07:00
|
|
|
}
|
2021-07-19 12:43:30 -07:00
|
|
|
}
|
2021-07-15 09:50:11 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
async function createOwner() {
|
|
|
|
|
await cleanupUsers();
|
2021-07-15 09:50:11 -07:00
|
|
|
|
2021-08-13 10:41:10 -07:00
|
|
|
const id = await users.add(admin.email, admin, auditSource);
|
|
|
|
|
admin.id = id;
|
2021-07-19 12:43:30 -07:00
|
|
|
}
|
2021-07-15 09:50:11 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
before(domainSetup);
|
|
|
|
|
after(cleanup);
|
2021-07-15 09:50:11 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
function checkUser(a, b) {
|
|
|
|
|
expect(a.creationTime).to.be.a(Date);
|
|
|
|
|
expect(a.resetTokenCreationTime).to.be.a(Date);
|
2021-07-15 09:50:11 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
const fields = [ 'id', 'username', 'email', 'fallbackEmail', 'role', 'displayName', 'source', 'permissions', 'active' ];
|
2021-07-15 09:50:11 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(_.pick(a, fields)).to.be.eql(_.pick(b, fields));
|
|
|
|
|
}
|
2021-07-15 09:50:11 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
describe('add', function () {
|
|
|
|
|
it('fails due to short password', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const user = Object.assign({}, admin, { password: 'Fo$%23' });
|
|
|
|
|
const [error] = await safe(users.add(user.email, user, auditSource));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to reserved username', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const user = Object.assign({}, admin, { username: 'admin' });
|
|
|
|
|
const [error] = await safe(users.add(user.email, user, auditSource));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to invalid username', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const user = Object.assign({}, admin, { username: 'moo+daemon' });
|
|
|
|
|
const [error] = await safe(users.add(user.email, user, auditSource));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to empty username', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const user = Object.assign({}, admin, { username: '' });
|
|
|
|
|
const [error] = await safe(users.add(user.email, user, auditSource));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to long username', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const user = Object.assign({}, admin, { username: new Array(257).fill('Z').join('') });
|
|
|
|
|
const [error] = await safe(users.add(user.email, user, auditSource));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to reserved app pattern', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const user = Object.assign({}, admin, { username: 'maybe.app' });
|
|
|
|
|
const [error] = await safe(users.add(user.email, user, auditSource));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails because password is empty', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const user = Object.assign({}, admin, { password: '' });
|
|
|
|
|
const [error] = await safe(users.add(user.email, user, auditSource));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-10-26 22:50:02 +02:00
|
|
|
it('fails because fallbackEmail is not an email', async function () {
|
|
|
|
|
const user = Object.assign({}, admin, { fallbackEmail: 'notanemail' });
|
|
|
|
|
const [error] = await safe(users.add(user.email, user, auditSource));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
|
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('can add user', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const id = await users.add(admin.email, admin, auditSource);
|
|
|
|
|
admin.id = id;
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('cannot add user with same email again', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const [error] = await safe(users.add(admin.email, admin, auditSource));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.be(BoxError.ALREADY_EXISTS);
|
|
|
|
|
expect(error.message).to.equal('email already exists');
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('cannot add user with same username again', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const [error] = await safe(users.add('somethingelse@not.taken', admin, auditSource));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.be(BoxError.ALREADY_EXISTS);
|
|
|
|
|
expect(error.message).to.equal('username already exists');
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
2021-07-20 09:05:21 -07:00
|
|
|
describe('getters', function () {
|
|
|
|
|
before(cleanupUsers);
|
2016-01-20 14:50:06 +01:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('cannot get by bad user id', async function () {
|
|
|
|
|
const result = await users.get('random');
|
|
|
|
|
expect(result).to.be(null);
|
2016-04-14 16:30:31 +02:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails because there is no owner', async function () {
|
|
|
|
|
const owner = await users.getOwner();
|
|
|
|
|
expect(owner).to.be(null);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('getOwner succeeds', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const id = await users.add(admin.email, admin, auditSource);
|
|
|
|
|
admin.id = id;
|
2021-07-19 12:43:30 -07:00
|
|
|
const owner = await users.getOwner();
|
2021-08-13 10:41:10 -07:00
|
|
|
checkUser(owner, admin);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-20 09:05:21 -07:00
|
|
|
it('can get by user id', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const result = await users.get(admin.id);
|
|
|
|
|
checkUser(result, admin);
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('can get by username', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const result = await users.getByUsername(admin.username);
|
|
|
|
|
checkUser(result, admin);
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('can get by email', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const result = await users.getByEmail(admin.email);
|
|
|
|
|
checkUser(result, admin);
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('add another admin', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const result = await users.add(user.email, user, auditSource);
|
|
|
|
|
user.id = result;
|
|
|
|
|
await users.update(user, { role: users.ROLE_ADMIN }, auditSource);
|
|
|
|
|
user.role = users.ROLE_ADMIN;
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('getSuperadmins succeeds', async function () {
|
|
|
|
|
const results = await users.getSuperadmins();
|
|
|
|
|
expect(results.length).to.be(1);
|
2021-08-13 10:41:10 -07:00
|
|
|
checkUser(results[0], admin);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
2016-01-13 12:28:38 -08:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('getAdmins succeeds', async function () {
|
|
|
|
|
const results = await users.getAdmins();
|
2021-07-20 09:05:21 -07:00
|
|
|
expect(results.length).to.be(2);
|
2021-08-13 10:41:10 -07:00
|
|
|
checkUser(results[0], admin); // owner is always the first
|
|
|
|
|
checkUser(results[1], user);
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('getByResetToken fails for empty resetToken', async function () {
|
|
|
|
|
const [error] = await safe(users.getByResetToken(''));
|
|
|
|
|
expect(error.reason).to.be(BoxError.BAD_FIELD);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('getByResetToken fails for bad resetToken', async function () {
|
|
|
|
|
const result = await users.getByResetToken(new Array(64).fill('Z').join(''));
|
|
|
|
|
expect(result).to.be(null);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('can get by resetToken', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
user.resetToken = new Array(64).fill('X').join('');
|
|
|
|
|
await users.update(user, { resetToken: user.resetToken }, auditSource);
|
2021-08-13 14:43:08 -07:00
|
|
|
const result = await users.getByResetToken(user.resetToken);
|
|
|
|
|
checkUser(result, user);
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
|
2021-08-20 11:30:35 -07:00
|
|
|
it('can list', async function () {
|
|
|
|
|
const results = await users.list();
|
2021-07-20 09:05:21 -07:00
|
|
|
expect(results.length).to.be(2);
|
2021-08-13 10:41:10 -07:00
|
|
|
checkUser(results[0], admin);
|
|
|
|
|
checkUser(results[1], user);
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
|
2021-08-20 11:30:35 -07:00
|
|
|
it('can listPaged', async function () {
|
2022-02-07 14:22:34 -08:00
|
|
|
let results = await users.listPaged(null, null, 1, 1);
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(results.length).to.be(1);
|
2021-08-13 10:41:10 -07:00
|
|
|
checkUser(results[0], admin);
|
2021-07-20 09:05:21 -07:00
|
|
|
|
2022-02-07 14:22:34 -08:00
|
|
|
results = await users.listPaged(null, null, 2, 1);
|
2021-07-20 09:05:21 -07:00
|
|
|
expect(results.length).to.be(1);
|
2021-08-13 10:41:10 -07:00
|
|
|
checkUser(results[0], user);
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
|
2021-08-20 11:30:35 -07:00
|
|
|
it('can listPaged (search)', async function () {
|
2024-06-12 10:27:59 +02:00
|
|
|
const results = await users.listPaged(admin.email.slice(0, 8), null, 1, 1);
|
2021-07-20 09:05:21 -07:00
|
|
|
expect(results.length).to.be(1);
|
2021-08-13 10:41:10 -07:00
|
|
|
checkUser(results[0], admin);
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('update', function () {
|
|
|
|
|
before(createOwner);
|
|
|
|
|
|
|
|
|
|
it('fails due to unknown userid', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const user = Object.assign({}, admin, { id: 'random' });
|
|
|
|
|
const [error] = await safe(users.update(user, { displayName: 'full name' }, auditSource));
|
2021-07-20 09:05:21 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.NOT_FOUND);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('fails due to invalid email', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const [error] = await safe(users.update(admin, { email: 'brokenemailaddress' }, auditSource));
|
2021-07-20 09:05:21 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
|
|
|
|
});
|
|
|
|
|
|
2021-08-13 14:43:08 -07:00
|
|
|
it('cannot update the user with already existing email', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const result = await users.add(user.email, user, auditSource);
|
|
|
|
|
user.id = result;
|
2021-07-20 09:05:21 -07:00
|
|
|
|
2021-08-13 14:43:08 -07:00
|
|
|
const [error] = await safe(users.update(admin, { email: user.email }, auditSource));
|
2021-07-20 09:05:21 -07:00
|
|
|
expect(error.reason).to.be(BoxError.ALREADY_EXISTS);
|
|
|
|
|
expect(error.message).to.equal('email already exists');
|
|
|
|
|
});
|
|
|
|
|
|
2022-01-13 15:20:16 -08:00
|
|
|
it('cannot update username', async function () {
|
2021-08-13 14:43:08 -07:00
|
|
|
const [error] = await safe(users.update(admin, { username: user.username }, auditSource));
|
2022-01-13 15:20:16 -08:00
|
|
|
expect(error.reason).to.be(BoxError.CONFLICT);
|
|
|
|
|
expect(error.message).to.equal('Username cannot be changed');
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
|
2021-08-13 14:43:08 -07:00
|
|
|
it('can update the user', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
await users.update(admin, { email: 'some@thing.com', displayName: 'Heiter' }, auditSource);
|
|
|
|
|
const user = await users.get(admin.id);
|
2021-07-20 09:05:21 -07:00
|
|
|
expect(user.email).to.equal('some@thing.com');
|
|
|
|
|
expect(user.displayName).to.equal('Heiter');
|
2016-01-13 12:28:38 -08:00
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
2015-07-20 00:09:47 -07:00
|
|
|
describe('verify', function () {
|
2016-02-08 15:16:59 -08:00
|
|
|
before(createOwner);
|
2016-04-05 16:27:04 +02:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to non existing user', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
const [error] = await safe(users.verify('somerandomid', 'somepassword', users.AP_WEBADMIN, {}));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.NOT_FOUND);
|
2016-04-05 16:27:04 +02:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to empty password', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
const [error] = await safe(users.verify(admin.id, '', users.AP_WEBADMIN, {}));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2016-04-05 16:27:04 +02:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to wrong password', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
const [error] = await safe(users.verify(admin.id, admin.password+'x', users.AP_WEBADMIN, {}));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2016-04-05 16:27:04 +02:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
const result = await users.verify(admin.id, admin.password, users.AP_WEBADMIN, {});
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(result).to.be.ok();
|
|
|
|
|
expect(result.appPassword).to.not.be.ok();
|
|
|
|
|
expect(result.ghost).to.not.be.ok();
|
2016-04-05 16:27:04 +02:00
|
|
|
});
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails for ghost if not enabled', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
const [error] = await safe(users.verify(admin.id, 'foobar', users.AP_WEBADMIN, {}));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2016-07-12 10:07:55 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails for ghost with wrong password', async function () {
|
2021-09-20 14:59:26 +02:00
|
|
|
await users.setGhost(admin, 'testpassword', 0);
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2023-03-12 15:09:20 +01:00
|
|
|
const [error] = await safe(users.verify(admin.id, 'foobar', users.AP_WEBADMIN, {}));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2016-07-12 10:07:55 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds for ghost', async function () {
|
2021-09-20 14:59:26 +02:00
|
|
|
await users.setGhost(admin, 'testpassword', 0);
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2023-03-12 15:09:20 +01:00
|
|
|
const result = await users.verify(admin.id, 'testpassword', users.AP_WEBADMIN, {});
|
2021-08-13 10:41:10 -07:00
|
|
|
expect(result.id).to.equal(admin.id);
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(result.ghost).to.be(true);
|
2016-07-12 10:07:55 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds for normal user password when ghost file exists', async function () {
|
2021-09-20 14:59:26 +02:00
|
|
|
await users.setGhost(admin, 'testpassword', 0);
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2023-03-12 15:09:20 +01:00
|
|
|
const result = await users.verify(admin.id, admin.password, users.AP_WEBADMIN, {});
|
2021-08-13 10:41:10 -07:00
|
|
|
expect(result.id).to.equal(admin.id);
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(result.ghost).to.not.be.ok();
|
2016-07-12 10:07:55 -07:00
|
|
|
});
|
2016-04-05 16:27:04 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('verifyWithUsername', function () {
|
|
|
|
|
before(createOwner);
|
2015-07-20 00:09:47 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to non existing username', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
const [error] = await safe(users.verifyWithUsername('someusername', 'somepass', users.AP_WEBADMIN, {}));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.NOT_FOUND);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to empty password', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
const [error] = await safe(users.verifyWithUsername(admin.username, '', users.AP_WEBADMIN, {}));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to wrong password', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
const [error] = await safe(users.verifyWithUsername(admin.username, 'somepass', users.AP_WEBADMIN, {}));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
const result = await users.verifyWithUsername(admin.username, admin.password, users.AP_WEBADMIN, {});
|
2021-08-13 10:41:10 -07:00
|
|
|
expect(result.id).to.equal(admin.id);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
2016-04-13 12:15:49 +02:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds for different username case', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
const result = await users.verifyWithUsername(admin.username.toUpperCase(), admin.password, users.AP_WEBADMIN, {});
|
2021-08-13 10:41:10 -07:00
|
|
|
expect(result.id).to.equal(admin.id);
|
2016-04-13 12:15:49 +02:00
|
|
|
});
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails for ghost with wrong password', async function () {
|
2021-09-20 14:59:26 +02:00
|
|
|
await users.setGhost(admin, 'testpassword', 0);
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2023-03-12 15:09:20 +01:00
|
|
|
const [error] = await safe(users.verifyWithUsername(admin.username, 'foobar', users.AP_WEBADMIN, {}));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2016-07-12 10:07:55 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds for ghost', async function () {
|
2021-09-20 14:59:26 +02:00
|
|
|
await users.setGhost(admin, 'testpassword', 0);
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2023-03-12 15:09:20 +01:00
|
|
|
const result = await users.verifyWithUsername(admin.username, 'testpassword', users.AP_WEBADMIN, {});
|
2021-08-13 10:41:10 -07:00
|
|
|
expect(result.id).to.equal(admin.id);
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(result.ghost).to.be(true);
|
2016-07-12 10:07:55 -07:00
|
|
|
});
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('verifyWithEmail', function () {
|
2016-02-08 15:16:59 -08:00
|
|
|
before(createOwner);
|
2015-07-20 00:09:47 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to non existing user', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
const [error] = await safe(users.verifyWithEmail('bad@email.com', admin.password, users.AP_WEBADMIN, {}));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.NOT_FOUND);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to empty password', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
const [error] = await safe(users.verifyWithEmail(admin.email, '', users.AP_WEBADMIN, {}));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to wrong password', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
const [error] = await safe(users.verifyWithEmail(admin.email, 'badpassword', users.AP_WEBADMIN, {}));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
const result = await users.verifyWithEmail(admin.email, admin.password, users.AP_WEBADMIN, {});
|
2021-08-13 10:41:10 -07:00
|
|
|
expect(result.id).to.be(admin.id);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
2016-04-13 12:15:49 +02:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds for different email case', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
const result = await users.verifyWithEmail(admin.email.toUpperCase(), admin.password, users.AP_WEBADMIN, {});
|
2021-08-13 10:41:10 -07:00
|
|
|
expect(result.id).to.be(admin.id);
|
2016-04-13 12:15:49 +02:00
|
|
|
});
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails for ghost with wrong password', async function () {
|
2021-09-20 14:59:26 +02:00
|
|
|
await users.setGhost(admin, 'testpassword', 0);
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2023-03-12 15:09:20 +01:00
|
|
|
const [error] = await safe(users.verifyWithEmail(admin.email, 'foobar', users.AP_WEBADMIN, {}));
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2016-07-12 10:07:55 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds for ghost', async function () {
|
2021-09-20 14:59:26 +02:00
|
|
|
await users.setGhost(admin, 'testpassword', 0);
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2023-03-12 15:09:20 +01:00
|
|
|
const result = await users.verifyWithEmail(admin.email, 'testpassword', users.AP_WEBADMIN, {});
|
2021-08-13 10:41:10 -07:00
|
|
|
expect(result.id).to.equal(admin.id);
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(result.ghost).to.equal(true);
|
2016-07-12 10:07:55 -07:00
|
|
|
});
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2024-01-06 13:15:55 +01:00
|
|
|
describe('setup 2fa', function () {
|
|
|
|
|
before(createOwner);
|
|
|
|
|
|
|
|
|
|
let twofa;
|
|
|
|
|
|
|
|
|
|
it('create secret', async function () {
|
2024-01-20 11:35:27 +01:00
|
|
|
twofa = await users.setTwoFactorAuthenticationSecret(admin, auditSource);
|
2024-01-06 13:15:55 +01:00
|
|
|
expect(twofa.secret).to.be.a('string');
|
|
|
|
|
expect(twofa.qrcode).to.be.a('string');
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('can create secret again', async function () {
|
2024-01-20 11:35:27 +01:00
|
|
|
twofa = await users.setTwoFactorAuthenticationSecret(admin, auditSource);
|
2024-01-06 13:15:55 +01:00
|
|
|
expect(twofa.secret).to.be.a('string');
|
|
|
|
|
expect(twofa.qrcode).to.be.a('string');
|
2024-01-20 11:35:27 +01:00
|
|
|
admin.twoFactorAuthenticationSecret = twofa.secret; // update user object
|
2024-01-06 13:15:55 +01:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('enable 2fa', async function () {
|
|
|
|
|
const totpToken = speakeasy.totp({ secret: twofa.secret, encoding: 'base32' });
|
2024-01-20 11:35:27 +01:00
|
|
|
await users.enableTwoFactorAuthentication(admin, totpToken, auditSource);
|
2024-01-06 13:15:55 +01:00
|
|
|
|
|
|
|
|
const u = await users.get(admin.id);
|
|
|
|
|
expect(u.twoFactorAuthenticationEnabled).to.be(true);
|
2024-01-20 11:35:27 +01:00
|
|
|
admin.twoFactorAuthenticationEnabled = true; // update user object
|
2024-01-06 13:15:55 +01:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('cannot re-create secret', async function () {
|
2024-01-20 11:35:27 +01:00
|
|
|
const [error] = await safe(users.setTwoFactorAuthenticationSecret(admin, auditSource));
|
2024-01-06 13:15:55 +01:00
|
|
|
expect(error.reason).to.be(BoxError.ALREADY_EXISTS);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('cannot re-enable 2fa', async function () {
|
|
|
|
|
const totpToken = speakeasy.totp({ secret: twofa.secret, encoding: 'base32' });
|
2024-01-20 11:35:27 +01:00
|
|
|
const [error] = await safe(users.enableTwoFactorAuthentication(admin, totpToken, auditSource));
|
2024-01-06 13:15:55 +01:00
|
|
|
expect(error.reason).to.be(BoxError.ALREADY_EXISTS);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('verify fails without 2fa', async function () {
|
|
|
|
|
const [error] = await safe(users.verifyWithUsername(admin.username, admin.password, users.AP_WEBADMIN, {}));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
|
|
|
|
expect(error.message).to.be('A totpToken must be provided');
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('verify succeeds with relaxed 2fa', async function () {
|
2024-01-07 22:01:57 +01:00
|
|
|
const user = await users.verifyWithUsername(admin.username, admin.password, users.AP_WEBADMIN, { skipTotpCheck: true });
|
2024-01-06 13:15:55 +01:00
|
|
|
expect(user.id).to.be(admin.id);
|
|
|
|
|
});
|
|
|
|
|
|
2024-01-07 22:01:57 +01:00
|
|
|
it('verify succeeds with relaxed 2fa but incorrect totp (totp is ignored)', async function () {
|
|
|
|
|
const user = await users.verifyWithUsername(admin.username, admin.password, users.AP_WEBADMIN, { totpToken: 'schlecht', skipTotpCheck: true });
|
|
|
|
|
expect(user.id).to.be(admin.id);
|
2024-01-06 13:15:55 +01:00
|
|
|
});
|
2024-01-06 13:25:12 +01:00
|
|
|
|
|
|
|
|
it('verify succeeds with valid 2fa', async function () {
|
|
|
|
|
const totpToken = speakeasy.totp({ secret: twofa.secret, encoding: 'base32' });
|
|
|
|
|
const user = await users.verifyWithUsername(admin.username, admin.password, users.AP_WEBADMIN, { totpToken });
|
|
|
|
|
expect(user.id).to.be(admin.id);
|
|
|
|
|
});
|
2024-01-06 13:15:55 +01:00
|
|
|
});
|
|
|
|
|
|
2021-07-20 09:05:21 -07:00
|
|
|
describe('active', function () {
|
|
|
|
|
before(createOwner);
|
|
|
|
|
|
|
|
|
|
it('verify fails for inactive user', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
await users.update(admin, { active: false }, auditSource);
|
2023-03-12 15:09:20 +01:00
|
|
|
const [error] = await safe(users.verify(admin.id, admin.password, users.AP_WEBADMIN, {}));
|
2021-07-20 09:05:21 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.NOT_FOUND);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('verify succeeds for inactive user', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
await users.update(admin, { active: true }, auditSource);
|
2023-03-12 15:09:20 +01:00
|
|
|
await users.verify(admin.id, admin.password, users.AP_WEBADMIN, {});
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
2024-01-06 13:15:55 +01:00
|
|
|
describe('get', function () {
|
2021-07-20 09:05:21 -07:00
|
|
|
before(createOwner);
|
|
|
|
|
|
|
|
|
|
it('fails due to non existing user', async function () {
|
|
|
|
|
const result = await users.get('randomid');
|
|
|
|
|
expect(result).to.be(null);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('succeeds', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const result = await users.get(admin.id);
|
|
|
|
|
expect(result.id).to.equal(admin.id);
|
|
|
|
|
expect(result.email).to.equal(admin.email.toLowerCase());
|
2021-10-26 22:50:02 +02:00
|
|
|
expect(result.fallbackEmail).to.equal(admin.fallbackEmail.toLowerCase());
|
2021-08-13 10:41:10 -07:00
|
|
|
expect(result.username).to.equal(admin.username.toLowerCase());
|
|
|
|
|
expect(result.displayName).to.equal(admin.displayName);
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('activated', function () {
|
|
|
|
|
before(cleanupUsers);
|
|
|
|
|
|
|
|
|
|
it('succeeds with no users', async function () {
|
|
|
|
|
const activated = await users.isActivated();
|
|
|
|
|
expect(activated).to.be(false);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('create admin', createOwner);
|
|
|
|
|
|
|
|
|
|
it('succeeds with users', async function () {
|
|
|
|
|
const activated = await users.isActivated();
|
|
|
|
|
expect(activated).to.be(true);
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('set password', function () {
|
|
|
|
|
before(createOwner);
|
|
|
|
|
|
|
|
|
|
it('fails due to unknown user', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const user = Object.assign({}, admin, { id: 'doesnotexist' });
|
|
|
|
|
const [error] = await safe(users.setPassword(user, 'newpassword', auditSource));
|
2021-07-20 09:05:21 -07:00
|
|
|
expect(error.reason).to.be(BoxError.NOT_FOUND);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('fails due to empty password', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const [error] = await safe(users.setPassword(admin, '', auditSource));
|
2021-07-20 09:05:21 -07:00
|
|
|
expect(error.reason).to.be(BoxError.BAD_FIELD);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('fails due to invalid password', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const [error] = await safe(users.setPassword(admin, 'foobar', auditSource));
|
2021-07-20 09:05:21 -07:00
|
|
|
expect(error.reason).to.be(BoxError.BAD_FIELD);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('succeeds', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
await users.setPassword(admin, 'ThisIsNew1Password', auditSource);
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('actually changed the password (unable to login with old pasword)', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
const [error] = await safe(users.verify(admin.id, admin.password, users.AP_WEBADMIN, {}));
|
2021-07-20 09:05:21 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
|
|
|
|
});
|
|
|
|
|
|
2021-08-13 14:43:08 -07:00
|
|
|
it('actually changed the password (login with new password)', async function () {
|
2023-03-12 15:09:20 +01:00
|
|
|
await users.verify(admin.id, 'ThisIsNew1Password', users.AP_WEBADMIN, {});
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('sendPasswordResetByIdentifier', function () {
|
2021-08-13 14:43:08 -07:00
|
|
|
before(createOwner);
|
2021-07-20 09:05:21 -07:00
|
|
|
|
2023-08-21 19:43:53 +05:30
|
|
|
it('fails due to unknown email', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const [error] = await safe(users.sendPasswordResetByIdentifier('unknown@mail.com', auditSource));
|
2021-07-20 09:05:21 -07:00
|
|
|
expect(error.reason).to.eql(BoxError.NOT_FOUND);
|
|
|
|
|
});
|
|
|
|
|
|
2023-08-21 19:43:53 +05:30
|
|
|
it('fails due to unknown username', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const [error] = await safe(users.sendPasswordResetByIdentifier('unknown', auditSource));
|
2021-07-20 09:05:21 -07:00
|
|
|
expect(error.reason).to.eql(BoxError.NOT_FOUND);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('succeeds with email', async function () {
|
2021-08-13 14:43:08 -07:00
|
|
|
await clearMailQueue();
|
|
|
|
|
await users.sendPasswordResetByIdentifier(admin.email, auditSource);
|
|
|
|
|
await checkMails(1);
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('succeeds with username', async function () {
|
2021-08-13 14:43:08 -07:00
|
|
|
await clearMailQueue();
|
|
|
|
|
await users.sendPasswordResetByIdentifier(admin.username, auditSource);
|
|
|
|
|
await checkMails(1);
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
2024-02-26 12:32:14 +01:00
|
|
|
describe('language', function () {
|
|
|
|
|
before(createOwner);
|
|
|
|
|
|
|
|
|
|
it('default language is empty', async function () {
|
|
|
|
|
const result = await users.get(admin.id);
|
|
|
|
|
expect(result.language).to.be('');
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('cannot set bad language', async function () {
|
|
|
|
|
const [error] = await safe(users.update(admin, { language: 'ta '}, auditSource));
|
|
|
|
|
expect(error.reason).to.be(BoxError.BAD_FIELD);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('can set language', async function () {
|
|
|
|
|
await users.update(admin, { language: 'en' }, auditSource);
|
|
|
|
|
const result = await users.get(admin.id);
|
|
|
|
|
expect(result.language).to.be('en');
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('can reset language', async function () {
|
|
|
|
|
await users.update(admin, { language: '' }, auditSource);
|
|
|
|
|
const result = await users.get(admin.id);
|
|
|
|
|
expect(result.language).to.be('');
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
2021-07-20 09:05:21 -07:00
|
|
|
describe('invite', function () {
|
|
|
|
|
before(createOwner);
|
|
|
|
|
|
2021-10-28 11:18:31 +02:00
|
|
|
let user;
|
|
|
|
|
|
|
|
|
|
it('get link fails as alreayd been used', async function () {
|
|
|
|
|
const [error] = await safe(users.getInviteLink(admin, auditSource));
|
|
|
|
|
expect(error.reason).to.be(BoxError.BAD_STATE);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('can get link', async function () {
|
|
|
|
|
const userId = await users.add('some@mail.com', { username: 'someoneinvited', displayName: 'some one', password: 'unsafe1234' }, auditSource);
|
|
|
|
|
user = await users.get(userId);
|
|
|
|
|
|
|
|
|
|
const inviteLink = await users.getInviteLink(user, auditSource);
|
|
|
|
|
expect(inviteLink).to.be.a('string');
|
|
|
|
|
expect(inviteLink).to.contain(user.inviteToken);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('cannot send mail for already active user', async function () {
|
|
|
|
|
const [error] = await safe(users.sendInviteEmail(admin, 'admin@mail.com', auditSource));
|
|
|
|
|
expect(error.reason).to.be(BoxError.BAD_STATE);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('cannot send mail with empty receipient', async function () {
|
|
|
|
|
const [error] = await safe(users.sendInviteEmail(user, '', auditSource));
|
|
|
|
|
expect(error.reason).to.be(BoxError.BAD_FIELD);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('can send mail', async function () {
|
2021-08-13 14:43:08 -07:00
|
|
|
await clearMailQueue();
|
2021-10-28 11:18:31 +02:00
|
|
|
await users.sendInviteEmail(user, 'custom@mail.com', auditSource);
|
|
|
|
|
const emails = await checkMails(1);
|
|
|
|
|
expect(emails[0].to).to.equal('custom@mail.com');
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('remove', function () {
|
|
|
|
|
before(createOwner);
|
|
|
|
|
|
|
|
|
|
it('fails for unknown user', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
const user = Object.assign({}, admin, { id: 'doesnotexist' });
|
|
|
|
|
const [error] = await safe(users.del(user, auditSource));
|
2021-07-20 09:05:21 -07:00
|
|
|
expect(error.reason).to.be(BoxError.NOT_FOUND);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('can remove valid user', async function () {
|
2021-08-13 10:41:10 -07:00
|
|
|
await users.del(admin, auditSource);
|
2021-07-20 09:05:21 -07:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('can re-create user after user was removed', createOwner);
|
|
|
|
|
});
|
2023-08-03 08:11:42 +05:30
|
|
|
|
2024-02-06 16:43:05 +01:00
|
|
|
describe('parseDisplayName', function () {
|
|
|
|
|
it('parses names', function () {
|
|
|
|
|
const names = [
|
|
|
|
|
{ in: 'James', out: { firstName: 'James', lastName: '', middleName: '' } },
|
|
|
|
|
{ in: 'James Anderson', out: { firstName: 'James', lastName: 'Anderson', middleName: '' } },
|
|
|
|
|
{ in: 'James Philip Anderson', out: { firstName: 'James', lastName: 'Philip Anderson', middleName: '' } },
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
for (const name of names) {
|
|
|
|
|
expect(users.parseDisplayName(name.in)).to.eql(name.out);
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
});
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
