2015-07-20 00:09:47 -07:00
|
|
|
/* global it:false */
|
|
|
|
|
/* global describe:false */
|
|
|
|
|
/* global before:false */
|
|
|
|
|
/* global after:false */
|
|
|
|
|
|
|
|
|
|
'use strict';
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
const BoxError = require('../boxerror.js'),
|
|
|
|
|
common = require('./common.js'),
|
2015-07-20 00:09:47 -07:00
|
|
|
expect = require('expect.js'),
|
2016-07-12 10:07:55 -07:00
|
|
|
fs = require('fs'),
|
2020-03-15 11:41:39 -07:00
|
|
|
paths = require('../paths.js'),
|
2021-06-26 09:57:07 -07:00
|
|
|
safe = require('safetydance'),
|
2020-02-21 12:17:06 -08:00
|
|
|
users = require('../users.js'),
|
2020-02-13 20:45:00 -08:00
|
|
|
_ = require('underscore');
|
2015-07-20 00:09:47 -07:00
|
|
|
|
|
|
|
|
describe('User', function () {
|
2021-07-19 12:43:30 -07:00
|
|
|
const { domainSetup, cleanup, ADMIN, AUDIT_SOURCE } = common;
|
2015-07-20 00:09:47 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
async function cleanupUsers() {
|
|
|
|
|
for (const u of await users.getAll()) {
|
|
|
|
|
await users.del(u, AUDIT_SOURCE);
|
2021-07-15 09:50:11 -07:00
|
|
|
}
|
2021-07-19 12:43:30 -07:00
|
|
|
}
|
2021-07-15 09:50:11 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
async function createOwner() {
|
|
|
|
|
await cleanupUsers();
|
2021-07-15 09:50:11 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
const id = await users.add(ADMIN.email, ADMIN, AUDIT_SOURCE);
|
|
|
|
|
ADMIN.id = id;
|
|
|
|
|
}
|
2021-07-15 09:50:11 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
before(domainSetup);
|
|
|
|
|
after(cleanup);
|
2021-07-15 09:50:11 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
function checkUser(a, b) {
|
|
|
|
|
expect(a.creationTime).to.be.a(Date);
|
|
|
|
|
expect(a.resetTokenCreationTime).to.be.a(Date);
|
2021-07-15 09:50:11 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
const fields = [ 'id', 'username', 'email', 'fallbackEmail', 'role', 'displayName', 'source', 'permissions', 'active' ];
|
2021-07-15 09:50:11 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(_.pick(a, fields)).to.be.eql(_.pick(b, fields));
|
|
|
|
|
}
|
2021-07-15 09:50:11 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
describe('add', function () {
|
|
|
|
|
it('fails due to short password', async function () {
|
|
|
|
|
const user = Object.assign({}, ADMIN, { password: 'Fo$%23' });
|
|
|
|
|
const [error] = await safe(users.add(user.email, user, AUDIT_SOURCE));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to reserved username', async function () {
|
|
|
|
|
const user = Object.assign({}, ADMIN, { username: 'admin' });
|
|
|
|
|
const [error] = await safe(users.add(user.email, user, AUDIT_SOURCE));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to invalid username', async function () {
|
|
|
|
|
const user = Object.assign({}, ADMIN, { username: 'moo+daemon' });
|
|
|
|
|
const [error] = await safe(users.add(user.email, user, AUDIT_SOURCE));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to empty username', async function () {
|
|
|
|
|
const user = Object.assign({}, ADMIN, { username: '' });
|
|
|
|
|
const [error] = await safe(users.add(user.email, user, AUDIT_SOURCE));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to long username', async function () {
|
|
|
|
|
const user = Object.assign({}, ADMIN, { username: new Array(257).fill('Z').join('') });
|
|
|
|
|
const [error] = await safe(users.add(user.email, user, AUDIT_SOURCE));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to reserved app pattern', async function () {
|
|
|
|
|
const user = Object.assign({}, ADMIN, { username: 'maybe.app' });
|
|
|
|
|
const [error] = await safe(users.add(user.email, user, AUDIT_SOURCE));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails because password is empty', async function () {
|
|
|
|
|
const user = Object.assign({}, ADMIN, { password: '' });
|
|
|
|
|
const [error] = await safe(users.add(user.email, user, AUDIT_SOURCE));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('can add user', async function () {
|
|
|
|
|
const id = await users.add(ADMIN.email, ADMIN, AUDIT_SOURCE);
|
|
|
|
|
ADMIN.id = id;
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('cannot add user with same email again', async function () {
|
|
|
|
|
const [error] = await safe(users.add(ADMIN.email, ADMIN, AUDIT_SOURCE));
|
|
|
|
|
expect(error.reason).to.be(BoxError.ALREADY_EXISTS);
|
|
|
|
|
expect(error.message).to.equal('email already exists');
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('cannot add user with same username again', async function () {
|
|
|
|
|
const [error] = await safe(users.add('somethingelse@not.taken', ADMIN, AUDIT_SOURCE));
|
|
|
|
|
expect(error.reason).to.be(BoxError.ALREADY_EXISTS);
|
|
|
|
|
expect(error.message).to.equal('username already exists');
|
2021-07-15 09:50:11 -07:00
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
describe('get', function () {
|
|
|
|
|
it('can get by user id', async function () {
|
|
|
|
|
const result = await users.get(ADMIN.id);
|
|
|
|
|
checkUser(result, ADMIN);
|
2016-01-20 14:50:06 +01:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('cannot get by bad user id', async function () {
|
|
|
|
|
const result = await users.get('random');
|
|
|
|
|
expect(result).to.be(null);
|
2016-04-14 16:30:31 +02:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('can get by user name', async function () {
|
|
|
|
|
const result = await users.getByUsername(ADMIN.username);
|
|
|
|
|
checkUser(result, ADMIN);
|
2016-04-14 16:30:31 +02:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('can get by email', async function () {
|
|
|
|
|
const result = await users.getByEmail(ADMIN.email);
|
|
|
|
|
checkUser(result, ADMIN);
|
2016-05-23 14:56:09 -07:00
|
|
|
});
|
2021-07-19 12:43:30 -07:00
|
|
|
});
|
2016-05-23 14:56:09 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
// describe('user', function () {
|
2016-05-23 14:56:09 -07:00
|
|
|
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
// it('getByResetToken fails for empty resetToken', function (done) {
|
|
|
|
|
// userdb.getByResetToken('', function (error, user) {
|
|
|
|
|
// expect(error).to.be.ok();
|
|
|
|
|
// expect(error.reason).to.be(BoxError.NOT_FOUND);
|
|
|
|
|
// expect(user).to.not.be.ok();
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('getByResetToken fails for invalid resetToken', function (done) {
|
|
|
|
|
// userdb.getByResetToken('invalid', function (error, user) {
|
|
|
|
|
// expect(error).to.be.ok();
|
|
|
|
|
// expect(error.reason).to.be(BoxError.NOT_FOUND);
|
|
|
|
|
// expect(user).to.not.be.ok();
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('can get by resetToken', function (done) {
|
|
|
|
|
// userdb.getByResetToken(USER_0.resetToken, function (error, user) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
|
|
|
|
|
// validateUser(user, USER_0);
|
|
|
|
|
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('can get all with group ids', function (done) {
|
|
|
|
|
// userdb.getAllWithGroupIds(function (error, all) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// expect(all.length).to.equal(3);
|
|
|
|
|
|
|
|
|
|
// var userCopy;
|
|
|
|
|
|
|
|
|
|
// userCopy = _.extend({}, USER_0);
|
|
|
|
|
// userCopy.groupIds = [ ];
|
|
|
|
|
// validateUser(all[0], userCopy);
|
|
|
|
|
|
|
|
|
|
// userCopy = _.extend({}, USER_1);
|
|
|
|
|
// userCopy.groupIds = [ ];
|
|
|
|
|
// validateUser(all[1], userCopy);
|
|
|
|
|
|
|
|
|
|
// userCopy = _.extend({}, USER_2);
|
|
|
|
|
// userCopy.groupIds = [ ];
|
|
|
|
|
// validateUser(all[2], userCopy);
|
|
|
|
|
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('can get all with group ids paged', function (done) {
|
|
|
|
|
// userdb.getAllWithGroupIdsPaged(null, 1, 2, function (error, all) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// expect(all.length).to.equal(2);
|
|
|
|
|
|
|
|
|
|
// var userCopy;
|
|
|
|
|
|
|
|
|
|
// userCopy = _.extend({}, USER_0);
|
|
|
|
|
// userCopy.groupIds = [];
|
|
|
|
|
// validateUser(all[0], userCopy);
|
|
|
|
|
|
|
|
|
|
// userCopy = _.extend({}, USER_1);
|
|
|
|
|
// userCopy.groupIds = [];
|
|
|
|
|
// validateUser(all[1], userCopy);
|
|
|
|
|
|
|
|
|
|
// userdb.getAllWithGroupIdsPaged(null, 2, 2, function (error, all) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// expect(all.length).to.equal(1);
|
|
|
|
|
|
|
|
|
|
// var userCopy;
|
|
|
|
|
|
|
|
|
|
// userCopy = _.extend({}, USER_2);
|
|
|
|
|
// userCopy.groupIds = [];
|
|
|
|
|
// validateUser(all[0], userCopy);
|
|
|
|
|
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('can get all with group ids paged and search', function (done) {
|
|
|
|
|
// userdb.getAllWithGroupIdsPaged('id1', 1, 2, function (error, all) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// expect(all.length).to.equal(1);
|
|
|
|
|
|
|
|
|
|
// var userCopy;
|
|
|
|
|
|
|
|
|
|
// userCopy = _.extend({}, USER_1);
|
|
|
|
|
// userCopy.groupIds = [];
|
|
|
|
|
// validateUser(all[0], userCopy);
|
|
|
|
|
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('can get all admins', function (done) {
|
|
|
|
|
// userdb.getByRole('owner', function (error) {
|
|
|
|
|
// expect(error).to.be.ok();
|
|
|
|
|
// expect(error.reason).to.be(BoxError.NOT_FOUND);
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('counts the users', function (done) {
|
|
|
|
|
// userdb.count(function (error, count) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// expect(count).to.equal(3);
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('can get all users', function (done) {
|
|
|
|
|
// userdb.getByRole('user', function (error, all) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// expect(all.length).to.equal(3);
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('can update the user', function (done) {
|
|
|
|
|
// userdb.update(USER_0.id, { email: 'some@thing.com', displayName: 'Heiter' }, function (error) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// userdb.get(USER_0.id, function (error, user) {
|
|
|
|
|
// expect(user.email).to.equal('some@thing.com');
|
|
|
|
|
// expect(user.displayName).to.equal('Heiter');
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('can update the user with already existing email', function (done) {
|
|
|
|
|
// userdb.update(USER_0.id, { email: USER_2.email }, function (error) {
|
|
|
|
|
// expect(error).to.be.ok();
|
|
|
|
|
// expect(error.reason).to.be(BoxError.ALREADY_EXISTS);
|
|
|
|
|
// expect(error.message).to.equal('email already exists');
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('can update the user with already existing username', function (done) {
|
|
|
|
|
// userdb.update(USER_0.id, { username: USER_2.username }, function (error) {
|
|
|
|
|
// expect(error).to.be.ok();
|
|
|
|
|
// expect(error.reason).to.be(BoxError.ALREADY_EXISTS);
|
|
|
|
|
// expect(error.message).to.equal('username already exists');
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('cannot update with null field', function () {
|
|
|
|
|
// expect(function () {
|
|
|
|
|
// userdb.update(USER_0.id, { email: null }, function () {});
|
|
|
|
|
// }).to.throwError();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
2016-05-23 14:56:09 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
describe('getOwner', function() {
|
|
|
|
|
before(cleanupUsers);
|
2015-07-20 00:09:47 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails because there is no owner', async function () {
|
|
|
|
|
const owner = await users.getOwner();
|
|
|
|
|
expect(owner).to.be(null);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('getOwner succeeds', async function () {
|
|
|
|
|
const id = await users.add(ADMIN.email, ADMIN, AUDIT_SOURCE);
|
|
|
|
|
ADMIN.id = id;
|
|
|
|
|
const owner = await users.getOwner();
|
|
|
|
|
checkUser(owner, ADMIN);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('getSuperadmins succeeds', async function () {
|
|
|
|
|
const results = await users.getSuperadmins();
|
|
|
|
|
expect(results.length).to.be(1);
|
|
|
|
|
checkUser(results[0], ADMIN);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
2016-01-13 12:28:38 -08:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('getAdmins succeeds', async function () {
|
|
|
|
|
const results = await users.getAdmins();
|
|
|
|
|
expect(results.length).to.be(1);
|
|
|
|
|
checkUser(results[0], ADMIN);
|
2016-01-13 12:28:38 -08:00
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
2015-07-20 00:09:47 -07:00
|
|
|
describe('verify', function () {
|
2016-02-08 15:16:59 -08:00
|
|
|
before(createOwner);
|
2016-04-05 16:27:04 +02:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to non existing user', async function () {
|
|
|
|
|
const [error] = await safe(users.verify('somerandomid', 'somepassword', users.AP_WEBADMIN));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.NOT_FOUND);
|
2016-04-05 16:27:04 +02:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to empty password', async function () {
|
|
|
|
|
const [error] = await safe(users.verify(ADMIN.id, '', users.AP_WEBADMIN));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2016-04-05 16:27:04 +02:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to wrong password', async function () {
|
|
|
|
|
const [error] = await safe(users.verify(ADMIN.id, ADMIN.password+'x', users.AP_WEBADMIN));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2016-04-05 16:27:04 +02:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds', async function () {
|
|
|
|
|
const result = await users.verify(ADMIN.id, ADMIN.password, users.AP_WEBADMIN);
|
|
|
|
|
expect(result).to.be.ok();
|
|
|
|
|
expect(result.appPassword).to.not.be.ok();
|
|
|
|
|
expect(result.ghost).to.not.be.ok();
|
2016-04-05 16:27:04 +02:00
|
|
|
});
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails for ghost if not enabled', async function () {
|
|
|
|
|
const [error] = await safe(users.verify(ADMIN.id, 'foobar', users.AP_WEBADMIN));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2016-07-12 10:07:55 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails for ghost with wrong password', async function () {
|
|
|
|
|
let ghost = { };
|
|
|
|
|
ghost[ADMIN.username] = 'testpassword';
|
|
|
|
|
await fs.promises.writeFile(paths.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8');
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
const [error] = await safe(users.verify(ADMIN.id, 'foobar', users.AP_WEBADMIN));
|
|
|
|
|
await fs.promises.unlink(paths.GHOST_USER_FILE);
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2016-07-12 10:07:55 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds for ghost', async function () {
|
|
|
|
|
let ghost = { };
|
|
|
|
|
ghost[ADMIN.username] = 'testpassword';
|
|
|
|
|
await fs.promises.writeFile(paths.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8');
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
const result = await users.verify(ADMIN.id, 'testpassword', users.AP_WEBADMIN);
|
|
|
|
|
if (fs.existsSync(paths.GHOST_USER_FILE)) throw new Error('Ghost file exists after verification');
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(result.id).to.equal(ADMIN.id);
|
|
|
|
|
expect(result.ghost).to.be(true);
|
2016-07-12 10:07:55 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds for normal user password when ghost file exists', async function () {
|
|
|
|
|
let ghost = { };
|
|
|
|
|
ghost[ADMIN.username] = 'testpassword';
|
2020-03-15 11:41:39 -07:00
|
|
|
fs.writeFileSync(paths.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8');
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
const result = await users.verify(ADMIN.id, ADMIN.password, users.AP_WEBADMIN);
|
|
|
|
|
if (!fs.existsSync(paths.GHOST_USER_FILE)) throw new Error('Ghost file went way without verification');
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(result.id).to.equal(ADMIN.id);
|
|
|
|
|
expect(result.ghost).to.not.be.ok();
|
2016-07-12 10:07:55 -07:00
|
|
|
});
|
2016-04-05 16:27:04 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('verifyWithUsername', function () {
|
|
|
|
|
before(createOwner);
|
2015-07-20 00:09:47 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to non existing username', async function () {
|
|
|
|
|
const [error] = await safe(users.verifyWithUsername('someusername', 'somepass', users.AP_WEBADMIN));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.NOT_FOUND);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to empty password', async function () {
|
|
|
|
|
const [error] = await safe(users.verifyWithUsername(ADMIN.username, '', users.AP_WEBADMIN));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to wrong password', async function () {
|
|
|
|
|
const [error] = await safe(users.verifyWithUsername(ADMIN.username, 'somepass', users.AP_WEBADMIN));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds', async function () {
|
|
|
|
|
const result = await users.verifyWithUsername(ADMIN.username, ADMIN.password, users.AP_WEBADMIN);
|
|
|
|
|
expect(result.id).to.equal(ADMIN.id);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
2016-04-13 12:15:49 +02:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds for different username case', async function () {
|
|
|
|
|
const result = await users.verifyWithUsername(ADMIN.username.toUpperCase(), ADMIN.password, users.AP_WEBADMIN);
|
|
|
|
|
expect(result.id).to.equal(ADMIN.id);
|
2016-04-13 12:15:49 +02:00
|
|
|
});
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails for ghost with wrong password', async function () {
|
|
|
|
|
let ghost = { };
|
|
|
|
|
ghost[ADMIN.username] = 'testpassword';
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2020-03-15 11:41:39 -07:00
|
|
|
fs.writeFileSync(paths.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8');
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
const [error] = await safe(users.verifyWithUsername(ADMIN.username, 'foobar', users.AP_WEBADMIN));
|
|
|
|
|
if (!fs.existsSync(paths.GHOST_USER_FILE)) throw new Error('Ghost file went way without verification');
|
|
|
|
|
fs.unlinkSync(paths.GHOST_USER_FILE);
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
console.log(error);
|
|
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2016-07-12 10:07:55 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds for ghost', async function () {
|
|
|
|
|
let ghost = { };
|
|
|
|
|
ghost[ADMIN.username] = 'testpassword';
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2020-03-15 11:41:39 -07:00
|
|
|
fs.writeFileSync(paths.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8');
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
const result = await users.verifyWithUsername(ADMIN.username, 'testpassword', users.AP_WEBADMIN);
|
|
|
|
|
if (fs.existsSync(paths.GHOST_USER_FILE)) throw new Error('Ghost file still around!');
|
|
|
|
|
expect(result.id).to.equal(ADMIN.id);
|
|
|
|
|
expect(result.ghost).to.be(true);
|
2016-07-12 10:07:55 -07:00
|
|
|
});
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('verifyWithEmail', function () {
|
2016-02-08 15:16:59 -08:00
|
|
|
before(createOwner);
|
2015-07-20 00:09:47 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to non existing user', async function () {
|
|
|
|
|
const [error] = await safe(users.verifyWithEmail('bad@email.com', ADMIN.password, users.AP_WEBADMIN));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.NOT_FOUND);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to empty password', async function () {
|
|
|
|
|
const [error] = await safe(users.verifyWithEmail(ADMIN.email, '', users.AP_WEBADMIN));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails due to wrong password', async function () {
|
|
|
|
|
const [error] = await safe(users.verifyWithEmail(ADMIN.email, 'badpassword', users.AP_WEBADMIN));
|
|
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds', async function () {
|
|
|
|
|
const result = await users.verifyWithEmail(ADMIN.email, ADMIN.password, users.AP_WEBADMIN);
|
|
|
|
|
expect(result.id).to.be(ADMIN.id);
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
2016-04-13 12:15:49 +02:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds for different email case', async function () {
|
|
|
|
|
const result = await users.verifyWithEmail(ADMIN.email.toUpperCase(), ADMIN.password, users.AP_WEBADMIN);
|
|
|
|
|
expect(result.id).to.be(ADMIN.id);
|
2016-04-13 12:15:49 +02:00
|
|
|
});
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('fails for ghost with wrong password', async function () {
|
|
|
|
|
let ghost = { };
|
|
|
|
|
ghost[ADMIN.username] = 'testpassword';
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2020-03-15 11:41:39 -07:00
|
|
|
fs.writeFileSync(paths.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8');
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
const [error] = await safe(users.verifyWithEmail(ADMIN.email, 'foobar', users.AP_WEBADMIN));
|
|
|
|
|
if (!fs.existsSync(paths.GHOST_USER_FILE)) throw new Error('Ghost file not found after failed login!');
|
|
|
|
|
fs.unlinkSync(paths.GHOST_USER_FILE);
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
2016-07-12 10:07:55 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
it('succeeds for ghost', async function () {
|
|
|
|
|
let ghost = { };
|
|
|
|
|
ghost[ADMIN.username] = 'testpassword';
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2020-03-15 11:41:39 -07:00
|
|
|
fs.writeFileSync(paths.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8');
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
const result = await users.verifyWithEmail(ADMIN.email, 'testpassword', users.AP_WEBADMIN);
|
|
|
|
|
if (fs.existsSync(paths.GHOST_USER_FILE)) throw new Error('Ghost file still around!');
|
2016-07-12 10:07:55 -07:00
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
expect(result.id).to.equal(ADMIN.id);
|
|
|
|
|
expect(result.ghost).to.equal(true);
|
2016-07-12 10:07:55 -07:00
|
|
|
});
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
|
|
|
|
|
2021-07-19 12:43:30 -07:00
|
|
|
// describe('active', function () {
|
|
|
|
|
// before(createOwner);
|
|
|
|
|
// after(cleanupUsers);
|
|
|
|
|
|
|
|
|
|
// it('verify fails for inactive user', function (done) {
|
|
|
|
|
// users.update(userObject, { active: false }, AUDIT_SOURCE, function (error) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
|
|
|
|
|
// users.verify(userObject.id, PASSWORD, users.AP_WEBADMIN, function (error) {
|
|
|
|
|
// expect(error).to.be.ok();
|
|
|
|
|
// expect(error.reason).to.equal(BoxError.NOT_FOUND);
|
|
|
|
|
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('verify succeeds for inactive user', function (done) {
|
|
|
|
|
// users.update(userObject, { active: true }, AUDIT_SOURCE, function (error) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
|
|
|
|
|
// users.verify(userObject.id, PASSWORD, users.AP_WEBADMIN, function (error) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// describe('retrieving', function () {
|
|
|
|
|
// before(createOwner);
|
|
|
|
|
// after(cleanupUsers);
|
|
|
|
|
|
|
|
|
|
// it('fails due to non existing user', function (done) {
|
|
|
|
|
// users.get('some non existing username', function (error, result) {
|
|
|
|
|
// expect(error).to.be.ok();
|
|
|
|
|
// expect(result).to.not.be.ok();
|
|
|
|
|
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('succeeds', function (done) {
|
|
|
|
|
// users.get(userObject.id, function (error, result) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// expect(result).to.be.ok();
|
|
|
|
|
// expect(result.id).to.equal(userObject.id);
|
|
|
|
|
// expect(result.email).to.equal(EMAIL.toLowerCase());
|
|
|
|
|
// expect(result.fallbackEmail).to.equal(EMAIL.toLowerCase());
|
|
|
|
|
// expect(result.username).to.equal(USERNAME.toLowerCase());
|
|
|
|
|
// expect(result.displayName).to.equal(DISPLAY_NAME);
|
|
|
|
|
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// describe('update', function () {
|
|
|
|
|
// before(createOwner);
|
|
|
|
|
// after(cleanupUsers);
|
|
|
|
|
|
|
|
|
|
// it('fails due to unknown userid', function (done) {
|
|
|
|
|
// var data = { username: USERNAME_NEW, email: EMAIL_NEW, displayName: DISPLAY_NAME_NEW };
|
|
|
|
|
// users.update(_.extend({}, userObject, { id: 'random' }), data, AUDIT_SOURCE, function (error) {
|
|
|
|
|
// expect(error).to.be.a(BoxError);
|
|
|
|
|
// expect(error.reason).to.equal(BoxError.NOT_FOUND);
|
|
|
|
|
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('fails due to invalid email', function (done) {
|
|
|
|
|
// var data = { username: USERNAME_NEW, email: 'brokenemailaddress', displayName: DISPLAY_NAME_NEW };
|
|
|
|
|
// users.update(userObject, data, AUDIT_SOURCE, function (error) {
|
|
|
|
|
// expect(error).to.be.a(BoxError);
|
|
|
|
|
// expect(error.reason).to.equal(BoxError.BAD_FIELD);
|
|
|
|
|
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('succeeds', function (done) {
|
|
|
|
|
// var data = { username: USERNAME_NEW, email: EMAIL_NEW, displayName: DISPLAY_NAME_NEW };
|
|
|
|
|
|
|
|
|
|
// users.update(userObject, data, AUDIT_SOURCE, function (error) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
|
|
|
|
|
// users.get(userObject.id, function (error, result) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// expect(result).to.be.ok();
|
|
|
|
|
// expect(result.email).to.equal(EMAIL_NEW.toLowerCase());
|
|
|
|
|
// expect(result.username).to.equal(USERNAME_NEW.toLowerCase());
|
|
|
|
|
// expect(result.displayName).to.equal(DISPLAY_NAME_NEW);
|
|
|
|
|
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('succeeds with same data', function (done) {
|
|
|
|
|
// var data = { username: USERNAME_NEW, email: EMAIL_NEW, displayName: DISPLAY_NAME_NEW };
|
|
|
|
|
|
|
|
|
|
// users.update(userObject, data, AUDIT_SOURCE, function (error) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
|
|
|
|
|
// users.get(userObject.id, function (error, result) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// expect(result).to.be.ok();
|
|
|
|
|
// expect(result.email).to.equal(EMAIL_NEW.toLowerCase());
|
|
|
|
|
// expect(result.username).to.equal(USERNAME_NEW.toLowerCase());
|
|
|
|
|
// expect(result.displayName).to.equal(DISPLAY_NAME_NEW);
|
|
|
|
|
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// describe('get admins', function () {
|
|
|
|
|
// before(createOwner);
|
|
|
|
|
// after(cleanupUsers);
|
|
|
|
|
|
|
|
|
|
// it('succeeds for one admins', function (done) {
|
|
|
|
|
// users.getAdmins(function (error, admins) {
|
|
|
|
|
// expect(error).to.eql(null);
|
|
|
|
|
// expect(admins.length).to.equal(1);
|
|
|
|
|
// expect(admins[0].username).to.equal(USERNAME.toLowerCase());
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('succeeds for two admins', function (done) {
|
|
|
|
|
// var user1 = {
|
|
|
|
|
// username: 'seconduser',
|
|
|
|
|
// password: 'Adfasdkjf#$%43',
|
|
|
|
|
// email: 'some@thi.ng',
|
|
|
|
|
// role: users.ROLE_ADMIN
|
|
|
|
|
// };
|
|
|
|
|
|
|
|
|
|
// users.create(user1.username, user1.password, user1.email, DISPLAY_NAME, { role: users.ROLE_ADMIN }, AUDIT_SOURCE, function (error, result) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// expect(result).to.be.ok();
|
|
|
|
|
|
|
|
|
|
// user1.id = result.id;
|
|
|
|
|
|
|
|
|
|
// users.update(user1, { role: users.ROLE_ADMIN }, AUDIT_SOURCE, function (error) {
|
|
|
|
|
// expect(error).to.eql(null);
|
|
|
|
|
|
|
|
|
|
// users.getAdmins(function (error, admins) {
|
|
|
|
|
// expect(error).to.eql(null);
|
|
|
|
|
// expect(admins.length).to.equal(2);
|
|
|
|
|
// expect(admins[0].username).to.equal(USERNAME.toLowerCase());
|
|
|
|
|
// expect(admins[1].username).to.equal(user1.username.toLowerCase());
|
|
|
|
|
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// describe('activated', function () {
|
|
|
|
|
// after(cleanupUsers);
|
|
|
|
|
|
|
|
|
|
// it('succeeds with no users', function (done) {
|
|
|
|
|
// users.isActivated(function (error, activated) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// expect(activated).to.be(false);
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('create users', function (done) {
|
|
|
|
|
// createOwner(done);
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('succeeds with users', function (done) {
|
|
|
|
|
// users.isActivated(function (error, activated) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// expect(activated).to.be(true);
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// describe('set password', function () {
|
|
|
|
|
// before(createOwner);
|
|
|
|
|
// after(cleanupUsers);
|
|
|
|
|
|
|
|
|
|
// it('fails due to unknown user', function (done) {
|
|
|
|
|
// users.setPassword(_.extend({}, userObject, { id: 'doesnotexist' }), NEW_PASSWORD, function (error) {
|
|
|
|
|
// expect(error).to.be.ok();
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('fails due to empty password', function (done) {
|
|
|
|
|
// users.setPassword(userObject, '', function (error) {
|
|
|
|
|
// expect(error).to.be.ok();
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('fails due to invalid password', function (done) {
|
|
|
|
|
// users.setPassword(userObject, 'foobar', function (error) {
|
|
|
|
|
// expect(error).to.be.ok();
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('succeeds', function (done) {
|
|
|
|
|
// users.setPassword(userObject, NEW_PASSWORD, function (error) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('actually changed the password (unable to login with old pasword)', function (done) {
|
|
|
|
|
// users.verify(userObject.id, PASSWORD, users.AP_WEBADMIN, function (error, result) {
|
|
|
|
|
// expect(error).to.be.ok();
|
|
|
|
|
// expect(result).to.not.be.ok();
|
|
|
|
|
// expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('actually changed the password (login with new password)', function (done) {
|
|
|
|
|
// users.verify(userObject.id, NEW_PASSWORD, users.AP_WEBADMIN, function (error, result) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// expect(result).to.be.ok();
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// describe('sendPasswordResetByIdentifier', function () {
|
|
|
|
|
// before(createOwner);
|
|
|
|
|
// after(cleanupUsers);
|
|
|
|
|
|
|
|
|
|
// it('fails due to unkown email', function (done) {
|
|
|
|
|
// users.sendPasswordResetByIdentifier('unknown@mail.com', function (error) {
|
|
|
|
|
// expect(error).to.be.an(BoxError);
|
|
|
|
|
// expect(error.reason).to.eql(BoxError.NOT_FOUND);
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('fails due to unkown username', function (done) {
|
|
|
|
|
// users.sendPasswordResetByIdentifier('unknown', function (error) {
|
|
|
|
|
// expect(error).to.be.an(BoxError);
|
|
|
|
|
// expect(error.reason).to.eql(BoxError.NOT_FOUND);
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('succeeds with email', function (done) {
|
|
|
|
|
// users.sendPasswordResetByIdentifier(EMAIL, function (error) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// checkMails(1, done);
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('succeeds with username', function (done) {
|
|
|
|
|
// users.sendPasswordResetByIdentifier(USERNAME, function (error) {
|
|
|
|
|
// expect(error).to.not.be.ok();
|
|
|
|
|
// checkMails(1, done);
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// describe('invite', function () {
|
|
|
|
|
// before(createOwner);
|
|
|
|
|
// after(cleanupUsers);
|
|
|
|
|
|
|
|
|
|
// it('fails as expected', function (done) {
|
|
|
|
|
// users.sendInvite(userObject, { }, function (error) {
|
|
|
|
|
// expect(error).to.be.ok(); // have to create resetToken first
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('can create token', function (done) {
|
|
|
|
|
// users.createInvite(userObject, function (error, resetToken) {
|
|
|
|
|
// expect(error).to.be(null);
|
|
|
|
|
// expect(resetToken).to.be.ok();
|
|
|
|
|
// done();
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('send invite', function (done) {
|
|
|
|
|
// users.sendInvite(userObject, { }, function (error) {
|
|
|
|
|
// expect(error).to.be(null);
|
|
|
|
|
// checkMails(1, done);
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// describe('remove', function () {
|
|
|
|
|
// before(createOwner);
|
|
|
|
|
// after(cleanupUsers);
|
|
|
|
|
|
|
|
|
|
// it('fails for unknown user', async function () {
|
|
|
|
|
// const [error] = await safe(users.del(_.extend({}, userObject, { id: 'unknown' }), AUDIT_SOURCE));
|
|
|
|
|
// expect(error.reason).to.be(BoxError.NOT_FOUND);
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('can remove valid user', async function () {
|
|
|
|
|
// await users.del(userObject, AUDIT_SOURCE);
|
|
|
|
|
// });
|
|
|
|
|
|
|
|
|
|
// it('can re-create user after user was removed', createOwner);
|
|
|
|
|
// });
|
2015-07-20 00:09:47 -07:00
|
|
|
});
|
