Johannes Zellner
@@ -69,18 +69,6 @@ describe('database', function () {
|
||||
displayName: 'Herbert 2'
|
||||
};
|
||||
|
||||
var USER_3 = {
|
||||
id: 'uuid3',
|
||||
username: 'uuid3',
|
||||
password: 'secret',
|
||||
email: 'SAFE3@me.com',
|
||||
salt: 'tata',
|
||||
createdAt: 'sometime back',
|
||||
modifiedAt: 'now',
|
||||
resetToken: '',
|
||||
displayName: 'Herbert 3'
|
||||
};
|
||||
|
||||
it('can add user', function (done) {
|
||||
userdb.add(USER_0.id, USER_0, done);
|
||||
});
|
||||
@@ -101,14 +89,6 @@ describe('database', function () {
|
||||
});
|
||||
});
|
||||
|
||||
it('cannot add user with same but uppercase email again', function (done) {
|
||||
userdb.add(USER_3.id, USER_3, function (error) {
|
||||
expect(error).to.be.ok();
|
||||
expect(error.reason).to.be(DatabaseError.ALREADY_EXISTS);
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('can get by user id', function (done) {
|
||||
userdb.get(USER_0.id, function (error, user) {
|
||||
expect(error).to.not.be.ok();
|
||||
|
||||
@@ -122,8 +122,8 @@ describe('User', function () {
|
||||
user.createOwner(USERNAME, PASSWORD, EMAIL, DISPLAY_NAME, function (error, result) {
|
||||
expect(error).not.to.be.ok();
|
||||
expect(result).to.be.ok();
|
||||
expect(result.username).to.equal(USERNAME);
|
||||
expect(result.email).to.equal(EMAIL);
|
||||
expect(result.username).to.equal(USERNAME.toLowerCase());
|
||||
expect(result.email).to.equal(EMAIL.toLowerCase());
|
||||
|
||||
// first user is owner, do not send mail to admins
|
||||
checkMails(0, done);
|
||||
|
||||
+12
-4
@@ -126,6 +126,10 @@ function createUser(username, password, email, displayName, options, callback) {
|
||||
sendInvite = options && options.sendInvite ? true : false,
|
||||
owner = options && options.owner ? true : false;
|
||||
|
||||
// We store usernames and email in lowercase
|
||||
username = username.toLowerCase();
|
||||
email = email.toLowerCase();
|
||||
|
||||
var error = validateUsername(username);
|
||||
if (error) return callback(error);
|
||||
|
||||
@@ -196,7 +200,7 @@ function verifyWithUsername(username, password, callback) {
|
||||
assert.strictEqual(typeof password, 'string');
|
||||
assert.strictEqual(typeof callback, 'function');
|
||||
|
||||
userdb.getByUsername(username, function (error, user) {
|
||||
userdb.getByUsername(username.toLowerCase(), function (error, user) {
|
||||
if (error && error.reason == DatabaseError.NOT_FOUND) return callback(new UserError(UserError.NOT_FOUND));
|
||||
if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));
|
||||
|
||||
@@ -217,7 +221,7 @@ function verifyWithEmail(email, password, callback) {
|
||||
assert.strictEqual(typeof password, 'string');
|
||||
assert.strictEqual(typeof callback, 'function');
|
||||
|
||||
userdb.getByEmail(email, function (error, user) {
|
||||
userdb.getByEmail(email.toLowerCase(), function (error, user) {
|
||||
if (error && error.reason == DatabaseError.NOT_FOUND) return callback(new UserError(UserError.NOT_FOUND));
|
||||
if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));
|
||||
|
||||
@@ -302,6 +306,9 @@ function updateUser(userId, username, email, displayName, callback) {
|
||||
assert.strictEqual(typeof displayName, 'string');
|
||||
assert.strictEqual(typeof callback, 'function');
|
||||
|
||||
username = username.toLowerCase();
|
||||
email = email.toLowerCase();
|
||||
|
||||
var error = validateUsername(username);
|
||||
if (error) return callback(error);
|
||||
|
||||
@@ -354,7 +361,7 @@ function resetPasswordByIdentifier(identifier, callback) {
|
||||
if (identifier.indexOf('@') === -1) getter = userdb.getByUsername;
|
||||
else getter = userdb.getByEmail;
|
||||
|
||||
getter(identifier, function (error, result) {
|
||||
getter(identifier.toLowerCase(), function (error, result) {
|
||||
if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserError(UserError.NOT_FOUND));
|
||||
if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));
|
||||
|
||||
@@ -422,7 +429,7 @@ function changePassword(username, oldPassword, newPassword, callback) {
|
||||
var error = validatePassword(newPassword);
|
||||
if (error) return callback(new UserError(UserError.BAD_PASSWORD, error.message));
|
||||
|
||||
verifyWithUsername(username, oldPassword, function (error, user) {
|
||||
verifyWithUsername(username.toLowerCase(), oldPassword, function (error, user) {
|
||||
if (error) return callback(error);
|
||||
|
||||
setPassword(user.id, newPassword, callback);
|
||||
@@ -436,6 +443,7 @@ function createOwner(username, password, email, displayName, callback) {
|
||||
assert.strictEqual(typeof displayName, 'string');
|
||||
assert.strictEqual(typeof callback, 'function');
|
||||
|
||||
// This is only not allowed for the owner
|
||||
if (username === '') return callback(new UserError(UserError.BAD_USERNAME, 'Username cannot be empty'));
|
||||
|
||||
userdb.count(function (error, count) {
|
||||
|
||||
+5
-5
@@ -50,7 +50,7 @@ function getByUsername(username, callback) {
|
||||
assert.strictEqual(typeof username, 'string');
|
||||
assert.strictEqual(typeof callback, 'function');
|
||||
|
||||
database.query('SELECT ' + USERS_FIELDS + ' FROM users WHERE username = ?', [ username.toLowerCase() ], function (error, result) {
|
||||
database.query('SELECT ' + USERS_FIELDS + ' FROM users WHERE username = ?', [ username ], function (error, result) {
|
||||
if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
|
||||
if (result.length === 0) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
|
||||
|
||||
@@ -62,7 +62,7 @@ function getByEmail(email, callback) {
|
||||
assert.strictEqual(typeof email, 'string');
|
||||
assert.strictEqual(typeof callback, 'function');
|
||||
|
||||
database.query('SELECT ' + USERS_FIELDS + ' FROM users WHERE email = ?', [ email.toLowerCase() ], function (error, result) {
|
||||
database.query('SELECT ' + USERS_FIELDS + ' FROM users WHERE email = ?', [ email ], function (error, result) {
|
||||
if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
|
||||
if (result.length === 0) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
|
||||
|
||||
@@ -139,7 +139,7 @@ function add(userId, user, callback) {
|
||||
assert.strictEqual(typeof user.displayName, 'string');
|
||||
assert.strictEqual(typeof callback, 'function');
|
||||
|
||||
var data = [ userId, user.username ? user.username.toLowerCase() : null, user.password, user.email.toLowerCase(), user.salt, user.createdAt, user.modifiedAt, user.resetToken, user.displayName ];
|
||||
var data = [ userId, user.username || null, user.password, user.email, user.salt, user.createdAt, user.modifiedAt, user.resetToken, user.displayName ];
|
||||
database.query('INSERT INTO users (id, username, password, email, salt, createdAt, modifiedAt, resetToken, displayName) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)', data, function (error, result) {
|
||||
if (error && error.code === 'ER_DUP_ENTRY') return callback(new DatabaseError(DatabaseError.ALREADY_EXISTS, error));
|
||||
if (error || result.affectedRows !== 1) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
|
||||
@@ -200,10 +200,10 @@ function update(userId, user, callback) {
|
||||
|
||||
if (k === 'username') {
|
||||
assert.strictEqual(typeof user.username, 'string');
|
||||
args.push(user.username ? user.username.toLowerCase() : null);
|
||||
args.push(user.username || null);
|
||||
} else if (k === 'email') {
|
||||
assert.strictEqual(typeof user.email, 'string');
|
||||
args.push(user.email.toLowerCase());
|
||||
args.push(user.email);
|
||||
} else {
|
||||
args.push(user[k]);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user