diff --git a/src/routes/test/user-test.js b/src/routes/test/user-test.js index 260e07d37..23b65a40d 100644 --- a/src/routes/test/user-test.js +++ b/src/routes/test/user-test.js @@ -528,7 +528,7 @@ describe('User API', function () { // Change email it('change email fails due to missing token', function (done) { - superagent.put(SERVER_URL + '/api/v1/users/' + user_0.id) + superagent.post(SERVER_URL + '/api/v1/users/' + user_0.id) .send({ email: EMAIL_0_NEW }) .end(function (error, result) { expect(result.statusCode).to.equal(401); @@ -537,7 +537,7 @@ describe('User API', function () { }); it('change email fails due to invalid email', function (done) { - superagent.put(SERVER_URL + '/api/v1/users/' + user_0.id) + superagent.post(SERVER_URL + '/api/v1/users/' + user_0.id) .query({ access_token: token }) .send({ email: 'foo@bar' }) .end(function (error, result) { @@ -547,7 +547,7 @@ describe('User API', function () { }); it('change user succeeds without email nor displayName', function (done) { - superagent.put(SERVER_URL + '/api/v1/users/' + user_0.id) + superagent.post(SERVER_URL + '/api/v1/users/' + user_0.id) .query({ access_token: token }) .send({}) .end(function (error, result) { @@ -557,7 +557,7 @@ describe('User API', function () { }); it('change email succeeds', function (done) { - superagent.put(SERVER_URL + '/api/v1/users/' + user_2.id) + superagent.post(SERVER_URL + '/api/v1/users/' + user_2.id) .query({ access_token: token }) .send({ email: EMAIL_2_NEW }) .end(function (error, result) { @@ -578,7 +578,7 @@ describe('User API', function () { }); it('change email as admin for other user succeeds', function (done) { - superagent.put(SERVER_URL + '/api/v1/users/' + user_2.id) + superagent.post(SERVER_URL + '/api/v1/users/' + user_2.id) .query({ access_token: token }) .send({ email: EMAIL_2 }) .end(function (error, result) { @@ -599,7 +599,7 @@ describe('User API', function () { }); it('change displayName succeeds', function (done) { - superagent.put(SERVER_URL + '/api/v1/users/' + user_0.id) + superagent.post(SERVER_URL + '/api/v1/users/' + user_0.id) .query({ access_token: token }) .send({ displayName: DISPLAY_NAME_0_NEW }) .end(function (error, result) { diff --git a/src/server.js b/src/server.js index bb2e79717..a8d68f6ad 100644 --- a/src/server.js +++ b/src/server.js @@ -106,12 +106,11 @@ function initializeExpressSync() { router.put ('/api/v1/profile/password', profileScope, routes.user.verifyPassword, routes.profile.changePassword); router.put ('/api/v1/profile/tutorial', profileScope, routes.profile.setShowTutorial); - // user routes only for admins + // user routes router.get ('/api/v1/users', usersScope, routes.user.requireAdmin, routes.user.list); router.post('/api/v1/users', usersScope, routes.user.requireAdmin, routes.user.create); router.get ('/api/v1/users/:userId', usersScope, routes.user.requireAdmin, routes.user.get); router.del ('/api/v1/users/:userId', usersScope, routes.user.requireAdmin, routes.user.verifyPassword, routes.user.remove); - router.put ('/api/v1/users/:userId', usersScope, routes.user.requireAdmin, routes.user.update); // ## remove router.post('/api/v1/users/:userId', usersScope, routes.user.requireAdmin, routes.user.update); router.put ('/api/v1/users/:userId/set_groups', usersScope, routes.user.requireAdmin, routes.user.setGroups); router.post('/api/v1/users/:userId/invite', usersScope, routes.user.requireAdmin, routes.user.sendInvite); diff --git a/webadmin/src/js/client.js b/webadmin/src/js/client.js index eb3e15b8f..d7972ae70 100644 --- a/webadmin/src/js/client.js +++ b/webadmin/src/js/client.js @@ -653,7 +653,7 @@ angular.module('Application').service('Client', ['$http', 'md5', 'Notification', displayName: user.displayName }; - $http.put(client.apiOrigin + '/api/v1/users/' + user.id, data).success(function(data, status) { + $http.post(client.apiOrigin + '/api/v1/users/' + user.id, data).success(function(data, status) { if (status !== 204) return callback(new ClientError(status, data)); callback(null); }).error(defaultErrorHandler(callback));