diff --git a/src/auth.js b/src/auth.js index 08529112f..5b7cd46be 100644 --- a/src/auth.js +++ b/src/auth.js @@ -19,8 +19,8 @@ var assert = require('assert'), crypto = require('crypto'), passport = require('passport'), tokendb = require('./tokendb'), - user = require('./user'), - UserError = user.UserError, + users = require('./users.js'), + UserError = users.UserError, _ = require('underscore'); function initialize(callback) { @@ -31,7 +31,7 @@ function initialize(callback) { }); passport.deserializeUser(function(userId, callback) { - user.get(userId, function (error, result) { + users.get(userId, function (error, result) { if (error) return callback(error); var md5 = crypto.createHash('md5').update(result.email).digest('hex'); @@ -43,7 +43,7 @@ function initialize(callback) { passport.use(new LocalStrategy(function (username, password, callback) { if (username.indexOf('@') === -1) { - user.verifyWithUsername(username, password, function (error, result) { + users.verifyWithUsername(username, password, function (error, result) { if (error && error.reason === UserError.NOT_FOUND) return callback(null, false); if (error && error.reason === UserError.WRONG_PASSWORD) return callback(null, false); if (error) return callback(error); @@ -51,7 +51,7 @@ function initialize(callback) { callback(null, result); }); } else { - user.verifyWithEmail(username, password, function (error, result) { + users.verifyWithEmail(username, password, function (error, result) { if (error && error.reason === UserError.NOT_FOUND) return callback(null, false); if (error && error.reason === UserError.WRONG_PASSWORD) return callback(null, false); if (error) return callback(error); @@ -73,7 +73,7 @@ function initialize(callback) { return callback(null, client); }); } else { - user.verifyWithUsername(username, password, function (error, result) { + users.verifyWithUsername(username, password, function (error, result) { if (error && error.reason === UserError.NOT_FOUND) return callback(null, false); if (error && error.reason === UserError.WRONG_PASSWORD) return callback(null, false); if (error) return callback(error); @@ -115,7 +115,7 @@ function accessTokenAuth(accessToken, callback) { // passport put the 'info' object into req.authInfo, where we can further validate the scopes var info = { scope: token.scope }; - user.get(token.identifier, function (error, user) { + users.get(token.identifier, function (error, user) { if (error && error.reason === UserError.NOT_FOUND) return callback(null, false); if (error) return callback(error); diff --git a/src/cloudron.js b/src/cloudron.js index 8e26b6491..ec780b307 100644 --- a/src/cloudron.js +++ b/src/cloudron.js @@ -40,7 +40,7 @@ var assert = require('assert'), spawn = require('child_process').spawn, split = require('split'), updateChecker = require('./updatechecker.js'), - user = require('./user.js'), + users = require('./users.js'), util = require('util'), _ = require('underscore'); @@ -103,7 +103,7 @@ function onActivated(callback) { // Starting the platform after a user is available means: // 1. mail bounces can now be sent to the cloudron owner // 2. the restore code path can run without sudo (since mail/ is non-root) - user.count(function (error, count) { + users.count(function (error, count) { if (error) return callback(new CloudronError(CloudronError.INTERNAL_ERROR, error)); if (!count) return callback(); // not activated diff --git a/src/developer.js b/src/developer.js index 38e163db0..0ceb263fd 100644 --- a/src/developer.js +++ b/src/developer.js @@ -13,7 +13,7 @@ var assert = require('assert'), constants = require('./constants.js'), eventlog = require('./eventlog.js'), tokendb = require('./tokendb.js'), - user = require('./user.js'), + users = require('./users.js'), util = require('util'); function DeveloperError(reason, errorOrMessage) { @@ -50,7 +50,7 @@ function issueDeveloperToken(userObject, ip, callback) { tokendb.add(token, userObject.id, 'cid-cli', expiresAt, scopes, function (error) { if (error) return callback(new DeveloperError(DeveloperError.INTERNAL_ERROR, error)); - eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'cli', ip: ip }, { userId: userObject.id, user: user.removePrivateFields(userObject) }); + eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'cli', ip: ip }, { userId: userObject.id, user: users.removePrivateFields(userObject) }); callback(null, { token: token, expiresAt: new Date(expiresAt).toISOString() }); }); diff --git a/src/ldap.js b/src/ldap.js index 2f6f00af7..5771183ce 100644 --- a/src/ldap.js +++ b/src/ldap.js @@ -13,8 +13,8 @@ var assert = require('assert'), DatabaseError = require('./databaseerror.js'), debug = require('debug')('box:ldap'), eventlog = require('./eventlog.js'), - user = require('./user.js'), - UserError = user.UserError, + users = require('./users.js'), + UserError = users.UserError, ldap = require('ldapjs'), mail = require('./mail.js'), MailError = mail.MailError, @@ -51,7 +51,7 @@ function getUsersWithAccessToApp(req, callback) { getAppByRequest(req, function (error, app) { if (error) return callback(error); - user.list(function (error, result){ + users.list(function (error, result){ if (error) return callback(new ldap.OperationsError(error.toString())); async.filter(result, apps.hasAccessTo.bind(null, app), function (error, result) { @@ -378,13 +378,13 @@ function authenticateUser(req, res, next) { var api; if (attributeName === 'mail') { - api = user.verifyWithEmail; + api = users.verifyWithEmail; } else if (commonName.indexOf('@') !== -1) { // if mail is specified, enforce mail check - api = user.verifyWithEmail; + api = users.verifyWithEmail; } else if (commonName.indexOf('uid-') === 0) { - api = user.verify; + api = users.verify; } else { - api = user.verifyWithUsername; + api = users.verifyWithUsername; } api(commonName, req.credentials || '', function (error, user) { @@ -410,7 +410,7 @@ function authorizeUserForApp(req, res, next) { // we return no such object, to avoid leakage of a users existence if (!result) return next(new ldap.NoSuchObjectError(req.dn.toString())); - eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'ldap', appId: app.id, app: app }, { userId: req.user.id, user: user.removePrivateFields(req.user) }); + eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'ldap', appId: app.id, app: app }, { userId: req.user.id, user: users.removePrivateFields(req.user) }); res.end(); }); @@ -451,12 +451,12 @@ function authenticateMailbox(req, res, next) { } else if (mailbox.ownerType === mailboxdb.OWNER_TYPE_USER) { if (!domain.enabled) return next(new ldap.NoSuchObjectError(req.dn.toString())); - user.verify(mailbox.ownerId, req.credentials || '', function (error, result) { + users.verify(mailbox.ownerId, req.credentials || '', function (error, result) { if (error && error.reason === UserError.NOT_FOUND) return next(new ldap.NoSuchObjectError(req.dn.toString())); if (error && error.reason === UserError.WRONG_PASSWORD) return next(new ldap.InvalidCredentialsError(req.dn.toString())); if (error) return next(new ldap.OperationsError(error.message)); - eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'ldap', mailboxId: email }, { userId: result.id, user: user.removePrivateFields(result) }); + eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'ldap', mailboxId: email }, { userId: result.id, user: users.removePrivateFields(result) }); res.end(); }); } else { diff --git a/src/mail.js b/src/mail.js index 19af7d975..676213bc7 100644 --- a/src/mail.js +++ b/src/mail.js @@ -65,7 +65,7 @@ var assert = require('assert'), shell = require('./shell.js'), smtpTransport = require('nodemailer-smtp-transport'), sysinfo = require('./sysinfo.js'), - user = require('./user.js'), + users = require('./users.js'), util = require('util'), _ = require('underscore'); @@ -478,7 +478,7 @@ function createMailConfig(callback) { getDomains(function (error, mailDomains) { if (error) return callback(error); - user.getOwner(function (error, owner) { + users.getOwner(function (error, owner) { const mailFqdn = config.mailFqdn(); const defaultDomain = config.adminDomain(); const alertsFrom = `no-reply@${defaultDomain}`; diff --git a/src/mailer.js b/src/mailer.js index f619586cb..59cfbc0b4 100644 --- a/src/mailer.js +++ b/src/mailer.js @@ -39,7 +39,7 @@ var assert = require('assert'), settings = require('./settings.js'), showdown = require('showdown'), smtpTransport = require('nodemailer-smtp-transport'), - users = require('./user.js'), + users = require('./users.js'), util = require('util'), _ = require('underscore'); diff --git a/src/reverseproxy.js b/src/reverseproxy.js index 17eb565bc..1c837e56b 100644 --- a/src/reverseproxy.js +++ b/src/reverseproxy.js @@ -46,7 +46,7 @@ var acme = require('./cert/acme.js'), platform = require('./platform.js'), safe = require('safetydance'), shell = require('./shell.js'), - user = require('./user.js'), + users = require('./users.js'), util = require('util'); var NGINX_APPCONFIG_EJS = fs.readFileSync(__dirname + '/../setup/start/nginx/appconfig.ejs', { encoding: 'utf8' }), @@ -98,7 +98,7 @@ function getApi(app, callback) { // we cannot use admin@fqdn because the user might not have set it up. // we simply update the account with the latest email we have each time when getting letsencrypt certs // https://github.com/ietf-wg-acme/acme/issues/30 - user.getOwner(function (error, owner) { + users.getOwner(function (error, owner) { options.email = error ? 'support@cloudron.io' : (owner.fallbackEmail || owner.email); // can error if not activated yet callback(null, api, options); diff --git a/src/routes/index.js b/src/routes/index.js index 99d50a44b..f615486ad 100644 --- a/src/routes/index.js +++ b/src/routes/index.js @@ -18,5 +18,5 @@ exports = module.exports = { sysadmin: require('./sysadmin.js'), settings: require('./settings.js'), ssh: require('./ssh.js'), - user: require('./user.js') + users: require('./users.js') }; diff --git a/src/routes/oauth2.js b/src/routes/oauth2.js index 99bfba1fc..2b8a284e9 100644 --- a/src/routes/oauth2.js +++ b/src/routes/oauth2.js @@ -22,8 +22,8 @@ var apps = require('../apps'), speakeasy = require('speakeasy'), tokendb = require('../tokendb'), url = require('url'), - user = require('../user.js'), - UserError = user.UserError, + users = require('../users.js'), + UserError = users.UserError, util = require('util'), _ = require('underscore'); @@ -300,7 +300,7 @@ function passwordResetRequest(req, res, next) { debug('passwordResetRequest: email or username %s.', req.body.identifier); - user.resetPasswordByIdentifier(req.body.identifier, function (error) { + users.resetPasswordByIdentifier(req.body.identifier, function (error) { if (error && error.reason !== UserError.NOT_FOUND) { console.error(error); return sendErrorPageOrRedirect(req, res, 'User not found'); @@ -329,7 +329,7 @@ function renderAccountSetupSite(res, req, userObject, error) { function accountSetupSite(req, res) { if (!req.query.reset_token) return sendError(req, res, 'Missing Reset Token'); - user.getByResetToken(req.query.reset_token, function (error, userObject) { + users.getByResetToken(req.query.reset_token, function (error, userObject) { if (error) return sendError(req, res, 'Invalid Reset Token'); renderAccountSetupSite(res, req, userObject, ''); @@ -347,11 +347,11 @@ function accountSetup(req, res, next) { debug('acountSetup: with token %s.', req.body.resetToken); - user.getByResetToken(req.body.resetToken, function (error, userObject) { + users.getByResetToken(req.body.resetToken, function (error, userObject) { if (error) return sendError(req, res, 'Invalid Reset Token'); var data = _.pick(req.body, 'username', 'displayName'); - user.update(userObject.id, data, auditSource(req), function (error) { + users.update(userObject.id, data, auditSource(req), function (error) { if (error && error.reason === UserError.ALREADY_EXISTS) return renderAccountSetupSite(res, req, userObject, 'Username already exists'); if (error && error.reason === UserError.BAD_FIELD) return renderAccountSetupSite(res, req, userObject, error.message); if (error && error.reason === UserError.NOT_FOUND) return renderAccountSetupSite(res, req, userObject, 'No such user'); @@ -361,7 +361,7 @@ function accountSetup(req, res, next) { userObject.displayName = req.body.displayName; // setPassword clears the resetToken - user.setPassword(userObject.id, req.body.password, function (error, result) { + users.setPassword(userObject.id, req.body.password, function (error, result) { if (error && error.reason === UserError.BAD_FIELD) return renderAccountSetupSite(res, req, userObject, error.message); if (error) return next(new HttpError(500, error)); @@ -376,7 +376,7 @@ function accountSetup(req, res, next) { function passwordResetSite(req, res, next) { if (!req.query.reset_token) return next(new HttpError(400, 'Missing reset_token')); - user.getByResetToken(req.query.reset_token, function (error, user) { + users.getByResetToken(req.query.reset_token, function (error, user) { if (error) return next(new HttpError(401, 'Invalid reset_token')); renderTemplate(res, 'password_reset', { @@ -397,13 +397,13 @@ function passwordReset(req, res, next) { debug('passwordReset: with token %s.', req.body.resetToken); - user.getByResetToken(req.body.resetToken, function (error, userObject) { + users.getByResetToken(req.body.resetToken, function (error, userObject) { if (error) return next(new HttpError(401, 'Invalid resetToken')); if (!userObject.username) return next(new HttpError(401, 'No username set')); // setPassword clears the resetToken - user.setPassword(userObject.id, req.body.password, function (error, result) { + users.setPassword(userObject.id, req.body.password, function (error, result) { if (error && error.reason === UserError.BAD_FIELD) return next(new HttpError(406, error.message)); if (error) return next(new HttpError(500, error)); @@ -462,7 +462,7 @@ var authorization = [ var type = req.oauth2.client.type; if (type === clients.TYPE_EXTERNAL || type === clients.TYPE_BUILT_IN) { - eventlog.add(eventlog.ACTION_USER_LOGIN, auditSource(req, req.oauth2.client.appId), { userId: req.oauth2.user.id, user: user.removePrivateFields(req.oauth2.user) }); + eventlog.add(eventlog.ACTION_USER_LOGIN, auditSource(req, req.oauth2.client.appId), { userId: req.oauth2.user.id, user: users.removePrivateFields(req.oauth2.user) }); return next(); } @@ -473,7 +473,7 @@ var authorization = [ if (error) return sendError(req, res, 'Internal error'); if (!access) return sendErrorPageOrRedirect(req, res, 'No access to this app.'); - eventlog.add(eventlog.ACTION_USER_LOGIN, auditSource(req, appObject.id, appObject), { userId: req.oauth2.user.id, user: user.removePrivateFields(req.oauth2.user) }); + eventlog.add(eventlog.ACTION_USER_LOGIN, auditSource(req, appObject.id, appObject), { userId: req.oauth2.user.id, user: users.removePrivateFields(req.oauth2.user) }); next(); }); diff --git a/src/routes/profile.js b/src/routes/profile.js index 940c25f2c..8b10d9348 100644 --- a/src/routes/profile.js +++ b/src/routes/profile.js @@ -12,8 +12,8 @@ exports = module.exports = { var assert = require('assert'), HttpError = require('connect-lastmile').HttpError, HttpSuccess = require('connect-lastmile').HttpSuccess, - user = require('../user.js'), - UserError = user.UserError, + users = require('../users.js'), + UserError = users.UserError, _ = require('underscore'); function auditSource(req) { @@ -45,7 +45,7 @@ function update(req, res, next) { var data = _.pick(req.body, 'email', 'fallbackEmail', 'displayName'); - user.update(req.user.id, data, auditSource(req), function (error) { + users.update(req.user.id, data, auditSource(req), function (error) { if (error && error.reason === UserError.BAD_FIELD) return next(new HttpError(400, error.message)); if (error && error.reason === UserError.ALREADY_EXISTS) return next(new HttpError(409, error.message)); if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(404, 'User not found')); @@ -61,7 +61,7 @@ function changePassword(req, res, next) { if (typeof req.body.newPassword !== 'string') return next(new HttpError(400, 'newPassword must be a string')); - user.setPassword(req.user.id, req.body.newPassword, function (error) { + users.setPassword(req.user.id, req.body.newPassword, function (error) { if (error && error.reason === UserError.BAD_FIELD) return next(new HttpError(400, error.message)); if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(403, 'Wrong password')); if (error) return next(new HttpError(500, error)); @@ -73,7 +73,7 @@ function changePassword(req, res, next) { function setTwoFactorAuthenticationSecret(req, res, next) { assert.strictEqual(typeof req.user, 'object'); - user.setTwoFactorAuthenticationSecret(req.user.id, function (error, result) { + users.setTwoFactorAuthenticationSecret(req.user.id, function (error, result) { if (error && error.reason === UserError.ALREADY_EXISTS) return next(new HttpError(409, 'TwoFactor Authentication is enabled, disable first')); if (error) return next(new HttpError(500, error)); @@ -87,7 +87,7 @@ function enableTwoFactorAuthentication(req, res, next) { if (!req.body.totpToken || typeof req.body.totpToken !== 'string') return next(new HttpError(400, 'totpToken must be a nonempty string')); - user.enableTwoFactorAuthentication(req.user.id, req.body.totpToken, function (error) { + users.enableTwoFactorAuthentication(req.user.id, req.body.totpToken, function (error) { if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(404, 'User not found')); if (error && error.reason === UserError.BAD_TOKEN) return next(new HttpError(403, 'Invalid token')); if (error && error.reason === UserError.ALREADY_EXISTS) return next(new HttpError(409, 'TwoFactor Authentication is already enabled')); @@ -100,7 +100,7 @@ function enableTwoFactorAuthentication(req, res, next) { function disableTwoFactorAuthentication(req, res, next) { assert.strictEqual(typeof req.user, 'object'); - user.disableTwoFactorAuthentication(req.user.id, function (error) { + users.disableTwoFactorAuthentication(req.user.id, function (error) { if (error) return next(new HttpError(500, error)); next(new HttpSuccess(202, {})); diff --git a/src/routes/test/oauth2-test.js b/src/routes/test/oauth2-test.js index 306da16fa..0ce462fb4 100644 --- a/src/routes/test/oauth2-test.js +++ b/src/routes/test/oauth2-test.js @@ -6,28 +6,28 @@ 'use strict'; -var expect = require('expect.js'), - uuid = require('uuid'), +var appdb = require('../../appdb.js'), async = require('async'), - hat = require('hat'), - urlParse = require('url').parse, - nock = require('nock'), - HttpError = require('connect-lastmile').HttpError, - oauth2 = require('../oauth2.js'), - server = require('../../server.js'), - querystring = require('querystring'), - database = require('../../database.js'), - domains = require('../../domains.js'), clientdb = require('../../clientdb.js'), clients = require('../../clients.js'), - userdb = require('../../userdb.js'), - user = require('../../user.js'), - appdb = require('../../appdb.js'), config = require('../../config.js'), + database = require('../../database.js'), + domains = require('../../domains.js'), + expect = require('expect.js'), + hat = require('hat'), + HttpError = require('connect-lastmile').HttpError, + nock = require('nock'), + oauth2 = require('../oauth2.js'), + passport = require('passport'), + querystring = require('querystring'), request = require('request'), + server = require('../../server.js'), speakeasy = require('speakeasy'), superagent = require('superagent'), - passport = require('passport'); + urlParse = require('url').parse, + userdb = require('../../userdb.js'), + users = require('../../users.js'), + uuid = require('uuid'); var SERVER_URL = 'http://localhost:' + config.get('port'); @@ -323,7 +323,7 @@ describe('OAuth2', function () { appdb.add.bind(null, APP_2.id, APP_2.appStoreId, APP_2.manifest, APP_2.location, APP_2.domain, APP_2.portBindings, APP_2), appdb.add.bind(null, APP_3.id, APP_3.appStoreId, APP_3.manifest, APP_3.location, APP_3.domain, APP_3.portBindings, APP_3), function (callback) { - user.create(USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, null /* source */, function (error, userObject) { + users.create(USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, null /* source */, function (error, userObject) { expect(error).to.not.be.ok(); // update the global objects to reflect the new user id diff --git a/src/routes/test/user-test.js b/src/routes/test/users-test.js similarity index 100% rename from src/routes/test/user-test.js rename to src/routes/test/users-test.js diff --git a/src/routes/user.js b/src/routes/users.js similarity index 88% rename from src/routes/user.js rename to src/routes/users.js index 581d0b7fa..59dfcbac2 100644 --- a/src/routes/user.js +++ b/src/routes/users.js @@ -19,8 +19,8 @@ var assert = require('assert'), HttpError = require('connect-lastmile').HttpError, HttpSuccess = require('connect-lastmile').HttpSuccess, oauth2 = require('./oauth2.js'), - user = require('../user.js'), - UserError = user.UserError; + users = require('../users.js'), + UserError = users.UserError; function auditSource(req) { var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || null; @@ -42,7 +42,7 @@ function create(req, res, next) { var username = 'username' in req.body ? req.body.username : null; var displayName = req.body.displayName || ''; - user.create(username, password, email, displayName, auditSource(req), { invitor: req.user, sendInvite: sendInvite }, function (error, user) { + users.create(username, password, email, displayName, auditSource(req), { invitor: req.user, sendInvite: sendInvite }, function (error, user) { if (error && error.reason === UserError.BAD_FIELD) return next(new HttpError(400, error.message)); if (error && error.reason === UserError.ALREADY_EXISTS) return next(new HttpError(409, error.message)); if (error) return next(new HttpError(500, error)); @@ -74,7 +74,7 @@ function update(req, res, next) { if (req.user.id !== req.params.userId && !req.user.admin) return next(new HttpError(403, 'Not allowed')); - user.update(req.params.userId, req.body, auditSource(req), function (error) { + users.update(req.params.userId, req.body, auditSource(req), function (error) { if (error && error.reason === UserError.BAD_FIELD) return next(new HttpError(400, error.message)); if (error && error.reason === UserError.ALREADY_EXISTS) return next(new HttpError(409, error.message)); if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(404, 'User not found')); @@ -85,12 +85,12 @@ function update(req, res, next) { } function list(req, res, next) { - user.list(function (error, results) { + users.list(function (error, results) { if (error) return next(new HttpError(500, error)); - var users = results.map(user.removePrivateFields); + results = results.map(users.removePrivateFields); - next(new HttpSuccess(200, { users: users })); + next(new HttpSuccess(200, { users: results })); }); } @@ -100,11 +100,11 @@ function get(req, res, next) { if (req.user.id !== req.params.userId && !req.user.admin) return next(new HttpError(403, 'Not allowed')); - user.get(req.params.userId, function (error, result) { + users.get(req.params.userId, function (error, result) { if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(404, 'No such user')); if (error) return next(new HttpError(500, error)); - next(new HttpSuccess(200, user.removePrivateFields(result))); + next(new HttpSuccess(200, users.removePrivateFields(result))); }); } @@ -118,7 +118,7 @@ function remove(req, res, next) { if (req.user.id === req.params.userId) return next(new HttpError(403, 'Not allowed to remove yourself.')); - user.remove(req.params.userId, auditSource(req), function (error) { + users.remove(req.params.userId, auditSource(req), function (error) { if (error && error.reason === UserError.BAD_FIELD) return next(new HttpError(400, error.message)); if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(404, 'No such user')); if (error) return next(new HttpError(500, error)); @@ -136,7 +136,7 @@ function verifyPassword(req, res, next) { if (typeof req.body.password !== 'string') return next(new HttpError(400, 'API call requires user password')); - user.verifyWithUsername(req.user.username, req.body.password, function (error) { + users.verifyWithUsername(req.user.username, req.body.password, function (error) { if (error && error.reason === UserError.WRONG_PASSWORD) return next(new HttpError(403, 'Password incorrect')); if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(403, 'Password incorrect')); if (error) return next(new HttpError(500, error)); @@ -161,7 +161,7 @@ function requireAdmin(req, res, next) { function sendInvite(req, res, next) { assert.strictEqual(typeof req.params.userId, 'string'); - user.sendInvite(req.params.userId, { invitor: req.user }, function (error, result) { + users.sendInvite(req.params.userId, { invitor: req.user }, function (error, result) { if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(404, 'User not found')); if (error) return next(new HttpError(500, error)); @@ -178,7 +178,7 @@ function setGroups(req, res, next) { // this route is only allowed for admins, so req.user has to be an admin if (req.user.id === req.params.userId && req.body.groupIds.indexOf(constants.ADMIN_GROUP_ID) === -1) return next(new HttpError(403, 'Admin removing itself from admins is not allowed')); - user.setGroups(req.params.userId, req.body.groupIds, function (error) { + users.setGroups(req.params.userId, req.body.groupIds, function (error) { if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(404, 'One or more groups not found')); if (error) return next(new HttpError(500, error)); diff --git a/src/server.js b/src/server.js index c8af8ea67..7cc7a00ad 100644 --- a/src/server.js +++ b/src/server.js @@ -113,43 +113,43 @@ function initializeExpressSync() { // cloudron routes router.get ('/api/v1/cloudron/config', cloudronScope, routes.cloudron.getConfig); - router.post('/api/v1/cloudron/update', cloudronScope, routes.user.requireAdmin, routes.cloudron.update); - router.post('/api/v1/cloudron/check_for_updates', cloudronScope, routes.user.requireAdmin, routes.cloudron.checkForUpdates); - router.post('/api/v1/cloudron/reboot', cloudronScope, routes.user.requireAdmin, routes.cloudron.reboot); - router.get ('/api/v1/cloudron/graphs', cloudronScope, routes.user.requireAdmin, routes.graphs.getGraphs); - router.get ('/api/v1/cloudron/disks', cloudronScope, routes.user.requireAdmin, routes.cloudron.getDisks); - router.get ('/api/v1/cloudron/logs', cloudronScope, routes.user.requireAdmin, routes.cloudron.getLogs); - router.get ('/api/v1/cloudron/logstream', cloudronScope, routes.user.requireAdmin, routes.cloudron.getLogStream); - router.get ('/api/v1/cloudron/ssh/authorized_keys', cloudronScope, routes.user.requireAdmin, routes.ssh.getAuthorizedKeys); - router.put ('/api/v1/cloudron/ssh/authorized_keys', cloudronScope, routes.user.requireAdmin, routes.ssh.addAuthorizedKey); - router.get ('/api/v1/cloudron/ssh/authorized_keys/:identifier', cloudronScope, routes.user.requireAdmin, routes.ssh.getAuthorizedKey); - router.del ('/api/v1/cloudron/ssh/authorized_keys/:identifier', cloudronScope, routes.user.requireAdmin, routes.ssh.delAuthorizedKey); - router.get ('/api/v1/cloudron/eventlog', cloudronScope, routes.user.requireAdmin, routes.eventlog.get); + router.post('/api/v1/cloudron/update', cloudronScope, routes.users.requireAdmin, routes.cloudron.update); + router.post('/api/v1/cloudron/check_for_updates', cloudronScope, routes.users.requireAdmin, routes.cloudron.checkForUpdates); + router.post('/api/v1/cloudron/reboot', cloudronScope, routes.users.requireAdmin, routes.cloudron.reboot); + router.get ('/api/v1/cloudron/graphs', cloudronScope, routes.users.requireAdmin, routes.graphs.getGraphs); + router.get ('/api/v1/cloudron/disks', cloudronScope, routes.users.requireAdmin, routes.cloudron.getDisks); + router.get ('/api/v1/cloudron/logs', cloudronScope, routes.users.requireAdmin, routes.cloudron.getLogs); + router.get ('/api/v1/cloudron/logstream', cloudronScope, routes.users.requireAdmin, routes.cloudron.getLogStream); + router.get ('/api/v1/cloudron/ssh/authorized_keys', cloudronScope, routes.users.requireAdmin, routes.ssh.getAuthorizedKeys); + router.put ('/api/v1/cloudron/ssh/authorized_keys', cloudronScope, routes.users.requireAdmin, routes.ssh.addAuthorizedKey); + router.get ('/api/v1/cloudron/ssh/authorized_keys/:identifier', cloudronScope, routes.users.requireAdmin, routes.ssh.getAuthorizedKey); + router.del ('/api/v1/cloudron/ssh/authorized_keys/:identifier', cloudronScope, routes.users.requireAdmin, routes.ssh.delAuthorizedKey); + router.get ('/api/v1/cloudron/eventlog', cloudronScope, routes.users.requireAdmin, routes.eventlog.get); // working off the user behind the provided token router.get ('/api/v1/user/apps', profileScope, routes.apps.getAllByUser); router.get ('/api/v1/user/profile', profileScope, routes.profile.get); router.post('/api/v1/user/profile', profileScope, routes.profile.update); - router.post('/api/v1/user/profile/password', profileScope, routes.user.verifyPassword, routes.profile.changePassword); + router.post('/api/v1/user/profile/password', profileScope, routes.users.verifyPassword, routes.profile.changePassword); router.post('/api/v1/user/profile/twofactorauthentication', profileScope, routes.profile.setTwoFactorAuthenticationSecret); router.post('/api/v1/user/profile/twofactorauthentication/enable', profileScope, routes.profile.enableTwoFactorAuthentication); - router.post('/api/v1/user/profile/twofactorauthentication/disable', profileScope, routes.user.verifyPassword, routes.profile.disableTwoFactorAuthentication); + router.post('/api/v1/user/profile/twofactorauthentication/disable', profileScope, routes.users.verifyPassword, routes.profile.disableTwoFactorAuthentication); // user routes - router.get ('/api/v1/users', usersScope, routes.user.requireAdmin, routes.user.list); - router.post('/api/v1/users', usersScope, routes.user.requireAdmin, routes.user.create); - router.get ('/api/v1/users/:userId', usersScope, routes.user.requireAdmin, routes.user.get); - router.del ('/api/v1/users/:userId', usersScope, routes.user.requireAdmin, routes.user.verifyPassword, routes.user.remove); - router.post('/api/v1/users/:userId', usersScope, routes.user.requireAdmin, routes.user.update); - router.put ('/api/v1/users/:userId/groups', usersScope, routes.user.requireAdmin, routes.user.setGroups); - router.post('/api/v1/users/:userId/invite', usersScope, routes.user.requireAdmin, routes.user.sendInvite); + router.get ('/api/v1/users', usersScope, routes.users.requireAdmin, routes.users.list); + router.post('/api/v1/users', usersScope, routes.users.requireAdmin, routes.users.create); + router.get ('/api/v1/users/:userId', usersScope, routes.users.requireAdmin, routes.users.get); + router.del ('/api/v1/users/:userId', usersScope, routes.users.requireAdmin, routes.users.verifyPassword, routes.users.remove); + router.post('/api/v1/users/:userId', usersScope, routes.users.requireAdmin, routes.users.update); + router.put ('/api/v1/users/:userId/groups', usersScope, routes.users.requireAdmin, routes.users.setGroups); + router.post('/api/v1/users/:userId/invite', usersScope, routes.users.requireAdmin, routes.users.sendInvite); // Group management - router.get ('/api/v1/groups', usersScope, routes.user.requireAdmin, routes.groups.list); - router.post('/api/v1/groups', usersScope, routes.user.requireAdmin, routes.groups.create); - router.get ('/api/v1/groups/:groupId', usersScope, routes.user.requireAdmin, routes.groups.get); - router.put ('/api/v1/groups/:groupId/members', usersScope, routes.user.requireAdmin, routes.groups.updateMembers); - router.del ('/api/v1/groups/:groupId', usersScope, routes.user.requireAdmin, routes.user.verifyPassword, routes.groups.remove); + router.get ('/api/v1/groups', usersScope, routes.users.requireAdmin, routes.groups.list); + router.post('/api/v1/groups', usersScope, routes.users.requireAdmin, routes.groups.create); + router.get ('/api/v1/groups/:groupId', usersScope, routes.users.requireAdmin, routes.groups.get); + router.put ('/api/v1/groups/:groupId/members', usersScope, routes.users.requireAdmin, routes.groups.updateMembers); + router.del ('/api/v1/groups/:groupId', usersScope, routes.users.requireAdmin, routes.users.verifyPassword, routes.groups.remove); // form based login routes used by oauth2 frame router.get ('/api/v1/session/login', csrf, routes.oauth2.loginForm); @@ -182,83 +182,83 @@ function initializeExpressSync() { router.get ('/api/v1/apps/:id', appsScope, routes.apps.getApp); router.get ('/api/v1/apps/:id/icon', routes.apps.getAppIcon); - router.post('/api/v1/apps/install', appsScope, routes.user.requireAdmin, routes.apps.installApp); - router.post('/api/v1/apps/:id/uninstall', appsScope, routes.user.requireAdmin, routes.user.verifyPassword, routes.apps.uninstallApp); - router.post('/api/v1/apps/:id/configure', appsScope, routes.user.requireAdmin, routes.apps.configureApp); - router.post('/api/v1/apps/:id/update', appsScope, routes.user.requireAdmin, routes.apps.updateApp); - router.post('/api/v1/apps/:id/restore', appsScope, routes.user.requireAdmin, routes.user.verifyPassword, routes.apps.restoreApp); - router.post('/api/v1/apps/:id/backup', appsScope, routes.user.requireAdmin, routes.apps.backupApp); - router.get ('/api/v1/apps/:id/backups', appsScope, routes.user.requireAdmin, routes.apps.listBackups); - router.post('/api/v1/apps/:id/stop', appsScope, routes.user.requireAdmin, routes.apps.stopApp); - router.post('/api/v1/apps/:id/start', appsScope, routes.user.requireAdmin, routes.apps.startApp); - router.get ('/api/v1/apps/:id/logstream', appsScope, routes.user.requireAdmin, routes.apps.getLogStream); - router.get ('/api/v1/apps/:id/logs', appsScope, routes.user.requireAdmin, routes.apps.getLogs); - router.get ('/api/v1/apps/:id/exec', appsScope, routes.user.requireAdmin, routes.apps.exec); + router.post('/api/v1/apps/install', appsScope, routes.users.requireAdmin, routes.apps.installApp); + router.post('/api/v1/apps/:id/uninstall', appsScope, routes.users.requireAdmin, routes.users.verifyPassword, routes.apps.uninstallApp); + router.post('/api/v1/apps/:id/configure', appsScope, routes.users.requireAdmin, routes.apps.configureApp); + router.post('/api/v1/apps/:id/update', appsScope, routes.users.requireAdmin, routes.apps.updateApp); + router.post('/api/v1/apps/:id/restore', appsScope, routes.users.requireAdmin, routes.users.verifyPassword, routes.apps.restoreApp); + router.post('/api/v1/apps/:id/backup', appsScope, routes.users.requireAdmin, routes.apps.backupApp); + router.get ('/api/v1/apps/:id/backups', appsScope, routes.users.requireAdmin, routes.apps.listBackups); + router.post('/api/v1/apps/:id/stop', appsScope, routes.users.requireAdmin, routes.apps.stopApp); + router.post('/api/v1/apps/:id/start', appsScope, routes.users.requireAdmin, routes.apps.startApp); + router.get ('/api/v1/apps/:id/logstream', appsScope, routes.users.requireAdmin, routes.apps.getLogStream); + router.get ('/api/v1/apps/:id/logs', appsScope, routes.users.requireAdmin, routes.apps.getLogs); + router.get ('/api/v1/apps/:id/exec', appsScope, routes.users.requireAdmin, routes.apps.exec); // websocket cannot do bearer authentication - router.get ('/api/v1/apps/:id/execws', routes.oauth2.websocketAuth.bind(null, [ clients.SCOPE_APPS ]), routes.user.requireAdmin, routes.apps.execWebSocket); - router.post('/api/v1/apps/:id/clone', appsScope, routes.user.requireAdmin, routes.apps.cloneApp); - router.get ('/api/v1/apps/:id/download', appsScope, routes.user.requireAdmin, routes.apps.downloadFile); - router.post('/api/v1/apps/:id/upload', appsScope, routes.user.requireAdmin, multipart, routes.apps.uploadFile); + router.get ('/api/v1/apps/:id/execws', routes.oauth2.websocketAuth.bind(null, [ clients.SCOPE_APPS ]), routes.users.requireAdmin, routes.apps.execWebSocket); + router.post('/api/v1/apps/:id/clone', appsScope, routes.users.requireAdmin, routes.apps.cloneApp); + router.get ('/api/v1/apps/:id/download', appsScope, routes.users.requireAdmin, routes.apps.downloadFile); + router.post('/api/v1/apps/:id/upload', appsScope, routes.users.requireAdmin, multipart, routes.apps.uploadFile); // settings routes (these are for the settings tab - avatar & name have public routes for normal users. see above) - router.get ('/api/v1/settings/app_autoupdate_pattern', settingsScope, routes.user.requireAdmin, routes.settings.getAppAutoupdatePattern); - router.post('/api/v1/settings/app_autoupdate_pattern', settingsScope, routes.user.requireAdmin, routes.settings.setAppAutoupdatePattern); - router.get ('/api/v1/settings/box_autoupdate_pattern', settingsScope, routes.user.requireAdmin, routes.settings.getBoxAutoupdatePattern); - router.post('/api/v1/settings/box_autoupdate_pattern', settingsScope, routes.user.requireAdmin, routes.settings.setBoxAutoupdatePattern); - router.get ('/api/v1/settings/cloudron_name', settingsScope, routes.user.requireAdmin, routes.settings.getCloudronName); - router.post('/api/v1/settings/cloudron_name', settingsScope, routes.user.requireAdmin, routes.settings.setCloudronName); - router.get ('/api/v1/settings/cloudron_avatar', settingsScope, routes.user.requireAdmin, routes.settings.getCloudronAvatar); - router.post('/api/v1/settings/cloudron_avatar', settingsScope, routes.user.requireAdmin, multipart, routes.settings.setCloudronAvatar); - router.get ('/api/v1/settings/backup_config', settingsScope, routes.user.requireAdmin, routes.settings.getBackupConfig); - router.post('/api/v1/settings/backup_config', settingsScope, routes.user.requireAdmin, routes.settings.setBackupConfig); + router.get ('/api/v1/settings/app_autoupdate_pattern', settingsScope, routes.users.requireAdmin, routes.settings.getAppAutoupdatePattern); + router.post('/api/v1/settings/app_autoupdate_pattern', settingsScope, routes.users.requireAdmin, routes.settings.setAppAutoupdatePattern); + router.get ('/api/v1/settings/box_autoupdate_pattern', settingsScope, routes.users.requireAdmin, routes.settings.getBoxAutoupdatePattern); + router.post('/api/v1/settings/box_autoupdate_pattern', settingsScope, routes.users.requireAdmin, routes.settings.setBoxAutoupdatePattern); + router.get ('/api/v1/settings/cloudron_name', settingsScope, routes.users.requireAdmin, routes.settings.getCloudronName); + router.post('/api/v1/settings/cloudron_name', settingsScope, routes.users.requireAdmin, routes.settings.setCloudronName); + router.get ('/api/v1/settings/cloudron_avatar', settingsScope, routes.users.requireAdmin, routes.settings.getCloudronAvatar); + router.post('/api/v1/settings/cloudron_avatar', settingsScope, routes.users.requireAdmin, multipart, routes.settings.setCloudronAvatar); + router.get ('/api/v1/settings/backup_config', settingsScope, routes.users.requireAdmin, routes.settings.getBackupConfig); + router.post('/api/v1/settings/backup_config', settingsScope, routes.users.requireAdmin, routes.settings.setBackupConfig); - router.get ('/api/v1/settings/time_zone', settingsScope, routes.user.requireAdmin, routes.settings.getTimeZone); - router.post('/api/v1/settings/time_zone', settingsScope, routes.user.requireAdmin, routes.settings.setTimeZone); - router.get ('/api/v1/settings/appstore_config', settingsScope, routes.user.requireAdmin, routes.settings.getAppstoreConfig); - router.post('/api/v1/settings/appstore_config', settingsScope, routes.user.requireAdmin, routes.settings.setAppstoreConfig); + router.get ('/api/v1/settings/time_zone', settingsScope, routes.users.requireAdmin, routes.settings.getTimeZone); + router.post('/api/v1/settings/time_zone', settingsScope, routes.users.requireAdmin, routes.settings.setTimeZone); + router.get ('/api/v1/settings/appstore_config', settingsScope, routes.users.requireAdmin, routes.settings.getAppstoreConfig); + router.post('/api/v1/settings/appstore_config', settingsScope, routes.users.requireAdmin, routes.settings.setAppstoreConfig); // email routes - router.get ('/api/v1/mail/:domain', settingsScope, routes.user.requireAdmin, routes.mail.getDomain); - router.post('/api/v1/mail/:domain', settingsScope, routes.user.requireAdmin, routes.mail.updateDomain); - router.post('/api/v1/mail', settingsScope, routes.user.requireAdmin, routes.mail.addDomain); - router.get ('/api/v1/mail/:domain/stats', settingsScope, routes.user.requireAdmin, routes.user.verifyPassword, routes.mail.getDomainStats); - router.del ('/api/v1/mail/:domain', settingsScope, routes.user.requireAdmin, routes.user.verifyPassword, routes.mail.removeDomain); - router.get ('/api/v1/mail/:domain/status', settingsScope, routes.user.requireAdmin, routes.mail.getStatus); - router.post('/api/v1/mail/:domain/mail_from_validation', settingsScope, routes.user.requireAdmin, routes.mail.setMailFromValidation); - router.post('/api/v1/mail/:domain/catch_all', settingsScope, routes.user.requireAdmin, routes.mail.setCatchAllAddress); - router.post('/api/v1/mail/:domain/relay', settingsScope, routes.user.requireAdmin, routes.mail.setMailRelay); - router.post('/api/v1/mail/:domain/enable', settingsScope, routes.user.requireAdmin, routes.mail.setMailEnabled); - router.post('/api/v1/mail/:domain/send_test_mail', settingsScope, routes.user.requireAdmin, routes.mail.sendTestMail); - router.get ('/api/v1/mail/:domain/mailboxes', settingsScope, routes.user.requireAdmin, routes.mail.getMailboxes); - router.get ('/api/v1/mail/:domain/mailboxes/:name', settingsScope, routes.user.requireAdmin, routes.mail.getMailbox); - router.post('/api/v1/mail/:domain/mailboxes', settingsScope, routes.user.requireAdmin, routes.mail.addMailbox); - router.post('/api/v1/mail/:domain/mailboxes/:name', settingsScope, routes.user.requireAdmin, routes.mail.updateMailbox); - router.del ('/api/v1/mail/:domain/mailboxes/:name', settingsScope, routes.user.requireAdmin, routes.mail.removeMailbox); - router.get ('/api/v1/mail/:domain/aliases', settingsScope, routes.user.requireAdmin, routes.mail.listAliases); - router.get ('/api/v1/mail/:domain/aliases/:name', settingsScope, routes.user.requireAdmin, routes.mail.getAliases); - router.put ('/api/v1/mail/:domain/aliases/:name', settingsScope, routes.user.requireAdmin, routes.mail.setAliases); - router.get ('/api/v1/mail/:domain/lists', settingsScope, routes.user.requireAdmin, routes.mail.getLists); - router.post('/api/v1/mail/:domain/lists', settingsScope, routes.user.requireAdmin, routes.mail.addList); - router.get ('/api/v1/mail/:domain/lists/:name', settingsScope, routes.user.requireAdmin, routes.mail.getList); - router.post('/api/v1/mail/:domain/lists/:name', settingsScope, routes.user.requireAdmin, routes.mail.updateList); - router.del ('/api/v1/mail/:domain/lists/:name', settingsScope, routes.user.requireAdmin, routes.mail.removeList); + router.get ('/api/v1/mail/:domain', settingsScope, routes.users.requireAdmin, routes.mail.getDomain); + router.post('/api/v1/mail/:domain', settingsScope, routes.users.requireAdmin, routes.mail.updateDomain); + router.post('/api/v1/mail', settingsScope, routes.users.requireAdmin, routes.mail.addDomain); + router.get ('/api/v1/mail/:domain/stats', settingsScope, routes.users.requireAdmin, routes.users.verifyPassword, routes.mail.getDomainStats); + router.del ('/api/v1/mail/:domain', settingsScope, routes.users.requireAdmin, routes.users.verifyPassword, routes.mail.removeDomain); + router.get ('/api/v1/mail/:domain/status', settingsScope, routes.users.requireAdmin, routes.mail.getStatus); + router.post('/api/v1/mail/:domain/mail_from_validation', settingsScope, routes.users.requireAdmin, routes.mail.setMailFromValidation); + router.post('/api/v1/mail/:domain/catch_all', settingsScope, routes.users.requireAdmin, routes.mail.setCatchAllAddress); + router.post('/api/v1/mail/:domain/relay', settingsScope, routes.users.requireAdmin, routes.mail.setMailRelay); + router.post('/api/v1/mail/:domain/enable', settingsScope, routes.users.requireAdmin, routes.mail.setMailEnabled); + router.post('/api/v1/mail/:domain/send_test_mail', settingsScope, routes.users.requireAdmin, routes.mail.sendTestMail); + router.get ('/api/v1/mail/:domain/mailboxes', settingsScope, routes.users.requireAdmin, routes.mail.getMailboxes); + router.get ('/api/v1/mail/:domain/mailboxes/:name', settingsScope, routes.users.requireAdmin, routes.mail.getMailbox); + router.post('/api/v1/mail/:domain/mailboxes', settingsScope, routes.users.requireAdmin, routes.mail.addMailbox); + router.post('/api/v1/mail/:domain/mailboxes/:name', settingsScope, routes.users.requireAdmin, routes.mail.updateMailbox); + router.del ('/api/v1/mail/:domain/mailboxes/:name', settingsScope, routes.users.requireAdmin, routes.mail.removeMailbox); + router.get ('/api/v1/mail/:domain/aliases', settingsScope, routes.users.requireAdmin, routes.mail.listAliases); + router.get ('/api/v1/mail/:domain/aliases/:name', settingsScope, routes.users.requireAdmin, routes.mail.getAliases); + router.put ('/api/v1/mail/:domain/aliases/:name', settingsScope, routes.users.requireAdmin, routes.mail.setAliases); + router.get ('/api/v1/mail/:domain/lists', settingsScope, routes.users.requireAdmin, routes.mail.getLists); + router.post('/api/v1/mail/:domain/lists', settingsScope, routes.users.requireAdmin, routes.mail.addList); + router.get ('/api/v1/mail/:domain/lists/:name', settingsScope, routes.users.requireAdmin, routes.mail.getList); + router.post('/api/v1/mail/:domain/lists/:name', settingsScope, routes.users.requireAdmin, routes.mail.updateList); + router.del ('/api/v1/mail/:domain/lists/:name', settingsScope, routes.users.requireAdmin, routes.mail.removeList); // feedback router.post('/api/v1/feedback', usersScope, routes.cloudron.feedback); // backup routes - router.get ('/api/v1/backups', settingsScope, routes.user.requireAdmin, routes.backups.get); - router.post('/api/v1/backups', settingsScope, routes.user.requireAdmin, routes.backups.create); + router.get ('/api/v1/backups', settingsScope, routes.users.requireAdmin, routes.backups.get); + router.post('/api/v1/backups', settingsScope, routes.users.requireAdmin, routes.backups.create); // domain routes - router.post('/api/v1/domains', settingsScope, routes.user.requireAdmin, routes.domains.add); - router.get ('/api/v1/domains', settingsScope, routes.user.requireAdmin, routes.domains.getAll); - router.get ('/api/v1/domains/:domain', settingsScope, routes.user.requireAdmin, routes.domains.get); - router.put ('/api/v1/domains/:domain', settingsScope, routes.user.requireAdmin, routes.domains.update); - router.del ('/api/v1/domains/:domain', settingsScope, routes.user.requireAdmin, routes.user.verifyPassword, routes.domains.del); + router.post('/api/v1/domains', settingsScope, routes.users.requireAdmin, routes.domains.add); + router.get ('/api/v1/domains', settingsScope, routes.users.requireAdmin, routes.domains.getAll); + router.get ('/api/v1/domains/:domain', settingsScope, routes.users.requireAdmin, routes.domains.get); + router.put ('/api/v1/domains/:domain', settingsScope, routes.users.requireAdmin, routes.domains.update); + router.del ('/api/v1/domains/:domain', settingsScope, routes.users.requireAdmin, routes.users.verifyPassword, routes.domains.del); // caas routes - router.post('/api/v1/caas/change_plan', cloudronScope, routes.user.requireAdmin, routes.user.verifyPassword, routes.caas.changePlan); + router.post('/api/v1/caas/change_plan', cloudronScope, routes.users.requireAdmin, routes.users.verifyPassword, routes.caas.changePlan); // disable server socket "idle" timeout. we use the timeout middleware to handle timeouts on a route level // we rely on nginx for timeouts on the TCP level (see client_header_timeout) diff --git a/src/setup.js b/src/setup.js index 496f97b13..366045776 100644 --- a/src/setup.js +++ b/src/setup.js @@ -37,8 +37,8 @@ var assert = require('assert'), superagent = require('superagent'), sysinfo = require('./sysinfo.js'), tokendb = require('./tokendb.js'), - user = require('./user.js'), - UserError = user.UserError, + users = require('./users.js'), + UserError = users.UserError, tld = require('tldjs'), util = require('util'); @@ -240,7 +240,7 @@ function activate(username, password, email, displayName, ip, auditSource, callb setTimeZone(ip, function () { }); // TODO: get this from user. note that timezone is detected based on the browser location and not the cloudron region - user.createOwner(username, password, email, displayName, auditSource, function (error, userObject) { + users.createOwner(username, password, email, displayName, auditSource, function (error, userObject) { if (error && error.reason === UserError.ALREADY_EXISTS) return callback(new SetupError(SetupError.ALREADY_PROVISIONED)); if (error && error.reason === UserError.BAD_FIELD) return callback(new SetupError(SetupError.BAD_FIELD, error.message)); if (error) return callback(new SetupError(SetupError.INTERNAL_ERROR, error)); @@ -276,7 +276,7 @@ function restore(backupConfig, backupId, version, callback) { if (gWebadminStatus.configuring || gWebadminStatus.restoring) return callback(new SetupError(SetupError.BAD_STATE, 'Already restoring or configuring')); - user.count(function (error, count) { + users.count(function (error, count) { if (error) return callback(new SetupError(SetupError.INTERNAL_ERROR, error)); if (count) return callback(new SetupError(SetupError.ALREADY_PROVISIONED, 'Already activated')); @@ -309,7 +309,7 @@ function restore(backupConfig, backupId, version, callback) { function getStatus(callback) { assert.strictEqual(typeof callback, 'function'); - user.count(function (error, count) { + users.count(function (error, count) { if (error) return callback(new SetupError(SetupError.INTERNAL_ERROR, error)); settings.getCloudronName(function (error, cloudronName) { diff --git a/src/test/digest-test.js b/src/test/digest-test.js index e09947e41..d6ac87e9d 100644 --- a/src/test/digest-test.js +++ b/src/test/digest-test.js @@ -19,8 +19,8 @@ var async = require('async'), safe = require('safetydance'), settings = require('../settings.js'), updatechecker = require('../updatechecker.js'), - user = require('../user.js'), - userdb = require('../userdb.js'); + userdb = require('../userdb.js'), + users = require('../users.js'); // owner var USER_0 = { @@ -73,14 +73,14 @@ describe('digest', function () { settings.initialize, domains.add.bind(null, DOMAIN_0.domain, DOMAIN_0.zoneName, DOMAIN_0.provider, DOMAIN_0.config, DOMAIN_0.fallbackCertificate, DOMAIN_0.tlsConfig), mail.addDomain.bind(null, DOMAIN_0.domain), - user.createOwner.bind(null, USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, AUDIT_SOURCE), + users.createOwner.bind(null, USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, AUDIT_SOURCE), function (callback) { userdb.getByUsername(USER_0.username, function (error, result) { if (error) return callback(error); USER_0.id = result.id; - user.update(USER_0.id, { fallbackEmail: USER_0.fallbackEmail }, AUDIT_SOURCE, callback); + users.update(USER_0.id, { fallbackEmail: USER_0.fallbackEmail }, AUDIT_SOURCE, callback); }); }, eventlog.add.bind(null, eventlog.ACTION_UPDATE, AUDIT_SOURCE, { boxUpdateInfo: { sourceTarballUrl: 'xx', version: '1.2.3', changelog: [ 'good stuff' ] } }), diff --git a/src/test/ldap-test.js b/src/test/ldap-test.js index 7650af2e1..a4d57a0cb 100644 --- a/src/test/ldap-test.js +++ b/src/test/ldap-test.js @@ -20,7 +20,7 @@ var appdb = require('../appdb.js'), maildb = require('../maildb.js'), mailboxdb = require('../mailboxdb.js'), ldap = require('ldapjs'), - user = require('../user.js'); + users = require('../users.js'); const DOMAIN_0 = { domain: 'example.com', @@ -106,7 +106,7 @@ function setup(done) { mailboxdb.addMailbox.bind(null, APP_0.location + '.app', APP_0.domain, APP_0.id, mailboxdb.OWNER_TYPE_APP), function (callback) { - user.createOwner(USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, AUDIT_SOURCE, function (error, result) { + users.createOwner(USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, AUDIT_SOURCE, function (error, result) { if (error) return callback(error); USER_0.id = result.id; @@ -115,7 +115,7 @@ function setup(done) { }); }, function (callback) { - user.create(USER_1.username, USER_1.password, USER_1.email, USER_0.displayName, AUDIT_SOURCE, { invitor: USER_0 }, function (error, result) { + users.create(USER_1.username, USER_1.password, USER_1.email, USER_0.displayName, AUDIT_SOURCE, { invitor: USER_0 }, function (error, result) { if (error) return callback(error); USER_1.id = result.id; @@ -124,7 +124,7 @@ function setup(done) { }); }, function (callback) { - user.create(USER_2.username, USER_2.password, USER_2.email, USER_0.displayName, AUDIT_SOURCE, { invitor: USER_0 }, function (error, result) { + users.create(USER_2.username, USER_2.password, USER_2.email, USER_0.displayName, AUDIT_SOURCE, { invitor: USER_0 }, function (error, result) { if (error) return callback(error); USER_2.id = result.id; diff --git a/src/test/updatechecker-test.js b/src/test/updatechecker-test.js index a85c47ba0..00dfc98b8 100644 --- a/src/test/updatechecker-test.js +++ b/src/test/updatechecker-test.js @@ -20,7 +20,7 @@ var appdb = require('../appdb.js'), settings = require('../settings.js'), settingsdb = require('../settingsdb.js'), updatechecker = require('../updatechecker.js'), - user = require('../user.js'); + users = require('../users.js'); // owner var USER_0 = { @@ -77,7 +77,7 @@ describe('updatechecker - box - manual (email)', function () { settings.initialize, domains.add.bind(null, DOMAIN_0.domain, DOMAIN_0.zoneName, DOMAIN_0.provider, DOMAIN_0.config, DOMAIN_0.fallbackCertificate, DOMAIN_0.tlsConfig), mail.addDomain.bind(null, DOMAIN_0.domain), - user.createOwner.bind(null, USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, AUDIT_SOURCE), + users.createOwner.bind(null, USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, AUDIT_SOURCE), settings.setBoxAutoupdatePattern.bind(null, constants.AUTOUPDATE_PATTERN_NEVER), settingsdb.set.bind(null, settings.APPSTORE_CONFIG_KEY, JSON.stringify({ userId: 'uid', cloudronId: 'cid', token: 'token' })), mailer._clearMailQueue @@ -180,7 +180,7 @@ describe('updatechecker - box - automatic (no email)', function () { domains.add.bind(null, DOMAIN_0.domain, DOMAIN_0.zoneName, DOMAIN_0.provider, DOMAIN_0.config, DOMAIN_0.fallbackCertificate, DOMAIN_0.tlsConfig), mail.addDomain.bind(null, DOMAIN_0.domain), mailer._clearMailQueue, - user.createOwner.bind(null, USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, AUDIT_SOURCE), + users.createOwner.bind(null, USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, AUDIT_SOURCE), settingsdb.set.bind(null, settings.APPSTORE_CONFIG_KEY, JSON.stringify({ userId: 'uid', cloudronId: 'cid', token: 'token' })) ], done); }); @@ -224,7 +224,7 @@ describe('updatechecker - box - automatic free (email)', function () { domains.add.bind(null, DOMAIN_0.domain, DOMAIN_0.zoneName, DOMAIN_0.provider, DOMAIN_0.config, DOMAIN_0.fallbackCertificate, DOMAIN_0.tlsConfig), mail.addDomain.bind(null, DOMAIN_0.domain), mailer._clearMailQueue, - user.createOwner.bind(null, USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, AUDIT_SOURCE), + users.createOwner.bind(null, USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, AUDIT_SOURCE), settingsdb.set.bind(null, settings.APPSTORE_CONFIG_KEY, JSON.stringify({ userId: 'uid', cloudronId: 'cid', token: 'token' })) ], done); }); @@ -295,7 +295,7 @@ describe('updatechecker - app - manual (email)', function () { mail.addDomain.bind(null, DOMAIN_0.domain), mailer._clearMailQueue, appdb.add.bind(null, APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, APP_0.domain, APP_0.portBindings, APP_0), - user.createOwner.bind(null, USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, AUDIT_SOURCE), + users.createOwner.bind(null, USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, AUDIT_SOURCE), settings.setAppAutoupdatePattern.bind(null, constants.AUTOUPDATE_PATTERN_NEVER), settingsdb.set.bind(null, settings.APPSTORE_CONFIG_KEY, JSON.stringify({ userId: 'uid', cloudronId: 'cid', token: 'token' })) ], done); @@ -411,7 +411,7 @@ describe('updatechecker - app - automatic (no email)', function () { mail.addDomain.bind(null, DOMAIN_0.domain), mailer._clearMailQueue, appdb.add.bind(null, APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, APP_0.domain, APP_0.portBindings, APP_0), - user.createOwner.bind(null, USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, AUDIT_SOURCE), + users.createOwner.bind(null, USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, AUDIT_SOURCE), settings.setAppAutoupdatePattern.bind(null, '00 00 1,3,5,23 * * *'), settingsdb.set.bind(null, settings.APPSTORE_CONFIG_KEY, JSON.stringify({ userId: 'uid', cloudronId: 'cid', token: 'token' })) ], done); @@ -477,7 +477,7 @@ describe('updatechecker - app - automatic free (email)', function () { mail.addDomain.bind(null, DOMAIN_0.domain), mailer._clearMailQueue, appdb.add.bind(null, APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, APP_0.domain, APP_0.portBindings, APP_0), - user.createOwner.bind(null, USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, AUDIT_SOURCE), + users.createOwner.bind(null, USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, AUDIT_SOURCE), settings.setAppAutoupdatePattern.bind(null, '00 00 1,3,5,23 * * *'), settingsdb.set.bind(null, settings.APPSTORE_CONFIG_KEY, JSON.stringify({ userId: 'uid', cloudronId: 'cid', token: 'token' })) ], done); diff --git a/src/test/user-test.js b/src/test/users-test.js similarity index 81% rename from src/test/user-test.js rename to src/test/users-test.js index ca600b8b2..a995d61be 100644 --- a/src/test/user-test.js +++ b/src/test/users-test.js @@ -18,9 +18,9 @@ var async = require('async'), mailboxdb = require('../mailboxdb.js'), maildb = require('../maildb.js'), mailer = require('../mailer.js'), - user = require('../user.js'), userdb = require('../userdb.js'), - UserError = user.UserError; + users = require('../users.js'), + UserError = users.UserError; var USERNAME = 'noBody'; var USERNAME_NEW = 'noBodyNew'; @@ -59,7 +59,7 @@ function cleanupUsers(done) { function createOwner(done) { groups.create('admin', function () { // ignore error since it might already exist - user.createOwner(USERNAME, PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { + users.createOwner(USERNAME, PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.not.be.ok(); expect(result).to.be.ok(); @@ -119,7 +119,7 @@ describe('User', function () { after(cleanupUsers); it('fails due to short password', function (done) { - user.create(USERNAME, 'Fo$%23', EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { + users.create(USERNAME, 'Fo$%23', EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.BAD_FIELD); @@ -129,7 +129,7 @@ describe('User', function () { }); it('fails due to missing upper case password', function (done) { - user.create(USERNAME, 'thisiseightch%$234arslong', EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { + users.create(USERNAME, 'thisiseightch%$234arslong', EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.BAD_FIELD); @@ -139,7 +139,7 @@ describe('User', function () { }); it('fails due to missing numerics in password', function (done) { - user.create(USERNAME, 'foobaRASDF%', EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { + users.create(USERNAME, 'foobaRASDF%', EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.BAD_FIELD); @@ -149,7 +149,7 @@ describe('User', function () { }); it('fails due to missing special chars in password', function (done) { - user.create(USERNAME, 'foobaRASDF23423', EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { + users.create(USERNAME, 'foobaRASDF23423', EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.BAD_FIELD); @@ -159,7 +159,7 @@ describe('User', function () { }); it('fails due to reserved username', function (done) { - user.create('admin', PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { + users.create('admin', PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.BAD_FIELD); @@ -169,7 +169,7 @@ describe('User', function () { }); it('fails due to invalid username', function (done) { - user.create('moo-daemon', PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { + users.create('moo-daemon', PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.BAD_FIELD); @@ -179,7 +179,7 @@ describe('User', function () { }); it('fails due to short username', function (done) { - user.create('', PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { + users.create('', PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.BAD_FIELD); @@ -189,7 +189,7 @@ describe('User', function () { }); it('fails due to long username', function (done) { - user.create(new Array(257).fill('Z').join(''), PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { + users.create(new Array(257).fill('Z').join(''), PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.BAD_FIELD); @@ -199,7 +199,7 @@ describe('User', function () { }); it('fails due to reserved pattern', function (done) { - user.create('maybe-app', PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { + users.create('maybe-app', PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.BAD_FIELD); @@ -209,7 +209,7 @@ describe('User', function () { }); it('succeeds and attempts to send invite', function (done) { - user.createOwner(USERNAME, PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { + users.createOwner(USERNAME, PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).not.to.be.ok(); expect(result).to.be.ok(); expect(result.username).to.equal(USERNAME.toLowerCase()); @@ -223,29 +223,29 @@ describe('User', function () { it('fails because of invalid BAD_FIELD', function (done) { expect(function () { - user.create(EMAIL, {}, function () {}); + users.create(EMAIL, {}, function () {}); }).to.throwException(); expect(function () { - user.create(12345, PASSWORD, EMAIL, function () {}); + users.create(12345, PASSWORD, EMAIL, function () {}); }).to.throwException(); expect(function () { - user.create(USERNAME, PASSWORD, EMAIL, {}); + users.create(USERNAME, PASSWORD, EMAIL, {}); }).to.throwException(); expect(function () { - user.create(USERNAME, PASSWORD, EMAIL, {}, function () {}); + users.create(USERNAME, PASSWORD, EMAIL, {}, function () {}); }).to.throwException(); expect(function () { - user.create(USERNAME, PASSWORD, EMAIL, {}); + users.create(USERNAME, PASSWORD, EMAIL, {}); }).to.throwException(); expect(function () { - user.create(USERNAME, PASSWORD, EMAIL, false, null, 'foobar'); + users.create(USERNAME, PASSWORD, EMAIL, false, null, 'foobar'); }).to.throwException(); done(); }); it('fails because user exists', function (done) { - user.create(USERNAME, PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { + users.create(USERNAME, PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).not.to.be.ok(); expect(error.reason).to.equal(UserError.ALREADY_EXISTS); @@ -255,7 +255,7 @@ describe('User', function () { }); it('fails because password is empty', function (done) { - user.create(USERNAME, '', EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { + users.create(USERNAME, '', EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).not.to.be.ok(); expect(error.reason).to.equal(UserError.BAD_FIELD); @@ -269,7 +269,7 @@ describe('User', function () { maildb.update(DOMAIN_0.domain, { enabled: true }, function (error) { expect(error).not.to.be.ok(); - user.create(USERNAME_1, PASSWORD_1, EMAIL_1, DISPLAY_NAME_1, AUDIT_SOURCE, { sendInvite: true }, function (error, result) { + users.create(USERNAME_1, PASSWORD_1, EMAIL_1, DISPLAY_NAME_1, AUDIT_SOURCE, { sendInvite: true }, function (error, result) { expect(error).not.to.be.ok(); expect(result).to.be.ok(); expect(result.username).to.equal(USERNAME_1.toLowerCase()); @@ -292,7 +292,7 @@ describe('User', function () { after(cleanupUsers); it('fails because there is no owner', function (done) { - user.getOwner(function (error) { + users.getOwner(function (error) { expect(error.reason).to.be(UserError.NOT_FOUND); done(); }); @@ -302,7 +302,7 @@ describe('User', function () { createOwner(function (error) { if (error) return done(error); - user.getOwner(function (error, owner) { + users.getOwner(function (error, owner) { expect(error).to.be(null); expect(owner.email).to.be(EMAIL.toLowerCase()); done(); @@ -316,7 +316,7 @@ describe('User', function () { after(cleanupUsers); it('fails due to non existing user', function (done) { - user.verify('somerandomid', PASSWORD, function (error, result) { + users.verify('somerandomid', PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.NOT_FOUND); @@ -326,7 +326,7 @@ describe('User', function () { }); it('fails due to empty password', function (done) { - user.verify(userObject.id, '', function (error, result) { + users.verify(userObject.id, '', function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.WRONG_PASSWORD); @@ -336,7 +336,7 @@ describe('User', function () { }); it('fails due to wrong password', function (done) { - user.verify(userObject.id, PASSWORD+PASSWORD, function (error, result) { + users.verify(userObject.id, PASSWORD+PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.WRONG_PASSWORD); @@ -346,7 +346,7 @@ describe('User', function () { }); it('succeeds', function (done) { - user.verify(userObject.id, PASSWORD, function (error, result) { + users.verify(userObject.id, PASSWORD, function (error, result) { expect(error).to.not.be.ok(); expect(result).to.be.ok(); @@ -355,7 +355,7 @@ describe('User', function () { }); it('fails for ghost if not enabled', function (done) { - user.verify(userObject.id, 'foobar', function (error) { + users.verify(userObject.id, 'foobar', function (error) { expect(error).to.be.a(UserError); expect(error.reason).to.equal(UserError.WRONG_PASSWORD); done(); @@ -367,7 +367,7 @@ describe('User', function () { ghost[userObject.username] = 'testpassword'; fs.writeFileSync(constants.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8'); - user.verify(userObject.id, 'foobar', function (error) { + users.verify(userObject.id, 'foobar', function (error) { fs.unlinkSync(constants.GHOST_USER_FILE); expect(error).to.be.a(UserError); @@ -381,7 +381,7 @@ describe('User', function () { ghost[userObject.username] = 'testpassword'; fs.writeFileSync(constants.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8'); - user.verify(userObject.id, 'testpassword', function (error, result) { + users.verify(userObject.id, 'testpassword', function (error, result) { fs.unlinkSync(constants.GHOST_USER_FILE); expect(error).to.equal(null); @@ -399,7 +399,7 @@ describe('User', function () { ghost[userObject.username] = 'testpassword'; fs.writeFileSync(constants.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8'); - user.verify(userObject.id, PASSWORD, function (error, result) { + users.verify(userObject.id, PASSWORD, function (error, result) { fs.unlinkSync(constants.GHOST_USER_FILE); expect(error).to.not.be.ok(); @@ -416,7 +416,7 @@ describe('User', function () { after(cleanupUsers); it('fails due to non existing username', function (done) { - user.verifyWithUsername(USERNAME+USERNAME, PASSWORD, function (error, result) { + users.verifyWithUsername(USERNAME+USERNAME, PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.NOT_FOUND); @@ -426,7 +426,7 @@ describe('User', function () { }); it('fails due to empty password', function (done) { - user.verifyWithUsername(USERNAME, '', function (error, result) { + users.verifyWithUsername(USERNAME, '', function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.WRONG_PASSWORD); @@ -436,7 +436,7 @@ describe('User', function () { }); it('fails due to wrong password', function (done) { - user.verifyWithUsername(USERNAME, PASSWORD+PASSWORD, function (error, result) { + users.verifyWithUsername(USERNAME, PASSWORD+PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.WRONG_PASSWORD); @@ -446,7 +446,7 @@ describe('User', function () { }); it('succeeds', function (done) { - user.verifyWithUsername(USERNAME, PASSWORD, function (error, result) { + users.verifyWithUsername(USERNAME, PASSWORD, function (error, result) { expect(error).to.not.be.ok(); expect(result).to.be.ok(); @@ -455,7 +455,7 @@ describe('User', function () { }); it('succeeds for different username case', function (done) { - user.verifyWithUsername(USERNAME.toUpperCase(), PASSWORD, function (error, result) { + users.verifyWithUsername(USERNAME.toUpperCase(), PASSWORD, function (error, result) { expect(error).to.not.be.ok(); expect(result).to.be.ok(); @@ -469,7 +469,7 @@ describe('User', function () { fs.writeFileSync(constants.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8'); - user.verifyWithUsername(USERNAME, 'foobar', function (error) { + users.verifyWithUsername(USERNAME, 'foobar', function (error) { fs.unlinkSync(constants.GHOST_USER_FILE); expect(error).to.be.a(UserError); @@ -484,7 +484,7 @@ describe('User', function () { fs.writeFileSync(constants.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8'); - user.verifyWithUsername(USERNAME, 'testpassword', function (error, result) { + users.verifyWithUsername(USERNAME, 'testpassword', function (error, result) { fs.unlinkSync(constants.GHOST_USER_FILE); expect(error).to.equal(null); @@ -503,7 +503,7 @@ describe('User', function () { after(cleanupUsers); it('fails due to non existing user', function (done) { - user.verifyWithEmail(EMAIL+EMAIL, PASSWORD, function (error, result) { + users.verifyWithEmail(EMAIL+EMAIL, PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.NOT_FOUND); @@ -513,7 +513,7 @@ describe('User', function () { }); it('fails due to empty password', function (done) { - user.verifyWithEmail(EMAIL, '', function (error, result) { + users.verifyWithEmail(EMAIL, '', function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.WRONG_PASSWORD); @@ -523,7 +523,7 @@ describe('User', function () { }); it('fails due to wrong password', function (done) { - user.verifyWithEmail(EMAIL, PASSWORD+PASSWORD, function (error, result) { + users.verifyWithEmail(EMAIL, PASSWORD+PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.WRONG_PASSWORD); @@ -533,7 +533,7 @@ describe('User', function () { }); it('succeeds', function (done) { - user.verifyWithEmail(EMAIL, PASSWORD, function (error, result) { + users.verifyWithEmail(EMAIL, PASSWORD, function (error, result) { expect(error).to.not.be.ok(); expect(result).to.be.ok(); @@ -542,7 +542,7 @@ describe('User', function () { }); it('succeeds for different email case', function (done) { - user.verifyWithEmail(EMAIL.toUpperCase(), PASSWORD, function (error, result) { + users.verifyWithEmail(EMAIL.toUpperCase(), PASSWORD, function (error, result) { expect(error).to.not.be.ok(); expect(result).to.be.ok(); @@ -556,7 +556,7 @@ describe('User', function () { fs.writeFileSync(constants.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8'); - user.verifyWithEmail(EMAIL, 'foobar', function (error) { + users.verifyWithEmail(EMAIL, 'foobar', function (error) { fs.unlinkSync(constants.GHOST_USER_FILE); expect(error).to.be.a(UserError); @@ -571,7 +571,7 @@ describe('User', function () { fs.writeFileSync(constants.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8'); - user.verifyWithEmail(EMAIL, 'testpassword', function (error, result) { + users.verifyWithEmail(EMAIL, 'testpassword', function (error, result) { fs.unlinkSync(constants.GHOST_USER_FILE); expect(error).to.equal(null); @@ -590,7 +590,7 @@ describe('User', function () { after(cleanupUsers); it('fails due to non existing user', function (done) { - user.get('some non existing username', function (error, result) { + users.get('some non existing username', function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); @@ -599,7 +599,7 @@ describe('User', function () { }); it('succeeds', function (done) { - user.get(userObject.id, function (error, result) { + users.get(userObject.id, function (error, result) { expect(error).to.not.be.ok(); expect(result).to.be.ok(); expect(result.id).to.equal(userObject.id); @@ -617,7 +617,7 @@ describe('User', function () { maildb.update(DOMAIN_0.domain, { enabled: true }, function (error) { expect(error).not.to.be.ok(); - user.get(userObject.id, function (error, result) { + users.get(userObject.id, function (error, result) { expect(error).to.not.be.ok(); expect(result).to.be.ok(); expect(result.id).to.equal(userObject.id); @@ -638,7 +638,7 @@ describe('User', function () { it('fails due to unknown userid', function (done) { var data = { username: USERNAME_NEW, email: EMAIL_NEW, displayName: DISPLAY_NAME_NEW }; - user.update(USERNAME, data, AUDIT_SOURCE, function (error) { + users.update(USERNAME, data, AUDIT_SOURCE, function (error) { expect(error).to.be.a(UserError); expect(error.reason).to.equal(UserError.NOT_FOUND); @@ -648,7 +648,7 @@ describe('User', function () { it('fails due to invalid email', function (done) { var data = { username: USERNAME_NEW, email: 'brokenemailaddress', displayName: DISPLAY_NAME_NEW }; - user.update(userObject.id, data, AUDIT_SOURCE, function (error) { + users.update(userObject.id, data, AUDIT_SOURCE, function (error) { expect(error).to.be.a(UserError); expect(error.reason).to.equal(UserError.BAD_FIELD); @@ -659,10 +659,10 @@ describe('User', function () { it('succeeds', function (done) { var data = { username: USERNAME_NEW, email: EMAIL_NEW, displayName: DISPLAY_NAME_NEW }; - user.update(userObject.id, data, AUDIT_SOURCE, function (error) { + users.update(userObject.id, data, AUDIT_SOURCE, function (error) { expect(error).to.not.be.ok(); - user.get(userObject.id, function (error, result) { + users.get(userObject.id, function (error, result) { expect(error).to.not.be.ok(); expect(result).to.be.ok(); expect(result.email).to.equal(EMAIL_NEW.toLowerCase()); @@ -677,10 +677,10 @@ describe('User', function () { it('succeeds with same data', function (done) { var data = { username: USERNAME_NEW, email: EMAIL_NEW, displayName: DISPLAY_NAME_NEW }; - user.update(userObject.id, data, AUDIT_SOURCE, function (error) { + users.update(userObject.id, data, AUDIT_SOURCE, function (error) { expect(error).to.not.be.ok(); - user.get(userObject.id, function (error, result) { + users.get(userObject.id, function (error, result) { expect(error).to.not.be.ok(); expect(result).to.be.ok(); expect(result.email).to.equal(EMAIL_NEW.toLowerCase()); @@ -720,13 +720,13 @@ describe('User', function () { it('make second user admin succeeds', function (done) { var invitor = { username: USERNAME, email: EMAIL }; - user.create(user1.username, user1.password, user1.email, DISPLAY_NAME, AUDIT_SOURCE, { invitor: invitor }, function (error, result) { + users.create(user1.username, user1.password, user1.email, DISPLAY_NAME, AUDIT_SOURCE, { invitor: invitor }, function (error, result) { expect(error).to.not.be.ok(); expect(result).to.be.ok(); user1.id = result.id; - user.setGroups(user1.id, [ constants.ADMIN_GROUP_ID ], function (error) { + users.setGroups(user1.id, [ constants.ADMIN_GROUP_ID ], function (error) { expect(error).to.not.be.ok(); // one mail for user creation, one mail for admin change @@ -736,7 +736,7 @@ describe('User', function () { }); it('add user to non admin group does not trigger admin mail', function (done) { - user.setGroups(user1.id, [ constants.ADMIN_GROUP_ID, groupObject.id ], function (error) { + users.setGroups(user1.id, [ constants.ADMIN_GROUP_ID, groupObject.id ], function (error) { expect(error).to.equal(null); checkMails(0, done); @@ -744,7 +744,7 @@ describe('User', function () { }); it('succeeds to remove admin flag', function (done) { - user.setGroups(user1.id, [ groupObject.id ], function (error) { + users.setGroups(user1.id, [ groupObject.id ], function (error) { expect(error).to.eql(null); checkMails(1, done); @@ -757,7 +757,7 @@ describe('User', function () { after(cleanupUsers); it('succeeds for one admins', function (done) { - user.getAllAdmins(function (error, admins) { + users.getAllAdmins(function (error, admins) { expect(error).to.eql(null); expect(admins.length).to.equal(1); expect(admins[0].username).to.equal(USERNAME.toLowerCase()); @@ -773,7 +773,7 @@ describe('User', function () { }; var invitor = { username: USERNAME, email: EMAIL }; - user.create(user1.username, user1.password, user1.email, DISPLAY_NAME, AUDIT_SOURCE, { invitor: invitor }, function (error, result) { + users.create(user1.username, user1.password, user1.email, DISPLAY_NAME, AUDIT_SOURCE, { invitor: invitor }, function (error, result) { expect(error).to.eql(null); expect(result).to.be.ok(); @@ -782,7 +782,7 @@ describe('User', function () { groups.setGroups(user1.id, [ constants.ADMIN_GROUP_ID ], function (error) { expect(error).to.eql(null); - user.getAllAdmins(function (error, admins) { + users.getAllAdmins(function (error, admins) { expect(error).to.eql(null); expect(admins.length).to.equal(2); expect(admins[0].username).to.equal(USERNAME.toLowerCase()); @@ -801,7 +801,7 @@ describe('User', function () { after(cleanupUsers); it('succeeds', function (done) { - user.count(function (error, count) { + users.count(function (error, count) { expect(error).to.not.be.ok(); expect(count).to.be(1); done(); @@ -814,35 +814,35 @@ describe('User', function () { after(cleanupUsers); it('fails due to unknown user', function (done) { - user.setPassword('doesnotexist', NEW_PASSWORD, function (error) { + users.setPassword('doesnotexist', NEW_PASSWORD, function (error) { expect(error).to.be.ok(); done(); }); }); it('fails due to empty password', function (done) { - user.setPassword(userObject.id, '', function (error) { + users.setPassword(userObject.id, '', function (error) { expect(error).to.be.ok(); done(); }); }); it('fails due to invalid password', function (done) { - user.setPassword(userObject.id, 'foobar', function (error) { + users.setPassword(userObject.id, 'foobar', function (error) { expect(error).to.be.ok(); done(); }); }); it('succeeds', function (done) { - user.setPassword(userObject.id, NEW_PASSWORD, function (error) { + users.setPassword(userObject.id, NEW_PASSWORD, function (error) { expect(error).to.not.be.ok(); done(); }); }); it('actually changed the password (unable to login with old pasword)', function (done) { - user.verify(userObject.id, PASSWORD, function (error, result) { + users.verify(userObject.id, PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); expect(error.reason).to.equal(UserError.WRONG_PASSWORD); @@ -851,7 +851,7 @@ describe('User', function () { }); it('actually changed the password (login with new password)', function (done) { - user.verify(userObject.id, NEW_PASSWORD, function (error, result) { + users.verify(userObject.id, NEW_PASSWORD, function (error, result) { expect(error).to.not.be.ok(); expect(result).to.be.ok(); done(); @@ -864,7 +864,7 @@ describe('User', function () { after(cleanupUsers); it('fails due to unkown email', function (done) { - user.resetPasswordByIdentifier('unknown@mail.com', function (error) { + users.resetPasswordByIdentifier('unknown@mail.com', function (error) { expect(error).to.be.an(UserError); expect(error.reason).to.eql(UserError.NOT_FOUND); done(); @@ -872,7 +872,7 @@ describe('User', function () { }); it('fails due to unkown username', function (done) { - user.resetPasswordByIdentifier('unknown', function (error) { + users.resetPasswordByIdentifier('unknown', function (error) { expect(error).to.be.an(UserError); expect(error.reason).to.eql(UserError.NOT_FOUND); done(); @@ -880,14 +880,14 @@ describe('User', function () { }); it('succeeds with email', function (done) { - user.resetPasswordByIdentifier(EMAIL, function (error) { + users.resetPasswordByIdentifier(EMAIL, function (error) { expect(error).to.not.be.ok(); checkMails(1, done); }); }); it('succeeds with username', function (done) { - user.resetPasswordByIdentifier(USERNAME, function (error) { + users.resetPasswordByIdentifier(USERNAME, function (error) { expect(error).to.not.be.ok(); checkMails(1, done); }); @@ -899,7 +899,7 @@ describe('User', function () { after(cleanupUsers); it('fails for unknown user', function (done) { - user.sendInvite('unknown user', { }, function (error) { + users.sendInvite('unknown user', { }, function (error) { expect(error).to.be.a(UserError); expect(error.reason).to.equal(UserError.NOT_FOUND); @@ -908,7 +908,7 @@ describe('User', function () { }); it('succeeds', function (done) { - user.sendInvite(userObject.id, { }, function (error) { + users.sendInvite(userObject.id, { }, function (error) { expect(error).to.eql(null); checkMails(1, done); }); @@ -920,14 +920,14 @@ describe('User', function () { after(cleanupUsers); it('fails for unknown user', function (done) { - user.remove('unknown', { }, function (error) { + users.remove('unknown', { }, function (error) { expect(error.reason).to.be(UserError.NOT_FOUND); done(); }); }); it('can remove valid user', function (done) { - user.remove(userObject.id, { }, function (error) { + users.remove(userObject.id, { }, function (error) { expect(!error).to.be.ok(); done(); }); diff --git a/src/user.js b/src/users.js similarity index 100% rename from src/user.js rename to src/users.js