jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Require password for fallback email change

Browse Source
This commit is contained in:
Johannes Zellner
2021-09-09 23:01:28 +02:00
parent d3d22f0878
commit 59cbac0171
2 changed files with 43 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
src/routes/test/profile-test.js
View File

@@ -115,7 +115,7 @@ describe('Profile API', function () {
it('change email succeeds', async function () {
const response = await superagent.post(`${serverUrl}/api/v1/profile`)
.query({ access_token: owner.token })
.send({ email: 'newemail@example.Com', fallbackEmail: 'NewFallbackemail@example.com' });
.send({ email: 'newemail@example.Com' });
expect(response.statusCode).to.equal(204);
@@ -125,10 +125,42 @@ describe('Profile API', function () {
expect(response2.statusCode).to.equal(200);
expect(response2.body.username).to.equal(owner.username);
expect(response2.body.email).to.equal('newemail@example.com'); // lower cased
expect(response2.body.fallbackEmail).to.equal('newfallbackemail@example.com');
expect(response2.body.displayName).to.equal('');
});
it('change fallback email fails due to missing password', async function () {
const response = await superagent.post(`${serverUrl}/api/v1/profile`)
.query({ access_token: owner.token })
.send({ fallbackEmail: 'newemail@example.com' })
.ok(() => true);
expect(response.statusCode).to.equal(400);
});
it('change fallback email fails due to invalid password', async function () {
const response = await superagent.post(`${serverUrl}/api/v1/profile`)
.query({ access_token: owner.token })
.send({ fallbackEmail: 'foo@bar.com', password: 'this is wrong' })
.ok(() => true);
expect(response.statusCode).to.equal(412);
});
it('change fallback email succeeds', async function () {
const response = await superagent.post(`${serverUrl}/api/v1/profile`)
.query({ access_token: owner.token })
.send({ fallbackEmail: 'NewFallbackemail@example.com', password: owner.password });
expect(response.statusCode).to.equal(204);
const response2 = await superagent.get(`${serverUrl}/api/v1/profile`)
.query({ access_token: owner.token });
expect(response2.statusCode).to.equal(200);
expect(response2.body.username).to.equal(owner.username);
expect(response2.body.fallbackEmail).to.equal('newfallbackemail@example.com'); // lowercase
});
it('change displayName succeeds', async function () {
const response = await superagent.post(`${serverUrl}/api/v1/profile`)
.query({ access_token: owner.token })
@@ -158,7 +190,7 @@ describe('Profile API', function () {
it('fails due to missing new password', async function () {
const response = await superagent.post(`${serverUrl}/api/v1/profile/password`)
.query({ access_token: owner.token })
.send({ password: owner.password.password })
.send({ password: owner.password })
.ok(() => true);
expect(response.statusCode).to.equal(400);