jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

users: add unset route for avatar

Browse Source 
also add missing tests for avatar and profile locking
This commit is contained in:
Girish Ramakrishnan
2025-07-15 10:06:26 +02:00
parent be9adb64bb
commit 622aecfd6d
9 changed files with 122 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/routes/profile.js
+10
View File
@@ -8,6 +8,7 @@ exports = module.exports = {
setFallbackEmail,
getAvatarById,
setAvatar,
unsetAvatar,
setLanguage,
getBackgroundImage,
setBackgroundImage,
@@ -126,6 +127,15 @@ async function setAvatar(req, res, next) {
next(new HttpSuccess(204, {}));
}
async function unsetAvatar(req, res, next) {
assert.strictEqual(typeof req.user, 'object');
const [error] = await safe(users.setAvatar(req.user, null));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(204, {}));
}
async function getAvatarById(req, res, next) {
assert.strictEqual(typeof req.params, 'object');
src/routes/test/profile-test.js
+12
View File
@@ -328,6 +328,18 @@ describe('Profile API', function () {
expect(parseInt(response.headers['content-length'])).to.equal(customAvatarSize);
expect(response.status).to.equal(200);
});
it('can unset custom avatar', async function () {
const response = await superagent.del(`${serverUrl}/api/v1/profile/avatar`)
.query({ access_token: user.token });
expect(response.status).to.be(204);
});
it('did unset custom avatar', async function () {
const response = await superagent.get(`${serverUrl}/api/v1/profile/avatar/${user.id}`).ok(() => true);
expect(response.status).to.be(404);
});
});
describe('background', function () {
src/routes/test/user-directory-test.js
+21
View File
@@ -59,6 +59,27 @@ describe('User Directory API', function () {
.ok(() => true);
expect(response2.status).to.equal(403); // profile is locked
const response3 = await superagent.post(`${serverUrl}/api/v1/profile/avatar`)
.query({ access_token: owner.token })
.attach('avatar', './logo.png')
.ok(() => true);
expect(response3.status).to.equal(403); // profile is locked
const response4 = await superagent.post(`${serverUrl}/api/v1/profile/fallback_email`)
.query({ access_token: owner.token })
.send({ email: 'newemail@example.Com', password: owner.password })
.ok(() => true);
expect(response4.status).to.equal(403); // profile is locked
const response5 = await superagent.post(`${serverUrl}/api/v1/profile/display_name`)
.query({ access_token: owner.token })
.send({ displayName: 'some new name' })
.ok(() => true);
expect(response5.status).to.equal(403); // profile is locked
});
it('can set mandatory 2fa', async function() {
src/routes/test/users-test.js
+32
View File
@@ -381,6 +381,38 @@ describe('Users API', function () {
expect(response2.status).to.equal(200);
expect(response2.body.displayName).to.equal(displayName);
});
it('can change avatar', async function () {
let customAvatarSize = 0;
const response = await superagent.post(`${serverUrl}/api/v1/users/${user2.id}/avatar`)
.query({ access_token: owner.token })
.attach('avatar', './logo.png');
customAvatarSize = require('fs').readFileSync('./logo.png').length;
expect(response.status).to.equal(204);
const response2 = await superagent.get(`${serverUrl}/api/v1/users/${user2.id}/avatar`)
.query({ access_token: owner.token });
expect(parseInt(response2.headers['content-length'])).to.equal(customAvatarSize);
expect(response2.status).to.equal(200);
});
it('can unset avatar', async function () {
const response = await superagent.del(`${serverUrl}/api/v1/users/${user2.id}/avatar`)
.query({ access_token: owner.token });
expect(response.status).to.equal(204);
const response2 = await superagent.get(`${serverUrl}/api/v1/users/${user2.id}/avatar`)
.query({ access_token: owner.token })
.ok(() => true);
expect(response2.status).to.equal(404);
});
});
describe('password', function () {
src/routes/users.js
+16
View File
@@ -10,6 +10,7 @@ exports = module.exports = {
setActive,
getAvatar,
setAvatar,
unsetAvatar,
updateProfile,
setPassword,
@@ -112,10 +113,13 @@ async function getAvatar(req, res, next) {
assert.strictEqual(typeof req.resources.user, 'object');
assert.strictEqual(typeof req.user, 'object');
console.log('HERE');
const [avatarError, avatar] = await safe(users.getAvatar(req.resources.user));
if (avatarError) return next(BoxError.toHttpError(avatarError));
if (!avatar) return next(new HttpError(404, 'no avatar'));
console.log('GETT AVATAR TO', avatar.length, req.resources.user.id);
res.set('Content-Type', 'image/png');
res.status(200).send(avatar);
}
@@ -129,12 +133,24 @@ async function setAvatar(req, res, next) {
safe.fs.unlinkSync(req.files.avatar.path);
if (!avatar) return next(BoxError.toHttpError(new BoxError(BoxError.FS_ERROR, safe.error.message)));
console.log('SETTING AVATAR TO', avatar.length, req.resources.user.id);
const [error] = await safe(users.setAvatar(req.resources.user, avatar));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(204, {}));
}
async function unsetAvatar(req, res, next) {
assert.strictEqual(typeof req.resources.user, 'object');
assert.strictEqual(typeof req.user, 'object');
const [error] = await safe(users.setAvatar(req.resources.user, null));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(204, {}));
}
async function updateProfile(req, res, next) {
assert.strictEqual(typeof req.resources.user, 'object');
assert.strictEqual(typeof req.user, 'object');