jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

group: cannot set name of ldap group

Browse Source
This commit is contained in:
Girish Ramakrishnan
2024-01-19 22:28:48 +01:00
parent a8d37b917a
commit a1217e52c8
7 changed files with 80 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/routes/groups.js
View File

@@ -6,7 +6,7 @@ exports = module.exports = {
get,
list,
add,
update,
setName,
remove,
setMembers
};
@@ -47,15 +47,12 @@ async function get(req, res, next) {
next(new HttpSuccess(200, req.resource));
}
async function update(req, res, next) {
assert.strictEqual(typeof req.params.groupId, 'string');
async function setName(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.body, 'object');
if (req.resource.source === 'ldap') return next(new HttpError(409, 'external group cannot be updated'));
if ('name' in req.body && typeof req.body.name !== 'string') return next(new HttpError(400, 'name must be a string'));
const [error] = await safe(groups.update(req.params.groupId, req.body));
if (typeof req.body.name !== 'string') return next(new HttpError(400, 'name must be a string'));
const [error] = await safe(groups.setName(req.resource, req.body.name));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, { }));

26
src/routes/test/groups-test.js
View File

@@ -150,6 +150,32 @@ describe('Groups API', function () {
expect(response.body.groups[1].name).to.eql(group1Object.name);
});
it('cannot set missing group name', async function () {
const response = await superagent.put(`${serverUrl}/api/v1/groups/${group1Object.id}/name`)
.query({ access_token: owner.token })
.send({ })
.ok(() => true);
expect(response.statusCode).to.equal(400);
});
it('can set invalid group name', async function () {
const response = await superagent.put(`${serverUrl}/api/v1/groups/${group1Object.id}/name`)
.query({ access_token: owner.token })
.send({ name: '!group1-newname'})
.ok(() => true);
expect(response.statusCode).to.equal(400);
});
it('can set group name', async function () {
const response = await superagent.put(`${serverUrl}/api/v1/groups/${group1Object.id}/name`)
.query({ access_token: owner.token })
.send({ name: 'group1-newname'});
expect(response.statusCode).to.equal(200);
});
it('remove user from group', async function () {
const response = await superagent.put(`${serverUrl}/api/v1/users/${user.id}/groups`)
.query({ access_token: owner.token })