diff --git a/src/routes/test/user-test.js b/src/routes/test/user-test.js index 5e08b201e..a2612370f 100644 --- a/src/routes/test/user-test.js +++ b/src/routes/test/user-test.js @@ -10,6 +10,7 @@ var config = require('../../config.js'), database = require('../../database.js'), tokendb = require('../../tokendb.js'), expect = require('expect.js'), + mailer = require('../../mailer.js'), superagent = require('superagent'), nock = require('nock'), server = require('../../server.js'), @@ -26,6 +27,9 @@ var server; function setup(done) { server.start(function (error) { expect(!error).to.be.ok(); + + mailer._clearMailQueue(); + userdb._clear(done); }); } @@ -34,10 +38,21 @@ function cleanup(done) { database._clear(function (error) { expect(!error).to.be.ok(); + mailer._clearMailQueue(); + server.stop(done); }); } +function checkMails(number, done) { + // mails are enqueued async + setTimeout(function () { + expect(mailer._getMailQueue().length).to.equal(number); + mailer._clearMailQueue(); + done(); + }, 500); +} + describe('User API', function () { this.timeout(5000); @@ -213,6 +228,8 @@ describe('User API', function () { }); it('create second user succeeds', function (done) { + mailer._clearMailQueue(); + superagent.post(SERVER_URL + '/api/v1/users') .query({ access_token: token }) .send({ username: USERNAME_1, email: EMAIL_1 }) @@ -220,8 +237,36 @@ describe('User API', function () { expect(err).to.not.be.ok(); expect(res.statusCode).to.equal(201); - // HACK to get a token for second user (passwords are generated and the user should have gotten a password setup link...) - tokendb.add(token_1, tokendb.PREFIX_USER + USERNAME_1, 'test-client-id', Date.now() + 10000, '*', done); + checkMails(2, function () { + // HACK to get a token for second user (passwords are generated and the user should have gotten a password setup link...) + tokendb.add(token_1, tokendb.PREFIX_USER + USERNAME_1, 'test-client-id', Date.now() + 10000, '*', done); + }); + }); + }); + + it('reinvite unknown user fails', function (done) { + mailer._clearMailQueue(); + + superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_1+USERNAME_1 + '/invite') + .query({ access_token: token }) + .send({}) + .end(function (err, res) { + expect(err).to.be.an(Error); + expect(res.statusCode).to.equal(404); + checkMails(0, done); + }); + }); + + it('reinvite second user succeeds', function (done) { + mailer._clearMailQueue(); + + superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_1 + '/invite') + .query({ access_token: token }) + .send({}) + .end(function (err, res) { + expect(err).to.not.be.ok(); + expect(res.statusCode).to.equal(200); + checkMails(2, done); }); }); diff --git a/src/routes/user.js b/src/routes/user.js index ef8cb45d3..1ebe7da21 100644 --- a/src/routes/user.js +++ b/src/routes/user.js @@ -12,7 +12,8 @@ exports = module.exports = { changeAdmin: changeAdmin, remove: removeUser, verifyPassword: verifyPassword, - requireAdmin: requireAdmin + requireAdmin: requireAdmin, + sendInvite: sendInvite }; var assert = require('assert'), @@ -188,3 +189,13 @@ function requireAdmin(req, res, next) { next(); } +function sendInvite(req, res, next) { + assert.strictEqual(typeof req.params.userId, 'string'); + + user.sendInvite(req.params.userId, function (error) { + if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(404, 'User not found')); + if (error) return next(new HttpError(500, error)); + + next(new HttpSuccess(200, {})); + }); +} diff --git a/src/server.js b/src/server.js index 32930fdac..9985fbe57 100644 --- a/src/server.js +++ b/src/server.js @@ -108,6 +108,7 @@ function initializeExpressSync() { router.del ('/api/v1/users/:userId', usersScope, routes.user.requireAdmin, routes.user.verifyPassword, routes.user.remove); router.post('/api/v1/users/:userId/password', usersScope, routes.user.changePassword); // changePassword verifies password router.post('/api/v1/users/:userId/admin', usersScope, routes.user.requireAdmin, routes.user.changeAdmin); + router.post('/api/v1/users/:userId/invite', usersScope, routes.user.requireAdmin, routes.user.sendInvite); // form based login routes used by oauth2 frame router.get ('/api/v1/session/login', csrf, routes.oauth2.loginForm);