users: asyncify and merge userdb.del

src/test/apppasswords-test.js

@@ -10,7 +10,8 @@ const appPasswords = require('../apppasswords.js'),
     BoxError = require('../boxerror.js'),
     common = require('./common.js'),
     expect = require('expect.js'),
-    safe = require('safetydance');
+    safe = require('safetydance'),
+    users = require('../users.js');
 
 describe('App passwords', function () {
     const { setup, cleanup, ADMIN } = common;
@@ -18,7 +19,7 @@ describe('App passwords', function () {
     before(setup);
     after(cleanup);
 
-    let id;
+    let id, password;
     it('cannot add bad app password', async function () {
         const [error] = await safe(appPasswords.add(ADMIN.id, 'appid', 'x'.repeat(201)));
         expect(error.reason).to.be(BoxError.BAD_FIELD);
@@ -29,6 +30,7 @@ describe('App passwords', function () {
         expect(result.id).to.be.a('string');
         expect(result.password).to.be.a('string');
         id = result.id;
+        password = result.password;
     });
 
     it('can get app password', async function () {
@@ -51,10 +53,58 @@ describe('App passwords', function () {
         expect(results[0].identifier).to.be('appid');
     });
 
+    it('can verify app password', function (done) {
+        users.verify(ADMIN.id, password, 'appid', function (error, result) {
+            expect(error).to.not.be.ok();
+            expect(result).to.be.ok();
+            expect(result.appPassword).to.be(true);
+
+            done();
+        });
+    });
+
+    it('can verify non-app password', function (done) {
+        users.verify(ADMIN.id, ADMIN.password, 'appid', function (error, result) {
+            expect(error).to.not.be.ok();
+            expect(result).to.be.ok();
+            expect(result.appPassword).to.be(undefined);
+
+            done();
+        });
+    });
+
+    it('cannot verify bad password', function (done) {
+        users.verify(ADMIN.id, 'bad', 'appid', function (error, result) {
+            expect(error).to.be.ok();
+            expect(result).to.not.be.ok();
+            expect(error.reason).to.be(BoxError.INVALID_CREDENTIALS);
+
+            done();
+        });
+    });
+
+    it('cannot verify password for another app', function (done) {
+        users.verify(ADMIN.id, password, 'appid2', function (error, result) {
+            expect(error).to.be.ok();
+            expect(result).to.not.be.ok();
+            expect(error.reason).to.be(BoxError.INVALID_CREDENTIALS);
+
+            done();
+        });
+    });
+
     it('can del app password', async function () {
         await appPasswords.del(id);
     });
 
+    it('cannot verify deleted app password', function (done) {
+        users.verify(ADMIN.id, password, 'appid', function (error) {
+            expect(error).to.be.ok();
+
+            done();
+        });
+    });
+
     it('cannot del random app password', async function () {
         const [error] = await safe(appPasswords.del('random'));
         expect(error.reason).to.be(BoxError.NOT_FOUND);