test: remove tokendb from users-test

src/routes/test/cloudron-test.js

@@ -39,6 +39,15 @@ describe('Cloudron API (pre-activation)', function () {
         });
     });
 
+    it('device is in first time mode', function (done) {
+        superagent.get(SERVER_URL + '/api/v1/cloudron/status')
+            .end(function (err, res) {
+                expect(res.statusCode).to.equal(200);
+                expect(res.body.activated).to.not.be.ok();
+                done(err);
+            });
+    });
+
     it('fails due to missing setupToken', function (done) {
         superagent.post(SERVER_URL + '/api/v1/cloudron/activate')
             .send({ username: '', password: 'somepassword', email: 'admin@foo.bar' })
@@ -117,6 +126,15 @@ describe('Cloudron API (pre-activation)', function () {
                 done();
             });
     });
+
+    it('device left first time mode', function (done) {
+        superagent.get(SERVER_URL + '/api/v1/cloudron/status')
+            .end(function (err, res) {
+                expect(res.statusCode).to.equal(200);
+                expect(res.body.activated).to.be.ok();
+                done();
+            });
+    });
 });
 
 describe('Cloudron API (post activation)', function () {

src/routes/test/common.js

@@ -3,7 +3,9 @@
 const async = require('async'),
     constants = require('../../constants.js'),
     database = require('../../database.js'),
+    delay = require('delay'),
     expect = require('expect.js'),
+    mailer = require('../../mailer.js'),
     server = require('../../server.js'),
     settings = require('../../settings.js'),
     superagent = require('superagent'),
@@ -12,6 +14,8 @@ const async = require('async'),
 exports = module.exports = {
     setup,
     cleanup,
+    clearMailQueue,
+    checkMails,
 
     owner: {
         id: null,
@@ -33,7 +37,7 @@ exports = module.exports = {
     DASHBOARD_DOMAIN: 'test.example.com',
     DASHBOARD_FQDN: 'my.test.example.com',
 
-    serverUrl: `http://localhost:${constants.PORT}`
+    serverUrl: `http://localhost:${constants.PORT}`,
 };
 
 function setup(done) {
@@ -71,7 +75,6 @@ function setup(done) {
                     expect(result.statusCode).to.equal(201);
 
                     user.id = result.body.id;
-                    user.token = 'usertoken';
 
                     // HACK to get a token for second user (passwords are generated and the user should have gotten a password setup link...)
                     const token = await tokens.add({ identifier: user.id, clientId: 'test-client-id', expires: Date.now() + 10000, name: 'fromtest' });
@@ -90,3 +93,13 @@ function cleanup(done) {
         server.stop(done);
     });
 }
+
+function clearMailQueue() {
+    mailer._mailQueue = [];
+}
+
+async function checkMails(number) {
+    await delay(1000);
+    expect(mailer._mailQueue.length).to.equal(number);
+    clearMailQueue();
+}

src/routes/test/profile-test.js

@@ -257,4 +257,66 @@ describe('Profile API', function () {
             expect(response.body.accessToken).to.be.a('string');
         });
     });
+
+    describe('app password', function () {
+        it('cannot add app password with invalid token', async function () {
+            const response = await superagent.post(`${serverUrl}/api/v1/app_passwords`)
+                .query({ access_token: user.token + 'xx' })
+                .send({ name: 'my-device', identifier: 'someapp' })
+                .ok(() => true);
+
+            expect(response.statusCode).to.equal(401);
+        });
+
+        it('cannot add app password without name', async function () {
+            const response = await superagent.post(`${serverUrl}/api/v1/app_passwords`)
+                .query({ access_token: user.token })
+                .send({ identifier: 'someapp' })
+                .ok(() => true);
+
+            expect(response.statusCode).to.equal(400);
+        });
+
+        let pwd;
+        it('can add app password', async function () {
+            const response = await superagent.post(`${serverUrl}/api/v1/app_passwords`)
+                .query({ access_token: user.token })
+                .send({ name: 'my-device', identifier: 'someapp' });
+
+            expect(response.statusCode).to.equal(201);
+            expect(response.body.password).to.be.a('string');
+            pwd = response.body;
+        });
+
+        it('can get app passwords', async function () {
+            const response = await superagent.get(`${serverUrl}/api/v1/app_passwords`)
+                .query({ access_token: user.token });
+
+            expect(response.statusCode).to.equal(200);
+            expect(response.body.appPasswords).to.be.an(Array);
+            expect(response.body.appPasswords.length).to.be(1);
+            expect(response.body.appPasswords[0].name).to.be('my-device');
+            expect(response.body.appPasswords[0].identifier).to.be('someapp');
+            expect(response.body.appPasswords[0].hashedPassword).to.be(undefined);
+            expect(response.body.appPasswords[0].password).to.be(undefined);
+        });
+
+        it('can get app password', async function () {
+            const response = await superagent.get(`${serverUrl}/api/v1/app_passwords/${pwd.id}`)
+                .query({ access_token: user.token });
+
+            expect(response.statusCode).to.equal(200);
+            expect(response.body.name).to.be('my-device');
+            expect(response.body.identifier).to.be('someapp');
+            expect(response.body.hashedPassword).to.be(undefined);
+            expect(response.body.password).to.be(undefined);
+        });
+
+        it('can del app password', async function () {
+            const response = await superagent.del(`${serverUrl}/api/v1/app_passwords/${pwd.id}`)
+                .query({ access_token: user.token });
+
+            expect(response.statusCode).to.equal(204);
+        });
+    });
 });