Update tests to update users

2019-11-16 20:27:50 +10:30 · 2019-11-16 20:27:50 +10:30 · a85293dbc4
parent f45698088a
commit a85293dbc4
4 changed files with 42 additions and 13 deletions
--- a/bin/testdata.json
+++ b/bin/testdata.json
@ -98,11 +98,18 @@
    ],
    "users": [
        {
-            "usersName" : "test",
-            "userEmail" : "test@test.com",
+            "usersName" : "Owner user",
+            "userEmail" : "owner@test.com",
            "userPassword" : "$2a$10$7jQx/hQOWrRni531b/dHRuH8o1ZP8Yo8g..GpTOF4M7RrEH/pzTMy",
            "isAdmin" : true,
            "isOwner": true
+        },
+        {
+            "usersName" : "Non Owner",
+            "userEmail" : "nonowner@test.com",
+            "userPassword" : "$2a$10$7jQx/hQOWrRni531b/dHRuH8o1ZP8Yo8g..GpTOF4M7RrEH/pzTMy",
+            "isAdmin" : false,
+            "isOwner": false
        }
    ],
    "orders": [
--- a/lib/schemas/editUser.json
+++ b/lib/schemas/editUser.json
@ -15,10 +15,5 @@
        "isAdmin": {
            "type": "boolean"
        }
-    },
-    "required": [
-        "usersName",
-        "userEmail",
-        "isAdmin"
-    ]
+    }
 }
--- a/routes/user.js
+++ b/routes/user.js
@ -208,7 +208,12 @@ router.post('/admin/user/update', restrict, async (req, res) => {
    // create the update doc
    const updateDoc = {};
    updateDoc.isAdmin = isAdmin;
-    updateDoc.usersName = req.body.usersName;
+    if(req.body.usersName){
+        updateDoc.usersName = req.body.usersName;
+    }
+    if(req.body.userEmail){
+        updateDoc.userEmail = req.body.userEmail;
+    }
    if(req.body.userPassword){
        updateDoc.userPassword = bcrypt.hashSync(req.body.userPassword);
    }
@ -227,14 +232,17 @@ router.post('/admin/user/update', restrict, async (req, res) => {
    }

    try{
-        await db.users.updateOne(
+        const updatedUser = await db.users.findOneAndUpdate(
            { _id: common.getId(req.body.userId) },
            {
                $set: updateDoc
-            }, { multi: false }
+            }, { multi: false, returnOriginal: false }
        );
        if(req.apiAuthenticated){
-            res.status(200).json({ message: 'User account updated' });
+            const returnUser = updatedUser.value;
+            delete returnUser.userPassword;
+            delete returnUser.apiKey;
+            res.status(200).json({ message: 'User account updated', user: updatedUser.value });
            return;
        }
        // show the view
@ -242,11 +250,11 @@ router.post('/admin/user/update', restrict, async (req, res) => {
        req.session.messageType = 'success';
        res.redirect('/admin/user/edit/' + req.body.userId);
    }catch(ex){
+        console.error(colors.red('Failed updating user: ' + ex));
        if(req.apiAuthenticated){
            res.status(400).json({ message: 'Failed to update user' });
            return;
        }
-        console.error(colors.red('Failed updating user: ' + ex));
        req.session.message = 'Failed to update user';
        req.session.messageType = 'danger';
        res.redirect('/admin/user/edit/' + req.body.userId);
--- a/test/specs/users.js
+++ b/test/specs/users.js
@ -90,3 +90,22 @@ test('[Fail] Create new user with invalid email', async t => {
        .expect(400);
    t.deepEqual(res.body[0].message, 'should match format "emailAddress"');
 });
+
+test('[Success] Update user', async t => {
+    const user = {
+        userId: g.users[1]._id,
+        usersName: 'Jim Smith',
+        userEmail: 'jim.smith@gmail.com',
+        userPassword: 'test',
+        isAdmin: false
+    };
+    const res = await g.request
+        .post('/admin/user/update')
+        .send(user)
+        .set('apiKey', g.users[0].apiKey)
+        .expect(200);
+    t.deepEqual(res.body.user._id, g.users[1]._id.toString());
+    t.deepEqual(res.body.user.usersName, 'Jim Smith');
+    t.deepEqual(res.body.user.userEmail, 'jim.smith@gmail.com');
+    t.deepEqual(res.body.message, 'User account updated');
+});