Update tests to update users

bin/testdata.json

@@ -98,11 +98,18 @@
     ],
     "users": [
         {
-            "usersName" : "test",
+            "usersName" : "Owner user",
-            "userEmail" : "test@test.com",
+            "userEmail" : "owner@test.com",
             "userPassword" : "$2a$10$7jQx/hQOWrRni531b/dHRuH8o1ZP8Yo8g..GpTOF4M7RrEH/pzTMy",
             "isAdmin" : true,
             "isOwner": true
+        },
+        {
+            "usersName" : "Non Owner",
+            "userEmail" : "nonowner@test.com",
+            "userPassword" : "$2a$10$7jQx/hQOWrRni531b/dHRuH8o1ZP8Yo8g..GpTOF4M7RrEH/pzTMy",
+            "isAdmin" : false,
+            "isOwner": false
         }
     ],
     "orders": [

lib/schemas/editUser.json

@@ -15,10 +15,5 @@
         "isAdmin": {
             "type": "boolean"
         }
-    },
+    }
-    "required": [
-        "usersName",
-        "userEmail",
-        "isAdmin"
-    ]
 }

routes/user.js

@@ -208,7 +208,12 @@ router.post('/admin/user/update', restrict, async (req, res) => {
     // create the update doc
     const updateDoc = {};
     updateDoc.isAdmin = isAdmin;
-    updateDoc.usersName = req.body.usersName;
+    if(req.body.usersName){
+        updateDoc.usersName = req.body.usersName;
+    }
+    if(req.body.userEmail){
+        updateDoc.userEmail = req.body.userEmail;
+    }
     if(req.body.userPassword){
         updateDoc.userPassword = bcrypt.hashSync(req.body.userPassword);
     }
@@ -227,14 +232,17 @@ router.post('/admin/user/update', restrict, async (req, res) => {
     }
 
     try{
-        await db.users.updateOne(
+        const updatedUser = await db.users.findOneAndUpdate(
             { _id: common.getId(req.body.userId) },
             {
                 $set: updateDoc
-            }, { multi: false }
+            }, { multi: false, returnOriginal: false }
         );
         if(req.apiAuthenticated){
-            res.status(200).json({ message: 'User account updated' });
+            const returnUser = updatedUser.value;
+            delete returnUser.userPassword;
+            delete returnUser.apiKey;
+            res.status(200).json({ message: 'User account updated', user: updatedUser.value });
             return;
         }
         // show the view
@@ -242,11 +250,11 @@ router.post('/admin/user/update', restrict, async (req, res) => {
         req.session.messageType = 'success';
         res.redirect('/admin/user/edit/' + req.body.userId);
     }catch(ex){
+        console.error(colors.red('Failed updating user: ' + ex));
         if(req.apiAuthenticated){
             res.status(400).json({ message: 'Failed to update user' });
             return;
         }
-        console.error(colors.red('Failed updating user: ' + ex));
         req.session.message = 'Failed to update user';
         req.session.messageType = 'danger';
         res.redirect('/admin/user/edit/' + req.body.userId);

test/specs/users.js

@@ -90,3 +90,22 @@ test('[Fail] Create new user with invalid email', async t => {
         .expect(400);
     t.deepEqual(res.body[0].message, 'should match format "emailAddress"');
 });
+
+test('[Success] Update user', async t => {
+    const user = {
+        userId: g.users[1]._id,
+        usersName: 'Jim Smith',
+        userEmail: 'jim.smith@gmail.com',
+        userPassword: 'test',
+        isAdmin: false
+    };
+    const res = await g.request
+        .post('/admin/user/update')
+        .send(user)
+        .set('apiKey', g.users[0].apiKey)
+        .expect(200);
+    t.deepEqual(res.body.user._id, g.users[1]._id.toString());
+    t.deepEqual(res.body.user.usersName, 'Jim Smith');
+    t.deepEqual(res.body.user.userEmail, 'jim.smith@gmail.com');
+    t.deepEqual(res.body.message, 'User account updated');
+});