Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- diff --git a/server/onboardingAPI.js b/server/onboardingAPI.js
- index 7bcdc95..11988c8 100644
- --- a/server/onboardingAPI.js
- +++ b/server/onboardingAPI.js
- @@ -352,12 +352,6 @@ function OnboardingAPI(aLogLevel, aModules) {
- function postAddUsers(aReq, aRes) {
- var authToken = aReq.params.authToken;
- getAuthenticatedUser(aReq.path, authToken, aReq.tbConfig.sessionTimeout).then(userInfo => {
- - if (!userInfo || userInfo.role !== 'full') {
- - logger.log(aReq.path, ': Unauthorized');
- - aRes.status(401).send(new ErrorInfo(401, 'Unauthorized'));
- - return null;
- - }
- -
- var id = aReq.params.idOrg;
- var listOfUsers = aReq.body;
- if (!Utils.isA(PARAMS_TEMPLATE.listOfUsers, listOfUsers)) {
- @@ -378,6 +372,10 @@ function OnboardingAPI(aLogLevel, aModules) {
- return anvilAPI.getAccount(idOrgs[0]).
- then(orgAnvil => {
- + if (!orgAnvil) {
- + aRes.status(400).send(new ErrorInfo(400, 'Account not found'));
- + return null;
- + }
- var owner = {
- email: orgAnvil.email,
- firstName: '',
- @@ -394,8 +392,8 @@ function OnboardingAPI(aLogLevel, aModules) {
- });
- });
- }).catch(e => {
- - logger.log('Returning error:', e);
- - aRes.status(500).send(e);
- + logger.log(aReq.path, ': Unauthorized', e);
- + aRes.status(401).send(new ErrorInfo(401, 'Unauthorized'));
- });
- }
- diff --git a/test/api/server_spec.js b/test/api/server_spec.js
- index b8551a0..93185c8 100644
- --- a/test/api/server_spec.js
- +++ b/test/api/server_spec.js
- @@ -104,6 +104,7 @@ describe('Onboarding Support server', function() {
- account: {
- id: 0,
- name: '',
- + email: '',
- role: '',
- scopes: ['']
- },
- @@ -202,6 +203,7 @@ describe('Onboarding Support server', function() {
- };
- var accountReply = {
- id: 2525,
- + email: testOwner.email,
- name: testInput.accountName,
- role: "administrator", scopes: ['somescope']
- };
- @@ -282,4 +284,106 @@ describe('Onboarding Support server', function() {
- });
- });
- + it('POST /onboard/{authToken}/account/{idOrg}', function(done) {
- + validToken.then(aToken => {
- + var id = 25;
- + var testUsers = [
- + {
- + email: 'auser@users.com',
- + firstName: 'User1 name',
- + lastName: 'User 1 surname',
- + role: 1
- + },
- + {
- + email: 'auser2@users.com',
- + firstName: 'User2 name',
- + lastName: 'User 2 surname',
- + role: 0
- + }
- + ];
- + var createdUsers = testUsers.map(aUser => extendCopy(aUser, { id: id++ }));
- + var testInput = testUsers;
- + var accountReply = {
- + id: 2525,
- + email: 'somemail@someserver.com',
- + name: 'Existing account name',
- + role: "administrator", scopes: ['somescope']
- + };
- + var resultInfo = Utils.extendCopy(OperationResultInfo, {});
- + delete resultInfo.owner.ctPassword;
- + resultInfo.anvilUsers[0] = {
- + email: '',
- + firstName: '',
- + lastName: '',
- + role: 0,
- + id: 0,
- + ctPassword: ''
- + };
- +
- + function checkValidAnswer(aRes) {
- + if (!Utils.isA(resultInfo, aRes.body)) {
- + throw new Error('Got incorrect data:' + JSON.stringify(aRes.body));
- + };
- + return undefined;
- + }
- +
- + // Setup the expected anvil answers...
- + anvilAPIInterceptor.getAccount(123, 200, accountReply);
- + createdUsers.forEach(aUser => {
- + anvilAPIInterceptor.createUser(200, aUser);
- + anvilAPIInterceptor.setUserRole(accountReply.id, aUser.email, 200,
- + extendCopy(aUser, {role: 'role'}));
- + });
- +
- + request(app).
- + post('/onboard/' + aToken + '/account/123_123').
- + send(testInput).
- + expect(checkValidAnswer).
- + expect(200, done);
- + });
- + });
- +
- + it('POST /onboard/{authToken}/account/{idOrg} incorrect id', function(done) {
- + validToken.then(aToken => {
- + var id = 25;
- + var testUsers = [
- + {
- + email: 'auser@users.com',
- + firstName: 'User1 name',
- + lastName: 'User 1 surname',
- + role: 1
- + },
- + {
- + email: 'auser2@users.com',
- + firstName: 'User2 name',
- + lastName: 'User 2 surname',
- + role: 0
- + }
- + ];
- +
- + request(app).
- + post('/onboard/' + aToken + '/account/125_125').
- + send(testUsers).
- + expect(400, done);
- + });
- + });
- +
- + it('POST /onboard/{authToken}/account/{idOrg} incorrect input', function(done) {
- + validToken.then(aToken => {
- + var id = 25;
- + var testUsers = [
- + {
- + email: 'auser@users.com',
- + firstName: 'User1 name',
- + lastName: 'User 1 surname'
- + }
- + ];
- +
- + request(app).
- + post('/onboard/' + aToken + '/account/125_125').
- + send(testUsers).
- + expect(400, done);
- + });
- + });
- +
- });
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement