overleaf/services/web/test/acceptance/coffee/helpers/User.coffee

request = require("./request")
_ = require("underscore")
settings = require("settings-sharelatex")
{db, ObjectId} = require("../../../../app/js/infrastructure/mongojs")
UserModel = require("../../../../app/js/models/User").User
AuthenticationManager = require("../../../../app/js/Features/Authentication/AuthenticationManager")

count = 0

class User
	constructor: (options = {}) ->
		@email = "acceptance-test-#{count}@example.com"
		@password = "acceptance-test-#{count}-password"
		count++
		@jar = request.jar()
		@request = request.defaults({
			jar: @jar
		})

	login: (callback = (error) ->) ->
		@getCsrfToken (error) =>
			return callback(error) if error?
			filter = {@email}
			options = {upsert: true, new: true, setDefaultsOnInsert: true}
			UserModel.findOneAndUpdate filter, {}, options, (error, user) =>
				return callback(error) if error?
				AuthenticationManager.setUserPassword user._id, @password, (error) =>
					return callback(error) if error?
					@id = user?._id?.toString()
					@_id = user?._id?.toString()
					@first_name = user?.first_name
					@referal_id = user?.referal_id
					@request.post {
						url: "/login"
						json: { @email, @password }
					}, callback

	logout: (callback = (error) ->) ->
		@getCsrfToken (error) =>
			return callback(error) if error?
			@request.get {
				url: "/logout"
				json:
					email: @email
					password: @password
			}, (error, response, body) =>
				return callback(error) if error?
				db.users.findOne {email: @email}, (error, user) =>
					return callback(error) if error?
					@id = user?._id?.toString()
					@_id = user?._id?.toString()
					callback()

	ensure_admin: (callback = (error) ->) ->
		db.users.update {_id: ObjectId(@id)}, { $set: { isAdmin: true }}, callback

	upgradeFeatures: (callback = (error) -> ) ->
		features = {
			collaborators: -1 # Infinite
			versioning: true
			dropbox:true
			compileTimeout: 60
			compileGroup:"priority"
			templates: true
			references: true
			trackChanges: true
			trackChangesVisible: true
		}
		db.users.update {_id: ObjectId(@id)}, { $set: { features: features }}, callback

	downgradeFeatures: (callback = (error) -> ) ->
		features = {
			collaborators: 1
			versioning: false
			dropbox:false
			compileTimeout: 60
			compileGroup:"standard"
			templates: false
			references: false
			trackChanges: false
			trackChangesVisible: false
		}
		db.users.update {_id: ObjectId(@id)}, { $set: { features: features }}, callback

	defaultFeatures: (callback = (error) -> ) ->
		features = settings.defaultFeatures
		db.users.update {_id: ObjectId(@id)}, { $set: { features: features }}, callback

	full_delete_user: (email, callback = (error) ->) ->
		db.users.findOne {email: email}, (error, user) =>
			if !user?
				return callback()
			user_id = user._id
			db.projects.remove owner_ref:ObjectId(user_id), {multi:true}, (err)->
				if err? 
					callback(err)
				db.users.remove {_id: ObjectId(user_id)}, callback

	getProject: (project_id, callback = (error, project)->) ->
		db.projects.findOne {_id: ObjectId(project_id.toString())}, callback

	createProject: (name, options, callback = (error, oroject_id) ->) ->
		if typeof options == "function"
			callback = options
			options = {}

		@request.post {
			url: "/project/new",
			json: Object.assign({projectName: name}, options)
		}, (error, response, body) ->
			return callback(error) if error?
			if !body?.project_id?
				error = new Error("SOMETHING WENT WRONG CREATING PROJECT", response.statusCode, response.headers["location"], body)
				callback error
			else
				callback(null, body.project_id)

	deleteProject: (project_id, callback=(error)) ->
		@request.delete {
			url: "/project/#{project_id}"
		}, (error, response, body) ->
			return callback(error) if error?
			callback(null)

	openProject: (project_id, callback=(error)) ->
		@request.get {
			url: "/project/#{project_id}"
		}, (error, response, body) ->
			return callback(error) if error?
			if response.statusCode != 200
				err = new Error("Non-success response when opening project: #{response.statusCode}")
				return callback(err)
			callback(null)

	addUserToProject: (project_id, user, privileges, callback = (error, user) ->) ->
		if privileges == 'readAndWrite'
			updateOp = {$addToSet: {collaberator_refs: user._id.toString()}}
		else if privileges == 'readOnly'
			updateOp = {$addToSet: {readOnly_refs: user._id.toString()}}
		db.projects.update {_id: db.ObjectId(project_id)}, updateOp, (err) ->
			callback(err)

	makePublic: (project_id, level, callback = (error) ->) ->
		@request.post {
			url: "/project/#{project_id}/settings/admin",
			json:
				publicAccessLevel: level
		}, (error, response, body) ->
			return callback(error) if error?
			callback(null)

	makePrivate: (project_id, callback = (error) ->) ->
		@request.post {
			url: "/project/#{project_id}/settings/admin",
			json:
				publicAccessLevel: 'private'
		}, (error, response, body) ->
			return callback(error) if error?
			callback(null)

	makeTokenBased: (project_id, callback = (error) ->) ->
		@request.post {
			url: "/project/#{project_id}/settings/admin",
			json:
				publicAccessLevel: 'tokenBased'
		}, (error, response, body) ->
			return callback(error) if error?
			callback(null)

	getCsrfToken: (callback = (error) ->) ->
		@request.get {
			url: "/dev/csrf"
		}, (err, response, body) =>
			return callback(err) if err?
			@csrfToken = body
			@request = @request.defaults({
				headers:
					"x-csrf-token": @csrfToken
			})
			callback()

	changePassword: (callback = (error) ->) ->
		@getCsrfToken (error) =>
			return callback(error) if error?
			@request.post {
				url: "/user/password/update"
				json:
					currentPassword: @password
					newPassword1: @password
					newPassword2: @password
			}, (error, response, body) =>
				return callback(error) if error?
				db.users.findOne {email: @email}, (error, user) =>
					return callback(error) if error?
					callback()

	getUserSettingsPage: (callback = (error, statusCode) ->) ->
		@getCsrfToken (error) =>
			return callback(error) if error?
			@request.get {
				url: "/user/settings"
			}, (error, response, body) =>
				return callback(error) if error?
				callback(null, response.statusCode)

	getProjectListPage: (callback=(error, statusCode)->) ->
		@getCsrfToken (error) =>
			return callback(error) if error?
			@request.get {
				url: "/project"
			}, (error, response, body) =>
				return callback(error) if error?
				callback(null, response.statusCode)


module.exports = User
Improve error reporting and show 404 when project ids are malformed 2016-03-18 11:59:03 -04:00			`request = require("./request")`
create user in db and use login endpoint instead of register 2017-12-01 11:54:45 -05:00			`_ = require("underscore")`
Improve error reporting and show 404 when project ids are malformed 2016-03-18 11:59:03 -04:00			`settings = require("settings-sharelatex")`
Allow admin access to projects 2016-03-21 13:03:31 -04:00			`{db, ObjectId} = require("../../../../app/js/infrastructure/mongojs")`
create user in db and use login endpoint instead of register 2017-12-01 11:54:45 -05:00			`UserModel = require("../../../../app/js/models/User").User`
			`AuthenticationManager = require("../../../../app/js/Features/Authentication/AuthenticationManager")`
Improve error reporting and show 404 when project ids are malformed 2016-03-18 11:59:03 -04:00
			`count = 0`

			`class User`
			`constructor: (options = {}) ->`
			`@email = "acceptance-test-#{count}@example.com"`
			`@password = "acceptance-test-#{count}-password"`
			`count++`
			`@jar = request.jar()`
			`@request = request.defaults({`
			`jar: @jar`
			`})`
get invite and link for test 2016-07-28 11:00:18 -04:00
Improve error reporting and show 404 when project ids are malformed 2016-03-18 11:59:03 -04:00			`login: (callback = (error) ->) ->`
			`@getCsrfToken (error) =>`
			`return callback(error) if error?`
create user in db and use login endpoint instead of register 2017-12-01 11:54:45 -05:00			`filter = {@email}`
			`options = {upsert: true, new: true, setDefaultsOnInsert: true}`
			`UserModel.findOneAndUpdate filter, {}, options, (error, user) =>`
Improve error reporting and show 404 when project ids are malformed 2016-03-18 11:59:03 -04:00			`return callback(error) if error?`
create user in db and use login endpoint instead of register 2017-12-01 11:54:45 -05:00			`AuthenticationManager.setUserPassword user._id, @password, (error) =>`
Improve error reporting and show 404 when project ids are malformed 2016-03-18 11:59:03 -04:00			`return callback(error) if error?`
			`@id = user?._id?.toString()`
start acceptance tests for sessions 2016-07-05 05:24:24 -04:00			`@_id = user?._id?.toString()`
Start testing the invite page 2016-07-29 04:52:55 -04:00			`@first_name = user?.first_name`
			`@referal_id = user?.referal_id`
create user in db and use login endpoint instead of register 2017-12-01 11:54:45 -05:00			`@request.post {`
			`url: "/login"`
			`json: { @email, @password }`
			`}, callback`
start acceptance tests for sessions 2016-07-05 05:24:24 -04:00
			`logout: (callback = (error) ->) ->`
			`@getCsrfToken (error) =>`
			`return callback(error) if error?`
			`@request.get {`
Test session revocation on password change. 2016-07-05 09:55:08 -04:00			`url: "/logout"`
start acceptance tests for sessions 2016-07-05 05:24:24 -04:00			`json:`
			`email: @email`
			`password: @password`
			`}, (error, response, body) =>`
			`return callback(error) if error?`
			`db.users.findOne {email: @email}, (error, user) =>`
			`return callback(error) if error?`
			`@id = user?._id?.toString()`
			`@_id = user?._id?.toString()`
			`callback()`

Allow admin access to projects 2016-03-21 13:03:31 -04:00			`ensure_admin: (callback = (error) ->) ->`
			`db.users.update {_id: ObjectId(@id)}, { $set: { isAdmin: true }}, callback`
start acceptance tests for sessions 2016-07-05 05:24:24 -04:00
Add unit test to cover project features. 2017-09-01 08:28:11 -04:00			`upgradeFeatures: (callback = (error) -> ) ->`
			`features = {`
			`collaborators: -1 # Infinite`
			`versioning: true`
			`dropbox:true`
			`compileTimeout: 60`
			`compileGroup:"priority"`
			`templates: true`
			`references: true`
			`trackChanges: true`
			`trackChangesVisible: true`
			`}`
			`db.users.update {_id: ObjectId(@id)}, { $set: { features: features }}, callback`

			`downgradeFeatures: (callback = (error) -> ) ->`
			`features = {`
			`collaborators: 1`
			`versioning: false`
			`dropbox:false`
			`compileTimeout: 60`
			`compileGroup:"standard"`
			`templates: false`
			`references: false`
			`trackChanges: false`
			`trackChangesVisible: false`
			`}`
			`db.users.update {_id: ObjectId(@id)}, { $set: { features: features }}, callback`

Restore user features to default after acceptance test. Fixes an issue that could come up when running the tests several times. 2017-09-01 09:45:54 -04:00			`defaultFeatures: (callback = (error) -> ) ->`
			`features = settings.defaultFeatures`
			`db.users.update {_id: ObjectId(@id)}, { $set: { features: features }}, callback`

added csrf acceptence tests 2017-08-29 12:45:16 -04:00			`full_delete_user: (email, callback = (error) ->) ->`
			`db.users.findOne {email: email}, (error, user) =>`
			`if !user?`
			`return callback()`
			`user_id = user._id`
			`db.projects.remove owner_ref:ObjectId(user_id), {multi:true}, (err)->`
			`if err?`
			`callback(err)`
			`db.users.remove {_id: ObjectId(user_id)}, callback`

Start acceptance tests for token-based access 2017-10-06 10:58:03 -04:00			`getProject: (project_id, callback = (error, project)->) ->`
			`db.projects.findOne {_id: ObjectId(project_id.toString())}, callback`

add acceptance tests 2017-11-27 12:09:51 -05:00			`createProject: (name, options, callback = (error, oroject_id) ->) ->`
			`if typeof options == "function"`
			`callback = options`
			`options = {}`

Improve error reporting and show 404 when project ids are malformed 2016-03-18 11:59:03 -04:00			`@request.post {`
			`url: "/project/new",`
add acceptance tests 2017-11-27 12:09:51 -05:00			`json: Object.assign({projectName: name}, options)`
Improve error reporting and show 404 when project ids are malformed 2016-03-18 11:59:03 -04:00			`}, (error, response, body) ->`
			`return callback(error) if error?`
			`if !body?.project_id?`
better error when project creation fails 2017-12-01 12:21:54 -05:00			`error = new Error("SOMETHING WENT WRONG CREATING PROJECT", response.statusCode, response.headers["location"], body)`
			`callback error`
			`else`
			`callback(null, body.project_id)`
get invite and link for test 2016-07-28 11:00:18 -04:00
			`deleteProject: (project_id, callback=(error)) ->`
			`@request.delete {`
			`url: "/project/#{project_id}"`
			`}, (error, response, body) ->`
			`return callback(error) if error?`
			`callback(null)`

Test acceptance of invite 2016-07-29 06:04:07 -04:00			`openProject: (project_id, callback=(error)) ->`
			`@request.get {`
			`url: "/project/#{project_id}"`
			`}, (error, response, body) ->`
Test when the user does not accept the invite 2016-07-29 06:08:24 -04:00			`return callback(error) if error?`
			`if response.statusCode != 200`
			`err = new Error("Non-success response when opening project: #{response.statusCode}")`
			`return callback(err)`
Test acceptance of invite 2016-07-29 06:04:07 -04:00			`callback(null)`

Fix how adding user to project works in acceptance tests 2017-09-21 06:43:16 -04:00			`addUserToProject: (project_id, user, privileges, callback = (error, user) ->) ->`
			`if privileges == 'readAndWrite'`
			`updateOp = {$addToSet: {collaberator_refs: user._id.toString()}}`
			`else if privileges == 'readOnly'`
			`updateOp = {$addToSet: {readOnly_refs: user._id.toString()}}`
			`db.projects.update {_id: db.ObjectId(project_id)}, updateOp, (err) ->`
			`callback(err)`
get invite and link for test 2016-07-28 11:00:18 -04:00
Improve error reporting and show 404 when project ids are malformed 2016-03-18 11:59:03 -04:00			`makePublic: (project_id, level, callback = (error) ->) ->`
			`@request.post {`
			`url: "/project/#{project_id}/settings/admin",`
			`json:`
			`publicAccessLevel: level`
			`}, (error, response, body) ->`
			`return callback(error) if error?`
			`callback(null)`

Start acceptance tests for token-based access 2017-10-06 10:58:03 -04:00			`makePrivate: (project_id, callback = (error) ->) ->`
			`@request.post {`
			`url: "/project/#{project_id}/settings/admin",`
			`json:`
			`publicAccessLevel: 'private'`
			`}, (error, response, body) ->`
			`return callback(error) if error?`
			`callback(null)`

			`makeTokenBased: (project_id, callback = (error) ->) ->`
			`@request.post {`
			`url: "/project/#{project_id}/settings/admin",`
			`json:`
			`publicAccessLevel: 'tokenBased'`
			`}, (error, response, body) ->`
			`return callback(error) if error?`
			`callback(null)`

Improve error reporting and show 404 when project ids are malformed 2016-03-18 11:59:03 -04:00			`getCsrfToken: (callback = (error) ->) ->`
			`@request.get {`
get csrf token from /dev/csrf not /register 2017-12-01 11:47:38 -05:00			`url: "/dev/csrf"`
Improve error reporting and show 404 when project ids are malformed 2016-03-18 11:59:03 -04:00			`}, (err, response, body) =>`
fix acceptance tests 2017-11-21 12:04:09 -05:00			`return callback(err) if err?`
get csrf token from /dev/csrf not /register 2017-12-01 11:47:38 -05:00			`@csrfToken = body`
Improve error reporting and show 404 when project ids are malformed 2016-03-18 11:59:03 -04:00			`@request = @request.defaults({`
			`headers:`
added csrf acceptence tests 2017-08-29 12:45:16 -04:00			`"x-csrf-token": @csrfToken`
Improve error reporting and show 404 when project ids are malformed 2016-03-18 11:59:03 -04:00			`})`
			`callback()`

Test session revocation on password change. 2016-07-05 09:55:08 -04:00			`changePassword: (callback = (error) ->) ->`
acceptance test for logging in two sessions. 2016-07-05 09:21:38 -04:00			`@getCsrfToken (error) =>`
			`return callback(error) if error?`
			`@request.post {`
Test session revocation on password change. 2016-07-05 09:55:08 -04:00			`url: "/user/password/update"`
acceptance test for logging in two sessions. 2016-07-05 09:21:38 -04:00			`json:`
Test session revocation on password change. 2016-07-05 09:55:08 -04:00			`currentPassword: @password`
			`newPassword1: @password`
			`newPassword2: @password`
acceptance test for logging in two sessions. 2016-07-05 09:21:38 -04:00			`}, (error, response, body) =>`
			`return callback(error) if error?`
			`db.users.findOne {email: @email}, (error, user) =>`
			`return callback(error) if error?`
			`callback()`

Add tests to check if users can access a restricted page. 2016-07-06 07:14:01 -04:00			`getUserSettingsPage: (callback = (error, statusCode) ->) ->`
			`@getCsrfToken (error) =>`
			`return callback(error) if error?`
			`@request.get {`
			`url: "/user/settings"`
			`}, (error, response, body) =>`
			`return callback(error) if error?`
			`callback(null, response.statusCode)`

Fix acceptance tests 2017-05-10 08:45:53 -04:00			`getProjectListPage: (callback=(error, statusCode)->) ->`
			`@getCsrfToken (error) =>`
			`return callback(error) if error?`
			`@request.get {`
			`url: "/project"`
			`}, (error, response, body) =>`
			`return callback(error) if error?`
			`callback(null, response.statusCode)`

Add tests to check if users can access a restricted page. 2016-07-06 07:14:01 -04:00

acceptance test for logging in two sessions. 2016-07-05 09:21:38 -04:00			`module.exports = User`