mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-21 20:47:08 -05:00
added controller endpoint for updating user personal info
This commit is contained in:
Henry Oswald
parent
560288348a
commit
3aff131428
4 changed files with 66 additions and 2 deletions
|
|
@ -256,7 +256,6 @@ module.exports = EditorController =
|
||||||
renameProject: (project_id, newName, callback)->
|
renameProject: (project_id, newName, callback)->
|
||||||
newName = sanitize.escape(newName)
|
newName = sanitize.escape(newName)
|
||||||
ProjectDetailsHandler.renameProject project_id, newName, =>
|
ProjectDetailsHandler.renameProject project_id, newName, =>
|
||||||
newName = sanitize.escape(newName)
|
|
||||||
EditorRealTimeController.emitToRoom project_id, 'projectNameUpdated', newName
|
EditorRealTimeController.emitToRoom project_id, 'projectNameUpdated', newName
|
||||||
callback?()
|
callback?()
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,8 @@
|
||||||
UserGetter = require "./UserGetter"
|
UserGetter = require "./UserGetter"
|
||||||
logger = require("logger-sharelatex")
|
logger = require("logger-sharelatex")
|
||||||
UserDeleter = require("./UserDeleter")
|
UserDeleter = require("./UserDeleter")
|
||||||
|
UserUpdater = require("./UserUpdater")
|
||||||
|
sanitize = require('sanitizer')
|
||||||
|
|
||||||
module.exports = UserController =
|
module.exports = UserController =
|
||||||
getLoggedInUsersPersonalInfo: (req, res, next = (error) ->) ->
|
getLoggedInUsersPersonalInfo: (req, res, next = (error) ->) ->
|
||||||
|
|
@ -19,6 +21,18 @@ module.exports = UserController =
|
||||||
UserController.sendFormattedPersonalInfo(user, res, next)
|
UserController.sendFormattedPersonalInfo(user, res, next)
|
||||||
req.session.destroy()
|
req.session.destroy()
|
||||||
|
|
||||||
|
updatePersonalInfo: (req, res, next = (error)->) ->
|
||||||
|
{first_name, last_name, role, university} = req.body
|
||||||
|
update =
|
||||||
|
first_name:sanitize.escape(first_name)
|
||||||
|
last_name:sanitize.escape(last_name)
|
||||||
|
role:sanitize.escape(role)
|
||||||
|
university:sanitize.escape(university)
|
||||||
|
UserUpdater.updatePersonalInfo update, (err)->
|
||||||
|
if err?
|
||||||
|
res.send 500
|
||||||
|
else
|
||||||
|
res.send 204
|
||||||
|
|
||||||
sendFormattedPersonalInfo: (user, res, next = (error) ->) ->
|
sendFormattedPersonalInfo: (user, res, next = (error) ->) ->
|
||||||
UserController._formatPersonalInfo user, (error, info) ->
|
UserController._formatPersonalInfo user, (error, info) ->
|
||||||
|
|
|
||||||
|
|
@ -90,6 +90,7 @@ module.exports = class Router
|
||||||
|
|
||||||
app.get '/user/auth_token', AuthenticationController.requireLogin(), AuthenticationController.getAuthToken
|
app.get '/user/auth_token', AuthenticationController.requireLogin(), AuthenticationController.getAuthToken
|
||||||
app.get '/user/personal_info', AuthenticationController.requireLogin(allow_auth_token: true), UserInfoController.getLoggedInUsersPersonalInfo
|
app.get '/user/personal_info', AuthenticationController.requireLogin(allow_auth_token: true), UserInfoController.getLoggedInUsersPersonalInfo
|
||||||
|
app.post '/user/personal_info', AuthenticationController.requireLogin(), UserInfoController.getPersonalInfo
|
||||||
app.get '/user/:user_id/personal_info', httpAuth, UserInfoController.getPersonalInfo
|
app.get '/user/:user_id/personal_info', httpAuth, UserInfoController.getPersonalInfo
|
||||||
|
|
||||||
app.get '/project', AuthenticationController.requireLogin(), ProjectController.projectListPage
|
app.get '/project', AuthenticationController.requireLogin(), ProjectController.projectListPage
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,6 @@
|
||||||
sinon = require('sinon')
|
sinon = require('sinon')
|
||||||
chai = require('chai')
|
chai = require('chai')
|
||||||
|
assert = require("chai").assert
|
||||||
should = chai.should()
|
should = chai.should()
|
||||||
expect = chai.expect
|
expect = chai.expect
|
||||||
modulePath = "../../../../app/js/Features/User/UserInfoController.js"
|
modulePath = "../../../../app/js/Features/User/UserInfoController.js"
|
||||||
|
|
@ -13,9 +14,15 @@ describe "UserInfoController", ->
|
||||||
beforeEach ->
|
beforeEach ->
|
||||||
@UserDeleter =
|
@UserDeleter =
|
||||||
deleteUser: sinon.stub().callsArgWith(1)
|
deleteUser: sinon.stub().callsArgWith(1)
|
||||||
|
@UserUpdater =
|
||||||
|
updatePersonalInfo: sinon.stub()
|
||||||
|
@sanitizer = escape:(v)->v
|
||||||
|
sinon.spy @sanitizer, "escape"
|
||||||
@UserInfoController = SandboxedModule.require modulePath, requires:
|
@UserInfoController = SandboxedModule.require modulePath, requires:
|
||||||
"./UserGetter": @UserGetter = {}
|
"./UserGetter": @UserGetter = {}
|
||||||
|
"./UserUpdater": @UserUpdater
|
||||||
"./UserDeleter": @UserDeleter
|
"./UserDeleter": @UserDeleter
|
||||||
|
"sanitizer":@sanitizer
|
||||||
|
|
||||||
@req = new MockRequest()
|
@req = new MockRequest()
|
||||||
@res = new MockResponse()
|
@res = new MockResponse()
|
||||||
|
|
@ -107,4 +114,47 @@ describe "UserInfoController", ->
|
||||||
signUpDate: @user.signUpDate
|
signUpDate: @user.signUpDate
|
||||||
}
|
}
|
||||||
|
|
||||||
|
describe "setPersonalInfo", ->
|
||||||
|
|
||||||
|
beforeEach ->
|
||||||
|
@req = {}
|
||||||
|
@req.body =
|
||||||
|
first_name: "bob"
|
||||||
|
last_name: "smith"
|
||||||
|
role:"student"
|
||||||
|
university: "Sheffield"
|
||||||
|
notWanted: "something"
|
||||||
|
|
||||||
|
it "should send the data from the body to the user updater", (done)->
|
||||||
|
|
||||||
|
@UserUpdater.updatePersonalInfo.callsArgWith(1, null)
|
||||||
|
@res.send = (statusCode)=>
|
||||||
|
statusCode.should.equal 204
|
||||||
|
args = @UserUpdater.updatePersonalInfo.args[0][0]
|
||||||
|
args.first_name.should.equal @req.body.first_name
|
||||||
|
args.last_name.should.equal @req.body.last_name
|
||||||
|
args.role.should.equal @req.body.role
|
||||||
|
args.university.should.equal @req.body.university
|
||||||
|
assert.equal args.notWanted, undefined
|
||||||
|
done()
|
||||||
|
|
||||||
|
@UserInfoController.updatePersonalInfo @req, @res
|
||||||
|
|
||||||
|
it "should sanitize the data", (done)->
|
||||||
|
@UserUpdater.updatePersonalInfo.callsArgWith(1, null)
|
||||||
|
@res.send = (statusCode)=>
|
||||||
|
@sanitizer.escape.calledWith(@req.body.first_name).should.equal true
|
||||||
|
@sanitizer.escape.calledWith(@req.body.last_name).should.equal true
|
||||||
|
@sanitizer.escape.calledWith(@req.body.role).should.equal true
|
||||||
|
@sanitizer.escape.calledWith(@req.body.university).should.equal true
|
||||||
|
done()
|
||||||
|
@UserInfoController.updatePersonalInfo @req, @res
|
||||||
|
|
||||||
|
it "should send an error if the UpserUpdater returns on", (done)->
|
||||||
|
@UserUpdater.updatePersonalInfo.callsArgWith(1, "error")
|
||||||
|
@res.send = (statusCode)->
|
||||||
|
statusCode.should.equal 500
|
||||||
|
done()
|
||||||
|
@UserInfoController.updatePersonalInfo @req, @res
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue