moved password change to new user controller with tests

2025-03-30 23:43:53 +00:00 · 2014-04-10 17:15:18 +01:00 · 2014-04-10 17:15:18 +01:00 · 5760e51d6e
commit 5760e51d6e
parent cc68fe443f
4 changed files with 83 additions and 40 deletions
--- a/services/web/app/coffee/Features/User/UserController.coffee
+++ b/services/web/app/coffee/Features/User/UserController.coffee
@ -8,6 +8,9 @@ logger = require("logger-sharelatex")
 metrics = require("../../infrastructure/Metrics")
 Url = require("url")
 AuthenticationController = require("../Authentication/AuthenticationController")
+AuthenticationManager = require("../Authentication/AuthenticationManager")
+
+
 module.exports =

 	deleteUser: (req, res)->
@ -51,7 +54,6 @@ module.exports =
 		logger.log email: req.body.email, "attempted register"
 		redir = Url.parse(req.body.redir or "/project").path
 		UserRegistrationHandler.registerNewUser req.body, (err, user)->
-			console.log err
 			if err == "EmailAlreadyRegisterd"
 				return AuthenticationController.login req, res
 			else if err?
@ -68,4 +70,32 @@ module.exports =
 					email: user.email
 					created: Date.now()

-
+	changePassword : (req, res, next = (error) ->)->
+		metrics.inc "user.password-change"
+		oldPass = req.body.currentPassword
+		AuthenticationManager.authenticate {_id:req.session.user._id}, oldPass, (err, user)->
+			return next(err) if err?
+			if(user)
+				logger.log user: req.session.user, "changing password"
+				newPassword1 = req.body.newPassword1
+				newPassword2 = req.body.newPassword2
+				if newPassword1 != newPassword2
+					logger.log user: user, "passwords do not match"
+					res.send
+						message:
+						  type:'error'
+						  text:'Your passwords do not match'
+				else
+					logger.log user: user, "password changed"
+					AuthenticationManager.setUserPassword user._id, newPassword1, (error) ->
+						return next(error) if error?
+						res.send
+							message:
+							  type:'success'
+							  text:'Your password has been changed'
+			else
+				logger.log user: user, "current password wrong"
+				res.send
+					message:
+					  type:'error'
+					  text:'Your old password is wrong'
--- a/services/web/app/coffee/controllers/UserController.coffee
+++ b/services/web/app/coffee/controllers/UserController.coffee
@ -51,34 +51,5 @@ module.exports =
 				logger.info email: email, "no user found with email"
 				

-	changePassword : (req, res, next = (error) ->)->
-		metrics.inc "user.password-change"
-		oldPass = req.body.currentPassword
-		AuthenticationManager.authenticate _id: req.session.user._id, oldPass, (err, user)->
-			return next(err) if err?
-			if(user)
-				logger.log user: req.session.user, "changing password"
-				newPassword1 = req.body.newPassword1
-				newPassword2 = req.body.newPassword2
-				if newPassword1 != newPassword2
-					logger.log user: user, "passwords do not match"
-					res.send
-						message:
-						  type:'error'
-						  text:'Your passwords do not match'
-				else
-					logger.log user: user, "password changed"
-					AuthenticationManager.setUserPassword user._id, newPassword1, (error) ->
-						return next(error) if error?
-						res.send
-							message:
-							  type:'success'
-							  text:'Your password has been changed'
-			else
-				logger.log user: user, "current password wrong"
-				res.send
-					message:
-					  type:'error'
-					  text:'Your old password is wrong'


--- a/services/web/app/coffee/router.coffee
+++ b/services/web/app/coffee/router.coffee
@ -77,7 +77,7 @@ module.exports = class Router

 		app.get  '/user/settings', AuthenticationController.requireLogin(), UserPagesController.settingsPage
 		app.post '/user/settings', AuthenticationController.requireLogin(), UserController_new.updateUserSettings
-		app.post '/user/password/update', AuthenticationController.requireLogin(), UserController.changePassword
+		app.post '/user/password/update', AuthenticationController.requireLogin(), UserController_new.changePassword
 		app.get  '/user/passwordreset', UserPagesController.passwordResetPage
 		app.post '/user/passwordReset', UserController.doRequestPasswordReset
 		app.del  '/user/newsletter/unsubscribe', AuthenticationController.requireLogin(), UserController_new.unsubscribe
--- a/services/web/test/UnitTests/coffee/User/UserControllerTests.coffee
+++ b/services/web/test/UnitTests/coffee/User/UserControllerTests.coffee
@ -12,8 +12,10 @@ assert = require("assert")

 describe "UserController", ->
 	beforeEach ->
+		@user_id = "323123"
+
 		@user =
-			_id:"!@£!23123"
+			_id:@user_id
 			save:sinon.stub().callsArgWith(0)
 			ace:{}

@ -28,7 +30,9 @@ describe "UserController", ->
 		@UserRegistrationHandler =
 			registerNewUser: sinon.stub()
 		@AuthenticationController = {}
-
+		@AuthenticationManager =
+			authenticate: sinon.stub()
+			setUserPassword: sinon.stub()
 		@UserController = SandboxedModule.require modulePath, requires:
 			"./UserLocator": @UserLocator
 			"./UserDeleter": @UserDeleter
@ -36,17 +40,18 @@ describe "UserController", ->
 			'../Newsletter/NewsletterManager':@NewsLetterManager
 			"./UserRegistrationHandler":@UserRegistrationHandler
 			"../Authentication/AuthenticationController": @AuthenticationController
+			"../Authentication/AuthenticationManager": @AuthenticationManager
 			"logger-sharelatex": {log:->}


 		@req = 
-			session: destroy:->
+			session: 
+				destroy:->
+				user :
+					_id : @user_id
 			body:{}
 		@res = {}
 		@next = sinon.stub()
-		@user_id = "323123"
-		@req.session.user =
-			_id = @user_id
 	describe "deleteUser", ->

 		it "should delete the user", (done)->
@ -115,7 +120,7 @@ describe "UserController", ->

 		it "should try and log the user in if there is an EmailAlreadyRegisterd error", (done)->

-			@UserRegistrationHandler.registerNewUser.callsArgWith(1, message:"EmailAlreadyRegisterd")
+			@UserRegistrationHandler.registerNewUser.callsArgWith(1, "EmailAlreadyRegisterd")
 			@AuthenticationController.login = (req, res)=>
 				assert.deepEqual req, @req
 				assert.deepEqual res, @res
@ -144,4 +149,41 @@ describe "UserController", ->
 			@res.send = (opts)=>
 				opts.redir.should.equal "/somewhere"
 				done()
-			@UserController.register @req, @res		
+			@UserController.register @req, @res
+
+
+
+	describe "changePassword", ->
+
+		it "should check the old password is the current one at the moment", (done)->
+			@AuthenticationManager.authenticate.callsArgWith(2)
+			@req.body =
+				currentPassword: "oldpasshere"
+			@res.send = =>
+				@AuthenticationManager.authenticate.calledWith(_id:@user._id, "oldpasshere").should.equal true
+				@AuthenticationManager.setUserPassword.called.should.equal false
+				done()
+			@UserController.changePassword @req, @res
+
+
+		it "it should not set the new password if they do not match", (done)->
+			@AuthenticationManager.authenticate.callsArgWith(2, null, {})
+			@req.body =
+				newPassword1: "1"
+				newPassword2: "2"
+			@res.send = =>
+				@AuthenticationManager.setUserPassword.called.should.equal false
+				done()
+			@UserController.changePassword @req, @res			
+
+		it "should set the new password if they do match", (done)->
+			@AuthenticationManager.authenticate.callsArgWith(2, null, @user)
+			@AuthenticationManager.setUserPassword.callsArgWith(2)
+			@req.body =
+				newPassword1: "newpass"
+				newPassword2: "newpass"
+			@res.send = =>
+				@AuthenticationManager.setUserPassword.calledWith(@user._id, "newpass").should.equal true
+				done()
+			@UserController.changePassword @req, @res		
+