mirror of
https://github.com/overleaf/overleaf.git
synced 2024-12-02 07:51:34 -05:00
1be43911b4
Set Prettier's "trailingComma" setting to "es5" GitOrigin-RevId: 9f14150511929a855b27467ad17be6ab262fe5d5
139 lines
4.8 KiB
JavaScript
139 lines
4.8 KiB
JavaScript
const { expect } = require('chai')
|
|
const RateLimiter = require('../../../app/src/infrastructure/RateLimiter')
|
|
const UserHelper = require('./helpers/UserHelper')
|
|
|
|
describe('PasswordUpdate', function () {
|
|
let email, password, response, user, userHelper
|
|
afterEach(async function () {
|
|
await RateLimiter.promises.clearRateLimit(
|
|
'password_reset_rate_limit',
|
|
'127.0.0.1'
|
|
)
|
|
})
|
|
beforeEach(async function () {
|
|
userHelper = new UserHelper()
|
|
email = userHelper.getDefaultEmail()
|
|
password = 'old-password'
|
|
userHelper = await UserHelper.createUser({ email, password })
|
|
userHelper = await UserHelper.loginUser({
|
|
email,
|
|
password,
|
|
})
|
|
await userHelper.getCsrfToken()
|
|
})
|
|
describe('success', function () {
|
|
beforeEach(async function () {
|
|
response = await userHelper.request.post('/user/password/update', {
|
|
form: {
|
|
currentPassword: password,
|
|
newPassword1: 'new-password',
|
|
newPassword2: 'new-password',
|
|
},
|
|
simple: false,
|
|
})
|
|
userHelper = await UserHelper.getUser({ email })
|
|
user = userHelper.user
|
|
})
|
|
it('should return 200', async function () {
|
|
expect(response.statusCode).to.equal(200)
|
|
})
|
|
it('should update the audit log', function () {
|
|
const auditLog = userHelper.getAuditLogWithoutNoise()
|
|
expect(auditLog[0]).to.exist
|
|
expect(typeof auditLog[0].initiatorId).to.equal('object')
|
|
expect(auditLog[0].initiatorId).to.deep.equal(user._id)
|
|
expect(auditLog[0].operation).to.equal('update-password')
|
|
expect(auditLog[0].ipAddress).to.equal('127.0.0.1')
|
|
expect(auditLog[0].timestamp).to.exist
|
|
})
|
|
})
|
|
describe('errors', function () {
|
|
describe('missing current password', function () {
|
|
beforeEach(async function () {
|
|
response = await userHelper.request.post('/user/password/update', {
|
|
form: {
|
|
newPassword1: 'new-password',
|
|
newPassword2: 'new-password',
|
|
},
|
|
simple: false,
|
|
})
|
|
userHelper = await UserHelper.getUser({ email })
|
|
})
|
|
it('should return 500', async function () {
|
|
expect(response.statusCode).to.equal(500)
|
|
})
|
|
it('should not update audit log', async function () {
|
|
const auditLog = userHelper.getAuditLogWithoutNoise()
|
|
expect(auditLog).to.deep.equal([])
|
|
})
|
|
})
|
|
describe('wrong current password', function () {
|
|
beforeEach(async function () {
|
|
response = await userHelper.request.post('/user/password/update', {
|
|
form: {
|
|
currentPassword: 'wrong-password',
|
|
newPassword1: 'new-password',
|
|
newPassword2: 'new-password',
|
|
},
|
|
simple: false,
|
|
})
|
|
userHelper = await UserHelper.getUser({ email })
|
|
})
|
|
it('should return 400', async function () {
|
|
expect(response.statusCode).to.equal(400)
|
|
})
|
|
it('should not update audit log', async function () {
|
|
const auditLog = userHelper.getAuditLogWithoutNoise()
|
|
expect(auditLog).to.deep.equal([])
|
|
})
|
|
})
|
|
describe('newPassword1 does not match newPassword2', function () {
|
|
beforeEach(async function () {
|
|
response = await userHelper.request.post('/user/password/update', {
|
|
form: {
|
|
currentPassword: password,
|
|
newPassword1: 'new-password',
|
|
newPassword2: 'oops-password',
|
|
},
|
|
json: true,
|
|
simple: false,
|
|
})
|
|
userHelper = await UserHelper.getUser({ email })
|
|
})
|
|
it('should return 400', async function () {
|
|
expect(response.statusCode).to.equal(400)
|
|
})
|
|
it('should return error message', async function () {
|
|
expect(response.body.message).to.equal('Passwords do not match')
|
|
})
|
|
it('should not update audit log', async function () {
|
|
const auditLog = userHelper.getAuditLogWithoutNoise()
|
|
expect(auditLog).to.deep.equal([])
|
|
})
|
|
})
|
|
describe('new password is not valid', function () {
|
|
beforeEach(async function () {
|
|
response = await userHelper.request.post('/user/password/update', {
|
|
form: {
|
|
currentPassword: password,
|
|
newPassword1: 'short',
|
|
newPassword2: 'short',
|
|
},
|
|
json: true,
|
|
simple: false,
|
|
})
|
|
userHelper = await UserHelper.getUser({ email })
|
|
})
|
|
it('should return 400', async function () {
|
|
expect(response.statusCode).to.equal(400)
|
|
})
|
|
it('should return error message', async function () {
|
|
expect(response.body.message).to.equal('password is too short')
|
|
})
|
|
it('should not update audit log', async function () {
|
|
const auditLog = userHelper.getAuditLogWithoutNoise()
|
|
expect(auditLog).to.deep.equal([])
|
|
})
|
|
})
|
|
})
|
|
})
|