Avoid setting profile name to not found (#8357)

* avoid setting profile name to not found * only set profile name when empty * profile.name is required * set profile name before validation * fix and add tests
2025-12-16 22:27:26 +01:00 · 2017-01-03 00:00:01 +01:00
parent 47bb217068
commit 2f1b683ec9
5 changed files with 46 additions and 7 deletions
--- a/test/api/v3/integration/user/PUT-user.test.js
+++ b/test/api/v3/integration/user/PUT-user.test.js
@@ -26,6 +26,32 @@ describe('PUT /user', () => {
      expect(user.preferences.costume).to.eql(true);
      expect(user.stats.hp).to.eql(14);
    });
+
+    it('profile.name cannot be an empty string or null', async () => {
+      await expect(user.put('/user', {
+        'profile.name': ' ', // string should be trimmed
+      })).to.eventually.be.rejected.and.eql({
+        code: 400,
+        error: 'BadRequest',
+        message: 'User validation failed',
+      });
+
+      await expect(user.put('/user', {
+        'profile.name': '',
+      })).to.eventually.be.rejected.and.eql({
+        code: 400,
+        error: 'BadRequest',
+        message: 'User validation failed',
+      });
+
+      await expect(user.put('/user', {
+        'profile.name': null,
+      })).to.eventually.be.rejected.and.eql({
+        code: 400,
+        error: 'BadRequest',
+        message: 'User validation failed',
+      });
+    });
  });

  context('Top Level Protected Operations', () => {
--- a/test/api/v3/integration/user/auth/POST-register_local.test.js
+++ b/test/api/v3/integration/user/auth/POST-register_local.test.js
@@ -32,6 +32,7 @@ describe('POST /user/auth/local/register', () => {
      expect(user._id).to.exist;
      expect(user.apiToken).to.exist;
      expect(user.auth.local.username).to.eql(username);
+      expect(user.profile.name).to.eql(username);
    });

    it('provides default tags and tasks', async () => {
--- a/test/api/v3/integration/user/auth/POST-user_auth_social.test.js
+++ b/test/api/v3/integration/user/auth/POST-user_auth_social.test.js
@@ -33,7 +33,7 @@ describe('POST /user/auth/social', () => {

  describe('facebook', () => {
    before(async () => {
-      let expectedResult = {id: facebookId};
+      let expectedResult = {id: facebookId, displayName: 'a facebook user'};
      sandbox.stub(passport._strategies.facebook, 'userProfile').yields(null, expectedResult);
      network = 'facebook';
    });
@@ -47,6 +47,7 @@ describe('POST /user/auth/social', () => {
      expect(response.apiToken).to.exist;
      expect(response.id).to.exist;
      expect(response.newUser).to.be.true;
+      await expect(getProperty('users', response.id, 'profile.name')).to.eventually.equal('a facebook user');
    });

    it('logs an existing user in', async () => {
@@ -88,7 +89,7 @@ describe('POST /user/auth/social', () => {

  describe('google', () => {
    before(async () => {
-      let expectedResult = {id: googleId};
+      let expectedResult = {id: googleId, displayName: 'a google user'};
      sandbox.stub(passport._strategies.google, 'userProfile').yields(null, expectedResult);
      network = 'google';
    });
@@ -102,6 +103,7 @@ describe('POST /user/auth/social', () => {
      expect(response.apiToken).to.exist;
      expect(response.id).to.exist;
      expect(response.newUser).to.be.true;
+      await expect(getProperty('users', response.id, 'profile.name')).to.eventually.equal('a google user');
    });

    it('logs an existing user in', async () => {