Merge branch 'release' into schedule-rc

2025-12-17 22:57:21 +01:00 · 2024-06-14 10:18:16 -05:00
parent 39add61618 050c227e6f
commit 31e501f65a
139 changed files with 3986 additions and 1770 deletions
--- a/test/api/v3/integration/chat/POST-chat.flag.test.js
+++ b/test/api/v3/integration/chat/POST-chat.flag.test.js
@@ -223,4 +223,23 @@ describe('POST /chat/:chatId/flag', () => {

    expect(auMessageToCheck).to.not.exist;
  });
+
+  it('validates that the message belongs to the passed group', async () => {
+    const { group: anotherGroup, groupLeader: anotherLeader } = await createAndPopulateGroup({
+      groupDetails: {
+        name: 'Another Guild',
+        type: 'guild',
+        privacy: 'private',
+      },
+      upgradeToGroupPlan: true,
+    });
+
+    const message = await anotherUser.post(`/groups/${group._id}/chat`, { message: TEST_MESSAGE });
+    await expect(anotherLeader.post(`/groups/${anotherGroup._id}/chat/${message.message.id}/flag`))
+      .to.eventually.be.rejected.and.eql({
+        code: 404,
+        error: 'NotFound',
+        message: t('messageGroupChatNotFound'),
+      });
+  });
 });
--- a/test/api/v3/integration/chat/POST-chat.like.test.js
+++ b/test/api/v3/integration/chat/POST-chat.like.test.js
@@ -1,5 +1,6 @@
 import { find } from 'lodash';
 import {
+  generateUser,
  createAndPopulateGroup,
  translate as t,
 } from '../../../../helpers/api-integration/v3';
@@ -79,4 +80,35 @@ describe('POST /chat/:chatId/like', () => {
    const messageToCheck = find(groupWithoutChatLikes.chat, { id: message.message.id });
    expect(messageToCheck.likes[user._id]).to.equal(false);
  });
+
+  it('validates that the message belongs to the passed group', async () => {
+    const { group: anotherGroup, groupLeader: anotherLeader } = await createAndPopulateGroup({
+      groupDetails: {
+        name: 'Another Guild',
+        type: 'guild',
+        privacy: 'private',
+      },
+      upgradeToGroupPlan: true,
+    });
+
+    const message = await anotherUser.post(`/groups/${groupWithChat._id}/chat`, { message: testMessage });
+    await expect(anotherLeader.post(`/groups/${anotherGroup._id}/chat/${message.message.id}/like`))
+      .to.eventually.be.rejected.and.eql({
+        code: 404,
+        error: 'NotFound',
+        message: t('messageGroupChatNotFound'),
+      });
+  });
+
+  it('does not like a message if the user is not in the group', async () => {
+    const thirdUser = await generateUser();
+
+    const message = await user.post(`/groups/${groupWithChat._id}/chat`, { message: testMessage });
+    await expect(thirdUser.post(`/groups/${groupWithChat._id}/chat/${message.message.id}/like`))
+      .to.eventually.be.rejected.and.eql({
+        code: 404,
+        error: 'NotFound',
+        message: t('groupNotFound'),
+      });
+  });
 });
--- a/test/api/v3/integration/groups/POST-groups.test.js
+++ b/test/api/v3/integration/groups/POST-groups.test.js
@@ -145,6 +145,18 @@ describe('POST /group', () => {
      expect(updatedUser.party._id).to.eql(party._id);
    });

+    it('removes seeking from user', async () => {
+      await user.updateOne({ 'party.seeking': new Date() });
+      await user.post('/groups', {
+        name: partyName,
+        type: partyType,
+      });
+
+      const updatedUser = await user.get('/user');
+
+      expect(updatedUser.party.seeking).to.not.exist;
+    });
+
    it('does not award Party Up achievement to solo partier', async () => {
      await user.post('/groups', {
        name: partyName,
--- a/test/api/v3/integration/groups/POST-groups_groupId_join.test.js
+++ b/test/api/v3/integration/groups/POST-groups_groupId_join.test.js
@@ -178,6 +178,15 @@ describe('POST /group/:groupId/join', () => {
        await expect(invitedUser.get('/user')).to.eventually.not.have.nested.property('invitations.parties[0].id');
      });

+      it('clears party.seeking from user when joining party', async () => {
+        await invitedUser.updateOne({ 'party.seeking': new Date() });
+        await invitedUser.post(`/groups/${party._id}/join`);
+
+        const updatedUser = await invitedUser.get('/user');
+
+        await expect(updatedUser.party.seeking).to.not.exist;
+      });
+
      it('increments memberCount when joining party', async () => {
        const oldMemberCount = party.memberCount;

--- a/test/api/v3/integration/user/auth/PUT-user_update_email.test.js
+++ b/test/api/v3/integration/user/auth/PUT-user_update_email.test.js
@@ -108,6 +108,20 @@ describe('PUT /user/auth/update-email', () => {
      const isValidPassword = await bcryptCompare(textPassword, user.auth.local.hashed_password);
      expect(isValidPassword).to.equal(true);
    });
+
+    it('invalidates any outstanding password reset code', async () => {
+      await user.updateOne({
+        'auth.local.passwordResetCode': 'impossible-reset-code',
+      });
+
+      await user.put(ENDPOINT, {
+        newEmail: 'bogo@example.com',
+        password: oldPassword,
+      });
+
+      await user.sync();
+      expect(user.auth.local.passwordResetCode).to.not.exist;
+    });
  });

  context('Social Login User', async () => {