From 3b8ce8451b0133108335e4e686f073c7dd38f7d6 Mon Sep 17 00:00:00 2001
From: Blade Barringer <blade@crookedneighbor.com>
Date: Sat, 14 May 2016 22:30:18 -0500
Subject: [PATCH] feat: Create debug update user route

---
 .../debug/POST-debug_update-user.test.js      | 53 +++++++++++++++++++
 website/server/controllers/api-v3/debug.js    | 27 ++++++++++
 2 files changed, 80 insertions(+)
 create mode 100644 test/api/v3/integration/debug/POST-debug_update-user.test.js

diff --git a/test/api/v3/integration/debug/POST-debug_update-user.test.js b/test/api/v3/integration/debug/POST-debug_update-user.test.js
new file mode 100644
index 0000000000..77b6019a27
--- /dev/null
+++ b/test/api/v3/integration/debug/POST-debug_update-user.test.js
@@ -0,0 +1,53 @@
+import nconf from 'nconf';
+import {
+  generateUser,
+} from '../../../../helpers/api-v3-integration.helper';
+
+describe('POST /debug/update-user', () => {
+  let user;
+
+  before(async () => {
+    user = await generateUser();
+  });
+
+  after(() => {
+    nconf.set('IS_PROD', false);
+  });
+
+  it('sets protected values', async () => {
+    let newCron = new Date(2015, 11, 20);
+
+    await user.post('/debug/update-user', {
+      balance: 100,
+      lastCron: newCron,
+    });
+
+    await user.sync()
+
+    expect(user.lastCron).to.eql(newCron);
+    expect(user.balance).to.eql(100);
+  });
+
+  it('sets nested values', async () => {
+    await user.post('/debug/update-user', {
+      'contributor.level': 9,
+      'purchased.txnCount': 100,
+    });
+
+    await user.sync()
+
+    expect(user.contributor.level).to.eql(9);
+    expect(user.purchased.txnCount).to.eql(100);
+  });
+
+  it('returns error when not in production mode', async () => {
+    nconf.set('IS_PROD', true);
+
+    await expect(user.post('/debug/update-user'))
+    .eventually.be.rejected.and.to.deep.equal({
+      code: 404,
+      error: 'NotFound',
+      message: 'Not found.',
+    });
+  });
+});
diff --git a/website/server/controllers/api-v3/debug.js b/website/server/controllers/api-v3/debug.js
index dfd462a7e7..4b1c21477f 100644
--- a/website/server/controllers/api-v3/debug.js
+++ b/website/server/controllers/api-v3/debug.js
@@ -1,5 +1,6 @@
 import { authWithHeaders } from '../../middlewares/api-v3/auth';
 import ensureDevelpmentMode from '../../middlewares/api-v3/ensureDevelpmentMode';
+import _ from 'lodash';
 
 let api = {};
 
@@ -51,4 +52,30 @@ api.addHourglass = {
   },
 };
 
+/**
+ * @api {post} /api/v3/debug/set-property Sets properties on user, even protected fields
+ * @apiDescription Only available in development mode.
+ * @apiVersion 3.0.0
+ * @apiName setCron
+ * @apiGroup Development
+ *
+ * @apiSuccess {Object} data An empty Object
+ */
+api.setCron = {
+  method: 'POST',
+  url: '/debug/update-user',
+  middlewares: [ensureDevelpmentMode, authWithHeaders()],
+  async handler (req, res) {
+    let user = res.locals.user;
+
+    _.each(req.body, (value, key) => {
+      _.set(user, key, value);
+    });
+
+    await user.save();
+
+    res.respond(200, {});
+  },
+};
+
 module.exports = api;