krikkert/habitica
1
0
Fork 0
mirror of https://github.com/HabitRPG/habitica.git synced 2025-12-18 15:17:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added tests to ensure challenge member can not delete active challenge task and can delete broken or unlinked challenge task

Browse Source
This commit is contained in:
Keith Holliday
2016-03-15 10:03:48 -05:00
parent c04e53b5a5
commit 534ec07b6a
2 changed files with 60 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
test/api/v3/integration/tasks/challenges/DELETE-tasks_id_challenge_challengeId.test.js
View File

@@ -2,6 +2,7 @@ import {
generateUser,
generateGroup,
generateChallenge,
sleep,
translate as t,
} from '../../../../../helpers/api-integration/v3';
import { v4 as generateUUID } from 'uuid';
@@ -52,4 +53,62 @@ describe('DELETE /tasks/:id', () => {
message: t('taskNotFound'),
});
});
context('challenge member', () => {
let anotherUser;
let anotherUsersNewChallengeTaskID;
let newChallengeTask;
beforeEach(async () => {
anotherUser = await generateUser();
await user.post(`/groups/${guild._id}/invite`, { uuids: [anotherUser._id] });
await anotherUser.post(`/groups/${guild._id}/join`);
await anotherUser.post(`/challenges/${challenge._id}/join`);
newChallengeTask = await user.post(`/tasks/challenge/${challenge._id}`, {
text: 'test habit',
type: 'habit',
});
let anotherUserWithNewChallengeTask = await anotherUser.get('/user');
anotherUsersNewChallengeTaskID = anotherUserWithNewChallengeTask.tasksOrder.habits[0];
});
it('returns error when user attempts to delete an active challenge task', async () => {
await expect(anotherUser.del(`/tasks/${anotherUsersNewChallengeTaskID}`))
.to.eventually.be.rejected.and.eql({
code: 401,
error: 'NotAuthorized',
message: t('cantDeleteChallengeTasks'),
});
});
it('allows user to delete challenge task after user leaves challenge', async () => {
await anotherUser.post(`/challenges/${challenge._id}/leave`);
await expect(anotherUser.del(`/tasks/${anotherUsersNewChallengeTaskID}`));
await expect(anotherUser.get(`/tasks/${task._id}`)).to.eventually.be.rejected.and.eql({
code: 404,
error: 'NotFound',
message: t('taskNotFound'),
});
});
it('allows user to delete challenge task after challenge task is broken', async () => {
await expect(user.del(`/tasks/${newChallengeTask._id}`));
await sleep(0.5);
await expect(anotherUser.del(`/tasks/${anotherUsersNewChallengeTaskID}`));
await sleep(0.5);
await expect(anotherUser.get(`/tasks/${anotherUsersNewChallengeTaskID}`)).to.eventually.be.rejected.and.eql({
code: 404,
error: 'NotFound',
message: t('taskNotFound'),
});
});
});
});

2
website/src/controllers/api-v3/tasks.js
View File

@@ -914,7 +914,7 @@ api.deleteTask = {
if (challenge.leader !== user._id) throw new NotAuthorized(res.t('onlyChalLeaderEditTasks'));
} else if (task.userId !== user._id) { // If the task is owned by an user make it's the current one
throw new NotFound(res.t('taskNotFound'));
} else if (task.userId && task.challenge.id) {
} else if (task.userId && task.challenge.id && !task.challenge.broken) {
throw new NotAuthorized(res.t('cantDeleteChallengeTasks'));
}