/user/update-email endpoint

2025-12-17 14:47:53 +01:00 · 2016-03-04 21:27:16 +00:00
parent 2b8846b803
commit 7dfdbb8b05
6 changed files with 138 additions and 3 deletions
--- a/test/api/v3/integration/user/POST-user-update-email.test.js
+++ b/test/api/v3/integration/user/POST-user-update-email.test.js
@@ -0,0 +1,77 @@
+import {
+  generateUser,
+  translate as t,
+} from '../../../../helpers/api-v3-integration.helper';
+import { model as User } from '../../../../../website/src/models/user';
+
+describe('POST /email/update', () => {
+  let user;
+  let fbUser;
+  let endpoint    = '/user/update-email';
+  let newEmail    = 'some-new-email_2@example.net';
+  let thePassword = 'password'; // from habitrpg/test/helpers/api-integration/v3/object-generators.js
+
+  describe('local user', async () => {
+    beforeEach(async () => {
+      user = await generateUser();
+    });
+
+    it('does not change email if one is not provided', async () => {
+      await expect(user.post(endpoint)).to.eventually.be.rejected.and.eql({
+        code: 400,
+        error: 'BadRequest',
+        message: 'Invalid request parameters.',
+      });
+    });
+
+    it('does not change email if password is not provided', async () => {
+      await expect(user.post(endpoint, {
+        newEmail,
+      })).to.eventually.be.rejected.and.eql({
+        code: 400,
+        error: 'BadRequest',
+        message: 'Invalid request parameters.',
+      });
+    });
+
+    it('does not change email if wrong password is provided', async () => {
+      await expect(user.post(endpoint, {
+        newEmail,
+        password: 'wrong password',
+      })).to.eventually.be.rejected.and.eql({
+        code: 401,
+        error: 'NotAuthorized',
+        message: t('wrongPassword'),
+      });
+    });
+
+    it('changes email if new email and existing password are provided', async () => {
+      let response = await user.post(endpoint, {
+        newEmail,
+        password: thePassword,
+      });
+      expect(response).to.eql({ email: 'some-new-email_2@example.net' });
+      let id = user._id;
+      user = await User.findOne({ _id: id });
+      expect(user.auth.local.email).to.eql(newEmail);
+    });
+  });
+
+  describe('facebook user', async () => {
+    beforeEach(async () => {
+      fbUser = await generateUser();
+      await fbUser.update({ 'auth.local': { ok: true } });
+    });
+
+    it('does not change email if user.auth.local.email does not exist for this user', async () => {
+      await expect(fbUser.post(endpoint, {
+        newEmail,
+        password: thePassword,
+      })).to.eventually.be.rejected.and.eql({
+        code: 412,
+        error: 'PreconditionFailed',
+        message: t('userHasNoLocalRegistration'),
+      });
+    });
+  });
+});