ToolJet/server/test/controllers/users.e2e-spec.ts

import * as request from 'supertest';
import { INestApplication } from '@nestjs/common';
import { authHeaderForUser, clearDB, createUser, createNestAppInstance } from '../test.helper';

describe('users controller', () => {
  let app: INestApplication;

  beforeEach(async () => {
    await clearDB();
  });

  beforeAll(async () => {
    app = await createNestAppInstance();
  });

  describe('update user', () => {
    it('should allow users to update their firstName, lastName and password', async () => {
  
      const userData = await createUser(app, { email: 'admin@tooljet.io', role: 'admin' });
      const { user } = userData;
  
      const [firstName, lastName] = ['Daenerys', 'Targaryen', 'drogo666']
  
      const response = await request(app.getHttpServer())
        .patch('/users/update')
        .set('Authorization', authHeaderForUser(user))
        .send({firstName, lastName})
  
      expect(response.statusCode).toBe(200);
  
      await user.reload();
  
      expect(user.firstName).toEqual(firstName)
      expect(user.lastName).toEqual(lastName)
    });
  })

  describe('change password', () => {
    it('should allow users to update their password', async () => {

      const userData = await createUser(app, { email: 'admin@tooljet.io', role: 'admin' });
      const { user, orgUser } = userData;

      const oldPassword = user.password;

      const response = await request(app.getHttpServer())
        .patch('/users/change_password')
        .set('Authorization', authHeaderForUser(user))
        .send({currentPassword: 'password', newPassword: 'new password'})

      expect(response.statusCode).toBe(200);

      await user.reload();

      expect(user.password).not.toEqual(oldPassword)
    });

    it('should not allow users to update their password if entered current password is wrong', async () => {

      const userData = await createUser(app, { email: 'admin@tooljet.io', role: 'admin' });
      const { user, orgUser } = userData;

      const oldPassword = user.password;

      const response = await request(app.getHttpServer())
        .patch('/users/change_password')
        .set('Authorization', authHeaderForUser(user))
        .send({currentPassword: 'wrong password', newPassword: 'new password'})

      expect(response.statusCode).toBe(403);

      await user.reload();

      expect(user.password).toEqual(oldPassword)
    });
  })
  
  afterAll(async () => {
    await app.close();
  });
});
Feature: Profile page for users (#501) * Add endpoint to update user first and last name, password * Add settings page that allows editing user details * Respond with first and last name when user is updated * Add 'Settings' item in the drop-down down for user * Add newline for index.js of settings page * Supply missing newlines * Ask for current password inorder to change password * Add end-point to change password This commit also adds a Guard to ensure that the user reenters existing valid password. * Add e2e test for change_password endpoint * Copy change for the toast presenting misentered current password while changing password * Change password when enter key is pressed from 'new password' box * Add newline and the end of password-revalidate.guard.ts 2021-08-12 15:33:52 +00:00			`import * as request from 'supertest';`
			`import { INestApplication } from '@nestjs/common';`
			`import { authHeaderForUser, clearDB, createUser, createNestAppInstance } from '../test.helper';`

			`describe('users controller', () => {`
			`let app: INestApplication;`

			`beforeEach(async () => {`
			`await clearDB();`
			`});`

			`beforeAll(async () => {`
			`app = await createNestAppInstance();`
			`});`

			`describe('update user', () => {`
			`it('should allow users to update their firstName, lastName and password', async () => {`

			`const userData = await createUser(app, { email: 'admin@tooljet.io', role: 'admin' });`
			`const { user } = userData;`

			`const [firstName, lastName] = ['Daenerys', 'Targaryen', 'drogo666']`

			`const response = await request(app.getHttpServer())`
			`.patch('/users/update')`
			`.set('Authorization', authHeaderForUser(user))`
			`.send({firstName, lastName})`

			`expect(response.statusCode).toBe(200);`

			`await user.reload();`

			`expect(user.firstName).toEqual(firstName)`
			`expect(user.lastName).toEqual(lastName)`
			`});`
			`})`

			`describe('change password', () => {`
			`it('should allow users to update their password', async () => {`

			`const userData = await createUser(app, { email: 'admin@tooljet.io', role: 'admin' });`
			`const { user, orgUser } = userData;`

			`const oldPassword = user.password;`

			`const response = await request(app.getHttpServer())`
			`.patch('/users/change_password')`
			`.set('Authorization', authHeaderForUser(user))`
			`.send({currentPassword: 'password', newPassword: 'new password'})`

			`expect(response.statusCode).toBe(200);`

			`await user.reload();`

			`expect(user.password).not.toEqual(oldPassword)`
			`});`

			`it('should not allow users to update their password if entered current password is wrong', async () => {`

			`const userData = await createUser(app, { email: 'admin@tooljet.io', role: 'admin' });`
			`const { user, orgUser } = userData;`

			`const oldPassword = user.password;`

			`const response = await request(app.getHttpServer())`
			`.patch('/users/change_password')`
			`.set('Authorization', authHeaderForUser(user))`
			`.send({currentPassword: 'wrong password', newPassword: 'new password'})`

			`expect(response.statusCode).toBe(403);`

			`await user.reload();`

			`expect(user.password).toEqual(oldPassword)`
			`});`
			`})`

			`afterAll(async () => {`
			`await app.close();`
			`});`
			`});`