feat(general): creating member for body

AEGEE · Mar 3, 2020 · 49eb563 · 49eb563
1 parent 49142a9
commit 49eb563
Show file tree

Hide file tree

Showing 3 changed files with 136 additions and 1 deletion.
diff --git a/lib/server.js b/lib/server.js
@@ -88,6 +88,7 @@ BodiesRouter.use(middlewares.maybeAuthorize, middlewares.ensureAuthorized);
 BodiesRouter.get('/campaigns', bodyCampaigns.listAllCampaigns);
 BodiesRouter.post('/campaigns', bodyCampaigns.createCampaign);
 BodiesRouter.get('/members', memberships.listAllMemberships);
+BodiesRouter.post('/create-member', bodies.createMember);
 BodiesRouter.get('/join-requests', joinRequests.listAllJoinRequests);
 BodiesRouter.post('/join-requests', joinRequests.createJoinRequest);
 BodiesRouter.put('/status', bodies.setBodyStatus);

diff --git a/middlewares/bodies.js b/middlewares/bodies.js
@@ -1,5 +1,6 @@
-const { Body } = require('../models');
+const { Body, User, BodyMembership } = require('../models');
 const helpers = require('../lib/helpers');
+const constants = require('../lib/constants');
 
 exports.listAllBodies = async (req, res) => {
     const result = await Body.findAndCountAll({
@@ -50,3 +51,26 @@ exports.setBodyStatus = async (req, res) => {
         data: req.currentBody
     });
 };
+
+exports.createMember = async (req, res) => {
+    // TODO: check permissions
+    // TODD: send mail to a user
+
+    // Confirming user by default
+    const password = await helpers.getRandomBytes(constants.TOKEN_LENGTH.PASSWORD);
+    const user = await User.create({
+        ...req.body,
+        password,
+        mail_confirmed_at: new Date()
+    }, { fields: constants.FIELDS_TO_UPDATE.USER.CREATE });
+
+    const membership = await BodyMembership.create({
+        user_id: user.id,
+        body_id: req.currentBody.id
+    });
+
+    return res.json({
+        success: true,
+        data: membership
+    });
+};
diff --git a/test/api/body-members-creating.test.js b/test/api/body-members-creating.test.js
@@ -0,0 +1,110 @@
+const { startServer, stopServer } = require('../../lib/server.js');
+const { request } = require('../scripts/helpers');
+const generator = require('../scripts/generator');
+const { User, BodyMembership } = require('../../models');
+
+describe('Body members creating', () => {
+    beforeAll(async () => {
+        await startServer();
+    });
+
+    afterAll(async () => {
+        await stopServer();
+    });
+
+    afterEach(async () => {
+        await generator.clearAll();
+    });
+
+    test('should fail if there are validation errors', async () => {
+        const user = await generator.createUser({ username: 'test', mail_confirmed_at: new Date() });
+        const token = await generator.createAccessToken({}, user);
+
+        const body = await generator.createBody();
+        const member = generator.generateUser({ first_name: '   ' });
+
+        const res = await request({
+            uri: '/bodies/' + body.id + '/create-member',
+            method: 'POST',
+            headers: { 'X-Auth-Token': token.value },
+            body: member
+        });
+
+        expect(res.statusCode).toEqual(422);
+        expect(res.body.success).toEqual(false);
+        expect(res.body).not.toHaveProperty('data');
+        expect(res.body).toHaveProperty('errors');
+        expect(res.body.errors).toHaveProperty('first_name');
+    });
+
+    test('should succeed if everything is okay', async () => {
+        const user = await generator.createUser({ username: 'test', mail_confirmed_at: new Date() });
+        const token = await generator.createAccessToken({}, user);
+
+        const body = await generator.createBody();
+        const member = generator.generateUser();
+
+        const res = await request({
+            uri: '/bodies/' + body.id + '/create-member',
+            method: 'POST',
+            headers: { 'X-Auth-Token': token.value },
+            body: member
+        });
+
+        expect(res.statusCode).toEqual(200);
+        expect(res.body.success).toEqual(true);
+        expect(res.body).not.toHaveProperty('errors');
+        expect(res.body).toHaveProperty('data');
+    });
+
+    test('should remove extra fields', async () => {
+        const user = await generator.createUser({ username: 'test', mail_confirmed_at: new Date() });
+        const token = await generator.createAccessToken({}, user);
+
+        const body = await generator.createBody();
+        const member = generator.generateUser({ superadmin: true });
+
+        const res = await request({
+            uri: '/bodies/' + body.id + '/create-member',
+            method: 'POST',
+            headers: { 'X-Auth-Token': token.value },
+            body: member
+        });
+
+        expect(res.statusCode).toEqual(200);
+        expect(res.body.success).toEqual(true);
+        expect(res.body).not.toHaveProperty('errors');
+        expect(res.body).toHaveProperty('data');
+
+        const memberFromDb = await User.findByPk(res.body.data.user_id);
+        expect(memberFromDb.superadmin).not.toEqual(true);
+    });
+
+    test('should create a body membership', async () => {
+        const user = await generator.createUser({ username: 'test', mail_confirmed_at: new Date() });
+        const token = await generator.createAccessToken({}, user);
+
+        const body = await generator.createBody();
+        const member = generator.generateUser({ superadmin: true });
+
+        const res = await request({
+            uri: '/bodies/' + body.id + '/create-member',
+            method: 'POST',
+            headers: { 'X-Auth-Token': token.value },
+            body: member
+        });
+
+        expect(res.statusCode).toEqual(200);
+        expect(res.body.success).toEqual(true);
+        expect(res.body).not.toHaveProperty('errors');
+        expect(res.body).toHaveProperty('data');
+
+        const membershipFromDb = await BodyMembership.findOne({
+            where: {
+                user_id: res.body.data.user_id,
+                body_id: body.id
+            }
+        });
+        expect(membershipFromDb).not.toEqual(null);
+    });
+});