User name slugs can now be unset by emptying their name

This commit is contained in:
Ruben Vereecken 2014-07-10 10:46:34 +02:00
parent a310afc750
commit 6e593b2ec0
2 changed files with 10 additions and 5 deletions

View file

@ -41,9 +41,11 @@ module.exports.NamedPlugin = (schema) ->
err.response = {message: ' is a reserved name', property: 'name'} err.response = {message: ' is a reserved name', property: 'name'}
err.code = 422 err.code = 422
return next(err) return next(err)
if newSlug not in [@get('slug'), ""] and not @get 'anonymous' if newSlug not in [@get('slug'), ''] and not @get 'anonymous'
@set('slug', newSlug) @set('slug', newSlug)
@checkSlugConflicts(next) @checkSlugConflicts(next)
else if newSlug is '' and @get 'slug'
@set 'slug', undefined
else else
next() next()
) )

View file

@ -107,7 +107,7 @@ describe 'POST /db/user', ->
it 'should allow setting anonymous user name', (done) -> it 'should allow setting anonymous user name', (done) ->
createAnonNameUser('Jim', done) createAnonNameUser('Jim', done)
it 'should not allow multiple anonymous users with same name anymore', (done) -> it 'should allow multiple anonymous users with same name', (done) ->
createAnonNameUser('Jim', done) createAnonNameUser('Jim', done)
it 'should not allow setting existing user name to anonymous user', (done) -> it 'should not allow setting existing user name to anonymous user', (done) ->
@ -274,9 +274,6 @@ describe 'GET /db/user', ->
expect(response.statusCode).toBe(200) expect(response.statusCode).toBe(200)
done() done()
# TODO Ruben should be able to fetch other users but probably with restricted data access
# Add to the test case above an extra data check
it 'can fetch myself by slug completely', (done) -> it 'can fetch myself by slug completely', (done) ->
loginSam (sam) -> loginSam (sam) ->
request.get {url: getURL(urlUser + '/sam')}, (err, response) -> request.get {url: getURL(urlUser + '/sam')}, (err, response) ->
@ -287,6 +284,12 @@ describe 'GET /db/user', ->
expect(guy.name).toBe sam.get 'name' expect(guy.name).toBe sam.get 'name'
done() done()
# TODO Ruben should be able to fetch other users but probably with restricted data access
# Add to the test case above an extra data check
xit 'can unset name and undefine slug'
xit 'can fetch another user with restricted fields'