diff --git a/server/handlers/subscription_handler.coffee b/server/handlers/subscription_handler.coffee
index a37f600f1..a01421404 100644
--- a/server/handlers/subscription_handler.coffee
+++ b/server/handlers/subscription_handler.coffee
@@ -433,9 +433,9 @@ class SubscriptionHandler extends Handler
productName = "#{user.get('country')}_basic_subscription"
Product.findOne({name: productName}).exec (err, product) =>
- return @sendDatabaseError(res, err) if err
- return @sendNotFoundError(res, 'basic_subscription product not found') if not product
-
+ return done({res: 'Database error.', code: 500}) if err
+ return done({res: 'basic_subscription product not found.', code: 404}) if not product
+
if increment
purchased = _.clone(user.get('purchased'))
purchased ?= {}
diff --git a/server/routes/index.coffee b/server/routes/index.coffee
index 08a8552cb..5e9bff30f 100644
--- a/server/routes/index.coffee
+++ b/server/routes/index.coffee
@@ -1,7 +1,7 @@
mw = require '../middleware'
module.exports.setup = (app) ->
-
+
passport = require('passport')
app.post('/auth/login', passport.authenticate('local'), mw.auth.afterLogin)
app.post('/auth/login-facebook', mw.auth.loginByFacebook, mw.auth.afterLogin)
@@ -14,6 +14,8 @@ module.exports.setup = (app) ->
app.get('/auth/unsubscribe', mw.auth.unsubscribe)
app.get('/auth/whoami', mw.auth.whoAmI)
+ app.all('/db/*', mw.auth.checkHasUser())
+
Achievement = require '../models/Achievement'
app.get('/db/achievement', mw.achievements.fetchByRelated, mw.rest.get(Achievement))
app.post('/db/achievement', mw.auth.checkHasPermission(['admin', 'artisan']), mw.rest.post(Achievement))
@@ -28,7 +30,7 @@ module.exports.setup = (app) ->
Article = require '../models/Article'
app.get('/db/article', mw.rest.get(Article))
- app.post('/db/article', mw.auth.checkHasPermission(['admin', 'artisan']), mw.rest.post(Article))
+ app.post('/db/article', mw.auth.checkLoggedIn(), mw.auth.checkHasPermission(['admin', 'artisan']), mw.rest.post(Article))
app.get('/db/article/names', mw.named.names(Article))
app.post('/db/article/names', mw.named.names(Article))
app.get('/db/article/:handle', mw.rest.getByHandle(Article))
@@ -65,7 +67,7 @@ module.exports.setup = (app) ->
app.get('/db/classroom/:handle', mw.auth.checkLoggedIn()) # TODO: Finish migrating route, adding now so 401 is returned
CodeLog = require ('../models/CodeLog')
- app.post('/db/codelogs', mw.auth.checkHasUser(), mw.codelogs.post)
+ app.post('/db/codelogs', mw.codelogs.post)
app.get('/db/codelogs', mw.auth.checkHasPermission(['admin']), mw.rest.get(CodeLog))
Course = require '../models/Course'
@@ -86,7 +88,7 @@ module.exports.setup = (app) ->
app.post('/db/user/:userID/request-verify-email', mw.users.sendVerificationEmail)
app.post('/db/user/:userID/verify/:verificationCode', mw.users.verifyEmailAddress) # TODO: Finalize URL scheme
- app.get('/db/level/:handle/session', mw.auth.checkHasUser(), mw.levels.upsertSession)
+ app.get('/db/level/:handle/session', mw.levels.upsertSession)
app.get('/db/prepaid', mw.auth.checkLoggedIn(), mw.prepaids.fetchByCreator)
app.post('/db/prepaid', mw.auth.checkHasPermission(['admin']), mw.prepaids.post)
diff --git a/spec/helpers/helper.js b/spec/helpers/helper.js
index a0135dafb..09be41fa3 100644
--- a/spec/helpers/helper.js
+++ b/spec/helpers/helper.js
@@ -76,6 +76,18 @@ beforeEach(function(done) {
cb(err);
});
},
+ function(cb) {
+ // Initialize products
+ var utils = require('../server/utils');
+ request = require('../server/request');
+ utils.initUser()
+ .then(function (user) {
+ return utils.loginUser(user, {request: request})
+ })
+ .then(function () {
+ cb()
+ });
+ },
function(cb) {
// Initialize products
request = require('../server/request');
diff --git a/spec/server/functional/article.spec.coffee b/spec/server/functional/article.spec.coffee
index 3d634dedc..5a5fb1c4a 100644
--- a/spec/server/functional/article.spec.coffee
+++ b/spec/server/functional/article.spec.coffee
@@ -17,7 +17,7 @@ describe 'GET /db/article', ->
yield utils.loginUser(@admin)
yield request.postAsync(getURL('/db/article'), { json: articleData1 })
yield request.postAsync(getURL('/db/article'), { json: articleData2 })
- yield utils.logout()
+ yield utils.becomeAnonymous()
done()
@@ -194,7 +194,7 @@ describe 'POST /db/article', ->
it 'does not allow anonymous users to create Articles', utils.wrap (done) ->
yield utils.clearModels([Article])
- yield utils.logout()
+ yield utils.becomeAnonymous()
[res, body] = yield request.postAsync({uri: getURL('/db/article'), json: articleData })
expect(res.statusCode).toBe(401)
done()
@@ -451,7 +451,7 @@ describe 'POST /db/article/:handle/new-version', ->
it 'does not work for anonymous users', utils.wrap (done) ->
- yield utils.logout()
+ yield utils.becomeAnonymous()
yield postNewVersion({ name: 'Article name', body: 'New body' }, 401)
articles = yield Article.find()
expect(articles.length).toBe(1)
@@ -580,7 +580,7 @@ describe 'GET and POST /db/article/:handle/names', ->
yield utils.loginUser(admin)
[res, article1] = yield request.postAsync(getURL('/db/article'), { json: articleData1 })
[res, article2] = yield request.postAsync(getURL('/db/article'), { json: articleData2 })
- yield utils.logout()
+ yield utils.becomeAnonymous()
[res, body] = yield request.getAsync { uri: getURL('/db/article/names?ids='+[article1._id, article2._id].join(',')), json: true }
expect(body.length).toBe(2)
expect(body[0].name).toBe('Article 1')
@@ -679,4 +679,4 @@ describe 'DELETE /db/article/:handle/watchers', ->
article = yield Article.findById(article._id)
ids = (id.toString() for id in article.get('watchers'))
expect(_.contains(ids, user.id)).toBe(false)
- done()
\ No newline at end of file
+ done()
diff --git a/spec/server/functional/clan.spec.coffee b/spec/server/functional/clan.spec.coffee
index d4c4149b2..5a1f06c11 100644
--- a/spec/server/functional/clan.spec.coffee
+++ b/spec/server/functional/clan.spec.coffee
@@ -1,9 +1,9 @@
config = require '../../../server_config'
require '../common'
-utils = require '../../../app/core/utils' # Must come after require /common
Clan = require '../../../server/models/Clan'
User = require '../../../server/models/User'
request = require '../request'
+utils = require '../utils'
describe 'Clans', ->
clanURL = getURL('/db/clan')
@@ -53,7 +53,7 @@ describe 'Clans', ->
done()
it 'Anonymous create clan 401', (done) ->
- logoutUser ->
+ utils.logout().then ->
requestBody =
type: 'public'
name: createClanName 'myclan'
@@ -152,7 +152,7 @@ describe 'Clans', ->
loginNewUser (user1) ->
createClan user1, 'public', null, (clan1) ->
createClan user1, 'public', null, (clan2) ->
- logoutUser ->
+ utils.becomeAnonymous().then ->
request.get {uri: "#{clanURL}/-/public" }, (err, res, body) ->
expect(err).toBeNull()
expect(res.statusCode).toBe(200)
@@ -498,7 +498,7 @@ describe 'Clans', ->
user1.save (err) ->
expect(err).toBeNull()
createClan user1, 'private', 'my private clan', (clan1) ->
- logoutUser ->
+ utils.becomeAnonymous().then ->
request.get {uri: "#{clanURL}/#{clan1.id}" }, (err, res, body) ->
expect(err).toBeNull()
expect(res.statusCode).toBe(200)
diff --git a/spec/server/functional/courses.spec.coffee b/spec/server/functional/courses.spec.coffee
index ee963be6c..f56264334 100644
--- a/spec/server/functional/courses.spec.coffee
+++ b/spec/server/functional/courses.spec.coffee
@@ -23,6 +23,7 @@ describe 'GET /db/course', ->
yield utils.clearModels([Course, User])
yield new Course({ name: 'Course 1' }).save()
yield new Course({ name: 'Course 2' }).save()
+ yield utils.becomeAnonymous()
done()
@@ -36,6 +37,7 @@ describe 'GET /db/course/:handle', ->
beforeEach utils.wrap (done) ->
yield utils.clearModels([Course, User])
@course = yield new Course({ name: 'Some Name' }).save()
+ yield utils.becomeAnonymous()
done()
diff --git a/spec/server/functional/prepaid.spec.coffee b/spec/server/functional/prepaid.spec.coffee
index 4baacae41..9aaf1fc6d 100644
--- a/spec/server/functional/prepaid.spec.coffee
+++ b/spec/server/functional/prepaid.spec.coffee
@@ -544,7 +544,7 @@ describe '/db/prepaid', ->
logoutUser () ->
fetchPrepaid joeCode, (err, res) ->
expect(err).toBeNull()
- expect(res.statusCode).toEqual(403)
+ expect(res.statusCode).toEqual(401)
done()
it 'User can fetch a prepaid code', (done) ->
diff --git a/spec/server/functional/user.spec.coffee b/spec/server/functional/user.spec.coffee
index ea3bf026e..9926251f1 100644
--- a/spec/server/functional/user.spec.coffee
+++ b/spec/server/functional/user.spec.coffee
@@ -39,7 +39,7 @@ describe 'POST /db/user', ->
it 'serves the user through /db/user/id', (done) ->
unittest.getNormalJoe (user) ->
- request.post getURL('/auth/logout'), ->
+ utils.becomeAnonymous().then ->
url = getURL(urlUser+'/'+user._id)
request.get url, (err, res, body) ->
expect(res.statusCode).toBe(200)