Merge branch 'master' into redux-update

2016-08-10 23:22:42 -03:00 · 2016-08-10 23:22:42 -03:00 · 4e83b72133
parent e02844814d aec12a2509
commit 4e83b72133
16 changed files with 222 additions and 11 deletions
--- a/server/controllers/user.php
+++ b/server/controllers/user.php
@ -4,6 +4,8 @@ include 'user/signup.php';
 include 'user/logout.php';
 include 'user/recover-password.php';
 include 'user/send-recover-password.php';
+include 'user/edit-password.php';
+include 'user/edit-email.php';

 $userControllers = new ControllerGroup();
 $userControllers->setGroupPath('/user');
@ -13,5 +15,7 @@ $userControllers->addController(new SignUpController);
 $userControllers->addController(new LogoutController);
 $userControllers->addController(new SendRecoverPasswordController);
 $userControllers->addController(new RecoverPasswordController);
+$userControllers->addController(new EditPassword);
+$userControllers->addController(new EditEmail);

 $userControllers->finalize();
--- a/server/controllers/user/edit-email.php
+++ b/server/controllers/user/edit-email.php
@ -0,0 +1,36 @@
+<?php
+use Respect\Validation\Validator as DataValidator;
+
+class EditEmail extends Controller{
+    const PATH = '/edit-email';
+
+    public function validations() {
+        return [
+            'permission' => 'user',
+            'requestData' => [
+                'newEmail' => [
+                    'validation' => DataValidator::email(),
+                    'error' => ERRORS::INVALID_EMAIL
+                ]
+            ]
+        ];
+    }
+    
+    public function handler() {
+        $newEmail = Controller::request('newEmail');
+        $user = Controller::getLoggedUser();
+        $oldEmail = $user->email;
+        $user->email = $newEmail;
+        $user->store();
+        
+        $mailSender = new MailSender();
+        $mailSender->setTemplate('USER_EDIT_EMAIL', [
+            'to'=>$oldEmail,
+            'newemail'=>$user->email,
+            'name'=>$user->name
+        ]);
+        $mailSender->send();
+        
+        Response::respondSuccess();
+    }
+}
--- a/server/controllers/user/edit-password.php
+++ b/server/controllers/user/edit-password.php
@ -0,0 +1,40 @@
+<?php
+use Respect\Validation\Validator as DataValidator;
+
+class EditPassword extends Controller {
+    const PATH = '/edit-password';
+    
+    public function validations() {
+        return [
+            'permission' => 'user',
+            'requestData' => [
+                'newPassword' => [
+                    'validation' => DataValidator::length(5, 200),
+                    'error' => ERRORS::INVALID_PASSWORD
+                ]
+            ]
+        ];
+    }
+
+    public function handler() {
+        $oldPassword = Controller::request('oldPassword');
+        $newPassword = Controller::request('newPassword');
+        $user = Controller::getLoggedUser() ;
+
+        if (Hashing::verifyPassword($oldPassword, $user->password)) {
+            $user->password = Hashing::hashPassword($newPassword);
+            $user->store();
+
+            $mailSender = new MailSender();
+            $mailSender->setTemplate('USER_EDIT_PASSWORD', [
+                'to'=>$user->email,
+                'name'=>$user->name
+            ]);
+            $mailSender->send();
+            
+            Response::respondSuccess();
+        } else{
+            Response::respondError(ERRORS::INVALID_OLD_PASSWORD);
+        }
+    }
+}
--- a/server/data/ERRORS.php
+++ b/server/data/ERRORS.php
@ -12,4 +12,5 @@ class ERRORS {
    const INVALID_DEPARTMENT = 'Invalid department';
    const INVALID_TICKET = 'Invalid ticket';
    const INIT_SETTINGS_DONE = 'Settings already initialized';
+    const INVALID_OLD_PASSWORD = 'Invalid old password';
 }
--- a/server/data/InitialMails.php
+++ b/server/data/InitialMails.php
@ -12,6 +12,26 @@ class InitialMails {
                    'subject' => 'Registrado {{to}} - OpenSupports',
                    'body' => file_get_contents('data/mail-templates/user-signup-es.html')
                ]
+            ],
+            'USER_EDIT_PASSWORD' => [
+                'en' => [
+                    'subject' => 'Password edited - OpenSupports',
+                    'body' => file_get_contents('data/mail-templates/user-edit-password-en.html')
+                ],
+                'es' => [
+                    'subject' => 'Contraseña a sido cambiada - OpenSupports',
+                    'body' => file_get_contents('data/mail-templates/user-edit-password-es.html')
+                ]
+            ],
+            'USER_EDIT_EMAIL' => [
+                'en' => [
+                    'subject' => 'Email edited - OpenSupports',
+                    'body' => file_get_contents('data/mail-templates/user-edit-email-en.html')
+                ],
+                'es' => [
+                    'subject' => 'Tu correo electronico a sido cambiada - OpenSupports',
+                    'body' => file_get_contents('data/mail-templates/user-edit-email-es.html')
+                ]
            ]
        ];
    }
--- a/server/data/mail-templates/user-edit-email-en.html
+++ b/server/data/mail-templates/user-edit-email-en.html
@ -0,0 +1,3 @@
+<div>
+    Hi {{name}} , OpenSupports' team wanna tell you that you email has been changed to {{newemail}}
+</div>
--- a/server/data/mail-templates/user-edit-email-es.html
+++ b/server/data/mail-templates/user-edit-email-es.html
@ -0,0 +1,3 @@
+<div>
+    Hola {{name}} el equipo de OpenSupports te informa que tu correo electronico ha sido cambiado a {{newemail}}
+</div>
--- a/server/data/mail-templates/user-edit-password-en.html
+++ b/server/data/mail-templates/user-edit-password-en.html
@ -0,0 +1,3 @@
+<div>
+    Hello {{name}} , OpenSupports' team wanna tell you that your password has been changed
+</div>
--- a/server/data/mail-templates/user-edit-password-es.html
+++ b/server/data/mail-templates/user-edit-password-es.html
@ -0,0 +1,3 @@
+<div>
+    Hola , {{name}} el equipo de OpenSupports te informa que tu contraseña ha sido cambiada
+</div>
--- a/server/data/mail-templates/user-signup-es.html
+++ b/server/data/mail-templates/user-signup-es.html
@ -1,4 +1,4 @@
 <div>
    Bienvenido, {{name}} a nuestro centro de soporte,
-    su email es {{to}}
+    tu email es {{to}}
 </div>
--- a/server/libs/MailSender.php
+++ b/server/libs/MailSender.php
@ -7,9 +7,9 @@ class MailSender {
        $this->mailOptions['from'] = Setting::getSetting('no-reply-email')->value;
        
        $this->mailOptions['smtp-host'] = Setting::getSetting('smtp-host')->value;
-        $this->mailOptions['smtp-port'] = Setting::getSetting('smtp-host')->value;
-        $this->mailOptions['smtp-user'] = Setting::getSetting('smtp-host')->value;
-        $this->mailOptions['smtp-pass'] = Setting::getSetting('smtp-host')->value;
+        $this->mailOptions['smtp-port'] = Setting::getSetting('smtp-port')->value;
+        $this->mailOptions['smtp-user'] = Setting::getSetting('smtp-user')->value;
+        $this->mailOptions['smtp-pass'] = Setting::getSetting('smtp-pass')->value;
    }

    public function setTemplate($type, $config) {
--- a/tests/init.rb
+++ b/tests/init.rb
@ -14,5 +14,7 @@ require './user/signup.rb'
 require './user/login.rb'
 require './user/send-recover-password.rb'
 require './user/recover-password.rb'
+require './user/edit-password.rb'
+require './user/edit-email.rb'
 require './ticket/create.rb'
 require './ticket/comment.rb'
--- a/tests/ticket/comment.rb
+++ b/tests/ticket/comment.rb
@ -63,7 +63,7 @@ describe '/ticket/comment/' do
        comment = $database.getRow('comment', '1', 'id')
        (comment['content']).should.equal('some comment content')
        (comment['ticket_id']).should.equal('1')
-        (comment['author_id']).should.equal('1')
+        (comment['author_id']).should.equal($csrf_userid)
    end

    it 'should fail if user is not the author nor owner' do
@ -84,4 +84,4 @@ describe '/ticket/comment/' do
    #it 'should add comment if logged as ticket owner' do

    #end
-end
+end
--- a/tests/ticket/create.rb
+++ b/tests/ticket/create.rb
@ -1,8 +1,9 @@
 describe '/ticket/create' do
    request('/user/logout')
+    Scripts.createUser('jonhsnow@os4.com','jonhpass','Jonh Snow')
    result = request('/user/login', {
-        email: 'steve@jobs.com',
-        password: 'custom'
+        email: 'jonhsnow@os4.com',
+        password: 'jonhpass'
    })

    $csrf_userid = result['data']['userId']
@ -106,9 +107,9 @@ describe '/ticket/create' do
        (ticket['unread']).should.equal('0')
        (ticket['closed']).should.equal('0')
        (ticket['department_id']).should.equal('1')
-        (ticket['author_id']).should.equal('1')
+        (ticket['author_id']).should.equal($csrf_userid)

        ticket_user_relation = $database.getRow('ticket_user','1','ticket_id')
-        (ticket_user_relation['user_id']).should.equal('1')
+        (ticket_user_relation['user_id']).should.equal($csrf_userid)
    end
-end
+end
--- a/tests/user/edit-email.rb
+++ b/tests/user/edit-email.rb
@ -0,0 +1,39 @@
+describe '/user/edit-email' do
+
+    request('/user/logout')
+    result = request('/user/login', {
+        email: 'steve@jobs.com',
+        password: 'newpassword'
+    })
+
+    $csrf_userid = result['data']['userId']
+    $csrf_token = result['data']['token']
+
+
+    it 'should fail if new email is incorrect' do
+        result = request('/user/edit-email', {
+            newEmail: 'newemail@jobscom',
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token
+        })
+        (result['status']).should.equal('fail')
+        (result['message']).should.equal('Invalid email')
+
+        result = request('/user/edit-email', {
+            newEmail: 'newemailjobs.com',
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token
+        })
+        (result['status']).should.equal('fail')
+        (result['message']).should.equal('Invalid email')
+    end
+
+    it 'should change email' do
+        result = request('/user/edit-email', {
+            newEmail: 'newemail@jobs.com',
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token
+        })
+        (result['status']).should.equal('success')
+    end
+end
--- a/tests/user/edit-password.rb
+++ b/tests/user/edit-password.rb
@ -0,0 +1,56 @@
+describe '/user/edit-password' do
+
+    request('/user/logout')
+    result = request('/user/login', {
+        email: 'steve@jobs.com',
+        password: 'custom'
+    })
+
+    $csrf_userid = result['data']['userId']
+    $csrf_token = result['data']['token']
+
+
+    it 'should fail if new password is incorrect' do
+        result = request('/user/edit-password', {
+            oldPassword: 'custom',
+            newPassword: 'np',
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token
+        })
+        (result['status']).should.equal('fail')
+        (result['message']).should.equal('Invalid password')
+
+        long_text = ''
+        250.times {long_text << 'a'}
+
+        result = request('/user/edit-password', {
+            oldPassword: 'custom',
+            newPassword: long_text,
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token
+        })
+        (result['status']).should.equal('fail')
+        (result['message']).should.equal('Invalid password')
+    end
+
+    it 'should fail if old password is not same than old password ' do
+        result = request('/user/edit-password',{
+            oldPassword: 'falsepassword',
+            newPassword: 'newpassword',
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token
+        })
+        (result['status']).should.equal('fail')
+        (result['message']).should.equal('Invalid old password')
+    end
+
+    it 'should change password' do
+        result = request('/user/edit-password',{
+            oldPassword: 'custom',
+            newPassword: 'newpassword',
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token
+        })
+        (result['status']).should.equal('success')
+    end
+end