Guillermo - add path /user/verify [skip ci]

2016-12-23 01:27:21 -03:00 · 2016-12-23 01:27:21 -03:00 · be2e492aa4
parent 5c2f482c10
commit be2e492aa4
7 changed files with 25 additions and 5 deletions
--- a/server/controllers/user/login.php
+++ b/server/controllers/user/login.php
@ -26,7 +26,15 @@ class LoginController extends Controller {
                $this->userInstance->lastLogin = Date::getCurrentDate();
                $this->userInstance->store();
            }
-            
+
+            $email =  Controller::request('email');
+            $userRow = User::getDataStore($email, 'email');
+
+            if($userRow->verificationToken !== null) {
+                Response::respondError(ERRORS::UNVERIFIED_USER);
+                return;
+            }
+
            Response::respondSuccess($this->getUserData());
        } else {
            Response::respondError(ERRORS::INVALID_CREDENTIALS);
--- a/server/data/ERRORS.php
+++ b/server/data/ERRORS.php
@ -31,4 +31,5 @@ class ERRORS {
    const INVALID_STAFF = 'INVALID_STAFF';
    const SAME_DEPARTMENT = 'SAME_DEPARTMENT';
    const INVALID_TOKEN = 'INVALID_TOKEN';
+    const UNVERIFIED_USER = 'UNVERIFIED_USER';
 }
--- a/tests/scripts.rb
+++ b/tests/scripts.rb
@ -9,6 +9,11 @@ class Scripts
        if response['status'] === 'fail'
            raise 'Could not create user'
        end
+        userRow = $database.getRow('user', email, 'email')
+        response = request('/user/verify', {
+                :email => email,
+                :token => userRow['verification_token']
+        })
    end

    def self.login(email = 'steve@jobs.com', password = 'custompassword', staff = false)
--- a/tests/system/edit-settings.rb
+++ b/tests/system/edit-settings.rb
@ -18,7 +18,6 @@ describe'system/edit-settings' do
                "smtp-user" => 'admin',
                "smtp-pass" => 'pass1234',
            })
-            puts result['message']

            (result['status']).should.equal('success')

@ -54,4 +53,4 @@ describe'system/edit-settings' do

            request('/user/logout')
        end
-end
+end
--- a/tests/user/get-users-test.rb
+++ b/tests/user/get-users-test.rb
@ -4,6 +4,7 @@ describe '/user/get-users' do
    Scripts.createUser('tests@hotmail.com','passdasdasdas','laasdasd')
    Scripts.createUser('tests2@hotmail.com','passfasfasfsa','laeaefae')
    Scripts.createUser('tests3@hotmail.com','passfasfasfws','laeczvwaf')
+
    result = request('/user/login', {
        email: 'staff@opensupports.com',
        password: 'staff',
@ -86,4 +87,4 @@ describe '/user/get-users' do
        (result['data']['users'][3]['name']).should.equal('Cersei Lannister')
        (result['data']['users'][4]['name']).should.equal('Tyrion Lannister')
    end
-end
+end
--- a/tests/user/get.rb
+++ b/tests/user/get.rb
@ -10,6 +10,7 @@ describe '/user/get' do
        csrf_userid: $csrf_userid,
        csrf_token: $csrf_token
    })
+
    @ticketNumber = result['data']['ticketNumber']

    it 'should fail if not logged' do
@ -52,4 +53,4 @@ describe '/user/get' do
        (ticketFromUser['owner']).should.equal(nil)
        (ticketFromUser['events']).should.equal([])
    end
-end
+end
--- a/tests/user/signup.rb
+++ b/tests/user/signup.rb
@ -8,6 +8,11 @@ describe '/user/signup' do

        userRow = $database.getRow('user', response['data']['userId'])

+        request('/user/verify', {
+          :email => 'steve@jobs.com',
+          :token => userRow['verification_token']
+        })
+
        (userRow['email']).should.equal('steve@jobs.com')
        (userRow['name']).should.equal('Steve Jobs')
    end