);
-export default CreateDisplayNameDialog;
+export default CreateUsernameDialog;
diff --git a/client/coral-sign-in/containers/ChangeDisplayNameContainer.js b/client/coral-sign-in/containers/ChangeUsernameContainer.js
similarity index 74%
rename from client/coral-sign-in/containers/ChangeDisplayNameContainer.js
rename to client/coral-sign-in/containers/ChangeUsernameContainer.js
index 625985b63..33ae63614 100644
--- a/client/coral-sign-in/containers/ChangeDisplayNameContainer.js
+++ b/client/coral-sign-in/containers/ChangeUsernameContainer.js
@@ -4,21 +4,21 @@ import {connect} from 'react-redux';
import validate from 'coral-framework/helpers/validate';
import errorMsj from 'coral-framework/helpers/error';
-import CreateDisplayNameDialog from '../components/CreateDisplayNameDialog';
+import CreateUsernameDialog from '../components/CreateUsernameDialog';
import I18n from 'coral-framework/modules/i18n/i18n';
import translations from '../translations';
const lang = new I18n(translations);
import {
- showCreateDisplayNameDialog,
- hideCreateDisplayNameDialog,
+ showCreateUsernameDialog,
+ hideCreateUsernameDialog,
invalidForm,
validForm,
- createDisplayName
+ createUsername
} from '../../coral-framework/actions/auth';
-class ChangeDisplayNameContainer extends Component {
+class ChangeUsernameContainer extends Component {
initialState = {
formData: {
username: '',
@@ -31,7 +31,7 @@ class ChangeDisplayNameContainer extends Component {
super(props);
this.state = this.initialState;
this.handleChange = this.handleChange.bind(this);
- this.handleSubmitDisplayName = this.handleSubmitDisplayName.bind(this);
+ this.handleSubmitUsername = this.handleSubmitUsername.bind(this);
this.handleClose = this.handleClose.bind(this);
this.addError = this.addError.bind(this);
}
@@ -81,13 +81,13 @@ class ChangeDisplayNameContainer extends Component {
this.setState({showErrors: show});
}
- handleSubmitDisplayName(e) {
+ handleSubmitUsername(e) {
e.preventDefault();
const {errors} = this.state;
const {validForm, invalidForm} = this.props;
this.displayErrors();
if (this.isCompleted() && !Object.keys(errors).length) {
- this.props.createDisplayName(this.props.user.id, this.state.formData);
+ this.props.createUsername(this.props.user.id, this.state.formData);
validForm();
} else {
invalidForm(lang.t('createdisplay.checkTheForm'));
@@ -95,19 +95,19 @@ class ChangeDisplayNameContainer extends Component {
}
handleClose() {
- this.props.hideCreateDisplayNameDialog();
+ this.props.hideCreateUsernameDialog();
}
render() {
const {loggedIn, auth, offset} = this.props;
return (
- ({
});
const mapDispatchToProps = dispatch => ({
- createDisplayName: (userid, formData) => dispatch(createDisplayName(userid, formData)),
- showCreateDisplayNameDialog: () => dispatch(showCreateDisplayNameDialog()),
- hideCreateDisplayNameDialog: () => dispatch(hideCreateDisplayNameDialog()),
+ createUsername: (userid, formData) => dispatch(createUsername(userid, formData)),
+ showCreateUsernameDialog: () => dispatch(showCreateUsernameDialog()),
+ hideCreateUsernameDialog: () => dispatch(hideCreateUsernameDialog()),
invalidForm: error => dispatch(invalidForm(error)),
validForm: () => dispatch(validForm())
});
@@ -132,4 +132,4 @@ const mapDispatchToProps = dispatch => ({
export default connect(
mapStateToProps,
mapDispatchToProps
-)(ChangeDisplayNameContainer);
+)(ChangeUsernameContainer);
diff --git a/client/coral-sign-in/translations.js b/client/coral-sign-in/translations.js
index 36ce3fce4..a2bb60819 100644
--- a/client/coral-sign-in/translations.js
+++ b/client/coral-sign-in/translations.js
@@ -26,7 +26,7 @@ export default {
emailORusernameInUse: 'Email address or Username already in use',
requiredField: 'This field is required',
passwordsDontMatch: 'Passwords don\'t match.',
- specialCharacters: 'Display names can contain letters, numbers and _ only',
+ specialCharacters: 'Usernames can contain letters, numbers and _ only',
checkTheForm: 'Invalid Form. Please, check the fields'
},
'createdisplay': {
@@ -37,8 +37,8 @@ export default {
requiredField: 'Required field',
errorCreate: 'Error when changing username',
checkTheForm: 'Invalid Form. Please, check the fields',
- specialCharacters: 'Display names can contain letters, numbers and _ only'
- },
+ specialCharacters: 'Usernames can contain letters, numbers and _ only'
+ }
},
es: {
'signIn': {
diff --git a/errors.js b/errors.js
index ee68b67fd..6d9abbcfd 100644
--- a/errors.js
+++ b/errors.js
@@ -54,8 +54,8 @@ const ErrEmailTaken = new APIError('Email address already in use', {
status: 400
});
-const ErrDisplayTaken = new APIError('Username already in use', {
- translation_key: 'DISPLAYNAME_IN_USE',
+const ErrUsernameTaken = new APIError('Username already in use', {
+ translation_key: 'USERNAME_IN_USE',
status: 400
});
@@ -64,8 +64,8 @@ const ErrSpecialChars = new APIError('No special characters are allowed in a use
status: 400
});
-const ErrMissingDisplay = new APIError('A username is required to create a user', {
- translation_key: 'DISPLAY_NAME_REQUIRED',
+const ErrMissingUsername = new APIError('A username is required to create a user', {
+ translation_key: 'USERNAME_REQUIRED',
status: 400
});
@@ -80,7 +80,8 @@ const ErrMissingToken = new APIError('token is required', {
class ErrAssetCommentingClosed extends APIError {
constructor(closedMessage = null) {
super('asset commenting is closed', {
- status: 400
+ status: 400,
+ translation_key: 'COMMENTING_CLOSED'
}, {
// Include the closedMessage in the metadata piece of the error.
@@ -141,6 +142,12 @@ const ErrInstallLock = new APIError('install lock active', {
status: 500
});
+// ErrPermissionUpdateUsername is returned when the user does not have permission to update their username.
+const ErrPermissionUpdateUsername = new APIError('You do not have permission to update your username.', {
+ translation_key: 'EDIT_USERNAME_NOT_AUTHORIZED',
+ status: 500
+});
+
module.exports = {
ExtendableError,
APIError,
@@ -151,14 +158,15 @@ module.exports = {
ErrMissingToken,
ErrEmailTaken,
ErrSpecialChars,
- ErrMissingDisplay,
+ ErrMissingUsername,
ErrContainsProfanity,
- ErrDisplayTaken,
+ ErrUsernameTaken,
ErrAssetCommentingClosed,
ErrNotFound,
ErrInvalidAssetURL,
ErrAuthentication,
ErrNotAuthorized,
+ ErrPermissionUpdateUsername,
ErrSettingsInit,
ErrInstallLock
};
diff --git a/graph/loaders/comments.js b/graph/loaders/comments.js
index 24b66f4bd..ad78a1e92 100644
--- a/graph/loaders/comments.js
+++ b/graph/loaders/comments.js
@@ -68,6 +68,38 @@ const getCountsByParentID = (context, parent_ids) => {
.then((results) => results.map((result) => result ? result.count : 0));
};
+/**
+ * Retrieves the count of comments based on the passed in query.
+ * @param {Object} context graph context
+ * @param {Object} query query to execute against the comments collection
+ * to compute the counts
+ * @return {Promise} resolves to the counts of the comments from the
+ * query
+ */
+const getCommentCountByQuery = (context, {ids, statuses, asset_id, parent_id}) => {
+ let query = CommentModel.find();
+
+ if (ids) {
+ query = query.where({id: {$in: ids}});
+ }
+
+ if (statuses) {
+ query = query.where({status: {$in: statuses}});
+ }
+
+ if (asset_id != null) {
+ query = query.where({asset_id});
+ }
+
+ if (parent_id !== undefined) {
+ query = query.where({parent_id});
+ }
+
+ return CommentModel
+ .find(query)
+ .count();
+};
+
/**
* Retrieves comments based on the passed in query that is filtered by the
* current used passed in via the context.
@@ -101,6 +133,7 @@ const getCommentsByQuery = ({user}, {ids, statuses, asset_id, parent_id, author_
});
}
+ // Only let an admin request any user or the current user request themself.
if (user && (user.hasRoles('ADMIN') || user.id === author_id) && author_id != null) {
comments = comments.where({author_id});
}
@@ -136,7 +169,13 @@ const getCommentsByQuery = ({user}, {ids, statuses, asset_id, parent_id, author_
.limit(limit);
};
-const genRecentReplies = (_, ids) => {
+/**
+ * Gets the recent replies.
+ * @param {Object} context graph context
+ * @param {Array} ids ids of parent ids
+ * @return {Promise} resolves to recent replies
+ */
+const genRecentReplies = (context, ids) => {
return CommentModel.aggregate([
// get all the replies for the comments in question
@@ -180,6 +219,12 @@ const genRecentReplies = (_, ids) => {
.then(util.arrayJoinBy(ids, 'parent_id'));
};
+/**
+ * Gets the recent comments.
+ * @param {Object} context graph context
+ * @param {Array} ids ids of asset ids
+ * @return {Promise} resolves to recent comments from assets
+ */
const genRecentComments = (_, ids) => {
return CommentModel.aggregate([
@@ -233,6 +278,7 @@ const genRecentComments = (_, ids) => {
module.exports = (context) => ({
Comments: {
getByQuery: (query) => getCommentsByQuery(context, query),
+ getCountByQuery: (query) => getCommentCountByQuery(context, query),
countByAssetID: new util.SharedCacheDataLoader('Comments.countByAssetID', 3600, (ids) => getCountsByAssetID(context, ids)),
countByParentID: new util.SharedCacheDataLoader('Comments.countByParentID', 3600, (ids) => getCountsByParentID(context, ids)),
genRecentReplies: new DataLoader((ids) => genRecentReplies(context, ids)),
diff --git a/graph/mutators/comment.js b/graph/mutators/comment.js
index 5007a3039..33d2c4f85 100644
--- a/graph/mutators/comment.js
+++ b/graph/mutators/comment.js
@@ -15,11 +15,18 @@ const Wordlist = require('../../services/wordlist');
* @return {Promise} resolves to the created comment
*/
const createComment = ({user, loaders: {Comments}}, {body, asset_id, parent_id = null}, status = 'NONE') => {
+
+ let tags = [];
+ if (user.hasRoles('ADMIN') || user.hasRoles('MODERATOR')) {
+ tags = [{name: 'STAFF'}];
+ }
+
return CommentsService.publicCreate({
body,
asset_id,
parent_id,
status,
+ tags,
author_id: user.id
})
.then((comment) => {
@@ -36,12 +43,6 @@ const createComment = ({user, loaders: {Comments}}, {body, asset_id, parent_id =
}
}
- if (user.hasRoles('ADMIN')) {
- return CommentsService
- .addTag(comment.id, 'STAFF', user.id)
- .then(() => comment);
- }
-
return comment;
});
};
@@ -140,12 +141,12 @@ const createPublicComment = (context, commentInput) => {
// Otherwise just return the new comment.
// TODO: Check why the wordlist is undefined
- if (wordlist != null) {
+ if (wordlist != null && wordlist.suspect != null) {
// TODO: this is kind of fragile, we should refactor this to resolve
// all these const's that we're using like 'COMMENTS', 'FLAG' to be
// defined in a checkable schema.
- return context.mutators.Action.createAction(null, {
+ return context.mutators.Action.create({
item_id: comment.id,
item_type: 'COMMENTS',
action_type: 'FLAG',
diff --git a/graph/resolvers/root_mutation.js b/graph/resolvers/root_mutation.js
index 51b200a2d..e2dba5821 100644
--- a/graph/resolvers/root_mutation.js
+++ b/graph/resolvers/root_mutation.js
@@ -1,3 +1,6 @@
+const {Error: {ValidationError}} = require('mongoose');
+const errors = require('../../errors');
+
/**
* Wraps up a promise to return an object with the resolution of the promise
* keyed at `key` or an error caught at `errors`.
@@ -9,9 +12,20 @@ const wrapResponse = (key) => (promise) => {
res[key] = value;
}
return res;
- }).catch((err) => ({
- errors: [err]
- }));
+ }).catch((err) => {
+
+ if (err instanceof errors.APIError) {
+ return {
+ errors: [err]
+ };
+ } else if (err instanceof ValidationError) {
+
+ // TODO: wrap this with one of our internal errors.
+ throw err;
+ }
+
+ throw err;
+ });
};
const RootMutation = {
diff --git a/graph/resolvers/root_query.js b/graph/resolvers/root_query.js
index eb66274dd..ced4e65cf 100644
--- a/graph/resolvers/root_query.js
+++ b/graph/resolvers/root_query.js
@@ -39,6 +39,23 @@ const RootQuery = {
return Comments.getByQuery(query);
},
+ commentCount(_, {query: {action_type, statuses, asset_id, parent_id}}, {user, loaders: {Actions, Comments}}) {
+ if (user == null || !user.hasRoles('ADMIN')) {
+ return null;
+ }
+
+ if (action_type) {
+ return Actions.getByTypes({action_type, item_type: 'COMMENTS'})
+ .then((ids) => {
+
+ // Perform the query using the available resolver.
+ return Comments.getCountByQuery({ids, statuses, asset_id, parent_id});
+ });
+ }
+
+ return Comments.getCountByQuery({statuses, asset_id, parent_id});
+ },
+
metrics(_, {from, to, sort, limit = 10}, {user, loaders: {Metrics}}) {
if (user == null || !user.hasRoles('ADMIN')) {
return null;
diff --git a/graph/typeDefs.graphql b/graph/typeDefs.graphql
index 30bb79262..e005b88ea 100644
--- a/graph/typeDefs.graphql
+++ b/graph/typeDefs.graphql
@@ -27,7 +27,7 @@ type User {
# The ID of the User.
id: ID!
- # username of a user.
+ # Username of a user.
username: String!
# Action summaries against the user.
@@ -99,10 +99,40 @@ enum ACTION_TYPE {
# CommentsQuery allows the ability to query comments by a specific methods.
input CommentsQuery {
- # current status of a comment.
+ # Current status of a comment. Requires the `ADMIN` role.
statuses: [COMMENT_STATUS!]
- # asset that a comment is on.
+ # Asset that a comment is on.
+ asset_id: ID
+
+ # The parent of the comment that we want to retrieve.
+ parent_id: ID
+
+ # Comments returned will only be ones which have at least one action of this
+ # type. Requires the `ADMIN` role.
+ action_type: ACTION_TYPE
+
+ # Limit the number of results to be returned.
+ limit: Int = 10
+
+ # Skip results from the last created_at timestamp.
+ cursor: Date
+
+ # Filter by a specific tag name.
+ tag: [String]
+
+ # Sort the results by created_at.
+ sort: SORT_ORDER = REVERSE_CHRONOLOGICAL
+}
+
+# CommentCountQuery allows the ability to query comment counts by specific
+# methods.
+input CommentCountQuery {
+
+ # Current status of a comment. Requires the `ADMIN` role.
+ statuses: [COMMENT_STATUS!]
+
+ # Asset that a comment is on.
asset_id: ID
# the parent of the comment that we want to retrieve.
@@ -112,17 +142,8 @@ input CommentsQuery {
# type.
action_type: ACTION_TYPE
- # limit the number of results to be returned.
- limit: Int = 10
-
- # skip results from the last created_at timestamp.
- cursor: Date
-
- # filter by a specific tag name.
+ # Filter by a specific tag name.
tag: [String]
-
- # sort the results by created_at.
- sort: SORT_ORDER = REVERSE_CHRONOLOGICAL
}
# Comment is the base representation of user interaction in Talk.
@@ -149,7 +170,7 @@ type Comment {
# The count of replies on a comment.
replyCount: Int
- # Actions completed on the parent.
+ # Actions completed on the parent. Requires the `ADMIN` role.
actions: [Action]
# Action summaries against a comment.
@@ -388,7 +409,7 @@ type Asset {
closedAt: Date
# Summary of all Actions against all entities associated with the Asset.
- # (likes, flags, etc.)
+ # (likes, flags, etc.). Requires the `ADMIN` role.
action_summaries: [AssetActionSummary]
# The date that the asset was created.
@@ -456,7 +477,7 @@ type RootQuery {
# Site wide settings and defaults.
settings: Settings
- # All assets.
+ # All assets. Requires the `ADMIN` role.
assets: [Asset]
# Find or create an asset by url, or just find with the ID.
@@ -465,7 +486,12 @@ type RootQuery {
# Comments returned based on a query.
comments(query: CommentsQuery!): [Comment]
- # The currently logged in user based on the request.
+ # Returne the count of comments satisfied by the query. Note that this edge is
+ # expensive as it is not batched. Requires the `ADMIN` role.
+ commentCount(query: CommentCountQuery!): Int
+
+ # The currently logged in user based on the request. Requires any logged in
+ # role.
me: User
# Metrics related to user actions are saturated into the assets returned. The
@@ -623,10 +649,10 @@ type RootMutation {
# Delete an action based on the action id.
deleteAction(id: ID!): DeleteActionResponse
- # Sets User status
+ # Sets User status. Requires the `ADMIN` role.
setUserStatus(id: ID!, status: USER_STATUS!): SetUserStatusResponse
- # Sets Comment status
+ # Sets Comment status. Requires the `ADMIN` role.
setCommentStatus(id: ID!, status: COMMENT_STATUS!): SetCommentStatusResponse
}
diff --git a/models/comment.js b/models/comment.js
index c88041c8a..e6523e45f 100644
--- a/models/comment.js
+++ b/models/comment.js
@@ -43,7 +43,10 @@ const TagSchema = new Schema({
default: null
},
- created_at: Date
+ created_at: {
+ type: Date,
+ default: Date
+ }
}, {
_id: false
});
diff --git a/package.json b/package.json
index 09ce50aa9..70b0e17b1 100644
--- a/package.json
+++ b/package.json
@@ -49,7 +49,6 @@
},
"homepage": "https://github.com/coralproject/talk#readme",
"dependencies": {
- "apollo-client": "^0.8.3",
"bcrypt": "^0.8.7",
"body-parser": "^1.15.2",
"cli-table": "^0.3.1",
@@ -66,7 +65,6 @@
"graphql": "^0.8.2",
"graphql-errors": "^2.1.0",
"graphql-server-express": "^0.5.0",
- "graphql-tag": "^1.2.3",
"graphql-tools": "^0.9.0",
"helmet": "^3.1.0",
"inquirer": "^3.0.1",
@@ -88,6 +86,7 @@
"uuid": "^2.0.3"
},
"devDependencies": {
+ "apollo-client": "^0.8.3",
"autoprefixer": "^6.5.2",
"babel-core": "^6.21.0",
"babel-eslint": "^7.1.0",
@@ -122,6 +121,7 @@
"exports-loader": "^0.6.3",
"fetch-mock": "^5.5.0",
"graphql-docs": "^0.2.0",
+ "graphql-tag": "^1.2.3",
"hammerjs": "^2.0.8",
"ignore-styles": "^5.0.1",
"immutable": "^3.8.1",
diff --git a/routes/api/account/index.js b/routes/api/account/index.js
index 3de9d41c3..4eab8b920 100644
--- a/routes/api/account/index.js
+++ b/routes/api/account/index.js
@@ -123,7 +123,7 @@ router.put('/username', authorization.needed(), (req, res, next) => {
})
.catch(error => {
if (error.code === 11000) {
- next(errors.ErrDisplayTaken);
+ next(errors.ErrUsernameTaken);
} else {
next(error);
}
diff --git a/routes/api/actions/index.js b/routes/api/actions/index.js
deleted file mode 100644
index 20316d93b..000000000
--- a/routes/api/actions/index.js
+++ /dev/null
@@ -1,20 +0,0 @@
-const express = require('express');
-const ActionsService = require('../../../services/actions');
-
-const router = express.Router();
-
-router.delete('/:action_id', (req, res, next) => {
- ActionsService
- .findOneAndRemove({
- id: req.params.action_id,
- user_id: req.user.id
- })
- .then(() => {
- res.status(204).end();
- })
- .catch(error => {
- next(error);
- });
-});
-
-module.exports = router;
diff --git a/routes/api/comments/index.js b/routes/api/comments/index.js
deleted file mode 100644
index e77ca0c30..000000000
--- a/routes/api/comments/index.js
+++ /dev/null
@@ -1,130 +0,0 @@
-const express = require('express');
-const errors = require('../../../errors');
-
-const CommentModel = require('../../../models/comment');
-const CommentsService = require('../../../services/comments');
-const AssetsService = require('../../../services/assets');
-const UsersService = require('../../../services/users');
-const ActionsService = require('../../../services/actions');
-
-const authorization = require('../../../middleware/authorization');
-const _ = require('lodash');
-
-const router = express.Router();
-
-router.get('/', (req, res, next) => {
-
- const {
- status = null,
- action_type = null,
- asset_id = null,
- user_id = null
- } = req.query;
-
- // everything on this route requires admin privileges besides listing comments for owner of said comments
- if (!authorization.has(req.user, 'ADMIN') && !user_id) {
- next(errors.ErrNotAuthorized);
- return;
- }
-
- // if the user is not an admin, only return comment list for the owner of the comments
- if (req.user.id !== user_id && !authorization.has(req.user, 'ADMIN')) {
- next(errors.ErrNotAuthorized);
- return;
- }
-
- /**
- * This adds the asset_id requirement to the query if the asset_id is defined.
- */
- const assetIDWrap = (query) => {
- if (asset_id) {
- query = query.where('asset_id', asset_id);
- }
-
- return query;
- };
-
- let query;
-
- // the check for user_id MUST be first here.
- // otherwise this will be a vulnerability if you pass user_id and something else,
- // the app will return admin-level data without the proper checks
- if (user_id) {
- query = CommentsService.findByUserId(user_id, authorization.has(req.user, 'ADMIN'));
- } else if (status) {
- query = assetIDWrap(CommentsService.findByStatus(status === 'NEW' ? 'NONE' : status));
- } else if (action_type) {
- query = CommentsService
- .findIdsByActionType(action_type)
- .then((ids) => assetIDWrap(CommentModel.find({
- id: {
- $in: ids
- }
- })));
- } else {
- query = assetIDWrap(CommentsService.all());
- }
-
- query.then((comments) => {
- return Promise.all([
- comments,
- AssetsService.findMultipleById(comments.map(comment => comment.asset_id)),
- UsersService.findByIdArray(_.uniq(comments.map((comment) => comment.author_id))),
- ActionsService.getActionSummariesFromComments(asset_id, comments, req.user ? req.user.id : false)
- ]);
- })
- .then(([comments, assets, users, actions]) =>
- res.status(200).json({
- comments,
- assets,
- users,
- actions
- }))
- .catch((err) => {
- next(err);
- });
-});
-
-router.get('/:comment_id', authorization.needed('ADMIN'), (req, res, next) => {
- CommentsService
- .findById(req.params.comment_id)
- .then(comment => {
- if (!comment) {
- res.status(404).end();
- return;
- }
-
- res.status(200).json(comment);
- })
- .catch((err) => {
- next(err);
- });
-});
-
-router.delete('/:comment_id', authorization.needed('ADMIN'), (req, res, next) => {
- CommentsService
- .removeById(req.params.comment_id)
- .then(() => {
- res.status(204).end();
- })
- .catch((err) => {
- next(err);
- });
-});
-
-router.put('/:comment_id/status', authorization.needed('ADMIN'), (req, res, next) => {
- const {
- status
- } = req.body;
-
- CommentsService
- .pushStatus(req.params.comment_id, status, req.user.id)
- .then(() => {
- res.status(204).end();
- })
- .catch((err) => {
- next(err);
- });
-});
-
-module.exports = router;
diff --git a/routes/api/index.js b/routes/api/index.js
index 9913d8ad2..56846acde 100644
--- a/routes/api/index.js
+++ b/routes/api/index.js
@@ -5,10 +5,6 @@ const router = express.Router();
router.use('/assets', authorization.needed('ADMIN'), require('./assets'));
router.use('/settings', authorization.needed('ADMIN'), require('./settings'));
-router.use('/queue', authorization.needed('ADMIN'), require('./queue'));
-
-router.use('/comments', authorization.needed(), require('./comments'));
-router.use('/actions', authorization.needed(), require('./actions'));
router.use('/auth', require('./auth'));
router.use('/users', require('./users'));
diff --git a/routes/api/queue/index.js b/routes/api/queue/index.js
deleted file mode 100644
index b3cbb1a52..000000000
--- a/routes/api/queue/index.js
+++ /dev/null
@@ -1,101 +0,0 @@
-const express = require('express');
-const CommentsService = require('../../../services/comments');
-const CommentModel = require('../../../models/comment');
-const UsersService = require('../../../services/users');
-const ActionsService = require('../../../services/actions');
-const authorization = require('../../../middleware/authorization');
-const _ = require('lodash');
-
-const router = express.Router();
-
-function gatherActionsAndUsers (comments) {
- return Promise.all([
- comments,
- UsersService.findByIdArray(_.uniq(comments.map((comment) => comment.author_id))),
- ActionsService.getActionSummaries(_.uniq([
- ...comments.map((comment) => comment.id),
- ...comments.map((comment) => comment.author_id)
- ]))
- ]);
-}
-
-//==============================================================================
-// Get Routes
-//==============================================================================
-
-// Returns back all the comments that are in the moderation queue. The moderation queue is pre or post moderated,
-// depending on the settings. The :moderation overwrites this settings.
-// Pre-moderation: New comments are shown in the moderator queues immediately.
-// Post-moderation: New comments do not appear in moderation queues unless they are flagged by other users.
-router.get('/comments/premod', authorization.needed('ADMIN'), (req, res, next) => {
-
- const {asset_id} = req.query;
-
- CommentsService.moderationQueue('PREMOD', asset_id)
- .then(gatherActionsAndUsers)
- .then(([comments, users, actions]) => {
- res.json({comments, users, actions});
- })
- .catch(error => {
- next(error);
- });
-});
-
-router.get('/comments/rejected', authorization.needed('ADMIN'), (req, res, next) => {
- const {asset_id} = req.query;
-
- CommentsService.moderationQueue('REJECTED', asset_id)
- .then(gatherActionsAndUsers)
- .then(([comments, users, actions]) => {
- res.json({comments, users, actions});
- })
- .catch(error => {
- next(error);
- });
-});
-
-router.get('/comments/flagged', authorization.needed('ADMIN'), (req, res, next) => {
- const {asset_id} = req.query;
-
- const assetIDWrap = (query) => {
- if (asset_id) {
- query = query.where('asset_id', asset_id);
- }
-
- return query;
- };
-
- CommentsService.findIdsByActionType('FLAG')
- .then(ids => assetIDWrap(CommentModel.find({
- id: {$in: ids}
- })))
- .then(gatherActionsAndUsers)
- .then(([comments, users, actions]) => {
- res.json({comments, users, actions});
- })
- .catch(error => {
- next(error);
- });
-});
-
-// Returns back all the users that are in the moderation queue.
-router.get('/users/flagged', (req, res, next) => {
- UsersService.moderationQueue()
- .then((users) => {
- return Promise.all([
- users,
- ActionsService.getActionSummaries(users.map((user) => user.id))
- ]);
- })
- .then(([users, actions]) => {
- res.json({
- users,
- actions
- });
- })
- .catch(error => {
- next(error);
- });
-});
-
-module.exports = router;
diff --git a/routes/api/users/index.js b/routes/api/users/index.js
index 4182beb49..df7369bb3 100644
--- a/routes/api/users/index.js
+++ b/routes/api/users/index.js
@@ -136,7 +136,7 @@ router.post('/', (req, res, next) => {
res.status(201).json(user);
});
})
- .catch(err => {
+ .catch((err) => {
next(err);
});
});
@@ -163,7 +163,6 @@ router.post('/:user_id/actions', authorization.needed(), (req, res, next) => {
res.status(201).json(action);
})
.catch((err) => {
- console.log('Error', err);
next(err);
});
});
diff --git a/services/comments.js b/services/comments.js
index ad9ce18db..4dda82b04 100644
--- a/services/comments.js
+++ b/services/comments.js
@@ -29,27 +29,17 @@ module.exports = class CommentsService {
}
const {
- body,
- asset_id,
- parent_id,
status = 'NONE',
- author_id
} = comment;
- comment = new CommentModel({
- body,
- asset_id,
- parent_id,
- status_history: status ? [{
- type: status,
- created_at: new Date()
- }] : [],
- tags: [],
- status,
- author_id
- });
+ comment.status_history = status ? [{
+ type: status,
+ created_at: new Date()
+ }] : [];
- return comment.save();
+ let commentModel = new CommentModel(comment);
+
+ return commentModel.save();
}
/**
diff --git a/services/passport.js b/services/passport.js
index d265d9812..229541521 100644
--- a/services/passport.js
+++ b/services/passport.js
@@ -103,8 +103,6 @@ if (process.env.TALK_FACEBOOK_APP_ID && process.env.TALK_FACEBOOK_APP_SECRET &&
clientSecret: process.env.TALK_FACEBOOK_APP_SECRET,
callbackURL: `${process.env.TALK_ROOT_URL}/api/v1/auth/facebook/callback`,
- // TODO: remove displayName reference when we have steps in the FE to handle
- // the username create flow.
profileFields: ['id', 'displayName', 'picture.type(large)']
}, (accessToken, refreshToken, profile, done) => {
UsersService
diff --git a/services/setup.js b/services/setup.js
index 2bfbc66a0..1f1542d5e 100644
--- a/services/setup.js
+++ b/services/setup.js
@@ -57,7 +57,7 @@ module.exports = class SetupService {
// Verify other properties of the user.
return Promise.all([
- UsersService.isValidDisplayName(username, false),
+ UsersService.isValidUsername(username, false),
UsersService.isValidPassword(password),
settingsModel.validate()
]);
diff --git a/services/users.js b/services/users.js
index f715fa9f4..b09a7d399 100644
--- a/services/users.js
+++ b/services/users.js
@@ -109,7 +109,7 @@ module.exports = class UsersService {
* @param {Object} profile - User social/external profile
* @param {Function} done [description]
*/
- static findOrCreateExternalUser({id, provider, displayname}) {
+ static findOrCreateExternalUser({id, provider, displayName}) {
return UserModel
.findOne({
profiles: {
@@ -124,7 +124,7 @@ module.exports = class UsersService {
return user;
}
- let username = UsersService.castUsername(displayname);
+ let username = UsersService.castUsername(displayName);
// The user was not found, lets create them!
user = new UserModel({
@@ -176,11 +176,11 @@ module.exports = class UsersService {
* @param {Boolean} checkAgainstWordlist enables cheching against the wordlist
* @return {Promise}
*/
- static isValidUserName(username, checkAgainstWordlist = true) {
+ static isValidUsername(username, checkAgainstWordlist = true) {
const onlyLettersNumbersUnderscore = /^[A-Za-z0-9_]+$/;
if (!username) {
- return Promise.reject(errors.ErrMissingDisplay);
+ return Promise.reject(errors.ErrMissingUsername);
}
if (!onlyLettersNumbersUnderscore.test(username)) {
@@ -230,7 +230,7 @@ module.exports = class UsersService {
username = username.trim();
return Promise.all([
- UsersService.isValidUserName(username),
+ UsersService.isValidUsername(username),
UsersService.isValidPassword(password)
])
.then(() => { // username is valid
@@ -257,7 +257,7 @@ module.exports = class UsersService {
if (err) {
if (err.code === 11000) {
if (err.message.match('Username')) {
- return reject(errors.ErrDisplayTaken);
+ return reject(errors.ErrUsernameTaken);
}
return reject(errors.ErrEmailTaken);
}
@@ -688,7 +688,7 @@ module.exports = class UsersService {
}
}).then((result) => {
return result.nModified > 0 ? result :
- Promise.reject(new Error('You do not have permission to update your username.'));
+ Promise.reject(errors.ErrPermissionUpdateUsername);
});
}
};
diff --git a/test/e2e/pages/embedStreamPage.js b/test/e2e/pages/embedStreamPage.js
index b25eec419..ca72df1db 100644
--- a/test/e2e/pages/embedStreamPage.js
+++ b/test/e2e/pages/embedStreamPage.js
@@ -19,7 +19,7 @@ const embedStreamCommands = {
.setValue('@signInDialogEmail', user.email)
.setValue('@signInDialogPassword', user.pass)
.setValue('@signUpDialogConfirmPassword', user.pass)
- .setValue('@signUpDialogDisplayName', user.username)
+ .setValue('@signUpDialogUsername', user.username)
.waitForElementVisible('@signUpButton')
.click('@signUpButton')
.waitForElementVisible('@signInViewTrigger')
@@ -95,7 +95,7 @@ module.exports = {
signUpDialogConfirmPassword: {
selector: '#signInDialog #confirmPassword'
},
- signUpDialogDisplayName: {
+ signUpDialogUsername: {
selector: '#signInDialog #username'
},
logInButton: {
diff --git a/test/graph/context.js b/test/graph/context.js
new file mode 100644
index 000000000..413622678
--- /dev/null
+++ b/test/graph/context.js
@@ -0,0 +1,64 @@
+const expect = require('chai').expect;
+
+const User = require('../../models/user');
+const Context = require('../../graph/context');
+const errors = require('../../errors');
+
+describe('graph.Context', () => {
+
+ describe('#constructor: with a user', () => {
+ let c;
+
+ beforeEach(() => {
+ c = new Context({user: new User({id: '1'})});
+ });
+
+ it('creates a context with a user', (done) => {
+ expect(c).to.have.property('user');
+ expect(c.user).to.have.property('id', '1');
+
+ done();
+ });
+
+ it('does have access to mutators', () => {
+ return c.mutators.Action.create({
+ item_id: '1',
+ item_type: 'COMMENTS',
+ action_type: 'LIKE'
+ })
+ .then((action) => {
+ expect(action).to.have.property('item_id', '1');
+ expect(action).to.have.property('item_type', 'COMMENTS');
+ expect(action).to.have.property('action_type', 'LIKE');
+ });
+ });
+ });
+
+ describe('#constructor: without a user', () => {
+ let c;
+
+ beforeEach(() => {
+ c = new Context({user: undefined});
+ });
+
+ it('creates a context without a user', (done) => {
+ expect(c).to.not.have.property('user');
+
+ done();
+ });
+
+ it('does not have access to mutators', () => {
+ return c.mutators.Action.create({
+ item_id: '1',
+ item_type: 'COMMENTS',
+ action_type: 'LIKE'
+ })
+ .then((action) => {
+ expect(action).to.be.null;
+ })
+ .catch((err) => {
+ expect(err).to.be.equal(errors.ErrNotAuthorized);
+ });
+ });
+ });
+});
diff --git a/test/graph/mutations/createComment.js b/test/graph/mutations/createComment.js
new file mode 100644
index 000000000..26775933c
--- /dev/null
+++ b/test/graph/mutations/createComment.js
@@ -0,0 +1,233 @@
+const expect = require('chai').expect;
+const {graphql} = require('graphql');
+
+const schema = require('../../../graph/schema');
+const Context = require('../../../graph/context');
+const UserModel = require('../../../models/user');
+const AssetModel = require('../../../models/asset');
+const SettingsService = require('../../../services/settings');
+const ActionModel = require('../../../models/action');
+
+describe('graph.mutations.createComment', () => {
+ beforeEach(() => SettingsService.init());
+
+ const query = `
+ mutation CreateComment($body: String = "Here's my comment!") {
+ createComment(asset_id: "123", body: $body) {
+ comment {
+ id
+ status
+ tags {
+ name
+ }
+ }
+ errors {
+ translation_key
+ }
+ }
+ }
+ `;
+
+ describe('context with different user properties', () => {
+
+ beforeEach(() => AssetModel.create({id: '123'}));
+
+ [
+ {user: null, error: 'NOT_AUTHORIZED'},
+ {user: new UserModel({}), error: null}
+ ].forEach(({user, error}) => {
+ describe(user != null ? 'with user' : 'without user', () => {
+
+ it(error ? 'does not create the comment' : 'creates the comment', () => {
+ const context = new Context({user});
+
+ return graphql(schema, query, {}, context)
+ .then(({data, errors}) => {
+ expect(errors).to.be.undefined;
+ if (error) {
+ expect(data.createComment).to.have.property('comment').null;
+ expect(data.createComment).to.have.property('errors').not.null;
+ expect(data.createComment.errors[0]).to.have.property('translation_key', error);
+ } else {
+ expect(data.createComment).to.have.property('comment').not.null;
+ expect(data.createComment).to.have.property('errors').null;
+ }
+ });
+ });
+
+ });
+ });
+
+ });
+
+ describe('users with different statuses', () => {
+
+ beforeEach(() => AssetModel.create({id: '123'}));
+
+ [
+ {user: new UserModel({status: 'ACTIVE'}), error: null},
+ {user: new UserModel({status: 'BANNED'}), error: 'NOT_AUTHORIZED'},
+ {user: new UserModel({status: 'PENDING'}), error: null},
+ {user: new UserModel({status: 'APPROVED'}), error: null}
+ ].forEach(({user, error}) => {
+ describe(`user.status=${user.status}`, () => {
+ it(error ? 'does not create the comment' : 'creates the comment', () => {
+ const context = new Context({user});
+
+ return graphql(schema, query, {}, context)
+ .then(({data, errors}) => {
+ expect(errors).to.be.undefined;
+ if (error) {
+ expect(data.createComment).to.have.property('comment').null;
+ expect(data.createComment).to.have.property('errors').not.null;
+ expect(data.createComment.errors[0]).to.have.property('translation_key', error);
+ } else {
+ expect(data.createComment).to.have.property('comment').not.null;
+ expect(data.createComment).to.have.property('errors').null;
+ }
+ });
+ });
+ });
+ });
+
+ });
+
+ describe('assets with different statuses', () => {
+
+ [
+ {asset: new AssetModel({id: '123', closedAt: new Date((new Date()).getTime() + (10 * 86400000))}), error: null},
+ {asset: new AssetModel({id: '123', closedAt: new Date((new Date()).getTime() - (10 * 86400000))}), error: 'COMMENTING_CLOSED'}
+ ].forEach(({asset, error}) => {
+ describe(`asset.isClosed=${asset.isClosed}`, () => {
+
+ beforeEach(() => asset.save());
+
+ it(error ? 'does not create the comment' : 'creates the comment', () => {
+ const context = new Context({user: new UserModel({status: 'ACTIVE'})});
+
+ return graphql(schema, query, {}, context)
+ .then(({data, errors}) => {
+ expect(errors).to.be.undefined;
+ if (error) {
+ expect(data.createComment).to.have.property('comment').null;
+ expect(data.createComment).to.have.property('errors').not.null;
+ expect(data.createComment.errors[0]).to.have.property('translation_key', error);
+ } else {
+ expect(data.createComment).to.have.property('comment').not.null;
+ expect(data.createComment).to.have.property('errors').null;
+ }
+ });
+ });
+
+ });
+
+ });
+
+ });
+
+ describe('comments made with different asset moderation settings', () => {
+
+ [
+ {moderation: 'PRE', status: 'PREMOD'},
+ {moderation: 'POST', status: 'NONE'}
+ ].forEach(({moderation, status}) => {
+ describe(`moderation=${moderation}`, () => {
+
+ beforeEach(() => AssetModel.create({id: '123', settings: {moderation}}));
+
+ it(`creates comment with status=${status}`, () => {
+ const context = new Context({user: new UserModel({status: 'ACTIVE'})});
+
+ return graphql(schema, query, {}, context)
+ .then(({data, errors}) => {
+ expect(errors).to.be.undefined;
+ expect(data.createComment).to.have.property('comment').not.null;
+ expect(data.createComment).to.have.property('errors').null;
+ expect(data.createComment.comment).to.have.property('status', status);
+ });
+ });
+
+ });
+ });
+
+ });
+
+ describe('comments with/without banned words', () => {
+
+ beforeEach(() => Promise.all([
+ AssetModel.create({id: '123'}),
+ SettingsService.update({wordlist: {banned: ['WORST'], suspect: ['EH']}})
+ ]));
+
+ [
+ {message: 'comment does not contain banned/suspect words', body: 'This is such a nice comment!', status: 'NONE', flagged: false},
+ {message: 'comment contains banned words', body: 'This is the WORST comment!', status: 'REJECTED', flagged: false},
+ {message: 'comment contains suspect words', body: 'This is the EH comment!', status: 'NONE', flagged: true}
+ ].forEach(({message, body, status, flagged}) => {
+ describe(message, () => {
+
+ it(`should create a comment with status=${status} and it ${flagged ? 'should' : 'should not'} be flagged`, () => {
+ const context = new Context({user: new UserModel({status: 'ACTIVE'})});
+
+ return graphql(schema, query, {}, context, {
+ body
+ })
+ .then(({data, errors}) => {
+ expect(errors).to.be.undefined;
+ expect(data.createComment).to.have.property('comment').not.null;
+ expect(data.createComment.comment).to.have.property('status', status);
+ expect(data.createComment).to.have.property('errors').null;
+
+ return ActionModel.find({
+ item_id: data.createComment.comment.id,
+ action_type: 'FLAG'
+ });
+ })
+ .then((actions) => {
+ if (flagged) {
+ expect(actions).to.have.length(1);
+ } else {
+ expect(actions).to.have.length(0);
+ }
+ });
+ });
+
+ });
+ });
+ });
+
+ describe('users with different roles', () => {
+
+ beforeEach(() => AssetModel.create({id: '123'}));
+
+ [
+ {roles: [], tag: null},
+ {roles: ['ADMIN'], tag: 'STAFF'},
+ {roles: ['MODERATOR'], tag: 'STAFF'},
+ {roles: ['ADMIN', 'MODERATOR'], tag: 'STAFF'}
+ ].forEach(({roles, tag}) => {
+ describe(`user.roles=${JSON.stringify(roles)}`, () => {
+
+ it(`creates comment ${tag ? `with tag=${tag}` : 'without tags'}`, () => {
+ const context = new Context({user: new UserModel({roles})});
+
+ return graphql(schema, query, {}, context)
+ .then(({data, errors}) => {
+ expect(errors).to.be.undefined;
+ expect(data.createComment).to.have.property('comment').not.null;
+ expect(data.createComment).to.have.property('errors').null;
+
+ if (tag) {
+ expect(data.createComment.comment).to.have.property('tags').length(1);
+ expect(data.createComment.comment.tags[0]).to.have.property('name', tag);
+ } else {
+ expect(data.createComment.comment).to.have.property('tags').length(0);
+ }
+ });
+ });
+
+ });
+ });
+
+ });
+});
diff --git a/test/routes/api/comments/index.js b/test/routes/api/comments/index.js
deleted file mode 100644
index 50431159b..000000000
--- a/test/routes/api/comments/index.js
+++ /dev/null
@@ -1,269 +0,0 @@
-const passport = require('../../../passport');
-
-const app = require('../../../../app');
-const chai = require('chai');
-const expect = chai.expect;
-
-// Setup chai.
-chai.should();
-chai.use(require('chai-http'));
-
-const CommentModel = require('../../../../models/comment');
-const ActionModel = require('../../../../models/action');
-
-const CommentsService = require('../../../../services/comments');
-const UsersService = require('../../../../services/users');
-const SettingsService = require('../../../../services/settings');
-
-const settings = {id: '1', moderation: 'PRE', wordlist: {banned: ['bad words'], suspect: ['suspect words']}};
-
-describe('/api/v1/comments', () => {
-
- // Ensure that the settings are always available.
- beforeEach(() => SettingsService.init(settings));
-
- describe('#get', () => {
- const comments = [{
- body: 'comment 10',
- asset_id: 'asset',
- author_id: '123'
- }, {
- body: 'comment 20',
- asset_id: 'asset',
- author_id: '456'
- }, {
- body: 'comment 20',
- asset_id: 'asset',
- author_id: '456',
- status: 'REJECTED',
- status_history: [{
- type: 'REJECTED'
- }]
- }, {
- body: 'comment 30',
- asset_id: '456',
- status: 'ACCEPTED',
- status_history: [{
- type: 'ACCEPTED'
- }]
- }];
-
- const users = [{
- username: 'Ana',
- email: 'ana@gmail.com',
- password: '123456789'
- }, {
- username: 'Maria',
- email: 'maria@gmail.com',
- password: '123456789'
- }];
-
- const actions = [{
- action_type: 'FLAG',
- item_id: 'abc',
- item_type: 'COMMENTS'
- }, {
- action_type: 'LIKE',
- item_id: 'hij',
- item_type: 'COMMENTS'
- }];
-
- beforeEach(() => {
- return Promise.all([
- CommentModel.create(comments).then((newComments) => {
- newComments.forEach((comment, i) => {
- comments[i].id = comment.id;
- });
-
- actions[0].item_id = comments[0].id;
- actions[1].item_id = comments[1].id;
-
- return ActionModel.create(actions);
- }),
- UsersService.createLocalUsers(users)
- ]);
- });
-
- it('should return only the owner’s published comments if the user is not an admin', () => {
- return chai.request(app)
- .get('/api/v1/comments?user_id=456')
- .set(passport.inject({id: '456', roles: []}))
- .then(res => {
- expect(res).to.have.status(200);
- expect(res.body.comments).to.have.length(1);
- expect(res.body.comments[0]).to.have.property('author_id', '456');
- });
- });
-
- it('should fail if a non-admin requests comments not owned by them', () => {
- return chai.request(app)
- .get('/api/v1/comments?user_id=456')
- .set(passport.inject({id: '123', roles: []}))
- .then((res) => {
- expect(res).to.be.empty;
- })
- .catch((err) => {
- expect(err).to.have.status(401);
- });
- });
-
- it('should return all the comments', () => {
- return chai.request(app)
- .get('/api/v1/comments')
- .set(passport.inject({roles: ['ADMIN']}))
- .then((res) => {
-
- expect(res).to.have.status(200);
-
- });
- });
-
- it('should return all the rejected comments', () => {
- return chai.request(app)
- .get('/api/v1/comments?status=REJECTED')
- .set(passport.inject({roles: ['ADMIN']}))
- .then((res) => {
- expect(res).to.have.status(200);
- expect(res.body).to.have.property('comments');
- expect(res.body.comments).to.have.length(1);
- expect(res.body.comments[0]).to.have.property('id', comments[2].id);
- });
- });
-
- it('should return all the approved comments', () => {
- return chai.request(app)
- .get('/api/v1/comments?status=ACCEPTED')
- .set(passport.inject({roles: ['ADMIN']}))
- .then((res) => {
- expect(res).to.have.status(200);
- expect(res.body.comments).to.have.length(1);
- expect(res.body.comments[0]).to.have.property('id', comments[3].id);
- });
- });
-
- it('should return all the new comments', () => {
- return chai.request(app)
- .get('/api/v1/comments?status=NEW')
- .set(passport.inject({roles: ['ADMIN']}))
- .then((res) => {
- expect(res).to.have.status(200);
- expect(res.body.comments).to.have.length(2);
- });
- });
-
- it('should return all the flagged comments', () => {
- return chai.request(app)
- .get('/api/v1/comments?action_type=FLAG')
- .set(passport.inject({roles: ['ADMIN']}))
- .then((res) => {
- expect(res).to.have.status(200);
-
- expect(res.body.comments).to.have.length(1);
- expect(res.body.comments[0]).to.have.property('id', comments[0].id);
- });
- });
- });
-});
-
-describe('/api/v1/comments/:comment_id', () => {
- const comments = [{
- id: 'abc',
- body: 'comment 10',
- asset_id: 'asset',
- author_id: '123'
- }, {
- id: 'def',
- body: 'comment 20',
- asset_id: 'asset',
- author_id: '456'
- }, {
- id: 'hij',
- body: 'comment 30',
- asset_id: '456'
- }];
-
- const users = [{
- username: 'Ana',
- email: 'ana@gmail.com',
- password: '123456789'
- }, {
- username: 'Maria',
- email: 'maria@gmail.com',
- password: '123456789'
- }];
-
- const actions = [{
- action_type: 'FLAG',
- item_id: 'abc',
- item_type: 'COMMENTS'
- }, {
- action_type: 'LIKE',
- item_id: 'hij',
- item_type: 'COMMENTS'
- }];
-
- beforeEach(() => {
- return SettingsService.init(settings).then(() => {
- return Promise.all([
- CommentModel.create(comments),
- UsersService.createLocalUsers(users),
- ActionModel.create(actions)
- ]);
- });
- });
-
- describe('#get', () => {
-
- it('should return the right comment for the comment_id', () => {
- return chai.request(app)
- .get('/api/v1/comments/abc')
- .set(passport.inject({roles: ['ADMIN']}))
- .then((res) => {
- expect(res).to.have.status(200);
- expect(res).to.have.property('body');
- expect(res.body).to.have.property('body', 'comment 10');
- });
- });
- });
-
- describe('#delete', () => {
- it('it should remove comment', () => {
- return chai.request(app)
- .delete('/api/v1/comments/abc')
- .set(passport.inject({roles: ['ADMIN']}))
- .then((res) => {
- expect(res).to.have.status(204);
- return CommentsService.findById('abc');
- })
- .then((comment) => {
- expect(comment).to.be.null;
- });
- });
- });
-
- describe('#put', () => {
- it('it should update status', function() {
- return chai.request(app)
- .put('/api/v1/comments/abc/status')
- .set(passport.inject({roles: ['ADMIN']}))
- .send({status: 'accepted'})
- .then((res) => {
- expect(res).to.have.status(204);
- expect(res.body).to.be.empty;
- });
- });
-
- it('it should not allow a non-ADMIN to update status', () => {
- return chai.request(app)
- .put('/api/v1/comments/abc/status')
- .set(passport.inject({roles: []}))
- .send({status: 'accepted'})
- .then((res) => {
- expect(res).to.be.empty;
- })
- .catch((err) => {
- expect(err).to.have.property('status', 401);
- });
- });
- });
-});
diff --git a/test/routes/api/queue/index.js b/test/routes/api/queue/index.js
deleted file mode 100644
index bca68f355..000000000
--- a/test/routes/api/queue/index.js
+++ /dev/null
@@ -1,123 +0,0 @@
-const passport = require('../../../passport');
-
-const app = require('../../../../app');
-const chai = require('chai');
-const expect = chai.expect;
-
-// Setup chai.
-chai.should();
-chai.use(require('chai-http'));
-
-const Comment = require('../../../../models/comment');
-const Action = require('../../../../models/action');
-const UsersService = require('../../../../services/users');
-
-const SettingsService = require('../../../../services/settings');
-const settings = {id: '1', moderation: 'PRE', wordlist: {banned: ['banned'], suspect: ['suspect']}};
-
-describe('/api/v1/queue', () => {
- const comments = [{
- id: 'abc',
- body: 'comment 10',
- asset_id: 'asset',
- author_id: '123',
- status: 'REJECTED',
- status_history: [{
- type: 'REJECTED'
- }]
- }, {
- id: 'def',
- body: 'comment 20',
- asset_id: 'asset',
- author_id: '456',
- status: 'PREMOD',
- status_history: [{
- type: 'PREMOD'
- }]
- }, {
- id: 'hij',
- body: 'comment 30',
- asset_id: '456',
- status: 'ACCEPTED',
- status_history: [{
- type: 'ACCEPTED'
- }]
- }];
-
- const users = [{
- username: 'Ana',
- email: 'ana@gmail.com',
- password: '123456789'
- }, {
- username: 'Maria',
- email: 'maria@gmail.com',
- password: '123456789'
- }];
-
- const actions = [{
- action_type: 'FLAG',
- item_id: 'abc',
- item_type: 'COMMENTS'
- }, {
- action_type: 'LIKE',
- item_id: 'hij',
- item_type: 'COMMENTS'
- }, {
- action_type: 'FLAG',
- item_id: '123',
- item_type: 'USERS'
- }];
-
- beforeEach(() => {
- return SettingsService.init(settings).then(() => {
- return UsersService.createLocalUsers(users)
- .then((u) => {
- comments[0].author_id = u[0].id;
- comments[1].author_id = u[1].id;
- comments[2].author_id = u[1].id;
-
- return Promise.all([
- Comment.create(comments),
- u,
- ...u.map((user) => UsersService.setStatus(user.id, 'PENDING'))
- ]);
- })
- .then(([c, u]) => {
- actions[0].item_id = c[0].id;
- actions[1].item_id = c[1].id;
- actions[2].item_id = u[0].id;
-
- return Promise.all([
- Action.create(actions),
- SettingsService.init(settings)
- ]);
- });
- });
- });
-
- it('should return all the pending comments, users and actions', () => {
- return chai.request(app)
- .get('/api/v1/queue/comments/premod')
- .set(passport.inject({roles: ['ADMIN']}))
- .then((res) => {
- expect(res).to.have.status(200);
- expect(res.body.comments).to.have.length(1);
- expect(res.body.comments[0]).to.have.property('body');
- expect(res.body.users[0]).to.have.property('username');
- expect(res.body.actions[0]).to.have.property('action_type');
- });
- });
-
- it('should return all pending users and actions', function(done){
- chai.request(app)
- .get('/api/v1/queue/users/flagged')
- .set(passport.inject({roles: ['ADMIN']}))
- .end(function(err, res){
- expect(err).to.be.null;
- expect(res).to.have.status(200);
- expect(res.body.users[0]).to.have.property('username');
- expect(res.body.actions[0]).to.have.property('action_type');
- done();
- });
- });
-});
diff --git a/yarn.lock b/yarn.lock
index f1c047be2..5413439fa 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -175,11 +175,11 @@ anymatch@^1.3.0:
arrify "^1.0.0"
micromatch "^2.1.5"
-apollo-client@^0.7.3:
- version "0.7.3"
- resolved "https://registry.yarnpkg.com/apollo-client/-/apollo-client-0.7.3.tgz#f27702409ce4b90c3adbd78d8434c3e8d762c7dd"
+apollo-client@^0.8.3:
+ version "0.8.6"
+ resolved "https://registry.yarnpkg.com/apollo-client/-/apollo-client-0.8.6.tgz#9aa18b03ec338f0a3804122df7f77493a10b72a0"
dependencies:
- graphql-anywhere "^2.0.0"
+ graphql-anywhere "^2.1.0"
graphql-tag "^1.1.1"
redux "^3.4.0"
symbol-observable "^1.0.2"
@@ -3303,7 +3303,7 @@ graceful-fs@~2.0.0:
version "1.0.1"
resolved "https://registry.yarnpkg.com/graceful-readlink/-/graceful-readlink-1.0.1.tgz#4cafad76bc62f02fa039b2f94e9a3dd3a391a725"
-graphql-anywhere@^2.0.0:
+graphql-anywhere@^2.0.0, graphql-anywhere@^2.1.0:
version "2.1.0"
resolved "https://registry.yarnpkg.com/graphql-anywhere/-/graphql-anywhere-2.1.0.tgz#888c0a1718db3ff866b313070747777380560f69"
@@ -6375,9 +6375,9 @@ react-addons-test-utils@15.3.2:
version "15.3.2"
resolved "https://registry.yarnpkg.com/react-addons-test-utils/-/react-addons-test-utils-15.3.2.tgz#c09a44f583425a4a9c1b38444d7a6c3e6f0f41f6"
-react-apollo@^0.8.1:
- version "0.8.3"
- resolved "https://registry.yarnpkg.com/react-apollo/-/react-apollo-0.8.3.tgz#e799bdc913948bb487dfa90921b2ea8d08464816"
+react-apollo@^0.10.0:
+ version "0.10.1"
+ resolved "https://registry.yarnpkg.com/react-apollo/-/react-apollo-0.10.1.tgz#97fd50855f8575672aa68330b9c64a201cd13343"
dependencies:
graphql-anywhere "^2.0.0"
hoist-non-react-statics "^1.2.0"