Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-06 22:40:14 -05:00
Code Issues Activity

Migrated authentication.updateSetup method to v2

Browse source
This commit is contained in:
Nazar Gargol 2019-07-25 17:10:46 +02:00
parent 03934e30c9
commit 8b651bff9d
4 changed files with 75 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
core/server/api/v2/authentication.js
View file

@ -1,5 +1,6 @@
const api = require('./index');
const config = require('../../config');
const common = require('../../lib/common');
const web = require('../../web');
const models = require('../../models');
const auth = require('../../services/auth');
@ -35,6 +36,38 @@ module.exports = {
}
},
updateSetup: {
permissions: (frame) => {
return models.User.findOne({role: 'Owner', status: 'all'})
.then((owner) => {
if (owner.id !== frame.options.context.user) {
throw new common.errors.NoPermissionError({message: common.i18n.t('errors.api.authentication.notTheBlogOwner')});
}
});
},
validation: {
docName: 'setup'
},
query(frame) {
return Promise.resolve()
.then(() => {
return auth.setup.assertSetupCompleted(true)();
})
.then(() => {
const setupDetails = {
name: frame.data.setup[0].name,
email: frame.data.setup[0].email,
password: frame.data.setup[0].password,
blogTitle: frame.data.setup[0].blogTitle,
status: 'active'
};
return auth.setup.setupUser(setupDetails)
.then(({user}) => user);
});
}
},
isSetup: {
permissions: false,
query() {

8
core/server/api/v2/utils/serializers/output/authentication.js
View file

@ -11,6 +11,14 @@ module.exports = {
};
},
updateSetup(user, apiConfig, frame) {
frame.response = {
users: [
mapper.mapUser(user, {options: {context: {internal: true}}})
]
};
},
isSetup(data, apiConfig, frame) {
frame.response = {
setup: [data]

2
core/server/web/api/v2/admin/routes.js
View file

@ -190,7 +190,7 @@ module.exports = function apiRoutes() {
router.post('/authentication/invitation', api.http(apiv2.authentication.acceptInvitation));
router.get('/authentication/invitation', api.http(apiv2.authentication.isInvitation));
router.post('/authentication/setup', api.http(apiv2.authentication.setup));
router.put('/authentication/setup', mw.authAdminApi, api.http(api.authentication.updateSetup));
router.put('/authentication/setup', mw.authAdminApi, api.http(apiv2.authentication.updateSetup));
router.get('/authentication/setup', api.http(apiv2.authentication.isSetup));
// ## Images

34
core/test/regression/api/v2/admin/authentication_spec.js
View file

@ -8,7 +8,7 @@ let ghost = testUtils.startGhost;
let request;
describe.only('Authentication API v2', function () {
var accesstoken = '', ghostServer;
let ghostServer;
describe('Blog setup', function () {
before(function () {
@ -85,6 +85,38 @@ describe.only('Authentication API v2', function () {
.expect('Content-Type', /json/)
.expect(403);
});
it('update setup', function () {
return localUtils.doAuth(request)
.then(() => {
return request
.put(localUtils.API.getApiQuery('authentication/setup'))
.set('Origin', config.get('url'))
.send({
setup: [{
name: 'test user edit',
email: 'test-edit@example.com',
password: 'thisissupersafe',
blogTitle: 'a test blog'
}]
})
.expect('Content-Type', /json/)
.expect(200);
})
.then((res) => {
const jsonResponse = res.body;
should.exist(jsonResponse.users);
should.not.exist(jsonResponse.meta);
jsonResponse.users.should.have.length(1);
localUtils.API.checkResponse(jsonResponse.users[0], 'user');
const newUser = jsonResponse.users[0];
newUser.id.should.equal(testUtils.DataGenerator.Content.users[0].id);
newUser.name.should.equal('test user edit');
newUser.email.should.equal('test-edit@example.com');
});
});
});
describe('Invitation', function () {