mirror of
https://github.com/KevinMidboe/immich.git
synced 2025-10-29 17:40:28 +00:00
fix(server): non-nullable IsOptional (#3939)
* custom `IsOptional` * added link to source * formatting * Update server/src/domain/domain.util.ts Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> * nullable birth date endpoint * made `nullable` a property * formatting * removed unused dto * updated decorator arg * fixed album e2e tests * add null tests for auth e2e * add null test for person e2e * fixed tests * added null test for user e2e * removed unusued import * log key in test name * chore: add note about mobile not being able to use the endpoint --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
This commit is contained in:
Mert
GitHub
@@ -2,7 +2,16 @@ import { AppModule, AuthController } from '@app/immich';
|
||||
import { INestApplication } from '@nestjs/common';
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import request from 'supertest';
|
||||
import { deviceStub, errorStub, loginResponseStub, signupResponseStub, signupStub, uuidStub } from '../fixtures';
|
||||
import {
|
||||
changePasswordStub,
|
||||
deviceStub,
|
||||
errorStub,
|
||||
loginResponseStub,
|
||||
loginStub,
|
||||
signupResponseStub,
|
||||
adminSignupStub,
|
||||
uuidStub,
|
||||
} from '../fixtures';
|
||||
import { api, db } from '../test-utils';
|
||||
|
||||
const firstName = 'Immich';
|
||||
@@ -64,7 +73,7 @@ describe(`${AuthController.name} (e2e)`, () => {
|
||||
it('should sign up the admin with a local domain', async () => {
|
||||
const { status, body } = await request(server)
|
||||
.post('/auth/admin-sign-up')
|
||||
.send({ ...signupStub, email: 'admin@local' });
|
||||
.send({ ...adminSignupStub, email: 'admin@local' });
|
||||
expect(status).toEqual(201);
|
||||
expect(body).toEqual({ ...signupResponseStub, email: 'admin@local' });
|
||||
});
|
||||
@@ -72,7 +81,7 @@ describe(`${AuthController.name} (e2e)`, () => {
|
||||
it('should transform email to lower case', async () => {
|
||||
const { status, body } = await request(server)
|
||||
.post('/auth/admin-sign-up')
|
||||
.send({ ...signupStub, email: 'aDmIn@IMMICH.app' });
|
||||
.send({ ...adminSignupStub, email: 'aDmIn@IMMICH.app' });
|
||||
expect(status).toEqual(201);
|
||||
expect(body).toEqual(signupResponseStub);
|
||||
});
|
||||
@@ -80,11 +89,21 @@ describe(`${AuthController.name} (e2e)`, () => {
|
||||
it('should not allow a second admin to sign up', async () => {
|
||||
await api.adminSignUp(server);
|
||||
|
||||
const { status, body } = await request(server).post('/auth/admin-sign-up').send(signupStub);
|
||||
const { status, body } = await request(server).post('/auth/admin-sign-up').send(adminSignupStub);
|
||||
|
||||
expect(status).toBe(400);
|
||||
expect(body).toEqual(errorStub.alreadyHasAdmin);
|
||||
});
|
||||
|
||||
for (const key of Object.keys(adminSignupStub)) {
|
||||
it(`should not allow null ${key}`, async () => {
|
||||
const { status, body } = await request(server)
|
||||
.post('/auth/admin-sign-up')
|
||||
.send({ ...adminSignupStub, [key]: null });
|
||||
expect(status).toBe(400);
|
||||
expect(body).toEqual(errorStub.badRequest);
|
||||
});
|
||||
}
|
||||
});
|
||||
|
||||
describe(`POST /auth/login`, () => {
|
||||
@@ -94,6 +113,16 @@ describe(`${AuthController.name} (e2e)`, () => {
|
||||
expect(status).toBe(401);
|
||||
});
|
||||
|
||||
for (const key of Object.keys(loginStub.admin)) {
|
||||
it(`should not allow null ${key}`, async () => {
|
||||
const { status, body } = await request(server)
|
||||
.post('/auth/login')
|
||||
.send({ ...loginStub.admin, [key]: null });
|
||||
expect(status).toBe(400);
|
||||
expect(body).toEqual(errorStub.badRequest);
|
||||
});
|
||||
}
|
||||
|
||||
it('should accept a correct password', async () => {
|
||||
const { status, body, headers } = await request(server).post('/auth/login').send({ email, password });
|
||||
expect(status).toBe(201);
|
||||
@@ -183,17 +212,26 @@ describe(`${AuthController.name} (e2e)`, () => {
|
||||
|
||||
describe('POST /auth/change-password', () => {
|
||||
it('should require authentication', async () => {
|
||||
const { status, body } = await request(server)
|
||||
.post(`/auth/change-password`)
|
||||
.send({ password: 'Password123', newPassword: 'Password1234' });
|
||||
const { status, body } = await request(server).post(`/auth/change-password`).send(changePasswordStub);
|
||||
expect(status).toBe(401);
|
||||
expect(body).toEqual(errorStub.unauthorized);
|
||||
});
|
||||
|
||||
for (const key of Object.keys(changePasswordStub)) {
|
||||
it(`should not allow null ${key}`, async () => {
|
||||
const { status, body } = await request(server)
|
||||
.post('/auth/change-password')
|
||||
.send({ ...changePasswordStub, [key]: null })
|
||||
.set('Authorization', `Bearer ${accessToken}`);
|
||||
expect(status).toBe(400);
|
||||
expect(body).toEqual(errorStub.badRequest);
|
||||
});
|
||||
}
|
||||
|
||||
it('should require the current password', async () => {
|
||||
const { status, body } = await request(server)
|
||||
.post(`/auth/change-password`)
|
||||
.send({ password: 'wrong-password', newPassword: 'Password1234' })
|
||||
.send({ ...changePasswordStub, password: 'wrong-password' })
|
||||
.set('Authorization', `Bearer ${accessToken}`);
|
||||
expect(status).toBe(400);
|
||||
expect(body).toEqual(errorStub.wrongPassword);
|
||||
@@ -202,7 +240,7 @@ describe(`${AuthController.name} (e2e)`, () => {
|
||||
it('should change the password', async () => {
|
||||
const { status } = await request(server)
|
||||
.post(`/auth/change-password`)
|
||||
.send({ password: 'Password123', newPassword: 'Password1234' })
|
||||
.send(changePasswordStub)
|
||||
.set('Authorization', `Bearer ${accessToken}`);
|
||||
expect(status).toBe(200);
|
||||
|
||||
|
||||
@@ -40,7 +40,20 @@ describe(`${PersonController.name}`, () => {
|
||||
expect(body).toEqual(errorStub.unauthorized);
|
||||
});
|
||||
|
||||
it('should not accept invalid dates', async () => {
|
||||
for (const key of ['name', 'featureFaceAssetId', 'isHidden']) {
|
||||
it(`should not allow null ${key}`, async () => {
|
||||
const personRepository = app.get<IPersonRepository>(IPersonRepository);
|
||||
const person = await personRepository.create({ ownerId: loginResponse.userId });
|
||||
const { status, body } = await request(server)
|
||||
.put(`/person/${person.id}`)
|
||||
.set('Authorization', `Bearer ${accessToken}`)
|
||||
.send({ [key]: null });
|
||||
expect(status).toBe(400);
|
||||
expect(body).toEqual(errorStub.badRequest);
|
||||
});
|
||||
}
|
||||
|
||||
it('should not accept invalid birth dates', async () => {
|
||||
for (const birthDate of [false, 'false', '123567', 123456]) {
|
||||
const { status, body } = await request(server)
|
||||
.put(`/person/${uuidStub.notFound}`)
|
||||
@@ -50,6 +63,7 @@ describe(`${PersonController.name}`, () => {
|
||||
expect(body).toEqual(errorStub.badRequest);
|
||||
}
|
||||
});
|
||||
|
||||
it('should update a date of birth', async () => {
|
||||
const personRepository = app.get<IPersonRepository>(IPersonRepository);
|
||||
const person = await personRepository.create({ ownerId: loginResponse.userId });
|
||||
|
||||
@@ -3,7 +3,7 @@ import { AppModule, UserController } from '@app/immich';
|
||||
import { INestApplication } from '@nestjs/common';
|
||||
import { Test, TestingModule } from '@nestjs/testing';
|
||||
import request from 'supertest';
|
||||
import { errorStub } from '../fixtures';
|
||||
import { errorStub, userSignupStub, userStub } from '../fixtures';
|
||||
import { api, db } from '../test-utils';
|
||||
|
||||
describe(`${UserController.name}`, () => {
|
||||
@@ -118,13 +118,22 @@ describe(`${UserController.name}`, () => {
|
||||
|
||||
describe('POST /user', () => {
|
||||
it('should require authentication', async () => {
|
||||
const { status, body } = await request(server)
|
||||
.post(`/user`)
|
||||
.send({ email: 'user1@immich.app', password: 'Password123', firstName: 'Immich', lastName: 'User' });
|
||||
const { status, body } = await request(server).post(`/user`).send(userSignupStub);
|
||||
expect(status).toBe(401);
|
||||
expect(body).toEqual(errorStub.unauthorized);
|
||||
});
|
||||
|
||||
for (const key of Object.keys(userSignupStub)) {
|
||||
it(`should not allow null ${key}`, async () => {
|
||||
const { status, body } = await request(server)
|
||||
.post(`/user`)
|
||||
.set('Authorization', `Bearer ${accessToken}`)
|
||||
.send({ ...userSignupStub, [key]: null });
|
||||
expect(status).toBe(400);
|
||||
expect(body).toEqual(errorStub.badRequest);
|
||||
});
|
||||
}
|
||||
|
||||
it('should ignore `isAdmin`', async () => {
|
||||
const { status, body } = await request(server)
|
||||
.post(`/user`)
|
||||
@@ -170,6 +179,17 @@ describe(`${UserController.name}`, () => {
|
||||
expect(body).toEqual(errorStub.unauthorized);
|
||||
});
|
||||
|
||||
for (const key of Object.keys(userStub.admin)) {
|
||||
it(`should not allow null ${key}`, async () => {
|
||||
const { status, body } = await request(server)
|
||||
.put(`/user`)
|
||||
.set('Authorization', `Bearer ${accessToken}`)
|
||||
.send({ ...userStub.admin, [key]: null });
|
||||
expect(status).toBe(400);
|
||||
expect(body).toEqual(errorStub.badRequest);
|
||||
});
|
||||
}
|
||||
|
||||
it('should not allow a non-admin to become an admin', async () => {
|
||||
const user = await api.userApi.create(server, accessToken, {
|
||||
email: 'user1@immich.app',
|
||||
|
||||
Reference in New Issue
Block a user