2023-01-11 21:34:36 -05:00
|
|
|
import { UserEntity } from '@app/infra';
|
2022-12-23 21:08:50 +01:00
|
|
|
import { BadRequestException, ForbiddenException, NotFoundException } from '@nestjs/common';
|
2023-01-11 21:34:36 -05:00
|
|
|
import { AuthUserDto } from '../auth';
|
|
|
|
|
import { IUserRepository } from '@app/domain';
|
2022-12-23 21:08:50 +01:00
|
|
|
import { when } from 'jest-when';
|
2022-09-18 09:27:06 -05:00
|
|
|
import { UserService } from './user.service';
|
2022-12-23 21:08:50 +01:00
|
|
|
import { UpdateUserDto } from './dto/update-user.dto';
|
2022-09-18 09:27:06 -05:00
|
|
|
|
|
|
|
|
describe('UserService', () => {
|
2022-12-23 21:08:50 +01:00
|
|
|
let sut: UserService;
|
2022-09-18 09:27:06 -05:00
|
|
|
let userRepositoryMock: jest.Mocked<IUserRepository>;
|
|
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
const adminUserAuth: AuthUserDto = Object.freeze({
|
2022-09-18 09:27:06 -05:00
|
|
|
id: 'admin_id',
|
|
|
|
|
email: 'admin@test.com',
|
2022-12-23 21:08:50 +01:00
|
|
|
isAdmin: true,
|
2022-09-18 09:27:06 -05:00
|
|
|
});
|
|
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
const immichUserAuth: AuthUserDto = Object.freeze({
|
2022-09-18 09:27:06 -05:00
|
|
|
id: 'immich_id',
|
|
|
|
|
email: 'immich@test.com',
|
2022-12-23 21:08:50 +01:00
|
|
|
isAdmin: false,
|
2022-09-18 09:27:06 -05:00
|
|
|
});
|
|
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
const adminUser: UserEntity = Object.freeze({
|
|
|
|
|
id: adminUserAuth.id,
|
2022-09-18 09:27:06 -05:00
|
|
|
email: 'admin@test.com',
|
|
|
|
|
password: 'admin_password',
|
|
|
|
|
firstName: 'admin_first_name',
|
|
|
|
|
lastName: 'admin_last_name',
|
|
|
|
|
isAdmin: true,
|
2022-12-03 22:59:24 -05:00
|
|
|
oauthId: '',
|
2022-09-18 09:27:06 -05:00
|
|
|
shouldChangePassword: false,
|
|
|
|
|
profileImagePath: '',
|
|
|
|
|
createdAt: '2021-01-01',
|
2022-12-05 11:56:44 -06:00
|
|
|
tags: [],
|
2022-12-23 21:08:50 +01:00
|
|
|
});
|
2022-09-18 09:27:06 -05:00
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
const immichUser: UserEntity = Object.freeze({
|
|
|
|
|
id: immichUserAuth.id,
|
2022-09-18 09:27:06 -05:00
|
|
|
email: 'immich@test.com',
|
|
|
|
|
password: 'immich_password',
|
|
|
|
|
firstName: 'immich_first_name',
|
|
|
|
|
lastName: 'immich_last_name',
|
|
|
|
|
isAdmin: false,
|
2022-12-03 22:59:24 -05:00
|
|
|
oauthId: '',
|
2022-09-18 09:27:06 -05:00
|
|
|
shouldChangePassword: false,
|
|
|
|
|
profileImagePath: '',
|
|
|
|
|
createdAt: '2021-01-01',
|
2022-12-05 11:56:44 -06:00
|
|
|
tags: [],
|
2022-12-23 21:08:50 +01:00
|
|
|
});
|
2022-09-18 09:27:06 -05:00
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
const updatedImmichUser: UserEntity = Object.freeze({
|
|
|
|
|
id: immichUserAuth.id,
|
2022-09-18 09:27:06 -05:00
|
|
|
email: 'immich@test.com',
|
|
|
|
|
password: 'immich_password',
|
|
|
|
|
firstName: 'updated_immich_first_name',
|
|
|
|
|
lastName: 'updated_immich_last_name',
|
|
|
|
|
isAdmin: false,
|
2022-12-03 22:59:24 -05:00
|
|
|
oauthId: '',
|
2022-09-18 09:27:06 -05:00
|
|
|
shouldChangePassword: true,
|
|
|
|
|
profileImagePath: '',
|
|
|
|
|
createdAt: '2021-01-01',
|
2022-12-05 11:56:44 -06:00
|
|
|
tags: [],
|
2022-12-23 21:08:50 +01:00
|
|
|
});
|
2022-09-18 09:27:06 -05:00
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
beforeEach(() => {
|
2023-01-11 21:34:36 -05:00
|
|
|
userRepositoryMock = {
|
|
|
|
|
get: jest.fn(),
|
|
|
|
|
getAdmin: jest.fn(),
|
|
|
|
|
getByEmail: jest.fn(),
|
|
|
|
|
getByOAuthId: jest.fn(),
|
|
|
|
|
getList: jest.fn(),
|
|
|
|
|
create: jest.fn(),
|
|
|
|
|
update: jest.fn(),
|
|
|
|
|
delete: jest.fn(),
|
|
|
|
|
restore: jest.fn(),
|
|
|
|
|
};
|
2022-12-23 21:08:50 +01:00
|
|
|
when(userRepositoryMock.get).calledWith(adminUser.id).mockResolvedValue(adminUser);
|
|
|
|
|
when(userRepositoryMock.get).calledWith(adminUser.id, undefined).mockResolvedValue(adminUser);
|
|
|
|
|
when(userRepositoryMock.get).calledWith(immichUser.id, undefined).mockResolvedValue(immichUser);
|
2022-09-18 09:27:06 -05:00
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
sut = new UserService(userRepositoryMock);
|
2022-09-18 09:27:06 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe('Update user', () => {
|
2022-12-16 14:26:12 -06:00
|
|
|
it('should update user', async () => {
|
2022-12-23 21:08:50 +01:00
|
|
|
const update: UpdateUserDto = {
|
|
|
|
|
id: immichUser.id,
|
|
|
|
|
shouldChangePassword: true,
|
|
|
|
|
};
|
2022-09-18 09:27:06 -05:00
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
when(userRepositoryMock.update).calledWith(update.id, update).mockResolvedValueOnce(updatedImmichUser);
|
2022-09-18 09:27:06 -05:00
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
const updatedUser = await sut.updateUser(immichUserAuth, update);
|
|
|
|
|
expect(updatedUser.shouldChangePassword).toEqual(true);
|
2022-09-18 09:27:06 -05:00
|
|
|
});
|
|
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
it('user can only update its information', async () => {
|
|
|
|
|
when(userRepositoryMock.get)
|
|
|
|
|
.calledWith('not_immich_auth_user_id', undefined)
|
|
|
|
|
.mockResolvedValueOnce({
|
|
|
|
|
...immichUser,
|
|
|
|
|
id: 'not_immich_auth_user_id',
|
|
|
|
|
});
|
2022-09-18 09:27:06 -05:00
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
const result = sut.updateUser(immichUserAuth, {
|
2022-09-18 09:27:06 -05:00
|
|
|
id: 'not_immich_auth_user_id',
|
|
|
|
|
password: 'I take over your account now',
|
|
|
|
|
});
|
2022-12-23 21:08:50 +01:00
|
|
|
await expect(result).rejects.toBeInstanceOf(ForbiddenException);
|
2022-09-18 09:27:06 -05:00
|
|
|
});
|
|
|
|
|
|
2022-12-27 11:36:31 -05:00
|
|
|
it('should let a user change their email', async () => {
|
|
|
|
|
const dto = { id: immichUser.id, email: 'updated@test.com' };
|
|
|
|
|
|
|
|
|
|
userRepositoryMock.get.mockResolvedValue(immichUser);
|
|
|
|
|
userRepositoryMock.update.mockResolvedValue(immichUser);
|
|
|
|
|
|
|
|
|
|
await sut.updateUser(immichUser, dto);
|
|
|
|
|
|
2022-12-27 21:29:58 -05:00
|
|
|
expect(userRepositoryMock.update).toHaveBeenCalledWith(immichUser.id, {
|
|
|
|
|
id: 'immich_id',
|
|
|
|
|
email: 'updated@test.com',
|
|
|
|
|
});
|
2022-12-27 11:36:31 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should not let a user change their email to one already in use', async () => {
|
|
|
|
|
const dto = { id: immichUser.id, email: 'updated@test.com' };
|
|
|
|
|
|
|
|
|
|
userRepositoryMock.get.mockResolvedValue(immichUser);
|
|
|
|
|
userRepositoryMock.getByEmail.mockResolvedValue(adminUser);
|
|
|
|
|
|
|
|
|
|
await expect(sut.updateUser(immichUser, dto)).rejects.toBeInstanceOf(BadRequestException);
|
|
|
|
|
|
|
|
|
|
expect(userRepositoryMock.update).not.toHaveBeenCalled();
|
|
|
|
|
});
|
|
|
|
|
|
2022-09-18 09:27:06 -05:00
|
|
|
it('admin can update any user information', async () => {
|
2022-12-23 21:08:50 +01:00
|
|
|
const update: UpdateUserDto = {
|
|
|
|
|
id: immichUser.id,
|
|
|
|
|
shouldChangePassword: true,
|
|
|
|
|
};
|
2022-09-18 09:27:06 -05:00
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
when(userRepositoryMock.update).calledWith(immichUser.id, update).mockResolvedValueOnce(updatedImmichUser);
|
2022-09-18 09:27:06 -05:00
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
const result = await sut.updateUser(adminUserAuth, update);
|
2022-09-18 09:27:06 -05:00
|
|
|
|
|
|
|
|
expect(result).toBeDefined();
|
|
|
|
|
expect(result.id).toEqual(updatedImmichUser.id);
|
|
|
|
|
expect(result.shouldChangePassword).toEqual(updatedImmichUser.shouldChangePassword);
|
|
|
|
|
});
|
|
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
it('update user information should throw error if user not found', async () => {
|
|
|
|
|
when(userRepositoryMock.get).calledWith(immichUser.id, undefined).mockResolvedValueOnce(null);
|
2022-09-18 09:27:06 -05:00
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
const result = sut.updateUser(adminUser, {
|
|
|
|
|
id: immichUser.id,
|
2022-09-18 09:27:06 -05:00
|
|
|
shouldChangePassword: true,
|
|
|
|
|
});
|
2022-11-26 15:09:06 -06:00
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
await expect(result).rejects.toBeInstanceOf(NotFoundException);
|
|
|
|
|
});
|
|
|
|
|
});
|
2022-11-26 15:09:06 -06:00
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
describe('Delete user', () => {
|
|
|
|
|
it('cannot delete admin user', async () => {
|
|
|
|
|
const result = sut.deleteUser(adminUserAuth, adminUserAuth.id);
|
2022-11-26 15:09:06 -06:00
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
await expect(result).rejects.toBeInstanceOf(ForbiddenException);
|
|
|
|
|
});
|
|
|
|
|
});
|
2022-11-26 15:09:06 -06:00
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
describe('Create user', () => {
|
2022-12-26 10:35:52 -05:00
|
|
|
it('should let the admin update himself', async () => {
|
|
|
|
|
const dto = { id: adminUser.id, shouldChangePassword: true, isAdmin: true };
|
|
|
|
|
|
|
|
|
|
when(userRepositoryMock.get).calledWith(adminUser.id).mockResolvedValueOnce(null);
|
|
|
|
|
when(userRepositoryMock.update).calledWith(adminUser.id, dto).mockResolvedValueOnce(adminUser);
|
|
|
|
|
|
|
|
|
|
await sut.updateUser(adminUser, dto);
|
|
|
|
|
|
|
|
|
|
expect(userRepositoryMock.update).toHaveBeenCalledWith(adminUser.id, dto);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should not let the another user become an admin', async () => {
|
|
|
|
|
const dto = { id: immichUser.id, shouldChangePassword: true, isAdmin: true };
|
|
|
|
|
|
|
|
|
|
when(userRepositoryMock.get).calledWith(immichUser.id).mockResolvedValueOnce(immichUser);
|
|
|
|
|
|
|
|
|
|
await expect(sut.updateUser(adminUser, dto)).rejects.toBeInstanceOf(BadRequestException);
|
|
|
|
|
});
|
|
|
|
|
|
2022-12-23 21:08:50 +01:00
|
|
|
it('should not create a user if there is no local admin account', async () => {
|
|
|
|
|
when(userRepositoryMock.getAdmin).calledWith().mockResolvedValueOnce(null);
|
|
|
|
|
|
|
|
|
|
await expect(
|
|
|
|
|
sut.createUser({
|
|
|
|
|
email: 'john_smith@email.com',
|
|
|
|
|
firstName: 'John',
|
|
|
|
|
lastName: 'Smith',
|
|
|
|
|
password: 'password',
|
|
|
|
|
}),
|
|
|
|
|
).rejects.toBeInstanceOf(BadRequestException);
|
2022-11-26 15:09:06 -06:00
|
|
|
});
|
2022-09-18 09:27:06 -05:00
|
|
|
});
|
|
|
|
|
});
|
