Remove email update of admin during test that break next tests

Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com>

jest.config.e2e.js

@@ -2,6 +2,7 @@ module.exports = {
   name: 'API integration tests',
   testMatch: ['**/?(*.)+(spec|test).e2e.js'],
   testEnvironment: 'node',
+  setupFilesAfterEnv: ['<rootDir>/test/jest2e2.setup.js'],
   coveragePathIgnorePatterns: [
     '<rootDir>/dist/',
     '<rootDir>/node_modules/',

packages/strapi-admin/controllers/authenticated-user.js

@@ -28,7 +28,7 @@ module.exports = {
       return ctx.badRequest('ValidationError', err);
     }
 
-    const updatedUser = strapi.admin.services.user.update({ id: ctx.state.user.id }, input);
+    const updatedUser = await strapi.admin.services.user.update({ id: ctx.state.user.id }, input);
 
     ctx.body = {
       data: strapi.admin.services.user.sanitizeUser(updatedUser),

packages/strapi-admin/test/admin-auth.test.e2e.js

@@ -15,23 +15,6 @@ const createUser = data => {
   });
 };
 
-expect.extend({
-  stringOrNull(received) {
-    const pass = typeof received === 'string' || received === null;
-    if (pass) {
-      return {
-        message: () => `expected ${received} not to be null or a string`,
-        pass: true,
-      };
-    } else {
-      return {
-        message: () => `expected ${received} to be null or a string`,
-        pass: false,
-      };
-    }
-  },
-});
-
 describe('Admin Auth End to End', () => {
   beforeAll(async () => {
     const token = await registerAndLogin();

packages/strapi-admin/test/admin-authenticated-user.test.e2e.js

@@ -0,0 +1,132 @@
+// Helpers.
+const { registerAndLogin } = require('../../../test/helpers/auth');
+const { createAuthRequest, createRequest } = require('../../../test/helpers/request');
+
+let rq;
+
+describe('Authenticated User', () => {
+  beforeAll(async () => {
+    const token = await registerAndLogin();
+
+    rq = createAuthRequest(token);
+  }, 60000);
+
+  describe('GET /users/me', () => {
+    test('Returns sanitized user info', async () => {
+      const res = await rq({
+        url: '/admin/users/me',
+        method: 'GET',
+        body: {},
+      });
+
+      expect(res.statusCode).toBe(200);
+      expect(res.body.data).toMatchObject({
+        id: expect.anything(),
+        firstname: expect.stringOrNull(),
+        lastname: expect.stringOrNull(),
+        username: expect.stringOrNull(),
+        email: expect.any(String),
+        isActive: expect.any(Boolean),
+      });
+    });
+
+    test('Returns forbidden on unauthenticated query', async () => {
+      const req = createRequest();
+      const res = await req({
+        url: '/admin/users/me',
+        method: 'GET',
+        body: {},
+      });
+
+      expect(res.statusCode).toBe(403);
+    });
+  });
+
+  describe('PUT /users/me', () => {
+    test('Returns forbidden on unauthenticated query', async () => {
+      const req = createRequest();
+      const res = await req({
+        url: '/admin/users/me',
+        method: 'PUT',
+        body: {},
+      });
+
+      expect(res.statusCode).toBe(403);
+    });
+
+    test('Fails when trying to edit roles', async () => {
+      const res = await rq({
+        url: '/admin/users/me',
+        method: 'PUT',
+        body: {
+          roles: [1],
+        },
+      });
+
+      expect(res.statusCode).toBe(400);
+      expect(res.body).toMatchObject({
+        statusCode: 400,
+        error: 'Bad Request',
+        message: 'ValidationError',
+      });
+    });
+
+    test('Fails when trying to edit isActive', async () => {
+      const res = await rq({
+        url: '/admin/users/me',
+        method: 'PUT',
+        body: {
+          isActive: 12,
+        },
+      });
+
+      expect(res.statusCode).toBe(400);
+      expect(res.body).toMatchObject({
+        statusCode: 400,
+        error: 'Bad Request',
+        message: 'ValidationError',
+      });
+    });
+
+    test('Fails when trying to set invalid inputs', async () => {
+      const res = await rq({
+        url: '/admin/users/me',
+        method: 'PUT',
+        body: {
+          isActive: 12,
+        },
+      });
+
+      expect(res.statusCode).toBe(400);
+      expect(res.body).toMatchObject({
+        statusCode: 400,
+        error: 'Bad Request',
+        message: 'ValidationError',
+      });
+    });
+
+    test('Allows edition of names', async () => {
+      const input = {
+        firstname: 'newFirstName',
+        lastname: 'newLastaName',
+      };
+
+      const res = await rq({
+        url: '/admin/users/me',
+        method: 'PUT',
+        body: input,
+      });
+
+      expect(res.statusCode).toBe(200);
+      expect(res.body.data).toMatchObject({
+        id: expect.anything(),
+        email: expect.any(String),
+        firstname: input.firstname,
+        lastname: input.lastname,
+        username: expect.stringOrNull(),
+        isActive: expect.any(Boolean),
+        roles: expect.arrayContaining([]),
+      });
+    });
+  });
+});

packages/strapi-admin/validation/authentication.js

@@ -10,9 +10,9 @@ const registrationSchema = yup
     userInfo: yup
       .object()
       .shape({
-        firstname: validators.firstname,
-        lastname: validators.lastname,
-        password: validators.password,
+        firstname: validators.firstname.required(),
+        lastname: validators.lastname.required(),
+        password: validators.password.required(),
       })
       .required()
       .noUnknown(),

packages/strapi-admin/validation/common-validators.js

@@ -3,21 +3,18 @@
 const { yup } = require('strapi-utils');
 
 const validators = {
-  firstname: yup
+  email: yup
     .string()
-    .min(1)
-    .required(),
-  lastname: yup
-    .string()
-    .min(1)
-    .required(),
+    .email()
+    .min(1),
+  firstname: yup.string().min(1),
+  lastname: yup.string().min(1),
   password: yup
     .string()
     .min(8)
     .matches(/[a-z]/, '${path} must contain at least one lowercase character')
     .matches(/[A-Z]/, '${path} must contain at least one uppercase character')
-    .matches(/\d/, '${path} must contain at least one number')
-    .required(),
+    .matches(/\d/, '${path} must contain at least one number'),
 };
 
 module.exports = validators;

packages/strapi-admin/validation/user.js

@@ -8,12 +8,9 @@ const handleReject = error => Promise.reject(formatYupErrors(error));
 const userCreationSchema = yup
   .object()
   .shape({
-    email: yup
-      .string()
-      .email()
-      .required(),
-    firstname: validators.firstname,
-    lastname: validators.lastname,
+    email: validators.email.required(),
+    firstname: validators.firstname.required(),
+    lastname: validators.lastname.required(),
     roles: yup.array(), // FIXME: set min to 1 once the create  role API is created,
   })
   .noUnknown();
@@ -25,13 +22,13 @@ const validateUserCreationInput = data => {
 const profileUpdateSchema = yup
   .object()
   .shape({
-    email: yup
-      .string()
-      .email()
-      .required(),
+    email: validators.email,
     firstname: validators.firstname,
     lastname: validators.lastname,
-    username: yup.string().min(1),
+    username: yup
+      .string()
+      .min(1)
+      .nullable(),
     password: validators.password,
   })
   .noUnknown();

packages/strapi-plugin-users-permissions/services/UsersPermissions.js

@@ -318,26 +318,25 @@ module.exports = {
       const query = strapi.query('permission', 'users-permissions');
 
       // Execute request to update entries in database for each role.
-      await Promise.all([
-        Promise.all(
-          toAdd.map(permission =>
-            query.create({
-              type: permission.type,
-              controller: permission.controller,
-              action: permission.action,
-              enabled: isPermissionEnabled(permission, rolesMap[permission.roleId]),
-              policy: '',
-              role: permission.roleId,
-            })
-          )
-        ),
-        Promise.all(
-          toRemove.map(permission => {
-            const { type, controller, action, roleId: role } = permission;
-            return query.delete({ type, controller, action, role });
+      await Promise.all(
+        toAdd.map(permission =>
+          query.create({
+            type: permission.type,
+            controller: permission.controller,
+            action: permission.action,
+            enabled: isPermissionEnabled(permission, rolesMap[permission.roleId]),
+            policy: '',
+            role: permission.roleId,
           })
-        ),
-      ]);
+        )
+      );
+
+      await Promise.all(
+        toRemove.map(permission => {
+          const { type, controller, action, roleId: role } = permission;
+          return query.delete({ type, controller, action, role });
+        })
+      );
     }
   },
 

packages/strapi-plugin-users-permissions/test/graphql.test.e2e.js

@@ -53,7 +53,9 @@ describe('Test Graphql user service', () => {
           query: /* GraphQL */ `
             mutation {
               createUser(
-                input: { data: { username: "test", email: "test@strapi.io", password: "test" } }
+                input: {
+                  data: { username: "test", email: "test-graphql@strapi.io", password: "test" }
+                }
               ) {
                 user {
                   id

test/jest2e2.setup.js

@@ -0,0 +1,16 @@
+expect.extend({
+  stringOrNull(received) {
+    const pass = typeof received === 'string' || received === null;
+    if (pass) {
+      return {
+        message: () => `expected ${received} not to be null or a string`,
+        pass: true,
+      };
+    } else {
+      return {
+        message: () => `expected ${received} to be null or a string`,
+        pass: false,
+      };
+    }
+  },
+});