fix(): auhentication required when adding new user

bleenco · Oct 4, 2017 · abbd17b · abbd17b
1 parent ac6f5f0
commit abbd17b
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 4 deletions.
diff --git a/src/api/server-routes.ts b/src/api/server-routes.ts
@@ -165,9 +165,19 @@ export function userRoutes(): express.Router {
   });
 
   router.post('/create', (req: express.Request, res: express.Response) => {
-    createUser(req.body)
-      .then(() => res.status(200).json({ status: true }))
-      .catch(err => res.status(200).json({ status: false }));
+    getUsers().then(users => {
+      if (users && users.length) {
+        checkApiRequestAuth(req).then(() => {
+          createUser(req.body)
+            .then(() => res.status(200).json({ status: true }))
+            .catch(err => res.status(200).json({ status: false }));
+        }).catch(err => res.status(401).json({ data: 'Not Authorized' }));
+      } else {
+        createUser(req.body)
+          .then(() => res.status(200).json({ status: true }))
+          .catch(err => res.status(200).json({ status: false }));
+      }
+    }).catch(err => res.status(200).json({ data: false }));
   });
 
   router.post('/save', (req: express.Request, res: express.Response) => {

diff --git a/tests/e2e/tests/050-routes/030-user/030-api-user-create.ts b/tests/e2e/tests/050-routes/030-user/030-api-user-create.ts
@@ -7,7 +7,8 @@ export default function() {
         let options = {
           url: 'http://localhost:6500/api/user/create',
           method: 'POST',
-          json: { test: 1 }
+          json: { email: '[email protected]', fullname: 'test',
+            password: 'test', confirmPassword: 'test', admin: 1 }
         };
 
         request(options, (err, response, body) => {

diff --git a/tests/e2e/tests/050-routes/030-user/090.api-user-create.ts b/tests/e2e/tests/050-routes/030-user/090.api-user-create.ts
@@ -0,0 +1,30 @@
+import * as request from 'request';
+
+export default function() {
+  return Promise.resolve()
+    .then(() => {
+      return new Promise((resolve, reject) => {
+        let options = {
+          url: 'http://localhost:6500/api/user/create',
+          method: 'POST',
+          json: { email: '[email protected]', fullname: 'test2',
+            password: 'test', confirmPassword: 'test', admin: 1 }
+        };
+
+        request(options, (err, response, body) => {
+          if (err) {
+            Promise.reject(err);
+          } else {
+            if (response.statusCode === 401 && response.body.data === 'Not Authorized') {
+              resolve(body);
+            } else {
+              reject({
+                statusCode: response.statusCode,
+                response: body
+              });
+            }
+          }
+        });
+      });
+    });
+}