fix: npm >= v5.5.0 login need not email (#1275) (#1304)

cnpm · Mar 14, 2018 · 1b30146 · 1b30146
1 parent 4210b7b
commit 1b30146
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 11 deletions.
diff --git a/controllers/registry/user/add.js b/controllers/registry/user/add.js
@@ -40,18 +40,8 @@ var config = require('../../../config');
 module.exports = function* addUser() {
   var name = this.params.name;
   var body = this.request.body || {};
-  var user = {
-    name: body.name,
-    // salt: body.salt,
-    // password_sha: body.password_sha,
-    email: body.email,
-    ip: this.ip || '0.0.0.0',
-    // roles: body.roles || [],
-  };
 
-  ensurePasswordSalt(user, body);
-
-  if (!body.password || !user.name || !user.salt || !user.password_sha || !user.email) {
+  if (!body.password || !body.name) {
     this.status = 422;
     this.body = {
       error: 'paramError',
@@ -91,6 +81,26 @@ module.exports = function* addUser() {
     return;
   }
 
+  var user = {
+    name: body.name,
+    // salt: body.salt,
+    // password_sha: body.password_sha,
+    email: body.email,
+    ip: this.ip || '0.0.0.0',
+    // roles: body.roles || [],
+  };
+
+  ensurePasswordSalt(user, body);
+
+  if (!user.salt || !user.password_sha || !user.email) {
+    this.status = 422;
+    this.body = {
+      error: 'paramError',
+      reason: 'params missing, name, email or password missing.'
+    };
+    return;
+  }
+
   var existUser = yield userService.get(name);
   if (existUser) {
     this.status = 409;

diff --git a/test/controllers/registry/user/add.test.js b/test/controllers/registry/user/add.test.js
@@ -68,6 +68,35 @@ describe('controllers/registry/user/add.test.js', function () {
       })
       .expect(201, done);
     });
+
+    it('should 422 add user without email', function (done) {
+      mm(userService, 'get', function* () {
+        return null;
+      });
+      mm(userService, 'add', function* () {
+        return {rev: '1-123'};
+      });
+      request(app)
+      .put('/-/user/org.couchdb.user:name')
+      .send({
+        name: 'name',
+        password: 'password'
+      })
+      .expect(422, done);
+    });
+
+    it('should login without email ok', function (done) {
+      mm(userService, 'authAndSave', function* () {
+        return {login: 'name'};
+      });
+      request(app)
+      .put('/-/user/org.couchdb.user:name')
+      .send({
+        name: 'name',
+        password: 'password'
+      })
+      .expect(201, done);
+    });
   });
 
   describe('config.customUserSerivce = true', function () {