From aa2a5906f9864081e6446ee0ae88a416e8f6225a Mon Sep 17 00:00:00 2001 From: Lukas Metzger Date: Wed, 25 Dec 2019 18:17:44 +0100 Subject: [PATCH] Fixed deletion of password when editing user fixing #112 --- backend/src/operations/Users.php | 6 +++--- backend/test/tests/users-crud.js | 24 +++++++++++++++++++++++- 2 files changed, 26 insertions(+), 4 deletions(-) diff --git a/backend/src/operations/Users.php b/backend/src/operations/Users.php index 8170bba..4ebaebd 100644 --- a/backend/src/operations/Users.php +++ b/backend/src/operations/Users.php @@ -283,12 +283,12 @@ class Users } if ($record['backend'] === 'native' && $name !== null) { - //Check if user already exists + //Check if user with new name already exists $query = $this->db->prepare('SELECT id FROM users WHERE name=:name AND backend=\'native\''); $query->bindValue(':name', $name); $query->execute(); - $record = $query->fetch(); - if ($record !== false && intval($record['id']) !== $userId) { + $recordTest = $query->fetch(); + if ($recordTest !== false && intval($recordTest['id']) !== $userId) { throw new \Exceptions\AlreadyExistentException(); } } diff --git a/backend/test/tests/users-crud.js b/backend/test/tests/users-crud.js index 3ee7b7d..baa052a 100644 --- a/backend/test/tests/users-crud.js +++ b/backend/test/tests/users-crud.js @@ -90,13 +90,35 @@ test.run(async function () { url: '/users/4', method: 'put', data: { - name: 'foo', + name: 'foo1', password: 'bar', type: 'user' } }); assert.equal(res.status, 204, 'Update should succeed.'); + //Test if updated user can log in + var res = await req({ + url: '/sessions', + method: 'post', + data: { + username: 'foo1', + password: 'bar' + } + }); + assert.equal(res.status, 201, 'Login with updated user should succeed.'); + + //Test user update without password + var res = await req({ + url: '/users/4', + method: 'put', + data: { + name: 'foo', + type: 'user' + } + }); + assert.equal(res.status, 204, 'Update should succeed.'); + //Test if updated user can log in var res = await req({ url: '/sessions',