Home Explore Help
Sign In
wiki
/
weseek__growi
mirror of https://github.com/weseek/growi
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Merge pull request #6197 from weseek/fix/98892-user-registration-page-is-not-redirected-after-tmp-login

fix: User registration page is not redirected after tmp login
Yuki Takei 3 years ago
parent
fccc8f0e4f c58ba06b40
commit
212dbe034a
3 changed files with 155 additions and 59 deletions
Split View Show Diff Stats
  1. 12 12
      packages/app/src/server/middlewares/login-required.js
  2. 1 2
      packages/app/src/server/routes/login.js
  3. 142 45
      packages/app/test/integration/middlewares/login-required.test.js

+ 12 - 12
packages/app/src/server/middlewares/login-required.js
View File 

@@ -12,18 +12,6 @@ module.exports = (crowi, isGuestAllowed = false, fallback = null) => {
 
 
   return function(req, res, next) {
 
 
-    // check the route config and ACL
 
-    if (isGuestAllowed && crowi.aclService.isGuestAllowedToRead()) {
 
-      logger.debug('Allowed to read: ', req.path);
 
-      return next();
 
-    }
 
-
 
-    // check the page is shared
 
-    if (isGuestAllowed && req.isSharedPage) {
 
-      logger.debug('Target page is shared page');
 
-      return next();
 
-    }
 
-
 
     const User = crowi.model('User');
 
 
     // check the user logged in
 
@@ -43,6 +31,18 @@ module.exports = (crowi, isGuestAllowed = false, fallback = null) => {
 
       }
 
     }
 
 
+    // check the route config and ACL
 
+    if (isGuestAllowed && crowi.aclService.isGuestAllowedToRead()) {
 
+      logger.debug('Allowed to read: ', req.path);
 
+      return next();
 
+    }
 
+
 
+    // check the page is shared
 
+    if (isGuestAllowed && req.isSharedPage) {
 
+      logger.debug('Target page is shared page');
 
+      return next();
 
+    }
 
+
 
     // is api path
 
     const baseUrl = req.baseUrl || '';
 
     if (baseUrl.match(/^\/_api\/.+$/)) {

+ 1 - 2
packages/app/src/server/routes/login.js
View File 

@@ -217,8 +217,7 @@ module.exports = function(crowi, app) {
 
       }
 
     }
 
     else {
 
-      return res.render('invited', {
 
-      });
 
+      return res.render('invited');
 
     }
 
   };

+ 142 - 45
packages/app/test/integration/middlewares/login-required.test.js
View File 

@@ -18,60 +18,157 @@ describe('loginRequired', () => {
 
   });
 
 
   describe('not strict mode', () => {
 
-    // setup req/res/next
 
-    const req = {
 
-      originalUrl: 'original url 1',
 
-      session: {},
 
-    };
 
     const res = {
 
       redirect: jest.fn().mockReturnValue('redirect'),
 
+      sendStatus: jest.fn().mockReturnValue('sendStatus'),
 
     };
 
     const next = jest.fn().mockReturnValue('next');
 
 
-    test('pass guest user when aclService.isGuestAllowedToRead() returns true', () => {
 
-      // prepare spy for AclService.isGuestAllowedToRead
 
-      const isGuestAllowedToReadSpy = jest.spyOn(crowi.aclService, 'isGuestAllowedToRead')
 
-        .mockImplementation(() => true);
 
-
 
-      const result = loginRequired(req, res, next);
 
-
 
-      expect(isGuestAllowedToReadSpy).toHaveBeenCalledTimes(1);
 
-      expect(fallbackMock).not.toHaveBeenCalled();
 
-      expect(next).toHaveBeenCalled();
 
-      expect(res.redirect).not.toHaveBeenCalled();
 
-      expect(result).toBe('next');
 
-    });
 
-
 
-    test('redirect to \'/login\' when aclService.isGuestAllowedToRead() returns false', () => {
 
-      // prepare spy for AclService.isGuestAllowedToRead
 
-      const isGuestAllowedToReadSpy = jest.spyOn(crowi.aclService, 'isGuestAllowedToRead')
 
-        .mockImplementation(() => false);
 
+    describe('and when aclService.isGuestAllowedToRead() returns false', () => {
 
+      let req;
 
+
 
+      let isGuestAllowedToReadSpy;
 
+
 
+      beforeEach(async() => {
 
+        // setup req
 
+        req = {
 
+          originalUrl: 'original url 1',
 
+          session: {},
 
+        };
 
+        // reset session object
 
+        req.session = {};
 
+        // prepare spy for AclService.isGuestAllowedToRead
 
+        isGuestAllowedToReadSpy = jest.spyOn(crowi.aclService, 'isGuestAllowedToRead')
 
+          .mockImplementation(() => false);
 
+      });
 
+
 
+      /* eslint-disable indent */
 
+      test.each`
 
+        userStatus  | expectedPath
 
+        ${1}        | ${'/login/error/registered'}
 
+        ${3}        | ${'/login/error/suspended'}
 
+        ${5}        | ${'/login/invited'}
 
+      `('redirect to \'$expectedPath\' when user.status is \'$userStatus\'', ({ userStatus, expectedPath }) => {
 
+
 
+        req.user = {
 
+          _id: 'user id',
 
+          status: userStatus,
 
+        };
 
+
 
+        const result = loginRequired(req, res, next);
 
+
 
+        expect(isGuestAllowedToReadSpy).not.toHaveBeenCalled();
 
+        expect(next).not.toHaveBeenCalled();
 
+        expect(fallbackMock).not.toHaveBeenCalled();
 
+        expect(res.sendStatus).not.toHaveBeenCalled();
 
+        expect(res.redirect).toHaveBeenCalledTimes(1);
 
+        expect(res.redirect).toHaveBeenCalledWith(expectedPath);
 
+        expect(result).toBe('redirect');
 
+        expect(req.session.redirectTo).toBe(undefined);
 
+      });
 
+      /* eslint-disable indent */
 
+
 
+      test('redirect to \'/login\' when the user does not loggedin', () => {
 
+        req.baseUrl = '/path/that/requires/loggedin';
 
+
 
+        const result = loginRequired(req, res, next);
 
+
 
+        expect(isGuestAllowedToReadSpy).toHaveBeenCalled();
 
+        expect(next).not.toHaveBeenCalled();
 
+        expect(fallbackMock).not.toHaveBeenCalled();
 
+        expect(res.sendStatus).not.toHaveBeenCalled();
 
+        expect(res.redirect).toHaveBeenCalledTimes(1);
 
+        expect(res.redirect).toHaveBeenCalledWith('/login');
 
+        expect(result).toBe('redirect');
 
+        expect(req.session.redirectTo).toBe('original url 1');
 
+      });
 
+
 
+      test('pass anyone into sharedPage', () => {
 
+
 
+        req.isSharedPage = true;
 
+
 
+        const result = loginRequired(req, res, next);
 
+
 
+        expect(isGuestAllowedToReadSpy).toHaveBeenCalled();
 
+        expect(fallbackMock).not.toHaveBeenCalled();
 
+        expect(res.sendStatus).not.toHaveBeenCalled();
 
+        expect(next).toHaveBeenCalled();
 
+        expect(res.redirect).not.toHaveBeenCalled();
 
+        expect(result).toBe('next');
 
+      });
 
 
-      const result = loginRequired(req, res, next);
 
-
 
-      expect(isGuestAllowedToReadSpy).toHaveBeenCalled();
 
-      expect(fallbackMock).not.toHaveBeenCalled();
 
-      expect(next).not.toHaveBeenCalled();
 
-      expect(res.redirect).toHaveBeenCalledTimes(1);
 
-      expect(res.redirect).toHaveBeenCalledWith('/login');
 
-      expect(result).toBe('redirect');
 
     });
 
 
-    test('pass anyone into sharedPage when aclService.isGuestAllowedToRead() returns false', () => {
 
+    describe('and when aclService.isGuestAllowedToRead() returns true', () => {
 
+      let req;
 
+
 
+      let isGuestAllowedToReadSpy;
 
+
 
+      beforeEach(async() => {
 
+        // setup req
 
+        req = {
 
+          originalUrl: 'original url 1',
 
+          session: {},
 
+        };
 
+        // reset session object
 
+        req.session = {};
 
+        // prepare spy for AclService.isGuestAllowedToRead
 
+        isGuestAllowedToReadSpy = jest.spyOn(crowi.aclService, 'isGuestAllowedToRead')
 
+          .mockImplementation(() => true);
 
+      });
 
+
 
+      /* eslint-disable indent */
 
+      test.each`
 
+        userStatus  | expectedPath
 
+        ${1}        | ${'/login/error/registered'}
 
+        ${3}        | ${'/login/error/suspended'}
 
+        ${5}        | ${'/login/invited'}
 
+      `('redirect to \'$expectedPath\' when user.status is \'$userStatus\'', ({ userStatus, expectedPath }) => {
 
+
 
+        req.user = {
 
+          _id: 'user id',
 
+          status: userStatus,
 
+        };
 
+
 
+        const result = loginRequired(req, res, next);
 
+
 
+        expect(isGuestAllowedToReadSpy).not.toHaveBeenCalled();
 
+        expect(next).not.toHaveBeenCalled();
 
+        expect(fallbackMock).not.toHaveBeenCalled();
 
+        expect(res.sendStatus).not.toHaveBeenCalled();
 
+        expect(res.redirect).toHaveBeenCalledTimes(1);
 
+        expect(res.redirect).toHaveBeenCalledWith(expectedPath);
 
+        expect(result).toBe('redirect');
 
+        expect(req.session.redirectTo).toBe(undefined);
 
+      });
 
+      /* eslint-disable indent */
 
+
 
+      test('pass guest user', () => {
 
+
 
+        const result = loginRequired(req, res, next);
 
+
 
+        expect(isGuestAllowedToReadSpy).toHaveBeenCalledTimes(1);
 
+        expect(fallbackMock).not.toHaveBeenCalled();
 
+        expect(res.sendStatus).not.toHaveBeenCalled();
 
+        expect(next).toHaveBeenCalled();
 
+        expect(res.redirect).not.toHaveBeenCalled();
 
+        expect(result).toBe('next');
 
+      });
 
+
 
+      test('pass anyone into sharedPage', () => {
 
+
 
+        req.isSharedPage = true;
 
+
 
+        const result = loginRequired(req, res, next);
 
+
 
+        expect(isGuestAllowedToReadSpy).toHaveBeenCalled();
 
+        expect(fallbackMock).not.toHaveBeenCalled();
 
+        expect(res.sendStatus).not.toHaveBeenCalled();
 
+        expect(next).toHaveBeenCalled();
 
+        expect(res.redirect).not.toHaveBeenCalled();
 
+        expect(result).toBe('next');
 
+      });
 
 
-      req.isSharedPage = true;
 
-
 
-      // prepare spy for AclService.isGuestAllowedToRead
 
-      const isGuestAllowedToReadSpy = jest.spyOn(crowi.aclService, 'isGuestAllowedToRead')
 
-        .mockImplementation(() => false);
 
-
 
-      const result = loginRequired(req, res, next);
 
-
 
-      expect(isGuestAllowedToReadSpy).toHaveBeenCalled();
 
-      expect(fallbackMock).not.toHaveBeenCalled();
 
-      expect(next).toHaveBeenCalled();
 
-      expect(res.redirect).not.toHaveBeenCalled();
 
-      expect(result).toBe('next');
 
     });
 
 
   });