mirror
/
mobilizon
mirror of https://framagit.org/framasoft/mobilizon.git
1
0
Fork 0
Code Issues Releases Wiki Activity

WIP 

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel 2020-10-08 15:54:43 +02:00
parent c229c4a806
commit a8d6e28ee9
No known key found for this signature in database
GPG Key ID: A061B9DDE0CA0773
10 changed files with 336 additions and 109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
config/config.exs
View File

@ -34,6 +34,10 @@ config :mobilizon, :groups, enabled: true
config :mobilizon, :events, creation: true
config :mobilizon, :demo_mode,
email: "demo@mobilizon.org",
password: "mobilizon"
# Configures the endpoint
config :mobilizon, Mobilizon.Web.Endpoint,
http: [

33
js/src/App.vue
View File

@ -2,41 +2,14 @@
<div id="mobilizon">
<NavBar />
<div class="container" v-if="config && config.demoMode">
<b-message
type="is-danger"
:title="$t('Warning').toLocaleUpperCase()"
closable
aria-close-label="Close"
>
<b-message type="is-info" :title="$t('Demo mode')" closable aria-close-label="Close">
<p
v-html="
`${$t('This is a demonstration site to test the beta version of Mobilizon.')} ${$t(
`${$t('This is a demonstration website to test Mobilizon.')} ${$t(
'<b>Please do not use it in any real way.</b>'
)}`
)} ${$t('Data is deleted every 7 days.')}`
"
/>
<p>
<span
v-html="
$t(
'Mobilizon is under development, we will add new features to this site during regular updates, until the release of <b>version 1 of the software in the fall of 2020</b>.'
)
"
/>
<i18n
path="In the meantime, please consider that the software is not (yet) finished. More information {onBlog}."
>
<a
slot="onBlog"
:href="
$i18n.locale === 'fr'
? 'https://framablog.org/?p=18268'
: 'https://framablog.org/?p=18299'
"
>{{ $t("on our blog") }}</a
>
</i18n>
</p>
</b-message>
</div>
<main>

10
js/src/i18n/en_US.json
View File

@ -169,7 +169,6 @@
"If an account with this email exists, we just sent another confirmation email to {email}": "If an account with this email exists, we just sent another confirmation email to {email}",
"If this identity is the only administrator of some groups, you need to delete them before being able to delete this identity.": "If this identity is the only administrator of some groups, you need to delete them before being able to delete this identity.",
"If you want, you may send a message to the event organizer here.": "If you want, you may send a message to the event organizer here.",
"In the meantime, please consider that the software is not (yet) finished. More information {onBlog}.": "In the meantime, please consider that the software is not (yet) finished. More information {onBlog}.",
"Installing Mobilizon will allow communities to free themselves from the services of tech giants by creating <b>their own event platform</b>.": "Installing Mobilizon will allow communities to free themselves from the services of tech giants by creating <b>their own event platform</b>.",
"Instance Name": "Instance Name",
"Instance Terms Source": "Instance Terms Source",
@ -355,7 +354,6 @@
"This Mobilizon instance and this event organizer allows anonymous participations, but requires validation through email confirmation.": "This Mobilizon instance and this event organizer allows anonymous participations, but requires validation through email confirmation.",
"This information is saved only on your computer. Click for details": "This information is saved only on your computer. Click for details",
"This instance isn't opened to registrations, but you can register on other instances.": "This instance isn't opened to registrations, but you can register on other instances.",
"This is a demonstration site to test the beta version of Mobilizon.": "This is a demonstration site to test the beta version of Mobilizon.",
"This will delete / anonymize all content (events, comments, messages, participations…) created from this identity.": "This will delete / anonymize all content (events, comments, messages, participations…) created from this identity.",
"Title": "Title",
"To change the world, change the software": "To change the world, change the software",
@ -383,7 +381,6 @@
"View page on {hostname} (in a new window)": "View page on {hostname} (in a new window)",
"Visible everywhere on the web (public)": "Visible everywhere on the web (public)",
"Waiting for organization team approval.": "Waiting for organization team approval.",
"Warning": "Warning",
"We just sent an email to {email}": "We just sent an email to {email}",
"We will redirect you to your instance in order to interact with this event": "We will redirect you to your instance in order to interact with this event",
"Website / URL": "Website / URL",
@ -432,7 +429,6 @@
"iCal Feed": "iCal Feed",
"interconnect with others like it": "interconnect with others like it",
"its source code is public": "its source code is public",
"on our blog": "on our blog",
"profile@instance": "profile@instance",
"respect of the fundamental freedoms": "respect of the fundamental freedoms",
"with another identity…": "with another identity…",
@ -536,7 +532,6 @@
"Register on this instance": "Register on this instance",
"Mobilizon is not developed by a secretive start-up, but by a group of friends who strive to {change_world}. So while we do work slower, we remain attentive and in touch with our users.": "Mobilizon is not developed by a secretive start-up, but by a group of friends who strive to {change_world}. So while we do work slower, we remain attentive and in touch with our users.",
"fit the needs and uses of the people": "fit the needs and uses of the people",
"Mobilizon is under development, we will add new features to this site during regular updates, until the release of <b>version 1 of the software in the fall of 2020</b>.": "Mobilizon is under development, we will add new features to this site during regular updates, until the release of <b>version 1 of the software in the fall of 2020</b>.",
"To activate more notifications, head over to the notification settings.": "To activate more notifications, head over to the notification settings.",
"Manage my notifications": "Manage my notifications",
"We use your timezone to make sure you get notifications for an event at the correct time.": "We use your timezone to make sure you get notifications for an event at the correct time.",
@ -798,5 +793,8 @@
"Go to the event page": "Go to the event page",
"Request for participation confirmation sent": "Request for participation confirmation sent",
"Check your inbox (and your junk mail folder).": "Check your inbox (and your junk mail folder).",
"You may now close this window.": "You may now close this window."
"You may now close this window.": "You may now close this window.",
"Demo mode": "Demo mode",
"This is a demonstration website to test Mobilizon.": "This is a demonstration website to test Mobilizon.",
"Close notification": "Close notification"
}

5
js/src/i18n/fr_FR.json
View File

@ -841,5 +841,8 @@
"Go to the event page": "Aller à la page de l'événement",
"Request for participation confirmation sent": "Demande de confirmation de participation envoyée",
"Check your inbox (and your junk mail folder).": "Vérifiez votre boîte de réception (et votre dossier des indésirables)",
"You may now close this window.": "Vous pouvez maintenant fermer cette fenêtre."
"You may now close this window.": "Vous pouvez maintenant fermer cette fenêtre.",
"Demo mode": "Mode de démonstration",
"This is a demonstration website to test Mobilizon.": "Ceci est un site de démonstration pour tester Mobilizon.",
"Close notification": "Fermer la notification"
}

2
js/src/views/Account/children/EditIdentity.vue
View File

@ -68,7 +68,7 @@
<b-notification
type="is-danger"
has-icon
aria-close-label="Close notification"
:aria-close-label="$t('Close notification')"
role="alert"
:key="error"
v-for="error in errors"

42
js/src/views/Settings/AccountSettings.vue
View File

@ -1,5 +1,5 @@
<template>
<div v-if="loggedUser">
<div v-if="loggedUser && config">
<nav class="breadcrumb" aria-label="breadcrumbs">
<ul>
<li>
@ -13,6 +13,9 @@
</ul>
</nav>
<section>
<b-message v-if="config.demoMode" type="is-info">
{{ $t("You can't change these settings in demo mode.") }}
</b-message>
<div class="setting-title">
<h2>{{ $t("Email") }}</h2>
</div>
@ -34,7 +37,7 @@
<b-notification
type="is-danger"
has-icon
aria-close-label="Close notification"
:aria-close-label="$t('Close notification')"
role="alert"
:key="error"
v-for="error in changeEmailErrors"
@ -42,12 +45,19 @@
>
<form @submit.prevent="resetEmailAction" ref="emailForm" class="form" v-if="canChangeEmail">
<b-field :label="$t('New email')">
<b-input aria-required="true" required type="email" v-model="newEmail" />
<b-input
:disabled="config.demoMode"
aria-required="true"
required
type="email"
v-model="newEmail"
/>
</b-field>
<p class="help">{{ $t("You'll receive a confirmation email.") }}</p>
<b-field :label="$t('Password')">
<b-input
aria-required="true"
:disabled="config.demoMode"
required
type="password"
password-reveal
@ -75,7 +85,7 @@
<b-notification
type="is-danger"
has-icon
aria-close-label="Close notification"
:aria-close-label="$t('Close notification')"
role="alert"
:key="error"
v-for="error in changePasswordErrors"
@ -91,6 +101,7 @@
<b-input
aria-required="true"
required
:disabled="config.demoMode"
type="password"
password-reveal
minlength="6"
@ -101,6 +112,7 @@
<b-input
aria-required="true"
required
:disabled="config.demoMode"
type="password"
password-reveal
minlength="6"
@ -118,7 +130,7 @@
<h2>{{ $t("Delete account") }}</h2>
</div>
<p class="content">{{ $t("Deleting my account will delete all of my identities.") }}</p>
<b-button @click="openDeleteAccountModal" type="is-danger">
<b-button :disabled="config.demoMode" @click="openDeleteAccountModal" type="is-danger">
{{ $t("Delete my account") }}
</b-button>
@ -156,6 +168,15 @@
:placeholder="$t('Password')"
/>
</b-field>
<b-notification
type="is-danger"
has-icon
:aria-close-label="$t('Close notification')"
role="alert"
:key="error"
v-for="error in deleteAccountErrors"
>{{ error }}</b-notification
>
<b-button native-type="submit" type="is-danger" size="is-large">
{{ $t("Delete everything") }}
</b-button>
@ -176,6 +197,8 @@
</template>
<script lang="ts">
import { CONFIG } from "@/graphql/config";
import { IConfig } from "@/types/config.model";
import { Component, Vue, Ref } from "vue-property-decorator";
import { Route } from "vue-router";
import { CHANGE_EMAIL, CHANGE_PASSWORD, DELETE_ACCOUNT, LOGGED_USER } from "../../graphql/user";
@ -186,6 +209,7 @@ import { logout, SELECTED_PROVIDERS } from "../../utils/auth";
@Component({
apollo: {
loggedUser: LOGGED_USER,
config: CONFIG,
},
})
export default class AccountSettings extends Vue {
@ -193,6 +217,8 @@ export default class AccountSettings extends Vue {
loggedUser!: IUser;
config!: IConfig;
passwordForEmailChange = "";
newEmail = "";
@ -211,6 +237,8 @@ export default class AccountSettings extends Vue {
RouteName = RouteName;
deleteAccountErrors: string[] = [];
async resetEmailAction(): Promise<void> {
this.changeEmailErrors = [];
@ -259,6 +287,7 @@ export default class AccountSettings extends Vue {
}
async deleteAccount(): Promise<Route | void> {
this.deleteAccountErrors = [];
try {
await this.$apollo.mutate({
mutation: DELETE_ACCOUNT,
@ -308,6 +337,9 @@ export default class AccountSettings extends Vue {
if (err.graphQLErrors !== undefined) {
err.graphQLErrors.forEach(({ message }: { message: string }) => {
switch (type) {
case "delete":
this.deleteAccountErrors.push(message);
break;
case "password":
this.changePasswordErrors.push(message);
break;

24
lib/graphql/resolvers/user.ex
View File

@ -203,7 +203,8 @@ defmodule Mobilizon.GraphQL.Resolvers.User do
Send an email to reset the password from an user
"""
def send_reset_password(_parent, args, _resolution) do
with email <- Map.get(args, :email),
with {:demo, false} <- {:demo, Config.instance_demo_mode?()},
email <- Map.get(args, :email),
{:ok, %User{locale: locale} = user} <- Users.get_user_by_email(email, true),
{:can_reset_password, true} <-
{:can_reset_password, Authenticator.can_reset_password?(user)},
@ -211,6 +212,9 @@ defmodule Mobilizon.GraphQL.Resolvers.User do
Email.User.send_password_reset_email(user, Map.get(args, :locale, locale)) do
{:ok, email}
else
{:demo, true} ->
{:error, dgettext("errors", "You can't reset your password in demo mode")}
{:can_reset_password, false} ->
{:error, dgettext("errors", "This user can't reset their password")}
@ -315,7 +319,8 @@ defmodule Mobilizon.GraphQL.Resolvers.User do
%{old_password: old_password, new_password: new_password},
%{context: %{current_user: %User{} = user}}
) do
with {:can_change_password, true} <-
with {:demo, false} <- {:demo, Config.instance_demo_mode?()},
{:can_change_password, true} <-
{:can_change_password, Authenticator.can_change_password?(user)},
{:current_password, {:ok, %User{}}} <-
{:current_password, Authenticator.login(user.email, old_password)},
@ -326,6 +331,9 @@ defmodule Mobilizon.GraphQL.Resolvers.User do
|> Repo.update() do
{:ok, user}
else
{:demo, true} ->
{:error, dgettext("errors", "You can't change your password in demo mode")}
{:current_password, _} ->
{:error, dgettext("errors", "The current password is invalid")}
@ -348,7 +356,8 @@ defmodule Mobilizon.GraphQL.Resolvers.User do
def change_email(_parent, %{email: new_email, password: password}, %{
context: %{current_user: %User{email: old_email} = user}
}) do
with {:can_change_password, true} <-
with {:demo, false} <- {:demo, Config.instance_demo_mode?()},
{:can_change_password, true} <-
{:can_change_password, Authenticator.can_change_email?(user)},
{:current_password, {:ok, %User{}}} <-
{:current_password, Authenticator.login(user.email, password)},
@ -372,6 +381,9 @@ defmodule Mobilizon.GraphQL.Resolvers.User do
{:ok, user}
else
{:demo, true} ->
{:error, dgettext("errors", "You can't change your email in demo mode")}
{:current_password, _} ->
{:error, dgettext("errors", "The password provided is invalid")}
@ -424,13 +436,17 @@ defmodule Mobilizon.GraphQL.Resolvers.User do
def delete_account(_parent, args, %{
context: %{current_user: %User{email: email} = user}
}) do
with {:user_has_password, true} <- {:user_has_password, Authenticator.has_password?(user)},
with {:demo, false} <- {:demo, Config.instance_demo_mode?()},
{:user_has_password, true} <- {:user_has_password, Authenticator.has_password?(user)},
{:confirmation_password, password} when not is_nil(password) <-
{:confirmation_password, Map.get(args, :password)},
{:current_password, {:ok, _}} <-
{:current_password, Authenticator.authenticate(email, password)} do
do_delete_account(user)
else
{:demo, true} ->
{:error, dgettext("errors", "You can't delete the demo account")}
# If the user hasn't got any password (3rd-party auth)
{:user_has_password, false} ->
do_delete_account(user)

90
lib/mix/tasks/mobilizon/demo.ex Normal file
View File

@ -0,0 +1,90 @@
defmodule Mix.Tasks.Mobilizon.Demo do
@moduledoc """
Generates a new demo user, using the credentials
## Usage
``mix mobilizon.demo new``
"""
use Mix.Task
alias Mobilizon.{Actors, Users}
alias Mobilizon.Actors.Actor
alias Mobilizon.Users.User
@preferred_cli_env "prod"
@shortdoc "Creates a demo user"
def run(["new" | options]) do
{options, [], []} =
OptionParser.parse(
options,
strict: [
force: :boolean
],
aliases: [
f: :force
]
)
Mix.Task.run("app.start")
with {:demo_mode_enabled, true} <-
{:demo_mode_enabled, Application.get_env(:mobilizon, :instance)[:demo]},
:ok <- maybe_delete_current_demo_account(options),
[email: email, password: password] <- Application.get_env(:mobilizon, :demo_mode),
{:ok, %User{} = user} <-
Users.register(%{
email: email,
password: password,
role: :user,
confirmed_at: DateTime.utc_now(),
confirmation_sent_at: nil,
confirmation_token: nil
}),
{:ok, %Actor{preferred_username: preferred_username} = _new_person} <-
Actors.new_person(%{
user_id: user.id,
preferred_username: "demo",
name: "Demo",
summary: "I am a simple demo profile"
}) do
Mix.shell().info("""
An user has been created with the following information:
- email: #{user.email}
- password: #{password}
- username: #{preferred_username}
The user will be prompted to create a new profile after login for the first time.
""")
else
{:error, %Ecto.Changeset{errors: [email: _err]}} ->
Mix.raise(
"An user already exists with the following email address. Add -f if you want to recreate it."
)
{:error, %Ecto.Changeset{errors: errors}} ->
Mix.shell().error(inspect(errors))
Mix.raise("User has not been created because of the above reason.")
err ->
Mix.shell().error(inspect(err))
Mix.raise("User has not been created because of an unknown reason.")
end
end
defp maybe_delete_current_demo_account(options) do
with true <- Keyword.get(options, :force, false),
[email: email, password: _password] <- Application.get_env(:mobilizon, :demo_mode),
{:ok, %User{} = user} <- Users.get_user_by_email(email),
actors <- Users.get_actors_for_user(user),
:ok <- Enum.each(actors, &delete_profile/1) do
Users.delete_user(user, reserve_email: false)
end
:ok
end
defp delete_profile(actor) do
Actors.perform(:delete_actor, actor, reserve_username: false)
end
end

54
priv/gettext/errors.pot
View File

@ -114,7 +114,7 @@ msgid "Current profile is not an administrator of the selected group"
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:514
#: lib/graphql/resolvers/user.ex:530
msgid "Error while saving user settings"
msgstr ""
@ -146,7 +146,7 @@ msgstr ""
#, elixir-format
#: lib/graphql/resolvers/actor.ex:58 lib/graphql/resolvers/actor.ex:88
#: lib/graphql/resolvers/user.ex:417
#: lib/graphql/resolvers/user.ex:429
msgid "No profile found for the moderator user"
msgstr ""
@ -157,7 +157,7 @@ msgstr ""
#, elixir-format
#: lib/graphql/resolvers/person.ex:232 lib/graphql/resolvers/user.ex:76
#: lib/graphql/resolvers/user.ex:219
#: lib/graphql/resolvers/user.ex:223
msgid "No user with this email was found"
msgstr ""
@ -178,38 +178,38 @@ msgid "Registrations are not open"
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:330
#: lib/graphql/resolvers/user.ex:338
msgid "The current password is invalid"
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:382
#: lib/graphql/resolvers/user.ex:394
msgid "The new email doesn't seem to be valid"
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:379
#: lib/graphql/resolvers/user.ex:391
msgid "The new email must be different"
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:333
#: lib/graphql/resolvers/user.ex:341
msgid "The new password must be different"
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:376 lib/graphql/resolvers/user.ex:439
#: lib/graphql/resolvers/user.ex:442
#: lib/graphql/resolvers/user.ex:388 lib/graphql/resolvers/user.ex:455
#: lib/graphql/resolvers/user.ex:458
msgid "The password provided is invalid"
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:337
#: lib/graphql/resolvers/user.ex:345
msgid "The password you have chosen is too short. Please make sure your password contains at least 6 characters."
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:215
#: lib/graphql/resolvers/user.ex:219
msgid "This user can't reset their password"
msgstr ""
@ -224,12 +224,12 @@ msgid "Unable to validate user"
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:420
#: lib/graphql/resolvers/user.ex:432
msgid "User already disabled"
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:489
#: lib/graphql/resolvers/user.ex:505
msgid "User requested is not logged-in"
msgstr ""
@ -254,12 +254,12 @@ msgid "You may not list groups unless moderator."
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:387
#: lib/graphql/resolvers/user.ex:399
msgid "You need to be logged-in to change your email"
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:345
#: lib/graphql/resolvers/user.ex:353
msgid "You need to be logged-in to change your password"
msgstr ""
@ -269,7 +269,7 @@ msgid "You need to be logged-in to delete a group"
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:447
#: lib/graphql/resolvers/user.ex:463
msgid "You need to be logged-in to delete your account"
msgstr ""
@ -299,7 +299,7 @@ msgid "You need to have an existing token to get a refresh token"
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:198 lib/graphql/resolvers/user.ex:222
#: lib/graphql/resolvers/user.ex:198 lib/graphql/resolvers/user.ex:226
msgid "You requested again a confirmation email too soon"
msgstr ""
@ -837,3 +837,23 @@ msgstr ""
#: lib/graphql/resolvers/member.ex:129
msgid "You can't reject this invitation with this profile."
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:385
msgid "You can't change your email in demo mode"
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:335
msgid "You can't change your password in demo mode"
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:448
msgid "You can't delete the demo account"
msgstr ""
#, elixir-format
#: lib/graphql/resolvers/user.ex:216
msgid "You can't reset your password in demo mode"
msgstr ""

181
test/graphql/resolvers/user_test.exs
View File

@ -757,6 +757,26 @@ defmodule Mobilizon.GraphQL.Resolvers.UserTest do
assert hd(res["errors"])["message"] ==
"This user can't reset their password"
end
test "test send_reset_password/3 when demo mode is enabled", %{conn: conn} do
Config.put([:instance, :demo], true)
Mobilizon.Config.clear_config_cache()
%User{email: email} = insert(:user)
res =
conn
|> AbsintheHelpers.graphql_query(
query: @send_reset_password_mutation,
variables: %{email: email}
)
assert hd(res["errors"])["message"] ==
"You can't reset your password in demo mode"
Config.put([:instance, :demo], false)
Mobilizon.Config.clear_config_cache()
end
end
describe "Resolver: Reset user's password" do
@ -1010,6 +1030,14 @@ defmodule Mobilizon.GraphQL.Resolvers.UserTest do
@old_password "p4ssw0rd"
@new_password "upd4t3d"
@change_password_mutation """
mutation ChangePassword($oldPassword: String!, $newPassword: String!) {
changePassword(oldPassword: $oldPassword, newPassword: $newPassword) {
id
}
}
"""
test "change_password/3 with valid password", %{conn: conn} do
{:ok, %User{} = user} = Users.register(%{email: @email, password: @old_password})
@ -1043,21 +1071,16 @@ defmodule Mobilizon.GraphQL.Resolvers.UserTest do
assert login = json_response(res, 200)["data"]["login"]
assert Map.has_key?(login, "accessToken") && not is_nil(login["accessToken"])
mutation = """
mutation {
changePassword(old_password: "#{@old_password}", new_password: "#{@new_password}") {
id
}
}
"""
res =
conn
|> auth_conn(user)
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|> AbsintheHelpers.graphql_query(
query: @change_password_mutation,
variables: %{oldPassword: @old_password, newPassword: @new_password}
)
assert json_response(res, 200)["errors"] == nil
assert json_response(res, 200)["data"]["changePassword"]["id"] == to_string(user.id)
assert is_nil(res["errors"])
assert res["data"]["changePassword"]["id"] == to_string(user.id)
mutation = """
mutation {
@ -1094,20 +1117,15 @@ defmodule Mobilizon.GraphQL.Resolvers.UserTest do
"confirmation_token" => nil
})
mutation = """
mutation {
changePassword(old_password: "invalid password", new_password: "#{@new_password}") {
id
}
}
"""
res =
conn
|> auth_conn(user)
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|> AbsintheHelpers.graphql_query(
query: @change_password_mutation,
variables: %{oldPassword: "invalid password", newPassword: @new_password}
)
assert hd(json_response(res, 200)["errors"])["message"] == "The current password is invalid"
assert hd(res["errors"])["message"] == "The current password is invalid"
end
test "change_password/3 with same password", %{conn: conn} do
@ -1121,20 +1139,15 @@ defmodule Mobilizon.GraphQL.Resolvers.UserTest do
"confirmation_token" => nil
})
mutation = """
mutation {
changePassword(old_password: "#{@old_password}", new_password: "#{@old_password}") {
id
}
}
"""
res =
conn
|> auth_conn(user)
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|> AbsintheHelpers.graphql_query(
query: @change_password_mutation,
variables: %{oldPassword: @old_password, newPassword: @old_password}
)
assert hd(json_response(res, 200)["errors"])["message"] ==
assert hd(res["errors"])["message"] ==
"The new password must be different"
end
@ -1149,26 +1162,46 @@ defmodule Mobilizon.GraphQL.Resolvers.UserTest do
"confirmation_token" => nil
})
mutation = """
mutation {
changePassword(old_password: "#{@old_password}", new_password: "new") {
id
}
}
"""
res =
conn
|> auth_conn(user)
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|> AbsintheHelpers.graphql_query(
query: @change_password_mutation,
variables: %{oldPassword: @old_password, newPassword: "new"}
)
assert hd(json_response(res, 200)["errors"])["message"] ==
assert hd(res["errors"])["message"] ==
"The password you have chosen is too short. Please make sure your password contains at least 6 characters."
end
test "change_password/3 without being authenticated", %{conn: conn} do
{:ok, %User{} = user} = Users.register(%{email: @email, password: @old_password})
# Hammer time !
{:ok, %User{} = _user} =
Users.update_user(user, %{
"confirmed_at" => Timex.shift(user.confirmation_sent_at, hours: -3),
"confirmation_sent_at" => nil,
"confirmation_token" => nil
})
res =
conn
|> AbsintheHelpers.graphql_query(
query: @change_password_mutation,
variables: %{oldPassword: @old_password, newPassword: @new_password}
)
assert hd(res["errors"])["message"] ==
"You need to be logged-in to change your password"
end
test "change_password/3 with demo mode enabled", %{conn: conn} do
Mobilizon.Config.clear_config_cache()
Config.put([:instance, :demo], true)
{:ok, %User{} = user} = Users.register(%{email: @email, password: @old_password})
# Hammer time !
{:ok, %User{} = _user} =
Users.update_user(user, %{
@ -1179,8 +1212,15 @@ defmodule Mobilizon.GraphQL.Resolvers.UserTest do
mutation = """
mutation {
changePassword(old_password: "#{@old_password}", new_password: "#{@new_password}") {
id
login(
email: "#{@email}",
password: "#{@old_password}",
) {
accessToken,
refreshToken,
user {
id
}
}
}
"""
@ -1189,8 +1229,21 @@ defmodule Mobilizon.GraphQL.Resolvers.UserTest do
conn
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
assert hd(json_response(res, 200)["errors"])["message"] ==
"You need to be logged-in to change your password"
assert login = json_response(res, 200)["data"]["login"]
assert Map.has_key?(login, "accessToken") && not is_nil(login["accessToken"])
res =
conn
|> auth_conn(user)
|> AbsintheHelpers.graphql_query(
query: @change_password_mutation,
variables: %{oldPassword: @old_password, newPassword: @new_password}
)
assert hd(res["errors"])["message"] == "You can't change your password in demo mode"
Config.put([:instance, :demo], false)
Mobilizon.Config.clear_config_cache()
end
end
@ -1315,6 +1368,44 @@ defmodule Mobilizon.GraphQL.Resolvers.UserTest do
assert hd(res["errors"])["message"] == "The new email doesn't seem to be valid"
end
test "change_email/3 with demo mode enabled", %{conn: conn} do
Mobilizon.Config.clear_config_cache()
Config.put([:instance, :demo], true)
{:ok, %User{} = user} = Users.register(%{email: @old_email, password: @password})
# Hammer time !
{:ok, %User{} = _user} =
Users.update_user(user, %{
confirmed_at: Timex.shift(user.confirmation_sent_at, hours: -3),
confirmation_sent_at: nil,
confirmation_token: nil
})
res =
conn
|> AbsintheHelpers.graphql_query(
query: @login_mutation,
variables: %{email: @old_email, password: @password}
)
login = res["data"]["login"]
assert Map.has_key?(login, "accessToken") && not is_nil(login["accessToken"])
res =
conn
|> auth_conn(user)
|> AbsintheHelpers.graphql_query(
query: @change_email_mutation,
variables: %{email: @new_email, password: @password}
)
assert hd(res["errors"])["message"] == "You can't change your email in demo mode"
Config.put([:instance, :demo], false)
Mobilizon.Config.clear_config_cache()
end
test "change_password/3 without being authenticated", %{conn: conn} do
{:ok, %User{} = user} = Users.register(%{email: @old_email, password: @password})