chore: upgrade sequelize (#965)
* 0.18.0 * chore: Upgrade sequelize 4 -> 5 * fix: migrations v5 support * fix: Majority of test failures * fix: the rest of v5 tests
This commit is contained in:
Tom Moor
GitHub
@@ -4,7 +4,7 @@ exports[`#users.activate should activate a suspended user 1`] = `
|
||||
Object {
|
||||
"data": Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-01T00:00:00.000Z",
|
||||
"createdAt": "2018-01-02T00:00:00.000Z",
|
||||
"email": "user1@example.com",
|
||||
"id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
|
||||
"isAdmin": false,
|
||||
@@ -38,7 +38,7 @@ exports[`#users.demote should demote an admin 1`] = `
|
||||
Object {
|
||||
"data": Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-01T00:00:00.000Z",
|
||||
"createdAt": "2018-01-02T00:00:00.000Z",
|
||||
"email": "user1@example.com",
|
||||
"id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
|
||||
"isAdmin": false,
|
||||
@@ -71,6 +71,14 @@ Object {
|
||||
exports[`#users.list should require admin for detailed info 1`] = `
|
||||
Object {
|
||||
"data": Array [
|
||||
Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-02T00:00:00.000Z",
|
||||
"id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
|
||||
"isAdmin": false,
|
||||
"isSuspended": false,
|
||||
"name": "User 1",
|
||||
},
|
||||
Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-01T00:00:00.000Z",
|
||||
@@ -79,14 +87,6 @@ Object {
|
||||
"isSuspended": false,
|
||||
"name": "Admin User",
|
||||
},
|
||||
Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-01T00:00:00.000Z",
|
||||
"id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
|
||||
"isAdmin": false,
|
||||
"isSuspended": false,
|
||||
"name": "User 1",
|
||||
},
|
||||
],
|
||||
"ok": true,
|
||||
"pagination": Object {
|
||||
@@ -103,7 +103,7 @@ Object {
|
||||
"data": Array [
|
||||
Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-01T00:00:00.000Z",
|
||||
"createdAt": "2018-01-02T00:00:00.000Z",
|
||||
"email": "user1@example.com",
|
||||
"id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
|
||||
"isAdmin": false,
|
||||
@@ -134,7 +134,7 @@ exports[`#users.promote should promote a new admin 1`] = `
|
||||
Object {
|
||||
"data": Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-01T00:00:00.000Z",
|
||||
"createdAt": "2018-01-02T00:00:00.000Z",
|
||||
"email": "user1@example.com",
|
||||
"id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
|
||||
"isAdmin": true,
|
||||
@@ -168,7 +168,7 @@ exports[`#users.suspend should suspend an user 1`] = `
|
||||
Object {
|
||||
"data": Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-01T00:00:00.000Z",
|
||||
"createdAt": "2018-01-02T00:00:00.000Z",
|
||||
"email": "user1@example.com",
|
||||
"id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
|
||||
"isAdmin": false,
|
||||
@@ -202,7 +202,7 @@ exports[`#users.update should update user profile information 1`] = `
|
||||
Object {
|
||||
"data": Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-01T00:00:00.000Z",
|
||||
"createdAt": "2018-01-02T00:00:00.000Z",
|
||||
"email": "user1@example.com",
|
||||
"id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
|
||||
"isAdmin": false,
|
||||
|
||||
@@ -49,7 +49,7 @@ router.post('apiKeys.delete', auth(), async ctx => {
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const key = await ApiKey.findById(id);
|
||||
const key = await ApiKey.findByPk(id);
|
||||
authorize(user, 'delete', key);
|
||||
|
||||
await key.destroy();
|
||||
|
||||
@@ -8,7 +8,7 @@ const router = new Router();
|
||||
|
||||
router.post('auth.info', auth(), async ctx => {
|
||||
const user = ctx.state.user;
|
||||
const team = await Team.findById(user.teamId);
|
||||
const team = await Team.findByPk(user.teamId);
|
||||
|
||||
ctx.body = {
|
||||
data: {
|
||||
|
||||
@@ -49,7 +49,7 @@ router.post('collections.info', auth(), async ctx => {
|
||||
const { id } = ctx.body;
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
|
||||
const collection = await Collection.findById(id);
|
||||
const collection = await Collection.findByPk(id);
|
||||
authorize(ctx.state.user, 'read', collection);
|
||||
|
||||
ctx.body = {
|
||||
@@ -62,14 +62,14 @@ router.post('collections.add_user', auth(), async ctx => {
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
ctx.assertUuid(userId, 'userId is required');
|
||||
|
||||
const collection = await Collection.findById(id);
|
||||
const collection = await Collection.findByPk(id);
|
||||
authorize(ctx.state.user, 'update', collection);
|
||||
|
||||
if (!collection.private) {
|
||||
throw new InvalidRequestError('Collection must be private to add users');
|
||||
}
|
||||
|
||||
const user = await User.findById(userId);
|
||||
const user = await User.findByPk(userId);
|
||||
authorize(ctx.state.user, 'read', user);
|
||||
|
||||
await CollectionUser.create({
|
||||
@@ -97,14 +97,14 @@ router.post('collections.remove_user', auth(), async ctx => {
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
ctx.assertUuid(userId, 'userId is required');
|
||||
|
||||
const collection = await Collection.findById(id);
|
||||
const collection = await Collection.findByPk(id);
|
||||
authorize(ctx.state.user, 'update', collection);
|
||||
|
||||
if (!collection.private) {
|
||||
throw new InvalidRequestError('Collection must be private to remove users');
|
||||
}
|
||||
|
||||
const user = await User.findById(userId);
|
||||
const user = await User.findByPk(userId);
|
||||
authorize(ctx.state.user, 'read', user);
|
||||
|
||||
await collection.removeUser(user);
|
||||
@@ -126,7 +126,7 @@ router.post('collections.users', auth(), async ctx => {
|
||||
const { id } = ctx.body;
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
|
||||
const collection = await Collection.findById(id);
|
||||
const collection = await Collection.findByPk(id);
|
||||
authorize(ctx.state.user, 'read', collection);
|
||||
|
||||
const users = await collection.getUsers();
|
||||
@@ -141,7 +141,7 @@ router.post('collections.export', auth(), async ctx => {
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const collection = await Collection.findById(id);
|
||||
const collection = await Collection.findByPk(id);
|
||||
authorize(user, 'export', collection);
|
||||
|
||||
// async operation to create zip archive and email user
|
||||
@@ -154,7 +154,7 @@ router.post('collections.export', auth(), async ctx => {
|
||||
|
||||
router.post('collections.exportAll', auth(), async ctx => {
|
||||
const user = ctx.state.user;
|
||||
const team = await Team.findById(user.teamId);
|
||||
const team = await Team.findByPk(user.teamId);
|
||||
authorize(user, 'export', team);
|
||||
|
||||
// async operation to create zip archive and email user
|
||||
@@ -174,7 +174,7 @@ router.post('collections.update', auth(), async ctx => {
|
||||
ctx.assertHexColor(color, 'Invalid hex value (please use format #FFFFFF)');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const collection = await Collection.findById(id);
|
||||
const collection = await Collection.findByPk(id);
|
||||
authorize(user, 'update', collection);
|
||||
|
||||
if (isPrivate && !collection.private) {
|
||||
@@ -237,7 +237,7 @@ router.post('collections.delete', auth(), async ctx => {
|
||||
const user = ctx.state.user;
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
|
||||
const collection = await Collection.findById(id);
|
||||
const collection = await Collection.findByPk(id);
|
||||
authorize(user, 'delete', collection);
|
||||
|
||||
const total = await Collection.count();
|
||||
|
||||
@@ -41,7 +41,7 @@ router.post('documents.list', auth(), pagination(), async ctx => {
|
||||
ctx.assertUuid(collectionId, 'collection must be a UUID');
|
||||
|
||||
where = { ...where, collectionId };
|
||||
const collection = await Collection.findById(collectionId);
|
||||
const collection = await Collection.findByPk(collectionId);
|
||||
authorize(user, 'read', collection);
|
||||
|
||||
// otherwise, filter by all collections the user has access to
|
||||
@@ -77,7 +77,7 @@ router.post('documents.pinned', auth(), pagination(), async ctx => {
|
||||
ctx.assertUuid(collectionId, 'collection is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const collection = await Collection.findById(collectionId);
|
||||
const collection = await Collection.findByPk(collectionId);
|
||||
authorize(user, 'read', collection);
|
||||
|
||||
const starredScope = { method: ['withStarred', user.id] };
|
||||
@@ -86,7 +86,6 @@ router.post('documents.pinned', auth(), pagination(), async ctx => {
|
||||
teamId: user.teamId,
|
||||
collectionId,
|
||||
pinnedById: {
|
||||
// $FlowFixMe
|
||||
[Op.ne]: null,
|
||||
},
|
||||
},
|
||||
@@ -118,7 +117,6 @@ router.post('documents.archived', auth(), pagination(), async ctx => {
|
||||
teamId: user.teamId,
|
||||
collectionId: collectionIds,
|
||||
archivedAt: {
|
||||
// $FlowFixMe
|
||||
[Op.ne]: null,
|
||||
},
|
||||
},
|
||||
@@ -232,7 +230,6 @@ router.post('documents.drafts', auth(), pagination(), async ctx => {
|
||||
where: {
|
||||
userId: user.id,
|
||||
collectionId: collectionIds,
|
||||
// $FlowFixMe
|
||||
publishedAt: { [Op.eq]: null },
|
||||
},
|
||||
order: [[sort, direction]],
|
||||
@@ -258,9 +255,8 @@ router.post('documents.info', auth({ required: false }), async ctx => {
|
||||
let document;
|
||||
|
||||
if (shareId) {
|
||||
const share = await Share.find({
|
||||
const share = await Share.findOne({
|
||||
where: {
|
||||
// $FlowFixMe
|
||||
revokedAt: { [Op.eq]: null },
|
||||
id: shareId,
|
||||
},
|
||||
@@ -277,7 +273,7 @@ router.post('documents.info', auth({ required: false }), async ctx => {
|
||||
}
|
||||
document = share.document;
|
||||
} else {
|
||||
document = await Document.findById(id);
|
||||
document = await Document.findByPk(id);
|
||||
authorize(user, 'read', document);
|
||||
}
|
||||
|
||||
@@ -293,7 +289,7 @@ router.post('documents.revision', auth(), async ctx => {
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
ctx.assertPresent(revisionId, 'revisionId is required');
|
||||
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
authorize(ctx.state.user, 'read', document);
|
||||
|
||||
const revision = await Revision.findOne({
|
||||
@@ -313,7 +309,7 @@ router.post('documents.revisions', auth(), pagination(), async ctx => {
|
||||
let { id, sort = 'updatedAt', direction } = ctx.body;
|
||||
if (direction !== 'ASC') direction = 'DESC';
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
|
||||
authorize(ctx.state.user, 'read', document);
|
||||
|
||||
@@ -335,7 +331,7 @@ router.post('documents.restore', auth(), async ctx => {
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
|
||||
if (document.archivedAt) {
|
||||
authorize(user, 'unarchive', document);
|
||||
@@ -354,7 +350,7 @@ router.post('documents.restore', auth(), async ctx => {
|
||||
// restore a document to a specific revision
|
||||
authorize(user, 'update', document);
|
||||
|
||||
const revision = await Revision.findById(revisionId);
|
||||
const revision = await Revision.findByPk(revisionId);
|
||||
authorize(document, 'restore', revision);
|
||||
|
||||
document.text = revision.text;
|
||||
@@ -386,7 +382,7 @@ router.post('documents.search', auth(), pagination(), async ctx => {
|
||||
if (collectionId) {
|
||||
ctx.assertUuid(collectionId, 'collectionId must be a UUID');
|
||||
|
||||
const collection = await Collection.findById(collectionId);
|
||||
const collection = await Collection.findByPk(collectionId);
|
||||
authorize(user, 'read', collection);
|
||||
}
|
||||
|
||||
@@ -430,7 +426,7 @@ router.post('documents.pin', auth(), async ctx => {
|
||||
const { id } = ctx.body;
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
|
||||
authorize(user, 'update', document);
|
||||
|
||||
@@ -454,7 +450,7 @@ router.post('documents.unpin', auth(), async ctx => {
|
||||
const { id } = ctx.body;
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
|
||||
authorize(user, 'update', document);
|
||||
|
||||
@@ -478,7 +474,7 @@ router.post('documents.star', auth(), async ctx => {
|
||||
const { id } = ctx.body;
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
|
||||
authorize(user, 'read', document);
|
||||
|
||||
@@ -499,7 +495,7 @@ router.post('documents.unstar', auth(), async ctx => {
|
||||
const { id } = ctx.body;
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
|
||||
authorize(user, 'read', document);
|
||||
|
||||
@@ -590,7 +586,7 @@ router.post('documents.create', auth(), async ctx => {
|
||||
// reload to get all of the data needed to present (user, collection etc)
|
||||
// we need to specify publishedAt to bypass default scope that only returns
|
||||
// published documents
|
||||
document = await Document.find({
|
||||
document = await Document.findOne({
|
||||
where: { id: document.id, publishedAt: document.publishedAt },
|
||||
});
|
||||
|
||||
@@ -615,7 +611,7 @@ router.post('documents.update', auth(), async ctx => {
|
||||
if (append) ctx.assertPresent(text, 'Text is required while appending');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
|
||||
authorize(ctx.state.user, 'update', document);
|
||||
|
||||
@@ -680,10 +676,10 @@ router.post('documents.move', auth(), async ctx => {
|
||||
}
|
||||
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
authorize(user, 'move', document);
|
||||
|
||||
const collection = await Collection.findById(collectionId);
|
||||
const collection = await Collection.findByPk(collectionId);
|
||||
authorize(user, 'update', collection);
|
||||
|
||||
if (collection.type !== 'atlas' && parentDocumentId) {
|
||||
@@ -693,7 +689,7 @@ router.post('documents.move', auth(), async ctx => {
|
||||
}
|
||||
|
||||
if (parentDocumentId) {
|
||||
const parent = await Document.findById(parentDocumentId);
|
||||
const parent = await Document.findByPk(parentDocumentId);
|
||||
authorize(user, 'update', parent);
|
||||
}
|
||||
|
||||
@@ -721,7 +717,7 @@ router.post('documents.archive', auth(), async ctx => {
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
authorize(user, 'archive', document);
|
||||
|
||||
await document.archive(user.id);
|
||||
@@ -744,7 +740,7 @@ router.post('documents.delete', auth(), async ctx => {
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
authorize(user, 'delete', document);
|
||||
|
||||
await document.delete();
|
||||
|
||||
@@ -66,10 +66,11 @@ describe('#documents.info', async () => {
|
||||
});
|
||||
|
||||
it('should return document from shareId without token', async () => {
|
||||
const { document } = await seed();
|
||||
const { document, user } = await seed();
|
||||
const share = await buildShare({
|
||||
documentId: document.id,
|
||||
teamId: document.teamId,
|
||||
userId: user.id,
|
||||
});
|
||||
|
||||
const res = await server.post('/api/documents.info', {
|
||||
@@ -88,6 +89,7 @@ describe('#documents.info', async () => {
|
||||
const share = await buildShare({
|
||||
documentId: document.id,
|
||||
teamId: document.teamId,
|
||||
userId: user.id,
|
||||
});
|
||||
await share.revoke(user.id);
|
||||
|
||||
@@ -102,6 +104,7 @@ describe('#documents.info', async () => {
|
||||
const share = await buildShare({
|
||||
documentId: document.id,
|
||||
teamId: document.teamId,
|
||||
userId: user.id,
|
||||
});
|
||||
await document.archive(user.id);
|
||||
|
||||
@@ -116,6 +119,7 @@ describe('#documents.info', async () => {
|
||||
const share = await buildShare({
|
||||
documentId: document.id,
|
||||
teamId: document.teamId,
|
||||
userId: user.id,
|
||||
});
|
||||
|
||||
const res = await server.post('/api/documents.info', {
|
||||
@@ -134,6 +138,7 @@ describe('#documents.info', async () => {
|
||||
const share = await buildShare({
|
||||
documentId: document.id,
|
||||
teamId: document.teamId,
|
||||
userId: user.id,
|
||||
});
|
||||
|
||||
collection.private = true;
|
||||
@@ -974,7 +979,7 @@ describe('#documents.create', async () => {
|
||||
},
|
||||
});
|
||||
const body = await res.json();
|
||||
const newDocument = await Document.findById(body.data.id);
|
||||
const newDocument = await Document.findByPk(body.data.id);
|
||||
expect(res.status).toEqual(200);
|
||||
expect(newDocument.parentDocumentId).toBe(null);
|
||||
expect(newDocument.collection.id).toBe(collection.id);
|
||||
|
||||
@@ -12,15 +12,16 @@ router.post('hooks.unfurl', async ctx => {
|
||||
const { challenge, token, event } = ctx.body;
|
||||
if (challenge) return (ctx.body = ctx.body.challenge);
|
||||
|
||||
if (token !== process.env.SLACK_VERIFICATION_TOKEN)
|
||||
if (token !== process.env.SLACK_VERIFICATION_TOKEN) {
|
||||
throw new AuthenticationError('Invalid token');
|
||||
}
|
||||
|
||||
const user = await User.find({
|
||||
const user = await User.findOne({
|
||||
where: { service: 'slack', serviceId: event.user },
|
||||
});
|
||||
if (!user) return;
|
||||
|
||||
const auth = await Authentication.find({
|
||||
const auth = await Authentication.findOne({
|
||||
where: { service: 'slack', teamId: user.teamId },
|
||||
});
|
||||
if (!auth) return;
|
||||
@@ -29,7 +30,7 @@ router.post('hooks.unfurl', async ctx => {
|
||||
let unfurls = {};
|
||||
for (let link of event.links) {
|
||||
const id = link.url.substr(link.url.lastIndexOf('/') + 1);
|
||||
const doc = await Document.findById(id);
|
||||
const doc = await Document.findByPk(id);
|
||||
if (!doc || doc.teamId !== user.teamId) continue;
|
||||
|
||||
unfurls[link.url] = {
|
||||
@@ -60,7 +61,7 @@ router.post('hooks.interactive', async ctx => {
|
||||
if (token !== process.env.SLACK_VERIFICATION_TOKEN)
|
||||
throw new AuthenticationError('Invalid verification token');
|
||||
|
||||
const user = await User.find({
|
||||
const user = await User.findOne({
|
||||
where: { service: 'slack', serviceId: data.user.id },
|
||||
});
|
||||
if (!user) {
|
||||
@@ -73,12 +74,12 @@ router.post('hooks.interactive', async ctx => {
|
||||
}
|
||||
|
||||
// we find the document based on the users teamId to ensure access
|
||||
const document = await Document.find({
|
||||
const document = await Document.findOne({
|
||||
where: { id: data.callback_id, teamId: user.teamId },
|
||||
});
|
||||
if (!document) throw new InvalidRequestError('Invalid document');
|
||||
|
||||
const team = await Team.findById(user.teamId);
|
||||
const team = await Team.findByPk(user.teamId);
|
||||
|
||||
// respond with a public message that will be posted in the original channel
|
||||
ctx.body = {
|
||||
@@ -100,7 +101,7 @@ router.post('hooks.slack', async ctx => {
|
||||
if (token !== process.env.SLACK_VERIFICATION_TOKEN)
|
||||
throw new AuthenticationError('Invalid verification token');
|
||||
|
||||
const user = await User.find({
|
||||
const user = await User.findOne({
|
||||
where: {
|
||||
service: 'slack',
|
||||
serviceId: user_id,
|
||||
@@ -113,7 +114,7 @@ router.post('hooks.slack', async ctx => {
|
||||
return;
|
||||
}
|
||||
|
||||
const team = await Team.findById(user.teamId);
|
||||
const team = await Team.findByPk(user.teamId);
|
||||
const results = await Document.searchForUser(user, text, {
|
||||
limit: 5,
|
||||
});
|
||||
|
||||
@@ -33,7 +33,7 @@ router.post('integrations.delete', auth(), async ctx => {
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const integration = await Integration.findById(id);
|
||||
const integration = await Integration.findByPk(id);
|
||||
authorize(user, 'delete', integration);
|
||||
|
||||
await integration.destroy();
|
||||
|
||||
@@ -47,7 +47,7 @@ router.post('notificationSettings.delete', auth(), async ctx => {
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const setting = await NotificationSetting.findById(id);
|
||||
const setting = await NotificationSetting.findByPk(id);
|
||||
authorize(user, 'delete', setting);
|
||||
|
||||
await setting.destroy();
|
||||
@@ -62,7 +62,7 @@ router.post('notificationSettings.unsubscribe', async ctx => {
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
ctx.assertPresent(token, 'token is required');
|
||||
|
||||
const setting = await NotificationSetting.findById(id);
|
||||
const setting = await NotificationSetting.findByPk(id);
|
||||
if (setting) {
|
||||
if (token !== setting.unsubscribeToken) {
|
||||
ctx.redirect(`${process.env.URL}?notice=invalid-auth`);
|
||||
|
||||
@@ -19,11 +19,12 @@ router.post('shares.list', auth(), pagination(), async ctx => {
|
||||
const where = {
|
||||
teamId: user.teamId,
|
||||
userId: user.id,
|
||||
// $FlowFixMe
|
||||
revokedAt: { [Op.eq]: null },
|
||||
};
|
||||
|
||||
if (user.isAdmin) delete where.userId;
|
||||
if (user.isAdmin) {
|
||||
delete where.userId;
|
||||
}
|
||||
|
||||
const collectionIds = await user.collectionIds();
|
||||
const shares = await Share.findAll({
|
||||
@@ -58,8 +59,8 @@ router.post('shares.create', auth(), async ctx => {
|
||||
ctx.assertPresent(documentId, 'documentId is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(documentId);
|
||||
const team = await Team.findById(user.teamId);
|
||||
const document = await Document.findByPk(documentId);
|
||||
const team = await Team.findByPk(user.teamId);
|
||||
authorize(user, 'share', document);
|
||||
authorize(user, 'share', team);
|
||||
|
||||
@@ -85,7 +86,7 @@ router.post('shares.revoke', auth(), async ctx => {
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const share = await Share.findById(id);
|
||||
const share = await Share.findByPk(id);
|
||||
authorize(user, 'revoke', share);
|
||||
|
||||
await share.revoke(user.id);
|
||||
|
||||
@@ -11,10 +11,11 @@ afterAll(server.close);
|
||||
|
||||
describe('#shares.list', async () => {
|
||||
it('should only return shares created by user', async () => {
|
||||
const { user, document } = await seed();
|
||||
const { user, admin, document } = await seed();
|
||||
await buildShare({
|
||||
documentId: document.id,
|
||||
teamId: user.teamId,
|
||||
userId: admin.id,
|
||||
});
|
||||
const share = await buildShare({
|
||||
documentId: document.id,
|
||||
@@ -51,10 +52,11 @@ describe('#shares.list', async () => {
|
||||
});
|
||||
|
||||
it('admins should return shares created by all users', async () => {
|
||||
const { admin, document } = await seed();
|
||||
const { user, admin, document } = await seed();
|
||||
const share = await buildShare({
|
||||
documentId: document.id,
|
||||
teamId: admin.teamId,
|
||||
userId: user.id,
|
||||
});
|
||||
const res = await server.post('/api/shares.list', {
|
||||
body: { token: admin.getJwtToken() },
|
||||
@@ -72,6 +74,7 @@ describe('#shares.list', async () => {
|
||||
await buildShare({
|
||||
documentId: document.id,
|
||||
teamId: admin.teamId,
|
||||
userId: admin.id,
|
||||
});
|
||||
|
||||
collection.private = true;
|
||||
|
||||
@@ -15,7 +15,7 @@ router.post('team.update', auth(), async ctx => {
|
||||
const endpoint = publicS3Endpoint();
|
||||
|
||||
const user = ctx.state.user;
|
||||
const team = await Team.findById(user.teamId);
|
||||
const team = await Team.findByPk(user.teamId);
|
||||
authorize(user, 'update', team);
|
||||
|
||||
if (process.env.SUBDOMAINS_ENABLED === 'true') {
|
||||
|
||||
@@ -119,10 +119,10 @@ router.post('users.promote', auth(), async ctx => {
|
||||
const teamId = ctx.state.user.teamId;
|
||||
ctx.assertPresent(userId, 'id is required');
|
||||
|
||||
const user = await User.findById(userId);
|
||||
const user = await User.findByPk(userId);
|
||||
authorize(ctx.state.user, 'promote', user);
|
||||
|
||||
const team = await Team.findById(teamId);
|
||||
const team = await Team.findByPk(teamId);
|
||||
await team.addAdmin(user);
|
||||
|
||||
ctx.body = {
|
||||
@@ -135,10 +135,10 @@ router.post('users.demote', auth(), async ctx => {
|
||||
const teamId = ctx.state.user.teamId;
|
||||
ctx.assertPresent(userId, 'id is required');
|
||||
|
||||
const user = await User.findById(userId);
|
||||
const user = await User.findByPk(userId);
|
||||
authorize(ctx.state.user, 'demote', user);
|
||||
|
||||
const team = await Team.findById(teamId);
|
||||
const team = await Team.findByPk(teamId);
|
||||
try {
|
||||
await team.removeAdmin(user);
|
||||
} catch (err) {
|
||||
@@ -161,10 +161,10 @@ router.post('users.suspend', auth(), async ctx => {
|
||||
const teamId = ctx.state.user.teamId;
|
||||
ctx.assertPresent(userId, 'id is required');
|
||||
|
||||
const user = await User.findById(userId);
|
||||
const user = await User.findByPk(userId);
|
||||
authorize(ctx.state.user, 'suspend', user);
|
||||
|
||||
const team = await Team.findById(teamId);
|
||||
const team = await Team.findByPk(teamId);
|
||||
try {
|
||||
await team.suspendUser(user, admin);
|
||||
} catch (err) {
|
||||
@@ -188,10 +188,10 @@ router.post('users.activate', auth(), async ctx => {
|
||||
const teamId = ctx.state.user.teamId;
|
||||
ctx.assertPresent(userId, 'id is required');
|
||||
|
||||
const user = await User.findById(userId);
|
||||
const user = await User.findByPk(userId);
|
||||
authorize(ctx.state.user, 'activate', user);
|
||||
|
||||
const team = await Team.findById(teamId);
|
||||
const team = await Team.findByPk(teamId);
|
||||
await team.activateUser(user, admin);
|
||||
|
||||
ctx.body = {
|
||||
|
||||
@@ -13,7 +13,7 @@ router.post('views.list', auth(), async ctx => {
|
||||
ctx.assertUuid(documentId, 'documentId is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(documentId);
|
||||
const document = await Document.findByPk(documentId);
|
||||
authorize(user, 'read', document);
|
||||
|
||||
const views = await View.findAll({
|
||||
@@ -37,7 +37,7 @@ router.post('views.create', auth(), async ctx => {
|
||||
ctx.assertUuid(documentId, 'documentId is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(documentId);
|
||||
const document = await Document.findByPk(documentId);
|
||||
authorize(user, 'read', document);
|
||||
|
||||
await View.increment({ documentId, userId: user.id });
|
||||
|
||||
Reference in New Issue
Block a user