added test for /users/me routes

app/controllers/users/users.profile.server.controller.js

@@ -15,44 +15,36 @@ exports.update = function(req, res) {
 	// Init Variables
 	var user = req.user;
 
-	// For security measurement we remove the roles from the req.body object
+	// To improve security we remove the roles from the req.body object
 	delete req.body.roles;
 
-	if (user) {
-		// Merge existing user
-		user = _.extend(user, req.body);
-		user.updated = Date.now();
+	// Merge existing user
+	user = _.extend(user, req.body);
+	user.updated = Date.now();
 
-		user.save(function(err) {
-			if (err) {
-				return res.status(500).send({
-					message: errorHandler.getErrorMessage(err)
-				});
-			} 
-			req.login(user, function(loginErr) {
-				if (err) {
-					res.status(500).send(loginErr);
-				} else {
-					user = helpers.removeSensitiveModelData('private_user', user);
-					res.json(user);
-				}
+	user.save(function(err) {
+		if (err) {
+			return res.status(500).send({
+				message: errorHandler.getErrorMessage(err)
 			});
-			
+		} 
+		req.login(user, function(loginErr) {
+			if (err) {
+				res.status(500).send(loginErr);
+			} else {
+				user = helpers.removeSensitiveModelData('private_user', user);
+				res.json(user);
+			}
 		});
-	} else {
-		res.status(401).send({
-			message: 'User is not signed in'
-		});
-	}
+		
+	});
 };
 
 /**
  * Send User
  */
 exports.getUser = function(req, res) {
-	var _user = helpers.removeSensitiveModelData('private_user', req.user);
+	var user = helpers.removeSensitiveModelData('private_user', req.user);
 
-	res.json(_user);
-
-	res.end();
+	return res.json(user);
 };

app/tests/user.server.routes.test.js

@@ -272,6 +272,79 @@ describe('User CRUD tests', function() {
 			});
 		});
 
+		it('should be able to update user when logged in', function(done) {
+			var newUser = {};
+	    	newUser.firstName = 'goodnight';
+	    	newUser.lastName = 'everyone';
+
+	    	newUser.email = 'grcg@gcrc.com';
+	    	newUser.username = 'grcg';
+
+			async.waterfall([
+			    function(callback) {
+			        userSession.post('/auth/signin')
+						.send({
+							username: _User.username,
+							password: _User.password
+						})
+						.expect(200)
+						.end(function(err, res) {
+							callback(err);
+						});
+			    },
+			    function(callback) {
+			        userSession.put('/users')
+			        	.send(newUser)
+						.expect(200)
+						.end(function(err, res) {
+							callback(err);
+						});
+			    },
+			    function(callback) {
+			    	User.findOne({ username: newUser.username })
+			    		.exec(function(err, user){
+			    			user.firstName.should.equal(newUser.firstName);
+			    			user.lastName.should.equal(newUser.lastName);
+			    			user.email.should.equal(newUser.email);
+			    			user.username.should.equal(newUser.username);
+			    			callback(err);
+			    		});
+			    }
+			], function (err) {
+				done(err);
+			});
+		});
+
+		it('should be able to fetch user when logged in', function(done) {
+			async.waterfall([
+			    function(callback) {
+			        userSession.post('/auth/signin')
+						.send({
+							username: _User.username,
+							password: _User.password
+						})
+						.expect(200)
+						.end(function(err, res) {
+							callback(err);
+						});
+			    },
+			    function(callback) {
+			        userSession.get('/users/me')
+						.expect(200)
+						.end(function(err, res) {
+							var user = res.body;
+							user.firstName.should.equal(_User.firstName);
+			    			user.lastName.should.equal(_User.lastName);
+			    			user.email.should.equal(_User.email);
+			    			user.username.should.equal(_User.username);
+							callback(err);
+						});
+			    }
+			], function (err) {
+				done(err);
+			});
+		});
+
 		afterEach(function(done){
 			userSession.get('/auth/signout')
                 .end(function(err, res) {