beenull/tellform
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

got all tests to run

Browse source
This commit is contained in:
David Baldwynn 2016-03-29 20:45:16 -07:00
parent 8c4129380b
commit d55775ddfc
15 changed files with 389 additions and 380 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
app/controllers/forms.server.controller.js
View file

@ -15,7 +15,7 @@ var mongoose = require('mongoose'),
_ = require('lodash'); _ = require('lodash');
/** /**
* Upload PDF * Upload PDF
*/ */
exports.uploadPDF = function(req, res, next) { exports.uploadPDF = function(req, res, next) {
@ -24,7 +24,7 @@ exports.uploadPDF = function(req, res, next) {
// console.log(req.files.file); // console.log(req.files.file);
// console.log('\n\nProperty Descriptor\n-----------'); // console.log('\n\nProperty Descriptor\n-----------');
// console.log(Object.getOwnPropertyDescriptor(req.files.file, 'path')); // console.log(Object.getOwnPropertyDescriptor(req.files.file, 'path'));
if(req.file){ if(req.file){
var pdfFile = req.file; var pdfFile = req.file;
var _user = req.user; var _user = req.user;
@ -33,9 +33,9 @@ exports.uploadPDF = function(req, res, next) {
}else if(req.files.size > 200000000){ }else if(req.files.size > 200000000){
next(new Error('File uploaded exceeds MAX SIZE of 200MB')); next(new Error('File uploaded exceeds MAX SIZE of 200MB'));
}else { }else {
fs.exists(pdfFile.path, function(exists) { fs.exists(pdfFile.path, function(exists) {
//If file exists move to user's tmp directory //If file exists move to user's tmp directory
if(exists) { if(exists) {
var newDestination = config.tmpUploadPath+_user.username; var newDestination = config.tmpUploadPath+_user.username;
var stat = null; var stat = null;
@ -48,7 +48,7 @@ exports.uploadPDF = function(req, res, next) {
console.log('Directory cannot be created'); console.log('Directory cannot be created');
next(new Error('Directory cannot be created because an inode of a different type exists at "' + newDestination + '"')); next(new Error('Directory cannot be created because an inode of a different type exists at "' + newDestination + '"'));
} }
fs.move(pdfFile.path, path.join(newDestination, pdfFile.name), function (err) { fs.move(pdfFile.path, path.join(newDestination, pdfFile.name), function (err) {
if (err) { if (err) {
next(new Error(err.message)); next(new Error(err.message));
@ -56,12 +56,12 @@ exports.uploadPDF = function(req, res, next) {
pdfFile.path = path.join(newDestination, pdfFile.name); pdfFile.path = path.join(newDestination, pdfFile.name);
console.log(pdfFile.name + ' uploaded to ' + pdfFile.path); console.log(pdfFile.name + ' uploaded to ' + pdfFile.path);
res.json(pdfFile); res.json(pdfFile);
}); });
} else { } else {
next(new Error('Did NOT get your file!')); next(new Error('Did NOT get your file!'));
} }
}); });
} }
}else { }else {
next(new Error('Uploaded files were NOT detected')); next(new Error('Uploaded files were NOT detected'));
@ -78,7 +78,7 @@ exports.deleteSubmissions = function(req, res) {
form = req.form; form = req.form;
FormSubmission.remove({ form: req.form, admin: req.user, _id: {$in: submission_id_list} }, function(err){ FormSubmission.remove({ form: req.form, admin: req.user, _id: {$in: submission_id_list} }, function(err){
if(err){ if(err){
res.status(400).send({ res.status(400).send({
message: errorHandler.getErrorMessage(err) message: errorHandler.getErrorMessage(err)
@ -134,7 +134,7 @@ exports.createSubmission = function(req, res) {
} }
submission.save(function(err, submission){ submission.save(function(err, submission){
// console.log('in submissions.save()\n submission: '+JSON.stringify(submission) ) // console.log('in submissions.save()\n submission: '+JSON.stringify(submission) )
if(err){ if(err){
console.log(err.message); console.log(err.message);
res.status(400).send({ res.status(400).send({
@ -167,10 +167,10 @@ exports.listSubmissions = function(req, res) {
res.status(400).send({ res.status(400).send({
message: errorHandler.getErrorMessage(err) message: errorHandler.getErrorMessage(err)
}); });
} }
res.json(_submissions); res.json(_submissions);
}); });
}); });
}; };
@ -213,7 +213,7 @@ exports.read = function(req, res) {
/** /**
* Update a form * Update a form
*/ */
exports.update = function(req, res) { exports.update = function(req, res) {
var form = req.form; var form = req.form;
delete req.body.form.__v; delete req.body.form.__v;
delete req.body.form._id; delete req.body.form._id;
@ -229,9 +229,9 @@ exports.update = function(req, res) {
delete field._id; delete field._id;
} }
} }
form = _.extend(form, req.body.form); form = _.extend(form, req.body.form);
form.save(function(err, form) { form.save(function(err, form) {
if (err) { if (err) {
console.log(err); console.log(err);
@ -306,7 +306,7 @@ exports.formByID = function(req, res, next, id) {
form.admin.password = undefined; form.admin.password = undefined;
form.admin.salt = undefined; form.admin.salt = undefined;
form.provider = undefined; form.provider = undefined;
req.form = form; req.form = form;
next(); next();
} }
@ -318,7 +318,6 @@ exports.formByID = function(req, res, next, id) {
* Form authorization middleware * Form authorization middleware
*/ */
exports.hasAuthorization = function(req, res, next) { exports.hasAuthorization = function(req, res, next) {
var form = req.form; var form = req.form;
if (req.form.admin.id !== req.user.id && req.user.roles.indexOf('admin') === -1) { if (req.form.admin.id !== req.user.id && req.user.roles.indexOf('admin') === -1) {
res.status(403).send({ res.status(403).send({

8
app/controllers/users/users.authentication.server.controller.js
View file

@ -93,7 +93,6 @@ exports.resendVerificationEmail = function(req, res, next){
* Signup * Signup
*/ */
exports.signup = function(req, res) { exports.signup = function(req, res) {
console.log(req.body);
// For security measures we remove the roles from the req.body object // For security measures we remove the roles from the req.body object
if (req.body) { if (req.body) {
delete req.body.roles; delete req.body.roles;
@ -127,7 +126,6 @@ exports.signup = function(req, res) {
message: errorHandler.getErrorMessage(err) message: errorHandler.getErrorMessage(err)
}); });
} else { } else {
console.log('new tmpuser registered');
return res.status(200).send('An email has been sent to you. Please check it to verify your account.'); return res.status(200).send('An email has been sent to you. Please check it to verify your account.');
} }
}); });
@ -146,7 +144,6 @@ exports.signup = function(req, res) {
* Signin after passport authentication * Signin after passport authentication
*/ */
exports.signin = function(req, res, next) { exports.signin = function(req, res, next) {
console.log(req);
passport.authenticate('local', function(err, user, info) { passport.authenticate('local', function(err, user, info) {
if (err || !user) { if (err || !user) {
res.status(400).send(info); res.status(400).send(info);
@ -174,8 +171,9 @@ exports.signin = function(req, res, next) {
*/ */
exports.signout = function(req, res) { exports.signout = function(req, res) {
req.logout(); req.logout();
res.redirect('/'); //res.redirect('/');
return res.end(); return res.status(200).send('You have successfully logged out.');
}; };
/** /**

3
app/controllers/users/users.authorization.server.controller.js
View file

@ -36,10 +36,11 @@ exports.userByID = function (req, res, next, id) {
*/ */
exports.requiresLogin = function(req, res, next) { exports.requiresLogin = function(req, res, next) {
if (!req.isAuthenticated()) { if (!req.isAuthenticated()) {
console.log('\n\nSENDING 401 STATUS\n\n');
return res.status(401).send({ return res.status(401).send({
message: 'User is not logged in' message: 'User is not logged in'
}); });
}else { } else {
return next(); return next();
} }
}; };

36
app/models/form.server.model.js
View file

@ -58,10 +58,10 @@ var FormSchema = new Schema({
}, },
description: { description: {
type: String, type: String,
default: '', default: ''
}, },
form_fields: { form_fields: {
type: [FieldSchema], type: [FieldSchema]
}, },
submissions: [{ submissions: [{
@ -92,46 +92,46 @@ var FormSchema = new Schema({
default: 'Welcome to Form' default: 'Welcome to Form'
}, },
introParagraph:{ introParagraph:{
type: String, type: String
}, },
buttons:[ButtonSchema] buttons:[ButtonSchema]
}, },
hideFooter: { hideFooter: {
type: Boolean, type: Boolean,
default: false, default: false
}, },
isGenerated: { isGenerated: {
type: Boolean, type: Boolean,
default: false, default: false
}, },
isLive: { isLive: {
type: Boolean, type: Boolean,
default: false, default: false
}, },
autofillPDFs: { autofillPDFs: {
type: Boolean, type: Boolean,
default: false, default: false
}, },
design: { design: {
colors:{ colors:{
backgroundColor: { backgroundColor: {
type: String, type: String,
match: [/^#([A-Fa-f0-9]{6}|[A-Fa-f0-9]{3})$/], match: [/^#([A-Fa-f0-9]{6}|[A-Fa-f0-9]{3})$/],
default: '#fff' default: '#fff'
}, },
questionColor: { questionColor: {
type: String, type: String,
match: [/^#([A-Fa-f0-9]{6}|[A-Fa-f0-9]{3})$/], match: [/^#([A-Fa-f0-9]{6}|[A-Fa-f0-9]{3})$/],
default: '#333', default: '#333',
}, },
answerColor: { answerColor: {
type: String, type: String,
match: [/^#([A-Fa-f0-9]{6}|[A-Fa-f0-9]{3})$/], match: [/^#([A-Fa-f0-9]{6}|[A-Fa-f0-9]{3})$/],
default: '#333', default: '#333',
}, },
buttonColor: { buttonColor: {
type: String, type: String,
match: [/^#([A-Fa-f0-9]{6}|[A-Fa-f0-9]{3})$/] match: [/^#([A-Fa-f0-9]{6}|[A-Fa-f0-9]{3})$/]
}, },
@ -369,7 +369,7 @@ FormSchema.pre('save', function (next) {
//console.log('field has been deleted: '); //console.log('field has been deleted: ');
//console.log(this.isModified('form_fields') && !!this.form_fields && !!_original); //console.log(this.isModified('form_fields') && !!this.form_fields && !!_original);
if(this.isModified('form_fields') && this.form_fields.length >= 0 && _original){ if(this.isModified('form_fields') && this.form_fields && _original){
var old_form_fields = _original.form_fields, var old_form_fields = _original.form_fields,
new_ids = _.map(_.pluck(this.form_fields, '_id'), function(id){ return ''+id;}), new_ids = _.map(_.pluck(this.form_fields, '_id'), function(id){ return ''+id;}),
@ -389,9 +389,9 @@ FormSchema.pre('save', function (next) {
var modifiedSubmissions = []; var modifiedSubmissions = [];
async.forEachOfSeries(deletedIds, async.forEachOfSeries(deletedIds,
function (deletedIdIndex, key, callback) { function (deletedIdIndex, key, callback) {
var deleted_id = old_ids[deletedIdIndex]; var deleted_id = old_ids[deletedIdIndex];
//Find FormSubmissions that contain field with _id equal to 'deleted_id' //Find FormSubmissions that contain field with _id equal to 'deleted_id'
@ -407,14 +407,14 @@ FormSchema.pre('save', function (next) {
if(submissions.length) { if(submissions.length) {
// console.log('adding submissions'); // console.log('adding submissions');
// console.log(submissions); // console.log(submissions);
//Add submissions //Add submissions
modifiedSubmissions.push.apply(modifiedSubmissions, submissions); modifiedSubmissions.push.apply(modifiedSubmissions, submissions);
} }
callback(null); callback(null);
}); });
// } // }
}, },
function (err) { function (err) {
if(err){ if(err){
console.error(err.message); console.error(err.message);
@ -431,7 +431,7 @@ FormSchema.pre('save', function (next) {
for(var i = 0; i < deletedIds.length; i++){ for(var i = 0; i < deletedIds.length; i++){
//Get index of deleted field //Get index of deleted field
var index = _.findIndex(submission.form_fields, function(field) { var index = _.findIndex(submission.form_fields, function(field) {
var tmp_id = field._id+''; var tmp_id = field._id+'';
return tmp_id === old_ids[ deletedIds[i] ]; return tmp_id === old_ids[ deletedIds[i] ];
}); });
@ -458,7 +458,7 @@ FormSchema.pre('save', function (next) {
submission.save(function (err) { submission.save(function (err) {
if(err) callback(err); if(err) callback(err);
else callback(null); else callback(null);
}); });
}, function (err) { }, function (err) {
if(err){ if(err){
console.error(err.message); console.error(err.message);

29
app/models/user.server.model.js
View file

@ -15,7 +15,14 @@ var mongoose = require('mongoose'),
* A Validation function for local strategy properties * A Validation function for local strategy properties
*/ */
var validateLocalStrategyProperty = function(property) { var validateLocalStrategyProperty = function(property) {
return ((this.provider !== 'local' && !this.updated) || property.length); var propHasLength;
if (property) {
propHasLength = !!property.length;
} else {
propHasLength = false;
}
return ((this.provider !== 'local' && !this.updated) || propHasLength);
}; };
/** /**
@ -34,9 +41,7 @@ var UserSchema = new Schema({
trim: true, trim: true,
default: '', default: '',
validate: { validate: {
validator: function(property) { validator: validateLocalStrategyProperty,
return ((this.provider !== 'local' && !this.updated) || property.length);
},
message: 'Please fill in your first name' message: 'Please fill in your first name'
} }
}, },
@ -45,10 +50,7 @@ var UserSchema = new Schema({
trim: true, trim: true,
default: '', default: '',
validate: { validate: {
validator: function(property) { validator: validateLocalStrategyProperty,
console.log(property);
return ((this.provider !== 'local' && !this.updated) || property.length);
},
message: 'Please fill in your last name' message: 'Please fill in your last name'
} }
}, },
@ -58,16 +60,7 @@ var UserSchema = new Schema({
unique: 'Account already exists with this email', unique: 'Account already exists with this email',
required: 'Please enter your email', required: 'Please enter your email',
validate: { validate: {
validator: function(property) { validator: validateLocalStrategyProperty,
var propHasLength;
if (property) {
propHasLength = !!property.length;
} else {
propHasLength = false;
}
return ((this.provider !== 'local' && !this.updated) || propHasLength);
},
message: 'Please fill in your email' message: 'Please fill in your email'
}, },
match: [/.+\@.+\..+/, 'Please fill a valid email address'] match: [/.+\@.+\..+/, 'Please fill a valid email address']

2
app/routes/forms.server.routes.js
View file

@ -38,7 +38,7 @@ module.exports = function(app) {
.delete(users.requiresLogin, forms.hasAuthorization, forms.delete); .delete(users.requiresLogin, forms.hasAuthorization, forms.delete);
app.route('/forms/:formId([a-zA-Z0-9]+)/submissions') app.route('/forms/:formId([a-zA-Z0-9]+)/submissions')
.get(forms.listSubmissions, users.requiresLogin, forms.hasAuthorization) .get(users.requiresLogin, forms.hasAuthorization, forms.listSubmissions)
.delete(users.requiresLogin, forms.hasAuthorization, forms.deleteSubmissions); .delete(users.requiresLogin, forms.hasAuthorization, forms.deleteSubmissions);
// Finish by binding the form middleware // Finish by binding the form middleware

248
app/tests/form.server.model.test.js
View file

@ -1,137 +1,137 @@
// 'use strict'; 'use strict';
// /** /**
// * Module dependencies. * Module dependencies.
// */ */
// var should = require('should'), var should = require('should'),
// mongoose = require('mongoose'), mongoose = require('mongoose'),
// User = mongoose.model('User'), User = mongoose.model('User'),
// Form = mongoose.model('Form'), Form = mongoose.model('Form'),
// Field = mongoose.model('Field'), Field = mongoose.model('Field'),
// _ = require('lodash'), _ = require('lodash'),
// config = require('../../config/config'), config = require('../../config/config'),
// FormSubmission = mongoose.model('FormSubmission'); FormSubmission = mongoose.model('FormSubmission');
// var exampleDemo = { var exampleDemo = {
// activeCount: 1, activeCount: 1,
// DOB: '', DOB: '',
// address: '880-9650 Velit. St.', address: '880-9650 Velit. St.',
// chartNo: '', chartNo: '',
// city: '', city: '',
// dateJoined: Date.now(), dateJoined: Date.now(),
// dateOfBirth: '10', dateOfBirth: '10',
// displayName: 'LITTLE, URIAH', displayName: 'LITTLE, URIAH',
// email: '', email: '',
// familyDoctor: '<rdohip></rdohip><rd></rd>', familyDoctor: '<rdohip></rdohip><rd></rd>',
// firstName: 'Uriah F.', firstName: 'Uriah F.',
// hcType: 'BC', hcType: 'BC',
// hin: '', hin: '',
// hsAlertCount: 0, hsAlertCount: 0,
// lastName: 'Little', lastName: 'Little',
// lastUpdateDate: Date.now(), lastUpdateDate: Date.now(),
// lastUpdateUser: '', lastUpdateUser: '',
// links: '', links: '',
// monthOfBirth: '05', monthOfBirth: '05',
// officialLanguage: 'English', officialLanguage: 'English',
// patientStatus: 'AC', patientStatus: 'AC',
// patientStatusDate: Date.now(), patientStatusDate: Date.now(),
// phone: '250-', phone: '250-',
// phone2: '', phone2: '',
// postal: 'S4M 7T8', postal: 'S4M 7T8',
// providerNo: '4', providerNo: '4',
// province: 'BC', province: 'BC',
// rosterStatus: '', rosterStatus: '',
// sex: 'M', sex: 'M',
// sexDesc: 'Female', sexDesc: 'Female',
// sin: '', sin: '',
// spokenLanguage: 'English', spokenLanguage: 'English',
// title: 'MS.', title: 'MS.',
// yearOfBirth: '2015' yearOfBirth: '2015'
// }; };
// /** /**
// * Globals * Globals
// */ */
// var user, myForm, mySubmission; var user, myForm, mySubmission;
// /** /**
// * Unit tests * Unit tests
// */ */
// describe('Form Model Unit Tests:', function() { describe('Form Model Unit Tests:', function() {
// this.timeout(15000); this.timeout(15000);
// beforeEach(function(done) { beforeEach(function(done) {
// user = new User({ user = new User({
// firstName: 'Full', firstName: 'Full',
// lastName: 'Name', lastName: 'Name',
// displayName: 'Full Name', displayName: 'Full Name',
// email: 'test@test.com', email: 'test@test.com',
// username: 'aueoaueoa', username: 'aueoaueoa',
// password: 'password', password: 'password',
// provider: 'local' provider: 'local'
// }); });
// user.save(function(err) { user.save(function(err) {
// if(err) { if(err) {
// done(err); done(err);
// return; return;
// } }
// myForm = new Form({ myForm = new Form({
// title: 'Form Title', title: 'Form Title',
// admin: user, admin: user,
// language: 'english', language: 'english',
// form_fields: [ form_fields: [
// {'fieldType':'textfield', title:'First Name', 'fieldValue': ''}, {'fieldType':'textfield', title:'First Name', 'fieldValue': ''},
// {'fieldType':'checkbox', title:'nascar', 'fieldValue': ''}, {'fieldType':'checkbox', title:'nascar', 'fieldValue': ''},
// {'fieldType':'checkbox', title:'hockey', 'fieldValue': ''} {'fieldType':'checkbox', title:'hockey', 'fieldValue': ''}
// ] ]
// }); });
// done(); done();
// }); });
// }); });
// describe('Method Save', function() { describe('Method Save', function() {
// it('should be able to save without problems', function(done) { it('should be able to save without problems', function(done) {
// return myForm.save(function(err) { return myForm.save(function(err) {
// should.not.exist(err); should.not.exist(err);
// done(); done();
// }); });
// }); });
// it('should be able to show an error when try to save without title', function(done) { it('should be able to show an error when try to save without title', function(done) {
// var _form = myForm; var _form = myForm;
// _form.title = ''; _form.title = '';
// return _form.save(function(err) { return _form.save(function(err) {
// should.exist(err); should.exist(err);
// should.equal(err.errors.title.message, 'Form Title cannot be blank'); should.equal(err.errors.title.message, 'Form Title cannot be blank');
// done(); done();
// }); });
// }); });
// }); });
// describe('Method Find', function(){ describe('Method Find', function(){
// beforeEach(function(done){ beforeEach(function(done){
// myForm.save(function(err) { myForm.save(function(err) {
// if(err) return done(err); if(err) return done(err);
// done(); done();
// }); });
// }); });
// it('should be able to findOne my form without problems', function(done) { it('should be able to findOne my form without problems', function(done) {
// return Form.findOne({title: myForm.title}).exec(function(err,form) { return Form.findOne({title: myForm.title}).exec(function(err,form) {
// should.not.exist(err); should.not.exist(err);
// should.exist(form); should.exist(form);
// should.deepEqual(form.toObject(), myForm.toObject()); should.deepEqual(form.toObject(), myForm.toObject());
// done(); done();
// }); });
// }); });
// }); });
// afterEach(function(done) { afterEach(function(done) {
// Form.remove().exec(function() { Form.remove().exec(function() {
// User.remove().exec(done); User.remove().exec(done);
// }); });
// }); });
// }); });

47
app/tests/form.server.routes.test.js
View file

@ -4,7 +4,7 @@ var should = require('should'),
lodash = require('lodash'), lodash = require('lodash'),
app = require('../../server'), app = require('../../server'),
request = require('supertest'), request = require('supertest'),
session = require('supertest-session'), Session = require('supertest-session'),
mongoose = require('mongoose'), mongoose = require('mongoose'),
User = mongoose.model('User'), User = mongoose.model('User'),
Form = mongoose.model('Form'), Form = mongoose.model('Form'),
@ -20,12 +20,13 @@ describe('Form Routes Unit tests', function() {
/** /**
* Globals * Globals
*/ */
var credentials, user, myForm, userSession = null; this.timeout(15000);
var credentials, user, myForm, userSession;
beforeEach(function(done) { beforeEach(function(done) {
//Initialize Session //Initialize Session
userSession = session(app); userSession = Session(app);
// Create user credentials // Create user credentials
credentials = { credentials = {
@ -38,7 +39,7 @@ describe('Form Routes Unit tests', function() {
firstName: 'Full', firstName: 'Full',
lastName: 'Name', lastName: 'Name',
displayName: 'Full Name', displayName: 'Full Name',
email: 'test1@test.com', email: 'test5@test.com',
username: credentials.username, username: credentials.username,
password: credentials.password, password: credentials.password,
provider: 'local' provider: 'local'
@ -50,20 +51,19 @@ describe('Form Routes Unit tests', function() {
myForm = { myForm = {
title: 'Form Title', title: 'Form Title',
language: 'english', language: 'english',
admin: user.lodashid, admin: user.id,
formlodashfields: [ form_fields: [
new Field({'fieldType':'textfield', 'title':'First Name', 'fieldValue': ''}), new Field({'fieldType':'textfield', 'title':'First Name', 'fieldValue': ''}),
new Field({'fieldType':'checkbox', 'title':'nascar', 'fieldValue': ''}), new Field({'fieldType':'checkbox', 'title':'nascar', 'fieldValue': ''}),
new Field({'fieldType':'checkbox', 'title':'hockey', 'fieldValue': ''}) new Field({'fieldType':'checkbox', 'title':'hockey', 'fieldValue': ''})
] ]
}; };
done(); done();
}); });
}); });
describe(' > Login and Save a new Form >', function() { describe(' > Login and Save a new Form >', function() {
var lodashuser, lodashform; var _user, _form;
before(function(done){ before(function(done){
userSession.post('/auth/signin') userSession.post('/auth/signin')
.send(credentials) .send(credentials)
@ -74,7 +74,7 @@ describe('Form Routes Unit tests', function() {
// Handle signin error // Handle signin error
if (signinErr) return done(signinErr); if (signinErr) return done(signinErr);
lodashuser = signinRes.body; _user = signinRes.body;
done(); done();
}); });
}); });
@ -87,14 +87,14 @@ describe('Form Routes Unit tests', function() {
.end(function(FormSaveErr, FormSaveRes) { .end(function(FormSaveErr, FormSaveRes) {
// Handle Form save error // Handle Form save error
if (FormSaveErr) return done(FormSaveErr); if (FormSaveErr) return done(FormSaveErr);
lodashform = FormSaveRes.body; _form = FormSaveRes.body;
done(); done();
}); });
}); });
it(' > should be able to fetch newly created form', function(done){ it(' > should be able to fetch newly created form', function(done){
// Get a list of Forms // Get a list of Forms
userSession.get('/forms/'+lodashform.lodashid) userSession.get('/forms/'+_form._id)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200) .expect(200)
.end(function(FormsGetErr, FormsGetRes) { .end(function(FormsGetErr, FormsGetRes) {
@ -103,8 +103,8 @@ describe('Form Routes Unit tests', function() {
var fetchedForm = FormsGetRes.body; var fetchedForm = FormsGetRes.body;
// Set assertions // Set assertions
(fetchedForm.admin).should.equal(lodashuser.lodashid); (fetchedForm.admin).should.equal(_user._id);
(fetchedForm.title).should.match(lodashform.title); (fetchedForm.title).should.match(_form.title);
// Call the assertion callback // Call the assertion callback
done(); done();
@ -147,18 +147,13 @@ describe('Form Routes Unit tests', function() {
// Set Form with a invalid title field // Set Form with a invalid title field
myForm.title = ''; myForm.title = '';
agent.post('/auth/signin') agent.post('http://localhost:3001/auth/signin')
.send(credentials) .send(credentials)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200) .expect(200)
.end(function(signinErr, signinRes) { .end(function(signinErr, signinRes) {
should.not.exist(signinErr); should.not.exist(signinErr);
// Handle signin error
if (signinErr) {
console.log(signinErr);
return done(signinErr);
}
done(); done();
// Save a new Form // Save a new Form
// userSession.post('/forms') // userSession.post('/forms')
@ -195,7 +190,7 @@ describe('Form Routes Unit tests', function() {
myForm.title = 'WHY YOU GOTTA BE SO MEAN?'; myForm.title = 'WHY YOU GOTTA BE SO MEAN?';
// Update an existing Form // Update an existing Form
userSession.put('/forms/' + FormSaveRes.body.lodashid) userSession.put('/forms/' + FormSaveRes.body._id)
.send({form: myForm}) .send({form: myForm})
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200) .expect(200)
@ -204,7 +199,7 @@ describe('Form Routes Unit tests', function() {
if (FormUpdateErr) done(FormUpdateErr); if (FormUpdateErr) done(FormUpdateErr);
// Set assertions // Set assertions
(FormUpdateRes.body.lodashid).should.equal(FormSaveRes.body.lodashid); (FormUpdateRes.body._id).should.equal(FormSaveRes.body._id);
(FormUpdateRes.body.title).should.match('WHY YOU GOTTA BE SO MEAN?'); (FormUpdateRes.body.title).should.match('WHY YOU GOTTA BE SO MEAN?');
// Call the assertion callback // Call the assertion callback
@ -222,7 +217,7 @@ describe('Form Routes Unit tests', function() {
FormObj.save(function(err, form) { FormObj.save(function(err, form) {
if(err) return done(err); if(err) return done(err);
agent.get('/forms/' + form.lodashid) agent.get('/forms/' + form._id)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200) .expect(200)
.end(function(err, res) { .end(function(err, res) {
@ -257,7 +252,7 @@ describe('Form Routes Unit tests', function() {
if (FormSaveErr) return done(FormSaveErr); if (FormSaveErr) return done(FormSaveErr);
// Delete an existing Form // Delete an existing Form
userSession.delete('/forms/' + FormSaveRes.body.lodashid) userSession.delete('/forms/' + FormSaveRes.body._id)
.send(myForm) .send(myForm)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200) .expect(200)
@ -267,7 +262,7 @@ describe('Form Routes Unit tests', function() {
// Set assertions // Set assertions
(FormDeleteRes.body).should.exist(); (FormDeleteRes.body).should.exist();
// (FormDeleteRes.body.lodashid).should.equal(FormSaveRes.body.lodashid); // (FormDeleteRes.body._id).should.equal(FormSaveRes.body._id);
// Call the assertion callback // Call the assertion callback
done(); done();
@ -287,7 +282,7 @@ describe('Form Routes Unit tests', function() {
// Save the Form // Save the Form
FormObj.save(function() { FormObj.save(function() {
// Try deleting Form // Try deleting Form
agent.delete('/forms/' + FormObj.lodashid) agent.delete('/forms/' + FormObj._id)
.expect(401) .expect(401)
.end(function(FormDeleteErr, FormDeleteRes) { .end(function(FormDeleteErr, FormDeleteRes) {
// Set message assertion // Set message assertion
@ -311,7 +306,7 @@ describe('Form Routes Unit tests', function() {
if (signinErr) return done(signinErr); if (signinErr) return done(signinErr);
var user = signinRes.body; var user = signinRes.body;
var userId = user.lodashid; var userId = user._id;
// Save a new Form // Save a new Form
userSession.post('/forms') userSession.post('/forms')

121
app/tests/form_submission.model.test.js
View file

@ -15,7 +15,7 @@ var should = require('should'),
OscarSecurity = require('../../scripts/oscarhost/OscarSecurity'), OscarSecurity = require('../../scripts/oscarhost/OscarSecurity'),
FormSubmission = mongoose.model('FormSubmission'); FormSubmission = mongoose.model('FormSubmission');
var exampleDemo = { var exampleDemo = {
address: '880-9650 Velit. St.', address: '880-9650 Velit. St.',
city: '', city: '',
dateOfBirth: '10', dateOfBirth: '10',
@ -36,7 +36,7 @@ var exampleDemo = {
sin: '', sin: '',
spokenLanguage: 'English', spokenLanguage: 'English',
title: 'MS.', title: 'MS.',
yearOfBirth: '2015' yearOfBirth: '2015'
}; };
@ -56,6 +56,19 @@ var sampleSubmission = [
{'fieldType':'number', 'title':'What\'s your phone #?', 'fieldValue': '6043158008'} {'fieldType':'number', 'title':'What\'s your phone #?', 'fieldValue': '6043158008'}
]; ];
_.mixin({
deepOmit: function(obj, iteratee, context) {
var r = _.omit(obj, iteratee, context);
_.each(r, function(val, key) {
if (typeof(val) === "object")
r[key] = _.deepOmit(val, iteratee, context);
});
return r;
}
});
/** /**
* Globals * Globals
@ -83,7 +96,7 @@ describe('FormSubmission Model Unit Tests:', function() {
console.log(err.errors); console.log(err.errors);
done(err); done(err);
return; return;
} }
myForm = new Form({ myForm = new Form({
title: 'Form Title1', title: 'Form Title1',
admin: user._id, admin: user._id,
@ -94,14 +107,14 @@ describe('FormSubmission Model Unit Tests:', function() {
{'fieldType':'radio', 'title':'And your sex', 'fieldOptions': [{ 'option_id': 0, 'option_title': 'Male', 'option_value': 'M' }, { 'option_id': 1, 'option_title': 'Female', 'option_value': 'F' }], 'fieldValue': ''}, {'fieldType':'radio', 'title':'And your sex', 'fieldOptions': [{ 'option_id': 0, 'option_title': 'Male', 'option_value': 'M' }, { 'option_id': 1, 'option_title': 'Female', 'option_value': 'F' }], 'fieldValue': ''},
{'fieldType':'date', 'title':'When were you born?', 'fieldValue': ''}, {'fieldType':'date', 'title':'When were you born?', 'fieldValue': ''},
{'fieldType':'number', 'title':'What\'s your phone #?', 'fieldValue': ''}, {'fieldType':'number', 'title':'What\'s your phone #?', 'fieldValue': ''},
], ],
plugins: { plugins: {
oscarhost: { oscarhost: {
baseUrl: config.oscarhost.baseUrl, baseUrl: config.oscarhost.baseUrl,
settings: { settings: {
updateType: 'force_add', updateType: 'force_add'
}, },
auth: config.oscarhost.auth, auth: config.oscarhost.auth
} }
} }
}); });
@ -117,14 +130,14 @@ describe('FormSubmission Model Unit Tests:', function() {
for(var z=0; z<submissionFields.length; z++){ for(var z=0; z<submissionFields.length; z++){
submissionFields[z] = _.extend(myForm.form_fields[z], sampleSubmission[z]); submissionFields[z] = _.extend(myForm.form_fields[z], sampleSubmission[z]);
} }
mySubmission = new FormSubmission({ mySubmission = new FormSubmission({
admin: user._id, admin: user._id,
form: myForm._id, form: myForm._id,
timeElapsed: 17.55, timeElapsed: 17.55,
form_fields: submissionFields form_fields: submissionFields
}); });
done(); done();
}); });
}); });
@ -175,7 +188,7 @@ describe('FormSubmission Model Unit Tests:', function() {
// }; // };
// async.waterfall([ // async.waterfall([
// function (callback) { // function (callback) {
// //Authenticate with API // //Authenticate with API
// soap.createClient(url_login, options, function(err, client) { // soap.createClient(url_login, options, function(err, client) {
// client.login(args_login, function (err, result) { // client.login(args_login, function (err, result) {
@ -203,7 +216,7 @@ describe('FormSubmission Model Unit Tests:', function() {
// console.log(result.return); // console.log(result.return);
// done(); // done();
// }); // });
// }); // });
}); });
@ -234,69 +247,73 @@ describe('FormSubmission Model Unit Tests:', function() {
}); });
describe('Test FormField and Submission Logic', function() { describe('Test FormField and Submission Logic', function() {
var new_form_fields_add1, new_form_fields_del;
beforeEach(function(done){ beforeEach(function(done){
new_form_fields_add1 = _.clone(myForm.toObject().form_fields);
new_form_fields_add1.push(
{'fieldType':'textfield', 'title':'Last Name', 'fieldValue': ''}
);
//Create Submission //Create Submission
mySubmission = new FormSubmission({ mySubmission = new FormSubmission({
form_fields: sampleSubmission, form_fields: sampleSubmission,
admin: user, admin: user,
form: myForm, form: myForm,
timeElapsed: 17.55 timeElapsed: 17.55
}); });
mySubmission.save(function(err){ mySubmission.save(function(err){
should.not.exist(err); should.not.exist(err);
done(); done();
}); });
}); });
// it('should preserve deleted form_fields that have submissions without any problems', function(done) {
// var old_fields = myForm.toObject().form_fields; it('should preserve deleted form_fields that have submissions without any problems', function(done) {
// var new_form_fields = _.clone(myForm.toObject().form_fields);
// new_form_fields.splice(0, 1);
// myForm.form_fields = new_form_fields; var old_fields = myForm.toObject().form_fields;
var new_form_fields = _.clone(myForm.toObject().form_fields);
new_form_fields.splice(0, 1);
// myForm.save(function(err, _form) { myForm.form_fields = new_form_fields;
// should.not.exist(err); myForm.save(function(err, _form) {
// should.exist(_form);
// // var actual_fields = _.map(_form.toObject().form_fields, function(o){ _.omit(o, '_id')}); should.not.exist(err);
// // old_fields = _.map(old_fields, function(o){ _.omit(o, '_id')}); should.exist(_form.form_fields);
// // console.log(old_fields); var actual_fields = _.deepOmit(_form.toObject().form_fields, ['lastModified', 'created', '_id']);
// should.deepEqual(JSON.stringify(_form.toObject().form_fields), JSON.stringify(old_fields), 'old form_fields not equal to newly saved form_fields'); old_fields = _.deepOmit(old_fields, ['lastModified', 'created', '_id']);
// done();
// });
// });
// it('should delete \'preserved\' form_fields whose submissions have been removed without any problems', function(done) { should.deepEqual(JSON.stringify(actual_fields), JSON.stringify(old_fields), 'old form_fields not equal to newly saved form_fields');
done();
});
});
//
it('should delete \'preserved\' form_fields whose submissions have been removed without any problems', function(done) {
// myForm.form_fields = new_form_fields_del; var old_fields = myForm.toObject().form_fields;
// myForm.save(function(err, form var new_form_fields = _.clone(myForm.toObject().form_fields);
// should.not.exist(err); new_form_fields.splice(0, 1);
// (form.form_fields).should.be.eql(old_fields, 'old form_fields not equal to newly saved form_fields');
myForm.form_fields = new_form_fields;
// //Remove submission
// mySubmission.remove(function(err){ myForm.save(function(err, _form){
// myForm.submissions.should.have.length(0); should.not.exist(err);
// myForm.form_fields.should.not.containDeep(old_fields[0]); should.exist(_form.form_fields);
// }); should.exist(old_fields);
// });
// }); var actual_fields = _.deepOmit(_form.toObject().form_fields, ['lastModified', 'created', '_id']);
old_fields = _.deepOmit(old_fields, ['lastModified', 'created', '_id']);
should.deepEqual(JSON.stringify(actual_fields), JSON.stringify(old_fields)); //'old form_fields not equal to newly saved form_fields');
done();
// //Remove submission
// mySubmission.remove(function(err){
// myForm.submissions.should.have.length(0);
// myForm.form_fields.should.not.containDeep(old_fields[0]);
// done();
// });
});
});
afterEach(function(done){ afterEach(function(done){
mySubmission.remove(function(){ mySubmission.remove(function(){
done(); done();

119
app/tests/form_submission.routes.test.js
View file

@ -15,20 +15,19 @@ var should = require('should'),
/** /**
* Globals * Globals
*/ */
var credentials, user, userSession; var credentials, user;
/** /**
* Form routes tests * Form routes tests
*/ */
describe('Form Routes Unit tests', function() { describe('Form Submission Routes Unit tests', function() {
var FormObj, _Submission, submissionSession; var FormObj, _Submission, submissionSession;
beforeEach(function(done) {
//Initialize Session beforeEach(function(done) {
userSession = new Session();
// Create user credentials // Create user credentials
credentials = { credentials = {
email: 'test@test.com',
username: 'test@test.com', username: 'test@test.com',
password: 'password' password: 'password'
}; };
@ -46,7 +45,7 @@ describe('Form Routes Unit tests', function() {
// Save a user to the test db and create new Form // Save a user to the test db and create new Form
user.save(function(err) { user.save(function(err) {
if(err) return done(err); if(err) return done(err);
FormObj = { FormObj = new Form({
title: 'Form Title', title: 'Form Title',
language: 'english', language: 'english',
admin: user._id, admin: user._id,
@ -55,7 +54,7 @@ describe('Form Routes Unit tests', function() {
new Field({'fieldType':'checkbox', 'title':'nascar', 'fieldValue': ''}), new Field({'fieldType':'checkbox', 'title':'nascar', 'fieldValue': ''}),
new Field({'fieldType':'checkbox', 'title':'hockey', 'fieldValue': ''}) new Field({'fieldType':'checkbox', 'title':'hockey', 'fieldValue': ''})
] ]
}; });
FormObj.save(function(err, form) { FormObj.save(function(err, form) {
if (err) done(err); if (err) done(err);
@ -74,8 +73,8 @@ describe('Form Routes Unit tests', function() {
FormObj = form; FormObj = form;
//Setup test session //Initialize Session
submissionSession = new Session(); submissionSession = Session(app);
done(); done();
}); });
@ -98,21 +97,21 @@ describe('Form Routes Unit tests', function() {
}); });
it(' > should be able to get Form Submissions if signed in', function(done) { it(' > should be able to get Form Submissions if signed in', function(done) {
submissionSession.post('/auth/signin') //Create Submission
.send(credentials) submissionSession.post('/forms/' + FormObj._id)
.expect('Content-Type', /json/) .send(_Submission)
.expect(200) .expect(200)
.end(function(signinErr, signinRes) { .end(function(err, res) {
should.not.exist(signinErr); should.not.exist(err);
//Create Submission submissionSession.post('/auth/signin')
submissionSession.post('/forms/' + FormObj._id) .send(credentials)
.send(_Submission) .expect('Content-Type', /json/)
.expect(200) .expect(200)
.end(function(err, res) { .end(function(signinErr, signinRes) {
should.not.exist(err); should.not.exist(signinErr);
submissionSession.get('/forms/' + FormObj._id + '/submissions') submissionSession.get('/forms/' + FormObj._id + '/submissions')
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
@ -129,44 +128,6 @@ describe('Form Routes Unit tests', function() {
}); });
}); });
it(' > should not be able to get Form Submissions if not signed in', function(done) {
// Attempt to fetch form submissions
submissionSession.get('/forms/' + FormObj._id + '/submissions')
.expect(401)
.end(function(err, res) {
// Set assertions
(res.body.message).should.equal('User is not logged in');
// Call the assertion callback
done();
});
});
it(' > should not be able to delete Form Submission if not signed in', function(done) {
var SubmissionObj = new FormSubmission(_Submission);
SubmissionObj.save(function (err, submission) {
should.not.exist(err);
var submission_ids = _.pluck([submission], '_id');
// Attempt to delete form submissions
submissionSession.delete('/forms/' + FormObj._id + '/submissions')
.send({deleted_submissions: submission_ids})
.expect(401)
.end(function(err, res) {
// Set assertions
should.not.exist(err);
(res.body.message).should.equal('User is not logged in');
// Call the assertion callback
done();
});
});
});
it(' > should be able to delete Form Submission if signed in', function(done) { it(' > should be able to delete Form Submission if signed in', function(done) {
// Create new FormSubmission model instance // Create new FormSubmission model instance
var SubmissionObj = new FormSubmission(_Submission); var SubmissionObj = new FormSubmission(_Submission);
@ -174,14 +135,14 @@ describe('Form Routes Unit tests', function() {
SubmissionObj.save(function (err, submission) { SubmissionObj.save(function (err, submission) {
should.not.exist(err); should.not.exist(err);
// Signin as user // Sign n as user
submissionSession.post('/auth/signin') submissionSession.post('/auth/signin')
.send(credentials) .send(credentials)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200) .expect(200)
.end(function(signinErr, signinRes) { .end(function(signinErr, signinRes) {
// Handle signin error // Handle signin error
if (signinErr) return done(signinErr); should.not.exist(signinErr);
var submission_ids = _.pluck([submission], '_id'); var submission_ids = _.pluck([submission], '_id');
@ -202,6 +163,46 @@ describe('Form Routes Unit tests', function() {
}); });
}); });
it(' > should not be able to get Form Submissions if not signed in', function(done) {
// Attempt to fetch form submissions
submissionSession.get('/forms/' + FormObj._id + '/submissions')
.expect(401)
.end(function(err, res) {
should.not.exist(err);
// Set assertions
(res.body.message).should.equal('User is not logged in');
// Call the assertion callback
done();
});
});
it(' > should not be able to delete Form Submission if not signed in', function(done) {
var SubmissionObj = new FormSubmission(_Submission);
SubmissionObj.save(function (err, submission) {
should.not.exist(err);
var submission_ids = _.pluck([submission], '_id');
// Attempt to delete form submissions
submissionSession.delete('/forms/' + FormObj._id + '/submissions')
.send({deleted_submissions: submission_ids})
.expect(401)
.end(function (err, res) {
// Set assertions
should.not.exist(err);
(res.body.message).should.equal('User is not logged in');
// Call the assertion callback
done();
});
});
});
afterEach(function(done) {//logout current user if there is one afterEach(function(done) {//logout current user if there is one
FormSubmission.remove().exec(function() { FormSubmission.remove().exec(function() {
Form.remove().exec(function (err) { Form.remove().exec(function (err) {

75
app/tests/user.server.routes.test.js
View file

@ -9,30 +9,32 @@ var should = require('should'),
User = mongoose.model('User'), User = mongoose.model('User'),
config = require('../../config/config'), config = require('../../config/config'),
tmpUser = mongoose.model(config.tempUserCollection), tmpUser = mongoose.model(config.tempUserCollection),
agent = request.agent(app),
url = require('url'); url = require('url');
//
var mailosaur = require('mailosaur')(config.mailosaur.key), // var mailosaur = require('mailosaur')(config.mailosaur.key),
mailbox = new mailosaur.Mailbox(config.mailosaur.mailbox_id); // mailbox = new mailosaur.Mailbox(config.mailosaur.mailbox_id);
//
var mandrill = require('node-mandrill')(config.mailer.options.auth.pass); // var mandrill = require('node-mandrill')(config.mailer.options.auth.pass);
/** /**
* Globals * Globals
*/ */
var credentials, _User, _Session; var credentials, _User;
var _tmpUser, activateToken;
var username, userSession;
username = 'testActiveAccount1.be1e58fb@mailosaur.in';
//Initialize Session
userSession = Session(app);
/** /**
* Form routes tests * Form routes tests
*/ */
describe('User CRUD tests', function() { describe('User CRUD tests', function() {
this.timeout(15000); //this.timeout(15000);
var userSession;
beforeEach(function() { beforeEach(function() {
//Initialize Session
userSession = new Session();
// Create user credentials // Create user credentials
credentials = { credentials = {
username: 'be1e58fb@mailosaur.in', username: 'be1e58fb@mailosaur.in',
@ -48,34 +50,21 @@ describe('User CRUD tests', function() {
password: credentials.password, password: credentials.password,
provider: 'local' provider: 'local'
}; };
}); });
describe(' > Create, Verify and Activate a User > ', function() { //describe(' > Create, Verify and Activate a User > ', function() {
var username = 'testActiveAccount1.be1e58fb@mailosaur.in'; //this.timeout(15000);
var link, _tmpUser, activateToken;
this.timeout(15000);
it('should be able to create a temporary (non-activated) User', function(done) { it('should be able to create a temporary (non-activated) User', function(done) {
_User.email = _User.username = username; //_User.email = _User.username = username;
userSession.post('/auth/signup') userSession.post('/auth/signup')
.send(_User) .send(_User)
.expect(200, 'An email has been sent to you. Please check it to verify your account.') .expect(200)
.end(function(FormSaveErr, FormSaveRes) { .end(function(FormSaveErr, FormSaveRes) {
// Handle error // Handle error
if (FormSaveErr) return done(FormSaveErr); should.not.exist(FormSaveErr);
done();
tmpUser.findOne({username: _User.username}, function (err, user) {
should.not.exist(err);
should.exist(user);
_tmpUser = user;
_User.username.should.equal(user.username);
_User.firstName.should.equal(user.firstName);
_User.lastName.should.equal(user.lastName);
activateToken = user.GENERATED_VERIFYING_URL;
done();
});
// // mandrill('/messages/search', { // // mandrill('/messages/search', {
// // query: "subject:Confirm", // // query: "subject:Confirm",
@ -125,8 +114,24 @@ describe('User CRUD tests', function() {
}); });
}); });
it('should produce valid activation token', function(done) {
console.log('activation token');
tmpUser.findOne({username: _User.username}, function (err, user) {
should.not.exist(err);
should.exist(user);
_tmpUser = user;
_User.username.should.equal(user.username);
_User.firstName.should.equal(user.firstName);
_User.lastName.should.equal(user.lastName);
activateToken = user.GENERATED_VERIFYING_URL;
done();
});
});
it('should be able to verify a User Account', function(done) { it('should be able to verify a User Account', function(done) {
console.log('activateToken: '+activateToken); //console.log('activateToken: '+activateToken);
userSession.get('/auth/verify/'+activateToken) userSession.get('/auth/verify/'+activateToken)
.expect(200) .expect(200)
.end(function(VerifyErr, VerifyRes) { .end(function(VerifyErr, VerifyRes) {
@ -162,7 +167,7 @@ describe('User CRUD tests', function() {
}); });
}); });
}); });
}); //});
it(' > should be able to reset a User\'s password'); it(' > should be able to reset a User\'s password');
@ -173,7 +178,7 @@ describe('User CRUD tests', function() {
tmpUser.remove().exec(function(){ tmpUser.remove().exec(function(){
// mailbox.deleteAllEmail(function (err, body) { // mailbox.deleteAllEmail(function (err, body) {
// if(err) throw err; // if(err) throw err;
userSession.destroy(); //userSession.destroy();
done(); done();
// }); // });
}); });

34
config/express.js
View file

@ -92,6 +92,23 @@ module.exports = function(db) {
app.use(bodyParser.json()); app.use(bodyParser.json());
app.use(methodOverride()); app.use(methodOverride());
// use passport session
app.use(passport.initialize());
app.use(passport.session());
// setup express-device
app.use(device.capture({ parseUserAgent: true }));
// connect flash for flash messages
app.use(flash());
// Use helmet to secure Express headers
app.use(helmet.xframe());
app.use(helmet.xssFilter());
app.use(helmet.nosniff());
app.use(helmet.ienoopen());
app.disable('x-powered-by');
// Globbing model files // Globbing model files
config.getGlobbedFiles('./app/models/**/*.js').forEach(function(modelPath) { config.getGlobbedFiles('./app/models/**/*.js').forEach(function(modelPath) {
require(path.resolve(modelPath)); require(path.resolve(modelPath));
@ -102,13 +119,6 @@ module.exports = function(db) {
require(path.resolve(routePath))(app); require(path.resolve(routePath))(app);
}); });
// Use helmet to secure Express headers
app.use(helmet.xframe());
app.use(helmet.xssFilter());
app.use(helmet.nosniff());
app.use(helmet.ienoopen());
app.disable('x-powered-by');
// Setting the app router and static folder // Setting the app router and static folder
app.use('/', express.static(path.resolve('./public'))); app.use('/', express.static(path.resolve('./public')));
app.use('/uploads', express.static(path.resolve('./uploads'))); app.use('/uploads', express.static(path.resolve('./uploads')));
@ -129,16 +139,6 @@ module.exports = function(db) {
name: config.sessionName name: config.sessionName
})); }));
// use passport session
app.use(passport.initialize());
app.use(passport.session());
// setup express-device
app.use(device.capture({ parseUserAgent: true }));
// connect flash for flash messages
app.use(flash());
// Add headers for Sentry // Add headers for Sentry
/* /*
app.use(function (req, res, next) { app.use(function (req, res, next) {

4
package.json
View file

@ -111,7 +111,7 @@
"node-mandrill": "^1.0.1", "node-mandrill": "^1.0.1",
"phantomjs": "^1.9.18", "phantomjs": "^1.9.18",
"should": "~7.1.1", "should": "~7.1.1",
"supertest": "~1.1.0", "supertest": "~1.2.0",
"supertest-session": "~2.0.0" "supertest-session": "~2.0.1"
} }
} }

4
public/dist/application.js vendored
View file

@ -412,7 +412,7 @@ angular.module('NodeForm.templates', []).run(['$templateCache', function($templa
$templateCache.put("../public/modules/users/views/authentication/signup-success.client.view.html", $templateCache.put("../public/modules/users/views/authentication/signup-success.client.view.html",
"<section class=\"row auth signup-view success\" data-ng-controller=AuthenticationController><h3 class=\"col-xs-offset-2 col-xs-8 col-md-offset-3 col-md-6 text-center\">Signup Successful</h3><div class=\"col-xs-offset-2 col-xs-8 col-md-offset-3 col-md-6\"><h2>You've successfully registered an account at TellForm.<br><br>But your account is <b>not activated yet</b></h2><br><br><p>Before you continue, make sure to check your email for our verification. If you don't receive it within 24h drop us a line at <a href=mail:hi@tellform.com>hi@TellForm.com</a></p><div class=\"text-center form-group\"><button type=submit class=\"btn btn-large btn-primary\"><a href=\"/#!/\" style=\"color: white; text-decoration: none\">Continue</a></button></div></div></section>"); "<section class=\"row auth signup-view success\" data-ng-controller=AuthenticationController><h3 class=\"col-xs-offset-2 col-xs-8 col-md-offset-3 col-md-6 text-center\">Signup Successful</h3><div class=\"col-xs-offset-2 col-xs-8 col-md-offset-3 col-md-6\"><h2>You've successfully registered an account at TellForm.<br><br>But your account is <b>not activated yet</b></h2><br><br><p>Before you continue, make sure to check your email for our verification. If you don't receive it within 24h drop us a line at <a href=mail:hi@tellform.com>hi@TellForm.com</a></p><div class=\"text-center form-group\"><button type=submit class=\"btn btn-large btn-primary\"><a href=\"/#!/\" style=\"color: white; text-decoration: none\">Continue</a></button></div></div></section>");
$templateCache.put("../public/modules/users/views/authentication/signup.client.view.html", $templateCache.put("../public/modules/users/views/authentication/signup.client.view.html",
"<section class=\"row auth signup-view\" data-ng-controller=AuthenticationController><h3 class=\"col-md-12 text-center\">Signup with your email</h3><div class=\"col-xs-offset-2 col-xs-8 col-md-offset-3 col-md-6\"><form name=userForm data-ng-submit=signup() class=\"signin form-horizontal\" novalidate autocomplete=off><fieldset><div data-ng-show=error id=signup_errors class=\"text-center text-danger\">Couldn't submit form due to errors:<br><strong data-ng-bind=error></strong></div><div class=form-group><label for=firstName>First Name</label><input ng-pattern=\"/^[a-zA-Z0-9 \\-.]*$/\" required id=firstName name=firstName class=form-control data-ng-model=credentials.firstName placeholder=\"First Name\"></div><div class=form-group><label for=lastName>Last Name</label><input ng-pattern=\"/^[a-zA-Z0-9 \\-.]*$/\" required id=lastName name=lastName class=form-control data-ng-model=credentials.lastName placeholder=\"Last Name\"></div><hr><div class=form-group><label for=email>Email</label><input type=email id=email name=email class=form-control data-ng-model=credentials.email placeholder=Email></div><div class=form-group><label for=password>Password</label><input type=password id=password name=password class=form-control data-ng-model=credentials.password placeholder=Password></div><div class=\"text-center form-group\"><button type=submit class=\"btn btn-large btn-primary\">Sign up</button></div></fieldset></form></div></section>"); "<section class=\"row auth signup-view\" data-ng-controller=AuthenticationController><h3 class=\"col-md-12 text-center\">Signup with your email</h3><div class=\"col-xs-offset-2 col-xs-8 col-md-offset-3 col-md-6\"><form name=userForm data-ng-submit=signup() class=\"signin form-horizontal\" novalidate autocomplete=off><fieldset><div data-ng-show=error id=signup_errors class=\"text-center text-danger\">Couldn't submit form due to errors:<br><strong data-ng-bind=error></strong></div><div class=form-group><label for=firstName>First Name</label><input ng-pattern=\"/^[a-zA-Z0-9 \\-.]*$/\" required id=firstName name=firstName class=form-control ng-model=credentials.firstName placeholder=\"First Name\"></div><div class=form-group><label for=lastName>Last Name</label><input ng-pattern=\"/^[a-zA-Z0-9 \\-.]*$/\" required id=lastName name=lastName class=form-control ng-model=credentials.lastName placeholder=\"Last Name\"></div><hr><div class=form-group><label for=email>Email</label><input type=email id=email name=email class=form-control ng-model=credentials.email placeholder=Email></div><div class=form-group><label for=password>Password</label><input type=password id=password name=password class=form-control ng-model=credentials.password placeholder=Password></div><div class=\"text-center form-group\"><button type=submit class=\"btn btn-large btn-primary\">Sign up</button></div></fieldset></form></div></section>");
$templateCache.put("../public/modules/users/views/password/forgot-password.client.view.html", $templateCache.put("../public/modules/users/views/password/forgot-password.client.view.html",
"<section class=\"auth row\" data-ng-controller=PasswordController><h3 class=\"col-md-12 text-center\">Restore your password</h3><p class=\"small text-center\">Enter your account email.</p><div class=\"col-xs-offset-2 col-xs-8 col-md-offset-3 col-md-6\"><form data-ng-submit=askForPasswordReset() class=\"signin form-horizontal\" autocomplete=off><fieldset><div class=form-group><input id=username name=username class=form-control data-ng-model=credentials.username placeholder=Username></div><div class=\"text-center form-group\"><button type=submit class=\"btn btn-primary\">Submit</button></div><div data-ng-show=error class=\"text-center text-danger\"><strong>{{error}}</strong></div><div data-ng-show=success class=\"text-center text-success\"><strong>{{success}}</strong></div></fieldset></form></div></section>"); "<section class=\"auth row\" data-ng-controller=PasswordController><h3 class=\"col-md-12 text-center\">Restore your password</h3><p class=\"small text-center\">Enter your account email.</p><div class=\"col-xs-offset-2 col-xs-8 col-md-offset-3 col-md-6\"><form data-ng-submit=askForPasswordReset() class=\"signin form-horizontal\" autocomplete=off><fieldset><div class=form-group><input id=username name=username class=form-control data-ng-model=credentials.username placeholder=Username></div><div class=\"text-center form-group\"><button type=submit class=\"btn btn-primary\">Submit</button></div><div data-ng-show=error class=\"text-center text-danger\"><strong>{{error}}</strong></div><div data-ng-show=success class=\"text-center text-success\"><strong>{{success}}</strong></div></fieldset></form></div></section>");
$templateCache.put("../public/modules/users/views/password/reset-password-invalid.client.view.html", $templateCache.put("../public/modules/users/views/password/reset-password-invalid.client.view.html",
@ -2168,7 +2168,6 @@ angular.module('users').controller('AuthenticationController', ['$scope', '$loca
$scope.error = ''; $scope.error = '';
$scope.signin = function() { $scope.signin = function() {
console.log($scope.credentials);
$scope.credentials.email = $scope.credentials.username; $scope.credentials.email = $scope.credentials.username;
User.login($scope.credentials).then( User.login($scope.credentials).then(
function(response) { function(response) {
@ -2192,6 +2191,7 @@ angular.module('users').controller('AuthenticationController', ['$scope', '$loca
}; };
$scope.signup = function() { $scope.signup = function() {
console.log($scope.credentials);
User.signup($scope.credentials).then( User.signup($scope.credentials).then(
function(response) { function(response) {
console.log('signup-success'); console.log('signup-success');

4
public/dist/application.min.js vendored
View file

File diff suppressed because one or more lines are too long