diff --git a/api.txt b/api.txt index 245e0228..0d213f32 100644 --- a/api.txt +++ b/api.txt @@ -1,2 +1,633 @@ -@userdashboard/dashboard 1.0.377 +@userdashboard/dashboard 1.0.378 http://localhost:8000 + +|-----------------------------------------| +| /account/delete-profile | +| EXCEPTIONS------------------------------| +| before | +| * invalid-profileid | +| * invalid-profile | +| * invalid-account | +| view | +| * should present the form | +| submit | +| * should delete profile (screenshots) | +|-----------------------------------------| + +|--------------------------------------------| +| /account/delete-reset-code | +| EXCEPTIONS---------------------------------| +| before | +| * invalid-reset-codeid | +| * invalid-account | +| view | +| * should present the form | +| submit | +| * should delete reset code (screenshots) | +|--------------------------------------------| + +|---------------------------------------------| +| /administrator/delete-account | +| EXCEPTIONS----------------------------------| +| undefined | +| * should reject invalid accountid | +| before | +| * should bind data to req | +| view | +| * should present the form | +| submit | +| * should immediately delete (screenshots) | +|---------------------------------------------| + +|------------------------------------------------------------------| +| /api/administrator/account | +| RETURNS--| REDACTS-------| EXCEPTIONS----------------------------| +| object | usernameHash | invalid-accountid | +| | passwordHash | * unspecified querystring accountid | +| | sessionKey | * invalid querystring accountid | +|----------|---------------|---------------------------------------| + +|--------------------------------------------------------------------------------------------| +| /api/administrator/accounts | +| RECEIVES-------------------------------| RETURNS--| REDACTS-------| CONFIGURATION----------| +| optional querystring offset (integer) | array | usernameHash | environment PAGE_SIZE | +| optional querystring limit (integer) | | passwordHash | | +| optional querystring all (boolean) | | sessionKey | | +|----------------------------------------|----------|---------------|------------------------| + +|------------------------------------| +| /api/administrator/accounts-count | +| RETURNS----------------------------| +| integer | +|------------------------------------| + +|--------------------------------------------------------------------------------------------| +| /api/administrator/administrator-accounts | +| RECEIVES-------------------------------| RETURNS--| REDACTS-------| CONFIGURATION----------| +| optional querystring offset (integer) | array | usernameHash | environment PAGE_SIZE | +| optional querystring limit (integer) | | passwordHash | | +| optional querystring all (boolean) | | sessionKey | | +|----------------------------------------|----------|---------------|------------------------| + +|--------------------------------------------------| +| /api/administrator/administrator-accounts-count | +| RETURNS------------------------------------------| +| integer | +|--------------------------------------------------| + +|--------------------------------------------------------------------------------------------------------------------------| +| /api/administrator/create-reset-code | +| RECEIVES---------------------| RETURNS--| EXCEPTIONS----------------------------| CONFIGURATION--------------------------| +| required posted secret-code | object | invalid-accountid | environment MINIMUM_RESET_CODE_LENGTH | +| | | * unspecified querystring accountid | environment MAXIMUM_RESET_CODE_LENGTH | +| | | * invalid querystring accountid | | +| | | invalid-secret-code | | +| | | * missing posted secret-code | | +| | | invalid-secret-code-length | | +| | | * invalid posted secret-code length | | +|------------------------------|----------|---------------------------------------|----------------------------------------| + +|--------------------------------------------------------------------------------| +| /api/administrator/delete-account | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS------------------------| +| required querystring accountid | boolean | invalid-accountid | +| | | * missing querystring accountid | +| | | * invalid querystring accountid | +| | | receieves | +| | | * querystring accountid | +|---------------------------------|----------|-----------------------------------| + +|--------------------------------------------------------------------------------------------| +| /api/administrator/deleted-accounts | +| RECEIVES-------------------------------| RETURNS--| REDACTS-------| CONFIGURATION----------| +| optional querystring offset (integer) | array | usernameHash | environment PAGE_SIZE | +| optional querystring limit (integer) | | passwordHash | | +| optional querystring all (boolean) | | sessionKey | | +|----------------------------------------|----------|---------------|------------------------| + +|--------------------------------------------| +| /api/administrator/deleted-accounts-count | +| RETURNS------------------------------------| +| querystring accountid | +|--------------------------------------------| + +|--------------------------------------------------------------------------------| +| /api/administrator/profile | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS------------------------| +| required querystring profileid | object | invalid-profileid | +| | | * missing querystring profileid | +| | | * invalid querystring profileid | +|---------------------------------|----------|-----------------------------------| + +|------------------------------------------------------------------------------| +| /api/administrator/profiles | +| RECEIVES---------------------------------| RETURNS--| CONFIGURATION----------| +| optional querystring offset (integer) | array | environment PAGE_SIZE | +| optional querystring limit (integer) | | | +| optional querystring all (boolean) | | | +| optional querystring accountid (string) | | | +|------------------------------------------|----------|------------------------| + +|------------------------------------| +| /api/administrator/profiles-count | +| RETURNS----------------------------| +| integer | +|------------------------------------| + +|---------------------------------------------------------------------------------------------| +| /api/administrator/reset-account-administrator | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS-------------------------------------| +| required querystring accountid | object | invalid-accountid | +| | | * missing querystring accountid | +| | | * invalid querystring accountid | +| | | invalid-account | +| | | * accessing account is not owner | +| | | * querystring accountid is not administrator | +|---------------------------------|----------|------------------------------------------------| + +|--------------------------------------------------------------------------------------------| +| /api/administrator/reset-code | +| RECEIVES---------------------| RETURNS--| REDACTS---------| EXCEPTIONS---------------------| +| required querystring codeid | object | secretCodeHash | invalid-reset-codeid | +| | | | * missing querystring codeid | +| | | | * invalid querystring codeid | +|------------------------------|----------|-----------------|--------------------------------| + +|------------------------------------------------------------------------------------------------| +| /api/administrator/reset-codes | +| RECEIVES---------------------------------| RETURNS--| REDACTS---------| CONFIGURATION----------| +| optional querystring offset (integer) | array | secretCodeHash | environment PAGE_SIZE | +| optional querystring limit (integer) | | | | +| optional querystring all (boolean) | | | | +| optional querystring accountid (string) | | | | +|------------------------------------------|----------|-----------------|------------------------| + +|---------------------------------------| +| /api/administrator/reset-codes-count | +| RETURNS-------------------------------| +| integer | +|---------------------------------------| + +|--------------------------------------------------------------------------------------------| +| /api/administrator/reset-session-key | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS------------------------------------| +| required querystring accountid | object | invalid-accountid | +| | | * missing querystring accountid | +| | | * invalid querystring accountid | +| | | invalid-account | +| | | * ineligible querystring account is deleted | +| | | requires | +| | | * querystring accountid is not deleted | +|---------------------------------|----------|-----------------------------------------------| + +|---------------------------------------------------------------| +| /api/administrator/session | +| RETURNS--| REDACTS----| EXCEPTIONS----------------------------| +| object | tokenHash | invalid-sessionid | +| | | * unspecified querystring accountid | +| | | * invalid querystring sessionid | +|----------|------------|---------------------------------------| + +|-------------------------------------------------------------------------------------------| +| /api/administrator/sessions | +| RECEIVES---------------------------------| RETURNS--| REDACTS----| CONFIGURATION----------| +| optional querystring offset (integer) | array | tokenHash | environment PAGE_SIZE | +| optional querystring limit (integer) | | | | +| optional querystring all (boolean) | | | | +| optional querystring accountid (string) | | | | +|------------------------------------------|----------|------------|------------------------| + +|------------------------------------| +| /api/administrator/sessions-count | +| RETURNS----------------------------| +| integer | +|------------------------------------| + +|------------------------------------------------------------------------| +| /api/administrator/set-account-administrator | +| RETURNS--| EXCEPTIONS--------------------------------------------------| +| object | invalid-accountid | +| | * unspecified querystring accountid | +| | * invalid querystring accountid | +| | invalid-account | +| | * ineligible querystring account is already administrator | +| | requires | +| | * querystring accountid is not administrator | +|----------|-------------------------------------------------------------| + +|----------------------------------------------------------------------------------------------| +| /api/administrator/set-account-deleted | +| RETURNS--| EXCEPTIONS--------------------------------------------| CONFIGURATION-------------| +| object | invalid-accountid | environment DELETE_DELAY | +| | * unspecified querystring accountid | | +| | * invalid querystring accountid | | +| | invalid-account | | +| | * ineligible querystring account is already deleted | | +| | * querystring accountid is deleted | | +|----------|-------------------------------------------------------|---------------------------| + +|--------------------------------------------------------------------------------------------------| +| /api/administrator/set-owner-account | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS------------------------------------------| +| required querystring accountid | object | invalid-accountid | +| | | * missing querystring accountid | +| | | * invalid querystring accountid | +| | | invalid-account | +| | | * ineligible accessing account | +| | | * ineligible querystring account is already owner | +| | | requires | +| | | * accessing account is owner | +| | | * querystring account is not owner | +| | | * querystring account is not deleted | +|---------------------------------|----------|-----------------------------------------------------| + +|------------------------------------------------------------------------------------------------| +| /api/user/account | +| RECEIVES------------------------| RETURNS--| REDACTS-------| EXCEPTIONS------------------------| +| required querystring accountid | object | usernameHash | invalid-accountid | +| | | passwordHash | * missing querystring accountid | +| | | sessionKey | * invalid querystring accountid | +| | | | invalid-account | +| | | | * ineligible accessing account | +|---------------------------------|----------|---------------|-----------------------------------| + +|---------------------------------------------------------------------------------------------------------------------------------------------| +| /api/user/create-account | +| RECEIVES----------------------------------| RETURNS--| EXCEPTIONS------------------------| CONFIGURATION------------------------------------| +| required posted dob | object | invalid-username | environment MINIMUM_USERNAME_LENGTH | +| required posted phone | | * missing posted username | environment MAXIMUM_USERNAME_LENGTH | +| required posted occupation | | invalid-username-length | environment MINIMUM_PASSWORD_LENGTH | +| required posted location | | * posted username too short | environment MAXIMUM_PASSWORD_LENGTH | +| required posted display-email | | * posted username too long | environment REQUIRE_PROFILE | +| required posted contact-email | | invalid-password | environment USER_PROFILE_FIELDS | +| required posted company-name | | * missing posted password | environment MINIMUM_PROFILE_FIRST_NAME_LENGTH | +| required posted display-name | | invalid-password-length | environment MAXIMUM_PROFILE_FIRST_NAME_LENGTH | +| required posted last-name | | * posted password too short | environment MINIMUM_PROFILE_LAST_NAME_LENGTH | +| required posted first-name | | * posted password too long | environment MAXIMUM_PROFILE_LAST_NAME_LENGTH | +| required posted password | | invalid-first-name | environment MINIMUM_PROFILE_DISPLAY_NAME_LENGTH | +| required posted username | | * missing posted first-name | environment MAXIMUM_PROFILE_DISPLAY_NAME_LENGTH | +| optionally-required posted first-name | | invalid-first-name-length | environment MINIMUM_PROFILE_COMPANY_NAME_LENGTH | +| optionally-required posted last-name | | * posted first-name too short | environment MAXIMUM_PROFILE_COMPANY_NAME_LENGTH | +| optionally-required posted display-name | | * posted first-name too long | override req.userProfileFields | +| optionally-required posted company-name | | invalid-last-name | | +| optionally-required posted contact-email | | * missing posted last-name | | +| optionally-required posted display-email | | invalid-last-name-length | | +| optionally-required posted location | | * posted last-name too short | | +| optionally-required posted occupation | | * posted last-name too long | | +| optionally-required posted phone | | invalid-display-name | | +| optionally-required posted dob | | * missing posted display-name | | +| | | invalid-display-name-length | | +| | | * posted display-name too short | | +| | | * posted display-name too long | | +| | | invalid-company-name | | +| | | * missing posted company-name | | +| | | invalid-contact-email | | +| | | * missing posted contact-email | | +| | | invalid-display-email | | +| | | * missing posted display-email | | +| | | invalid-location | | +| | | * missing posted location | | +| | | invalid-occupation | | +| | | * missing posted occupation | | +| | | invalid-phone | | +| | | * missing posted phone | | +| | | invalid-dob | | +| | | * missing posted dob | | +|-------------------------------------------|----------|-----------------------------------|--------------------------------------------------| + +|---------------------------------------------------------------------------------------------------------------------------------------------| +| /api/user/create-profile | +| RECEIVES----------------------------------| RETURNS--| EXCEPTIONS------------------------| CONFIGURATION------------------------------------| +| required posted dob | object | invalid-accountid | environment USER_PROFILE_FIELDS | +| required posted phone | | * missing querystring accountid | environment MINIMUM_PROFILE_FIRST_NAME_LENGTH | +| required posted occupation | | * invalid querystring accountid | environment MAXIMUM_PROFILE_FIRST_NAME_LENGTH | +| required posted location | | * ineligible accessing account | environment MINIMUM_PROFILE_LAST_NAME_LENGTH | +| required posted display-email | | invalid-first-name | environment MAXIMUM_PROFILE_LAST_NAME_LENGTH | +| required posted contact-email | | * missing posted first-name | environment MINIMUM_PROFILE_DISPLAY_NAME_LENGTH | +| required posted display-name | | invalid-first-name-length | environment MAXIMUM_PROFILE_DISPLAY_NAME_LENGTH | +| required posted last-name | | * posted first-name too short | environment MINIMUM_PROFILE_COMPANY_NAME_LENGTH | +| required posted first-name | | * posted first-name too long | environment MAXIMUM_PROFILE_COMPANY_NAME_LENGTH | +| required querystring accountid | | invalid-last-name | override req.userProfileFields | +| optionally-required posted first-name | | * missing posted last-name | | +| optionally-required posted last-name | | invalid-last-name-length | | +| optionally-required posted display-name | | * posted last-name too short | | +| optionally-required posted company-name | | * posted last-name too long | | +| optionally-required posted contact-email | | invalid-display-name | | +| optionally-required posted display-email | | * missing posted display-name | | +| optionally-required posted location | | invalid-display-name-length | | +| optionally-required posted occupation | | * posted display-name too short | | +| optionally-required posted phone | | * posted display-name too long | | +| optionally-required posted dob | | invalid-company-name-length | | +| | | * posted company-name too short | | +| | | * posted company-name too long | | +| | | * invalid-company-name-length | | +| | | invalid-contact-email | | +| | | * missing posted contact-email | | +| | | invalid-display-email | | +| | | * missing posted display-email | | +| | | invalid-location | | +| | | * missing posted location | | +| | | invalid-occupation | | +| | | * missing posted occupation | | +| | | invalid-phone | | +| | | * missing posted phone | | +| | | invalid-dob | | +| | | * missing posted dob | | +|-------------------------------------------|----------|-----------------------------------|--------------------------------------------------| + +|--------------------------------------------------------------------------------| +| /api/user/create-reset-code | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS------------------------| +| required posted secret-code | object | invalid-accountid | +| required querystring accountid | | * missing querystring accountid | +| | | * invalid querystring accountid | +| | | * ineligible accessing account | +| | | invalid-secret-code | +| | | * missing posted secret-code | +| | | invalid-secret-code-length | +| | | * posted secret code too short | +| | | * posted secret code too long | +|---------------------------------|----------|-----------------------------------| + +|---------------------------------------------------------------------------------| +| /api/user/create-session | +| RECEIVES-------------------------------| RETURNS--| EXCEPTIONS------------------| +| required posted password | object | invalid-username | +| required posted username | | * missing posted username | +| optional posted remember (hours|days) | | invalid-password | +| | | * missing posted password | +|----------------------------------------|----------|-----------------------------| + +|---------------------------------------------------------------------------------------------------| +| /api/user/delete-profile | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS-------------------------------------------| +| required querystring profileid | boolean | invalid-profileid | +| | | * missing querystring profileid | +| | | * invalid querystring profileid | +| | | invalid-profile | +| | | * querystring profileid is default contact profile | +| | | invalid-account | +| | | * ineligible querystring profileid | +|---------------------------------|----------|------------------------------------------------------| + +|-----------------------------------------------------------------------------| +| /api/user/delete-reset-code | +| RECEIVES---------------------| RETURNS--| EXCEPTIONS------------------------| +| required querystring codeid | boolean | invalid-reset-codeid | +| | | * missing querystring codeid | +| | | * invalid querystring codeid | +| | | invalid-account | +| | | * ineligible querystring codeid | +|------------------------------|----------|-----------------------------------| + +|-----------------------------------------------------------------------------------| +| /api/user/profile | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS---------------------------| +| required querystring profileid | object | invalid-profileid | +| | | * missing querystring profileid | +| | | * invalid querystring profileid | +| | | invalid-account | +| | | * ineligible querystring profileid | +|---------------------------------|----------|--------------------------------------| + +|----------------------------------------------------------------------------------------------------------------| +| /api/user/profiles | +| RECEIVES-------------------------------| RETURNS--| EXCEPTIONS------------------------| CONFIGURATION----------| +| required querystring accountid | array | invalid-accountid | environment PAGE_SIZE | +| optional querystring offset (integer) | | * missing querystring accountid | | +| optional querystring limit (integer) | | * invalid querystring accountid | | +| optional querystring all (boolean) | | invalid-account | | +| | | * ineligible accessing account | | +|----------------------------------------|----------|-----------------------------------|------------------------| + +|--------------------------------------------------------------------------------| +| /api/user/profiles-count | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS------------------------| +| required querystring accountid | integer | invalid-accountid | +| | | * missing querystring accountid | +| | | * invalid querystring accountid | +| | | invalid-account | +| | | * ineligible accessing account | +|---------------------------------|----------|-----------------------------------| + +|-----------------------------------------------------------------------------------------------| +| /api/user/reset-account-deleted | +| RECEIVES------------------| RETURNS--| EXCEPTIONS---------------------------------------------| +| required posted password | object | invalid-username | +| required posted username | | * missing posted username | +| | | * invalid posted username | +| | | invalid-password | +| | | * missing posted password | +| | | * invalid posted password | +| | | invalid-account | +| | | * credentialed account is not scheduled for deletion | +|---------------------------|----------|--------------------------------------------------------| + +|----------------------------------------------------------------------------| +| /api/user/reset-account-password | +| RECEIVES----------------------| RETURNS--| EXCEPTIONS----------------------| +| required posted secret-code | boolean | invalid-username | +| required posted new-password | | * missing posted username | +| required posted username | | * invalid posted username | +| | | invalid-password | +| | | * missing posted new-password | +| | | invalid-secret-code | +| | | * missing posted secret-code | +| | | invalid-reset-code | +| | | * invalid posted secret-code | +|-------------------------------|----------|---------------------------------| + +|-----------------------------------------------------------------------------------------------| +| /api/user/reset-code | +| RECEIVES---------------------| RETURNS--| REDACTS---------| EXCEPTIONS------------------------| +| required querystring codeid | object | secretCodeHash | invalid-reset-codeid | +| | | | * missing querystring codeid | +| | | | * invalid querystring codeid | +| | | | invalid-account | +| | | | * ineligible querystring codeid | +|------------------------------|----------|-----------------|-----------------------------------| + +|----------------------------------------------------------------------------------------------------------------------------------| +| /api/user/reset-codes | +| RECEIVES-------------------------------| RETURNS--| REDACTS---------| EXCEPTIONS------------------------| CONFIGURATION----------| +| required querystring accountid | array | secretCodeHash | invalid-accountid | environment PAGE_SIZE | +| optional querystring offset (integer) | | | * missing querystring accountid | | +| optional querystring limit (integer) | | | * invalid querystring accountid | | +| optional querystring all (boolean) | | | invalid-account | | +| | | | * ineligible accessing account | | +|----------------------------------------|----------|-----------------|-----------------------------------|------------------------| + +|--------------------------------------------------------------------------------| +| /api/user/reset-codes-count | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS------------------------| +| required querystring accountid | integer | invalid-accountid | +| | | * missing querystring accountid | +| | | * invalid querystring accountid | +| | | invalid-account | +| | | * ineligible accessing account | +|---------------------------------|----------|-----------------------------------| + +|--------------------------------------------------------------------------------| +| /api/user/reset-session-key | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS------------------------| +| required querystring accountid | boolean | invalid-accountid | +| | | * missing querystring accountid | +| | | * invalid querystring accountid | +| | | invalid-account | +| | | * ineligible accessing account | +|---------------------------------|----------|-----------------------------------| + +|------------------------------------------------------------------------------------------------| +| /api/user/session | +| RECEIVES------------------------| RETURNS--| REDACTS----| EXCEPTIONS---------------------------| +| required querystring sessionid | object | tokenHash | invalid-sessionid | +| | | | * missing querystring sessionid | +| | | | * invalid querystring sessionid | +| | | | invalid-account | +| | | | * ineligible querystring sessionid | +|---------------------------------|----------|------------|--------------------------------------| + +|----------------------------------------------------------------------------------------------------------------| +| /api/user/sessions | +| RECEIVES-------------------------------| RETURNS--| EXCEPTIONS------------------------| CONFIGURATION----------| +| required querystring accountid | array | invalid-accountid | environment PAGE_SIZE | +| optional querystring offset (integer) | | * missing querystring accountid | | +| optional querystring limit (integer) | | * invalid querystring accountid | | +| optional querystring all (boolean) | | invalid-account | | +| | | * ineligible accessing account | | +|----------------------------------------|----------|-----------------------------------|------------------------| + +|--------------------------------------------------------------------------------| +| /api/user/sessions-count | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS------------------------| +| required querystring accountid | integer | invalid-accountid | +| | | * missing querystring accountid | +| | | * invalid querystring accountid | +| | | invalid-account | +| | | * ineligible accessing account | +|---------------------------------|----------|-----------------------------------| + +|------------------------------------------------------------------------------------------------------------| +| /api/user/set-account-deleted | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS------------------------| CONFIGURATION-------------| +| required posted password | object | invalid-accountid | environment DELETE_DELAY | +| required querystring accountid | | * missing querystring accountid | | +| | | * invalid querystring accountid | | +| | | invalid-account | | +| | | * ineligible accessing account | | +| | | invalid-password | | +| | | * missing posted password | | +| | | * invalid posted password | | +|---------------------------------|----------|-----------------------------------|---------------------------| + +|--------------------------------------------------------------------------------| +| /api/user/set-account-password | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS------------------------| +| required posted new-password | object | invalid-accountid | +| required posted password | | * missing querystring accountid | +| required querystring accountid | | * invalid querystring accountid | +| | | invalid-account | +| | | * ineligible accessing account | +| | | invalid-password | +| | | * missing posted password | +| | | * invalid posted password | +| | | invalid-new-password | +| | | * missing posted new-password | +| | | invalid-new-password-length | +| | | * posted new-password too short | +| | | * posted new-password too long | +|---------------------------------|----------|-----------------------------------| + +|--------------------------------------------------------------------------------| +| /api/user/set-account-profile | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS------------------------| +| required posted profileid | object | invalid-accountid | +| required querystring accountid | | * missing querystring accountid | +| | | * invalid querystring accountid | +| | | invalid-account | +| | | * ineligible accessing account | +| | | invalid-profileid | +| | | * missing posted profileid | +| | | * invalid posted profileid | +|---------------------------------|----------|-----------------------------------| + +|--------------------------------------------------------------------------------| +| /api/user/set-account-username | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS------------------------| +| required posted new-username | object | invalid-accountid | +| required posted password | | * missing querystring accountid | +| required querystring accountid | | * invalid querystring accountid | +| | | invalid-account | +| | | * ineligible accessing account | +| | | invalid-password | +| | | * missing posted password | +| | | * invalid posted password | +| | | invalid-new-username | +| | | * missing posted new-username | +| | | invalid-new-username-length | +| | | * posted new-username too short | +| | | * posted new-username too long | +|---------------------------------|----------|-----------------------------------| + +|----------------------------------------------------------------------------------------------| +| /api/user/set-session-ended | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS--------------------------------------| +| required querystring sessionid | object | invalid-sessionid | +| | | * missing querystring sessionid | +| | | * invalid querystring sessionid | +| | | invalid-session | +| | | * querystring sessionid is not active session | +| | | invalid-account | +| | | * ineligible querystring sessionid | +|---------------------------------|----------|-------------------------------------------------| + +|-----------------------------------------------------------------------------------| +| /api/user/set-session-verified | +| RECEIVES------------------------| RETURNS--| EXCEPTIONS---------------------------| +| required querystring sessionid | object | invalid-sessionid | +| | | * missing querystring sessionid | +| | | * invalid querystring sessionid | +| | | invalid-account | +| | | * ineligible querystring sessionid | +|---------------------------------|----------|--------------------------------------| + +|------------------------------------------------------------------------------------------------------------------------------------------------| +| /api/user/update-profile | +| RECEIVES----------------------------------| RETURNS--| EXCEPTIONS---------------------------| CONFIGURATION------------------------------------| +| required posted dob | object | invalid-profileid | environment USER_PROFILE_FIELDS | +| required posted phone | | * missing querystring profileid | environment MINIMUM_PROFILE_FIRST_NAME_LENGTH | +| required posted occupation | | * invalid querystring profileid | environment MAXIMUM_PROFILE_FIRST_NAME_LENGTH | +| required posted location | | * ineligible querystring profileid | environment MINIMUM_PROFILE_LAST_NAME_LENGTH | +| required posted display-email | | invalid-first-name | environment MAXIMUM_PROFILE_LAST_NAME_LENGTH | +| required posted contact-email | | * missing posted first-name | environment MINIMUM_PROFILE_DISPLAY_NAME_LENGTH | +| required posted company-name | | invalid-first-name-length | environment MAXIMUM_PROFILE_DISPLAY_NAME_LENGTH | +| required posted display-name | | * posted first-name too short | environment MINIMUM_PROFILE_COMPANY_NAME_LENGTH | +| required posted last-name | | * posted first-name too long | environment MAXIMUM_PROFILE_COMPANY_NAME_LENGTH | +| required posted first-name | | invalid-last-name | override req.userProfileFields | +| required querystring profileid | | * missing posted last-name | | +| optionally-required posted first-name | | invalid-last-name-length | | +| optionally-required posted last-name | | * posted last-name too short | | +| optionally-required posted display-name | | * posted last-name too long | | +| optionally-required posted company-name | | invalid-display-name | | +| optionally-required posted contact-email | | * missing posted display-name | | +| optionally-required posted display-email | | invalid-display-name-length | | +| optionally-required posted location | | * posted display-name too short | | +| optionally-required posted occupation | | * posted display-name too long | | +| optionally-required posted phone | | invalid-company-name | | +| optionally-required posted dob | | * missing posted company-name | | +| | | invalid-company-name-length | | +| | | * posted company-name too short | | +| | | * posted company-name too long | | +| | | invalid-contact-email | | +| | | * missing posted contact-email | | +| | | invalid-display-email | | +| | | * missing posted display-email | | +| | | invalid-location | | +| | | * missing posted location | | +| | | invalid-occupation | | +| | | * missing posted occupation | | +| | | invalid-phone | | +| | | * missing posted phone | | +| | | invalid-dob | | +| | | * missing posted dob | | +|-------------------------------------------|----------|--------------------------------------|--------------------------------------------------| diff --git a/env.txt b/env.txt index 5b0bdbd0..48329194 100644 --- a/env.txt +++ b/env.txt @@ -1,4 +1,27 @@ -|------|----|----|----| -| Environment variable | Description | Default value | Configured value | -|------|----|----|----| -|------|----|----|----| \ No newline at end of file +|--------------------------------|-------------------------------------------------|---------------------------|-------------------------| +| Environment variable | Description | Default value | Configured value | +|--------------------------------|-------------------------------------------------|---------------------------|-------------------------| +| ALLOW_PUBLIC_API | Allow HTTP access to /api | false | Boolean | +| APPLICATION_SERVER | URL of application server | | Address | +| APPLICATION_SERVER_TOKEN | Secret shared between servers | | String | +| BCRYPT_WORKLOAD_FACTOR | Strength to protect passwords | 10 | Integer | +| DASHBOARD_SERVER | URL of dashboard server | | Address | +| DELETE_DELAY | Cool-down time in days to delete accounts | 7 | Integer | +| DISABLE_REGISTRATION | Disable UI (not API) for registering | unset | Boolean | +| DOMAIN | Domain of server | unset | String | +| ENCRYPTION_SECRET | 32-character secret string | | String | +| ENCRYPTION_SECRET_IV | 16-character secret string | | String | +| HOST | IP or address web server listens on | localhost | IP address | +| ID_LENGTH | Length of random ID | 8 | Integer | +| MAXIMUM_PASSWORD_LENGTH | Longest password length | 50 | Integer | +| MAXIMUM_RESET_CODE_LENGTH | Longest reset code length | 50 | Integer | +| MAXIMUM_USERNAME_LENGTH | Longest username length | 50 | Integer | +| MINIMUM_PASSWORD_LENGTH | Shortest password length | 1 | Integer | +| MINIMUM_RESET_CODE_LENGTH | Shortest reset code length | 6 | Integer | +| MINIMUM_USERNAME_LENGTH | Shortest username length | 1 | Integer | +| PAGE_SIZE | Rows of data per page | 10 | Integer | +| PORT | Port web server listens on | 8000 | Integer | +| REQUIRE_PROFILE | Require registration information | unset | Integer | +| SESSION_VERIFICATION_DELAY | Seconds before verifying a prolongued session | 14400 | Integer | +| USER_PROFILE_FIELDS | Information to collect at registration | contact-email,full-name | Profile property list | +|--------------------------------|-------------------------------------------------|---------------------------|-------------------------| \ No newline at end of file diff --git a/sitemap.txt b/sitemap.txt index 62b6f449..084ec8c8 100755 --- a/sitemap.txt +++ b/sitemap.txt @@ -1,4 +1,4 @@ -@userdashboard/dashboard 1.0.377 +@userdashboard/dashboard 1.0.378 http://localhost:8000 Administrator menu: diff --git a/tests.txt b/tests.txt index 139597f9..70b38ef0 100755 --- a/tests.txt +++ b/tests.txt @@ -1,2 +1,1571 @@ + index + PAGE_SIZE + Rows of data per page + ✓ default 10 + ✓ Integer + DASHBOARD_SERVER + URL of dashboard server + ✓ Address + DOMAIN + Domain of server + ✓ default unset + ✓ String + HOST + IP or address web server listens on + ✓ default localhost + ✓ IP address + PORT + Port web server listens on + ✓ default 8000 + ✓ Integer + ID_LENGTH + Length of random ID + ✓ default 8 + ✓ Integer + ALLOW_PUBLIC_API + Allow HTTP access to /api + ✓ default false + ✓ Boolean + DELETE_DELAY + Cool-down time in days to delete accounts + ✓ default 7 + ✓ Integer + APPLICATION_SERVER + URL of application server + ✓ Address + APPLICATION_SERVER_TOKEN + Secret shared between servers + ✓ String + BCRYPT_WORKLOAD_FACTOR + Strength to protect passwords + ✓ default 10 + ✓ Integer + ENCRYPTION_SECRET + 32-character secret string + ✓ String + ENCRYPTION_SECRET_IV + 16-character secret string + ✓ String + DISABLE_REGISTRATION + Disable UI (not API) for registering + ✓ default unset + ✓ Boolean + MINIMUM_PASSWORD_LENGTH + Shortest password length + ✓ default 1 + ✓ Integer + MAXIMUM_PASSWORD_LENGTH + Longest password length + ✓ default 50 + ✓ Integer + MINIMUM_USERNAME_LENGTH + Shortest username length + ✓ default 1 + ✓ Integer + MAXIMUM_USERNAME_LENGTH + Longest username length + ✓ default 50 + ✓ Integer + MINIMUM_RESET_CODE_LENGTH + Shortest reset code length + ✓ default 6 + ✓ Integer + MAXIMUM_RESET_CODE_LENGTH + Longest reset code length + ✓ default 50 + ✓ Integer + REQUIRE_PROFILE + Require registration information + ✓ default unset + ✓ Integer + USER_PROFILE_FIELDS + Information to collect at registration + ✓ default contact-email,full-name + ✓ Profile property list + SESSION_VERIFICATION_DELAY + Seconds before verifying a prolongued session + ✓ default 14400 + ✓ Integer + + internal-api/api + API#generate + ✓ should remap urls to object + ✓ should capitalize the last segment + ✓ should capitalize hyphenated last segment + + internal-api/format + Format#parseDate + ✓ should throw error for missing date + ✓ should throw error for invalid date + Format#date + ✓ should zero pad days + ✓ should zero pad months + + internal-api/hash + Hash#sha512Hash + ✓ should produce the same hash each time + Hash#sha512HashCompare + ✓ should match text with hash + Hash#bcryptHashHash + ✓ should hash differently each time + Hash#bcryptHashCompare + ✓ should match passwords + ✓ should not match invalid passwords + + internal-api/html + HTML#parseHTML + ✓ should reject invalid strings + ✓ should return expected contents + HTML#findOrCreateTableBody + ✓ should require a document + ✓ should require a table + ✓ should accept table ids + ✓ should return existing TBODY + ✓ should create new TBODY as last child of table + HTML#renderTable + ✓ should require a document + ✓ should require a table + ✓ should require a template + ✓ should require a dataset + ✓ should create TR for each item + ✓ should alternate TR class + ✓ should contain expected data + HTML#renderList + ✓ should require a document + ✓ should require a list + ✓ should require a template + ✓ should require a dataset + ✓ should create LI for each item + ✓ should contain expected data + HTML#renderTemplate + ✓ should require a document + ✓ should not require a data object + ✓ should require a template + ✓ should require a parent element + ✓ should append contents to parent element + HTML#renderPagination + ✓ should require a document + ✓ should require a total greater than 0 + ✓ should require an offset less than total + ✓ should accept null or string offset + ✓ should enforce global page size + ✓ should override global page size + + internal-api/package-json + mergeTitle + ✓ should prioritize application title + ✓ should default to Dashboard title + mergeScriptArray + ✓ should add scripts + ✓ should put application scripts last + + internal-api/proxy + Proxy#pass + ✓ should include x-accountid header + ✓ should include x-sessionid header + ✓ should include x-dashboard-server header + ✓ should create x-application-server-token header + ✓ should include referer header + ✓ should send POST data + ✓ should send multipart POST data + ✓ should send file upload POST data + ✓ should execute proxy handlers + + internal-api/response + Response#wrapTemplateWithSrcDoc (global setting) + ✓ should transfer head content from page to template + ✓ should transfer head content from template to page + ✓ should transfer navigation to template from page + ✓ should transfer title to page from template + ✓ should remove menus for guests + ✓ should disable administrator menu for normal user + ✓ should add account menu links from package.json + ✓ should add administrator menu links from package.json + Response#wrapTemplateWithSrcDoc (config override) + ✓ should transfer head content from page to template + ✓ should transfer head content from template to page + ✓ should transfer navigation to template from page + ✓ should transfer title to page from template + ✓ should remove menus for guests + ✓ should disable administrator menu for normal user + ✓ should add account menu links from package.json + ✓ should add administrator menu links from package.json + ✓ should execute "page" handlers on the rendered page + ✓ should execute "template" handlers on the rendered + page-merged template + ✓ should execute "page" and "template" handlers on the rendered + page-merged template + ✓ should execute each content handler + Response#throw404 + ✓ should set 404 status + ✓ should contain 404 code + ✓ should contain 404 error + Response#throw500 + ✓ should set 500 status + ✓ should contain 500 code + ✓ should contain error message + Response#throw511 + ✓ should set 511 status + ✓ should contain 511 code + + internal-api/server + Server#authenticateRequest + ✓ should reject missing token + ✓ should reject invalid token + ✓ should identify user from token + Server#parsePostData + ✓ should ignore file uploads + ✓ should ignore no-content uploads + ✓ should parse post data + Server#receiveRequest + ✓ should bind query data of URL to req + ✓ should not bind route for unknown url + ✓ should bind route to req + ✓ should redirect user to verification + ✓ should accept recent verification + ✓ should not require verification + ✓ should execute "before" server handler before identifying user + ✓ should execute "after" server handler after identifying user + ✓ should execute "after" server handler after identifying guest + ✓ should execute "before" and "after" server handler + ✓ should execute each server handler + + internal-api/sitemap + Sitemap#readHTMLAttributes + ✓ should detect attributes + Sitemap#loadRoute + ✓ should load API route + ✓ should load HTML route + ✓ should load static HTML route + Sitemap#scanFiles + ✓ should read files recursively + ✓ should exclude navbar files + ✓ should exclude test files + + internal-api/storage-cache + get + ✓ should require key + ✓ should return value + set + ✓ should require key + ✓ should set value + remove + ✓ should require key + ✓ should remove object + + internal-api/storage-list + StorageList#add + ✓ should add string properties + ✓ should add int properties + ✓ should add float properties + ✓ should add boolean properties + StorageList#addMany + ✓ should add multiple properties + ✓ should skip duplicates + StorageList#count + ✓ should count the items + ✓ should not count removed items + StorageList#remove + ✓ should remove the item + StorageList#list + ✓ should change page size + ✓ should enforce offset + StorageList#listAll + ✓ should return all records + + internal-api/storage-object + getProperties + ✓ should return string properties + ✓ should return int properties + ✓ should return float properties + ✓ should return boolean properties + getProperty + ✓ should return string property + ✓ should return int property + ✓ should return float property + ✓ should return boolean property + removeProperty + ✓ should delete properties + removeProperties + ✓ should delete properties + setProperty + ✓ should set string property + ✓ should set int property + ✓ should set float property + ✓ should set boolean property + setProperties + ✓ should set string properties + ✓ should set int properties + ✓ should set float properties + ✓ should set boolean properties + + internal-api/storage + Storage#read + ✓ should require file + ✓ should return file contents + Storage#readMany + ✓ should require files array + ✓ should return files contents + Storage#write + ✓ should require file + ✓ should require contents + ✓ should accept content object + ✓ should accept content string + ✓ should write file contents + ✓ should encrypt contents + Storage#delete + ✓ should require file + ✓ should delete file + + internal-api/timestamp + #create + ✓ should reject null date + ✓ should accept date + ✓ should accept string + + internal-api/uuid + #random + ✓ should reject null length + #v4 + ✓ should be a v4 uuid + + /account/change-password + view + ✓ should present the form + submit + ✓ should apply new password (screenshots) + errors + ✓ invalid-new-password + ✓ invalid-new-password-length + ✓ invalid-confirm-password + ✓ invalid-password + + /account/change-username + view + ✓ should present the form + submit + ✓ should apply new username (screenshots) + errors + ✓ invalid-new-username + ✓ invalid-new-username-length + ✓ invalid-password + + /account/create-profile + view + ✓ should present the form + ✓ should have elements for full-name + ✓ should have elements for contact-email + ✓ should have elements for display-email + ✓ should have elements for dob + ✓ should have elements for phone + ✓ should have elements for occupation + ✓ should have elements for location + ✓ should have elements for company-name + ✓ should have elements for website + submit + ✓ should create profile (screenshots) + ✓ should create profile with full-name + ✓ should create profile and set default + ✓ should create profile with display name + ✓ should create profile with contact-email + ✓ should create profile with display-email + ✓ should create profile with dob in YYYY-MM-DD + ✓ should create profile with dob in MM-DD-YYYY + ✓ should create profile with phone + ✓ should create profile with occupation + ✓ should create profile with location + ✓ should create profile with company-name + ✓ should create profile with website + errors + ✓ invalid-first-name + ✓ invalid-first-name-length + ✓ invalid-last-name + ✓ invalid-last-name-length + ✓ invalid-contact-email + ✓ invalid-display-email + ✓ invalid-display-name + ✓ invalid-display-name-length + ✓ invalid-dob + ✓ invalid-phone + ✓ invalid-occupation + ✓ invalid-location + ✓ invalid-company-name + ✓ invalid-website + + /account/create-reset-code + view + ✓ should present the form + submit + ✓ should create reset code (screenshots) + errors + ✓ invalid-secret-code + ✓ invalid-secret-code-length + + /account/delete-account-complete + view + ✓ should present 3 days remaining message + ✓ should present 7 days remaining message + ✓ should present instant deletion message + ✓ should present instant delete message (screenshots) + + /account/delete-account + view + ✓ should present the form + submit + ✓ should mark account deleted (screenshots) + errors + ✓ invalid-password + + /account/delete-profile + before + ✓ should bind data + exceptions + ✓ invalid-profileid + ✓ invalid-profile + ✓ invalid-account + view + ✓ should present the form + submit + ✓ should delete profile (screenshots) + + /account/delete-reset-code + before + ✓ should bind data + exceptions + ✓ invalid-reset-codeid + ✓ invalid-account + view + ✓ should present the form + submit + ✓ should delete reset code (screenshots) + + /account/edit-profile + view + ✓ should present the form + ✓ should have elements for full-name + ✓ should have elements for display-name + ✓ should have elements for contact-email + ✓ should have elements for display-email + ✓ should have elements for dob + ✓ should have elements for phone + ✓ should have elements for occupation + ✓ should have elements for location + ✓ should have elements for company-name + ✓ should have elements for website + submit + ✓ should update profile (screenshots) + ✓ should update profile with full-name + ✓ should update profile with display name + ✓ should update profile with contact-email + ✓ should update profile with display-email + ✓ should update profile with dob in YYYY-MM-DD + ✓ should update profile with dob in MM-DD-YYYY + ✓ should update profile with phone + ✓ should update profile with occupation + ✓ should update profile with location + ✓ should update profile with company-name + ✓ should update profile with website + errors + ✓ invalid-first-name + ✓ invalid-first-name-length + ✓ invalid-last-name + ✓ invalid-last-name-length + ✓ invalid-contact-email + ✓ invalid-display-email + ✓ invalid-display-name + ✓ invalid-display-name-length + ✓ invalid-dob + ✓ invalid-phone + ✓ invalid-occupation + ✓ invalid-location + ✓ invalid-company-name + ✓ invalid-website + + /account/end-all-sessions + view + ✓ should present the form + submit + ✓ should generate a new session key (screenshots) + + /account/end-session + before + ✓ should bind data to req + view + ✓ should present the form + submit + ✓ should end the session (screenshots) + ✓ should end current session + + /account + view + ✓ should return page (screenshots) + ✓ should not link to account preferences + ✓ should link to account preferences + + /account/profile + before + ✓ should bind data to req + view + ✓ should present the profile table (screenshots) + ✓ should show fields if data exists + + /account/profiles + before + ✓ should bind data to req + view + ✓ should return one page (screenshots) + ✓ should change page size + ✓ should change offset + ✓ should show fields if data exists + + /account/register + view + ✓ should present the form + ✓ should disable the form + ✓ should have elements for full-name + ✓ should have elements for contact-email + ✓ should have elements for display-email + ✓ should have elements for dob + ✓ should have elements for phone + ✓ should have elements for occupation + ✓ should have elements for location + ✓ should have elements for company-name + ✓ should have elements for website + submit + ✓ should create new account with full name + ✓ should create new profile with contact email + ✓ should create new profile with display email + ✓ should create new profile with display name + ✓ should create new profile with dob in YYYY-MM-DD + ✓ should create new profile with dob in MM-DD-YYYY + ✓ should create new profile with phone + ✓ should create new profile with occupation + ✓ should create new profile with location + ✓ should create new profile with company-name + ✓ should create new profile with website + ✓ should create 20-minute session + ✓ should create account (screenshots) + errors + ✓ invalid-username + ✓ invalid-username-length + ✓ invalid-password + ✓ invalid-password-length + ✓ invalid-confirm + ✓ invalid-first-name + ✓ invalid-first-name-length + ✓ invalid-last-name + ✓ invalid-last-name-length + ✓ invalid-contact-email + ✓ invalid-display-email + ✓ invalid-display-name + ✓ invalid-display-name-length + ✓ invalid-dob + ✓ invalid-phone + ✓ invalid-occupation + ✓ invalid-location + ✓ invalid-company-name + ✓ invalid-website + + /account/reset-account + view + ✓ should present the form + submit + ✓ should reset session key + ✓ should reset code last used + ✓ should sign in (screenshots) + errors + ✓ invalid-username + ✓ invalid-secret-code + ✓ invalid-new-password + ✓ invalid-new-password-length + ✓ invalid-confirm-password + ✓ invalid-account + + /account/reset-code + before + ✓ should bind data to req + view + ✓ should present the reset code table (screenshots) + + /account/reset-codes + before + ✓ should bind data to req + view + ✓ should return one page (screenshots) + ✓ should change page size + ✓ should change offset + + /account/restore-account + view + ✓ should present the form + submit + ✓ should unset account deleted (screenshots) + errors + ✓ invalid-username + ✓ invalid-password + ✓ invalid-account + + /account/session + before + ✓ should bind data to req + view + ✓ should present the session table (screenshots) + + /account/sessions + before + ✓ should bind data to req + ✓ should exclude ended sessions + view + ✓ should return one page (screenshots) + ✓ should change page size + ✓ should change offset + + /account/set-default-profile + before + ✓ should bind data to req + view + ✓ should present the form + submit + ✓ should set the profile as default (screenshots) + + /account/signin + view + ✓ should present the form + submit + ✓ should create session expiring in 20 minutes as default + ✓ should create session expiring in 20 minutes + ✓ should create session expiring in 8 hours + ✓ should create session expiring in 30 days + ✓ should sign in (screenshots) + errors + ✓ invalid-username + ✓ invalid-password + + /account/signout-complete + view + ✓ should sign out (screenshots) + + /account/signout + view + ✓ should end the session + ✓ should redirect to signout complete page + ✓ should signout (screenshots) + + /account/verify + view + ✓ should present the form + submit + ✓ should mark session as verified + ✓ should verify session (screenshots) + errors + ✓ invalid-username + ✓ invalid-password + + /administrator/account-profiles + before + ✓ should bind data to req + view + ✓ should present the profiles table (screenshots) + ✓ should return one page + ✓ should change page size + ✓ should change offset + + /administrator/account-reset-codes + before + ✓ should bind data to req + view + ✓ should present the reset codes table (screenshots) + ✓ should return one page + ✓ should change page size + ✓ should change offset + + /administrator/account-sessions + before + ✓ should bind data to req + view + ✓ should present the sessions table (screenshots) + ✓ should return one page + ✓ should change page size + ✓ should change offset + + /administrator/account + before + ✓ should bind data to req + view + ✓ should present the account table (screenshots) + ✓ should present the profile table + ✓ should present the sessions table + ✓ should hide empty reset codes table + ✓ should present a populated reset codes table + + /administrator/accounts + before + ✓ should bind data to req + view + ✓ should present the accounts table (screenshots) + ✓ should return one page + ✓ should change page size + ✓ should change offset + + /administrator/administrators + before + ✓ should bind data to req + view + ✓ should present the administrators table (screenshots) + ✓ should return one page + ✓ should change page size + ✓ should change offset + + /administrator/assign-administrator + before + ✓ should bind data to req + view + ✓ should present the form + submit + ✓ should apply account update (screenshots) + + /administrator/create-reset-code + before + ✓ should bind data to req + view + ✓ should present the form + submit + ✓ should create reset code (screenshots) + errors + ✓ invalid-secret-code + ✓ invalid-secret-code-length + + /administrator/delete-account + exceptions + ✓ should reject invalid accountid + before + ✓ should bind data to req + view + ✓ should present the form + submit + ✓ should immediately delete (screenshots) + + /administrator/delete-schedule + before + ✓ should bind data to req + view + ✓ should present the deleted accounts table (screenshots) + ✓ should return one page + ✓ should change page size + ✓ should change offset + + /administrator + view + ✓ should return page (screenshots) + + /administrator/profile + before + ✓ should bind data to req + view + ✓ should present the profile table (screenshots) + ✓ should show fields if data exists + + /administrator/profiles + before + ✓ should bind data to req + view + ✓ should return one page (screenshots) + ✓ should change page size + ✓ should change offset + ✓ should show fields if data exists + + /administrator/reset-code + before + ✓ should bind data to req + view + ✓ should present the reset code table (screenshots) + + /administrator/reset-codes + before + ✓ should bind data to req + view + ✓ should present the reset codes table (screenshots) + ✓ should return one page + ✓ should change page size + ✓ should change offset + + /administrator/reset-session-key + before + ✓ should bind data to req + view + ✓ should present the form + submit + ✓ should reset session key (screenshots) + + /administrator/revoke-administrator + before + ✓ should bind data to req + view + ✓ should present the form + submit + ✓ should revoke administrator status (screenshots) + + /administrator/schedule-account-delete + before + ✓ should bind data to req + view + ✓ should present the form + submit + ✓ should schedule account for deletion (screenshots) + + /administrator/session + before + ✓ should bind data to req + view + ✓ should present the session table (screenshots) + + /administrator/sessions + before + ✓ should bind data to req + view + ✓ should present the sessions table (screenshots) + ✓ should return one page + ✓ should change page size + ✓ should change offset + + /administrator/transfer-ownership + before + ✓ should bind data to req + view + ✓ should present the form + submit + ✓ should change ownership (screenshots) + + /api/administrator/account + exceptions + invalid-accountid + ✓ unspecified querystring accountid + ✓ invalid querystring accountid + returns + ✓ object + redacts + ✓ usernameHash + ✓ passwordHash + ✓ sessionKey + + /api/administrator/accounts-count + returns + ✓ integer + + /api/administrator/accounts + receives + ✓ optional querystring offset (integer) + ✓ optional querystring limit (integer) + ✓ optional querystring all (boolean) + returns + ✓ array + redacts + ✓ usernameHash + ✓ passwordHash + ✓ sessionKey + configuration + ✓ environment PAGE_SIZE + + /api/administrator/administrator-accounts-count + returns + ✓ integer + + /api/administrator/administrator-accounts + receives + ✓ optional querystring offset (integer) + ✓ optional querystring limit (integer) + ✓ optional querystring all (boolean) + returns + ✓ array + redacts + ✓ usernameHash + ✓ passwordHash + ✓ sessionKey + configuration + ✓ environment PAGE_SIZE + + /api/administrator/create-reset-code + exceptions + invalid-accountid + ✓ unspecified querystring accountid + ✓ invalid querystring accountid + invalid-secret-code + ✓ missing posted secret-code + invalid-secret-code-length + ✓ invalid posted secret-code length + returns + ✓ object + configuration + ✓ environment MINIMUM_RESET_CODE_LENGTH + ✓ environment MAXIMUM_RESET_CODE_LENGTH + + /api/administrator/delete-account + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + receieves + ✓ querystring accountid + returns + ✓ boolean + + /api/administrator/deleted-accounts-count + returns + ✓ querystring accountid + + /api/administrator/deleted-accounts + receives + ✓ optional querystring offset (integer) + ✓ optional querystring limit (integer) + ✓ optional querystring all (boolean) + returns + ✓ array + redacts + ✓ usernameHash + ✓ passwordHash + ✓ sessionKey + configuration + ✓ environment PAGE_SIZE + + /api/administrator/profile + exceptions + invalid-profileid + ✓ missing querystring profileid + ✓ invalid querystring profileid + returns + ✓ object + + /api/administrator/profiles-count + returns + ✓ integer + + /api/administrator/profiles + receives + ✓ optional querystring offset (integer) + ✓ optional querystring limit (integer) + ✓ optional querystring all (boolean) + ✓ optional querystring accountid (string) + returns + ✓ array + configuration + ✓ environment PAGE_SIZE + + /api/administrator/reset-account-administrator + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ accessing account is not owner + ✓ querystring accountid is not administrator + returns + ✓ object + + /api/administrator/reset-code + exceptions + invalid-reset-codeid + ✓ missing querystring codeid + ✓ invalid querystring codeid + returns + ✓ object + redacts + ✓ secretCodeHash + + /api/administrator/reset-codes-count + returns + ✓ integer + + /api/administrator/reset-codes + receives + ✓ optional querystring offset (integer) + ✓ optional querystring limit (integer) + ✓ optional querystring all (boolean) + ✓ optional querystring accountid (string) + returns + ✓ array + redacts + ✓ secretCodeHash + configuration + ✓ environment PAGE_SIZE + + /api/administrator/reset-session-key + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ ineligible querystring account is deleted + requires + ✓ querystring accountid is not deleted + returns + ✓ object + + /api/administrator/session + exceptions + invalid-sessionid + ✓ unspecified querystring accountid + ✓ invalid querystring sessionid + returns + ✓ object + redacts + ✓ tokenHash + + /api/administrator/sessions-count + returns + ✓ integer + + /api/administrator/sessions + receives + ✓ optional querystring offset (integer) + ✓ optional querystring limit (integer) + ✓ optional querystring all (boolean) + ✓ optional querystring accountid (string) + returns + ✓ array + redacts + ✓ tokenHash + configuration + ✓ environment PAGE_SIZE + + /api/administrator/set-account-administrator + exceptions + invalid-accountid + ✓ unspecified querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ ineligible querystring account is already administrator + requires + ✓ querystring accountid is not administrator + returns + ✓ object + + /api/administrator/set-account-deleted + exceptions + invalid-accountid + ✓ unspecified querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ ineligible querystring account is already deleted + invalid-account + ✓ querystring accountid is deleted + returns + ✓ object + configuration + ✓ environment DELETE_DELAY + + /api/administrator/set-owner-account + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ ineligible accessing account + ✓ ineligible querystring account is already owner + requires + ✓ accessing account is owner + ✓ querystring account is not owner + ✓ querystring account is not deleted + returns + ✓ object + + /api/user/account + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ ineligible accessing account + returns + ✓ object + redacts + ✓ usernameHash + ✓ passwordHash + ✓ sessionKey + + /api/user/create-account + exceptions + invalid-username + ✓ missing posted username + invalid-username-length + ✓ posted username too short + ✓ posted username too long + invalid-password + ✓ missing posted password + invalid-password-length + ✓ posted password too short + ✓ posted password too long + invalid-first-name + ✓ missing posted first-name + invalid-first-name-length + ✓ posted first-name too short + ✓ posted first-name too long + invalid-last-name + ✓ missing posted last-name + invalid-last-name-length + ✓ posted last-name too short + ✓ posted last-name too long + invalid-display-name + ✓ missing posted display-name + invalid-display-name-length + ✓ posted display-name too short + ✓ posted display-name too long + invalid-company-name + ✓ missing posted company-name + invalid-contact-email + ✓ missing posted contact-email + invalid-display-email + ✓ missing posted display-email + invalid-location + ✓ missing posted location + invalid-occupation + ✓ missing posted occupation + invalid-phone + ✓ missing posted phone + invalid-dob + ✓ missing posted dob + receives + ✓ optionally-required posted first-name + ✓ optionally-required posted last-name + ✓ optionally-required posted display-name + ✓ optionally-required posted company-name + ✓ optionally-required posted contact-email + ✓ optionally-required posted display-email + ✓ optionally-required posted location + ✓ optionally-required posted occupation + ✓ optionally-required posted phone + ✓ optionally-required posted dob + returns + ✓ object + configuration + ✓ environment MINIMUM_USERNAME_LENGTH + ✓ environment MAXIMUM_USERNAME_LENGTH + ✓ environment MINIMUM_PASSWORD_LENGTH + ✓ environment MAXIMUM_PASSWORD_LENGTH + ✓ environment REQUIRE_PROFILE + ✓ environment USER_PROFILE_FIELDS + ✓ environment MINIMUM_PROFILE_FIRST_NAME_LENGTH + ✓ environment MAXIMUM_PROFILE_FIRST_NAME_LENGTH + ✓ environment MINIMUM_PROFILE_LAST_NAME_LENGTH + ✓ environment MAXIMUM_PROFILE_LAST_NAME_LENGTH + ✓ environment MINIMUM_PROFILE_DISPLAY_NAME_LENGTH + ✓ environment MAXIMUM_PROFILE_DISPLAY_NAME_LENGTH + ✓ environment MINIMUM_PROFILE_COMPANY_NAME_LENGTH + ✓ environment MAXIMUM_PROFILE_COMPANY_NAME_LENGTH + ✓ override req.userProfileFields + + /api/user/create-profile + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-accountid + ✓ ineligible accessing account + invalid-first-name + ✓ missing posted first-name + invalid-first-name-length + ✓ posted first-name too short + ✓ posted first-name too long + invalid-last-name + ✓ missing posted last-name + invalid-last-name-length + ✓ posted last-name too short + ✓ posted last-name too long + invalid-display-name + ✓ missing posted display-name + invalid-display-name-length + ✓ posted display-name too short + ✓ posted display-name too long + invalid-company-name-length + ✓ posted company-name too short + ✓ posted company-name too long + invalid-company-name-length + ✓ invalid-company-name-length + invalid-contact-email + ✓ missing posted contact-email + invalid-display-email + ✓ missing posted display-email + invalid-location + ✓ missing posted location + invalid-occupation + ✓ missing posted occupation + invalid-phone + ✓ missing posted phone + invalid-dob + ✓ missing posted dob + receives + ✓ optionally-required posted first-name + ✓ optionally-required posted last-name + ✓ optionally-required posted display-name + ✓ optionally-required posted company-name + ✓ optionally-required posted contact-email + ✓ optionally-required posted display-email + ✓ optionally-required posted location + ✓ optionally-required posted occupation + ✓ optionally-required posted phone + ✓ optionally-required posted dob + returns + ✓ object + configuration + ✓ environment USER_PROFILE_FIELDS + ✓ environment MINIMUM_PROFILE_FIRST_NAME_LENGTH + ✓ environment MAXIMUM_PROFILE_FIRST_NAME_LENGTH + ✓ environment MINIMUM_PROFILE_LAST_NAME_LENGTH + ✓ environment MAXIMUM_PROFILE_LAST_NAME_LENGTH + ✓ environment MINIMUM_PROFILE_DISPLAY_NAME_LENGTH + ✓ environment MAXIMUM_PROFILE_DISPLAY_NAME_LENGTH + ✓ environment MINIMUM_PROFILE_COMPANY_NAME_LENGTH + ✓ environment MAXIMUM_PROFILE_COMPANY_NAME_LENGTH + ✓ override req.userProfileFields + + /api/user/create-reset-code + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-accountid + ✓ ineligible accessing account + invalid-secret-code + ✓ missing posted secret-code + invalid-secret-code-length + ✓ posted secret code too short + ✓ posted secret code too long + returns + ✓ object + + /api/user/create-session + exceptions + invalid-username + ✓ missing posted username + invalid-password + ✓ missing posted password + receives + ✓ optional posted remember (hours|days) + returns + ✓ object + + /api/user/delete-profile + exceptions + invalid-profileid + ✓ missing querystring profileid + ✓ invalid querystring profileid + invalid-profile + ✓ querystring profileid is default contact profile + invalid-account + ✓ ineligible querystring profileid + returns + ✓ boolean + + /api/user/delete-reset-code + exceptions + invalid-reset-codeid + ✓ missing querystring codeid + ✓ invalid querystring codeid + invalid-account + ✓ ineligible querystring codeid + returns + ✓ boolean + + /api/user/profile + exceptions + invalid-profileid + ✓ missing querystring profileid + ✓ invalid querystring profileid + invalid-account + ✓ ineligible querystring profileid + returns + ✓ object + + /api/user/profiles-count + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ ineligible accessing account + returns + ✓ integer + + /api/user/profiles + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ ineligible accessing account + receives + ✓ optional querystring offset (integer) + ✓ optional querystring limit (integer) + ✓ optional querystring all (boolean) + returns + ✓ array + configuration + ✓ environment PAGE_SIZE + + /api/user/reset-account-deleted + exceptions + invalid-username + ✓ missing posted username + ✓ invalid posted username + invalid-password + ✓ missing posted password + ✓ invalid posted password + invalid-account + ✓ credentialed account is not scheduled for deletion + returns + ✓ object + + /api/user/reset-account-password + exceptions + invalid-username + ✓ missing posted username + ✓ invalid posted username + invalid-password + ✓ missing posted new-password + invalid-secret-code + ✓ missing posted secret-code + invalid-reset-code + ✓ invalid posted secret-code + returns + ✓ boolean + + /api/user/reset-code + exceptions + invalid-reset-codeid + ✓ missing querystring codeid + ✓ invalid querystring codeid + invalid-account + ✓ ineligible querystring codeid + returns + ✓ object + redacts + ✓ secretCodeHash + + /api/user/reset-codes-count + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ ineligible accessing account + returns + ✓ integer + + /api/user/reset-codes + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ ineligible accessing account + receives + ✓ optional querystring offset (integer) + ✓ optional querystring limit (integer) + ✓ optional querystring all (boolean) + returns + ✓ array + redacts + ✓ secretCodeHash + configuration + ✓ environment PAGE_SIZE + + /api/user/reset-session-key + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ ineligible accessing account + returns + ✓ boolean + + /api/user/session + exceptions + invalid-sessionid + ✓ missing querystring sessionid + ✓ invalid querystring sessionid + invalid-account + ✓ ineligible querystring sessionid + returns + ✓ object + redacts + ✓ tokenHash + + /api/user/sessions-count + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ ineligible accessing account + returns + ✓ integer + + /api/user/sessions + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ ineligible accessing account + receives + ✓ optional querystring offset (integer) + ✓ optional querystring limit (integer) + ✓ optional querystring all (boolean) + returns + ✓ array + configuration + ✓ environment PAGE_SIZE + + /api/user/set-account-deleted + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ ineligible accessing account + invalid-password + ✓ missing posted password + ✓ invalid posted password + returns + ✓ object + configuration + ✓ environment DELETE_DELAY + + /api/user/set-account-password + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ ineligible accessing account + invalid-password + ✓ missing posted password + ✓ invalid posted password + invalid-new-password + ✓ missing posted new-password + invalid-new-password-length + ✓ posted new-password too short + ✓ posted new-password too long + returns + ✓ object + + /api/user/set-account-profile + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ ineligible accessing account + invalid-profileid + ✓ missing posted profileid + ✓ invalid posted profileid + returns + ✓ object + + /api/user/set-account-username + exceptions + invalid-accountid + ✓ missing querystring accountid + ✓ invalid querystring accountid + invalid-account + ✓ ineligible accessing account + invalid-password + ✓ missing posted password + ✓ invalid posted password + invalid-new-username + ✓ missing posted new-username + invalid-new-username-length + ✓ posted new-username too short + ✓ posted new-username too long + returns + ✓ object + + /api/user/set-session-ended + exceptions + invalid-sessionid + ✓ missing querystring sessionid + ✓ invalid querystring sessionid + invalid-session + ✓ querystring sessionid is not active session + invalid-account + ✓ ineligible querystring sessionid + returns + ✓ object + + /api/user/set-session-verified + exceptions + invalid-sessionid + ✓ missing querystring sessionid + ✓ invalid querystring sessionid + invalid-account + ✓ ineligible querystring sessionid + returns + ✓ object + + /api/user/update-profile + exceptions + invalid-profileid + ✓ missing querystring profileid + ✓ invalid querystring profileid + invalid-profileid + ✓ ineligible querystring profileid + invalid-first-name + ✓ missing posted first-name + invalid-first-name-length + ✓ posted first-name too short + ✓ posted first-name too long + invalid-last-name + ✓ missing posted last-name + invalid-last-name-length + ✓ posted last-name too short + ✓ posted last-name too long + invalid-display-name + ✓ missing posted display-name + invalid-display-name-length + ✓ posted display-name too short + ✓ posted display-name too long + invalid-company-name + ✓ missing posted company-name + invalid-company-name-length + ✓ posted company-name too short + ✓ posted company-name too long + invalid-contact-email + ✓ missing posted contact-email + invalid-display-email + ✓ missing posted display-email + invalid-location + ✓ missing posted location + invalid-occupation + ✓ missing posted occupation + invalid-phone + ✓ missing posted phone + invalid-dob + ✓ missing posted dob + receives + ✓ optionally-required posted first-name + ✓ optionally-required posted last-name + ✓ optionally-required posted display-name + ✓ optionally-required posted company-name + ✓ optionally-required posted contact-email + ✓ optionally-required posted display-email + ✓ optionally-required posted location + ✓ optionally-required posted occupation + ✓ optionally-required posted phone + ✓ optionally-required posted dob + returns + ✓ object + configuration + ✓ environment USER_PROFILE_FIELDS + ✓ environment MINIMUM_PROFILE_FIRST_NAME_LENGTH + ✓ environment MAXIMUM_PROFILE_FIRST_NAME_LENGTH + ✓ environment MINIMUM_PROFILE_LAST_NAME_LENGTH + ✓ environment MAXIMUM_PROFILE_LAST_NAME_LENGTH + ✓ environment MINIMUM_PROFILE_DISPLAY_NAME_LENGTH + ✓ environment MAXIMUM_PROFILE_DISPLAY_NAME_LENGTH + ✓ environment MINIMUM_PROFILE_COMPANY_NAME_LENGTH + ✓ environment MAXIMUM_PROFILE_COMPANY_NAME_LENGTH + ✓ override req.userProfileFields + + + 873 passing (27m) +