/api/user/organizations/create-membership (POST)
Account information like email addresses is generated with faker-js it is not real user information.
await global.api.user.organizations.CreateMembership.post(req)Returns object
{
"membershipid": "mmbr_2c3f1beaa59ff1e0",
"object": "membership",
"appid": "tests_1656039702",
"accountid": "acct_2f60db28f5aec1a5",
"organizationid": "orgn_e4c1c1ad7b0310dc",
"invitationid": "invt_0b49001e03e3ed3a",
"profileid": "prof_b623ba6313d1e3e9",
"createdAt": "2022-06-24T03:01:42.942Z",
"updatedAt": "2022-06-24T03:01:42.942Z",
"displayName": "Arlene Rath",
"displayEmail": "Arlene46@gmail.com"
}Receives
API routes may receive parameters from the URL and POST supporting simple and multipart:
| Field | Value | Required | Type |
|---|---|---|---|
| profileid | string | required | POST |
| secret-code | string | required | POST |
Exceptions
These exceptions are thrown (NodeJS) or returned as JSON (HTTP) if you provide incorrect data or do not meet the requirements:
| Exception | Circumstances |
|---|---|
| invalid-account | accessing account is organization owner |
| accessing account is organization member | |
| invalid-invitation | invitation has been used |
| invitation has been terminated | |
| querystring invitationid is not open invitation | |
| invalid-organization-pin | missing posted organization-pin |
| invalid posted organization-pin | |
| invalid-profile | ineligible posted profileid is missing fields |
| invalid-profileid | missing posted profileid |
| invalid posted profileid | |
| invalid-secret-code | missing posted secret-code |
| invalid posted secret-code |
NodeJS source (view on github)
const dashboard = require('@layeredapps/dashboard')
const organizations = require('../../../../../index.js')
module.exports = {
post: async (req) => {
if (!req.body) {
throw new Error('invalid-secret-code')
}
if (!req.body['secret-code'] || !req.body['secret-code'].length) {
throw new Error('invalid-secret-code')
}
if (!req.body['organization-pin'] || !req.body['organization-pin'].length) {
throw new Error('invalid-organization-pin')
}
req.query = req.query || {}
req.query['secret-code'] = req.body['secret-code']
req.query['organization-pin'] = req.body['organization-pin']
const invitation = await global.api.user.organizations.SecretInvitation.get(req)
req.query.invitationid = invitation.invitationid
const organization = await global.api.user.organizations.OpenInvitationOrganization.get(req)
if (!organization) {
throw new Error('invalid-organizationid')
}
if (req.account.accountid === organization.ownerid) {
throw new Error('invalid-account')
}
if (!req.body.profileid || !req.body.profileid.length) {
throw new Error('invalid-profileid')
}
req.query.profileid = req.body.profileid
const profile = await global.api.user.Profile.get(req)
if (!profile) {
throw new Error('invalid-profileid')
}
const requireProfileFields = global.membershipProfileFields
for (const field of requireProfileFields) {
const displayName = global.profileFieldMap[field]
if (!profile[displayName]) {
throw new Error('invalid-profile')
}
}
req.query.organizationid = organization.organizationid
let membership
try {
membership = await global.api.user.organizations.OrganizationMembership.get(req)
} catch (error) {
}
if (membership) {
throw new Error('invalid-account')
}
if (!invitation.multi) {
await organizations.Storage.Invitation.update({
acceptedAt: new Date()
}, {
where: {
invitationid: req.query.invitationid,
appid: req.appid || global.appid
}
})
await dashboard.StorageCache.remove(`invitation_by_secret_${invitation.secretCode}`)
await dashboard.StorageCache.remove(req.query.invitationid)
}
const membershipInfo = {
appid: req.appid || global.appid,
organizationid: invitation.organizationid,
accountid: req.account.accountid,
invitationid: req.query.invitationid,
profileid: req.body.profileid
}
const newMembership = await organizations.Storage.Membership.create(membershipInfo)
req.query.membershipid = newMembership.dataValues.membershipid
return global.api.user.organizations.Membership.get(req)
}
}
Test source (view on github)
/* eslint-env mocha */
const assert = require('assert')
const TestHelper = require('../../../../../test-helper.js')
describe('/api/user/organizations/create-membership', () => {
describe('exceptions', () => {
describe('invalid-invitation', () => {
it('invitation has been used', async () => {
const owner = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner, {
lifespan: 'single'
})
const user = await TestHelper.createUser()
await TestHelper.createProfile(user, {
'display-name': user.profile.fullName,
'display-email': user.profile.contactEmail
})
await TestHelper.acceptInvitation(user, owner)
const user2 = await TestHelper.createUser()
await TestHelper.createProfile(user2, {
'display-name': user2.profile.fullName,
'display-email': user2.profile.contactEmail
})
const req = TestHelper.createRequest('/api/user/organizations/create-membership')
req.account = user2.account
req.session = user2.session
req.body = {
'organization-pin': '12345',
'secret-code': owner.invitation.secretCode,
profileid: user2.profile.profileid
}
let errorMessage
try {
await req.post()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-invitation')
})
it('invitation has been terminated', async () => {
const owner = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner, {
lifespan: 'multi'
})
await TestHelper.terminateInvitation(owner)
const user = await TestHelper.createUser()
await TestHelper.createProfile(user, {
'display-name': user.profile.fullName,
'display-email': user.profile.contactEmail
})
const req = TestHelper.createRequest('/api/user/organizations/create-membership')
req.account = user.account
req.session = user.session
req.body = {
'organization-pin': '12345',
'secret-code': owner.invitation.secretCode,
profileid: user.profile.profileid
}
let errorMessage
try {
await req.post()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-invitation')
})
})
describe('invalid-organization-pin', () => {
it('missing posted organization-pin', async () => {
const owner = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner)
const user = await TestHelper.createUser()
const req = TestHelper.createRequest('/api/user/organizations/create-membership')
req.account = user.account
req.session = user.session
req.body = {
'organization-pin': '',
'secret-code': owner.invitation.secretCode,
profileid: user.profile.profileid
}
let errorMessage
try {
await req.post()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-organization-pin')
})
it('invalid posted organization-pin', async () => {
const owner = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner)
const user = await TestHelper.createUser()
const req = TestHelper.createRequest('/api/user/organizations/create-membership')
req.account = user.account
req.session = user.session
req.body = {
'organization-pin': 'invalid',
'secret-code': owner.invitation.secretCode,
profileid: user.profile.profileid
}
let errorMessage
try {
await req.post()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-organization-pin')
})
})
describe('invalid-secret-code', () => {
it('missing posted secret-code', async () => {
const owner = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner)
const user = await TestHelper.createUser()
const req = TestHelper.createRequest('/api/user/organizations/create-membership')
req.account = user.account
req.session = user.session
req.body = {
'organization-pin': '12345',
'secret-code': '',
profileid: user.profile.profileid
}
let errorMessage
try {
await req.post()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-secret-code')
})
it('invalid posted secret-code', async () => {
const owner = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner)
const user = await TestHelper.createUser()
const req = TestHelper.createRequest('/api/user/organizations/create-membership')
req.account = user.account
req.session = user.session
req.body = {
'organization-pin': '12345',
'secret-code': 'invalid',
profileid: user.profile.profileid
}
let errorMessage
try {
await req.post()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-secret-code')
})
})
describe('invalid-account', () => {
it('accessing account is organization owner', async () => {
const owner = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner)
const req = TestHelper.createRequest('/api/user/organizations/create-membership')
req.account = owner.account
req.session = owner.session
req.body = {
'organization-pin': '12345',
'secret-code': owner.invitation.secretCode,
profileid: owner.profile.profileid
}
let errorMessage
try {
await req.post()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-account')
})
it('accessing account is organization member', async () => {
const owner = await TestHelper.createUser()
const user = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createProfile(user, {
'display-name': user.profile.fullName,
'display-email': user.profile.contactEmail
})
global.userProfileFields = ['display-email', 'display-name']
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner)
await TestHelper.acceptInvitation(user, owner)
await TestHelper.createInvitation(owner)
const req = TestHelper.createRequest('/api/user/organizations/create-membership')
req.account = user.account
req.session = user.session
req.body = {
'organization-pin': '12345',
'secret-code': owner.invitation.secretCode,
profileid: user.profile.profileid
}
let errorMessage
try {
await req.post()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-account')
})
})
describe('invalid-profileid', () => {
it('missing posted profileid', async () => {
const owner = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner)
const user = await TestHelper.createUser()
const req = TestHelper.createRequest('/api/user/organizations/create-membership')
req.account = user.account
req.session = user.session
req.body = {
'organization-pin': '12345',
'secret-code': owner.invitation.secretCode,
profileid: ''
}
let errorMessage
try {
await req.post()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-profileid')
})
it('invalid posted profileid', async () => {
const owner = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner)
const user = await TestHelper.createUser()
const req = TestHelper.createRequest('/api/user/organizations/create-membership')
req.account = user.account
req.session = user.session
req.body = {
'organization-pin': '12345',
'secret-code': owner.invitation.secretCode,
profileid: 'invalid'
}
let errorMessage
try {
await req.post()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-profileid')
})
})
describe('invalid-profile', () => {
it('ineligible posted profileid is missing fields', async () => {
const owner = await TestHelper.createUser()
global.userProfileFields = global.membershipProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner)
const user = await TestHelper.createUser()
global.userProfileFields = global.membershipProfileFields = ['display-email']
await TestHelper.createProfile(user, {
'display-email': user.profile.contactEmail
})
global.userProfileFields = global.membershipProfileFields = ['display-name', 'display-email']
const req = TestHelper.createRequest('/api/user/organizations/create-membership')
req.account = user.account
req.session = user.session
req.body = {
'organization-pin': '12345',
'secret-code': owner.invitation.secretCode,
profileid: user.profile.profileid
}
let errorMessage
try {
await req.post()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-profile')
})
})
describe('invalid-invitation', () => {
it('querystring invitationid is not open invitation', async () => {
const owner = await TestHelper.createUser()
const user = await TestHelper.createUser()
const user2 = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createProfile(user, {
'display-name': user.profile.fullName,
'display-email': user.profile.contactEmail
})
await TestHelper.createProfile(user2, {
'display-name': user2.profile.fullName,
'display-email': user2.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner, {
lifespan: 'single'
})
await TestHelper.acceptInvitation(user2, owner)
const req = TestHelper.createRequest('/api/user/organizations/create-membership')
req.account = user.account
req.session = user.session
req.body = {
'organization-pin': '12345',
'secret-code': owner.invitation.secretCode,
profileid: user.profile.profileid
}
let errorMessage
try {
await req.post()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-invitation')
})
})
})
describe('receives', () => {
it('required posted secret-code', async () => {
const owner = await TestHelper.createUser()
const user = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createProfile(user, {
'display-name': user.profile.fullName,
'display-email': user.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner)
const req = TestHelper.createRequest('/api/user/organizations/create-membership')
req.account = user.account
req.session = user.session
req.body = {
'organization-pin': '12345',
'secret-code': owner.invitation.secretCode,
profileid: user.profile.profileid
}
const membership = await req.post()
assert.strictEqual(membership.object, 'membership')
})
it('required posted profileid', async () => {
const owner = await TestHelper.createUser()
const user = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createProfile(user, {
'display-name': user.profile.fullName,
'display-email': user.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner)
const req = TestHelper.createRequest('/api/user/organizations/create-membership')
req.account = user.account
req.session = user.session
req.body = {
'organization-pin': '12345',
'secret-code': owner.invitation.secretCode,
profileid: user.profile.profileid
}
const membership = await req.post()
assert.strictEqual(membership.profileid, user.profile.profileid)
})
})
describe('returns', () => {
it('object', async () => {
const owner = await TestHelper.createUser()
const user = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createProfile(user, {
'display-name': user.profile.fullName,
'display-email': user.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner)
const req = TestHelper.createRequest('/api/user/organizations/create-membership')
req.account = user.account
req.session = user.session
req.body = {
'organization-pin': '12345',
'secret-code': owner.invitation.secretCode,
profileid: user.profile.profileid
}
req.filename = __filename
req.saveResponse = true
const membership = await req.post()
assert.strictEqual(membership.object, 'membership')
})
})
})