/api/user/organizations/secret-invitation (GET)
Account information like email addresses is generated with faker-js it is not real user information.
await global.api.user.organizations.SecretInvitation.get(req)Returns object
{
"invitationid": "invt_5b6b135cd6ac0963",
"organizationid": "orgn_8ee52f4926f78f0e",
"accountid": "acct_d3bd85d9ef48a7b8",
"object": "invitation",
"appid": "tests_1656039713",
"secretCode": "secret254",
"multi": true,
"acceptedAt": null,
"terminatedAt": null,
"createdAt": "2022-06-24T03:01:53.520Z",
"updatedAt": "2022-06-24T03:01:53.520Z"
}Exceptions
These exceptions are thrown (NodeJS) or returned as JSON (HTTP) if you provide incorrect data or do not meet the requirements:
| Exception | Circumstances |
|---|---|
| invalid-invitation | querystring invitationid is used |
| invalid-organization-pin | missing querystring organization-pin |
| invalid querystring organization-pin | |
| invalid-secret-code | missing querystring secret-code |
| invalid querystring secret-code |
NodeJS source (view on github)
const dashboard = require('@layeredapps/dashboard')
const organizations = require('../../../../../index.js')
module.exports = {
get: async (req) => {
if (!req.query || !req.query['secret-code']) {
throw new Error('invalid-secret-code')
}
if (!req.query['organization-pin']) {
throw new Error('invalid-organization-pin')
}
const cacheKey = `org${req.query['organization-pin']}_inv${req.query['secret-code']}`
let invitation = await dashboard.StorageCache.get(cacheKey)
if (!invitation) {
const organizationInfo = await organizations.Storage.Organization.findOne({
attributes: ['organizationid'],
where: {
pin: req.query['organization-pin'],
appid: req.appid || global.appid
}
})
if (!organizationInfo) {
throw new Error('invalid-organization-pin')
}
const invitationInfo = await organizations.Storage.Invitation.findOne({
where: {
secretCode: req.query['secret-code'],
organizationid: organizationInfo.dataValues.organizationid,
appid: req.appid || global.appid
}
})
if (!invitationInfo) {
throw new Error('invalid-secret-code')
}
invitation = {}
for (const field of invitationInfo._options.attributes) {
invitation[field] = invitationInfo.get(field)
}
await dashboard.StorageCache.set(cacheKey, invitation)
}
if (invitation.acceptedAt || invitation.terminatedAt) {
throw new Error('invalid-invitation')
}
return invitation
}
}
Test source (view on github)
/* eslint-env mocha */
const assert = require('assert')
const TestHelper = require('../../../../../test-helper.js')
describe('/api/user/organizations/secret-invitation', () => {
describe('exceptions', () => {
describe('invalid-secret-code', () => {
it('missing querystring secret-code', async () => {
const owner = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
const req = TestHelper.createRequest(`/api/user/organizations/secret-invitation?organization-pin=${owner.organization.pin}`)
req.account = owner.account
req.session = owner.session
let errorMessage
try {
await req.get()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-secret-code')
})
it('invalid querystring secret-code', async () => {
const owner = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
const req = TestHelper.createRequest(`/api/user/organizations/secret-invitation?secret-code=invalid&organization-pin=${owner.organization.pin}`)
req.account = owner.account
req.session = owner.session
let errorMessage
try {
await req.get()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-secret-code')
})
})
describe('invalid-organization-pin', () => {
it('missing querystring organization-pin', async () => {
const owner = await TestHelper.createUser()
const req = TestHelper.createRequest('/api/user/organizations/secret-invitation?secret-code=13245')
req.account = owner.account
req.session = owner.session
let errorMessage
try {
await req.get()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-organization-pin')
})
it('invalid querystring organization-pin', async () => {
const owner = await TestHelper.createUser()
const req = TestHelper.createRequest('/api/user/organizations/secret-invitation?secret-code=12345&organization-pin=invalid')
req.account = owner.account
req.session = owner.session
let errorMessage
try {
await req.get()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-organization-pin')
})
})
describe('invalid-invitation', () => {
it('querystring invitationid is used', async () => {
const owner = await TestHelper.createUser()
const user = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createProfile(user, {
'display-name': user.profile.fullName,
'display-email': user.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner, {
lifespan: 'single'
})
await TestHelper.acceptInvitation(user, owner)
const req = TestHelper.createRequest(`/api/user/organizations/secret-invitation?secret-code=${owner.invitation.secretCode}&organization-pin=${owner.organization.pin}`)
req.account = user.account
req.session = user.session
let errorMessage
try {
await req.get()
} catch (error) {
errorMessage = error.message
}
assert.strictEqual(errorMessage, 'invalid-invitation')
})
})
})
describe('returns', () => {
it('object', async () => {
const owner = await TestHelper.createUser()
global.userProfileFields = ['display-name', 'display-email']
await TestHelper.createProfile(owner, {
'display-name': owner.profile.fullName,
'display-email': owner.profile.contactEmail
})
await TestHelper.createOrganization(owner, {
email: owner.profile.displayEmail,
name: 'My organization',
profileid: owner.profile.profileid,
pin: '12345'
})
await TestHelper.createInvitation(owner)
const user = await TestHelper.createUser()
const req = TestHelper.createRequest(`/api/user/organizations/secret-invitation?secret-code=${owner.invitation.secretCode}&organization-pin=${owner.organization.pin}`)
req.account = user.account
req.session = user.session
req.filename = __filename
req.saveResponse = true
const invitation = await req.get()
assert.strictEqual(invitation.object, 'invitation')
})
})
})