📖New license file version [CI SKIP] [skip ci]

Reviewed-on: #198

.drone.yml

@@ -61,6 +61,7 @@ steps:
       - git clone $DRONE_REMOTE_URL .
       - git checkout dev
   - name: build dev
+    depends_on: ["clone"]
     image: registry.odit.services/library/drone-kaniko
     settings:
       username:
@@ -81,6 +82,7 @@ steps:
     depends_on: ["clone"]
     image: registry.odit.services/hub/library/node:19.5.0-alpine3.16
     commands:
+      - apk add git
       - npx auto-changelog --commit-limit false -p -u --hide-credit
   - name: push new changelog to repo
     depends_on: ["run changelog export"]
@@ -134,6 +136,7 @@ steps:
       - git merge main
       - git checkout main
   - name: build latest
+    depends_on: ["clone"]
     image: registry.odit.services/library/drone-kaniko
     settings:
       username:
@@ -173,6 +176,7 @@ name: build:tags
 
 steps:
   - name: build $DRONE_TAG
+    depends_on: ["clone"]
     image: registry.odit.services/library/drone-kaniko
     settings:
       username:

CHANGELOG.md

@@ -2,8 +2,39 @@
 
 All notable changes to this project will be documented in this file. Dates are displayed in UTC.
 
+#### [v0.12.0](https://git.odit.services/lfk/backend/compare/v0.12.0...v0.12.0)
+
+- Merge pull request 'feature/197-duplicate_runner_mail' (#198) from feature/197-duplicate_runner_mail into dev [`4b676bc`](https://git.odit.services/lfk/backend/commit/4b676bc85336c2d494e9e74823d38deec5cc0400)
+- Added faker for testing [`e184673`](https://git.odit.services/lfk/backend/commit/e1846739638905aab6ba7e059fd2cbf8ff467bf3)
+- Updated selfservice tests to prevent email duplication [`9bc80aa`](https://git.odit.services/lfk/backend/commit/9bc80aac8aab9b4dedc26c9bc3ce705d7fe9c0bf)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`ae14d6c`](https://git.odit.services/lfk/backend/commit/ae14d6c74f9205440b41ca5fdbd052ca449148fc)
+- Added selfservice runner create check to prevent duplicate email [`68cd746`](https://git.odit.services/lfk/backend/commit/68cd746a9f3360b3630a9ba570213d2aa62497b4)
+- Updated tests for new login in selfservice [`39aa759`](https://git.odit.services/lfk/backend/commit/39aa7598b7cd0ecb0f077f50ebdd31c6e205f06d)
+- Updated logo url [`4433ddb`](https://git.odit.services/lfk/backend/commit/4433ddb1e15a35481728670e22049200644bf337)
+- depends_on: ["clone"] [`9cc66ee`](https://git.odit.services/lfk/backend/commit/9cc66eebdfe8e7a2888bbc97197d1756ff44de30)
+- Fixed typo [`19a290c`](https://git.odit.services/lfk/backend/commit/19a290c3a931ead0d9ae9ebb0985bfbaac54df59)
+- Rename selfservice forgot to login [`69651d9`](https://git.odit.services/lfk/backend/commit/69651d9f6cd826b6d4720f164897a2a72a57c851)
+- 📖New license file version [CI SKIP] [skip ci] [`6fd246f`](https://git.odit.services/lfk/backend/commit/6fd246f43cb3f4d0ccb6e017ee699889ba17daac)
+- Add git for changelog fun [`2fa56b8`](https://git.odit.services/lfk/backend/commit/2fa56b82d1e082a1deae943e5fca5101f24e3ef5)
+
+#### [v0.12.0](https://git.odit.services/lfk/backend/compare/v0.11.1...v0.12.0)
+
+> 2 February 2023
+
+- Pinned versions [`a6d5693`](https://git.odit.services/lfk/backend/commit/a6d5693ccdeb25b15a09af8f7438142114268807)
+- Drone -> Kaniko based builds [`0e78951`](https://git.odit.services/lfk/backend/commit/0e789513008085d0db94fc3b2dd9e74a5e583049)
+- Drone images to odit registry [`6ad56b3`](https://git.odit.services/lfk/backend/commit/6ad56b31269bf19a740c1b6b1a303a8a9d7d59d0)
+- Bumped container base images [`d95c6d3`](https://git.odit.services/lfk/backend/commit/d95c6d33657f6aa977a8ebfefad7e199bb1cc9c3)
+- Enabled tag via release script [`9217421`](https://git.odit.services/lfk/backend/commit/92174212213f874e41c9472a927bcf87b963ac94)
+- Pinned pnpm for builds [`4570845`](https://git.odit.services/lfk/backend/commit/4570845b3e1bd00c228fe1b09b658c24e20aba7f)
+- 🚀Bumped version to v0.12.0 [`4c10e20`](https://git.odit.services/lfk/backend/commit/4c10e20b91a8101ee37b230373ceb3e024582b41)
+- Ignore pnpm lock [`1f2c8ab`](https://git.odit.services/lfk/backend/commit/1f2c8abb22f3ff1e61b7350b517bd699c3e315f6)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`31b258b`](https://git.odit.services/lfk/backend/commit/31b258b4ce82213144160a4233b7fd127e456776)
+
 #### [v0.11.1](https://git.odit.services/lfk/backend/compare/v0.11.0...v0.11.1)
 
+> 22 April 2021
+
 - Merge pull request 'Release 0.11.1' (#196) from dev into main [`f19f280`](https://git.odit.services/lfk/backend/commit/f19f2808d88414f1877c01f10996dac68b6f9617)
 - 🧾New changelog file version [CI SKIP] [skip ci] [`2229cdf`](https://git.odit.services/lfk/backend/commit/2229cdf20db1a98f9f76a99fa9d3f463cdf6d804)
 - 🧾New changelog file version [CI SKIP] [skip ci] [`348fe52`](https://git.odit.services/lfk/backend/commit/348fe52c42cfa32239b703041820f725e147154e)

licenses.md

@@ -454,7 +454,7 @@ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 ## License Text
 MIT License
 
-Copyright (c) 2010 - 2021 Brian Carlson
+Copyright (c) 2010 - 2020 Brian Carlson
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
@@ -696,6 +696,75 @@ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  
 
+# @faker-js/faker
+**Author**: undefined
+**Repo**: [object Object]
+**License**: MIT
+**Description**: Generate massive amounts of fake contextual data
+## License Text
+Faker - Copyright (c) 2022
+
+This software consists of voluntary contributions made by many individuals.
+For exact contribution history, see the revision history
+available at https://github.com/faker-js/faker
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+===
+
+From: https://github.com/faker-js/faker/commit/a9f98046c7d5eeaabe12fc587024c06d683800b8
+To: https://github.com/faker-js/faker/commit/29234378807c4141588861f69421bf20b5ac635e
+
+Based on faker.js, copyright Marak Squires and contributor, what follows below is the original license.
+
+===
+
+faker.js - Copyright (c) 2020
+Marak Squires
+http://github.com/marak/faker.js/
+
+faker.js was inspired by and has used data definitions from:
+
+ * https://github.com/stympy/faker/ - Copyright (c) 2007-2010 Benjamin Curtis
+ * http://search.cpan.org/~jasonk/Data-Faker-0.07/ - Copyright 2004-2005 by Jason Kohles
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ 
+
 # @odit/license-exporter
 **Author**: ODIT.Services
 **Repo**: [object Object]

package.json

@@ -51,6 +51,7 @@
     "validator": "13.5.2"
   },
   "devDependencies": {
+    "@faker-js/faker": "^7.6.0",
     "@odit/license-exporter": "0.0.9",
     "@types/cors": "2.8.9",
     "@types/csvtojson": "1.1.5",

src/controllers/RunnerSelfServiceController.ts

@@ -1,6 +1,6 @@
 import { Request } from "express";
 import * as jwt from "jsonwebtoken";
-import { Body, Delete, Get, JsonController, OnUndefined, Param, Post, QueryParam, Req, UseBefore } from 'routing-controllers';
+import { BadRequestError, Body, Delete, Get, JsonController, OnUndefined, Param, Post, QueryParam, Req, UseBefore } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
 import { getConnectionManager, Repository } from 'typeorm';
 import { config } from '../config';
@@ -116,7 +116,7 @@ export class RunnerSelfServiceController {
 		return scan.toResponse();
 	}
 
-	@Post('/runners/forgot')
+	@Post('/runners/login')
 	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
 	@OnUndefined(ResponseEmpty)
 	@OpenAPI({ description: 'Use this endpoint to reuqest a new selfservice token/link to be sent to your mail address (rate limited to one mail every 24hrs).' })
@@ -148,8 +148,11 @@ export class RunnerSelfServiceController {
 	@OpenAPI({ description: 'Create a new selfservice runner in the citizen org. <br> This endpoint shoud be used to allow "everyday citizen" to register themselves. <br> You have to provide a mail address, b/c the future we\'ll implement email verification.' })
 	async registerRunner(@Body({ validate: true }) createRunner: CreateSelfServiceCitizenRunner, @QueryParam("locale") locale: string = "en") {
 		let runner = await createRunner.toEntity();
-
+		if (await this.getRunnerExistsByMail(runner.email)) {
+			throw new BadRequestError("E-Mail already registered")
+		}
 		runner = await this.runnerRepository.save(runner);
+
 		let response = new ResponseSelfServiceRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards', 'distanceDonations', 'distanceDonations.donor', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] }));
 		response.token = JwtCreator.createSelfService(runner);
 
@@ -170,6 +173,9 @@ export class RunnerSelfServiceController {
 		const org = await this.getOrgansisation(token);
 
 		let runner = await createRunner.toEntity(org);
+		if (await this.getRunnerExistsByMail(runner.email)) {
+			throw new BadRequestError("E-Mail already registered")
+		}
 		runner = await this.runnerRepository.save(runner);
 
 		let response = new ResponseSelfServiceRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards', 'distanceDonations', 'distanceDonations.donor', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] }));
@@ -225,4 +231,14 @@ export class RunnerSelfServiceController {
 
 		return organization;
 	}
+
+	/**
+	 * Checks if a runner already exists
+	 * @param email The runner's email address
+	 * @returns Boolean (true if exists, false if not)
+	 */
+	private async getRunnerExistsByMail(email: string): Promise<boolean> {
+		const runner = await this.runnerRepository.findOne({ email });
+		return runner != undefined
+	}
 }

src/models/actions/create/CreateUser.ts

@@ -114,7 +114,7 @@ export class CreateUser {
         newUser.groups = await this.getGroups();
         newUser.enabled = this.enabled;
 
-        if (!this.profilePic) { newUser.profilePic = `https://dev.lauf-fuer-kaya.de/lfk-logo.png`; }
+        if (!this.profilePic) { newUser.profilePic = `https://lauf-fuer-kaya.de/lfk-logo.png`; }
         else { newUser.profilePic = this.profilePic; }
 
         return newUser;

src/models/actions/update/UpdateUser.ts

@@ -124,7 +124,7 @@ export class UpdateUser {
         user.phone = this.phone;
         user.groups = await this.getGroups();
 
-        if (!this.profilePic) { user.profilePic = `https://dev.lauf-fuer-kaya.de/lfk-logo.png`; }
+        if (!this.profilePic) { user.profilePic = `https://lauf-fuer-kaya.de/lfk-logo.png`; }
         else { user.profilePic = this.profilePic; }
 
         return user;

src/tests/selfservice/selfservice_delete.spec.ts

@@ -1,5 +1,7 @@
+import { faker } from '@faker-js/faker';
 import axios from 'axios';
 import { config } from '../../config';
+
 const base = "http://localhost:" + config.internal_port
 
 let access_token;
@@ -21,7 +23,7 @@ describe('delete selfservice runner invalid', () => {
         const res = await axios.post(base + '/api/runners/register', {
             "firstname": "string",
             "lastname": "string",
-            "email": "user@example.com"
+            "email": faker.internet.exampleEmail(),
         }, axios_config);
         added_runner = res.data;
         expect(res.status).toEqual(200);
@@ -50,7 +52,7 @@ describe('delete selfservice runner valid', () => {
         const res = await axios.post(base + '/api/runners/register', {
             "firstname": "string",
             "lastname": "string",
-            "email": "user@example.com"
+            "email": faker.internet.exampleEmail(),
         }, axios_config);
         added_runner = res.data;
         expect(res.status).toEqual(200);

src/tests/selfservice/selfservice_forgotten.spec.ts

@@ -15,20 +15,20 @@ beforeAll(async () => {
     };
 });
 
-describe('POST /api/runners/me/forgot invalid syntax/mail should fail', () => {
+describe('POST /api/runners/me/login invalid syntax/mail should fail', () => {
     it('get without mail return 404', async () => {
-        const res = await axios.post(base + '/api/runners/forgot', null, axios_config);
+        const res = await axios.post(base + '/api/runners/login', null, axios_config);
         expect(res.status).toEqual(404);
         expect(res.headers['content-type']).toContain("application/json");
     });
     it('get without bs mail return 404', async () => {
-        const res = await axios.post(base + '/api/runners/forgot?mail=asdasdasdasdasd@tester.test.dev.lauf-fuer-kaya.de', null, axios_config);
+        const res = await axios.post(base + '/api/runners/login?mail=asdasdasdasdasd@tester.test.dev.lauf-fuer-kaya.de', null, axios_config);
         expect(res.status).toEqual(404);
         expect(res.headers['content-type']).toContain("application/json");
     });
 });
 // ---------------
-describe('POST /api/runners/me/forgot 2 times within timeout should fail', () => {
+describe('POST /api/runners/me/login 2 times within timeout should fail', () => {
     let added_runner;
     it('registering as citizen should return 200', async () => {
         const res = await axios.post(base + '/api/runners/register', {
@@ -42,19 +42,19 @@ describe('POST /api/runners/me/forgot 2 times within timeout should fail', () =>
         added_runner = res.data;
     });
     it('post with valid mail should return 200', async () => {
-        const res = await axios.post(base + '/api/runners/forgot?mail=' + added_runner.email, null, axios_config);
+        const res = await axios.post(base + '/api/runners/login?mail=' + added_runner.email, null, axios_config);
         expect(res.status).toEqual(200);
         expect(res.headers['content-type']).toContain("application/json");
     });
     it('2nd post with valid mail should return 406', async () => {
-        const res = await axios.post(base + '/api/runners/forgot?mail=' + added_runner.email, null, axios_config);
+        const res = await axios.post(base + '/api/runners/login?mail=' + added_runner.email, null, axios_config);
         expect(res.status).toEqual(406);
         expect(res.headers['content-type']).toContain("application/json");
     });
 });
 
 // ---------------
-describe('POST /api/runners/me/forgot valid should return 200', () => {
+describe('POST /api/runners/me/login valid should return 200', () => {
     let added_runner;
     let new_token;
     it('registering as citizen should return 200', async () => {
@@ -69,7 +69,7 @@ describe('POST /api/runners/me/forgot valid should return 200', () => {
         added_runner = res.data;
     });
     it('post with valid mail should return 200', async () => {
-        const res = await axios.post(base + '/api/runners/forgot?mail=' + added_runner.email, null, axios_config);
+        const res = await axios.post(base + '/api/runners/login?mail=' + added_runner.email, null, axios_config);
         expect(res.status).toEqual(200);
         expect(res.headers['content-type']).toContain("application/json");
         new_token = res.data.token;

src/tests/selfservice/selfservice_get.spec.ts

@@ -1,3 +1,4 @@
+import { faker } from '@faker-js/faker';
 import axios from 'axios';
 import { config } from '../../config';
 const base = "http://localhost:" + config.internal_port
@@ -30,7 +31,7 @@ describe('register + get should return 200', () => {
             "firstname": "string",
             "middlename": "string",
             "lastname": "string",
-            "email": "user@example.com"
+            "email": faker.internet.exampleEmail(),
         }, axios_config);
         expect(res.status).toEqual(200);
         expect(res.headers['content-type']).toContain("application/json");

src/tests/selfservice/selfservice_register.spec.ts

@@ -1,3 +1,4 @@
+import { faker } from '@faker-js/faker';
 import axios from 'axios';
 import { config } from '../../config';
 const base = "http://localhost:" + config.internal_port
@@ -39,7 +40,7 @@ describe('register invalid citizen', () => {
         const res = await axios.post(base + '/api/runners/register', {
             "middlename": "string",
             "lastname": "string",
-            "email": "user@example.com"
+            "email": faker.internet.exampleEmail(),
         }, axios_config);
         expect(res.status).toEqual(400);
         expect(res.headers['content-type']).toContain("application/json");
@@ -48,7 +49,7 @@ describe('register invalid citizen', () => {
         const res = await axios.post(base + '/api/runners/register', {
             "firstname": "string",
             "middlename": "string",
-            "email": "user@example.com"
+            "email": faker.internet.exampleEmail(),
         }, axios_config);
         expect(res.status).toEqual(400);
         expect(res.headers['content-type']).toContain("application/json");
@@ -59,7 +60,26 @@ describe('register invalid citizen', () => {
             "middlename": "string",
             "lastname": "string",
             "phone": "peter",
-            "email": "user@example.com"
+            "email": faker.internet.exampleEmail(),
+        }, axios_config);
+        expect(res.status).toEqual(400);
+        expect(res.headers['content-type']).toContain("application/json");
+    });
+    it('registering as citizen with duplicate mail should return 400', async () => {
+        const mail = faker.internet.exampleEmail();
+        await axios.post(base + '/api/runners/register', {
+            "firstname": "string",
+            "middlename": "string",
+            "lastname": "string",
+            "phone": "peter",
+            "email": mail,
+        }, axios_config);
+        const res = await axios.post(base + '/api/runners/register', {
+            "firstname": "string",
+            "middlename": "string",
+            "lastname": "string",
+            "phone": "peter",
+            "email": mail,
         }, axios_config);
         expect(res.status).toEqual(400);
         expect(res.headers['content-type']).toContain("application/json");
@@ -71,7 +91,7 @@ describe('register citizen valid', () => {
         const res = await axios.post(base + '/api/runners/register', {
             "firstname": "string",
             "lastname": "string",
-            "email": "user@example.com"
+            "email": faker.internet.exampleEmail(),
         }, axios_config);
         expect(res.status).toEqual(200);
         expect(res.headers['content-type']).toContain("application/json");
@@ -81,7 +101,7 @@ describe('register citizen valid', () => {
             "firstname": "string",
             "middlename": "string",
             "lastname": "string",
-            "email": "user@example.com",
+            "email": faker.internet.exampleEmail(),
             "phone": "+4909132123456",
             "address": {
                 address1: "Teststreet 1",
@@ -187,7 +207,7 @@ describe('register valid company', () => {
             "firstname": "string",
             "middlename": "string",
             "lastname": "string",
-            "email": "user@example.com",
+            "email": faker.internet.exampleEmail(),
             "phone": "+4909132123456",
             "address": {
                 address1: "Teststreet 1",
@@ -214,7 +234,7 @@ describe('register valid company', () => {
             "firstname": "string",
             "middlename": "string",
             "lastname": "string",
-            "email": "user@example.com",
+            "email": faker.internet.exampleEmail(),
             "phone": "+4909132123456",
             "address": {
                 address1: "Teststreet 1",
@@ -232,7 +252,7 @@ describe('register valid company', () => {
             "firstname": "string",
             "middlename": "string",
             "lastname": "string",
-            "email": "user@example.com",
+            "email": faker.internet.exampleEmail(),
             "phone": "+4909132123456",
             "address": {
                 address1: "Teststreet 1",