Merge pull request #341 from steven-supersolid/anonymous

Bugfix: set username to random string if missing in RestWrite
2016-02-11 15:44:34 -08:00
parent 8dcae3dc74 0012e666b8
commit c66cc8d7bc
2 changed files with 49 additions and 6 deletions
--- a/spec/RestCreate.spec.js
+++ b/spec/RestCreate.spec.js
@@ -57,6 +57,50 @@ describe('rest create', () => {
      });
  });

+  it('handles anonymous user signup', (done) => {
+    var data1 = {
+      authData: {
+        anonymous: {
+          id: '00000000-0000-0000-0000-000000000001'
+        }
+      }
+    };
+    var data2 = {
+      authData: {
+        anonymous: {
+          id: '00000000-0000-0000-0000-000000000002'
+        }
+      }
+    };
+    var username1;
+    rest.create(config, auth.nobody(config), '_User', data1)
+      .then((r) => {
+        expect(typeof r.response.objectId).toEqual('string');
+        expect(typeof r.response.createdAt).toEqual('string');
+        expect(typeof r.response.sessionToken).toEqual('string');
+        return rest.create(config, auth.nobody(config), '_User', data1);
+      }).then((r) => {
+        expect(typeof r.response.objectId).toEqual('string');
+        expect(typeof r.response.createdAt).toEqual('string');
+        expect(typeof r.response.username).toEqual('string');
+        expect(typeof r.response.updatedAt).toEqual('string');
+        username1 = r.response.username;
+        return rest.create(config, auth.nobody(config), '_User', data2);
+      }).then((r) => {
+        expect(typeof r.response.objectId).toEqual('string');
+        expect(typeof r.response.createdAt).toEqual('string');
+        expect(typeof r.response.sessionToken).toEqual('string');
+        return rest.create(config, auth.nobody(config), '_User', data2);
+      }).then((r) => {
+        expect(typeof r.response.objectId).toEqual('string');
+        expect(typeof r.response.createdAt).toEqual('string');
+        expect(typeof r.response.username).toEqual('string');
+        expect(typeof r.response.updatedAt).toEqual('string');
+        expect(r.response.username).not.toEqual(username1);
+        done();
+      });
+  });
+
  it('test facebook signup and login', (done) => {
    var data = {
      authData: {
--- a/src/RestWrite.js
+++ b/src/RestWrite.js
@@ -56,7 +56,7 @@ function RestWrite(config, auth, className, query, data, originalData) {
    this.data.updatedAt = this.updatedAt;
    if (!this.query) {
      this.data.createdAt = this.updatedAt;
-      this.data.objectId = newObjectId();
+      this.data.objectId = newStringId(10);
    }
  }
 }
@@ -319,8 +319,7 @@ RestWrite.prototype.transformUser = function() {
    // Check for username uniqueness
    if (!this.data.username) {
      if (!this.query) {
-        // TODO: what's correct behavior here
-        this.data.username = '';
+        this.data.username = newStringId(25);
      }
      return;
    }
@@ -714,13 +713,13 @@ RestWrite.prototype.objectId = function() {
  return this.data.objectId || this.query.objectId;
 };

-// Returns a unique string that's usable as an object id.
-function newObjectId() {
+// Returns a unique string that's usable as an object or other id.
+function newStringId(size) {
  var chars = ('ABCDEFGHIJKLMNOPQRSTUVWXYZ' +
               'abcdefghijklmnopqrstuvwxyz' +
               '0123456789');
  var objectId = '';
-  var bytes = crypto.randomBytes(10);
+  var bytes = crypto.randomBytes(size);
  for (var i = 0; i < bytes.length; ++i) {
    // Note: there is a slight modulo bias, because chars length
    // of 62 doesn't divide the number of all bytes (256) evenly.