- As blocking is now reciprocal, we do not need another query, we can
use neo4j-graphql-js magic to query for a BLOCKED relationship between
the postAuthor and the currentUser
- this was making things more likely to fail from the frontend, we would
need to consider doing a db manipulation for users from the old alpha
who have user.name as null.
- it only protects against someone who bypasses our UI and sends a
message directly to the backend, but if they can do that we have bigger
problems.
- write tests for userMiddleware
- checks the functionality of nodes/locations middleware
- refactor to not allow users to update to remove their name
debatable whether we want that or not, but we do not allow users to
create accounts with no name, so we should be consistent, before we were
using neode to validate this, but we have are removing neode from
production code, so we must validate ourselves
- collate UpdateUser mutations to one
- This test, though I understand why it was added, is not necessary in
my opinion. It's more difficult to get this test to pass since we don't
call session.run, we call session.writeTransaction which has a callback
that calls transaction.run...
- I think we don't need to test that our third party library does what
it was added to do... they have their own tests, which can be found here
@roschaefer, which I think are sufficient https://github.com/validatorjs/validator.js/blob/master/test/sanitizers.js
- We can always add another type of test, if you feel necessary, maybe
an e2e?
- the test is broken, can you have a look @roschaefer??
- I tried to get it to work, but it's complicated with multiple
promises... I'm ok if we remove this test as well as it's only testing
that normalizeEmail works as it's supposed to... but that hopefully is
tested on the side of the validator library
