ocelot-Social-Community/Ocelot-Social
1
0
Fork 0
mirror of https://github.com/Ocelot-Social-Community/Ocelot-Social.git synced 2025-12-12 23:35:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into 256-editor-embeds-merge-in-nitro-embed

Browse Source
This commit is contained in:
Robert Schäfer 2019-07-16 21:33:46 +02:00
commit b74590821c
167 changed files with 6008 additions and 2744 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
.codecov.yml
View File

@ -95,7 +95,7 @@ coverage:
# - master
#flags:
# - integration
paths:
paths:
- backend/ # only include coverage in "backend/" folder
webapp: # declare a new status context "frontend"
against: parent
@ -127,7 +127,7 @@ coverage:
# - integration
# paths:
# - folder
#changes:
# default:
# against: parent
@ -150,20 +150,8 @@ coverage:
#ignore: # files and folders for processing
# - tests/*
#fixes:
# - "old_path::new_path"
comment:
# layout options are quite limited in v4.x - there have been way more options in v1.0
layout: reach, diff, flags, files # mostly old options: header, diff, uncovered, reach, files, tree, changes, sunburst, flags
behavior: new # default = posts once then update, posts new if delete
# once = post once then updates
# new = delete old, post new
# spammy = post new
require_changes: false # if true: only post the comment if coverage changes
require_base: no # [yes :: must have a base report to post]
require_head: no # [yes :: must have a head report to post]
branches: null # branch names that can post comment
flags: null
paths: null
comment: off

10
.travis.yml
View File

@ -11,7 +11,6 @@ addons:
before_install:
- yarn global add wait-on
# Install Codecov
- yarn global add codecov
- yarn install
- cp cypress.env.template.json cypress.env.json
@ -29,9 +28,10 @@ script:
- docker-compose exec backend yarn run test:jest --ci --verbose=false --coverage
- docker-compose exec backend yarn run db:reset
- docker-compose exec backend yarn run db:seed
- docker-compose exec backend yarn run test:cucumber --tags "not @wip"
- docker-compose exec backend yarn run db:reset
- docker-compose exec backend yarn run db:seed
# ActivityPub cucumber testing temporarily disabled because it's too buggy
# - docker-compose exec backend yarn run test:cucumber --tags "not @wip"
# - docker-compose exec backend yarn run db:reset
# - docker-compose exec backend yarn run db:seed
# Frontend
- docker-compose exec webapp yarn run lint
- docker-compose exec webapp yarn run test --ci --verbose=false --coverage
@ -39,7 +39,7 @@ script:
# Fullstack
- yarn run cypress:run
# Coverage
- codecov
- yarn run codecov
after_success:
- wget https://raw.githubusercontent.com/DiscordHooks/travis-ci-discord-webhook/master/send.sh

15
CONTRIBUTING.md
View File

@ -4,9 +4,9 @@ Thanks so much for thinking of contributing to the Human Connection project, we
## Getting Set Up
Instructions for how to install all the necessary software can be found in our [documentation](https://docs.human-connection.org/human-connection/)
Instructions for how to install all the necessary software can be found in our [documentation](https://docs.human-connection.org/human-connection/).
We recommend that new folks should ideally work together with an existing developer. Please join our discord instance to chat with developers or just ask them in tickets in [Zenhub](https://app.zenhub.com/workspaces/human-connection-nitro-5c0154ecc699f60fc92cf11f/boards?repos=152252353):
We recommend that new folks should ideally work together with an existing developer. Please join our [discord](https://discord.gg/6ub73U3) instance to chat with developers or just ask them in tickets in [Zenhub](https://app.zenhub.com/workspaces/human-connection-nitro-5c0154ecc699f60fc92cf11f/boards?repos=152252353):
![](https://dl.dropbox.com/s/vbmcihkduy9dhko/Screenshot%202019-01-03%2015.50.11.png?dl=0)
@ -17,7 +17,7 @@ Here are some general notes on our development flow:
* Currently operating in two week sprints
* We are using ZenHub to coordinate
* estimating time per issue is the crucial feature of [Zenhub](https://app.zenhub.com/workspaces/human-connection-nitro-5c0154ecc699f60fc92cf11f) that Github does not have
* "up-for-grabs" links to [Github project](https://github.com/orgs/Human-Connection/projects/10?card_filter_query=label%3A"good+first+issue)
* "up-for-grabs" links to [Github project](https://github.com/Human-Connection/Human-Connection/issues?q=is%3Aopen+is%3Aissue+label%3A%22good+first+issue%22)
* ordering on ZenHub not necessarily reflected on github projects
* AgileVentures run open pairing sessions at 10:30am UTC each week on Tuesdays and Thursdays
* Core team
@ -51,19 +51,19 @@ But what do we do when waiting for merge into master \(wanting to keep PRs small
* solutions
* 1\) put 2nd PR into branch that the first PR is hitting - but requires update after merging
* 2\) prefer to leave exiting PR until it can be reviewed, and instead go and work on some other part of the codebase that is not impacted by the first PR
### Code Review
* Github setting in place - at least one review is required to merge
* Github setting in place - at least one review is required to merge
- in principle anyone (who is not the PR owner) can review
- but often it will be the core developers (Robert, Ulf, Greg, Wolfgang?)
- once there is a review, and presuming no requested changes, PR opener can merge
* CI/tests
- the CI needs to pass
- the CI needs to pass
- linting <-- autofix?
- tests (unit, feature) (backend, frontend)
- codecoverage
## Notes
question: when you want to pick a task - \(find out priority\) - is it in discord? is it in AV slack? --&gt; Robert says you can always ask in discord - group channels are the best
@ -77,4 +77,3 @@ Matt makes point that new stories will have to be taken off the "New Issues" and
Robert notes that everyone is invited to join the kickoff meetings
Robert - difference between "important" \(creates a lot of value\) and "beginner friendly" \(easy to implement\)

2
README.md
View File

@ -46,7 +46,7 @@ Thank you lokalise for providing us with a premium account :raised_hands:.
## Developer Chat
Join our friendly open-source community on [Discord](https://discord.gg/6ub73U3) :heart_eyes_cat:
Just introduce yourself at `#user-presentation` and mention `@@Mentor` to get you onboard :neckbeard:
Just introduce yourself at `#introduce-yourself` and mention `@@Mentor` to get you onboard :neckbeard:
Check out the [contribution guideline](./CONTRIBUTING.md), too!

2
backend/.env.template
View File

@ -1,5 +1,5 @@
NEO4J_URI=bolt://localhost:7687
NEO4J_USER=neo4j
NEO4J_USERNAME=neo4j
NEO4J_PASSWORD=letmein
GRAPHQL_PORT=4000
GRAPHQL_URI=http://localhost:4000

2
backend/Dockerfile
View File

@ -1,4 +1,4 @@
FROM node:12.5-alpine as base
FROM node:12.6-alpine as base
LABEL Description="Backend of the Social Network Human-Connection.org" Vendor="Human Connection gGmbH" Version="0.0.1" Maintainer="Human Connection gGmbH (developer@human-connection.org)"
EXPOSE 4000

33
backend/package.json
View File

@ -34,7 +34,6 @@
"!**/src/**/?(*.)+(spec|test).js?(x)"
],
"coverageReporters": [
"text",
"lcov"
],
"testMatch": [
@ -42,53 +41,55 @@
]
},
"dependencies": {
"@hapi/joi": "^15.1.0",
"activitystrea.ms": "~2.1.3",
"apollo-cache-inmemory": "~1.6.2",
"apollo-client": "~2.6.3",
"apollo-link-context": "~1.0.18",
"apollo-link-http": "~1.5.15",
"apollo-server": "~2.6.7",
"apollo-server": "~2.6.9",
"apollo-server-express": "^2.6.9",
"bcryptjs": "~2.4.3",
"cheerio": "~1.0.0-rc.3",
"cors": "~2.8.5",
"cross-env": "~5.2.0",
"date-fns": "2.0.0-beta.2",
"date-fns": "2.0.0-beta.1",
"debug": "~4.1.1",
"dotenv": "~8.0.0",
"express": "~4.17.1",
"express": "^4.17.1",
"faker": "Marak/faker.js#master",
"graphql": "~14.4.0",
"graphql": "~14.4.2",
"graphql-custom-directives": "~0.2.14",
"graphql-iso-date": "~3.6.1",
"graphql-middleware": "~3.0.2",
"graphql-shield": "~6.0.2",
"graphql-shield": "~6.0.3",
"graphql-tag": "~2.10.1",
"graphql-yoga": "~1.18.0",
"helmet": "~3.18.0",
"jsonwebtoken": "~8.5.1",
"linkifyjs": "~2.1.8",
"lodash": "~4.17.11",
"lodash": "~4.17.14",
"merge-graphql-schemas": "^1.5.8",
"neo4j-driver": "~1.7.4",
"neo4j-graphql-js": "^2.6.3",
"neode": "^0.2.16",
"node-fetch": "~2.6.0",
"nodemailer": "^6.2.1",
"nodemailer": "^6.3.0",
"npm-run-all": "~4.1.5",
"request": "~2.88.0",
"sanitize-html": "~1.20.1",
"slug": "~1.1.0",
"trunc-html": "~1.1.2",
"uuid": "~3.3.2",
"wait-on": "~3.2.0"
"wait-on": "~3.3.0"
},
"devDependencies": {
"@babel/cli": "~7.4.4",
"@babel/core": "~7.4.5",
"@babel/node": "~7.4.5",
"@babel/cli": "~7.5.0",
"@babel/core": "~7.5.4",
"@babel/node": "~7.5.0",
"@babel/plugin-proposal-throw-expressions": "^7.2.0",
"@babel/preset-env": "~7.4.5",
"@babel/preset-env": "~7.5.4",
"@babel/register": "~7.4.4",
"apollo-server-testing": "~2.6.7",
"apollo-server-testing": "~2.6.9",
"babel-core": "~7.0.0-0",
"babel-eslint": "~10.0.2",
"babel-jest": "~24.8.0",
@ -98,7 +99,7 @@
"eslint-config-prettier": "~6.0.0",
"eslint-config-standard": "~12.0.0",
"eslint-plugin-import": "~2.18.0",
"eslint-plugin-jest": "~22.7.1",
"eslint-plugin-jest": "~22.8.0",
"eslint-plugin-node": "~9.1.0",
"eslint-plugin-prettier": "~3.1.0",
"eslint-plugin-promise": "~4.2.1",

10
backend/src/bootstrap/neo4j.js
View File

@ -1,5 +1,6 @@
import { v1 as neo4j } from 'neo4j-driver'
import CONFIG from './../config'
import setupNeode from './neode'
let driver
@ -14,3 +15,12 @@ export function getDriver(options = {}) {
}
return driver
}
let neodeInstance
export function neode() {
if (!neodeInstance) {
const { NEO4J_URI: uri, NEO4J_USERNAME: username, NEO4J_PASSWORD: password } = CONFIG
neodeInstance = setupNeode({ uri, username, password })
}
return neodeInstance
}

9
backend/src/bootstrap/neode.js Normal file
View File

@ -0,0 +1,9 @@
import Neode from 'neode'
import models from '../models'
export default function setupNeode(options) {
const { uri, username, password } = options
const neodeInstance = new Neode(uri, username, password)
neodeInstance.with(models)
return neodeInstance
}

7
backend/src/helpers/encryptPassword.js Normal file
View File

@ -0,0 +1,7 @@
import { hashSync } from 'bcryptjs'
export default function(args) {
args.encryptedPassword = hashSync(args.password, 10)
delete args.password
return args
}

14
backend/src/index.js
View File

@ -1,18 +1,8 @@
import createServer from './server'
import ActivityPub from './activitypub/ActivityPub'
import CONFIG from './config'
const serverConfig = {
port: CONFIG.GRAPHQL_PORT,
// cors: {
// credentials: true,
// origin: [CONFIG.CLIENT_URI] // your frontend url.
// }
}
const server = createServer()
server.start(serverConfig, options => {
const { app } = createServer()
app.listen({ port: CONFIG.GRAPHQL_PORT }, () => {
/* eslint-disable-next-line no-console */
console.log(`GraphQLServer ready at ${CONFIG.GRAPHQL_URI} 🚀`)
ActivityPub.init(server)
})

17
backend/src/jest/helpers.js
View File

@ -4,13 +4,20 @@ import { request } from 'graphql-request'
// not to be confused with the seeder host
export const host = 'http://127.0.0.1:4123'
export async function login({ email, password }) {
export async function login(variables) {
const mutation = `
mutation {
login(email:"${email}", password:"${password}")
}`
const response = await request(host, mutation)
mutation($email: String!, $password: String!) {
login(email: $email, password: $password)
}
`
const response = await request(host, mutation, variables)
return {
authorization: `Bearer ${response.login}`,
}
}
//* This is a fake ES2015 template string, just to benefit of syntax
// highlighting of `gql` template strings in certain editors.
export function gql(strings) {
return strings.join('')
}

2
backend/src/middleware/activityPubMiddleware.js
View File

@ -46,7 +46,7 @@ export default {
}
return post
},
CreateUser: async (resolve, root, args, context, info) => {
SignupVerification: async (resolve, root, args, context, info) => {
const keys = generateRsaKeyPair()
Object.assign(args, keys)
args.actorId = `${activityPub.host}/activitypub/users/${args.slug}`

1
backend/src/middleware/dateTimeMiddleware.js
View File

@ -9,7 +9,6 @@ const setUpdatedAt = (resolve, root, args, context, info) => {
export default {
Mutation: {
CreateUser: setCreatedAt,
CreatePost: setCreatedAt,
CreateComment: setCreatedAt,
CreateOrganization: setCreatedAt,

57
backend/src/middleware/email/emailMiddleware.js Normal file
View File

@ -0,0 +1,57 @@
import CONFIG from '../../config'
import nodemailer from 'nodemailer'
import { resetPasswordMail, wrongAccountMail } from './templates/passwordReset'
import { signupTemplate } from './templates/signup'
const transporter = () => {
const configs = {
host: CONFIG.SMTP_HOST,
port: CONFIG.SMTP_PORT,
ignoreTLS: CONFIG.SMTP_IGNORE_TLS,
secure: false, // true for 465, false for other ports
}
const { SMTP_USERNAME: user, SMTP_PASSWORD: pass } = CONFIG
if (user && pass) {
configs.auth = { user, pass }
}
return nodemailer.createTransport(configs)
}
const returnResponse = async (resolve, root, args, context, resolveInfo) => {
const { response } = await resolve(root, args, context, resolveInfo)
delete response.nonce
return response
}
const sendSignupMail = async (resolve, root, args, context, resolveInfo) => {
const { email } = args
const { response, nonce } = await resolve(root, args, context, resolveInfo)
delete response.nonce
await transporter().sendMail(signupTemplate({ email, nonce }))
return response
}
export default function({ isEnabled }) {
if (!isEnabled)
return {
Mutation: {
requestPasswordReset: returnResponse,
Signup: returnResponse,
SignupByInvitation: returnResponse,
},
}
return {
Mutation: {
requestPasswordReset: async (resolve, root, args, context, resolveInfo) => {
const { email } = args
const { response, user, code, name } = await resolve(root, args, context, resolveInfo)
const mailTemplate = user ? resetPasswordMail : wrongAccountMail
await transporter().sendMail(mailTemplate({ email, code, name }))
return response
},
Signup: sendSignupMail,
SignupByInvitation: sendSignupMail,
},
}
}

85
backend/src/middleware/email/templates/passwordReset.js Normal file
View File

@ -0,0 +1,85 @@
import CONFIG from '../../../config'
export const from = '"Human Connection" <info@human-connection.org>'
export const resetPasswordMail = options => {
const {
name,
email,
code,
subject = 'Use this link to reset your password. The link is only valid for 24 hours.',
supportUrl = 'https://human-connection.org/en/contact/',
} = options
const actionUrl = new URL('/password-reset/change-password', CONFIG.CLIENT_URI)
actionUrl.searchParams.set('code', code)
actionUrl.searchParams.set('email', email)
return {
to: email,
subject,
text: `
Hi ${name}!
You recently requested to reset your password for your Human Connection account.
Use the link below to reset it. This password reset is only valid for the next
24 hours.
${actionUrl}
If you did not request a password reset, please ignore this email or contact
support if you have questions:
${supportUrl}
Thanks,
The Human Connection Team
If you're having trouble with the link above, you can manually copy and
paste the following code into your browser window:
${code}
Human Connection gemeinnützige GmbH
Bahnhofstr. 11
73235 Weilheim / Teck
Deutschland
`,
}
}
export const wrongAccountMail = options => {
const {
email,
subject = `We received a request to reset your password with this email address (${email})`,
supportUrl = 'https://human-connection.org/en/contact/',
} = options
const actionUrl = new URL('/password-reset/request', CONFIG.CLIENT_URI)
return {
to: email,
subject,
text: `
We received a request to reset the password to access Human Connection with your
email address, but we were unable to find an account associated with this
address.
If you use Human Connection and were expecting this email, consider trying to
request a password reset using the email address associated with your account.
Try a different email:
${actionUrl}
If you do not use Human Connection or did not request a password reset, please
ignore this email. Feel free to contact support if you have further questions:
${supportUrl}
Thanks,
The Human Connection Team
Human Connection gemeinnützige GmbH
Bahnhofstr. 11
73235 Weilheim / Teck
Deutschland
`,
}
}

43
backend/src/middleware/email/templates/signup.js Normal file
View File

@ -0,0 +1,43 @@
import CONFIG from '../../../config'
export const from = '"Human Connection" <info@human-connection.org>'
export const signupTemplate = options => {
const {
email,
nonce,
subject = 'Signup link',
supportUrl = 'https://human-connection.org/en/contact/',
} = options
const actionUrl = new URL('/registration/create-user-account', CONFIG.CLIENT_URI)
actionUrl.searchParams.set('nonce', nonce)
actionUrl.searchParams.set('email', email)
return {
to: email,
subject,
text: `
Welcome to Human Connection! Use this link to complete the registration process
and create a user account:
${actionUrl}
You can also copy+paste this verification code in your browser window:
${nonce}
If you did not signed up for Human Connection, please ignore this email or
contact support if you have questions:
${supportUrl}
Thanks,
The Human Connection Team
Human Connection gemeinnützige GmbH
Bahnhofstr. 11
73235 Weilheim / Teck
Deutschland
`,
}
}

69
backend/src/middleware/handleHtmlContent/handleContentData.js Normal file
View File

@ -0,0 +1,69 @@
import extractMentionedUsers from './notifications/extractMentionedUsers'
import extractHashtags from './hashtags/extractHashtags'
const notify = async (postId, idsOfMentionedUsers, context) => {
const session = context.driver.session()
const createdAt = new Date().toISOString()
const cypher = `
match(u:User) where u.id in $idsOfMentionedUsers
match(p:Post) where p.id = $postId
create(n:Notification{id: apoc.create.uuid(), read: false, createdAt: $createdAt})
merge (n)-[:NOTIFIED]->(u)
merge (p)-[:NOTIFIED]->(n)
`
await session.run(cypher, {
idsOfMentionedUsers,
createdAt,
postId,
})
session.close()
}
const updateHashtagsOfPost = async (postId, hashtags, context) => {
const session = context.driver.session()
// We need two Cypher statements, because the 'MATCH' in the 'cypherDeletePreviousRelations' statement
// functions as an 'if'. In case there is no previous relation, the rest of the commands are omitted
// and no new Hashtags and relations will be created.
const cypherDeletePreviousRelations = `
MATCH (p:Post { id: $postId })-[previousRelations:TAGGED]->(t:Tag)
DELETE previousRelations
RETURN p, t
`
const cypherCreateNewTagsAndRelations = `
MATCH (p:Post { id: $postId})
UNWIND $hashtags AS tagName
MERGE (t:Tag { id: tagName, name: tagName, disabled: false, deleted: false })
MERGE (p)-[:TAGGED]->(t)
RETURN p, t
`
await session.run(cypherDeletePreviousRelations, {
postId,
})
await session.run(cypherCreateNewTagsAndRelations, {
postId,
hashtags,
})
session.close()
}
const handleContentData = async (resolve, root, args, context, resolveInfo) => {
// extract user ids before xss-middleware removes classes via the following "resolve" call
const idsOfMentionedUsers = extractMentionedUsers(args.content)
// extract tag (hashtag) ids before xss-middleware removes classes via the following "resolve" call
const hashtags = extractHashtags(args.content)
// removes classes from the content
const post = await resolve(root, args, context, resolveInfo)
await notify(post.id, idsOfMentionedUsers, context)
await updateHashtagsOfPost(post.id, hashtags, context)
return post
}
export default {
Mutation: {
CreatePost: handleContentData,
UpdatePost: handleContentData,
},
}

285
backend/src/middleware/handleHtmlContent/handleContentData.spec.js Normal file
View File

@ -0,0 +1,285 @@
import { GraphQLClient } from 'graphql-request'
import { host, login, gql } from '../../jest/helpers'
import Factory from '../../seed/factories'
const factory = Factory()
let client
beforeEach(async () => {
await factory.create('User', {
id: 'you',
name: 'Al Capone',
slug: 'al-capone',
email: 'test@example.org',
password: '1234',
})
})
afterEach(async () => {
await factory.cleanDatabase()
})
describe('currentUser { notifications }', () => {
const query = gql`
query($read: Boolean) {
currentUser {
notifications(read: $read, orderBy: createdAt_desc) {
read
post {
content
}
}
}
}
`
describe('authenticated', () => {
let headers
beforeEach(async () => {
headers = await login({
email: 'test@example.org',
password: '1234',
})
client = new GraphQLClient(host, {
headers,
})
})
describe('given another user', () => {
let authorClient
let authorParams
let authorHeaders
beforeEach(async () => {
authorParams = {
email: 'author@example.org',
password: '1234',
id: 'author',
}
await factory.create('User', authorParams)
authorHeaders = await login(authorParams)
})
describe('who mentions me in a post', () => {
let post
const title = 'Mentioning Al Capone'
const content =
'Hey <a class="mention" href="/profile/you/al-capone">@al-capone</a> how do you do?'
beforeEach(async () => {
const createPostMutation = gql`
mutation($title: String!, $content: String!) {
CreatePost(title: $title, content: $content) {
id
title
content
}
}
`
authorClient = new GraphQLClient(host, {
headers: authorHeaders,
})
const { CreatePost } = await authorClient.request(createPostMutation, {
title,
content,
})
post = CreatePost
})
it('sends you a notification', async () => {
const expectedContent =
'Hey <a href="/profile/you/al-capone" target="_blank">@al-capone</a> how do you do?'
const expected = {
currentUser: {
notifications: [
{
read: false,
post: {
content: expectedContent,
},
},
],
},
}
await expect(
client.request(query, {
read: false,
}),
).resolves.toEqual(expected)
})
describe('who mentions me again', () => {
beforeEach(async () => {
const updatedContent = `${post.content} One more mention to <a href="/profile/you" class="mention">@al-capone</a>`
// The response `post.content` contains a link but the XSSmiddleware
// should have the `mention` CSS class removed. I discovered this
// during development and thought: A feature not a bug! This way we
// can encode a re-mentioning of users when you edit your post or
// comment.
const updatePostMutation = gql`
mutation($id: ID!, $title: String!, $content: String!) {
UpdatePost(id: $id, content: $content, title: $title) {
title
content
}
}
`
authorClient = new GraphQLClient(host, {
headers: authorHeaders,
})
await authorClient.request(updatePostMutation, {
id: post.id,
title: post.title,
content: updatedContent,
})
})
it('creates exactly one more notification', async () => {
const expectedContent =
'Hey <a href="/profile/you/al-capone" target="_blank">@al-capone</a> how do you do? One more mention to <a href="/profile/you" target="_blank">@al-capone</a>'
const expected = {
currentUser: {
notifications: [
{
read: false,
post: {
content: expectedContent,
},
},
{
read: false,
post: {
content: expectedContent,
},
},
],
},
}
await expect(
client.request(query, {
read: false,
}),
).resolves.toEqual(expected)
})
})
})
})
})
})
describe('Hashtags', () => {
const postId = 'p135'
const postTitle = 'Two Hashtags'
const postContent =
'<p>Hey Dude, <a class="hashtag" href="/search/hashtag/Democracy">#Democracy</a> should work equal for everybody!? That seems to be the only way to have equal <a class="hashtag" href="/search/hashtag/Liberty">#Liberty</a> for everyone.</p>'
const postWithHastagsQuery = gql`
query($id: ID) {
Post(id: $id) {
tags {
id
name
}
}
}
`
const postWithHastagsVariables = {
id: postId,
}
const createPostMutation = gql`
mutation($postId: ID, $postTitle: String!, $postContent: String!) {
CreatePost(id: $postId, title: $postTitle, content: $postContent) {
id
title
content
}
}
`
describe('authenticated', () => {
let headers
beforeEach(async () => {
headers = await login({
email: 'test@example.org',
password: '1234',
})
client = new GraphQLClient(host, {
headers,
})
})
describe('create a Post with Hashtags', () => {
beforeEach(async () => {
await client.request(createPostMutation, {
postId,
postTitle,
postContent,
})
})
it('both Hashtags are created with the "id" set to thier "name"', async () => {
const expected = [
{
id: 'Democracy',
name: 'Democracy',
},
{
id: 'Liberty',
name: 'Liberty',
},
]
await expect(
client.request(postWithHastagsQuery, postWithHastagsVariables),
).resolves.toEqual({
Post: [
{
tags: expect.arrayContaining(expected),
},
],
})
})
describe('afterwards update the Post by removing a Hashtag, leaving a Hashtag and add a Hashtag', () => {
// The already existing Hashtag has no class at this point.
const updatedPostContent =
'<p>Hey Dude, <a class="hashtag" href="/search/hashtag/Elections">#Elections</a> should work equal for everybody!? That seems to be the only way to have equal <a href="/search/hashtag/Liberty">#Liberty</a> for everyone.</p>'
const updatePostMutation = gql`
mutation($postId: ID!, $postTitle: String!, $updatedPostContent: String!) {
UpdatePost(id: $postId, title: $postTitle, content: $updatedPostContent) {
id
title
content
}
}
`
it('only one previous Hashtag and the new Hashtag exists', async () => {
await client.request(updatePostMutation, {
postId,
postTitle,
updatedPostContent,
})
const expected = [
{
id: 'Elections',
name: 'Elections',
},
{
id: 'Liberty',
name: 'Liberty',
},
]
await expect(
client.request(postWithHastagsQuery, postWithHastagsVariables),
).resolves.toEqual({
Post: [
{
tags: expect.arrayContaining(expected),
},
],
})
})
})
})
})
})

28
backend/src/middleware/handleHtmlContent/hashtags/extractHashtags.js Normal file
View File

@ -0,0 +1,28 @@
import cheerio from 'cheerio'
// formats of a Hashtag:
// https://en.wikipedia.org/w/index.php?title=Hashtag&oldid=905141980#Style
// here:
// 0. Search for whole string.
// 1. Hashtag has only 'a-z', 'A-Z', and '0-9'.
// 2. If it starts with a digit '0-9' than 'a-z', or 'A-Z' has to follow.
const ID_REGEX = /^\/search\/hashtag\/(([a-zA-Z]+[a-zA-Z0-9]*)|([0-9]+[a-zA-Z]+[a-zA-Z0-9]*))$/g
export default function(content) {
if (!content) return []
const $ = cheerio.load(content)
// We can not search for class '.hashtag', because the classes are removed at the 'xss' middleware.
// But we have to know, which Hashtags are removed from the content es well, so we search for the 'a' html-tag.
const urls = $('a')
.map((_, el) => {
return $(el).attr('href')
})
.get()
const hashtags = []
urls.forEach(url => {
let match
while ((match = ID_REGEX.exec(url)) != null) {
hashtags.push(match[1])
}
})
return hashtags
}

57
backend/src/middleware/handleHtmlContent/hashtags/extractHashtags.spec.js Normal file
View File

@ -0,0 +1,57 @@
import extractHashtags from './extractHashtags'
describe('extractHashtags', () => {
describe('content undefined', () => {
it('returns empty array', () => {
expect(extractHashtags()).toEqual([])
})
})
describe('searches through links', () => {
it('finds links with and without ".hashtag" class and extracts Hashtag names', () => {
const content =
'<p><a class="hashtag" href="/search/hashtag/Elections">#Elections</a><a href="/search/hashtag/Democracy">#Democracy</a></p>'
expect(extractHashtags(content)).toEqual(['Elections', 'Democracy'])
})
it('ignores mentions', () => {
const content =
'<p>Something inspirational about <a href="/profile/u2" target="_blank">@bob-der-baumeister</a> and <a href="/profile/u3/jenny-rostock" class="mention" target="_blank">@jenny-rostock</a>.</p>'
expect(extractHashtags(content)).toEqual([])
})
describe('handles links', () => {
it('ignores links with domains', () => {
const content =
'<p><a class="hashtag" href="http://localhost:3000/search/hashtag/Elections">#Elections</a><a href="/search/hashtag/Democracy">#Democracy</a></p>'
expect(extractHashtags(content)).toEqual(['Democracy'])
})
it('ignores Hashtag links with not allowed character combinations', () => {
const content =
'<p>Something inspirational about <a href="/search/hashtag/AbcDefXyz0123456789!*(),2" class="hashtag" target="_blank">#AbcDefXyz0123456789!*(),2</a>, <a href="/search/hashtag/0123456789" class="hashtag" target="_blank">#0123456789</a>, <a href="/search/hashtag/0123456789a" class="hashtag" target="_blank">#0123456789a</a> and <a href="/search/hashtag/AbcDefXyz0123456789" target="_blank">#AbcDefXyz0123456789</a>.</p>'
expect(extractHashtags(content)).toEqual(['0123456789a', 'AbcDefXyz0123456789'])
})
})
describe('does not crash if', () => {
it('`href` contains no Hashtag name', () => {
const content =
'<p>Something inspirational about <a href="/search/hashtag/" target="_blank">#Democracy</a> and <a href="/search/hashtag" target="_blank">#liberty</a>.</p>'
expect(extractHashtags(content)).toEqual([])
})
it('`href` contains Hashtag as page anchor', () => {
const content =
'<p>Something inspirational about <a href="https://www.example.org/#anchor" target="_blank">#anchor</a>.</p>'
expect(extractHashtags(content)).toEqual([])
})
it('`href` is empty or invalid', () => {
const content =
'<p>Something inspirational about <a href="" class="hashtag" target="_blank">@bob-der-baumeister</a> and <a href="not-a-url" target="_blank">@jenny-rostock</a>.</p>'
expect(extractHashtags(content)).toEqual([])
})
})
})
})

0
backend/src/middleware/notifications/extractIds/index.js → backend/src/middleware/handleHtmlContent/notifications/extractMentionedUsers.js
View File

20
backend/src/middleware/notifications/extractIds/spec.js → backend/src/middleware/handleHtmlContent/notifications/extractMentionedUsers.spec.js
View File

@ -1,9 +1,9 @@
import extractIds from '.'
import extractMentionedUsers from './extractMentionedUsers'
describe('extractIds', () => {
describe('extractMentionedUsers', () => {
describe('content undefined', () => {
it('returns empty array', () => {
expect(extractIds()).toEqual([])
expect(extractMentionedUsers()).toEqual([])
})
})
@ -11,33 +11,33 @@ describe('extractIds', () => {
it('ignores links without .mention class', () => {
const content =
'<p>Something inspirational about <a href="/profile/u2" target="_blank">@bob-der-baumeister</a> and <a href="/profile/u3" target="_blank">@jenny-rostock</a>.</p>'
expect(extractIds(content)).toEqual([])
expect(extractMentionedUsers(content)).toEqual([])
})
describe('given a link with .mention class', () => {
it('extracts ids', () => {
const content =
'<p>Something inspirational about <a href="/profile/u2" class="mention" target="_blank">@bob-der-baumeister</a> and <a href="/profile/u3/jenny-rostock" class="mention" target="_blank">@jenny-rostock</a>.</p>'
expect(extractIds(content)).toEqual(['u2', 'u3'])
expect(extractMentionedUsers(content)).toEqual(['u2', 'u3'])
})
describe('handles links', () => {
it('with slug and id', () => {
const content =
'<p>Something inspirational about <a href="/profile/u2/bob-der-baumeister" class="mention" target="_blank">@bob-der-baumeister</a> and <a href="/profile/u3/jenny-rostock/" class="mention" target="_blank">@jenny-rostock</a>.</p>'
expect(extractIds(content)).toEqual(['u2', 'u3'])
expect(extractMentionedUsers(content)).toEqual(['u2', 'u3'])
})
it('with domains', () => {
const content =
'<p>Something inspirational about <a href="http://localhost:3000/profile/u2/bob-der-baumeister" class="mention" target="_blank">@bob-der-baumeister</a> and <a href="http://localhost:3000//profile/u3/jenny-rostock/" class="mention" target="_blank">@jenny-rostock</a>.</p>'
expect(extractIds(content)).toEqual(['u2', 'u3'])
expect(extractMentionedUsers(content)).toEqual(['u2', 'u3'])
})
it('special characters', () => {
const content =
'<p>Something inspirational about <a href="http://localhost:3000/profile/u!*(),2/bob-der-baumeister" class="mention" target="_blank">@bob-der-baumeister</a> and <a href="http://localhost:3000//profile/u.~-3/jenny-rostock/" class="mention" target="_blank">@jenny-rostock</a>.</p>'
expect(extractIds(content)).toEqual(['u!*(),2', 'u.~-3'])
expect(extractMentionedUsers(content)).toEqual(['u!*(),2', 'u.~-3'])
})
})
@ -45,13 +45,13 @@ describe('extractIds', () => {
it('`href` contains no user id', () => {
const content =
'<p>Something inspirational about <a href="/profile" class="mention" target="_blank">@bob-der-baumeister</a> and <a href="/profile/" class="mention" target="_blank">@jenny-rostock</a>.</p>'
expect(extractIds(content)).toEqual([])
expect(extractMentionedUsers(content)).toEqual([])
})
it('`href` is empty or invalid', () => {
const content =
'<p>Something inspirational about <a href="" class="mention" target="_blank">@bob-der-baumeister</a> and <a href="not-a-url" class="mention" target="_blank">@jenny-rostock</a>.</p>'
expect(extractIds(content)).toEqual([])
expect(extractMentionedUsers(content)).toEqual([])
})
})
})

21
backend/src/middleware/index.js
View File

@ -1,6 +1,7 @@
import { applyMiddleware } from 'graphql-middleware'
import CONFIG from './../config'
import activityPub from './activityPubMiddleware'
import password from './passwordMiddleware'
import softDelete from './softDeleteMiddleware'
import sluggify from './sluggifyMiddleware'
import excerpt from './excerptMiddleware'
@ -10,35 +11,36 @@ import permissions from './permissionsMiddleware'
import user from './userMiddleware'
import includedFields from './includedFieldsMiddleware'
import orderBy from './orderByMiddleware'
import validation from './validation'
import notifications from './notifications'
import validation from './validation/validationMiddleware'
import handleContentData from './handleHtmlContent/handleContentData'
import email from './email/emailMiddleware'
export default schema => {
const middlewares = {
permissions: permissions,
activityPub: activityPub,
password: password,
dateTime: dateTime,
validation: validation,
sluggify: sluggify,
excerpt: excerpt,
notifications: notifications,
handleContentData: handleContentData,
xss: xss,
softDelete: softDelete,
user: user,
includedFields: includedFields,
orderBy: orderBy,
email: email({ isEnabled: CONFIG.SMTP_HOST && CONFIG.SMTP_PORT }),
}
let order = [
'permissions',
'activityPub',
'password',
// 'activityPub', disabled temporarily
'dateTime',
'validation',
'sluggify',
'excerpt',
'notifications',
'email',
'handleContentData',
'xss',
'softDelete',
'user',
@ -56,5 +58,6 @@ export default schema => {
console.log(`Warning: "${disabledMiddlewares}" middlewares have been disabled.`)
}
return order.map(key => middlewares[key])
const appliedMiddlewares = order.map(key => middlewares[key])
return applyMiddleware(schema, ...appliedMiddlewares)
}

30
backend/src/middleware/notifications/index.js
View File

@ -1,30 +0,0 @@
import extractIds from './extractIds'
const notify = async (resolve, root, args, context, resolveInfo) => {
// extract user ids before xss-middleware removes link classes
const ids = extractIds(args.content)
const post = await resolve(root, args, context, resolveInfo)
const session = context.driver.session()
const { id: postId } = post
const createdAt = new Date().toISOString()
const cypher = `
match(u:User) where u.id in $ids
match(p:Post) where p.id = $postId
create(n:Notification{id: apoc.create.uuid(), read: false, createdAt: $createdAt})
merge (n)-[:NOTIFIED]->(u)
merge (p)-[:NOTIFIED]->(n)
`
await session.run(cypher, { ids, createdAt, postId })
session.close()
return post
}
export default {
Mutation: {
CreatePost: notify,
UpdatePost: notify,
},
}

130
backend/src/middleware/notifications/spec.js
View File

@ -1,130 +0,0 @@
import { GraphQLClient } from 'graphql-request'
import { host, login } from '../../jest/helpers'
import Factory from '../../seed/factories'
const factory = Factory()
let client
beforeEach(async () => {
await factory.create('User', {
id: 'you',
name: 'Al Capone',
slug: 'al-capone',
email: 'test@example.org',
password: '1234',
})
})
afterEach(async () => {
await factory.cleanDatabase()
})
describe('currentUser { notifications }', () => {
const query = `query($read: Boolean) {
currentUser {
notifications(read: $read, orderBy: createdAt_desc) {
read
post {
content
}
}
}
}`
describe('authenticated', () => {
let headers
beforeEach(async () => {
headers = await login({ email: 'test@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
describe('given another user', () => {
let authorClient
let authorParams
let authorHeaders
beforeEach(async () => {
authorParams = {
email: 'author@example.org',
password: '1234',
id: 'author',
}
await factory.create('User', authorParams)
authorHeaders = await login(authorParams)
})
describe('who mentions me in a post', () => {
let post
const title = 'Mentioning Al Capone'
const content =
'Hey <a class="mention" href="/profile/you/al-capone">@al-capone</a> how do you do?'
beforeEach(async () => {
const createPostMutation = `
mutation($title: String!, $content: String!) {
CreatePost(title: $title, content: $content) {
id
title
content
}
}
`
authorClient = new GraphQLClient(host, { headers: authorHeaders })
const { CreatePost } = await authorClient.request(createPostMutation, { title, content })
post = CreatePost
})
it('sends you a notification', async () => {
const expectedContent =
'Hey <a href="/profile/you/al-capone" target="_blank">@al-capone</a> how do you do?'
const expected = {
currentUser: {
notifications: [{ read: false, post: { content: expectedContent } }],
},
}
await expect(client.request(query, { read: false })).resolves.toEqual(expected)
})
describe('who mentions me again', () => {
beforeEach(async () => {
const updatedContent = `${post.content} One more mention to <a href="/profile/you" class="mention">@al-capone</a>`
const updatedTitle = 'this post has been updated'
// The response `post.content` contains a link but the XSSmiddleware
// should have the `mention` CSS class removed. I discovered this
// during development and thought: A feature not a bug! This way we
// can encode a re-mentioning of users when you edit your post or
// comment.
const updatePostMutation = `
mutation($id: ID!, $title: String!, $content: String!) {
UpdatePost(id: $id, title: $title, content: $content) {
title
content
}
}
`
authorClient = new GraphQLClient(host, { headers: authorHeaders })
await authorClient.request(updatePostMutation, {
id: post.id,
content: updatedContent,
title: updatedTitle,
})
})
it('creates exactly one more notification', async () => {
const expectedContent =
'Hey <a href="/profile/you/al-capone" target="_blank">@al-capone</a> how do you do? One more mention to <a href="/profile/you" target="_blank">@al-capone</a>'
const expected = {
currentUser: {
notifications: [
{ read: false, post: { content: expectedContent } },
{ read: false, post: { content: expectedContent } },
],
},
}
await expect(client.request(query, { read: false })).resolves.toEqual(expected)
})
})
})
})
})
})

21
backend/src/middleware/passwordMiddleware.js
View File

@ -1,21 +0,0 @@
import bcrypt from 'bcryptjs'
import walkRecursive from '../helpers/walkRecursive'
export default {
Mutation: {
CreateUser: async (resolve, root, args, context, info) => {
args.password = await bcrypt.hashSync(args.password, 10)
const result = await resolve(root, args, context, info)
result.password = '*****'
return result
},
},
Query: async (resolve, root, args, context, info) => {
let result = await resolve(root, args, context, info)
result = walkRecursive(result, ['password', 'privateKey'], () => {
// replace password with asterisk
return '*****'
})
return result
},
}

47
backend/src/middleware/permissionsMiddleware.js
View File

@ -1,4 +1,4 @@
import { rule, shield, deny, allow, or } from 'graphql-shield'
import { rule, shield, deny, allow, and, or, not } from 'graphql-shield'
/*
* TODO: implement
@ -70,6 +70,29 @@ const onlyEnabledContent = rule({
return !(disabled || deleted)
})
const invitationLimitReached = rule({
cache: 'no_cache',
})(async (parent, args, { user, driver }) => {
const session = driver.session()
try {
const result = await session.run(
`
MATCH (user:User {id:$id})-[:GENERATED]->(i:InvitationCode)
RETURN COUNT(i) >= 3 as limitReached
`,
{ id: user.id },
)
const [limitReached] = result.records.map(record => {
return record.get('limitReached')
})
return limitReached
} catch (e) {
throw e
} finally {
session.close()
}
})
const isAuthor = rule({
cache: 'no_cache',
})(async (parent, args, { user, driver }) => {
@ -101,6 +124,12 @@ const isDeletingOwnAccount = rule({
return context.user.id === args.id
})
const noEmailFilter = rule({
cache: 'no_cache',
})(async (_, args) => {
return !('email' in args)
})
// Permissions
const permissions = shield(
{
@ -108,30 +137,30 @@ const permissions = shield(
'*': deny,
findPosts: allow,
Category: allow,
Tag: isAdmin,
Tag: allow,
Report: isModerator,
Notification: isAdmin,
statistics: allow,
currentUser: allow,
Post: or(onlyEnabledContent, isModerator),
Comment: allow,
User: allow,
User: or(noEmailFilter, isAdmin),
isLoggedIn: allow,
Badge: allow,
},
Mutation: {
'*': deny,
login: allow,
SignupByInvitation: allow,
Signup: isAdmin,
SignupVerification: allow,
CreateInvitationCode: and(isAuthenticated, or(not(invitationLimitReached), isAdmin)),
UpdateNotification: belongsToMe,
CreateUser: isAdmin,
UpdateUser: onlyYourself,
CreatePost: isAuthenticated,
UpdatePost: isAuthor,
DeletePost: isAuthor,
report: isAuthenticated,
CreateBadge: isAdmin,
UpdateBadge: isAdmin,
DeleteBadge: isAdmin,
AddUserBadges: isAdmin,
CreateSocialMedia: isAuthenticated,
DeleteSocialMedia: isAuthenticated,
// AddBadgeRewarded: isAdmin,
@ -154,8 +183,6 @@ const permissions = shield(
},
User: {
email: isMyOwn,
password: isMyOwn,
privateKey: isMyOwn,
},
},
{

8
backend/src/middleware/sluggifyMiddleware.js
View File

@ -13,6 +13,10 @@ const isUniqueFor = (context, type) => {
export default {
Mutation: {
SignupVerification: async (resolve, root, args, context, info) => {
args.slug = args.slug || (await uniqueSlug(args.name, isUniqueFor(context, 'User')))
return resolve(root, args, context, info)
},
CreatePost: async (resolve, root, args, context, info) => {
args.slug = args.slug || (await uniqueSlug(args.title, isUniqueFor(context, 'Post')))
return resolve(root, args, context, info)
@ -21,10 +25,6 @@ export default {
args.slug = args.slug || (await uniqueSlug(args.title, isUniqueFor(context, 'Post')))
return resolve(root, args, context, info)
},
CreateUser: async (resolve, root, args, context, info) => {
args.slug = args.slug || (await uniqueSlug(args.name, isUniqueFor(context, 'User')))
return resolve(root, args, context, info)
},
CreateOrganization: async (resolve, root, args, context, info) => {
args.slug = args.slug || (await uniqueSlug(args.name, isUniqueFor(context, 'Organization')))
return resolve(root, args, context, info)

34
backend/src/middleware/slugifyMiddleware.spec.js
View File

@ -1,10 +1,12 @@
import { GraphQLClient } from 'graphql-request'
import Factory from '../seed/factories'
import { host, login } from '../jest/helpers'
import { neode } from '../bootstrap/neo4j'
let authenticatedClient
let headers
const factory = Factory()
const instance = neode()
beforeEach(async () => {
const adminParams = { role: 'admin', email: 'admin@example.org', password: '1234' }
@ -76,33 +78,41 @@ describe('slugify', () => {
})
})
describe('CreateUser', () => {
const action = async (mutation, params) => {
return authenticatedClient.request(`mutation {
${mutation}(password: "yo", email: "123@123.de", ${params}) { slug }
}`)
describe('SignupVerification', () => {
const mutation = `mutation($password: String!, $email: String!, $name: String!, $slug: String, $nonce: String!) {
SignupVerification(email: $email, password: $password, name: $name, slug: $slug, nonce: $nonce) { slug }
}
`
const action = async variables => {
// required for SignupVerification
await instance.create('EmailAddress', { email: '123@example.org', nonce: '123456' })
const defaultVariables = { nonce: '123456', password: 'yo', email: '123@example.org' }
return authenticatedClient.request(mutation, { ...defaultVariables, ...variables })
}
it('generates a slug based on name', async () => {
await expect(action('CreateUser', 'name: "I am a user"')).resolves.toEqual({
CreateUser: { slug: 'i-am-a-user' },
await expect(action({ name: 'I am a user' })).resolves.toEqual({
SignupVerification: { slug: 'i-am-a-user' },
})
})
describe('if slug exists', () => {
beforeEach(async () => {
await action('CreateUser', 'name: "Pre-existing user", slug: "pre-existing-user"')
await factory.create('User', { name: 'pre-existing user', slug: 'pre-existing-user' })
})
it('chooses another slug', async () => {
await expect(action('CreateUser', 'name: "pre-existing-user"')).resolves.toEqual({
CreateUser: { slug: 'pre-existing-user-1' },
await expect(action({ name: 'pre-existing-user' })).resolves.toEqual({
SignupVerification: { slug: 'pre-existing-user-1' },
})
})
describe('but if the client specifies a slug', () => {
it('rejects CreateUser', async () => {
it('rejects SignupVerification', async () => {
await expect(
action('CreateUser', 'name: "Pre-existing user", slug: "pre-existing-user"'),
action({ name: 'Pre-existing user', slug: 'pre-existing-user' }),
).rejects.toThrow('already exists')
})
})

2
backend/src/middleware/userMiddleware.js
View File

@ -2,7 +2,7 @@ import createOrUpdateLocations from './nodes/locations'
export default {
Mutation: {
CreateUser: async (resolve, root, args, context, info) => {
SignupVerification: async (resolve, root, args, context, info) => {
const result = await resolve(root, args, context, info)
await createOrUpdateLocations(args.id, args.locationName, context.driver)
return result

13
backend/src/middleware/validation/index.js
View File

@ -1,16 +1,5 @@
import { UserInputError } from 'apollo-server'
const USERNAME_MIN_LENGTH = 3
const validateUsername = async (resolve, root, args, context, info) => {
if (!('name' in args) || (args.name && args.name.length >= USERNAME_MIN_LENGTH)) {
/* eslint-disable-next-line no-return-await */
return await resolve(root, args, context, info)
} else {
throw new UserInputError(`Username must be at least ${USERNAME_MIN_LENGTH} characters long!`)
}
}
const validateUrl = async (resolve, root, args, context, info) => {
const { url } = args
const isValid = url.match(/^(?:https?:\/\/)(?:[^@\n])?(?:www\.)?([^:/\n?]+)/g)
@ -24,8 +13,6 @@ const validateUrl = async (resolve, root, args, context, info) => {
export default {
Mutation: {
CreateUser: validateUsername,
UpdateUser: validateUsername,
CreateSocialMedia: validateUrl,
},
}

53
backend/src/middleware/validation/validationMiddleware.js Normal file
View File

@ -0,0 +1,53 @@
import { UserInputError } from 'apollo-server'
import Joi from '@hapi/joi'
const COMMENT_MIN_LENGTH = 1
const NO_POST_ERR_MESSAGE = 'Comment cannot be created without a post!'
const validate = schema => {
return async (resolve, root, args, context, info) => {
const validation = schema.validate(args)
if (validation.error) throw new UserInputError(validation.error)
return resolve(root, args, context, info)
}
}
const socialMediaSchema = Joi.object().keys({
url: Joi.string()
.uri()
.required(),
})
const validateCommentCreation = async (resolve, root, args, context, info) => {
const content = args.content.replace(/<(?:.|\n)*?>/gm, '').trim()
const { postId } = args
if (!args.content || content.length < COMMENT_MIN_LENGTH) {
throw new UserInputError(`Comment must be at least ${COMMENT_MIN_LENGTH} character long!`)
}
const session = context.driver.session()
const postQueryRes = await session.run(
`
MATCH (post:Post {id: $postId})
RETURN post`,
{
postId,
},
)
const [post] = postQueryRes.records.map(record => {
return record.get('post')
})
if (!post) {
throw new UserInputError(NO_POST_ERR_MESSAGE)
} else {
return resolve(root, args, context, info)
}
}
export default {
Mutation: {
CreateSocialMedia: validate(socialMediaSchema),
CreateComment: validateCommentCreation,
},
}

7
backend/src/models/Badge.js Normal file
View File

@ -0,0 +1,7 @@
module.exports = {
id: { type: 'string', primary: true, lowercase: true },
status: { type: 'string', valid: ['permanent', 'temporary'] },
type: { type: 'string', valid: ['role', 'crowdfunding'] },
icon: { type: 'string', required: true },
createdAt: { type: 'string', isoDate: true, default: () => new Date().toISOString() },
}

13
backend/src/models/EmailAddress.js Normal file
View File

@ -0,0 +1,13 @@
module.exports = {
email: { type: 'string', primary: true, lowercase: true, email: true },
createdAt: { type: 'string', isoDate: true, default: () => new Date().toISOString() },
verifiedAt: { type: 'string', isoDate: true },
nonce: { type: 'string', token: true },
belongsTo: {
type: 'relationship',
relationship: 'BELONGS_TO',
target: 'User',
direction: 'out',
eager: true,
},
}

16
backend/src/models/InvitationCode.js Normal file
View File

@ -0,0 +1,16 @@
module.exports = {
createdAt: { type: 'string', isoDate: true, default: () => new Date().toISOString() },
token: { type: 'string', primary: true, token: true },
generatedBy: {
type: 'relationship',
relationship: 'GENERATED',
target: 'User',
direction: 'in',
},
activated: {
type: 'relationship',
relationship: 'ACTIVATED',
target: 'EmailAddress',
direction: 'out',
},
}

59
backend/src/models/User.js Normal file
View File

@ -0,0 +1,59 @@
import uuid from 'uuid/v4'
module.exports = {
id: { type: 'string', primary: true, default: uuid }, // TODO: should be type: 'uuid' but simplified for our tests
actorId: { type: 'string', allow: [null] },
name: { type: 'string', min: 3 },
slug: 'string',
encryptedPassword: 'string',
avatar: { type: 'string', allow: [null] },
coverImg: { type: 'string', allow: [null] },
deleted: { type: 'boolean', default: false },
disabled: { type: 'boolean', default: false },
role: { type: 'string', default: 'user' },
publicKey: 'string',
privateKey: 'string',
wasInvited: 'boolean',
wasSeeded: 'boolean',
locationName: { type: 'string', allow: [null] },
about: { type: 'string', allow: [null] },
primaryEmail: {
type: 'relationship',
relationship: 'PRIMARY_EMAIL',
target: 'EmailAddress',
direction: 'out',
},
following: {
type: 'relationship',
relationship: 'FOLLOWS',
target: 'User',
direction: 'out',
},
followedBy: {
type: 'relationship',
relationship: 'FOLLOWS',
target: 'User',
direction: 'in',
},
friends: { type: 'relationship', relationship: 'FRIENDS', target: 'User', direction: 'both' },
disabledBy: {
type: 'relationship',
relationship: 'DISABLED',
target: 'User',
direction: 'in',
},
rewarded: {
type: 'relationship',
relationship: 'REWARDED',
target: 'Badge',
direction: 'in',
},
invitedBy: { type: 'relationship', relationship: 'INVITED', target: 'User', direction: 'in' },
createdAt: { type: 'string', isoDate: true, default: () => new Date().toISOString() },
updatedAt: {
type: 'string',
isoDate: true,
required: true,
default: () => new Date().toISOString(),
},
}

20
backend/src/models/User.spec.js Normal file
View File

@ -0,0 +1,20 @@
import Factory from '../seed/factories'
import { neode } from '../bootstrap/neo4j'
const factory = Factory()
const instance = neode()
afterEach(async () => {
await factory.cleanDatabase()
})
describe('role', () => {
it('defaults to `user`', async () => {
const user = await instance.create('User', { name: 'John' })
await expect(user.toJson()).resolves.toEqual(
expect.objectContaining({
role: 'user',
}),
)
})
})

8
backend/src/models/index.js Normal file
View File

@ -0,0 +1,8 @@
// NOTE: We cannot use `fs` here to clean up the code. Cypress breaks on any npm
// module that is not browser-compatible. Node's `fs` module is server-side only
export default {
Badge: require('./Badge.js'),
User: require('./User.js'),
InvitationCode: require('./InvitationCode.js'),
EmailAddress: require('./EmailAddress.js'),
}

20
backend/src/schema/index.js
View File

@ -12,10 +12,26 @@ export default applyScalars(
resolvers,
config: {
query: {
exclude: ['Notfication', 'Statistics', 'LoggedInUser'],
exclude: [
'Badge',
'InvitationCode',
'EmailAddress',
'Notfication',
'Statistics',
'LoggedInUser',
],
// add 'User' here as soon as possible
},
mutation: {
exclude: ['Notfication', 'Statistics', 'LoggedInUser'],
exclude: [
'Badge',
'InvitationCode',
'EmailAddress',
'Notfication',
'Statistics',
'LoggedInUser',
],
// add 'User' here as soon as possible
},
debug: CONFIG.DEBUG,
},

9
backend/src/schema/resolvers/badges.js Normal file
View File

@ -0,0 +1,9 @@
import { neo4jgraphql } from 'neo4j-graphql-js'
export default {
Query: {
Badge: async (object, args, context, resolveInfo) => {
return neo4jgraphql(object, args, context, resolveInfo, false)
},
},
}

200
backend/src/schema/resolvers/badges.spec.js
View File

@ -1,200 +0,0 @@
import { GraphQLClient } from 'graphql-request'
import Factory from '../../seed/factories'
import { host, login } from '../../jest/helpers'
const factory = Factory()
let client
describe('badges', () => {
beforeEach(async () => {
await factory.create('User', {
email: 'user@example.org',
role: 'user',
password: '1234',
})
await factory.create('User', {
id: 'u2',
role: 'moderator',
email: 'moderator@example.org',
})
await factory.create('User', {
id: 'u3',
role: 'admin',
email: 'admin@example.org',
})
})
afterEach(async () => {
await factory.cleanDatabase()
})
describe('CreateBadge', () => {
const variables = {
id: 'b1',
key: 'indiegogo_en_racoon',
type: 'crowdfunding',
status: 'permanent',
icon: '/img/badges/indiegogo_en_racoon.svg',
}
const mutation = `
mutation(
$id: ID
$key: String!
$type: BadgeType!
$status: BadgeStatus!
$icon: String!
) {
CreateBadge(id: $id, key: $key, type: $type, status: $status, icon: $icon) {
id,
key,
type,
status,
icon
}
}
`
describe('unauthenticated', () => {
it('throws authorization error', async () => {
client = new GraphQLClient(host)
await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised')
})
})
describe('authenticated admin', () => {
beforeEach(async () => {
const headers = await login({ email: 'admin@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('creates a badge', async () => {
const expected = {
CreateBadge: {
icon: '/img/badges/indiegogo_en_racoon.svg',
id: 'b1',
key: 'indiegogo_en_racoon',
status: 'permanent',
type: 'crowdfunding',
},
}
await expect(client.request(mutation, variables)).resolves.toEqual(expected)
})
})
describe('authenticated moderator', () => {
beforeEach(async () => {
const headers = await login({ email: 'moderator@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('throws authorization error', async () => {
await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised')
})
})
})
describe('UpdateBadge', () => {
beforeEach(async () => {
await factory.authenticateAs({ email: 'admin@example.org', password: '1234' })
await factory.create('Badge', { id: 'b1' })
})
const variables = {
id: 'b1',
key: 'whatever',
}
const mutation = `
mutation($id: ID!, $key: String!) {
UpdateBadge(id: $id, key: $key) {
id
key
}
}
`
describe('unauthenticated', () => {
it('throws authorization error', async () => {
client = new GraphQLClient(host)
await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised')
})
})
describe('authenticated moderator', () => {
beforeEach(async () => {
const headers = await login({ email: 'moderator@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('throws authorization error', async () => {
await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised')
})
})
describe('authenticated admin', () => {
beforeEach(async () => {
const headers = await login({ email: 'admin@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('updates a badge', async () => {
const expected = {
UpdateBadge: {
id: 'b1',
key: 'whatever',
},
}
await expect(client.request(mutation, variables)).resolves.toEqual(expected)
})
})
})
describe('DeleteBadge', () => {
beforeEach(async () => {
await factory.authenticateAs({ email: 'admin@example.org', password: '1234' })
await factory.create('Badge', { id: 'b1' })
})
const variables = {
id: 'b1',
}
const mutation = `
mutation($id: ID!) {
DeleteBadge(id: $id) {
id
}
}
`
describe('unauthenticated', () => {
it('throws authorization error', async () => {
client = new GraphQLClient(host)
await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised')
})
})
describe('authenticated moderator', () => {
beforeEach(async () => {
const headers = await login({ email: 'moderator@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('throws authorization error', async () => {
await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised')
})
})
describe('authenticated admin', () => {
beforeEach(async () => {
const headers = await login({ email: 'admin@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('deletes a badge', async () => {
const expected = {
DeleteBadge: {
id: 'b1',
},
}
await expect(client.request(mutation, variables)).resolves.toEqual(expected)
})
})
})
})

25
backend/src/schema/resolvers/comments.js
View File

@ -1,40 +1,15 @@
import { neo4jgraphql } from 'neo4j-graphql-js'
import { UserInputError } from 'apollo-server'
const COMMENT_MIN_LENGTH = 1
const NO_POST_ERR_MESSAGE = 'Comment cannot be created without a post!'
export default {
Mutation: {
CreateComment: async (object, params, context, resolveInfo) => {
const content = params.content.replace(/<(?:.|\n)*?>/gm, '').trim()
const { postId } = params
// Adding relationship from comment to post by passing in the postId,
// but we do not want to create the comment with postId as an attribute
// because we use relationships for this. So, we are deleting it from params
// before comment creation.
delete params.postId
if (!params.content || content.length < COMMENT_MIN_LENGTH) {
throw new UserInputError(`Comment must be at least ${COMMENT_MIN_LENGTH} character long!`)
}
const session = context.driver.session()
const postQueryRes = await session.run(
`
MATCH (post:Post {id: $postId})
RETURN post`,
{
postId,
},
)
const [post] = postQueryRes.records.map(record => {
return record.get('post')
})
if (!post) {
throw new UserInputError(NO_POST_ERR_MESSAGE)
}
const commentWithoutRelationships = await neo4jgraphql(
object,
params,

50
backend/src/schema/resolvers/comments.spec.js
View File

@ -1,7 +1,6 @@
import gql from 'graphql-tag'
import { GraphQLClient } from 'graphql-request'
import Factory from '../../seed/factories'
import { host, login } from '../../jest/helpers'
import { host, login, gql } from '../../jest/helpers'
const factory = Factory()
let client
@ -9,12 +8,16 @@ let createCommentVariables
let createPostVariables
let createCommentVariablesSansPostId
let createCommentVariablesWithNonExistentPost
let userParams
let authorParams
beforeEach(async () => {
await factory.create('User', {
userParams = {
name: 'TestUser',
email: 'test@example.org',
password: '1234',
})
}
await factory.create('User', userParams)
})
afterEach(async () => {
@ -53,10 +56,7 @@ describe('CreateComment', () => {
describe('authenticated', () => {
let headers
beforeEach(async () => {
headers = await login({
email: 'test@example.org',
password: '1234',
})
headers = await login(userParams)
client = new GraphQLClient(host, {
headers,
})
@ -89,7 +89,7 @@ describe('CreateComment', () => {
const { User } = await client.request(gql`
{
User(email: "test@example.org") {
User(name: "TestUser") {
comments {
content
}
@ -201,15 +201,13 @@ describe('DeleteComment', () => {
}
beforeEach(async () => {
authorParams = {
email: 'author@example.org',
password: '1234',
}
const asAuthor = Factory()
await asAuthor.create('User', {
email: 'author@example.org',
password: '1234',
})
await asAuthor.authenticateAs({
email: 'author@example.org',
password: '1234',
})
await asAuthor.create('User', authorParams)
await asAuthor.authenticateAs(authorParams)
await asAuthor.create('Post', {
id: 'p1',
content: 'Post to be commented',
@ -233,13 +231,8 @@ describe('DeleteComment', () => {
describe('authenticated but not the author', () => {
beforeEach(async () => {
let headers
headers = await login({
email: 'test@example.org',
password: '1234',
})
client = new GraphQLClient(host, {
headers,
})
headers = await login(userParams)
client = new GraphQLClient(host, { headers })
})
it('throws authorization error', async () => {
@ -252,13 +245,8 @@ describe('DeleteComment', () => {
describe('authenticated as author', () => {
beforeEach(async () => {
let headers
headers = await login({
email: 'author@example.org',
password: '1234',
})
client = new GraphQLClient(host, {
headers,
})
headers = await login(authorParams)
client = new GraphQLClient(host, { headers })
})
it('deletes the comment', async () => {

2
backend/src/schema/resolvers/moderation.spec.js
View File

@ -254,7 +254,7 @@ describe('enable', () => {
beforeEach(async () => {
authenticateClient = setupAuthenticateClient({
role: 'moderator',
email: 'someUser@example.org',
email: 'someuser@example.org',
password: '1234',
})
})

40
backend/src/schema/resolvers/passwordReset.js
View File

@ -1,28 +1,11 @@
import uuid from 'uuid/v4'
import bcrypt from 'bcryptjs'
import CONFIG from '../../config'
import nodemailer from 'nodemailer'
import { resetPasswordMail, wrongAccountMail } from './passwordReset/emailTemplates'
const transporter = () => {
const configs = {
host: CONFIG.SMTP_HOST,
port: CONFIG.SMTP_PORT,
ignoreTLS: CONFIG.SMTP_IGNORE_TLS,
secure: false, // true for 465, false for other ports
}
const { SMTP_USERNAME: user, SMTP_PASSWORD: pass } = CONFIG
if (user && pass) {
configs.auth = { user, pass }
}
return nodemailer.createTransport(configs)
}
export async function createPasswordReset(options) {
const { driver, code, email, issuedAt = new Date() } = options
const session = driver.session()
const cypher = `
MATCH (u:User) WHERE u.email = $email
MATCH (u:User)-[:PRIMARY_EMAIL]->(e:EmailAddress {email:$email})
CREATE(pr:PasswordReset {code: $code, issuedAt: datetime($issuedAt), usedAt: NULL})
MERGE (u)-[:REQUESTED]->(pr)
RETURN u
@ -42,27 +25,28 @@ export default {
requestPasswordReset: async (_, { email }, { driver }) => {
const code = uuid().substring(0, 6)
const [user] = await createPasswordReset({ driver, code, email })
if (CONFIG.SMTP_HOST && CONFIG.SMTP_PORT) {
const name = (user && user.name) || ''
const mailTemplate = user ? resetPasswordMail : wrongAccountMail
await transporter().sendMail(mailTemplate({ email, code, name }))
}
return true
const name = (user && user.name) || ''
return { user, code, name, response: true }
},
resetPassword: async (_, { email, code, newPassword }, { driver }) => {
const session = driver.session()
const stillValid = new Date()
stillValid.setDate(stillValid.getDate() - 1)
const newHashedPassword = await bcrypt.hashSync(newPassword, 10)
const encryptedNewPassword = await bcrypt.hashSync(newPassword, 10)
const cypher = `
MATCH (pr:PasswordReset {code: $code})
MATCH (u:User {email: $email})-[:REQUESTED]->(pr)
MATCH (e:EmailAddress {email: $email})<-[:PRIMARY_EMAIL]-(u:User)-[:REQUESTED]->(pr)
WHERE duration.between(pr.issuedAt, datetime()).days <= 0 AND pr.usedAt IS NULL
SET pr.usedAt = datetime()
SET u.password = $newHashedPassword
SET u.encryptedPassword = $encryptedNewPassword
RETURN pr
`
let transactionRes = await session.run(cypher, { stillValid, email, code, newHashedPassword })
let transactionRes = await session.run(cypher, {
stillValid,
email,
code,
encryptedNewPassword,
})
const [reset] = transactionRes.records.map(record => record.get('pr'))
const result = !!(reset && reset.properties.usedAt)
session.close()

100
backend/src/schema/resolvers/posts.spec.js
View File

@ -4,6 +4,9 @@ import { host, login } from '../../jest/helpers'
const factory = Factory()
let client
let userParams
let authorParams
const postTitle = 'I am a title'
const postContent = 'Some content'
const oldTitle = 'Old title'
@ -15,10 +18,11 @@ const createPostWithCategoriesMutation = `
mutation($title: String!, $content: String!, $categoryIds: [ID]) {
CreatePost(title: $title, content: $content, categoryIds: $categoryIds) {
id
title
}
}
`
const creatPostWithCategoriesVariables = {
const createPostWithCategoriesVariables = {
title: postTitle,
content: postContent,
categoryIds: ['cat9', 'cat4', 'cat15'],
@ -32,11 +36,37 @@ const postQueryWithCategories = `
}
}
`
const createPostWithoutCategoriesVariables = {
title: 'This is a post without categories',
content: 'I should be able to filter it out',
categoryIds: null,
}
const postQueryFilteredByCategory = `
query Post($filter: _PostFilter) {
Post(filter: $filter) {
title
id
categories {
id
}
}
}
`
const postCategoriesFilterParam = { categories_some: { id_in: ['cat4'] } }
const postQueryFilteredByCategoryVariables = {
filter: postCategoriesFilterParam,
}
beforeEach(async () => {
await factory.create('User', {
userParams = {
name: 'TestUser',
email: 'test@example.org',
password: '1234',
})
}
authorParams = {
email: 'author@example.org',
password: '1234',
}
await factory.create('User', userParams)
})
afterEach(async () => {
@ -66,7 +96,7 @@ describe('CreatePost', () => {
describe('authenticated', () => {
let headers
beforeEach(async () => {
headers = await login({ email: 'test@example.org', password: '1234' })
headers = await login(userParams)
client = new GraphQLClient(host, { headers })
})
@ -84,7 +114,7 @@ describe('CreatePost', () => {
await client.request(mutation, createPostVariables)
const { User } = await client.request(
`{
User(email:"test@example.org") {
User(name: "TestUser") {
contributions {
title
}
@ -124,7 +154,8 @@ describe('CreatePost', () => {
})
describe('categories', () => {
it('allows a user to set the categories of the post', async () => {
let postWithCategories
beforeEach(async () => {
await Promise.all([
factory.create('Category', {
id: 'cat9',
@ -142,18 +173,39 @@ describe('CreatePost', () => {
icon: 'shopping-cart',
}),
])
const expected = [{ id: 'cat9' }, { id: 'cat4' }, { id: 'cat15' }]
const postWithCategories = await client.request(
postWithCategories = await client.request(
createPostWithCategoriesMutation,
creatPostWithCategoriesVariables,
createPostWithCategoriesVariables,
)
})
it('allows a user to set the categories of the post', async () => {
const expected = [{ id: 'cat9' }, { id: 'cat4' }, { id: 'cat15' }]
const postQueryWithCategoriesVariables = {
id: postWithCategories.CreatePost.id,
}
await expect(
client.request(postQueryWithCategories, postQueryWithCategoriesVariables),
).resolves.toEqual({ Post: [{ categories: expect.arrayContaining(expected) }] })
})
it('allows a user to filter for posts by category', async () => {
await client.request(createPostWithCategoriesMutation, createPostWithoutCategoriesVariables)
const categoryIds = [{ id: 'cat4' }, { id: 'cat15' }, { id: 'cat9' }]
const expected = {
Post: [
{
title: postTitle,
id: postWithCategories.CreatePost.id,
categories: expect.arrayContaining(categoryIds),
},
],
}
await expect(
client.request(postQueryFilteredByCategory, postQueryFilteredByCategoryVariables),
).resolves.toEqual(expected)
})
})
})
})
@ -163,14 +215,8 @@ describe('UpdatePost', () => {
let updatePostVariables
beforeEach(async () => {
const asAuthor = Factory()
await asAuthor.create('User', {
email: 'author@example.org',
password: '1234',
})
await asAuthor.authenticateAs({
email: 'author@example.org',
password: '1234',
})
await asAuthor.create('User', authorParams)
await asAuthor.authenticateAs(authorParams)
await asAuthor.create('Post', {
id: 'p1',
title: oldTitle,
@ -205,7 +251,7 @@ describe('UpdatePost', () => {
describe('authenticated but not the author', () => {
let headers
beforeEach(async () => {
headers = await login({ email: 'test@example.org', password: '1234' })
headers = await login(userParams)
client = new GraphQLClient(host, { headers })
})
@ -219,7 +265,7 @@ describe('UpdatePost', () => {
describe('authenticated as author', () => {
let headers
beforeEach(async () => {
headers = await login({ email: 'author@example.org', password: '1234' })
headers = await login(authorParams)
client = new GraphQLClient(host, { headers })
})
@ -257,7 +303,7 @@ describe('UpdatePost', () => {
])
postWithCategories = await client.request(
createPostWithCategoriesMutation,
creatPostWithCategoriesVariables,
createPostWithCategoriesVariables,
)
updatePostVariables = {
id: postWithCategories.CreatePost.id,
@ -297,14 +343,8 @@ describe('DeletePost', () => {
beforeEach(async () => {
const asAuthor = Factory()
await asAuthor.create('User', {
email: 'author@example.org',
password: '1234',
})
await asAuthor.authenticateAs({
email: 'author@example.org',
password: '1234',
})
await asAuthor.create('User', authorParams)
await asAuthor.authenticateAs(authorParams)
await asAuthor.create('Post', {
id: 'p1',
content: 'To be deleted',
@ -321,7 +361,7 @@ describe('DeletePost', () => {
describe('authenticated but not the author', () => {
let headers
beforeEach(async () => {
headers = await login({ email: 'test@example.org', password: '1234' })
headers = await login(userParams)
client = new GraphQLClient(host, { headers })
})
@ -333,7 +373,7 @@ describe('DeletePost', () => {
describe('authenticated as author', () => {
let headers
beforeEach(async () => {
headers = await login({ email: 'author@example.org', password: '1234' })
headers = await login(authorParams)
client = new GraphQLClient(host, { headers })
})

107
backend/src/schema/resolvers/registration.js Normal file
View File

@ -0,0 +1,107 @@
import { UserInputError } from 'apollo-server'
import uuid from 'uuid/v4'
import { neode } from '../../bootstrap/neo4j'
import fileUpload from './fileUpload'
import encryptPassword from '../../helpers/encryptPassword'
const instance = neode()
/*
* TODO: remove this function as soon type `User` has no `email` property
* anymore
*/
const checkEmailDoesNotExist = async ({ email }) => {
email = email.toLowerCase()
const emails = await instance.all('EmailAddress', { email })
if (emails.length > 0) throw new UserInputError('User account with this email already exists.')
}
export default {
Mutation: {
CreateInvitationCode: async (parent, args, context, resolveInfo) => {
args.token = uuid().substring(0, 6)
const {
user: { id: userId },
} = context
let response
try {
const [user, invitationCode] = await Promise.all([
instance.find('User', userId),
instance.create('InvitationCode', args),
])
await invitationCode.relateTo(user, 'generatedBy')
response = invitationCode.toJson()
response.generatedBy = user.toJson()
} catch (e) {
throw new UserInputError(e)
}
return response
},
Signup: async (parent, args, context, resolveInfo) => {
const nonce = uuid().substring(0, 6)
args.nonce = nonce
await checkEmailDoesNotExist({ email: args.email })
try {
const emailAddress = await instance.create('EmailAddress', args)
return { response: emailAddress.toJson(), nonce }
} catch (e) {
throw new UserInputError(e.message)
}
},
SignupByInvitation: async (parent, args, context, resolveInfo) => {
const { token } = args
const nonce = uuid().substring(0, 6)
args.nonce = nonce
await checkEmailDoesNotExist({ email: args.email })
try {
const result = await instance.cypher(
`
MATCH (invitationCode:InvitationCode {token:{token}})
WHERE NOT (invitationCode)-[:ACTIVATED]->()
RETURN invitationCode
`,
{ token },
)
const validInvitationCode = instance.hydrateFirst(
result,
'invitationCode',
instance.model('InvitationCode'),
)
if (!validInvitationCode)
throw new UserInputError('Invitation code already used or does not exist.')
const emailAddress = await instance.create('EmailAddress', args)
await validInvitationCode.relateTo(emailAddress, 'activated')
return { response: emailAddress.toJson(), nonce }
} catch (e) {
throw new UserInputError(e)
}
},
SignupVerification: async (object, args, context, resolveInfo) => {
let { nonce, email } = args
email = email.toLowerCase()
const result = await instance.cypher(
`
MATCH(email:EmailAddress {nonce: {nonce}, email: {email}})
WHERE NOT (email)-[:BELONGS_TO]->()
RETURN email
`,
{ nonce, email },
)
const emailAddress = await instance.hydrateFirst(result, 'email', instance.model('Email'))
if (!emailAddress) throw new UserInputError('Invalid email or nonce')
args = await fileUpload(args, { file: 'avatarUpload', url: 'avatar' })
args = await encryptPassword(args)
try {
const user = await instance.create('User', args)
await Promise.all([
user.relateTo(emailAddress, 'primaryEmail'),
emailAddress.relateTo(user, 'belongsTo'),
emailAddress.update({ verifiedAt: new Date().toISOString() }),
])
return user.toJson()
} catch (e) {
throw new UserInputError(e.message)
}
},
},
}

404
backend/src/schema/resolvers/registration.spec.js Normal file
View File

@ -0,0 +1,404 @@
import { GraphQLClient } from 'graphql-request'
import Factory from '../../seed/factories'
import { host, login } from '../../jest/helpers'
import { neode } from '../../bootstrap/neo4j'
let factory
let client
let variables
let action
let userParams
const instance = neode()
beforeEach(async () => {
variables = {}
factory = Factory()
})
afterEach(async () => {
await factory.cleanDatabase()
})
describe('CreateInvitationCode', () => {
const mutation = `mutation { CreateInvitationCode { token } }`
it('throws Authorization error', async () => {
const client = new GraphQLClient(host)
await expect(client.request(mutation)).rejects.toThrow('Not Authorised!')
})
describe('authenticated', () => {
beforeEach(async () => {
userParams = {
id: 'i123',
name: 'Inviter',
email: 'inviter@example.org',
password: '1234',
}
action = async () => {
const factory = Factory()
await factory.create('User', userParams)
const headers = await login(userParams)
client = new GraphQLClient(host, { headers })
return client.request(mutation)
}
})
it('resolves', async () => {
await expect(action()).resolves.toEqual({
CreateInvitationCode: { token: expect.any(String) },
})
})
it('creates an InvitationCode with a `createdAt` attribute', async () => {
await action()
const codes = await instance.all('InvitationCode')
const invitation = await codes.first().toJson()
expect(invitation.createdAt).toBeTruthy()
expect(Date.parse(invitation.createdAt)).toEqual(expect.any(Number))
})
it('relates inviting User to InvitationCode', async () => {
await action()
const result = await instance.cypher(
'MATCH(code:InvitationCode)<-[:GENERATED]-(user:User) RETURN user',
)
const inviter = instance.hydrateFirst(result, 'user', instance.model('User'))
await expect(inviter.toJson()).resolves.toEqual(expect.objectContaining({ name: 'Inviter' }))
})
describe('who has invited a lot of users already', () => {
beforeEach(() => {
action = async () => {
const factory = Factory()
await factory.create('User', userParams)
const headers = await login(userParams)
client = new GraphQLClient(host, { headers })
await Promise.all(
[1, 2, 3].map(() => {
return client.request(mutation)
}),
)
return client.request(mutation, variables)
}
})
describe('as ordinary `user`', () => {
it('throws `Not Authorised` because of maximum number of invitations', async () => {
await expect(action()).rejects.toThrow('Not Authorised')
})
it('creates no additional invitation codes', async done => {
try {
await action()
} catch (e) {
const invitationCodes = await instance.all('InvitationCode')
await expect(invitationCodes.toJson()).resolves.toHaveLength(3)
done()
}
})
})
describe('as a strong donator', () => {
beforeEach(() => {
// What is the setup?
})
it.todo('can invite more people')
// it('can invite more people', async () => {
// await action()
// const invitationQuery = `{ User { createdAt } }`
// const { User: users } = await client.request(invitationQuery )
// expect(users).toHaveLength(3 + 1 + 1)
// })
})
})
})
})
describe('SignupByInvitation', () => {
const mutation = `mutation($email: String!, $token: String!) {
SignupByInvitation(email: $email, token: $token) { email }
}`
beforeEach(() => {
client = new GraphQLClient(host)
action = async () => {
return client.request(mutation, variables)
}
})
describe('with valid email but invalid InvitationCode', () => {
beforeEach(() => {
variables.email = 'any-email@example.org'
variables.token = 'wut?'
})
it('throws UserInputError', async () => {
await expect(action()).rejects.toThrow('Invitation code already used or does not exist.')
})
})
describe('with valid InvitationCode', () => {
beforeEach(async () => {
const inviterParams = {
name: 'Inviter',
email: 'inviter@example.org',
password: '1234',
}
const factory = Factory()
await factory.create('User', inviterParams)
const headersOfInviter = await login(inviterParams)
const anotherClient = new GraphQLClient(host, { headers: headersOfInviter })
const invitationMutation = `mutation { CreateInvitationCode { token } }`
const {
CreateInvitationCode: { token },
} = await anotherClient.request(invitationMutation)
variables.token = token
})
describe('given an invalid email', () => {
beforeEach(() => {
variables.email = 'someuser'
})
it('throws `email is not a valid email`', async () => {
await expect(action()).rejects.toThrow('"email" must be a valid email')
})
it('creates no additional EmailAddress node', async done => {
try {
await action()
} catch (e) {
let emailAddresses = await instance.all('EmailAddress')
emailAddresses = await emailAddresses.toJson
expect(emailAddresses).toHaveLength(0)
done()
}
})
})
describe('given a valid email', () => {
beforeEach(() => {
variables.email = 'someUser@example.org'
})
it('resolves', async () => {
await expect(action()).resolves.toEqual({
SignupByInvitation: { email: 'someuser@example.org' },
})
})
describe('creates a EmailAddress node', () => {
it('with a `createdAt` attribute', async () => {
await action()
let emailAddress = await instance.first('EmailAddress', { email: 'someuser@example.org' })
emailAddress = await emailAddress.toJson()
expect(emailAddress.createdAt).toBeTruthy()
expect(Date.parse(emailAddress.createdAt)).toEqual(expect.any(Number))
})
it('with a cryptographic `nonce`', async () => {
await action()
let emailAddress = await instance.first('EmailAddress', { email: 'someuser@example.org' })
emailAddress = await emailAddress.toJson()
expect(emailAddress.nonce).toEqual(expect.any(String))
})
it('connects inviter through invitation code', async () => {
await action()
const result = await instance.cypher(
'MATCH(inviter:User)-[:GENERATED]->(:InvitationCode)-[:ACTIVATED]->(email:EmailAddress {email: {email}}) RETURN inviter',
{ email: 'someuser@example.org' },
)
const inviter = instance.hydrateFirst(result, 'inviter', instance.model('User'))
await expect(inviter.toJson()).resolves.toEqual(
expect.objectContaining({ name: 'Inviter' }),
)
})
describe('using the same InvitationCode twice', () => {
it('rejects because codes can be used only once', async done => {
await action()
try {
variables.email = 'yetanotheremail@example.org'
await action()
} catch (e) {
expect(e.message).toMatch(/Invitation code already used/)
done()
}
})
})
describe('if a user account with the given email already exists', () => {
beforeEach(async () => {
await factory.create('User', { email: 'someuser@example.org' })
})
it('throws unique violation error', async () => {
await expect(action()).rejects.toThrow('User account with this email already exists.')
})
})
describe('if the EmailAddress already exists but without user account', () => {
// shall we re-send the registration email?
it.todo('decide what to do')
})
})
})
})
})
describe('Signup', () => {
const mutation = `mutation($email: String!) {
Signup(email: $email) { email }
}`
it('throws AuthorizationError', async () => {
client = new GraphQLClient(host)
await expect(
client.request(mutation, { email: 'get-me-a-user-account@example.org' }),
).rejects.toThrow('Not Authorised')
})
describe('as admin', () => {
beforeEach(async () => {
userParams = {
role: 'admin',
email: 'admin@example.org',
password: '1234',
}
variables.email = 'someuser@example.org'
const factory = Factory()
await factory.create('User', userParams)
const headers = await login(userParams)
client = new GraphQLClient(host, { headers })
action = async () => {
return client.request(mutation, variables)
}
})
it('is allowed to signup users by email', async () => {
await expect(action()).resolves.toEqual({ Signup: { email: 'someuser@example.org' } })
})
it('creates a Signup with a cryptographic `nonce`', async () => {
await action()
let emailAddress = await instance.first('EmailAddress', { email: 'someuser@example.org' })
emailAddress = await emailAddress.toJson()
expect(emailAddress.nonce).toEqual(expect.any(String))
})
})
})
describe('SignupVerification', () => {
const mutation = `
mutation($name: String!, $password: String!, $email: String!, $nonce: String!) {
SignupVerification(name: $name, password: $password, email: $email, nonce: $nonce) {
id
}
}
`
describe('given valid password and email', () => {
let variables = {
nonce: '123456',
name: 'John Doe',
password: '123',
email: 'john@example.org',
}
describe('unauthenticated', () => {
beforeEach(async () => {
client = new GraphQLClient(host)
})
describe('EmailAddress exists, but is already related to a user account', () => {
beforeEach(async () => {
const { email, nonce } = variables
const [emailAddress, user] = await Promise.all([
instance.model('EmailAddress').create({ email, nonce }),
instance
.model('User')
.create({ name: 'Somebody', password: '1234', email: 'john@example.org' }),
])
await emailAddress.relateTo(user, 'belongsTo')
})
describe('sending a valid nonce', () => {
beforeEach(() => {
variables.nonce = '123456'
})
it('rejects', async () => {
await expect(client.request(mutation, variables)).rejects.toThrow(
'Invalid email or nonce',
)
})
})
})
describe('disconnected EmailAddress exists', () => {
beforeEach(async () => {
const args = {
email: 'john@example.org',
nonce: '123456',
}
await instance.model('EmailAddress').create(args)
})
describe('sending a valid nonce', () => {
it('creates a user account', async () => {
const expected = {
SignupVerification: {
id: expect.any(String),
},
}
await expect(client.request(mutation, variables)).resolves.toEqual(expected)
})
it('sets `verifiedAt` attribute of EmailAddress', async () => {
await client.request(mutation, variables)
const email = await instance.first('EmailAddress', { email: 'john@example.org' })
await expect(email.toJson()).resolves.toEqual(
expect.objectContaining({
verifiedAt: expect.any(String),
}),
)
})
it('connects User with EmailAddress', async () => {
const cypher = `
MATCH(email:EmailAddress)-[:BELONGS_TO]->(u:User {name: {name}})
RETURN email
`
await client.request(mutation, variables)
const { records: emails } = await instance.cypher(cypher, { name: 'John Doe' })
expect(emails).toHaveLength(1)
})
it('marks the EmailAddress as primary', async () => {
const cypher = `
MATCH(email:EmailAddress)<-[:PRIMARY_EMAIL]-(u:User {name: {name}})
RETURN email
`
await client.request(mutation, variables)
const { records: emails } = await instance.cypher(cypher, { name: 'John Doe' })
expect(emails).toHaveLength(1)
})
})
describe('sending invalid nonce', () => {
beforeEach(() => {
variables.nonce = 'wut2'
})
it('rejects', async () => {
await expect(client.request(mutation, variables)).rejects.toThrow(
'Invalid email or nonce',
)
})
})
})
})
})
})

74
backend/src/schema/resolvers/rewards.js
View File

@ -1,47 +1,47 @@
import { neode } from '../../bootstrap/neo4j'
import { UserInputError } from 'apollo-server'
const instance = neode()
const getUserAndBadge = async ({ badgeKey, userId }) => {
let user = await instance.first('User', 'id', userId)
const badge = await instance.first('Badge', 'id', badgeKey)
if (!user) throw new UserInputError("Couldn't find a user with that id")
if (!badge) throw new UserInputError("Couldn't find a badge with that id")
return { user, badge }
}
export default {
Mutation: {
reward: async (_object, params, context, _resolveInfo) => {
const { fromBadgeId, toUserId } = params
const session = context.driver.session()
let transactionRes = await session.run(
`MATCH (badge:Badge {id: $badgeId}), (rewardedUser:User {id: $rewardedUserId})
MERGE (badge)-[:REWARDED]->(rewardedUser)
RETURN rewardedUser {.id}`,
{
badgeId: fromBadgeId,
rewardedUserId: toUserId,
},
)
const [rewardedUser] = transactionRes.records.map(record => {
return record.get('rewardedUser')
})
session.close()
return rewardedUser.id
const { user, badge } = await getUserAndBadge(params)
await user.relateTo(badge, 'rewarded')
return user.toJson()
},
unreward: async (_object, params, context, _resolveInfo) => {
const { fromBadgeId, toUserId } = params
const { badgeKey, userId } = params
const { user } = await getUserAndBadge(params)
const session = context.driver.session()
let transactionRes = await session.run(
`MATCH (badge:Badge {id: $badgeId})-[reward:REWARDED]->(rewardedUser:User {id: $rewardedUserId})
DELETE reward
RETURN rewardedUser {.id}`,
{
badgeId: fromBadgeId,
rewardedUserId: toUserId,
},
)
const [rewardedUser] = transactionRes.records.map(record => {
return record.get('rewardedUser')
})
session.close()
return rewardedUser.id
try {
// silly neode cannot remove relationships
await session.run(
`
MATCH (badge:Badge {id: $badgeKey})-[reward:REWARDED]->(rewardedUser:User {id: $userId})
DELETE reward
RETURN rewardedUser
`,
{
badgeKey,
userId,
},
)
} catch (err) {
throw err
} finally {
session.close()
}
return user.toJson()
},
},
}

190
backend/src/schema/resolvers/rewards.spec.js
View File

@ -1,12 +1,19 @@
import { GraphQLClient } from 'graphql-request'
import Factory from '../../seed/factories'
import { host, login } from '../../jest/helpers'
import { host, login, gql } from '../../jest/helpers'
const factory = Factory()
let user
let badge
describe('rewards', () => {
const variables = {
from: 'indiegogo_en_rhino',
to: 'u1',
}
beforeEach(async () => {
await factory.create('User', {
user = await factory.create('User', {
id: 'u1',
role: 'user',
email: 'user@example.org',
@ -22,9 +29,8 @@ describe('rewards', () => {
role: 'admin',
email: 'admin@example.org',
})
await factory.create('Badge', {
id: 'b6',
key: 'indiegogo_en_rhino',
badge = await factory.create('Badge', {
id: 'indiegogo_en_rhino',
type: 'crowdfunding',
status: 'permanent',
icon: '/img/badges/indiegogo_en_rhino.svg',
@ -35,21 +41,19 @@ describe('rewards', () => {
await factory.cleanDatabase()
})
describe('RewardBadge', () => {
const mutation = `
mutation(
$from: ID!
$to: ID!
) {
reward(fromBadgeId: $from, toUserId: $to)
describe('reward', () => {
const mutation = gql`
mutation($from: ID!, $to: ID!) {
reward(badgeKey: $from, userId: $to) {
id
badges {
id
}
}
}
`
describe('unauthenticated', () => {
const variables = {
from: 'b6',
to: 'u1',
}
let client
it('throws authorization error', async () => {
@ -65,74 +69,95 @@ describe('rewards', () => {
client = new GraphQLClient(host, { headers })
})
describe('badge for id does not exist', () => {
it('rejects with a telling error message', async () => {
await expect(
client.request(mutation, {
...variables,
from: 'bullshit',
}),
).rejects.toThrow("Couldn't find a badge with that id")
})
})
describe('user for id does not exist', () => {
it('rejects with a telling error message', async () => {
await expect(
client.request(mutation, {
...variables,
to: 'bullshit',
}),
).rejects.toThrow("Couldn't find a user with that id")
})
})
it('rewards a badge to user', async () => {
const variables = {
from: 'b6',
to: 'u1',
}
const expected = {
reward: 'u1',
reward: {
id: 'u1',
badges: [{ id: 'indiegogo_en_rhino' }],
},
}
await expect(client.request(mutation, variables)).resolves.toEqual(expected)
})
it('rewards a second different badge to same user', async () => {
await factory.create('Badge', {
id: 'b1',
key: 'indiegogo_en_racoon',
type: 'crowdfunding',
status: 'permanent',
id: 'indiegogo_en_racoon',
icon: '/img/badges/indiegogo_en_racoon.svg',
})
const variables = {
from: 'b1',
to: 'u1',
}
const badges = [{ id: 'indiegogo_en_racoon' }, { id: 'indiegogo_en_rhino' }]
const expected = {
reward: 'u1',
reward: {
id: 'u1',
badges: expect.arrayContaining(badges),
},
}
await expect(client.request(mutation, variables)).resolves.toEqual(expected)
await client.request(mutation, variables)
await expect(
client.request(mutation, {
...variables,
from: 'indiegogo_en_racoon',
}),
).resolves.toEqual(expected)
})
it('rewards the same badge as well to another user', async () => {
const variables1 = {
from: 'b6',
to: 'u1',
}
await client.request(mutation, variables1)
const variables2 = {
from: 'b6',
to: 'u2',
}
const expected = {
reward: 'u2',
reward: {
id: 'u2',
badges: [{ id: 'indiegogo_en_rhino' }],
},
}
await expect(client.request(mutation, variables2)).resolves.toEqual(expected)
await expect(
client.request(mutation, {
...variables,
to: 'u2',
}),
).resolves.toEqual(expected)
})
it('returns the original reward if a reward is attempted a second time', async () => {
const variables = {
from: 'b6',
to: 'u1',
}
it('creates no duplicate reward relationships', async () => {
await client.request(mutation, variables)
await client.request(mutation, variables)
const query = `{
User( id: "u1" ) {
badgesCount
const query = gql`
{
User(id: "u1") {
badgesCount
badges {
id
}
}
}
}
`
const expected = { User: [{ badgesCount: 1 }] }
const expected = { User: [{ badgesCount: 1, badges: [{ id: 'indiegogo_en_rhino' }] }] }
await expect(client.request(query)).resolves.toEqual(expected)
})
})
describe('authenticated moderator', () => {
const variables = {
from: 'b6',
to: 'u1',
}
let client
beforeEach(async () => {
const headers = await login({ email: 'moderator@example.org', password: '1234' })
@ -147,27 +172,41 @@ describe('rewards', () => {
})
})
describe('RemoveReward', () => {
describe('unreward', () => {
beforeEach(async () => {
await factory.relate('User', 'Badges', { from: 'b6', to: 'u1' })
await user.relateTo(badge, 'rewarded')
})
const variables = {
from: 'b6',
to: 'u1',
}
const expected = {
unreward: 'u1',
}
const expected = { unreward: { id: 'u1', badges: [] } }
const mutation = `
mutation(
$from: ID!
$to: ID!
) {
unreward(fromBadgeId: $from, toUserId: $to)
const mutation = gql`
mutation($from: ID!, $to: ID!) {
unreward(badgeKey: $from, userId: $to) {
id
badges {
id
}
}
}
`
describe('check test setup', () => {
it('user has one badge', async () => {
const query = gql`
{
User(id: "u1") {
badgesCount
badges {
id
}
}
}
`
const expected = { User: [{ badgesCount: 1, badges: [{ id: 'indiegogo_en_rhino' }] }] }
const client = new GraphQLClient(host)
await expect(client.request(query)).resolves.toEqual(expected)
})
})
describe('unauthenticated', () => {
let client
@ -188,12 +227,9 @@ describe('rewards', () => {
await expect(client.request(mutation, variables)).resolves.toEqual(expected)
})
it('fails to remove a not existing badge from user', async () => {
it('does not crash when unrewarding multiple times', async () => {
await client.request(mutation, variables)
await expect(client.request(mutation, variables)).rejects.toThrow(
"Cannot read property 'id' of undefined",
)
await expect(client.request(mutation, variables)).resolves.toEqual(expected)
})
})

12
backend/src/schema/resolvers/socialMedia.spec.js
View File

@ -1,7 +1,6 @@
import gql from 'graphql-tag'
import { GraphQLClient } from 'graphql-request'
import Factory from '../../seed/factories'
import { host, login } from '../../jest/helpers'
import { host, login, gql } from '../../jest/helpers'
const factory = Factory()
@ -98,14 +97,19 @@ describe('SocialMedia', () => {
const variables = {
url: '',
}
await expect(client.request(mutationC, variables)).rejects.toThrow('Input is not a URL')
await expect(client.request(mutationC, variables)).rejects.toThrow(
'"url" is not allowed to be empty',
)
})
it('validates URLs', async () => {
const variables = {
url: 'not-a-url',
}
await expect(client.request(mutationC, variables)).rejects.toThrow('Input is not a URL')
await expect(client.request(mutationC, variables)).rejects.toThrow(
'"url" must be a valid uri',
)
})
})
})

69
backend/src/schema/resolvers/user_management.js
View File

@ -2,10 +2,13 @@ import encode from '../../jwt/encode'
import bcrypt from 'bcryptjs'
import { AuthenticationError } from 'apollo-server'
import { neo4jgraphql } from 'neo4j-graphql-js'
import { neode } from '../../bootstrap/neo4j'
const instance = neode()
export default {
Query: {
isLoggedIn: (parent, args, { driver, user }) => {
isLoggedIn: (_, args, { driver, user }) => {
return Boolean(user && user.id)
},
currentUser: async (object, params, ctx, resolveInfo) => {
@ -15,40 +18,29 @@ export default {
},
},
Mutation: {
signup: async (parent, { email, password }, { req }) => {
// if (data[email]) {
// throw new Error('Another User with same email exists.')
// }
// data[email] = {
// password: await bcrypt.hashSync(password, 10),
// }
return true
},
login: async (parent, { email, password }, { driver, req, user }) => {
login: async (_, { email, password }, { driver, req, user }) => {
// if (user && user.id) {
// throw new Error('Already logged in.')
// }
const session = driver.session()
const result = await session.run(
'MATCH (user:User {email: $userEmail}) ' +
'RETURN user {.id, .slug, .name, .avatar, .email, .password, .role, .disabled} as user LIMIT 1',
'MATCH (user:User)-[:PRIMARY_EMAIL]->(e:EmailAddress {email: $userEmail})' +
'RETURN user {.id, .slug, .name, .avatar, .encryptedPassword, .role, .disabled, email:e.email} as user LIMIT 1',
{
userEmail: email,
},
)
session.close()
const [currentUser] = await result.records.map(function(record) {
const [currentUser] = await result.records.map(record => {
return record.get('user')
})
if (
currentUser &&
(await bcrypt.compareSync(password, currentUser.password)) &&
(await bcrypt.compareSync(password, currentUser.encryptedPassword)) &&
!currentUser.disabled
) {
delete currentUser.password
delete currentUser.encryptedPassword
return encode(currentUser)
} else if (currentUser && currentUser.disabled) {
throw new AuthenticationError('Your account has been disabled.')
@ -57,41 +49,24 @@ export default {
}
},
changePassword: async (_, { oldPassword, newPassword }, { driver, user }) => {
const session = driver.session()
let result = await session.run(
`MATCH (user:User {email: $userEmail})
RETURN user {.id, .email, .password}`,
{
userEmail: user.email,
},
)
let currentUser = await instance.find('User', user.id)
const [currentUser] = result.records.map(function(record) {
return record.get('user')
})
if (!(await bcrypt.compareSync(oldPassword, currentUser.password))) {
const encryptedPassword = currentUser.get('encryptedPassword')
if (!(await bcrypt.compareSync(oldPassword, encryptedPassword))) {
throw new AuthenticationError('Old password is not correct')
}
if (await bcrypt.compareSync(newPassword, currentUser.password)) {
if (await bcrypt.compareSync(newPassword, encryptedPassword)) {
throw new AuthenticationError('Old password and new password should be different')
} else {
const newHashedPassword = await bcrypt.hashSync(newPassword, 10)
session.run(
`MATCH (user:User {email: $userEmail})
SET user.password = $newHashedPassword
RETURN user
`,
{
userEmail: user.email,
newHashedPassword,
},
)
session.close()
return encode(currentUser)
}
const newEncryptedPassword = await bcrypt.hashSync(newPassword, 10)
await currentUser.update({
encryptedPassword: newEncryptedPassword,
updatedAt: new Date().toISOString(),
})
return encode(await currentUser.toJson())
},
},
}

119
backend/src/schema/resolvers/user_management.spec.js
View File

@ -1,4 +1,3 @@
import gql from 'graphql-tag'
import { GraphQLClient, request } from 'graphql-request'
import jwt from 'jsonwebtoken'
import CONFIG from './../../config'
@ -311,121 +310,3 @@ describe('change password', () => {
})
})
})
describe('do not expose private RSA key', () => {
let headers
let client
let authenticatedClient
const queryUserPuplicKey = gql`
query($queriedUserSlug: String) {
User(slug: $queriedUserSlug) {
id
publicKey
}
}
`
const queryUserPrivateKey = gql`
query($queriedUserSlug: String) {
User(slug: $queriedUserSlug) {
id
privateKey
}
}
`
const generateUserWithKeys = async authenticatedClient => {
// Generate user with "privateKey" via 'CreateUser' mutation instead of using the factories "factory.create('User', {...})", see above.
const variables = {
id: 'bcb2d923-f3af-479e-9f00-61b12e864667',
password: 'xYz',
slug: 'apfel-strudel',
name: 'Apfel Strudel',
email: 'apfel-strudel@test.org',
}
await authenticatedClient.request(
gql`
mutation($id: ID, $password: String!, $slug: String, $name: String, $email: String!) {
CreateUser(id: $id, password: $password, slug: $slug, name: $name, email: $email) {
id
}
}
`,
variables,
)
}
beforeEach(async () => {
const adminParams = {
role: 'admin',
email: 'admin@example.org',
password: '1234',
}
// create an admin user who has enough permissions to create other users
await factory.create('User', adminParams)
const headers = await login(adminParams)
authenticatedClient = new GraphQLClient(host, { headers })
// but also create an unauthenticated client to issue the `User` query
client = new GraphQLClient(host)
})
describe('unauthenticated query of "publicKey" (does the RSA key pair get generated at all?)', () => {
it('returns publicKey', async () => {
await generateUserWithKeys(authenticatedClient)
await expect(
await client.request(queryUserPuplicKey, { queriedUserSlug: 'apfel-strudel' }),
).toEqual(
expect.objectContaining({
User: [
{
id: 'bcb2d923-f3af-479e-9f00-61b12e864667',
publicKey: expect.any(String),
},
],
}),
)
})
})
describe('unauthenticated query of "privateKey"', () => {
it('throws "Not Authorised!"', async () => {
await generateUserWithKeys(authenticatedClient)
await expect(
client.request(queryUserPrivateKey, { queriedUserSlug: 'apfel-strudel' }),
).rejects.toThrow('Not Authorised')
})
})
// authenticate
beforeEach(async () => {
headers = await login({ email: 'test@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
describe('authenticated query of "publicKey"', () => {
it('returns publicKey', async () => {
await generateUserWithKeys(authenticatedClient)
await expect(
await client.request(queryUserPuplicKey, { queriedUserSlug: 'apfel-strudel' }),
).toEqual(
expect.objectContaining({
User: [
{
id: 'bcb2d923-f3af-479e-9f00-61b12e864667',
publicKey: expect.any(String),
},
],
}),
)
})
})
describe('authenticated query of "privateKey"', () => {
it('throws "Not Authorised!"', async () => {
await generateUserWithKeys(authenticatedClient)
await expect(
client.request(queryUserPrivateKey, { queriedUserSlug: 'apfel-strudel' }),
).rejects.toThrow('Not Authorised')
})
})
})

137
backend/src/schema/resolvers/users.js
View File

@ -1,15 +1,91 @@
import { neo4jgraphql } from 'neo4j-graphql-js'
import fileUpload from './fileUpload'
import { neode } from '../../bootstrap/neo4j'
import { UserInputError } from 'apollo-server'
const instance = neode()
const _has = (resolvers, { key, connection }, { returnType }) => {
return async (parent, params, context, resolveInfo) => {
if (typeof parent[key] !== 'undefined') return parent[key]
const { id } = parent
const statement = `MATCH(u:User {id: {id}})${connection} RETURN related`
const result = await instance.cypher(statement, { id })
let response = result.records.map(r => r.get('related').properties)
if (returnType === 'object') response = response[0] || null
return response
}
}
const count = obj => {
const resolvers = {}
for (const [key, connection] of Object.entries(obj)) {
resolvers[key] = async (parent, params, context, resolveInfo) => {
if (typeof parent[key] !== 'undefined') return parent[key]
const { id } = parent
const statement = `
MATCH(u:User {id: {id}})${connection}
WHERE NOT related.deleted = true AND NOT related.disabled = true
RETURN COUNT(DISTINCT(related)) as count
`
const result = await instance.cypher(statement, { id })
const [response] = result.records.map(r => r.get('count').toNumber())
return response
}
}
return resolvers
}
const undefinedToNull = list => {
const resolvers = {}
list.forEach(key => {
resolvers[key] = async (parent, params, context, resolveInfo) => {
return typeof parent[key] === 'undefined' ? null : parent[key]
}
})
return resolvers
}
export const hasMany = obj => {
const resolvers = {}
for (const [key, connection] of Object.entries(obj)) {
resolvers[key] = _has(resolvers, { key, connection }, { returnType: 'iterable' })
}
return resolvers
}
export const hasOne = obj => {
const resolvers = {}
for (const [key, connection] of Object.entries(obj)) {
resolvers[key] = _has(resolvers, { key, connection }, { returnType: 'object' })
}
return resolvers
}
export default {
Mutation: {
UpdateUser: async (object, params, context, resolveInfo) => {
params = await fileUpload(params, { file: 'avatarUpload', url: 'avatar' })
return neo4jgraphql(object, params, context, resolveInfo, false)
Query: {
User: async (object, args, context, resolveInfo) => {
const { email } = args
if (email) {
const e = await instance.first('EmailAddress', { email })
let user = e.get('belongsTo')
user = await user.toJson()
return [user.node]
}
return neo4jgraphql(object, args, context, resolveInfo, false)
},
CreateUser: async (object, params, context, resolveInfo) => {
params = await fileUpload(params, { file: 'avatarUpload', url: 'avatar' })
return neo4jgraphql(object, params, context, resolveInfo, false)
},
Mutation: {
UpdateUser: async (object, args, context, resolveInfo) => {
args = await fileUpload(args, { file: 'avatarUpload', url: 'avatar' })
try {
let user = await instance.find('User', args.id)
if (!user) return null
await user.update(args)
return user.toJson()
} catch (e) {
throw new UserInputError(e.message)
}
},
DeleteUser: async (object, params, context, resolveInfo) => {
const { resource } = params
@ -34,4 +110,51 @@ export default {
return neo4jgraphql(object, params, context, resolveInfo, false)
},
},
User: {
email: async (parent, params, context, resolveInfo) => {
if (typeof parent.email !== 'undefined') return parent.email
const { id } = parent
const statement = `MATCH(u:User {id: {id}})-[:PRIMARY_EMAIL]->(e:EmailAddress) RETURN e`
const result = await instance.cypher(statement, { id })
let [{ email }] = result.records.map(r => r.get('e').properties)
return email
},
...undefinedToNull([
'actorId',
'avatar',
'coverImg',
'deleted',
'disabled',
'locationName',
'about',
]),
...count({
contributionsCount: '-[:WROTE]->(related:Post)',
friendsCount: '<-[:FRIENDS]->(related:User)',
followingCount: '-[:FOLLOWS]->(related:User)',
followedByCount: '<-[:FOLLOWS]-(related:User)',
commentsCount: '-[:WROTE]->(r:Comment)',
commentedCount: '-[:WROTE]->(:Comment)-[:COMMENTS]->(related:Post)',
shoutedCount: '-[:SHOUTED]->(related:Post)',
badgesCount: '<-[:REWARDED]-(related:Badge)',
}),
...hasOne({
invitedBy: '<-[:INVITED]-(related:User)',
disabledBy: '<-[:DISABLED]-(related:User)',
}),
...hasMany({
followedBy: '<-[:FOLLOWS]-(related:User)',
following: '-[:FOLLOWS]->(related:User)',
friends: '-[:FRIENDS]-(related:User)',
blacklisted: '-[:BLACKLISTED]->(related:User)',
socialMedia: '-[:OWNED]->(related:SocialMedia)',
contributions: '-[:WROTE]->(related:Post)',
comments: '-[:WROTE]->(related:Comment)',
shouted: '-[:SHOUTED]->(related:Post)',
organizationsCreated: '-[:CREATED_ORGA]->(related:Organization)',
organizationsOwned: '-[:OWNING_ORGA]->(related:Organization)',
categories: '-[:CATEGORIZED]->(related:Category)',
badges: '<-[:REWARDED]-(related:Badge)',
}),
},
}

73
backend/src/schema/resolvers/users.spec.js
View File

@ -1,7 +1,6 @@
import { GraphQLClient } from 'graphql-request'
import { login, host } from '../../jest/helpers'
import Factory from '../../seed/factories'
import gql from 'graphql-tag'
import { host, login, gql } from '../../jest/helpers'
const factory = Factory()
let client
@ -11,50 +10,39 @@ afterEach(async () => {
})
describe('users', () => {
describe('CreateUser', () => {
const mutation = `
mutation($name: String, $password: String!, $email: String!) {
CreateUser(name: $name, password: $password, email: $email) {
id
}
}
`
describe('given valid password and email', () => {
const variables = {
name: 'John Doe',
password: '123',
email: '123@123.de',
}
describe('unauthenticated', () => {
beforeEach(async () => {
client = new GraphQLClient(host)
})
it('is not allowed to create users', async () => {
await expect(client.request(mutation, variables)).rejects.toThrow('Not Authorised')
})
describe('User', () => {
describe('query by email address', () => {
beforeEach(async () => {
await factory.create('User', { name: 'Johnny', email: 'any-email-address@example.org' })
})
describe('authenticated admin', () => {
const query = `query($email: String) { User(email: $email) { name } }`
const variables = { email: 'any-email-address@example.org' }
beforeEach(() => {
client = new GraphQLClient(host)
})
it('is forbidden', async () => {
await expect(client.request(query, variables)).rejects.toThrow('Not Authorised')
})
describe('as admin', () => {
beforeEach(async () => {
const adminParams = {
const userParams = {
role: 'admin',
email: 'admin@example.org',
password: '1234',
}
await factory.create('User', adminParams)
const headers = await login(adminParams)
const factory = Factory()
await factory.create('User', userParams)
const headers = await login(userParams)
client = new GraphQLClient(host, { headers })
})
it('is allowed to create new users', async () => {
const expected = {
CreateUser: {
id: expect.any(String),
},
}
await expect(client.request(mutation, variables)).resolves.toEqual(expected)
it('is permitted', async () => {
await expect(client.request(query, variables)).resolves.toEqual({
User: [{ name: 'Johnny' }],
})
})
})
})
@ -88,7 +76,7 @@ describe('users', () => {
describe('as another user', () => {
beforeEach(async () => {
const someoneElseParams = {
email: 'someoneElse@example.org',
email: 'someone-else@example.org',
password: '1234',
name: 'James Doe',
}
@ -119,12 +107,12 @@ describe('users', () => {
await expect(client.request(mutation, variables)).resolves.toEqual(expected)
})
it('with no name', async () => {
it('with `null` as name', async () => {
const variables = {
id: 'u47',
name: null,
}
const expected = 'Username must be at least 3 characters long!'
const expected = '"name" must be a string'
await expect(client.request(mutation, variables)).rejects.toThrow(expected)
})
@ -133,7 +121,7 @@ describe('users', () => {
id: 'u47',
name: ' ',
}
const expected = 'Username must be at least 3 characters long!'
const expected = '"name" length must be at least 3 characters long'
await expect(client.request(mutation, variables)).rejects.toThrow(expected)
})
})
@ -158,13 +146,13 @@ describe('users', () => {
}
`
beforeEach(async () => {
asAuthor = await factory.create('User', {
await factory.create('User', {
email: 'test@example.org',
password: '1234',
id: 'u343',
})
await factory.create('User', {
email: 'friendsAccount@example.org',
email: 'friends-account@example.org',
password: '1234',
id: 'u565',
})
@ -202,6 +190,7 @@ describe('users', () => {
describe('attempting to delete my own account', () => {
let expectedResponse
beforeEach(async () => {
asAuthor = Factory()
await asAuthor.authenticateAs({
email: 'test@example.org',
password: '1234',

4
backend/src/schema/types/enum/BadgeStatus.gql
View File

@ -1,4 +0,0 @@
enum BadgeStatus {
permanent
temporary
}

4
backend/src/schema/types/enum/BadgeType.gql
View File

@ -1,4 +0,0 @@
enum BadgeType {
role
crowdfunding
}

7
backend/src/schema/types/enum/Emotion.gql Normal file
View File

@ -0,0 +1,7 @@
enum Emotion {
surprised
cry
happy
angry
funny
}

5
backend/src/schema/types/schema.gql
View File

@ -17,21 +17,17 @@ type Query {
LIMIT $limit
"""
)
CommentByPost(postId: ID!): [Comment]!
}
type Mutation {
# Get a JWT Token for the given Email and password
login(email: String!, password: String!): String!
signup(email: String!, password: String!): Boolean!
changePassword(oldPassword: String!, newPassword: String!): String!
requestPasswordReset(email: String!): Boolean!
resetPassword(email: String!, code: String!, newPassword: String!): Boolean!
report(id: ID!, description: String): Report
disable(id: ID!): ID
enable(id: ID!): ID
reward(fromBadgeId: ID!, toUserId: ID!): ID
unreward(fromBadgeId: ID!, toUserId: ID!): ID
# Shout the given Type and ID
shout(id: ID!, type: ShoutTypeEnum): Boolean!
# Unshout the given Type and ID
@ -40,7 +36,6 @@ type Mutation {
follow(id: ID!, type: FollowTypeEnum): Boolean!
# Unfollow the given Type and ID
unfollow(id: ID!, type: FollowTypeEnum): Boolean!
DeleteUser(id: ID!, resource: [Deletable]): User
}
type Statistics {

324
backend/src/schema/types/schema_full.gql_
View File

@ -1,324 +0,0 @@
scalar Upload
type Query {
isLoggedIn: Boolean!
# Get the currently logged in User based on the given JWT Token
currentUser: User
# Get the latest Network Statistics
statistics: Statistics!
findPosts(filter: String!, limit: Int = 10): [Post]! @cypher(
statement: """
CALL db.index.fulltext.queryNodes('full_text_search', $filter)
YIELD node as post, score
MATCH (post)<-[:WROTE]-(user:User)
WHERE score >= 0.2
AND NOT user.deleted = true AND NOT user.disabled = true
AND NOT post.deleted = true AND NOT post.disabled = true
RETURN post
LIMIT $limit
"""
)
CommentByPost(postId: ID!): [Comment]!
}
type Mutation {
# Get a JWT Token for the given Email and password
login(email: String!, password: String!): String!
signup(email: String!, password: String!): Boolean!
changePassword(oldPassword:String!, newPassword: String!): String!
report(id: ID!, description: String): Report
disable(id: ID!): ID
enable(id: ID!): ID
reward(fromBadgeId: ID!, toUserId: ID!): ID
unreward(fromBadgeId: ID!, toUserId: ID!): ID
# Shout the given Type and ID
shout(id: ID!, type: ShoutTypeEnum): Boolean!
# Unshout the given Type and ID
unshout(id: ID!, type: ShoutTypeEnum): Boolean!
# Follow the given Type and ID
follow(id: ID!, type: FollowTypeEnum): Boolean!
# Unfollow the given Type and ID
unfollow(id: ID!, type: FollowTypeEnum): Boolean!
}
type Statistics {
countUsers: Int!
countPosts: Int!
countComments: Int!
countNotifications: Int!
countOrganizations: Int!
countProjects: Int!
countInvites: Int!
countFollows: Int!
countShouts: Int!
}
type Notification {
id: ID!
read: Boolean,
user: User @relation(name: "NOTIFIED", direction: "OUT")
post: Post @relation(name: "NOTIFIED", direction: "IN")
createdAt: String
}
scalar Date
scalar Time
scalar DateTime
enum VisibilityEnum {
public
friends
private
}
enum UserGroupEnum {
admin
moderator
user
}
type Location {
id: ID!
name: String!
nameEN: String
nameDE: String
nameFR: String
nameNL: String
nameIT: String
nameES: String
namePT: String
namePL: String
type: String!
lat: Float
lng: Float
parent: Location @cypher(statement: "MATCH (this)-[:IS_IN]->(l:Location) RETURN l")
}
type User {
id: ID!
actorId: String
name: String
email: String!
slug: String
password: String!
avatar: String
avatarUpload: Upload
deleted: Boolean
disabled: Boolean
disabledBy: User @relation(name: "DISABLED", direction: "IN")
role: UserGroupEnum
publicKey: String
privateKey: String
location: Location @cypher(statement: "MATCH (this)-[:IS_IN]->(l:Location) RETURN l")
locationName: String
about: String
socialMedia: [SocialMedia]! @relation(name: "OWNED", direction: "OUT")
createdAt: String
updatedAt: String
notifications(read: Boolean): [Notification]! @relation(name: "NOTIFIED", direction: "IN")
friends: [User]! @relation(name: "FRIENDS", direction: "BOTH")
friendsCount: Int! @cypher(statement: "MATCH (this)<-[:FRIENDS]->(r:User) RETURN COUNT(DISTINCT r)")
following: [User]! @relation(name: "FOLLOWS", direction: "OUT")
followingCount: Int! @cypher(statement: "MATCH (this)-[:FOLLOWS]->(r:User) RETURN COUNT(DISTINCT r)")
followedBy: [User]! @relation(name: "FOLLOWS", direction: "IN")
followedByCount: Int! @cypher(statement: "MATCH (this)<-[:FOLLOWS]-(r:User) RETURN COUNT(DISTINCT r)")
# Is the currently logged in user following that user?
followedByCurrentUser: Boolean! @cypher(
statement: """
MATCH (this)<-[:FOLLOWS]-(u:User {id: $cypherParams.currentUserId})
RETURN COUNT(u) >= 1
"""
)
#contributions: [WrittenPost]!
#contributions2(first: Int = 10, offset: Int = 0): [WrittenPost2]!
# @cypher(
# statement: "MATCH (this)-[w:WROTE]->(p:Post) RETURN p as Post, w.timestamp as timestamp"
# )
contributions: [Post]! @relation(name: "WROTE", direction: "OUT")
contributionsCount: Int! @cypher(
statement: """
MATCH (this)-[:WROTE]->(r:Post)
WHERE (NOT exists(r.deleted) OR r.deleted = false)
AND (NOT exists(r.disabled) OR r.disabled = false)
RETURN COUNT(r)
"""
)
comments: [Comment]! @relation(name: "WROTE", direction: "OUT")
commentsCount: Int! @cypher(statement: "MATCH (this)-[:WROTE]->(r:Comment) WHERE NOT r.deleted = true AND NOT r.disabled = true RETURN COUNT(r)")
shouted: [Post]! @relation(name: "SHOUTED", direction: "OUT")
shoutedCount: Int! @cypher(statement: "MATCH (this)-[:SHOUTED]->(r:Post) WHERE NOT r.deleted = true AND NOT r.disabled = true RETURN COUNT(DISTINCT r)")
organizationsCreated: [Organization] @relation(name: "CREATED_ORGA", direction: "OUT")
organizationsOwned: [Organization] @relation(name: "OWNING_ORGA", direction: "OUT")
blacklisted: [User]! @relation(name: "BLACKLISTED", direction: "OUT")
categories: [Category]! @relation(name: "CATEGORIZED", direction: "OUT")
badges: [Badge]! @relation(name: "REWARDED", direction: "IN")
badgesCount: Int! @cypher(statement: "MATCH (this)<-[:REWARDED]-(r:Badge) RETURN COUNT(r)")
}
type Post {
id: ID!
activityId: String
objectId: String
author: User @relation(name: "WROTE", direction: "IN")
title: String!
slug: String
content: String!
contentExcerpt: String
image: String
imageUpload: Upload
visibility: VisibilityEnum
deleted: Boolean
disabled: Boolean
disabledBy: User @relation(name: "DISABLED", direction: "IN")
createdAt: String
updatedAt: String
relatedContributions: [Post]! @cypher(
statement: """
MATCH (this)-[:TAGGED|CATEGORIZED]->(categoryOrTag)<-[:TAGGED|CATEGORIZED]-(post:Post)
RETURN DISTINCT post
LIMIT 10
"""
)
tags: [Tag]! @relation(name: "TAGGED", direction: "OUT")
categories: [Category]! @relation(name: "CATEGORIZED", direction: "OUT")
comments: [Comment]! @relation(name: "COMMENTS", direction: "IN")
commentsCount: Int! @cypher(statement: "MATCH (this)<-[:COMMENTS]-(r:Comment) WHERE NOT r.deleted = true AND NOT r.disabled = true RETURN COUNT(r)")
shoutedBy: [User]! @relation(name: "SHOUTED", direction: "IN")
shoutedCount: Int! @cypher(statement: "MATCH (this)<-[:SHOUTED]-(r:User) WHERE NOT r.deleted = true AND NOT r.disabled = true RETURN COUNT(DISTINCT r)")
# Has the currently logged in user shouted that post?
shoutedByCurrentUser: Boolean! @cypher(
statement: """
MATCH (this)<-[:SHOUTED]-(u:User {id: $cypherParams.currentUserId})
RETURN COUNT(u) >= 1
"""
)
}
type Comment {
id: ID!
activityId: String
postId: ID
author: User @relation(name: "WROTE", direction: "IN")
content: String!
contentExcerpt: String
post: Post @relation(name: "COMMENTS", direction: "OUT")
createdAt: String
updatedAt: String
deleted: Boolean
disabled: Boolean
disabledBy: User @relation(name: "DISABLED", direction: "IN")
}
type Report {
id: ID!
submitter: User @relation(name: "REPORTED", direction: "IN")
description: String
type: String! @cypher(statement: "MATCH (resource)<-[:REPORTED]-(this) RETURN labels(resource)[0]")
createdAt: String
comment: Comment @relation(name: "REPORTED", direction: "OUT")
post: Post @relation(name: "REPORTED", direction: "OUT")
user: User @relation(name: "REPORTED", direction: "OUT")
}
type Category {
id: ID!
name: String!
slug: String
icon: String!
posts: [Post]! @relation(name: "CATEGORIZED", direction: "IN")
postCount: Int! @cypher(statement: "MATCH (this)<-[:CATEGORIZED]-(r:Post) RETURN COUNT(r)")
}
type Badge {
id: ID!
key: String!
type: BadgeTypeEnum!
status: BadgeStatusEnum!
icon: String!
rewarded: [User]! @relation(name: "REWARDED", direction: "OUT")
}
enum BadgeTypeEnum {
role
crowdfunding
}
enum BadgeStatusEnum {
permanent
temporary
}
enum ShoutTypeEnum {
Post
Organization
Project
}
enum FollowTypeEnum {
User
Organization
Project
}
type Reward {
id: ID!
user: User @relation(name: "REWARDED", direction: "IN")
rewarderId: ID
createdAt: String
badge: Badge @relation(name: "REWARDED", direction: "OUT")
}
type Organization {
id: ID!
createdBy: User @relation(name: "CREATED_ORGA", direction: "IN")
ownedBy: [User] @relation(name: "OWNING_ORGA", direction: "IN")
name: String!
slug: String
description: String!
descriptionExcerpt: String
deleted: Boolean
disabled: Boolean
tags: [Tag]! @relation(name: "TAGGED", direction: "OUT")
categories: [Category]! @relation(name: "CATEGORIZED", direction: "OUT")
}
type Tag {
id: ID!
name: String!
taggedPosts: [Post]! @relation(name: "TAGGED", direction: "IN")
taggedOrganizations: [Organization]! @relation(name: "TAGGED", direction: "IN")
taggedCount: Int! @cypher(statement: "MATCH (this)<-[:TAGGED]-(p) RETURN COUNT(DISTINCT p)")
taggedCountUnique: Int! @cypher(statement: "MATCH (this)<-[:TAGGED]-(p)<-[:WROTE]-(u:User) RETURN COUNT(DISTINCT u)")
deleted: Boolean
disabled: Boolean
}
type SharedInboxEndpoint {
id: ID!
uri: String
}
type SocialMedia {
id: ID!
url: String
ownedBy: [User]! @relation(name: "OWNED", direction: "IN")
}

22
backend/src/schema/types/type/Badge.gql
View File

@ -1,6 +1,5 @@
type Badge {
id: ID!
key: String!
type: BadgeType!
status: BadgeStatus!
icon: String!
@ -10,4 +9,23 @@ type Badge {
updatedAt: String
rewarded: [User]! @relation(name: "REWARDED", direction: "OUT")
}
}
enum BadgeStatus {
permanent
temporary
}
enum BadgeType {
role
crowdfunding
}
type Query {
Badge: [Badge]
}
type Mutation {
reward(badgeKey: ID!, userId: ID!): User
unreward(badgeKey: ID!, userId: ID!): User
}

10
backend/src/schema/types/type/EMOTED.gql Normal file
View File

@ -0,0 +1,10 @@
type EMOTED @relation(name: "EMOTED") {
from: User
to: Post
emotion: Emotion
#createdAt: DateTime
#updatedAt: DateTime
createdAt: String
updatedAt: String
}

23
backend/src/schema/types/type/EmailAddress.gql Normal file
View File

@ -0,0 +1,23 @@
type EmailAddress {
id: ID!
email: String!
verifiedAt: String
createdAt: String
}
type Mutation {
Signup(email: String!): EmailAddress
SignupByInvitation(email: String!, token: String!): EmailAddress
SignupVerification(
nonce: String!
name: String!
email: String!
password: String!
slug: String
avatar: String
coverImg: String
avatarUpload: Upload
locationName: String
about: String
): User
}

13
backend/src/schema/types/type/InvitationCode.gql Normal file
View File

@ -0,0 +1,13 @@
type InvitationCode {
id: ID!
token: String
generatedBy: User @relation(name: "GENERATED", direction: "IN")
#createdAt: DateTime
#usedAt: DateTime
createdAt: String
}
type Mutation {
CreateInvitationCode: InvitationCode
}

2
backend/src/schema/types/type/Post.gql
View File

@ -48,6 +48,8 @@ type Post {
RETURN COUNT(u) >= 1
"""
)
emotions: [EMOTED]
}
type Mutation {

105
backend/src/schema/types/type/User.gql
View File

@ -2,21 +2,17 @@ type User {
id: ID!
actorId: String
name: String
email: String!
slug: String
password: String!
email: String! @cypher(statement: "MATCH (this)-[:PRIMARY_EMAIL]->(e:EmailAddress) RETURN e.email")
slug: String!
avatar: String
coverImg: String
avatarUpload: Upload
deleted: Boolean
disabled: Boolean
disabledBy: User @relation(name: "DISABLED", direction: "IN")
role: UserGroup
role: UserGroup!
publicKey: String
privateKey: String
wasInvited: Boolean
wasSeeded: Boolean
invitedBy: User @relation(name: "INVITED", direction: "IN")
invited: [User] @relation(name: "INVITED", direction: "OUT")
location: Location @cypher(statement: "MATCH (this)-[:IS_IN]->(l:Location) RETURN l")
locationName: String
@ -77,4 +73,95 @@ type User {
badges: [Badge]! @relation(name: "REWARDED", direction: "IN")
badgesCount: Int! @cypher(statement: "MATCH (this)<-[:REWARDED]-(r:Badge) RETURN COUNT(r)")
emotions: [EMOTED]
}
input _UserFilter {
AND: [_UserFilter!]
OR: [_UserFilter!]
name_contains: String
about_contains: String
slug_contains: String
id: ID
id_not: ID
id_in: [ID!]
id_not_in: [ID!]
id_contains: ID
id_not_contains: ID
id_starts_with: ID
id_not_starts_with: ID
id_ends_with: ID
id_not_ends_with: ID
friends: _UserFilter
friends_not: _UserFilter
friends_in: [_UserFilter!]
friends_not_in: [_UserFilter!]
friends_some: _UserFilter
friends_none: _UserFilter
friends_single: _UserFilter
friends_every: _UserFilter
following: _UserFilter
following_not: _UserFilter
following_in: [_UserFilter!]
following_not_in: [_UserFilter!]
following_some: _UserFilter
following_none: _UserFilter
following_single: _UserFilter
following_every: _UserFilter
followedBy: _UserFilter
followedBy_not: _UserFilter
followedBy_in: [_UserFilter!]
followedBy_not_in: [_UserFilter!]
followedBy_some: _UserFilter
followedBy_none: _UserFilter
followedBy_single: _UserFilter
followedBy_every: _UserFilter
}
type Query {
User(
id: ID
email: String
actorId: String
name: String
slug: String
avatar: String
coverImg: String
role: UserGroup
locationName: String
about: String
createdAt: String
updatedAt: String
friendsCount: Int
followingCount: Int
followedByCount: Int
followedByCurrentUser: Boolean
contributionsCount: Int
commentsCount: Int
commentedCount: Int
shoutedCount: Int
badgesCount: Int
first: Int
offset: Int
orderBy: [_UserOrdering]
filter: _UserFilter
): [User]
}
type Mutation {
UpdateUser (
id: ID!
name: String
email: String
slug: String
avatar: String
coverImg: String
avatarUpload: Upload
locationName: String
about: String
): User
DeleteUser(id: ID!, resource: [Deletable]): User
}

35
backend/src/seed/factories/badges.js
View File

@ -1,28 +1,15 @@
import uuid from 'uuid/v4'
export default function(params) {
const {
id = uuid(),
key = '',
type = 'crowdfunding',
status = 'permanent',
icon = '/img/badges/indiegogo_en_panda.svg',
} = params
export default function create() {
return {
mutation: `
mutation(
$id: ID
$key: String!
$type: BadgeType!
$status: BadgeStatus!
$icon: String!
) {
CreateBadge(id: $id, key: $key, type: $type, status: $status, icon: $icon) {
id
}
factory: async ({ args, neodeInstance }) => {
const defaults = {
type: 'crowdfunding',
status: 'permanent',
}
`,
variables: { id, key, type, status, icon },
args = {
...defaults,
...args,
}
return neodeInstance.create('Badge', args)
},
}
}

31
backend/src/seed/factories/index.js
View File

@ -1,5 +1,5 @@
import { GraphQLClient, request } from 'graphql-request'
import { getDriver } from '../../bootstrap/neo4j'
import { getDriver, neode } from '../../bootstrap/neo4j'
import createBadge from './badges.js'
import createUser from './users.js'
import createOrganization from './organizations.js'
@ -48,7 +48,11 @@ export const cleanDatabase = async (options = {}) => {
}
export default function Factory(options = {}) {
const { neo4jDriver = getDriver(), seedServerHost = 'http://127.0.0.1:4001' } = options
let {
seedServerHost = 'http://127.0.0.1:4001',
neo4jDriver = getDriver(),
neodeInstance = neode(),
} = options
const graphQLClient = new GraphQLClient(seedServerHost)
@ -58,19 +62,24 @@ export default function Factory(options = {}) {
graphQLClient,
factories,
lastResponse: null,
neodeInstance,
async authenticateAs({ email, password }) {
const headers = await authenticatedHeaders({ email, password }, seedServerHost)
this.lastResponse = headers
this.graphQLClient = new GraphQLClient(seedServerHost, { headers })
return this
},
async create(node, properties) {
const { mutation, variables } = this.factories[node](properties)
this.lastResponse = await this.graphQLClient.request(mutation, variables)
async create(node, args = {}) {
const { factory, mutation, variables } = this.factories[node](args)
if (factory) {
this.lastResponse = await factory({ args, neodeInstance })
return this.lastResponse
} else {
this.lastResponse = await this.graphQLClient.request(mutation, variables)
}
return this
},
async relate(node, relationship, properties) {
const { from, to } = properties
async relate(node, relationship, { from, to }) {
const mutation = `
mutation {
Add${node}${relationship}(
@ -112,6 +121,11 @@ export default function Factory(options = {}) {
this.lastResponse = await this.graphQLClient.request(mutation)
return this
},
async invite({ email }) {
const mutation = ` mutation($email: String!) { invite( email: $email) } `
this.lastResponse = await this.graphQLClient.request(mutation, { email })
return this
},
async cleanDatabase() {
this.lastResponse = await cleanDatabase({ driver: this.neo4jDriver })
return this
@ -121,6 +135,9 @@ export default function Factory(options = {}) {
result.create.bind(result)
result.relate.bind(result)
result.mutate.bind(result)
result.shout.bind(result)
result.follow.bind(result)
result.invite.bind(result)
result.cleanDatabase.bind(result)
return result
}

68
backend/src/seed/factories/users.js
View File

@ -1,51 +1,31 @@
import faker from 'faker'
import uuid from 'uuid/v4'
import encryptPassword from '../../helpers/encryptPassword'
import slugify from 'slug'
export default function create(params) {
const {
id = uuid(),
name = faker.name.findName(),
slug = '',
email = faker.internet.email(),
password = '1234',
role = 'user',
avatar = faker.internet.avatar(),
about = faker.lorem.paragraph(),
} = params
export default function create() {
return {
mutation: `
mutation(
$id: ID!
$name: String
$slug: String
$password: String!
$email: String!
$avatar: String
$about: String
$role: UserGroup
) {
CreateUser(
id: $id
name: $name
slug: $slug
password: $password
email: $email
avatar: $avatar
about: $about
role: $role
) {
id
name
slug
email
avatar
role
deleted
disabled
}
factory: async ({ args, neodeInstance }) => {
const defaults = {
id: uuid(),
name: faker.name.findName(),
email: faker.internet.email(),
password: '1234',
role: 'user',
avatar: faker.internet.avatar(),
about: faker.lorem.paragraph(),
}
`,
variables: { id, name, slug, password, email, avatar, about, role },
defaults.slug = slugify(defaults.name, { lower: true })
args = {
...defaults,
...args,
}
args = await encryptPassword(args)
const user = await neodeInstance.create('User', args)
const email = await neodeInstance.create('EmailAddress', { email: args.email })
await user.relateTo(email, 'primaryEmail')
await email.relateTo(user, 'belongsTo')
return user
},
}
}

636
backend/src/seed/seed-db.js
View File

@ -5,52 +5,42 @@ import Factory from './factories'
;(async function() {
try {
const f = Factory()
await Promise.all([
const [racoon, rabbit, wolf, bear, turtle, rhino] = await Promise.all([
f.create('Badge', {
id: 'b1',
key: 'indiegogo_en_racoon',
type: 'crowdfunding',
status: 'permanent',
id: 'indiegogo_en_racoon',
icon: '/img/badges/indiegogo_en_racoon.svg',
}),
f.create('Badge', {
id: 'b2',
key: 'indiegogo_en_rabbit',
type: 'crowdfunding',
status: 'permanent',
id: 'indiegogo_en_rabbit',
icon: '/img/badges/indiegogo_en_rabbit.svg',
}),
f.create('Badge', {
id: 'b3',
key: 'indiegogo_en_wolf',
type: 'crowdfunding',
status: 'permanent',
id: 'indiegogo_en_wolf',
icon: '/img/badges/indiegogo_en_wolf.svg',
}),
f.create('Badge', {
id: 'b4',
key: 'indiegogo_en_bear',
type: 'crowdfunding',
status: 'permanent',
id: 'indiegogo_en_bear',
icon: '/img/badges/indiegogo_en_bear.svg',
}),
f.create('Badge', {
id: 'b5',
key: 'indiegogo_en_turtle',
type: 'crowdfunding',
status: 'permanent',
id: 'indiegogo_en_turtle',
icon: '/img/badges/indiegogo_en_turtle.svg',
}),
f.create('Badge', {
id: 'b6',
key: 'indiegogo_en_rhino',
type: 'crowdfunding',
status: 'permanent',
id: 'indiegogo_en_rhino',
icon: '/img/badges/indiegogo_en_rhino.svg',
}),
])
await Promise.all([
const [
peterLustig,
bobDerBaumeister,
jennyRostock,
tick, // eslint-disable-line no-unused-vars
trick, // eslint-disable-line no-unused-vars
track, // eslint-disable-line no-unused-vars
dagobert,
] = await Promise.all([
f.create('User', {
id: 'u1',
name: 'Peter Lustig',
@ -69,47 +59,130 @@ import Factory from './factories'
role: 'user',
email: 'user@example.org',
}),
f.create('User', { id: 'u4', name: 'Tick', role: 'user', email: 'tick@example.org' }),
f.create('User', { id: 'u5', name: 'Trick', role: 'user', email: 'trick@example.org' }),
f.create('User', { id: 'u6', name: 'Track', role: 'user', email: 'track@example.org' }),
f.create('User', { id: 'u7', name: 'Dagobert', role: 'user', email: 'dagobert@example.org' }),
f.create('User', {
id: 'u4',
name: 'Tick',
role: 'user',
email: 'tick@example.org',
}),
f.create('User', {
id: 'u5',
name: 'Trick',
role: 'user',
email: 'trick@example.org',
}),
f.create('User', {
id: 'u6',
name: 'Track',
role: 'user',
email: 'track@example.org',
}),
f.create('User', {
id: 'u7',
name: 'Dagobert',
role: 'user',
email: 'dagobert@example.org',
}),
])
const [asAdmin, asModerator, asUser, asTick, asTrick, asTrack] = await Promise.all([
Factory().authenticateAs({ email: 'admin@example.org', password: '1234' }),
Factory().authenticateAs({ email: 'moderator@example.org', password: '1234' }),
Factory().authenticateAs({ email: 'user@example.org', password: '1234' }),
Factory().authenticateAs({ email: 'tick@example.org', password: '1234' }),
Factory().authenticateAs({ email: 'trick@example.org', password: '1234' }),
Factory().authenticateAs({ email: 'track@example.org', password: '1234' }),
Factory().authenticateAs({
email: 'admin@example.org',
password: '1234',
}),
Factory().authenticateAs({
email: 'moderator@example.org',
password: '1234',
}),
Factory().authenticateAs({
email: 'user@example.org',
password: '1234',
}),
Factory().authenticateAs({
email: 'tick@example.org',
password: '1234',
}),
Factory().authenticateAs({
email: 'trick@example.org',
password: '1234',
}),
Factory().authenticateAs({
email: 'track@example.org',
password: '1234',
}),
])
await Promise.all([
f.relate('User', 'Badges', { from: 'b6', to: 'u1' }),
f.relate('User', 'Badges', { from: 'b5', to: 'u2' }),
f.relate('User', 'Badges', { from: 'b4', to: 'u3' }),
f.relate('User', 'Badges', { from: 'b3', to: 'u4' }),
f.relate('User', 'Badges', { from: 'b2', to: 'u5' }),
f.relate('User', 'Badges', { from: 'b1', to: 'u6' }),
f.relate('User', 'Friends', { from: 'u1', to: 'u2' }),
f.relate('User', 'Friends', { from: 'u1', to: 'u3' }),
f.relate('User', 'Friends', { from: 'u2', to: 'u3' }),
f.relate('User', 'Blacklisted', { from: 'u7', to: 'u4' }),
f.relate('User', 'Blacklisted', { from: 'u7', to: 'u5' }),
f.relate('User', 'Blacklisted', { from: 'u7', to: 'u6' }),
peterLustig.relateTo(racoon, 'rewarded'),
peterLustig.relateTo(rhino, 'rewarded'),
peterLustig.relateTo(wolf, 'rewarded'),
bobDerBaumeister.relateTo(racoon, 'rewarded'),
bobDerBaumeister.relateTo(turtle, 'rewarded'),
jennyRostock.relateTo(bear, 'rewarded'),
dagobert.relateTo(rabbit, 'rewarded'),
])
await Promise.all([
asAdmin.follow({ id: 'u3', type: 'User' }),
asModerator.follow({ id: 'u4', type: 'User' }),
asUser.follow({ id: 'u4', type: 'User' }),
asTick.follow({ id: 'u6', type: 'User' }),
asTrick.follow({ id: 'u4', type: 'User' }),
asTrack.follow({ id: 'u3', type: 'User' }),
f.relate('User', 'Friends', {
from: 'u1',
to: 'u2',
}),
f.relate('User', 'Friends', {
from: 'u1',
to: 'u3',
}),
f.relate('User', 'Friends', {
from: 'u2',
to: 'u3',
}),
f.relate('User', 'Blacklisted', {
from: 'u7',
to: 'u4',
}),
f.relate('User', 'Blacklisted', {
from: 'u7',
to: 'u5',
}),
f.relate('User', 'Blacklisted', {
from: 'u7',
to: 'u6',
}),
])
await Promise.all([
f.create('Category', { id: 'cat1', name: 'Just For Fun', slug: 'justforfun', icon: 'smile' }),
asAdmin.follow({
id: 'u3',
type: 'User',
}),
asModerator.follow({
id: 'u4',
type: 'User',
}),
asUser.follow({
id: 'u4',
type: 'User',
}),
asTick.follow({
id: 'u6',
type: 'User',
}),
asTrick.follow({
id: 'u4',
type: 'User',
}),
asTrack.follow({
id: 'u3',
type: 'User',
}),
])
await Promise.all([
f.create('Category', {
id: 'cat1',
name: 'Just For Fun',
slug: 'justforfun',
icon: 'smile',
}),
f.create('Category', {
id: 'cat2',
name: 'Happyness & Values',
@ -203,10 +276,22 @@ import Factory from './factories'
])
await Promise.all([
f.create('Tag', { id: 't1', name: 'Umwelt' }),
f.create('Tag', { id: 't2', name: 'Naturschutz' }),
f.create('Tag', { id: 't3', name: 'Demokratie' }),
f.create('Tag', { id: 't4', name: 'Freiheit' }),
f.create('Tag', {
id: 'Umwelt',
name: 'Umwelt',
}),
f.create('Tag', {
id: 'Naturschutz',
name: 'Naturschutz',
}),
f.create('Tag', {
id: 'Demokratie',
name: 'Demokratie',
}),
f.create('Tag', {
id: 'Freiheit',
name: 'Freiheit',
}),
])
const mention1 = 'Hey <a class="mention" href="/profile/u3">@jenny-rostock</a>, what\'s up?'
@ -214,108 +299,347 @@ import Factory from './factories'
'Hey <a class="mention" href="/profile/u3">@jenny-rostock</a>, here is another notification for you!'
await Promise.all([
asAdmin.create('Post', { id: 'p0', image: faker.image.unsplash.food() }),
asModerator.create('Post', { id: 'p1', image: faker.image.unsplash.technology() }),
asUser.create('Post', { id: 'p2' }),
asTick.create('Post', { id: 'p3' }),
asTrick.create('Post', { id: 'p4' }),
asTrack.create('Post', { id: 'p5' }),
asAdmin.create('Post', { id: 'p6', image: faker.image.unsplash.buildings() }),
asModerator.create('Post', { id: 'p7', content: `${mention1} ${faker.lorem.paragraph()}` }),
asUser.create('Post', { id: 'p8', image: faker.image.unsplash.nature() }),
asTick.create('Post', { id: 'p9' }),
asTrick.create('Post', { id: 'p10' }),
asTrack.create('Post', { id: 'p11', image: faker.image.unsplash.people() }),
asAdmin.create('Post', { id: 'p12', content: `${mention2} ${faker.lorem.paragraph()}` }),
asModerator.create('Post', { id: 'p13' }),
asUser.create('Post', { id: 'p14', image: faker.image.unsplash.objects() }),
asTick.create('Post', { id: 'p15' }),
asAdmin.create('Post', {
id: 'p0',
image: faker.image.unsplash.food(),
}),
asModerator.create('Post', {
id: 'p1',
image: faker.image.unsplash.technology(),
}),
asUser.create('Post', {
id: 'p2',
}),
asTick.create('Post', {
id: 'p3',
}),
asTrick.create('Post', {
id: 'p4',
}),
asTrack.create('Post', {
id: 'p5',
}),
asAdmin.create('Post', {
id: 'p6',
image: faker.image.unsplash.buildings(),
}),
asModerator.create('Post', {
id: 'p7',
content: `${mention1} ${faker.lorem.paragraph()}`,
}),
asUser.create('Post', {
id: 'p8',
image: faker.image.unsplash.nature(),
}),
asTick.create('Post', {
id: 'p9',
}),
asTrick.create('Post', {
id: 'p10',
}),
asTrack.create('Post', {
id: 'p11',
image: faker.image.unsplash.people(),
}),
asAdmin.create('Post', {
id: 'p12',
content: `${mention2} ${faker.lorem.paragraph()}`,
}),
asModerator.create('Post', {
id: 'p13',
}),
asUser.create('Post', {
id: 'p14',
image: faker.image.unsplash.objects(),
}),
asTick.create('Post', {
id: 'p15',
}),
])
await Promise.all([
f.relate('Post', 'Categories', { from: 'p0', to: 'cat16' }),
f.relate('Post', 'Categories', { from: 'p1', to: 'cat1' }),
f.relate('Post', 'Categories', { from: 'p2', to: 'cat2' }),
f.relate('Post', 'Categories', { from: 'p3', to: 'cat3' }),
f.relate('Post', 'Categories', { from: 'p4', to: 'cat4' }),
f.relate('Post', 'Categories', { from: 'p5', to: 'cat5' }),
f.relate('Post', 'Categories', { from: 'p6', to: 'cat6' }),
f.relate('Post', 'Categories', { from: 'p7', to: 'cat7' }),
f.relate('Post', 'Categories', { from: 'p8', to: 'cat8' }),
f.relate('Post', 'Categories', { from: 'p9', to: 'cat9' }),
f.relate('Post', 'Categories', { from: 'p10', to: 'cat10' }),
f.relate('Post', 'Categories', { from: 'p11', to: 'cat11' }),
f.relate('Post', 'Categories', { from: 'p12', to: 'cat12' }),
f.relate('Post', 'Categories', { from: 'p13', to: 'cat13' }),
f.relate('Post', 'Categories', { from: 'p14', to: 'cat14' }),
f.relate('Post', 'Categories', { from: 'p15', to: 'cat15' }),
f.relate('Post', 'Categories', {
from: 'p0',
to: 'cat16',
}),
f.relate('Post', 'Categories', {
from: 'p1',
to: 'cat1',
}),
f.relate('Post', 'Categories', {
from: 'p2',
to: 'cat2',
}),
f.relate('Post', 'Categories', {
from: 'p3',
to: 'cat3',
}),
f.relate('Post', 'Categories', {
from: 'p4',
to: 'cat4',
}),
f.relate('Post', 'Categories', {
from: 'p5',
to: 'cat5',
}),
f.relate('Post', 'Categories', {
from: 'p6',
to: 'cat6',
}),
f.relate('Post', 'Categories', {
from: 'p7',
to: 'cat7',
}),
f.relate('Post', 'Categories', {
from: 'p8',
to: 'cat8',
}),
f.relate('Post', 'Categories', {
from: 'p9',
to: 'cat9',
}),
f.relate('Post', 'Categories', {
from: 'p10',
to: 'cat10',
}),
f.relate('Post', 'Categories', {
from: 'p11',
to: 'cat11',
}),
f.relate('Post', 'Categories', {
from: 'p12',
to: 'cat12',
}),
f.relate('Post', 'Categories', {
from: 'p13',
to: 'cat13',
}),
f.relate('Post', 'Categories', {
from: 'p14',
to: 'cat14',
}),
f.relate('Post', 'Categories', {
from: 'p15',
to: 'cat15',
}),
f.relate('Post', 'Tags', { from: 'p0', to: 't4' }),
f.relate('Post', 'Tags', { from: 'p1', to: 't1' }),
f.relate('Post', 'Tags', { from: 'p2', to: 't2' }),
f.relate('Post', 'Tags', { from: 'p3', to: 't3' }),
f.relate('Post', 'Tags', { from: 'p4', to: 't4' }),
f.relate('Post', 'Tags', { from: 'p5', to: 't1' }),
f.relate('Post', 'Tags', { from: 'p6', to: 't2' }),
f.relate('Post', 'Tags', { from: 'p7', to: 't3' }),
f.relate('Post', 'Tags', { from: 'p8', to: 't4' }),
f.relate('Post', 'Tags', { from: 'p9', to: 't1' }),
f.relate('Post', 'Tags', { from: 'p10', to: 't2' }),
f.relate('Post', 'Tags', { from: 'p11', to: 't3' }),
f.relate('Post', 'Tags', { from: 'p12', to: 't4' }),
f.relate('Post', 'Tags', { from: 'p13', to: 't1' }),
f.relate('Post', 'Tags', { from: 'p14', to: 't2' }),
f.relate('Post', 'Tags', { from: 'p15', to: 't3' }),
f.relate('Post', 'Tags', {
from: 'p0',
to: 'Freiheit',
}),
f.relate('Post', 'Tags', {
from: 'p1',
to: 'Umwelt',
}),
f.relate('Post', 'Tags', {
from: 'p2',
to: 'Naturschutz',
}),
f.relate('Post', 'Tags', {
from: 'p3',
to: 'Demokratie',
}),
f.relate('Post', 'Tags', {
from: 'p4',
to: 'Freiheit',
}),
f.relate('Post', 'Tags', {
from: 'p5',
to: 'Umwelt',
}),
f.relate('Post', 'Tags', {
from: 'p6',
to: 'Naturschutz',
}),
f.relate('Post', 'Tags', {
from: 'p7',
to: 'Demokratie',
}),
f.relate('Post', 'Tags', {
from: 'p8',
to: 'Freiheit',
}),
f.relate('Post', 'Tags', {
from: 'p9',
to: 'Umwelt',
}),
f.relate('Post', 'Tags', {
from: 'p10',
to: 'Naturschutz',
}),
f.relate('Post', 'Tags', {
from: 'p11',
to: 'Demokratie',
}),
f.relate('Post', 'Tags', {
from: 'p12',
to: 'Freiheit',
}),
f.relate('Post', 'Tags', {
from: 'p13',
to: 'Umwelt',
}),
f.relate('Post', 'Tags', {
from: 'p14',
to: 'Naturschutz',
}),
f.relate('Post', 'Tags', {
from: 'p15',
to: 'Demokratie',
}),
])
await Promise.all([
asAdmin.shout({ id: 'p2', type: 'Post' }),
asAdmin.shout({ id: 'p6', type: 'Post' }),
asModerator.shout({ id: 'p0', type: 'Post' }),
asModerator.shout({ id: 'p6', type: 'Post' }),
asUser.shout({ id: 'p6', type: 'Post' }),
asUser.shout({ id: 'p7', type: 'Post' }),
asTick.shout({ id: 'p8', type: 'Post' }),
asTick.shout({ id: 'p9', type: 'Post' }),
asTrack.shout({ id: 'p10', type: 'Post' }),
asAdmin.shout({
id: 'p2',
type: 'Post',
}),
asAdmin.shout({
id: 'p6',
type: 'Post',
}),
asModerator.shout({
id: 'p0',
type: 'Post',
}),
asModerator.shout({
id: 'p6',
type: 'Post',
}),
asUser.shout({
id: 'p6',
type: 'Post',
}),
asUser.shout({
id: 'p7',
type: 'Post',
}),
asTick.shout({
id: 'p8',
type: 'Post',
}),
asTick.shout({
id: 'p9',
type: 'Post',
}),
asTrack.shout({
id: 'p10',
type: 'Post',
}),
])
await Promise.all([
asAdmin.shout({ id: 'p2', type: 'Post' }),
asAdmin.shout({ id: 'p6', type: 'Post' }),
asModerator.shout({ id: 'p0', type: 'Post' }),
asModerator.shout({ id: 'p6', type: 'Post' }),
asUser.shout({ id: 'p6', type: 'Post' }),
asUser.shout({ id: 'p7', type: 'Post' }),
asTick.shout({ id: 'p8', type: 'Post' }),
asTick.shout({ id: 'p9', type: 'Post' }),
asTrack.shout({ id: 'p10', type: 'Post' }),
asAdmin.shout({
id: 'p2',
type: 'Post',
}),
asAdmin.shout({
id: 'p6',
type: 'Post',
}),
asModerator.shout({
id: 'p0',
type: 'Post',
}),
asModerator.shout({
id: 'p6',
type: 'Post',
}),
asUser.shout({
id: 'p6',
type: 'Post',
}),
asUser.shout({
id: 'p7',
type: 'Post',
}),
asTick.shout({
id: 'p8',
type: 'Post',
}),
asTick.shout({
id: 'p9',
type: 'Post',
}),
asTrack.shout({
id: 'p10',
type: 'Post',
}),
])
await Promise.all([
asUser.create('Comment', { id: 'c1', postId: 'p1' }),
asTick.create('Comment', { id: 'c2', postId: 'p1' }),
asTrack.create('Comment', { id: 'c3', postId: 'p3' }),
asTrick.create('Comment', { id: 'c4', postId: 'p2' }),
asModerator.create('Comment', { id: 'c5', postId: 'p3' }),
asAdmin.create('Comment', { id: 'c6', postId: 'p4' }),
asUser.create('Comment', { id: 'c7', postId: 'p2' }),
asTick.create('Comment', { id: 'c8', postId: 'p15' }),
asTrick.create('Comment', { id: 'c9', postId: 'p15' }),
asTrack.create('Comment', { id: 'c10', postId: 'p15' }),
asUser.create('Comment', { id: 'c11', postId: 'p15' }),
asUser.create('Comment', { id: 'c12', postId: 'p15' }),
asUser.create('Comment', {
id: 'c1',
postId: 'p1',
}),
asTick.create('Comment', {
id: 'c2',
postId: 'p1',
}),
asTrack.create('Comment', {
id: 'c3',
postId: 'p3',
}),
asTrick.create('Comment', {
id: 'c4',
postId: 'p2',
}),
asModerator.create('Comment', {
id: 'c5',
postId: 'p3',
}),
asAdmin.create('Comment', {
id: 'c6',
postId: 'p4',
}),
asUser.create('Comment', {
id: 'c7',
postId: 'p2',
}),
asTick.create('Comment', {
id: 'c8',
postId: 'p15',
}),
asTrick.create('Comment', {
id: 'c9',
postId: 'p15',
}),
asTrack.create('Comment', {
id: 'c10',
postId: 'p15',
}),
asUser.create('Comment', {
id: 'c11',
postId: 'p15',
}),
asUser.create('Comment', {
id: 'c12',
postId: 'p15',
}),
])
const disableMutation = 'mutation($id: ID!) { disable(id: $id) }'
await Promise.all([
asModerator.mutate(disableMutation, { id: 'p11' }),
asModerator.mutate(disableMutation, { id: 'c5' }),
asModerator.mutate(disableMutation, {
id: 'p11',
}),
asModerator.mutate(disableMutation, {
id: 'c5',
}),
])
await Promise.all([
asTick.create('Report', { description: "I don't like this comment", id: 'c1' }),
asTrick.create('Report', { description: "I don't like this post", id: 'p1' }),
asTrack.create('Report', { description: "I don't like this user", id: 'u1' }),
asTick.create('Report', {
description: "I don't like this comment",
id: 'c1',
}),
asTrick.create('Report', {
description: "I don't like this post",
id: 'p1',
}),
asTrack.create('Report', {
description: "I don't like this user",
id: 'u1',
}),
])
await Promise.all([
@ -342,13 +666,33 @@ import Factory from './factories'
])
await Promise.all([
f.relate('Organization', 'CreatedBy', { from: 'u1', to: 'o1' }),
f.relate('Organization', 'CreatedBy', { from: 'u1', to: 'o2' }),
f.relate('Organization', 'OwnedBy', { from: 'u2', to: 'o2' }),
f.relate('Organization', 'OwnedBy', { from: 'u2', to: 'o3' }),
f.relate('Organization', 'CreatedBy', {
from: 'u1',
to: 'o1',
}),
f.relate('Organization', 'CreatedBy', {
from: 'u1',
to: 'o2',
}),
f.relate('Organization', 'OwnedBy', {
from: 'u2',
to: 'o2',
}),
f.relate('Organization', 'OwnedBy', {
from: 'u2',
to: 'o3',
}),
])
await Promise.all(
[...Array(30).keys()].map(i => {
return f.create('User')
}),
)
/* eslint-disable-next-line no-console */
console.log('Seeded Data...')
process.exit(0)
} catch (err) {
/* eslint-disable-next-line no-console */
console.error(err)

22
backend/src/server.js
View File

@ -1,6 +1,6 @@
import express from 'express'
import helmet from 'helmet'
import { GraphQLServer } from 'graphql-yoga'
import { ApolloServer } from 'apollo-server-express'
import CONFIG, { requiredConfigs } from './config'
import mocks from './mocks'
import middleware from './middleware'
@ -20,28 +20,30 @@ const driver = getDriver()
const createServer = options => {
const defaults = {
context: async ({ request }) => {
const user = await decode(driver, request.headers.authorization)
context: async ({ req }) => {
const user = await decode(driver, req.headers.authorization)
return {
driver,
user,
req: request,
req,
cypherParams: {
currentUserId: user ? user.id : null,
},
}
},
schema,
schema: middleware(schema),
debug: CONFIG.DEBUG,
tracing: CONFIG.DEBUG,
middlewares: middleware(schema),
mocks: CONFIG.MOCKS ? mocks : false,
}
const server = new GraphQLServer(Object.assign({}, defaults, options))
const server = new ApolloServer(Object.assign({}, defaults, options))
server.express.use(helmet())
server.express.use(express.static('public'))
return server
const app = express()
app.use(helmet())
app.use(express.static('public'))
server.applyMiddleware({ app, path: '/' })
return { server, app }
}
export default createServer

43
backend/src/server.spec.js Normal file
View File

@ -0,0 +1,43 @@
import { createTestClient } from 'apollo-server-testing'
import createServer from './server'
/**
* This file is for demonstration purposes. It does not really test the
* `isLoggedIn` query but demonstrates how we can use `apollo-server-testing`.
* All we need to do is to get an instance of `ApolloServer` and maybe we want
* stub out `context` as shown below.
*
*/
let user
let action
describe('isLoggedIn', () => {
beforeEach(() => {
action = async () => {
const { server } = createServer({
context: () => {
return {
user,
}
},
})
const { query } = createTestClient(server)
const isLoggedIn = `{ isLoggedIn }`
return query({ query: isLoggedIn })
}
})
it('returns false', async () => {
const expected = expect.objectContaining({ data: { isLoggedIn: false } })
await expect(action()).resolves.toEqual(expected)
})
describe('when authenticated', () => {
it('returns true', async () => {
user = { id: '123' }
const expected = expect.objectContaining({ data: { isLoggedIn: true } })
await expect(action()).resolves.toEqual(expected)
})
})
})

821
backend/yarn.lock
View File

File diff suppressed because it is too large Load Diff

25
cypress/features.md
View File

@ -16,7 +16,7 @@ The following features will be implemented. This gets done in three steps:
### User Account
[Cucumber Features](./integration/user_account)
[Cucumber Features](https://github.com/Human-Connection/Human-Connection/tree/master/cypress/integration/user_account)
* Sign-up
* Agree to Data Privacy Statement
@ -34,7 +34,7 @@ The following features will be implemented. This gets done in three steps:
### User Profile
[Cucumber Features](./integration/user_profile)
[Cucumber Features](https://github.com/Human-Connection/Human-Connection/tree/master/cypress/integration/user_profile)
* Upload and Change Avatar
* Upload and Change Profile Picture
@ -59,7 +59,7 @@ The following features will be implemented. This gets done in three steps:
### Posts
[Cucumber Features](./integration/post/)
[Cucumber Features](https://github.com/Human-Connection/Human-Connection/tree/master/cypress/integration/post)
* Creating Posts
* Persistent Links
@ -78,13 +78,13 @@ The following features will be implemented. This gets done in three steps:
### Comments
* Creating Comments
* Creating Comments
* Deleting Comments
* Editing Comments
* Upvote comments of others
### Notifications
[Cucumber features](./integration/notifications)
[Cucumber features](https://github.com/Human-Connection/Human-Connection/tree/master/cypress/integration/notifications)
* User @-mentionings
* Notify authors for comments
@ -94,12 +94,12 @@ The following features will be implemented. This gets done in three steps:
* Show Posts by Tiles
* Show Posts as List
* Filter by Category \(Health and Wellbeing, Global Peace & Non-Violence, ...\)
* Filter by Category \(Health and Wellbeing, Global Peace & Non-Violence, ...\)
* Filter by Mood \(Funny, Happy, Surprised, Cry, Angry, ...\)
* Filter by Source \(Connections, Following, Individuals, Non-Profits, ...\)
* Filter by Posts & Tools \(Post, Events, CanDos, ...\)
* Filter by Format Type \(Text, Pictures, Video, ...\)
* Extended Filter \(Continent, Country, Language, ...\)
* Extended Filter \(Continent, Country, Language, ...\)
* Sort Posts by Date
* Sort Posts by Shouts
* Sort Posts by most Comments
@ -116,7 +116,7 @@ The following features will be implemented. This gets done in three steps:
### Search
[Cucumber Features](./integration/search)
[Cucumber Features](https://github.com/Human-Connection/Human-Connection/tree/master/cypress/integration/search)
* Search for Categories
* Search for Tags
@ -186,13 +186,13 @@ The following features will be implemented. This gets done in three steps:
### More Info
Shows autmatically releated information for existing post.
Shows automatically related information for existing post.
* Show related Posts
* Show Pros and Cons
* Show Bestlist
* Show Votes
* Link to corresponding Chatroom
* Link to corresponding Chatroom
### Take Action
@ -237,7 +237,7 @@ Shows automatically related actions for existing post.
### Moderation
[Cucumber Features](./integration/moderation)
[Cucumber Features](https://github.com/Human-Connection/Human-Connection/tree/master/cypress/integration/moderation)
* Report Button for users for doubtful Content
* Moderator Panel
@ -262,7 +262,7 @@ Shows automatically related actions for existing post.
### Internationalization
[Cucumber Features](./integration/internationalization)
[Cucumber Features](https://github.com/Human-Connection/Human-Connection/tree/master/cypress/integration/internationalization)
* Frontend UI
* Backend Error Messages
@ -276,4 +276,3 @@ Shows automatically related actions for existing post.
* Receiving Undo and Delete Activities for Articles and Notes
* Serving Webfinger records and Actor Objects
* Serving Followers, Following and Outbox collections

16
cypress/integration/administration/TagsAndCategories.feature
View File

@ -22,16 +22,16 @@ Feature: Tags and Categories
When I navigate to the administration dashboard
And I click on the menu item "Categories"
Then I can see the following table:
| | Name | Posts |
| | Just For Fun | 2 |
| | Happyness & Values | 1 |
| | Health & Wellbeing | 0 |
| | Name | Posts |
| | Just For Fun | 2 |
| | Happyness & Values | 1 |
| | Health & Wellbeing | 0 |
Scenario: See an overview of tags
When I navigate to the administration dashboard
And I click on the menu item "Tags"
Then I can see the following table:
| | Name | Users | Posts |
| 1 | Democracy | 3 | 4 |
| 2 | Nature | 2 | 3 |
| 3 | Ecology | 1 | 1 |
| | Name | Users | Posts |
| 1 | Democracy | 3 | 4 |
| 2 | Nature | 2 | 3 |
| 3 | Ecology | 1 | 1 |

52
cypress/integration/common/profile.js
View File

@ -1,36 +1,36 @@
import { When, Then } from 'cypress-cucumber-preprocessor/steps'
import { When, Then } from "cypress-cucumber-preprocessor/steps";
/* global cy */
When('I visit my profile page', () => {
cy.openPage('profile/peter-pan')
})
When("I visit my profile page", () => {
cy.openPage("profile/peter-pan");
});
Then('I should be able to change my profile picture', () => {
const avatarUpload = 'onourjourney.png'
Then("I should be able to change my profile picture", () => {
const avatarUpload = "onourjourney.png";
cy.fixture(avatarUpload, 'base64').then(fileContent => {
cy.get('#customdropzone').upload(
{ fileContent, fileName: avatarUpload, mimeType: 'image/png' },
{ subjectType: 'drag-n-drop' }
)
})
cy.get('.profile-avatar img')
.should('have.attr', 'src')
.and('contains', 'onourjourney')
cy.contains('.iziToast-message', 'Upload successful').should(
'have.length',
cy.fixture(avatarUpload, "base64").then(fileContent => {
cy.get("#customdropzone").upload(
{ fileContent, fileName: avatarUpload, mimeType: "image/png" },
{ subjectType: "drag-n-drop", force: true }
);
});
cy.get(".profile-avatar img")
.should("have.attr", "src")
.and("contains", "onourjourney");
cy.contains(".iziToast-message", "Upload successful").should(
"have.length",
1
)
})
);
});
When("I visit another user's profile page", () => {
cy.openPage('profile/peter-pan')
})
cy.openPage("profile/peter-pan");
});
Then('I cannot upload a picture', () => {
cy.get('.ds-card-content')
Then("I cannot upload a picture", () => {
cy.get(".ds-card-content")
.children()
.should('not.have.id', 'customdropzone')
.should('have.class', 'ds-avatar')
})
.should("not.have.id", "customdropzone")
.should("have.class", "ds-avatar");
});

11
cypress/integration/common/steps.js
View File

@ -1,5 +1,6 @@
import { Given, When, Then } from "cypress-cucumber-preprocessor/steps";
import { getLangByName } from "../../support/helpers";
import slugify from 'slug'
/* global cy */
@ -11,6 +12,7 @@ let loginCredentials = {
};
const narratorParams = {
name: "Peter Pan",
slug: 'peter-pan',
avatar: "https://s3.amazonaws.com/uifaces/faces/twitter/nerrsoft/128.jpg",
...loginCredentials
};
@ -171,10 +173,11 @@ When("I press {string}", label => {
});
Given("we have the following posts in our database:", table => {
table.hashes().forEach(({ Author, ...postAttributes }) => {
table.hashes().forEach(({ Author, ...postAttributes }, i) => {
Author = Author || `author-${i}`
const userAttributes = {
name: Author,
email: `${Author}@example.org`,
email: `${slugify(Author, {lower: true})}@example.org`,
password: "1234"
};
postAttributes.deleted = Boolean(postAttributes.deleted);
@ -273,9 +276,9 @@ When("I fill the password form with:", table => {
table = table.rowsHash();
cy.get("input[id=oldPassword]")
.type(table["Your old password"])
.get("input[id=newPassword]")
.get("input[id=password]")
.type(table["Your new passsword"])
.get("input[id=confirmPassword]")
.get("input[id=passwordConfirmation]")
.type(table["Confirm new password"]);
});

6
cypress/integration/search/Search.feature
View File

@ -6,9 +6,9 @@ Feature: Search
Background:
Given I have a user account
And we have the following posts in our database:
| Author | id | title | content |
| Brianna Wiest | p1 | 101 Essays that will change the way you think | 101 Essays, of course! |
| Brianna Wiest | p2 | No searched for content | will be found in this post, I guarantee |
| id | title | content |
| p1 | 101 Essays that will change the way you think | 101 Essays, of course! |
| p2 | No searched for content | will be found in this post, I guarantee |
Given I am logged in
Scenario: Search for specific words

26
cypress/support/factories.js
View File

@ -1,12 +1,15 @@
import Factory from '../../backend/src/seed/factories'
import { getDriver } from '../../backend/src/bootstrap/neo4j'
import setupNeode from '../../backend/src/bootstrap/neode'
import neode from 'neode'
const neo4jDriver = getDriver({
const neo4jConfigs = {
uri: Cypress.env('NEO4J_URI'),
username: Cypress.env('NEO4J_USERNAME'),
password: Cypress.env('NEO4J_PASSWORD')
})
const factory = Factory({ neo4jDriver })
}
const neo4jDriver = getDriver(neo4jConfigs)
const factory = Factory({ seedServerHost, neo4jDriver, neodeInstance: setupNeode(neo4jConfigs)})
const seedServerHost = Cypress.env('SEED_SERVER_HOST')
beforeEach(async () => {
@ -14,30 +17,33 @@ beforeEach(async () => {
})
Cypress.Commands.add('factory', () => {
return Factory({ seedServerHost })
return Factory({ seedServerHost, neo4jDriver, neodeInstance: setupNeode(neo4jConfigs) })
})
Cypress.Commands.add(
'create',
{ prevSubject: true },
(factory, node, properties) => {
return factory.create(node, properties)
async (factory, node, properties) => {
await factory.create(node, properties)
return factory
}
)
Cypress.Commands.add(
'relate',
{ prevSubject: true },
(factory, node, relationship, properties) => {
return factory.relate(node, relationship, properties)
async (factory, node, relationship, properties) => {
await factory.relate(node, relationship, properties)
return factory
}
)
Cypress.Commands.add(
'mutate',
{ prevSubject: true },
(factory, mutation, variables) => {
return factory.mutate(mutation, variables)
async (factory, mutation, variables) => {
await factory.mutate(mutation, variables)
return factory
}
)

18
deployment/human-connection/deployment-neo4j.yaml
View File

@ -32,21 +32,9 @@
value: 1G
- name: NEO4J_dbms_memory_heap_max__size
value: 1G
- name: NEO4J_URI
valueFrom:
configMapKeyRef:
name: configmap
key: NEO4J_URI
- name: NEO4J_USER
valueFrom:
configMapKeyRef:
name: configmap
key: NEO4J_USER
- name: NEO4J_AUTH
valueFrom:
configMapKeyRef:
name: configmap
key: NEO4J_AUTH
envFrom:
- configMapRef:
name: configmap
ports:
- containerPort: 7687
- containerPort: 7474

3
deployment/human-connection/templates/configmap.template.yaml
View File

@ -4,13 +4,10 @@
data:
SMTP_HOST: "mailserver.human-connection"
SMTP_PORT: "25"
SMTP_USERNAME: ""
SMTP_PASSWORD: ""
GRAPHQL_PORT: "4000"
GRAPHQL_URI: "http://nitro-backend.human-connection:4000"
MOCKS: "false"
NEO4J_URI: "bolt://nitro-neo4j.human-connection:7687"
NEO4J_USER: "neo4j"
NEO4J_AUTH: "none"
CLIENT_URI: "https://nitro-staging.human-connection.org"
metadata:

5
deployment/human-connection/templates/secrets.template.yaml
View File

@ -5,11 +5,10 @@ data:
MONGODB_PASSWORD: "TU9OR09EQl9QQVNTV09SRA=="
PRIVATE_KEY_PASSPHRASE: "YTdkc2Y3OHNhZGc4N2FkODdzZmFnc2FkZzc4"
MAPBOX_TOKEN: "cGsuZXlKMUlqb2lhSFZ0WVc0dFkyOXVibVZqZEdsdmJpSXNJbUVpT2lKamFqbDBjbkJ1Ykdvd2VUVmxNM1Z3WjJsek5UTnVkM1p0SW4wLktaOEtLOWw3MG9talhiRWtrYkhHc1EK"
SMTP_HOST:
SMTP_PORT: 587
SMTP_USERNAME:
SMTP_PASSWORD:
SMTP_IGNORE_TLS:
NEO4J_USERNAME:
NEO4J_PASSWORD:
metadata:
name: human-connection
namespace: human-connection

4
deployment/legacy-migration/maintenance-worker/migration/neo4j/badges/badges.cql
View File

@ -25,7 +25,7 @@
[?] type: String, // in nitro this is a defined enum - seems good for now
[X] required: true
},
[X] key: {
[X] id: {
[X] type: String,
[X] required: true
},
@ -43,7 +43,7 @@
CALL apoc.load.json("file:${IMPORT_CHUNK_PATH_CQL_FILE}") YIELD value as badge
MERGE(b:Badge {id: badge._id["$oid"]})
ON CREATE SET
b.key = badge.key,
b.id = badge.key,
b.type = badge.type,
b.icon = replace(badge.image.path, 'https://api-alpha.human-connection.org', ''),
b.status = badge.status,

1
deployment/legacy-migration/maintenance-worker/migration/neo4j/emotions/delete.cql
View File

@ -0,0 +1 @@
MATCH (u:User)-[e:EMOTED]->(c:Post) DETACH DELETE e;

57
deployment/legacy-migration/maintenance-worker/migration/neo4j/emotions/emotions.cql
View File

@ -5,31 +5,54 @@
// [-] Omitted in Nitro
// [?] Unclear / has work to be done for Nitro
{
[ ] userId: {
[ ] type: String,
[ ] required: true,
[X] userId: {
[X] type: String,
[X] required: true,
[-] index: true
},
[ ] contributionId: {
[ ] type: String,
[ ] required: true,
[X] contributionId: {
[X] type: String,
[X] required: true,
[-] index: true
},
[ ] rated: {
[ ] type: String,
[?] rated: {
[X] type: String,
[ ] required: true,
[ ] enum: ['funny', 'happy', 'surprised', 'cry', 'angry']
[?] enum: ['funny', 'happy', 'surprised', 'cry', 'angry']
},
[ ] createdAt: {
[ ] type: Date,
[ ] default: Date.now
[X] createdAt: {
[X] type: Date,
[X] default: Date.now
},
[ ] updatedAt: {
[ ] type: Date,
[ ] default: Date.now
[X] updatedAt: {
[X] type: Date,
[X] default: Date.now
},
[ ] wasSeeded: { type: Boolean }
[-] wasSeeded: { type: Boolean }
}
*/
CALL apoc.load.json("file:${IMPORT_CHUNK_PATH_CQL_FILE}") YIELD value as emotion;
CALL apoc.load.json("file:${IMPORT_CHUNK_PATH_CQL_FILE}") YIELD value as emotion
MATCH (u:User {id: emotion.userId}),
(c:Post {id: emotion.contributionId})
MERGE (u)-[e:EMOTED {
id: emotion._id["$oid"],
emotion: emotion.rated,
createdAt: datetime(emotion.createdAt.`$date`),
updatedAt: datetime(emotion.updatedAt.`$date`)
}]->(c)
RETURN e;
/*
// Queries
// user sets an emotion emotion:
// MERGE (u)-[e:EMOTED {id: ..., emotion: "funny", createdAt: ..., updatedAt: ...}]->(c)
// user removes emotion
// MATCH (u)-[e:EMOTED]->(c) DELETE e
// contribution distributions over every `emotion` property value for one post
// MATCH (u:User)-[e:EMOTED]->(c:Post {id: "5a70bbc8508f5b000b443b1a"}) RETURN e.emotion,COUNT(e.emotion)
// contribution distributions over every `emotion` property value for one user (advanced - "whats the primary emotion used by the user?")
// MATCH (u:User{id:"5a663b1ac64291000bf302a1"})-[e:EMOTED]->(c:Post) RETURN e.emotion,COUNT(e.emotion)
// contribution distributions over every `emotion` property value for all posts created by one user (advanced - "how do others react to my contributions?")
// MATCH (u:User)-[e:EMOTED]->(c:Post)<-[w:WROTE]-(a:User{id:"5a663b1ac64291000bf302a1"}) RETURN e.emotion,COUNT(e.emotion)
// if we can filter the above an a variable timescale that would be great (should be possible on createdAt and updatedAt fields)
*/

2
deployment/legacy-migration/maintenance-worker/migration/neo4j/follows/delete.cql
View File

@ -1 +1 @@
// this is just a relation between users(?) - no need to delete
MATCH (u1:User)-[f:FOLLOWS]->(u2:User) DETACH DELETE f;

6
deployment/legacy-migration/maintenance-worker/migration/neo4j/import.sh
View File

@ -60,8 +60,8 @@ delete_collection "contributions" "contributions_post"
delete_collection "contributions" "contributions_cando"
delete_collection "shouts" "shouts"
delete_collection "comments" "comments"
delete_collection "emotions" "emotions"
#delete_collection "emotions"
#delete_collection "invites"
#delete_collection "notifications"
#delete_collection "organizations"
@ -82,12 +82,12 @@ import_collection "users" "users/users.cql"
import_collection "follows_users" "follows/follows.cql"
#import_collection "follows_organizations" "follows/follows.cql"
import_collection "contributions_post" "contributions/contributions.cql"
import_collection "contributions_cando" "contributions/contributions.cql"
#import_collection "contributions_cando" "contributions/contributions.cql"
#import_collection "contributions_DELETED" "contributions/contributions.cql"
import_collection "shouts" "shouts/shouts.cql"
import_collection "comments" "comments/comments.cql"
import_collection "emotions" "emotions/emotions.cql"
# import_collection "emotions"
# import_collection "invites"
# import_collection "notifications"
# import_collection "organizations"

9
deployment/legacy-migration/maintenance-worker/migration/neo4j/users/users.cql
View File

@ -101,7 +101,7 @@ ON CREATE SET
u.name = user.name,
u.slug = user.slug,
u.email = user.email,
u.password = user.password,
u.encryptedPassword = user.password,
u.avatar = replace(user.avatar, 'https://api-alpha.human-connection.org', ''),
u.coverImg = replace(user.coverImg, 'https://api-alpha.human-connection.org', ''),
u.wasInvited = user.wasInvited,
@ -111,6 +111,13 @@ u.createdAt = user.createdAt.`$date`,
u.updatedAt = user.updatedAt.`$date`,
u.deleted = user.deletedAt IS NOT NULL,
u.disabled = false
MERGE (e:EmailAddress {
email: user.email,
createdAt: toString(datetime()),
verifiedAt: toString(datetime())
})
MERGE (e)-[:BELONGS_TO]->(u)
MERGE (u)<-[:PRIMARY_EMAIL]-(e)
WITH u, user, user.badgeIds AS badgeIds
UNWIND badgeIds AS badgeId
MATCH (b:Badge {id: badgeId})

7
docker-compose.travis.yml
View File

@ -26,9 +26,4 @@ services:
ports:
- 4001:4001
- 4123:4123
neo4j:
environment:
- NEO4J_AUTH=none
ports:
- 7687:7687
- 7474:7474

1
docker-compose.yml
View File

@ -12,6 +12,7 @@ services:
networks:
- hc-network
environment:
- NUXT_BUILD=.nuxt-dist
- HOST=0.0.0.0
- GRAPHQL_URI=http://backend:4000
- MAPBOX_TOKEN="pk.eyJ1IjoiaHVtYW4tY29ubmVjdGlvbiIsImEiOiJjajl0cnBubGoweTVlM3VwZ2lzNTNud3ZtIn0.bZ8KK9l70omjXbEkkbHGsQ"

11
edit-this-documentation.md
View File

@ -1,12 +1,6 @@
# Edit this Documentation
Go to the section and theme you want to change: On the left navigator.
Click **Edit on GitHub** on the right.
On the **Issue** tab youll find the open issues. Read what need to be done by clicking on the issue you like to fix.
By going backwards in the browser **\(!\)**, again go to the **Code** tab.
Find the [**table of contents** for this documentation on GitHub](https://github.com/Human-Connection/Human-Connection/blob/master/SUMMARY.md) and navigate to the file you need to update.
Click on the **edit pencil** on the right side directly above the text to edit this file on your fork of Human Connection \(HC\).
@ -14,7 +8,7 @@ You can see a preview of your changes by clicking the **Preview changes** tab as
If you are ready, fill in the **Propose file change** at the end of the webpage.
After that you have to send your change to the HC basis with a pull request. Here make a comment which issue you have fixed. At least the number.
After that you have to send your change to the HC basis with a pull request. Here make a comment which issue you have fixed. (If you are working on one of our [open issues](https://github.com/Human-Connection/Human-Connection/issues) please include the number.)
## Markdown your documentation
@ -117,4 +111,3 @@ TODO: How to modify screenshots in Linux ...
{% endhint %}
{% endtab %}
{% endtabs %}

16
neo4j/README.md
View File

@ -20,7 +20,7 @@ for an interactive cypher shell and a visualization of the graph.
## Installation without Docker
Install community edition of [Neo4J]() along with the plugin
Install the community edition of [Neo4j](https://neo4j.com/) along with the plugin
[Apoc](https://github.com/neo4j-contrib/neo4j-apoc-procedures) on your system.
To do so, go to [releases](https://neo4j.com/download-center/#releases), choose
@ -28,7 +28,13 @@ To do so, go to [releases](https://neo4j.com/download-center/#releases), choose
and unpack the files.
Download [Neo4j Apoc](https://github.com/neo4j-contrib/neo4j-apoc-procedures/releases)
and drop the file into the `plugins` folder of the just extracted Neo4j-Server.
and drop the `.jar` file into the `plugins` folder of the just extracted Neo4j-Server.
Then make sure to allow Apoc procedures by adding the following line to your Neo4j configuration \(`conf/neo4j.conf`\):
```
dbms.security.procedures.unrestricted=apoc.*
```
### Alternatives
@ -59,6 +65,6 @@ $ cp .env.template .env
$ ./db_setup.sh
```
Otherwise if you don't have `cypher-shell` available, simply copy the cypher
statements [from the script](./neo4j/db_setup.sh) and paste the scripts into your
database [browser frontend](http://localhost:7474).
Otherwise, if you don't have `cypher-shell` available, copy the cypher
statements [from the `db_setup.sh` script](https://github.com/Human-Connection/Human-Connection/blob/master/neo4j/db_setup.sh) and paste the scripts into your
[database browser frontend](http://localhost:7474).

2
neo4j/db_setup.sh
View File

@ -34,6 +34,8 @@ CREATE CONSTRAINT ON (p:Post) ASSERT p.slug IS UNIQUE;
CREATE CONSTRAINT ON (c:Category) ASSERT c.slug IS UNIQUE;
CREATE CONSTRAINT ON (u:User) ASSERT u.slug IS UNIQUE;
CREATE CONSTRAINT ON (o:Organization) ASSERT o.slug IS UNIQUE;
CREATE CONSTRAINT ON (e:EmailAddress) ASSERT e.email IS UNIQUE;
' | cypher-shell
echo '

9
package.json
View File

@ -19,16 +19,19 @@
"test:jest": "cd webapp && yarn test && cd ../backend && yarn test:jest && codecov"
},
"devDependencies": {
"bcryptjs": "^2.4.3",
"codecov": "^3.5.0",
"cross-env": "^5.2.0",
"cypress": "^3.3.2",
"cypress": "^3.4.0",
"cypress-cucumber-preprocessor": "^1.12.0",
"cypress-file-upload": "^3.2.0",
"cypress-file-upload": "^3.3.1",
"cypress-plugin-retries": "^1.2.2",
"dotenv": "^8.0.0",
"faker": "Marak/faker.js#master",
"graphql-request": "^1.8.2",
"neo4j-driver": "^1.7.5",
"npm-run-all": "^4.1.5"
"neode": "^0.2.16",
"npm-run-all": "^4.1.5",
"slug": "^1.1.0"
}
}

2
webapp/.gitignore vendored
View File

@ -61,6 +61,8 @@ typings/
# nuxt.js build output
.nuxt
# also the build output in docker container
.nuxt-dist
# Nuxt generate
dist

2
webapp/Dockerfile
View File

@ -1,4 +1,4 @@
FROM node:12.5-alpine as base
FROM node:12.6-alpine as base
LABEL Description="Web Frontend of the Social Network Human-Connection.org" Vendor="Human-Connection gGmbH" Version="0.0.1" Maintainer="Human-Connection gGmbH (developer@human-connection.org)"
EXPOSE 3000

2
webapp/README.md
View File

@ -41,4 +41,4 @@ All reusable Components \(for example avatar\) should be done inside the [Nitro-
More information can be found here: [https://github.com/Human-Connection/Nitro-Styleguide](https://github.com/Human-Connection/Nitro-Styleguide)
If you need to change something in the styleguide and want to see the effects on the frontend immediately, then we have you covered. You need to clone the styleguide to the parent directory `../Nitro-Styleguide` and run `yarn && yarn run dev`. After that you run `yarn run dev:styleguide` instead of `yarn run dev` and you will see your changes reflected inside the fronten!
If you need to change something in the styleguide and want to see the effects on the frontend immediately, then we have you covered. You need to clone the styleguide to the parent directory `../Nitro-Styleguide` and run `yarn && yarn run dev`. After that you run `yarn run dev:styleguide` instead of `yarn run dev` and you will see your changes reflected inside the frontend!

5
webapp/assets.md
View File

@ -1,8 +1,5 @@
# ASSETS
**This directory is not required, you can delete it if you don't want to use it.**
This directory contains your un-compiled assets such as LESS, SASS, or JavaScript.
This directory contains your un-compiled assets such as LESS, SASS, or JavaScript in our case SCSS styles.
More information about the usage of this directory in [the documentation](https://nuxtjs.org/guide/assets#webpacked).

3
webapp/assets/styles/main.scss
View File

@ -66,7 +66,8 @@ blockquote {
border-left: 3px dotted $color-neutral-70;
&::before {
content: '\201C'; /*Unicode for Left Double Quote*/
content: '\201C';
/*Unicode for Left Double Quote*/
/*Font*/
font-size: $font-size-xxxx-large;

Some files were not shown because too many files have changed in this diff Show More