diff --git a/src/controller/org.controller/org.controller.js b/src/controller/org.controller/org.controller.js index 0e82f640d..5b94b2d2a 100644 --- a/src/controller/org.controller/org.controller.js +++ b/src/controller/org.controller/org.controller.js @@ -364,7 +364,12 @@ async function updateOrg (req, res, next) { }) } } + if (shortName === orgMakingChanges) { + newOrg.last_active = Date.now() + } }) + } else { + newOrg.last_active = Date.now() } // updating the org's roles @@ -398,8 +403,6 @@ async function updateOrg (req, res, next) { } } - newOrg.last_active = Date.now() - // update org let result = await orgRepo.updateByOrgUUID(org.UUID, newOrg) if (result.n === 0) { @@ -411,6 +414,9 @@ async function updateOrg (req, res, next) { result = result.length > 0 ? result[0] : null if (!isSec) { + if (!result.last_active) { + return res.status(500).json(error.serverError()) + } result = { last_active: result.last_active } } diff --git a/test/integration-tests/org/putOrgTest.js b/test/integration-tests/org/putOrgTest.js index dec0a2b05..28c3a0625 100644 --- a/test/integration-tests/org/putOrgTest.js +++ b/test/integration-tests/org/putOrgTest.js @@ -60,7 +60,37 @@ describe('Testing org put endpoint', () => { expect(err).to.be.undefined }) }) - it('Update made by non secretariat org to itself ONLY updates last_active field', async () => { + it('Update made by a secretariat to another org does NOT update last_active field', async () => { + await chai.request(app) + .put('/api/org/win_5') + .set({ ...constants.headers }) + .query(params) + .send() + .then((res, err) => { + expect(res.body.updated.last_active).to.be.undefined + expect(res).to.have.status(200) + expect(err).to.be.undefined + }) + }) + it('Update made by a secretariat to itself DOES update last_active field', async () => { + const now = Date.now() + await chai.request(app) + .put('/api/org/mitre') + .set({ ...constants.headers }) + .query(params) + .send() + .then((res, err) => { + expect(res.body.updated.last_active).to.not.be.null + // Assert that that the last_active field was updated under 2 seconds ago + const lastActive = Date.parse(res.body.updated.last_active) + const diff = Math.abs(now - lastActive) + const withinTwoSeconds = diff < 2000 + expect(withinTwoSeconds).to.be.true + expect(res).to.have.status(200) + expect(err).to.be.undefined + }) + }) + it('Update made by non-secretariat org to itself ONLY updates last_active field', async () => { const now = Date.now() await chai.request(app) .put('/api/org/win_5') @@ -80,6 +110,54 @@ describe('Testing org put endpoint', () => { expect(err).to.be.undefined }) }) + it('Request body ignored in update made by non-secretariat org to itself', async () => { + const requestBody = { + key1: 'value1', + key2: 'value2', + key3: 'value3', + key4: 'value4', + key5: 'value5', + key6: 'value6', + key7: 'value7', + key8: 'value8' + } + await chai.request(app) + .put('/api/org/win_5') + .set({ ...constants.nonSecretariatUserHeaders }) + .send(requestBody) + .then((res, err) => { + expect(res).to.have.status(200) + expect(res.body.updated.last_active).to.not.be.null + expect(res.body.updated.active_roles).to.be.undefined + expect(res.body.updated.name).to.be.undefined + expect(res.body.updated.policies).to.be.undefined + expect(err).to.be.undefined + }) + }) + it('Request body ignored in update made by secretariat to itself', async () => { + const requestBody = { + key1: 'value1', + key2: 'value2', + key3: 'value3', + key4: 'value4', + key5: 'value5', + key6: 'value6', + key7: 'value7', + key8: 'value8' + } + await chai.request(app) + .put('/api/org/mitre') + .set({ ...constants.headers }) + .query(params) + .send(requestBody) + .then((res, err) => { + expect(res).to.have.status(200) + expect(res.body.updated.last_active).to.not.be.null + expect(res.body.updated.name).to.equal(params.name) + expect(res.body.updated.policies.id_quota).to.equal(params.id_quota) + expect(err).to.be.undefined + }) + }) }) context('Negative Tests', () => { it('Fails update made by a non-secretariat org to a different org', async () => { diff --git a/test/unit-tests/org/orgUpdateLastActiveTest.js b/test/unit-tests/org/orgUpdateLastActiveTest.js index 1bffe773a..33fa5bc0c 100644 --- a/test/unit-tests/org/orgUpdateLastActiveTest.js +++ b/test/unit-tests/org/orgUpdateLastActiveTest.js @@ -109,7 +109,9 @@ describe('Testing the updateOrg function', () => { it('Non-secretariat no params only updates last_active field', async () => { sinon.stub(orgRepo, 'isSecretariat').returns(false) sinon.stub(orgRepo, 'findOneByShortName').returns(nonSecretariat) - sinon.stub(orgRepo, 'aggregate').returns([nonSecretariat]) + const nonSecretariatAgt = nonSecretariat + nonSecretariatAgt.last_active = Date.now() + sinon.stub(orgRepo, 'aggregate').returns([nonSecretariatAgt]) const req = { ctx: {