From b14ddc80649798f6ea6b2b0744e5accfaa941654 Mon Sep 17 00:00:00 2001
From: Patrick Leary <patrick.r.leary@gmail.com>
Date: Fri, 26 Jul 2024 11:53:45 -0400
Subject: [PATCH] document v1 users/resend_confirmation, add tests #427

---
 lib/controllers/v1/users_controller.js |  1 +
 lib/views/swagger_v1.yml.ejs           | 13 +++++++++++++
 test/integration/v1/users.js           | 26 ++++++++++++++++++++++++++
 3 files changed, 40 insertions(+)

diff --git a/lib/controllers/v1/users_controller.js b/lib/controllers/v1/users_controller.js
index 959a3782..63e10a98 100644
--- a/lib/controllers/v1/users_controller.js
+++ b/lib/controllers/v1/users_controller.js
@@ -382,6 +382,7 @@ const UsersController = class UsersController {
   }
 
   static async resendConfirmation( req ) {
+    if ( !req.userSession ) { throw new Error( 401 ); }
     return InaturalistAPI.iNatJSWrap( users.resendConfirmation, req );
   }
 
diff --git a/lib/views/swagger_v1.yml.ejs b/lib/views/swagger_v1.yml.ejs
index 0ee52d7f..563b3f5e 100644
--- a/lib/views/swagger_v1.yml.ejs
+++ b/lib/views/swagger_v1.yml.ejs
@@ -1880,6 +1880,19 @@ paths:
           description: Returns an empty 200 response on success
         404:
           description: Specified user does not exist
+  /users/resend_confirmation:
+    post:
+      summary: User Resend Confirmation
+      description: Resend an email confirmation
+      consumes:
+       - application/json
+      tags:
+        - Users
+      security:
+        - api_token: []
+      responses:
+        200:
+          description: OK
   /users/update_session:
     put:
       summary: User Update Session
diff --git a/test/integration/v1/users.js b/test/integration/v1/users.js
index 6bc74982..e7cfb309 100644
--- a/test/integration/v1/users.js
+++ b/test/integration/v1/users.js
@@ -394,4 +394,30 @@ describe( "Users", ( ) => {
         .expect( 200, done );
     } );
   } );
+
+  describe( "resend_confirmation", ( ) => {
+    const currentUser = fixtures.elasticsearch.users.user[0];
+    const token = jwt.sign( { user_id: currentUser.id },
+      config.jwtSecret || "secret",
+      { algorithm: "HS512" } );
+
+    it( "should 401 without auth", function ( done ) {
+      request( this.app )
+        .post( "/v1/users/resend_confirmation" )
+        .expect( 401, done );
+    } );
+    it( "should hit the Rails equivalent and return 200", function ( done ) {
+      const nockScope = nock( "http://localhost:3000" )
+        .post( "/users/resend_confirmation" )
+        .reply( 200 );
+      request( this.app )
+        .post( "/v1/users/resend_confirmation" )
+        .set( "Authorization", token )
+        .expect( ( ) => {
+          // Raise an exception if the nocked endpoint doesn't get called
+          nockScope.done( );
+        } )
+        .expect( 200, done );
+    } );
+  } );
 } );