From bbbe8772f2e9e51ee89eec1826551b14e35b8048 Mon Sep 17 00:00:00 2001
From: mleanos <michael.leanos@gmail.com>
Date: Fri, 28 Aug 2015 17:41:13 -0700
Subject: [PATCH 1/2] Admin Users require role

These changes make the role field required in the User model. Changes to
the Admin user edit view were added to provide validation for the role
field.

As an added enhancement, the user's roles are displayed in the Admin
user list view.
---
 .../client/views/admin/edit-user.client.view.html     | 11 +++++++----
 .../client/views/admin/list-users.client.view.html    |  1 +
 modules/users/server/models/user.server.model.js      |  3 ++-
 3 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/modules/users/client/views/admin/edit-user.client.view.html b/modules/users/client/views/admin/edit-user.client.view.html
index 6a2795f625..e7cc0d2b65 100644
--- a/modules/users/client/views/admin/edit-user.client.view.html
+++ b/modules/users/client/views/admin/edit-user.client.view.html
@@ -7,22 +7,25 @@ <h1>User <span ng-bind="user.username"></span></h1>
       <fieldset>
         <div class="form-group" show-errors>
           <label for="firstName">First Name</label>
-          <input type="text" id="firstName" name="firstName" class="form-control" ng-model="user.firstName" placeholder="First Name" required>
+          <input type="text" id="firstName" name="firstName" class="form-control" ng-model="user.firstName" placeholder="First Name" required />
           <div ng-messages="userForm.firstName.$error" role="alert">
             <p class="help-block error-text" ng-message="required">First name is required.</p>
           </div>
         </div>
         <div class="form-group" show-errors>
           <label for="lastName">Last Name</label>
-          <input type="text" id="lastName" name="lastName" class="form-control" ng-model="user.lastName" placeholder="Last Name" required>
+          <input type="text" id="lastName" name="lastName" class="form-control" ng-model="user.lastName" placeholder="Last Name" required />
           <div ng-messages="userForm.lastName.$error" role="alert">
             <p class="help-block error-text" ng-message="required">Last name is required.</p>
           </div>
         </div>
-        <div class="form-group">
+        <div class="form-group" show-errors>
           <label class="control-label" for="roles">Roles</label>
           <div class="controls">
-            <input class="form-control" type="text" name="roles" ng-model="user.roles" id="roles" ng-list />
+            <input class="form-control" type="text" name="roles" ng-model="user.roles" id="roles" ng-list required />
+            <div ng-messages="userForm.roles.$error" role="alert">
+              <p class="help-block error-text" ng-message="required">At least one role is required.</p>
+            </div>
           </div>
         </div>
         <div class="form-group">
diff --git a/modules/users/client/views/admin/list-users.client.view.html b/modules/users/client/views/admin/list-users.client.view.html
index 4ef28d4b40..62a907d13c 100644
--- a/modules/users/client/views/admin/list-users.client.view.html
+++ b/modules/users/client/views/admin/list-users.client.view.html
@@ -12,6 +12,7 @@ <h1>Users</h1>
   <div class="list-group">
     <a ng-repeat="user in pagedItems" ui-sref="admin.user({userId: user._id})" class="list-group-item">
       <h4 class="list-group-item-heading" ng-bind="user.username"></h4>
+      <p class="list-group-item-text pull-right small" ng-bind="user.roles"></p>
       <p class="list-group-item-text" ng-bind="user.email"></p>
     </a>
   </div>
diff --git a/modules/users/server/models/user.server.model.js b/modules/users/server/models/user.server.model.js
index bcaff5d84b..e7c0af0861 100644
--- a/modules/users/server/models/user.server.model.js
+++ b/modules/users/server/models/user.server.model.js
@@ -85,7 +85,8 @@ var UserSchema = new Schema({
       type: String,
       enum: ['user', 'admin']
     }],
-    default: ['user']
+    default: ['user'],
+    required: 'Please provide at least one role'
   },
   updated: {
     type: Date

From 263adccd443c53659b45b390f7fcfc875f980c99 Mon Sep 17 00:00:00 2001
From: mleanos <michael.leanos@gmail.com>
Date: Fri, 28 Aug 2015 18:19:33 -0700
Subject: [PATCH 2/2] User model tests for roles

Added tests for the User model's roles field.

Should be able to update existing user with valid roles
Should NOT be able to update existing user WITHOUT a role
Should NOT be able to update existing user with INVALID role
---
 .../tests/server/user.server.model.tests.js   | 48 +++++++++++++++++++
 1 file changed, 48 insertions(+)

diff --git a/modules/users/tests/server/user.server.model.tests.js b/modules/users/tests/server/user.server.model.tests.js
index 66890671c7..c0ad1eeee5 100644
--- a/modules/users/tests/server/user.server.model.tests.js
+++ b/modules/users/tests/server/user.server.model.tests.js
@@ -92,6 +92,54 @@ describe('User Model Unit Tests:', function () {
       });
     });
 
+    it('should be able to update an existing user with valid roles without problems', function (done) {
+      var _user = new User(user);
+
+      _user.save(function (err) {
+        should.not.exist(err);
+        _user.roles = ['user', 'admin'];
+        _user.save(function (err) {
+          should.not.exist(err);
+          _user.remove(function (err) {
+            should.not.exist(err);
+            done();
+          });
+        });
+      });
+    });
+
+    it('should be able to show an error when trying to update an existing user without a role', function (done) {
+      var _user = new User(user);
+
+      _user.save(function (err) {
+        should.not.exist(err);
+        _user.roles = [];
+        _user.save(function (err) {
+          should.exist(err);
+          _user.remove(function (err) {
+            should.not.exist(err);
+            done();
+          });
+        });
+      });
+    });
+
+    it('should be able to show an error when trying to update an existing user with a invalid role', function (done) {
+      var _user = new User(user);
+
+      _user.save(function (err) {
+        should.not.exist(err);
+        _user.roles = ['invalid-user-role-enum'];
+        _user.save(function (err) {
+          should.exist(err);
+          _user.remove(function (err) {
+            should.not.exist(err);
+            done();
+          });
+        });
+      });
+    });
+
     it('should confirm that saving user model doesnt change the password', function (done) {
       var _user = new User(user);