fix(session): update tests (karma), and routes

This commit changes the default login/logout routes to use the `/auth`
prefix.  All tests and associated permissions have been updated.

We now have three route:
 1) `/auth/login`
 2) `/auth/logout`
 3) `/auth/reload`

The `reload` route will send back the logged in user's updated session
information.  This is particularly useful when the Enterprise, Project,
User or Permissions services detect changes to their bound items.

client/src/js/components/bhNavigation.js

@@ -26,19 +26,21 @@ function NavigationController($location, $rootScope, Tree, AppCache, Notify) {
    */
   var unitsIndex = { id : {}, path : {} };
 
-  Tree.units()
-    .then(function (units) {
+  function loadTreeUnits() {
+    Tree.units()
+      .then(function (units) {
 
-      Tree.sortByTranslationKey(units);
-      $ctrl.units = units;
+        Tree.sortByTranslationKey(units);
+        $ctrl.units = units;
 
-      calculateUnitIndex($ctrl.units);
-      expandInitialUnits($ctrl.units);
+        calculateUnitIndex($ctrl.units);
+        expandInitialUnits($ctrl.units);
 
-      // updates the tree selection on path change
-      updateSelectionOnPathChange();
-    })
-    .catch(Notify.handleError);
+        // updates the tree selection on path change
+        updateSelectionOnPathChange();
+      })
+      .catch(Notify.handleError);
+  }
 
   // Tree Utility methods
   $ctrl.toggleUnit = function toggleUnit(unit) {
@@ -154,4 +156,7 @@ function NavigationController($location, $rootScope, Tree, AppCache, Notify) {
    */
   $rootScope.$on('$translateChangeSuccess', $ctrl.refreshTranslation);
   $rootScope.$on('$stateChangeSuccess', updateSelectionOnPathChange);
+
+  // if the session is reloaded, download the new tree units
+  $rootScope.$on('session:reload', loadTreeUnits);
 }

client/src/js/services/Session.js

@@ -38,6 +38,9 @@ function SessionService($sessionStorage, $http, $location, util, $rootScope) {
   // logout http method
   service.logout = logout;
 
+  // reloads a user's session
+  service.reload = reload;
+
   // set the user, enterprise, and project for the session
   // this should happen right after login
   function create(user, enterprise, project, paths) {
@@ -60,6 +63,7 @@ function SessionService($sessionStorage, $http, $location, util, $rootScope) {
     // update bindings
     load();
 
+    // TODO - use $state
     $location.url('/login');
   }
 
@@ -72,7 +76,7 @@ function SessionService($sessionStorage, $http, $location, util, $rootScope) {
    */
   function login(credentials) {
     /** @todo - should the login reject if a user is already logged in? */
-    return $http.post('/login', credentials)
+    return $http.post('/auth/login', credentials)
       .then(util.unwrapHttpResponse)
       .then(function (session) {
 
@@ -95,7 +99,7 @@ function SessionService($sessionStorage, $http, $location, util, $rootScope) {
    * @return {Promise} promise - the HTTP logout promise
    */
   function logout() {
-    return $http.get('/logout')
+    return $http.get('/auth/logout')
       .then(function () {
 
         // destroy the user's session from $storage
@@ -115,16 +119,21 @@ function SessionService($sessionStorage, $http, $location, util, $rootScope) {
     service.enterprise = $storage.enterprise;
     service.project = $storage.project;
     service.paths = $storage.paths;
-
-    if($storage.user){
-      return $http.post('/reload', { username: $storage.user.username})
-      .then(util.unwrapHttpResponse)
-      .then(function (session) {
-        service.project = session.project;
-        service.paths = session.paths;
-      });
+  }
+
+  function reload() {
+    if ($storage.user) {
+      return $http.post('/auth/reload', { username: $storage.user.username})
+        .then(util.unwrapHttpResponse)
+        .then(function (session) {
+
+          // re-create the user session in the $storage
+          create(session.user, session.enterprise, session.project, session.paths);
+
+          // tell the tree to re-download a user's units
+          $rootScope.$emit('session:reload');
+        });
     }
-
   }
 
   // if the $rootScope emits 'session.destroy', destroy the session

client/src/js/services/UserService.js

@@ -37,7 +37,7 @@ function UserService($http, util) {
     var url = (id) ? '/users/' + id : '/users';
 
     return $http.get(url)
-    .then(util.unwrapHttpResponse);
+      .then(util.unwrapHttpResponse);
   }
 
   // updates a user with id

client/src/js/services/tree.js

@@ -23,7 +23,7 @@ function Tree($http, $translate, util) {
       .then(util.unwrapHttpResponse);
   }
 
-  /** recusively sort an array of BHIMA units respecting translation keys. */
+  /** recursively sort an array of BHIMA units respecting translation keys. */
   function sortByTranslationKey(units) {
     if (angular.isUndefined(units)) {
       return;

server/config/express.js

@@ -88,7 +88,7 @@ exports.configure = function configure(app) {
 
   // Only allow routes to use /login, /projects, /logout, and /languages if a
   // user session does not exists
-  let publicRoutes = ['/login', '/languages', '/projects/', '/logout'];
+  let publicRoutes = ['/auth/login', '/languages', '/projects/', '/auth/logout'];
 
   app.use(function (req, res, next) {
     if (_.isUndefined(req.session.user) && !within(req.path, publicRoutes)) {

server/config/routes.js

@@ -97,16 +97,16 @@ exports.configure = function configure(app) {
   app.get('/units', units.list);
 
   // auth gateway
-  app.post('/login', auth.login);
-  app.get('/logout', auth.logout);
-  app.post('/reload', auth.reload);
+  app.post('/auth/login', auth.login);
+  app.get('/auth/logout', auth.logout);
+  app.post('/auth/reload', auth.reload);
 
   // system and event helpers
   app.get('/system/events', system.events);
   app.get('/system/stream', system.stream);
   app.get('/system/information', system.info);
 
-  // dashbord stats 
+  // dashbord stats
   app.get('/patients/stats', stats.patients);
   app.get('/invoices/stats', stats.invoices);