From f4b97d3bc8ac734029cda2e510ee3d8627dc2218 Mon Sep 17 00:00:00 2001
From: Nazar Gargol <nazargargol@gmail.com>
Date: Wed, 24 Jul 2019 12:40:18 +0200
Subject: [PATCH] Migrated authentication.acceptInvitation method to v2

---
 core/server/api/v2/authentication.js          | 19 ++++++++++++-
 .../serializers/output/authentication.js      | 14 ++++++++++
 .../v2/utils/validators/input/invitations.js  | 28 +++++++++++++++++++
 core/server/web/api/v2/admin/routes.js        |  2 +-
 .../api/v2/admin/authentication_spec.js       |  5 +++-
 5 files changed, 65 insertions(+), 3 deletions(-)
 create mode 100644 core/server/api/v2/utils/serializers/output/authentication.js
 create mode 100644 core/server/api/v2/utils/validators/input/invitations.js

diff --git a/core/server/api/v2/authentication.js b/core/server/api/v2/authentication.js
index 409e31d44a4b..41f51c4ab3d6 100644
--- a/core/server/api/v2/authentication.js
+++ b/core/server/api/v2/authentication.js
@@ -1,6 +1,7 @@
-const auth = require('../../services/auth');
 const api = require('./index');
 const web = require('../../web');
+const auth = require('../../services/auth');
+const invitations = require('../../services/invitations');
 
 module.exports = {
     docName: 'authentication',
@@ -56,5 +57,21 @@ module.exports = {
                         });
                 });
         }
+    },
+
+    acceptInvitation: {
+        validation: {
+            docName: 'invitations'
+        },
+        permissions: false,
+        query(frame) {
+            return Promise.resolve()
+                .then(() => {
+                    return auth.setup.assertSetupCompleted(true);
+                })
+                .then(() => {
+                    return invitations.accept(frame.data);
+                });
+        }
     }
 };
diff --git a/core/server/api/v2/utils/serializers/output/authentication.js b/core/server/api/v2/utils/serializers/output/authentication.js
new file mode 100644
index 000000000000..26371986a743
--- /dev/null
+++ b/core/server/api/v2/utils/serializers/output/authentication.js
@@ -0,0 +1,14 @@
+const common = require('../../../../../lib/common');
+const debug = require('ghost-ignition').debug('api:v2:utils:serializers:output:authentication');
+
+module.exports = {
+    acceptInvitation(data, apiConfig, frame) {
+        debug('acceptInvitation');
+
+        frame.response = {
+            invitation: [
+                {message: common.i18n.t('common.api.authentication.mail.invitationAccepted')}
+            ]
+        };
+    }
+};
diff --git a/core/server/api/v2/utils/validators/input/invitations.js b/core/server/api/v2/utils/validators/input/invitations.js
new file mode 100644
index 000000000000..78042a239c80
--- /dev/null
+++ b/core/server/api/v2/utils/validators/input/invitations.js
@@ -0,0 +1,28 @@
+const Promise = require('bluebird');
+const debug = require('ghost-ignition').debug('api:v2:utils:validators:input:invitation');
+const common = require('../../../../../lib/common');
+
+module.exports = {
+    acceptInvitation(apiConfig, frame) {
+        debug('acceptInvitation');
+
+        const data = frame.data.invitation[0];
+
+        if (!data.token) {
+            return Promise.reject(new common.errors.ValidationError({message: common.i18n.t('errors.api.authentication.noTokenProvided')}));
+        }
+
+        if (!data.email) {
+            return Promise.reject(new common.errors.ValidationError({message: common.i18n.t('errors.api.authentication.noEmailProvided')}));
+        }
+
+        if (!data.password) {
+            return Promise.reject(new common.errors.ValidationError({message: common.i18n.t('errors.api.authentication.noPasswordProvided')}));
+        }
+
+        if (!data.name) {
+            return Promise.reject(new common.errors.ValidationError({message: common.i18n.t('errors.api.authentication.noNameProvided')}));
+        }
+    }
+};
+
diff --git a/core/server/web/api/v2/admin/routes.js b/core/server/web/api/v2/admin/routes.js
index 691ef57c3074..8bd80c701f64 100644
--- a/core/server/web/api/v2/admin/routes.js
+++ b/core/server/web/api/v2/admin/routes.js
@@ -187,7 +187,7 @@ module.exports = function apiRoutes() {
         api.http(apiv2.authentication.generateResetToken)
     );
     router.put('/authentication/passwordreset', shared.middlewares.brute.globalBlock, api.http(apiv2.authentication.resetPassword));
-    router.post('/authentication/invitation', api.http(api.authentication.acceptInvitation));
+    router.post('/authentication/invitation', api.http(apiv2.authentication.acceptInvitation));
     router.get('/authentication/invitation', api.http(api.authentication.isInvitation));
     router.post('/authentication/setup', api.http(api.authentication.setup));
     router.put('/authentication/setup', mw.authAdminApi, api.http(api.authentication.updateSetup));
diff --git a/core/test/regression/api/v2/admin/authentication_spec.js b/core/test/regression/api/v2/admin/authentication_spec.js
index b13ef57be7c8..0e01ca79f9fc 100644
--- a/core/test/regression/api/v2/admin/authentication_spec.js
+++ b/core/test/regression/api/v2/admin/authentication_spec.js
@@ -426,7 +426,10 @@ describe.only('Authentication API v2', function () {
                     }]
                 })
                 .expect('Content-Type', /json/)
-                .expect(200);
+                .expect(200)
+                .then((res) => {
+                    res.body.invitation[0].message.should.equal('Invitation accepted.');
+                });
         });
     });
 });