#1258 secretariat update to another org no longer updates last_active

Author: jack-flores

src/controller/org.controller/org.controller.js

@@ -364,7 +364,12 @@ async function updateOrg (req, res, next) {
             })
           }
         }
+        if (shortName === orgMakingChanges) {
+          newOrg.last_active = Date.now()
+        }
       })
+    } else {
+      newOrg.last_active = Date.now()
     }
 
     // updating the org's roles
@@ -398,8 +403,6 @@ async function updateOrg (req, res, next) {
       }
     }
 
-    newOrg.last_active = Date.now()
-
     // update org
     let result = await orgRepo.updateByOrgUUID(org.UUID, newOrg)
     if (result.n === 0) {
@@ -411,6 +414,9 @@ async function updateOrg (req, res, next) {
     result = result.length > 0 ? result[0] : null
 
     if (!isSec) {
+      if (!result.last_active) {
+        return res.status(500).json(error.serverError())
+      }
       result = { last_active: result.last_active }
     }
 

test/integration-tests/org/putOrgTest.js

@@ -60,7 +60,37 @@ describe('Testing org put endpoint', () => {
           expect(err).to.be.undefined
         })
     })
-    it('Update made by non secretariat org to itself ONLY updates last_active field', async () => {
+    it('Update made by a secretariat to another org does NOT update last_active field', async () => {
+      await chai.request(app)
+        .put('/api/org/win_5')
+        .set({ ...constants.headers })
+        .query(params)
+        .send()
+        .then((res, err) => {
+          expect(res.body.updated.last_active).to.be.undefined
+          expect(res).to.have.status(200)
+          expect(err).to.be.undefined
+        })
+    })
+    it('Update made by a secretariat to itself DOES update last_active field', async () => {
+      const now = Date.now()
+      await chai.request(app)
+        .put('/api/org/mitre')
+        .set({ ...constants.headers })
+        .query(params)
+        .send()
+        .then((res, err) => {
+          expect(res.body.updated.last_active).to.not.be.null
+          // Assert that that the last_active field was updated under 2 seconds ago
+          const lastActive = Date.parse(res.body.updated.last_active)
+          const diff = Math.abs(now - lastActive)
+          const withinTwoSeconds = diff < 2000
+          expect(withinTwoSeconds).to.be.true
+          expect(res).to.have.status(200)
+          expect(err).to.be.undefined
+        })
+    })
+    it('Update made by non-secretariat org to itself ONLY updates last_active field', async () => {
       const now = Date.now()
       await chai.request(app)
         .put('/api/org/win_5')
@@ -80,6 +110,54 @@ describe('Testing org put endpoint', () => {
           expect(err).to.be.undefined
         })
     })
+    it('Request body ignored in update made by non-secretariat org to itself', async () => {
+      const requestBody = {
+        key1: 'value1',
+        key2: 'value2',
+        key3: 'value3',
+        key4: 'value4',
+        key5: 'value5',
+        key6: 'value6',
+        key7: 'value7',
+        key8: 'value8'
+      }
+      await chai.request(app)
+        .put('/api/org/win_5')
+        .set({ ...constants.nonSecretariatUserHeaders })
+        .send(requestBody)
+        .then((res, err) => {
+          expect(res).to.have.status(200)
+          expect(res.body.updated.last_active).to.not.be.null
+          expect(res.body.updated.active_roles).to.be.undefined
+          expect(res.body.updated.name).to.be.undefined
+          expect(res.body.updated.policies).to.be.undefined
+          expect(err).to.be.undefined
+        })
+    })
+    it('Request body ignored in update made by secretariat to itself', async () => {
+      const requestBody = {
+        key1: 'value1',
+        key2: 'value2',
+        key3: 'value3',
+        key4: 'value4',
+        key5: 'value5',
+        key6: 'value6',
+        key7: 'value7',
+        key8: 'value8'
+      }
+      await chai.request(app)
+        .put('/api/org/mitre')
+        .set({ ...constants.headers })
+        .query(params)
+        .send(requestBody)
+        .then((res, err) => {
+          expect(res).to.have.status(200)
+          expect(res.body.updated.last_active).to.not.be.null
+          expect(res.body.updated.name).to.equal(params.name)
+          expect(res.body.updated.policies.id_quota).to.equal(params.id_quota)
+          expect(err).to.be.undefined
+        })
+    })
   })
   context('Negative Tests', () => {
     it('Fails update made by a non-secretariat org to a different org', async () => {

test/unit-tests/org/orgUpdateLastActiveTest.js

@@ -109,7 +109,9 @@ describe('Testing the updateOrg function', () => {
     it('Non-secretariat no params only updates last_active field', async () => {
       sinon.stub(orgRepo, 'isSecretariat').returns(false)
       sinon.stub(orgRepo, 'findOneByShortName').returns(nonSecretariat)
-      sinon.stub(orgRepo, 'aggregate').returns([nonSecretariat])
+      const nonSecretariatAgt = nonSecretariat
+      nonSecretariatAgt.last_active = Date.now()
+      sinon.stub(orgRepo, 'aggregate').returns([nonSecretariatAgt])
 
       const req = {
         ctx: {