diff --git a/test/api/v3/integration/groups/PUT-groups.test.js b/test/api/v3/integration/groups/PUT-groups.test.js
index 77d4ad6487..f7daab824c 100644
--- a/test/api/v3/integration/groups/PUT-groups.test.js
+++ b/test/api/v3/integration/groups/PUT-groups.test.js
@@ -23,10 +23,11 @@ describe('PUT /group', () => {
groupDetails: {
name: groupName,
type: groupType,
- privacy: 'public',
+ privacy: 'private',
categories: groupCategories,
},
members: 1,
+ upgradeToGroupPlan: true,
});
adminUser = await generateUser({ 'permissions.moderator': true });
groupToUpdate = group;
@@ -106,14 +107,29 @@ describe('PUT /group', () => {
expect(updatedGroup.name).to.equal(groupUpdatedName);
});
- it('allows a leader to change leaders', async () => {
- const updatedGroup = await leader.put(`/groups/${groupToUpdate._id}`, {
+ it('does not allow a leader to change leader of active group plan', async () => {
+ await expect(leader.put(`/groups/${groupToUpdate._id}`, {
name: groupUpdatedName,
leader: nonLeader._id,
+ })).to.eventually.be.rejected.and.eql({
+ code: 401,
+ error: 'NotAuthorized',
+ message: t('cannotChangeLeaderWithActiveGroupPlan'),
+ });
+ });
+
+ it('allows a leader of a party to change leaders', async () => {
+ let party; let partyLeader; let members;
+ ({ group: party, groupLeader: partyLeader, members } = await createAndPopulateGroup({
+ members: 1,
+ }));
+ const updatedGroup = await partyLeader.put(`/groups/${party._id}`, {
+ name: groupUpdatedName,
+ leader: members[0]._id,
});
- expect(updatedGroup.leader._id).to.eql(nonLeader._id);
- expect(updatedGroup.leader.profile.name).to.eql(nonLeader.profile.name);
+ expect(updatedGroup.leader._id).to.eql(members[0]._id);
+ expect(updatedGroup.leader.profile.name).to.eql(members[0].profile.name);
expect(updatedGroup.name).to.equal(groupUpdatedName);
});
@@ -122,15 +138,16 @@ describe('PUT /group', () => {
groupDetails: {
name: 'public guild',
type: 'guild',
- privacy: 'public',
+ privacy: 'private',
},
+ upgradeToGroupPlan: true,
});
const updateGroupDetails = {
id: group._id,
name: 'public guild',
type: 'guild',
- privacy: 'public',
+ privacy: 'private',
bannedWordsAllowed: true,
};
@@ -150,9 +167,11 @@ describe('PUT /group', () => {
groupDetails: {
name: 'public guild',
type: 'guild',
- privacy: 'public',
+ privacy: 'private',
},
+ upgradeToGroupPlan: true,
});
+ await groupLeader.update({ permissions: {} } );
const updateGroupDetails = {
id: group._id,
diff --git a/test/api/v3/integration/payments/amazon/GET-payments_amazon_subscribe_cancel.test.js b/test/api/v3/integration/payments/amazon/GET-payments_amazon_subscribe_cancel.test.js
index 67313693be..c81bad1957 100644
--- a/test/api/v3/integration/payments/amazon/GET-payments_amazon_subscribe_cancel.test.js
+++ b/test/api/v3/integration/payments/amazon/GET-payments_amazon_subscribe_cancel.test.js
@@ -50,22 +50,21 @@ describe('payments : amazon #subscribeCancel', () => {
});
it('cancels a group subscription', async () => {
- user = await generateUser({
- 'profile.name': 'sender',
- 'purchased.plan.customerId': 'customer-id',
- 'purchased.plan.planId': 'basic_3mo',
- 'purchased.plan.lastBillingDate': new Date(),
- balance: 2,
- });
-
- group = await generateGroup(user, {
- name: 'test group',
- type: 'guild',
- privacy: 'public',
- 'purchased.plan.customerId': 'customer-id',
- 'purchased.plan.planId': 'basic_3mo',
- 'purchased.plan.lastBillingDate': new Date(),
- });
+ ({ group, groupLeader: user } = await createAndPopulateGroup({
+ groupDetails: {
+ name: 'test group',
+ type: 'guild',
+ privacy: 'private',
+ },
+ leaderDetails: {
+ 'profile.name': 'sender',
+ 'purchased.plan.customerId': 'customer-id',
+ 'purchased.plan.planId': 'basic_3mo',
+ 'purchased.plan.lastBillingDate': new Date(),
+ balance: 2,
+ },
+ upgradeToGroupPlan: true,
+ }));
await user.get(`${endpoint}&groupId=${group._id}`);
diff --git a/test/api/v3/integration/payments/amazon/POST-payments_amazon_subscribe.test.js b/test/api/v3/integration/payments/amazon/POST-payments_amazon_subscribe.test.js
index b6c09848a3..3ce1a718e2 100644
--- a/test/api/v3/integration/payments/amazon/POST-payments_amazon_subscribe.test.js
+++ b/test/api/v3/integration/payments/amazon/POST-payments_amazon_subscribe.test.js
@@ -70,8 +70,8 @@ describe('payments - amazon - #subscribe', () => {
group = await generateGroup(user, {
name: 'test group',
- type: 'guild',
- privacy: 'public',
+ type: 'party',
+ privacy: 'private',
'purchased.plan.customerId': 'customer-id',
'purchased.plan.planId': 'basic_3mo',
'purchased.plan.lastBillingDate': new Date(),
diff --git a/test/api/v3/integration/payments/stripe/GET-payments_stripe_subscribe_cancel.test.js b/test/api/v3/integration/payments/stripe/GET-payments_stripe_subscribe_cancel.test.js
index d6ec1e0312..77098a1b46 100644
--- a/test/api/v3/integration/payments/stripe/GET-payments_stripe_subscribe_cancel.test.js
+++ b/test/api/v3/integration/payments/stripe/GET-payments_stripe_subscribe_cancel.test.js
@@ -1,7 +1,7 @@
import {
generateUser,
- generateGroup,
translate as t,
+ createAndPopulateGroup,
} from '../../../../../helpers/api-integration/v3';
import stripePayments from '../../../../../../website/server/libs/payments/stripe';
@@ -48,22 +48,21 @@ describe('payments - stripe - #subscribeCancel', () => {
});
it('cancels a group subscription', async () => {
- user = await generateUser({
- 'profile.name': 'sender',
- 'purchased.plan.customerId': 'customer-id',
- 'purchased.plan.planId': 'basic_3mo',
- 'purchased.plan.lastBillingDate': new Date(),
- balance: 2,
- });
-
- group = await generateGroup(user, {
- name: 'test group',
- type: 'guild',
- privacy: 'public',
- 'purchased.plan.customerId': 'customer-id',
- 'purchased.plan.planId': 'basic_3mo',
- 'purchased.plan.lastBillingDate': new Date(),
- });
+ ({ group, groupLeader: user } = await createAndPopulateGroup({
+ groupDetails: {
+ name: 'test group',
+ type: 'guild',
+ privacy: 'private',
+ },
+ leaderDetails: {
+ 'profile.name': 'sender',
+ 'purchased.plan.customerId': 'customer-id',
+ 'purchased.plan.planId': 'basic_3mo',
+ 'purchased.plan.lastBillingDate': new Date(),
+ balance: 2,
+ },
+ upgradeToGroupPlan: true,
+ }));
await user.get(`${endpoint}&groupId=${group._id}`);
diff --git a/website/common/locales/en/groups.json b/website/common/locales/en/groups.json
index 94ef5ff38e..2439bdb8b6 100644
--- a/website/common/locales/en/groups.json
+++ b/website/common/locales/en/groups.json
@@ -199,6 +199,7 @@
"claim": "Claim Task",
"removeClaim": "Remove Claim",
"onlyGroupLeaderCanManageSubscription": "Only the group leader can manage the group's subscription",
+ "onlyPrivateGuildsCanUpgrade": "Only private guilds can be upgraded to a group plan.",
"youHaveBeenAssignedTask": "<%- managerName %> has assigned you the task <%- taskText %>.",
"yourTaskHasBeenApproved": "Your task <%- taskText %> has been approved.",
"thisTaskApproved": "This task was approved",
diff --git a/website/server/controllers/api-v3/groups.js b/website/server/controllers/api-v3/groups.js
index 5d30fdc61e..4d8fdc4084 100644
--- a/website/server/controllers/api-v3/groups.js
+++ b/website/server/controllers/api-v3/groups.js
@@ -487,7 +487,9 @@ api.updateGroup = {
if (group.leader !== user._id && group.type === 'party') throw new NotAuthorized(res.t('messageGroupOnlyLeaderCanUpdate'));
else if (group.leader !== user._id && !user.hasPermission('moderator')) throw new NotAuthorized(res.t('messageGroupOnlyLeaderCanUpdate'));
- if (req.body.leader !== user._id && group.hasNotCancelled()) throw new NotAuthorized(res.t('cannotChangeLeaderWithActiveGroupPlan'));
+ if (req.body.leader && req.body.leader !== user._id && group.hasNotCancelled()) {
+ throw new NotAuthorized(res.t('cannotChangeLeaderWithActiveGroupPlan'));
+ }
const handleArrays = (currentValue, updatedValue) => {
if (!_.isArray(currentValue)) {