bug getodk#930: changed propertyNotFound to missingParameter, also added test case.

dev-rahulbhadoriya · dev-rahulbhadoriya · commit b0c79886b482 · 2023-12-20T18:50:02.000+05:30
diff --git a/lib/resources/users.js b/lib/resources/users.js
@@ -55,7 +55,7 @@ module.exports = (service, endpoint) => {
 
     // TODO/SECURITY: subtle timing attack here.
     service.post('/users/reset/initiate', endpoint(({ Users, mail }, { auth, body, query }) =>
-      (!body.email ? Problem.user.propertyNotFound({ property: 'email' }) : Users.getByEmail(body.email)
+      (!body.email ? Problem.user.missingParameter({ field: 'email' }) : Users.getByEmail(body.email)
         .then((maybeUser) => maybeUser
           .map((user) => ((isTrue(query.invalidate))
             ? auth.canOrReject('user.password.invalidate', user.actor)
diff --git a/test/integration/api/users.js b/test/integration/api/users.js
@@ -402,6 +402,12 @@ describe('api: /users', () => {
             asAlice.post('/v1/users/reset/verify')
               .send({ new: 'coolpassword' })
               .expect(403))));
+
+        it('should fail the request if email field is sent blank in request body', testService((service) =>
+          service.login('alice', (asAlice) =>
+            asAlice.post('/v1/users/reset/initiate')
+              .send({ email: '' })
+              .expect(400))));
       });
     }
   });
