attempt implementing prerendering

tell vite to ignore browser-script url
fix setupNconf imports
2026-05-20 19:48:38 -05:00 · 2025-02-04 17:43:30 +01:00 · 2025-02-04 17:42:55 +01:00 · 2025-02-04 12:29:33 +01:00 · 2025-02-04 11:21:08 +01:00 · 2025-02-03 18:22:17 +01:00
1133 changed files with 32336 additions and 59049 deletions
@@ -7,14 +7,5 @@ module.exports = {
  rules: {
    'prefer-regex-literals': 'warn',
    'import/no-extraneous-dependencies': 'off',
    'require-await': 'error',
  },
  overrides: [
    {
      files: ['migrations/**', 'gulp/**'], // Or *.test.js
      rules: {
        'require-await': 'off',
      },
    },
  ],
 };
@@ -1,13 +1,6 @@
 name: Test
-on:
+on: [push, pull_request]
  push:
    branches-ignore:
    - 'phillip/**'
    - 'sabrecat/**'
    - 'kalista/**'
    - 'natalie/**'
  pull_request:
 permissions:
  contents: read
@@ -135,7 +128,7 @@ jobs:
    strategy:
      matrix:
        node-version: [21.x]
-        mongodb-version: [7.0]
+        mongodb-version: [4.2]
    steps:
    - uses: actions/checkout@v4
      with:
@@ -144,13 +137,11 @@ jobs:
      uses: actions/setup-node@v4
      with:
        node-version: ${{ matrix.node-version }}
    - name: Start MongoDB ${{ matrix.mongodb-version }} Replica Set
-      uses: supercharge/mongodb-github-action@1.11.0
+      uses: supercharge/mongodb-github-action@1.3.0
      with:
        mongodb-version: ${{ matrix.mongodb-version }}
        mongodb-replica-set: rs
    - run: sudo apt update
    - run: sudo apt -y install libkrb5-dev
    - run: cp config.json.example config.json
@@ -160,17 +151,15 @@ jobs:
      env:
        CI: true
        NODE_ENV: test
    - run: npm run test:api:unit
      env:
        REQUIRES_SERVER=true: true
  api-v3-integration:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        node-version: [21.x]
-        mongodb-version: [7.0]
+        mongodb-version: [4.2]
    steps:
    - uses: actions/checkout@v4
      with:
@@ -180,11 +169,10 @@ jobs:
      with:
        node-version: ${{ matrix.node-version }}
    - name: Start MongoDB ${{ matrix.mongodb-version }} Replica Set
-      uses: supercharge/mongodb-github-action@1.11.0
+      uses: supercharge/mongodb-github-action@1.3.0
      with:
        mongodb-version: ${{ matrix.mongodb-version }}
        mongodb-replica-set: rs
    - run: sudo apt update
    - run: sudo apt -y install libkrb5-dev
    - run: cp config.json.example config.json
@@ -194,18 +182,15 @@ jobs:
      env:
        CI: true
        NODE_ENV: test
    - run: npm run test:api-v3:integration
      env:
        REQUIRES_SERVER=true: true
  api-v4-integration:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        node-version: [21.x]
-        mongodb-version: [7.0]
+        mongodb-version: [4.2]
    steps:
    - uses: actions/checkout@v4
      with:
@@ -215,11 +200,10 @@ jobs:
      with:
        node-version: ${{ matrix.node-version }}
    - name: Start MongoDB ${{ matrix.mongodb-version }} Replica Set
-      uses: supercharge/mongodb-github-action@1.11.0
+      uses: supercharge/mongodb-github-action@1.3.0
      with:
        mongodb-version: ${{ matrix.mongodb-version }}
        mongodb-replica-set: rs
    - run: sudo apt update
    - run: sudo apt -y install libkrb5-dev
    - run: cp config.json.example config.json
@@ -229,7 +213,6 @@ jobs:
      env:
        CI: true
        NODE_ENV: test
    - run: npm run test:api-v4:integration
      env:
        REQUIRES_SERVER=true: true
@@ -47,5 +47,5 @@ webpack.webstorm.config
 # mongodb replica set for local dev
 mongodb-*.tgz
-/mongodb-*
+/mongodb-data*
 /.nyc_output
@@ -2,4 +2,4 @@
 This webpage includes the documentation for version 3 of the [Habitica](https://habitica.com) API.
-If you're developing a 3rd party tool that uses the Habitica API, read the [API Usage Guidelines](https://github.com/HabitRPG/habitica/wiki/API-Usage-Guidelines), which describe how to be a responsible user of our server resources!
+If you're developing a 3rd party tool that uses the Habitica API you should read the [Guidance for Comrades](https://habitica.fandom.com/wiki/Guidance_for_Comrades) and in particular the section called [Rules for Third-Party Tools](https://habitica.fandom.com/wiki/Guidance_for_Comrades#Rules_for_Third-Party_Tools) which includes suggestions on how to best use the API and the rules to follow when interacting with it.
@@ -8,26 +8,18 @@
  "AMAZON_PAYMENTS_SELLER_ID": "SELLER_ID",
  "AMPLITUDE_KEY": "AMPLITUDE_KEY",
  "AMPLITUDE_SECRET": "AMPLITUDE_SECRET",
  "APPLE_AUTH_CLIENT_ID": "",
  "APPLE_AUTH_KEY_ID": "",
  "APPLE_AUTH_PRIVATE_KEY": "",
  "APPLE_TEAM_ID": "",
  "BASE_URL": "http://localhost:3000",
  "BLOCKED_IPS": "",
  "CONTENT_SWITCHOVER_TIME_OFFSET": 8,
  "CRON_SAFE_MODE": "false",
  "CRON_SEMI_SAFE_MODE": "false",
  "DEBUG_ENABLED": "false",
  "DISABLE_REQUEST_LOGGING": "true",
  "EMAIL_SERVER_AUTH_PASSWORD": "password",
  "EMAIL_SERVER_AUTH_USER": "user",
  "EMAIL_SERVER_URL": "http://example.com",
  "EMAILS_COMMUNITY_MANAGER_EMAIL": "admin@habitica.com",
  "EMAILS_PRESS_ENQUIRY_EMAIL": "admin@habitica.com",
  "EMAILS_TECH_ASSISTANCE_EMAIL": "admin@habitica.com",
  "EMAIL_SERVER_AUTH_PASSWORD": "password",
  "EMAIL_SERVER_AUTH_USER": "user",
  "EMAIL_SERVER_URL": "http://example.com",
  "ENABLE_CONSOLE_LOGS_IN_PROD": "false",
  "ENABLE_CONSOLE_LOGS_IN_TEST": "false",
  "ENABLE_STACKDRIVER_TRACING": "false",
  "FACEBOOK_KEY": "123456789012345",
  "FACEBOOK_SECRET": "aaaabbbbccccddddeeeeffff00001111",
  "FLAG_REPORT_EMAIL": "email@example.com, email2@example.com",
@@ -37,16 +29,15 @@
  "IAP_GOOGLE_KEYDIR": "/path/to/google/public/key/dir/",
  "IGNORE_REDIRECT": "true",
  "ITUNES_SHARED_SECRET": "aaaabbbbccccddddeeeeffff00001111",
  "LIVELINESS_PROBE_KEY": "",
  "LOG_AMPLITUDE_EVENTS": "false",
  "LOG_REQUESTS_EXCESSIVE_MODE": "false",
  "LOGGLY_CLIENT_TOKEN": "token",
  "LOGGLY_SUBDOMAIN": "example-subdomain",
  "LOGGLY_TOKEN": "example-token",
  "LOG_REQUESTS_EXCESSIVE_MODE": "false",
  "MAINTENANCE_MODE": "false",
  "NODE_DB_URI": "mongodb://localhost:27017/habitica-dev?replicaSet=rs",
  "TEST_DB_URI": "mongodb://localhost:27017/habitica-test?replicaSet=rs",
  "MONGODB_POOL_SIZE": "10",
  "MONGODB_SOCKET_TIMEOUT": "20000",
  "NODE_DB_URI": "mongodb://localhost:27017/habitica-dev?replicaSet=rs&directConnection=true&readPreference=secondary",
  "NODE_ENV": "development",
  "PATH": "bin:node_modules/.bin:/usr/local/bin:/usr/bin:/bin",
  "PAYPAL_BILLING_PLANS_basic_12mo": "basic_12mo",
@@ -64,33 +55,43 @@
  "PLAY_API_REFRESH_TOKEN": "aaaabbbbccccddddeeeeffff00001111",
  "PORT": 3000,
  "PUSH_CONFIGS_APN_ENABLED": "false",
  "PUSH_CONFIGS_APN_KEY_ID": "xxxxxxxxxx",
  "PUSH_CONFIGS_APN_KEY": "xxxxxxxxxx",
  "PUSH_CONFIGS_APN_KEY_ID": "xxxxxxxxxx",
  "PUSH_CONFIGS_APN_TEAM_ID": "aaabbbcccd",
  "PUSH_CONFIGS_FCM_SERVER_API_KEY": "aaabbbcccd",
  "RATE_LIMITER_ENABLED": "false",
  "REDIS_HOST": "aaabbbcccdddeeefff",
  "REDIS_PASSWORD": "12345678",
  "REDIS_PORT": "1234",
  "S3_ACCESS_KEY_ID": "accessKeyId",
  "S3_BUCKET": "bucket",
  "S3_SECRET_ACCESS_KEY": "secretAccessKey",
  "SESSION_SECRET_KEY": "1234567891234567891234567891234567891234567891234567891234567891",
  "SESSION_SECRET": "YOUR SECRET HERE",
  "SESSION_SECRET_IV": "12345678912345678912345678912345",
  "SESSION_SECRET_KEY": "1234567891234567891234567891234567891234567891234567891234567891",
  "SITE_HTTP_AUTH_ENABLED": "false",
  "SITE_HTTP_AUTH_PASSWORDS": "password,wordpass,passkey",
  "SITE_HTTP_AUTH_USERNAMES": "admin,tester,contributor",
  "SKIP_SSL_CHECK_KEY": "key",
  "SLACK_FLAGGING_FOOTER_LINK": "https://habitrpg.github.io/flag-o-rama/",
  "SLACK_FLAGGING_URL": "https://hooks.slack.com/services/id/id/id",
  "SLACK_SUBSCRIPTIONS_URL": "https://hooks.slack.com/services/id/id/id",
  "SLACK_URL": "https://hooks.slack.com/services/some-url",
  "SLOW_REQUEST_THRESHOLD": 1000,
  "STRIPE_API_KEY": "aaaabbbbccccddddeeeeffff00001111",
  "STRIPE_PUB_KEY": "22223333444455556666777788889999",
  "STRIPE_WEBHOOKS_ENDPOINT_SECRET": "111111",
-  "TEST_DB_URI": "mongodb://localhost:27017/habitica-test?replicaSet=rs&directConnection=true&readPreference=secondary",
+  "TRANSIFEX_SLACK_CHANNEL": "transifex",
-  "TIME_TRAVEL_ENABLED": "false",
+  "WEB_CONCURRENCY": 1,
  "SKIP_SSL_CHECK_KEY": "key",
  "ENABLE_STACKDRIVER_TRACING": "false",
  "APPLE_AUTH_PRIVATE_KEY": "",
  "APPLE_TEAM_ID": "",
  "APPLE_AUTH_CLIENT_ID": "",
  "APPLE_AUTH_KEY_ID": "",
  "BLOCKED_IPS": "",
  "LOG_AMPLITUDE_EVENTS": "false",
  "RATE_LIMITER_ENABLED": "false",
  "LIVELINESS_PROBE_KEY": "",
  "REDIS_HOST": "aaabbbcccdddeeefff",
  "REDIS_PORT": "1234",
  "REDIS_PASSWORD": "12345678",
  "TRUSTED_DOMAINS": "localhost,https://habitica.com",
-  "WEB_CONCURRENCY": 1
+  "TIME_TRAVEL_ENABLED": "false",
  "DEBUG_ENABLED": "false",
  "CONTENT_SWITCHOVER_TIME_OFFSET": 8
 }
@@ -0,0 +1,53 @@
 services:
  client:
    build:
      context: .
      dockerfile: ./Dockerfile-Dev
    command: ["npm", "run", "client:dev"]
    depends_on:
      - server
    environment:
      - BASE_URL=http://server:3000
    networks:
      - habitica
    ports:
      - "8080:8080"
    volumes:
      - .:/usr/src/habitica
      - /usr/src/habitica/node_modules
      - /usr/src/habitica/website/client/node_modules
  server:
    build:
      context: .
      dockerfile: ./Dockerfile-Dev
    command: ["npm", "start"]
    depends_on:
      mongo:
        condition: service_healthy
    environment:
      - NODE_DB_URI=mongodb://mongo/habitrpg
    networks:
      - habitica
    ports:
      - "3000:3000"
    volumes:
      - .:/usr/src/habitica
      - /usr/src/habitica/node_modules
  mongo:
    image: mongo:5.0.23
    restart: unless-stopped
    command: ["--replSet", "rs", "--bind_ip_all", "--port", "27017"]
    healthcheck:
      test: echo "try { rs.status() } catch (err) { rs.initiate() }" | mongosh --port 27017 --quiet
      interval: 10s
      timeout: 30s
      start_period: 0s
      start_interval: 1s
      retries: 30
    networks:
      - habitica
    ports:
      - "27017:27017"
 networks:
  habitica:
    driver: bridge
@@ -1,24 +0,0 @@
 networks:
  mongodb-network:
    name: "mongodb-network"
    driver: bridge
 services:
  mongodb:
    image: "mongo:7.0"
    container_name: "habitica-mongodb-only"
    networks:
      - mongodb-network
    hostname: "mongodb"
    ports:
      - "27017:27017"
    restart: "unless-stopped"
    volumes:
      - "./mongodb-data-docker:/data/db"
    entrypoint: [ "/usr/bin/mongod", "--bind_ip_all", "--replSet", "rs" ]
    healthcheck:
      test: echo "try { rs.status() } catch (err) { rs.initiate() }" | mongosh --port 27017 --quiet
      interval: 10s
      timeout: 30s
      start_period: 0s
      retries: 30
@@ -1,23 +0,0 @@
 networks:
  mongodb-network:
    name: "mongodb-network"
    driver: bridge
 services:
  mongodb:
    image: "mongo:7.0"
    container_name: "habitica-mongodb-test"
    networks:
      - mongodb-network
    hostname: "mongodb"
    ports:
      - "27017:27017"
    restart: "unless-stopped"
    volumes:
      - "./mongodb-data-docker-testing:/data/db"
    entrypoint: [ "/usr/bin/mongod", "--bind_ip_all", "--replSet", "rs" ]
    healthcheck:
      test: echo "try { rs.status() } catch (err) { rs.initiate() }" | mongosh --port 27017 --quiet
      interval: 10s
      timeout: 30s
      start_period: 0s
      retries: 30
@@ -1,56 +1,35 @@
 version: "3"
 services:
  client:
-    build:
+    build: .
-      context: .
+    networks:
-      dockerfile: ./Dockerfile-Dev
+      - habitica
    command: ["npm", "run", "client:dev:docker"]
    depends_on:
      - server
    environment:
      - BASE_URL=http://server:3000
    networks:
      - habitica
    ports:
-      - "5173:5173"
+        - "8080:8080"
-    volumes:
+    command: ["npm", "run", "client:dev"]
      - .:/usr/src/habitica
      - /usr/src/habitica/node_modules
      - /usr/src/habitica/website/client/node_modules
  server:
    build:
      context: .
      dockerfile: ./Dockerfile-Dev
    command: ["npm", "start"]
    depends_on:
-      mongo:
+      - server
-        condition: service_healthy
+
-    environment:
+  server:
-      - NODE_DB_URI=mongodb://mongo/habitrpg
+    build: .
    networks:
      - habitica
    ports:
      - "3000:3000"
    volumes:
      - .:/usr/src/habitica
      - /usr/src/habitica/node_modules
  mongo:
    image: "mongo:7.0"
    container_name: "habitica-mongodb"
    networks:
      - habitica
-    hostname: "mongodb"
+    environment:
      - NODE_DB_URI=mongodb://mongo/habitrpg
    depends_on:
      - mongo
  mongo:
    image: mongo:3.6
    ports:
      - "27017:27017"
-    restart: "unless-stopped"
+    networks:
-    volumes:
+      - habitica
      - "./mongodb-data-docker:/data/db"
    entrypoint: [ "/usr/bin/mongod", "--bind_ip_all", "--replSet", "rs" ]
    healthcheck:
      test: echo "try { rs.status() } catch (err) { rs.initiate() }" | mongosh --port 27017 --quiet
      interval: 10s
      timeout: 30s
      start_period: 0s
      retries: 30
 networks:
  habitica:
@@ -5,7 +5,7 @@ import path from 'path';
 import babel from 'gulp-babel';
 import os from 'os';
 import fs from 'fs';
-import spawn from 'cross-spawn';
+import spawn from 'cross-spawn'; // eslint-disable-line import/no-extraneous-dependencies
 import clean from 'rimraf';
 gulp.task('build:babel:server', () => gulp.src('website/server/**/*.js')
@@ -35,7 +35,7 @@ gulp.task('build:prod', gulp.series(
 // When used on windows `run-rs` must first be run without the `--keep` option
 // in order to be setup correctly, afterwards it can be used.
-const MONGO_PATH = path.join(__dirname, '/../mongodb-data-docker/');
+const MONGO_PATH = path.join(__dirname, '/../mongodb-data/');
 gulp.task('build:prepare-mongo', async () => {
  if (fs.existsSync(MONGO_PATH)) {
@@ -51,32 +51,29 @@ gulp.task('build:prepare-mongo', async () => {
  console.log('MongoDB data folder is missing, setting up.'); // eslint-disable-line no-console
  // use run-rs without --keep, kill it as soon as the replica set starts
-  const dockerMongoProcess = spawn('npm', ['run', 'docker:mongo:dev']);
+  const runRsProcess = spawn('run-rs', ['-v', '4.1.1', '-l', 'ubuntu1804', '--dbpath', 'mongodb-data', '--number', '1', '--quiet']);
-  let manuallyStopped = false;
+  for await (const chunk of runRsProcess.stdout) {
  for await (const chunk of dockerMongoProcess.stdout) {
    const stringChunk = chunk.toString();
    console.log(stringChunk); // eslint-disable-line no-console
    // kills the process after the replica set is setup
-    if (stringChunk.includes('mongod startup complete')) {
+    if (stringChunk.includes('Started replica set')) {
      console.log('MongoDB setup correctly.'); // eslint-disable-line no-console
-      dockerMongoProcess.kill();
+      runRsProcess.kill();
      manuallyStopped = true;
    }
  }
  let error = '';
-  for await (const chunk of dockerMongoProcess.stderr) {
+  for await (const chunk of runRsProcess.stderr) {
    const stringChunk = chunk.toString();
    error += stringChunk;
  }
  const exitCode = await new Promise(resolve => {
-    dockerMongoProcess.on('close', resolve);
+    runRsProcess.on('close', resolve);
  });
-  if (!manuallyStopped && (exitCode || error.length > 0)) {
+  if (exitCode || error.length > 0) {
    // remove any leftover files
    clean.sync(MONGO_PATH);
@@ -6,21 +6,9 @@ gulp.task('cache:content', done => {
  // Requiring at runtime because these files access `common`
  // code which in production works only if transpiled so after
  // gulp build:babel:common has run
-  const {
+  const { CONTENT_CACHE_PATH, getLocalizedContentResponse } = require('../website/server/libs/content'); // eslint-disable-line global-require
    CONTENT_CACHE_PATH,
    getLocalizedContentResponse,
    IOS_FILTER,
    ANDROID_FILTER,
    buildFilterObject,
    hashForFilter,
  } = require('../website/server/libs/content'); // eslint-disable-line global-require
  const { langCodes } = require('../website/server/libs/i18n'); // eslint-disable-line global-require
  const iosHash = hashForFilter(IOS_FILTER);
  const iosFilterObj = buildFilterObject(IOS_FILTER);
  const androidHash = hashForFilter(ANDROID_FILTER);
  const androidFilterObj = buildFilterObject(ANDROID_FILTER);
  try {
    // create the cache folder (if it doesn't exist)
    try {
@@ -38,18 +26,6 @@ gulp.task('cache:content', done => {
        getLocalizedContentResponse(langCode),
        'utf8',
      );
      fs.writeFileSync(
        `${CONTENT_CACHE_PATH}${langCode}${iosHash}.json`,
        getLocalizedContentResponse(langCode, iosFilterObj),
        'utf8',
      );
      fs.writeFileSync(
        `${CONTENT_CACHE_PATH}${langCode}${androidHash}.json`,
        getLocalizedContentResponse(langCode, androidFilterObj),
        'utf8',
      );
    });
    done();
  } catch (err) {
@@ -57,37 +33,26 @@ gulp.task('cache:content', done => {
  }
 });
 function safeMkdir (path) {
  try {
    fs.mkdirSync(path);
  } catch (err) {
    if (err.code !== 'EEXIST') throw err;
  }
 }
 gulp.task('cache:i18n', done => {
  // Requiring at runtime because these files access `common`
  // code which in production works only if transpiled so after
  // gulp build:babel:common has run
-  const { BROWSER_SCRIPT_CACHE_PATH, geti18nCoreBrowserScript, geti18nContentBrowserScript } = require('../website/server/libs/i18n'); // eslint-disable-line global-require
+  const { BROWSER_SCRIPT_CACHE_PATH, geti18nBrowserScript } = require('../website/server/libs/i18n'); // eslint-disable-line global-require
  const { langCodes } = require('../website/server/libs/i18n'); // eslint-disable-line global-require
  try {
-    // create the cache folders (if they doesn't exist)
+    // create the cache folder (if it doesn't exist)
-    safeMkdir(BROWSER_SCRIPT_CACHE_PATH);
+    try {
-    safeMkdir(`${BROWSER_SCRIPT_CACHE_PATH}core/`);
+      fs.mkdirSync(BROWSER_SCRIPT_CACHE_PATH);
-    safeMkdir(`${BROWSER_SCRIPT_CACHE_PATH}content/`);
+    } catch (err) {
      if (err.code !== 'EEXIST') throw err;
    }
    // create and save the i18n browser script for each language
    langCodes.forEach(languageCode => {
      fs.writeFileSync(
-        `${BROWSER_SCRIPT_CACHE_PATH}core/${languageCode}.js`,
+        `${BROWSER_SCRIPT_CACHE_PATH}${languageCode}.js`,
-        geti18nCoreBrowserScript(languageCode),
+        geti18nBrowserScript(languageCode),
        'utf8',
      );
      fs.writeFileSync(
        `${BROWSER_SCRIPT_CACHE_PATH}content/${languageCode}.js`,
        geti18nContentBrowserScript(languageCode),
        'utf8',
      );
    });
@@ -64,15 +64,6 @@ function filterFile (file) {
  if (file.relative.indexOf('icon_background') === 0) {
    return false;
  }
  if (file.relative.indexOf('notif_') === 0) {
    return false;
  }
  if (file.relative.indexOf('quest_') === 0) {
    return false;
  }
  if (file.relative.indexOf('inventory_quest_') === 0) {
    return false;
  }
  return true;
 }
@@ -53,11 +53,6 @@ gulp.task('test:prepare:mongo', cb => {
  const mongooseOptions = getDefaultConnectionOptions();
  const connectionUrl = getDevelopmentConnectionUrl(TEST_DB_URI);
  console.info({
    mongooseOptions,
    connectionUrl,
  });
  mongoose.connect(connectionUrl, mongooseOptions)
    .then(() => mongoose.connection.dropDatabase())
    .then(() => mongoose.connection.close()).then(() => {
@@ -10,7 +10,7 @@ function setUpServer () {
  setupNconf();
-  // We require src/server and not src/index because
+  // We require src/server and npt src/index because
  // 1. nconf is already setup
  // 2. we don't need clustering
  require('../website/server/server'); // eslint-disable-line global-require
@@ -11,7 +11,7 @@ const progressCount = 1000;
 let count = 0;
 /*
- * Award every extant piece of equippable gear
+ * Award users every extant pet and mount
 */
 async function updateUser (user) {
@@ -3,8 +3,7 @@ import { v4 as uuid } from 'uuid';
 import { model as User } from '../../website/server/models/user';
-const MIGRATION_NAME = 'YYYYMMDD_take_this';
+const MIGRATION_NAME = '20181203_take_this';
 const CHALLENGE_ID = 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx';
 const progressCount = 1000;
 let count = 0;
@@ -42,15 +41,15 @@ async function updateUser (user) {
  if (count % progressCount === 0) console.warn(`${count} ${user._id}`);
  if (push) {
-    return User.updateOne({ _id: user._id }, { $set: set, $push: push }).exec();
+    return User.update({ _id: user._id }, { $set: set, $push: push }).exec();
  }
-  return User.updateOne({ _id: user._id }, { $set: set }).exec();
+  return User.update({ _id: user._id }, { $set: set }).exec();
 }
 export default async function processUsers () {
  const query = {
    migration: { $ne: MIGRATION_NAME },
-    challenges: CHALLENGE_ID,
+    challenges: '00708425-d477-41a5-bf27-6270466e7976',
  };
  const fields = {
@@ -73,7 +72,7 @@ export default async function processUsers () {
      break;
    } else {
      query._id = {
-        $gt: users[users.length - 1]._id,
+        $gt: users[users.length - 1],
      };
    }
@@ -1,7 +1,7 @@
 {
  "name": "habitica",
  "description": "A habit tracker app which treats your goals like a Role Playing Game.",
-  "version": "5.48.0",
+  "version": "5.32.5",
  "main": "./website/server/index.js",
  "dependencies": {
    "@babel/core": "^7.22.10",
@@ -19,8 +19,8 @@
    "bcrypt": "^5.1.1",
    "body-parser": "^1.20.3",
    "bootstrap": "^4.6.2",
-    "compression": "^1.8.1",
+    "compression": "^1.7.4",
-    "cookie-session": "^2.1.1",
+    "cookie-session": "^2.0.0",
    "coupon-code": "^0.4.5",
    "csv-stringify": "^5.6.5",
    "cwait": "^1.1.1",
@@ -30,7 +30,6 @@
    "eslint-plugin-mocha": "^5.0.0",
    "express": "^4.21.1",
    "express-basic-auth": "^1.2.1",
    "express-sitemap-xml": "^3.1.0",
    "express-validator": "^5.2.0",
    "firebase-admin": "^12.1.1",
    "glob": "^8.1.0",
@@ -40,8 +39,7 @@
    "gulp-filter": "^7.0.0",
    "gulp-imagemin": "^7.1.0",
    "gulp.spritesmith": "^6.13.0",
-    "habitica-markdown": "^4.1.0",
+    "habitica-markdown": "^3.0.0",
    "heapdump": "^0.3.15",
    "helmet": "^4.6.0",
    "in-app-purchase": "^1.11.3",
    "js2xmlparser": "^5.0.0",
@@ -50,15 +48,14 @@
    "lodash": "^4.17.21",
    "merge-stream": "^2.0.0",
    "method-override": "^3.0.0",
    "micromustache": "^8.0.3",
    "moment": "^2.29.4",
    "moment-recur": "git://github.com/HabitRPG/moment-recur.git#d3e8e6da0806f13b74dd2e4d7d9053e6a63db119",
-    "mongoose": "^8.23.0",
+    "mongoose": "^7.8.3",
-    "morgan": "^1.10.1",
+    "morgan": "^1.10.0",
    "nan": "^2.25.0",
    "nconf": "^0.12.1",
    "node-gcm": "^1.0.5",
-    "on-headers": "^1.1.0",
+    "nodemon": "^3.1.9",
    "on-headers": "^1.0.2",
    "passport": "^0.5.3",
    "passport-facebook": "^3.0.0",
    "passport-google-oauth2": "^0.2.0",
@@ -74,9 +71,11 @@
    "sinon": "^15.2.0",
    "stripe": "^12.18.0",
    "superagent": "^8.1.2",
    "universal-analytics": "^0.5.3",
    "useragent": "^2.1.9",
    "uuid": "^9.0.0",
    "validator": "^13.11.0",
    "webpack-bundle-analyzer": "^4.10.2",
    "winston": "^3.10.0",
    "winston-loggly-bulk": "^3.3.0",
    "xml2js": "^0.6.2"
@@ -103,22 +102,19 @@
    "coverage": "nyc report --reporter=html --report-dir coverage/results; open coverage/results/index.html",
    "sprites": "gulp sprites:compile",
    "client:dev": "cd website/client && npm run serve",
    "client:dev:docker": "cd website/client && npm run serve:docker",
    "client:build": "cd website/client && npm run build",
    "client:unit": "cd website/client && npm run test:unit",
    "start": "node --watch ./website/server/index.js",
    "start:simple": "node ./website/server/index.js",
    "debug": "node --watch --inspect ./website/server/index.js",
-    "docker:aio": "docker compose -f docker-compose.yml up",
+    "mongo:dev": "run-rs -v 5.0.23 -l ubuntu1804 --keep --dbpath mongodb-data --number 1 --quiet",
-    "docker:mongo:dev": "docker compose -f docker-compose.mongo-only.yml up",
+    "mongo:test": "run-rs -v 5.0.23 -l ubuntu1804 --keep --dbpath mongodb-data-testing --number 1 --quiet",
    "docker:mongo:dev:down": "docker compose -f docker-compose.mongo-only.yml down",
    "docker:mongo:test": "docker compose -f docker-compose.mongo-test-local.yml up",
    "mongo:test": "node scripts/start-local-mongo.mjs --test-db",
    "postinstall": "git config --global url.\"https://\".insteadOf git:// && gulp build && cd website/client && npm install",
    "apidoc": "gulp apidoc",
    "heroku-postbuild": ".heroku/report_deploy.sh"
  },
  "devDependencies": {
-    "axios": "^1.8.2",
+    "axios": "^1.7.4",
    "chai": "^4.3.7",
    "chai-as-promised": "^7.1.1",
    "chai-moment": "^0.1.0",
@@ -128,6 +124,7 @@
    "monk": "^7.3.4",
    "nyc": "^15.1.0",
    "require-again": "^2.0.0",
    "run-rs": "^0.7.7",
    "sinon-chai": "^3.7.0",
    "sinon-stub-promise": "^4.0.0"
  }
@@ -71,14 +71,15 @@ async function deleteHabiticaData (user, email) {
 }
 async function processEmailAddress (email) {
  const emailRegex = new RegExp(`^${email}$`, 'i');
  const localUsers = await User.find(
-    { 'auth.local.email': email },
+    { 'auth.local.email': emailRegex },
    { _id: 1, apiToken: 1, auth: 1 },
  ).exec();
  const socialUsers = await User.find(
    {
-      'auth.local.email': { $ne: email },
+      'auth.local.email': { $not: emailRegex },
      $or: [
        { 'auth.facebook.emails.value': email },
        { 'auth.google.emails.value': email },
@@ -8,17 +8,7 @@ const TASK_VALUE_CHANGE_FACTOR = 0.9747;
 const MIN_TASK_VALUE = -47.27;
 async function updateTeamTasks (team) {
  if (team.purchased.plan.dateTerminated) {
    const dateTerminated = new Date(team.purchased.plan.dateTerminated);
    if (dateTerminated < new Date()) {
      team.purchased.plan.customerId = undefined;
      team.markModified('purchased.plan');
      return team.save();
    }
  }
  const toSave = [];
  let teamLeader = await User.findOne({ _id: team.leader }, 'preferences').exec();
  if (!teamLeader) { // why would this happen?
@@ -103,7 +93,12 @@ async function updateTeamTasks (team) {
 export default async function processTeamsCron () {
  const activeTeams = await Group.find({
    'purchased.plan.customerId': { $exists: true },
-  }, { cron: 1, leader: 1, purchased: 1 }).exec();
+    $or: [
      { 'purchased.plan.dateTerminated': { $exists: false } },
      { 'purchased.plan.dateTerminated': null },
      { 'purchased.plan.dateTerminated': { $gt: new Date() } },
    ],
  }).exec();
  const cronPromises = activeTeams.map(updateTeamTasks);
  return Promise.all(cronPromises);
@@ -0,0 +1,595 @@
 /* eslint-disable camelcase */
 import nconf from 'nconf';
 import Amplitude from 'amplitude';
 import { Visitor } from 'universal-analytics';
 import * as analyticsService from '../../../../website/server/libs/analyticsService';
 describe('analyticsService', () => {
  beforeEach(() => {
    sandbox.stub(Amplitude.prototype, 'track').returns(Promise.resolve());
    sandbox.stub(Visitor.prototype, 'event');
    sandbox.stub(Visitor.prototype, 'transaction');
  });
  afterEach(() => {
    sandbox.restore();
  });
  describe('#getServiceByEnvironment', () => {
    it('returns mock methods when not in production', () => {
      sandbox.stub(nconf, 'get').withArgs('IS_PROD').returns(false);
      expect(analyticsService.getAnalyticsServiceByEnvironment())
        .to.equal(analyticsService.mockAnalyticsService);
    });
    it('returns real methods when in production', () => {
      sandbox.stub(nconf, 'get').withArgs('IS_PROD').returns(true);
      expect(analyticsService.getAnalyticsServiceByEnvironment().track)
        .to.equal(analyticsService.track);
      expect(analyticsService.getAnalyticsServiceByEnvironment().trackPurchase)
        .to.equal(analyticsService.trackPurchase);
    });
  });
  describe('#track', () => {
    let eventType; let
      data;
    beforeEach(() => {
      Visitor.prototype.event.yields();
      eventType = 'Cron';
      data = {
        category: 'behavior',
        uuid: 'unique-user-id',
        resting: true,
        cronCount: 5,
        headers: {
          'x-client': 'habitica-web',
          'user-agent': '',
        },
      };
    });
    context('Amplitude', () => {
      it('calls out to amplitude', () => analyticsService.track(eventType, data)
        .then(() => {
          expect(Amplitude.prototype.track).to.be.calledOnce;
        }));
      it('uses a dummy user id if none is provided', () => {
        delete data.uuid;
        return analyticsService.track(eventType, data)
          .then(() => {
            expect(Amplitude.prototype.track).to.be.calledWithMatch({
              user_id: 'no-user-id-was-provided',
            });
          });
      });
      context('platform', () => {
        it('logs web platform', () => {
          data.headers = { 'x-client': 'habitica-web' };
          return analyticsService.track(eventType, data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                platform: 'Web',
              });
            });
        });
        it('logs iOS platform', () => {
          data.headers = { 'x-client': 'habitica-ios' };
          return analyticsService.track(eventType, data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                platform: 'iOS',
              });
            });
        });
        it('logs Android platform', () => {
          data.headers = { 'x-client': 'habitica-android' };
          return analyticsService.track(eventType, data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                platform: 'Android',
              });
            });
        });
        it('logs 3rd Party platform', () => {
          data.headers = { 'x-client': 'some-third-party' };
          return analyticsService.track(eventType, data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                platform: '3rd Party',
              });
            });
        });
        it('logs unknown if headers are not passed in', () => {
          delete data.headers;
          return analyticsService.track(eventType, data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                platform: 'Unknown',
              });
            });
        });
      });
      context('Operating System', () => {
        it('sets default', () => {
          data.headers = {
            'x-client': 'third-party',
            'user-agent': 'foo',
          };
          return analyticsService.track(eventType, data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                os_name: 'Other',
                os_version: '0',
              });
            });
        });
        it('sets iOS', () => {
          data.headers = {
            'x-client': 'habitica-ios',
            'user-agent': 'Habitica/148 (iPhone; iOS 9.3; Scale/2.00)',
          };
          return analyticsService.track(eventType, data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                os_name: 'iOS',
                os_version: '9.3.0',
              });
            });
        });
        it('sets Android', () => {
          data.headers = {
            'x-client': 'habitica-android',
            'user-agent': 'Mozilla/5.0 (Linux; Android 4.0.4; Galaxy Nexus Build/IMM76B) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.133 Mobile Safari/535.19',
          };
          return analyticsService.track(eventType, data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                os_name: 'Android',
                os_version: '4.0.4',
              });
            });
        });
        it('sets Unknown if headers are not passed in', () => {
          delete data.headers;
          return analyticsService.track(eventType, data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                os_name: undefined,
                os_version: undefined,
              });
            });
        });
      });
      it('sends details about event', () => analyticsService.track(eventType, data)
        .then(() => {
          expect(Amplitude.prototype.track).to.be.calledWithMatch({
            event_properties: {
              category: 'behavior',
              resting: true,
              cronCount: 5,
            },
          });
        }));
      it('sends english item name for gear if itemKey is provided', () => {
        data.itemKey = 'headAccessory_special_foxEars';
        return analyticsService.track(eventType, data)
          .then(() => {
            expect(Amplitude.prototype.track).to.be.calledWithMatch({
              event_properties: {
                itemKey: data.itemKey,
                itemName: 'Fox Ears',
              },
            });
          });
      });
      it('sends english item name for egg if itemKey is provided', () => {
        data.itemKey = 'Wolf';
        return analyticsService.track(eventType, data)
          .then(() => {
            expect(Amplitude.prototype.track).to.be.calledWithMatch({
              event_properties: {
                itemKey: data.itemKey,
                itemName: 'Wolf Egg',
              },
            });
          });
      });
      it('sends english item name for food if itemKey is provided', () => {
        data.itemKey = 'Cake_Skeleton';
        return analyticsService.track(eventType, data)
          .then(() => {
            expect(Amplitude.prototype.track).to.be.calledWithMatch({
              event_properties: {
                itemKey: data.itemKey,
                itemName: 'Bare Bones Cake',
              },
            });
          });
      });
      it('sends english item name for hatching potion if itemKey is provided', () => {
        data.itemKey = 'Golden';
        return analyticsService.track(eventType, data)
          .then(() => {
            expect(Amplitude.prototype.track).to.be.calledWithMatch({
              event_properties: {
                itemKey: data.itemKey,
                itemName: 'Golden Hatching Potion',
              },
            });
          });
      });
      it('sends english item name for quest if itemKey is provided', () => {
        data.itemKey = 'atom1';
        return analyticsService.track(eventType, data)
          .then(() => {
            expect(Amplitude.prototype.track).to.be.calledWithMatch({
              event_properties: {
                itemKey: data.itemKey,
                itemName: 'Attack of the Mundane, Part 1: Dish Disaster!',
              },
            });
          });
      });
      it('sends english item name for purchased spell if itemKey is provided', () => {
        data.itemKey = 'seafoam';
        return analyticsService.track(eventType, data)
          .then(() => {
            expect(Amplitude.prototype.track).to.be.calledWithMatch({
              event_properties: {
                itemKey: data.itemKey,
                itemName: 'Seafoam',
              },
            });
          });
      });
      it('sends user data if provided', () => {
        const stats = {
          class: 'wizard', exp: 5, gp: 23, hp: 10, lvl: 4, mp: 30,
        };
        const user = {
          stats,
          contributor: { level: 1 },
          purchased: { plan: { planId: 'foo-plan' } },
          flags: { tour: { intro: -2 } },
          habits: [{ _id: 'habit' }],
          dailys: [{ _id: 'daily' }],
          todos: [{ _id: 'todo' }],
          rewards: [{ _id: 'reward' }],
          balance: 12,
          loginIncentives: 1,
        };
        data.user = user;
        return analyticsService.track(eventType, data)
          .then(() => {
            expect(Amplitude.prototype.track).to.be.calledWithMatch({
              user_properties: {
                Class: 'wizard',
                Experience: 5,
                Gold: 23,
                Health: 10,
                Level: 4,
                Mana: 30,
                tutorialComplete: true,
                'Number Of Tasks': {
                  habits: 1,
                  dailys: 1,
                  todos: 1,
                  rewards: 1,
                },
                contributorLevel: 1,
                subscription: 'foo-plan',
                balance: 12,
                balanceGemAmount: 48,
                loginIncentives: 1,
              },
            });
          });
      });
    });
    context('GA', () => {
      it('calls out to GA', () => analyticsService.track(eventType, data)
        .then(() => {
          expect(Visitor.prototype.event).to.be.calledOnce;
        }));
      it('sends details about event', () => analyticsService.track(eventType, data)
        .then(() => {
          expect(Visitor.prototype.event).to.be.calledWith({
            ea: 'Cron',
            ec: 'behavior',
          });
        }));
    });
  });
  describe('#trackPurchase', () => {
    let data; let
      itemSpy;
    beforeEach(() => {
      Visitor.prototype.event.yields();
      itemSpy = sandbox.stub().returnsThis();
      Visitor.prototype.transaction.returns({
        item: itemSpy,
        send: sandbox.stub().yields(),
      });
      data = {
        uuid: 'user-id',
        sku: 'paypal-checkout',
        paymentMethod: 'PayPal',
        itemPurchased: 'Gems',
        purchaseValue: 8,
        purchaseType: 'checkout',
        gift: false,
        quantity: 1,
        headers: {
          'x-client': 'habitica-web',
          'user-agent': '',
        },
      };
    });
    context('Amplitude', () => {
      it('calls out to amplitude', () => analyticsService.trackPurchase(data)
        .then(() => {
          expect(Amplitude.prototype.track).to.be.calledOnce;
        }));
      it('uses a dummy user id if none is provided', () => {
        delete data.uuid;
        return analyticsService.trackPurchase(data)
          .then(() => {
            expect(Amplitude.prototype.track).to.be.calledWithMatch({
              user_id: 'no-user-id-was-provided',
            });
          });
      });
      context('platform', () => {
        it('logs web platform', () => {
          data.headers = { 'x-client': 'habitica-web' };
          return analyticsService.trackPurchase(data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                platform: 'Web',
              });
            });
        });
        it('logs iOS platform', () => {
          data.headers = { 'x-client': 'habitica-ios' };
          return analyticsService.trackPurchase(data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                platform: 'iOS',
              });
            });
        });
        it('logs Android platform', () => {
          data.headers = { 'x-client': 'habitica-android' };
          return analyticsService.trackPurchase(data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                platform: 'Android',
              });
            });
        });
        it('logs 3rd Party platform', () => {
          data.headers = { 'x-client': 'some-third-party' };
          return analyticsService.trackPurchase(data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                platform: '3rd Party',
              });
            });
        });
        it('logs unknown if headers are not passed in', () => {
          delete data.headers;
          return analyticsService.trackPurchase(data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                platform: 'Unknown',
              });
            });
        });
      });
      context('Operating System', () => {
        it('sets default', () => {
          data.headers = {
            'x-client': 'third-party',
            'user-agent': 'foo',
          };
          return analyticsService.trackPurchase(data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                os_name: 'Other',
                os_version: '0',
              });
            });
        });
        it('sets iOS', () => {
          data.headers = {
            'x-client': 'habitica-ios',
            'user-agent': 'Habitica/148 (iPhone; iOS 9.3; Scale/2.00)',
          };
          return analyticsService.trackPurchase(data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                os_name: 'iOS',
                os_version: '9.3.0',
              });
            });
        });
        it('sets Android', () => {
          data.headers = {
            'x-client': 'habitica-android',
            'user-agent': 'Mozilla/5.0 (Linux; Android 4.0.4; Galaxy Nexus Build/IMM76B) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.133 Mobile Safari/535.19',
          };
          return analyticsService.trackPurchase(data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                os_name: 'Android',
                os_version: '4.0.4',
              });
            });
        });
        it('sets Unknown if headers are not passed in', () => {
          delete data.headers;
          return analyticsService.trackPurchase(data)
            .then(() => {
              expect(Amplitude.prototype.track).to.be.calledWithMatch({
                os_name: undefined,
                os_version: undefined,
              });
            });
        });
      });
      it('sends details about purchase', () => analyticsService.trackPurchase(data)
        .then(() => {
          expect(Amplitude.prototype.track).to.be.calledWithMatch({
            event_properties: {
              gift: false,
              itemPurchased: 'Gems',
              paymentMethod: 'PayPal',
              purchaseType: 'checkout',
              quantity: 1,
              sku: 'paypal-checkout',
            },
          });
        }));
      it('sends user data if provided', () => {
        const stats = {
          class: 'wizard', exp: 5, gp: 23, hp: 10, lvl: 4, mp: 30,
        };
        const user = {
          stats,
          contributor: { level: 1 },
          purchased: { plan: { planId: 'foo-plan' } },
          flags: { tour: { intro: -2 } },
          habits: [{ _id: 'habit' }],
          dailys: [{ _id: 'daily' }],
          todos: [{ _id: 'todo' }],
          rewards: [{ _id: 'reward' }],
        };
        data.user = user;
        return analyticsService.trackPurchase(data)
          .then(() => {
            expect(Amplitude.prototype.track).to.be.calledWithMatch({
              user_properties: {
                Class: 'wizard',
                Experience: 5,
                Gold: 23,
                Health: 10,
                Level: 4,
                Mana: 30,
                tutorialComplete: true,
                'Number Of Tasks': {
                  habits: 1,
                  dailys: 1,
                  todos: 1,
                  rewards: 1,
                },
                contributorLevel: 1,
                subscription: 'foo-plan',
              },
            });
          });
      });
    });
    context('GA', () => {
      it('calls out to GA', () => analyticsService.trackPurchase(data)
        .then(() => {
          expect(Visitor.prototype.event).to.be.calledOnce;
          expect(Visitor.prototype.transaction).to.be.calledOnce;
        }));
      it('sends details about purchase', () => analyticsService.trackPurchase(data)
        .then(() => {
          expect(Visitor.prototype.event).to.be.calledWith({
            ea: 'checkout',
            ec: 'commerce',
            el: 'PayPal',
            ev: 8,
          });
          expect(Visitor.prototype.transaction).to.be.calledWith('user-id', 8);
          expect(itemSpy).to.be.calledWith(8, 1, 'paypal-checkout', 'Gems', 'checkout');
        }));
    });
  });
  describe('mockAnalyticsService', () => {
    it('has stubbed track method', () => {
      expect(analyticsService.mockAnalyticsService).to.respondTo('track');
    });
    it('has stubbed trackPurchase method', () => {
      expect(analyticsService.mockAnalyticsService).to.respondTo('trackPurchase');
    });
  });
 });
@@ -34,7 +34,6 @@ describe('bug-report', () => {
      emailData: {
        BROWSER_UA: userAgent,
        REPORT_MSG: userMessage,
        USER_ANALYTICS: undefined,
        USER_CLASS: 'warrior',
        USER_CONSECUTIVE_MONTHS: 0,
        USER_COSTUME: 'false',
@@ -150,7 +150,7 @@ describe('emails', () => {
      sendTxn(mailingInfo, emailType);
      expect(got.post).to.be.called;
-      expect(got.post).to.be.calledWith('http://example.com/job', sinon.match({
+      expect(got.post).to.be.calledWith('undefined/job', sinon.match({
        json: {
          data: {
            emailType: sinon.match.same(emailType),
@@ -171,23 +171,23 @@ describe('emails', () => {
      expect(got.post).not.to.be.called;
    });
-    it('throws error when mail target is only a string', async () => {
+    it('throws error when mail target is only a string', () => {
      const emailType = 'an email type';
      const mailingInfo = 'my email';
-      await expect(sendTxn(mailingInfo, emailType)).to.be.rejectedWith('Argument Error mailingInfoArray: does not contain email or _id');
+      expect(sendTxn(mailingInfo, emailType)).to.throw;
    });
-    it('throws error when mail target has no _id or email', async () => {
+    it('throws error when mail target has no _id or email', () => {
      const emailType = 'an email type';
      const mailingInfo = {
      };
-      await expect(sendTxn(mailingInfo, emailType)).to.be.rejectedWith('Argument Error mailingInfoArray: does not contain email or _id');
+      expect(sendTxn(mailingInfo, emailType)).to.throw;
    });
-    it('throws error when variables not an array', async () => {
+    it('throws error when variables not an array', () => {
      const emailType = 'an email type';
      const mailingInfo = {
        name: 'my name',
@@ -195,10 +195,9 @@ describe('emails', () => {
      };
      const variables = {};
-      await expect(sendTxn(mailingInfo, emailType, variables)).to.be.rejectedWith('Argument Error variables: is not an array');
+      expect(sendTxn(mailingInfo, emailType, variables)).to.throw;
    });
-
+    it('throws error when variables array not contain name/content', () => {
    it('throws error when variables array not contain name/content', async () => {
      const emailType = 'an email type';
      const mailingInfo = {
        name: 'my name',
@@ -210,9 +209,8 @@ describe('emails', () => {
        },
      ];
-      await expect(sendTxn(mailingInfo, emailType, variables)).to.be.rejectedWith('Argument Error variables: does not contain name or content');
+      expect(sendTxn(mailingInfo, emailType, variables)).to.throw;
    });
    it('throws no error when variables array contain name but no content', () => {
      const emailType = 'an email type';
      const mailingInfo = {
@@ -234,7 +232,7 @@ describe('emails', () => {
      sendTxn(mailingInfo, emailType);
      expect(got.post).to.be.called;
-      expect(got.post).to.be.calledWith('http://example.com/job', sinon.match({
+      expect(got.post).to.be.calledWith('undefined/job', sinon.match({
        json: {
          data: {
            emailType: sinon.match.same(emailType),
@@ -254,7 +252,7 @@ describe('emails', () => {
      sendTxn(mailingInfo, emailType, variables);
      expect(got.post).to.be.called;
-      expect(got.post).to.be.calledWith('http://example.com/job', sinon.match({
+      expect(got.post).to.be.calledWith('undefined/job', sinon.match({
        json: {
          data: {
            variables: sinon.match(value => value[0].name === 'BASE_URL', 'matches variables'),
@@ -47,12 +47,6 @@ describe('highlightMentions', () => {
    expect(result[0]).to.equal('[@user-dash](/profile/444): message [@user_underscore](/profile/555)');
  });
  it('highlights users with case-insensitive matching', async () => {
    const text = '@USER: message @User2 @USER3';
    const result = await highlightMentions(text);
    expect(result[0]).to.equal('[@USER](/profile/111): message [@User2](/profile/222) [@USER3](/profile/333)');
  });
  it('doesn\'t highlight nonexisting users', async () => {
    const text = '@nouser message';
    const result = await highlightMentions(text);
@@ -1,100 +0,0 @@
 import nconf from 'nconf';
 import requireAgain from 'require-again';
 import { model as User } from '../../../../website/server/models/user';
 import { RegistrationEventModel } from '../../../../website/server/models/analytics/registrationEvent';
 import { SubscriptionEventModel } from '../../../../website/server/models/analytics/subscriptionEvent';
 describe('localAnalytics', () => {
  let user;
  let localAnalytics;
  before(() => {
    const nconfGetStub = sandbox.stub(nconf, 'get');
    nconfGetStub.withArgs('ANALYTICS_DB').returns('analytics');
    nconfGetStub.withArgs('DISABLE_LOCAL_ANALYTICS').returns(false);
    localAnalytics = requireAgain('../../../../website/server/libs/localAnalytics');
  });
  beforeEach(async () => {
    user = new User({
      auth: {
        local: {
          username: 'username',
          email: 'email@example.com',
        },
      },
      registeredThrough: 'habitica-web',
    });
  });
  describe('trackRegistrationEvent', () => {
    afterEach(async () => {
      await RegistrationEventModel.deleteMany({});
    });
    it('creates a registration event when a user registers', async () => {
      user._id = '00000000-0000-0000-0000-000000000001';
      await localAnalytics.trackRegistrationEvent({ user, ipAddress: '127.0.0.1' });
      const registrationEvents = await RegistrationEventModel.find({ userId: user._id });
      expect(registrationEvents).to.have.lengthOf(1);
      expect(registrationEvents[0]).to.have.property('userId', user._id);
      expect(registrationEvents[0]).to.have.property('ipAddress', '127.0.0.1');
    });
    it('saves the correct data to the database', async () => {
      user._id = '00000000-0000-0000-0000-000000000002';
      user.auth.google = { id: 'abc', emails: [{ value: 'email@example.com' }] };
      await localAnalytics.trackRegistrationEvent({ user, ipAddress: '127.0.0.2' });
      const registrationEvent = await RegistrationEventModel.findOne({ userId: user._id });
      expect(registrationEvent).to.have.property('userId', user._id);
      expect(registrationEvent).to.have.property('ipAddress', '127.0.0.2');
      expect(registrationEvent).to.have.property('authenticationMethod', 'google');
    });
  });
  describe('trackSubscriptionEvent', () => {
    afterEach(async () => {
      await SubscriptionEventModel.deleteMany({});
    });
    it('creates a subscription event when a user subscribes', async () => {
      user._id = '00000000-0000-0000-0000-000000000003';
      await localAnalytics.trackSubscriptionEvent({
        eventType: 'subscribed',
        user,
        paymentMethod: 'stripe',
        customerId: 'cus_123',
        planId: 'plan_123',
      });
      const subscriptionEvents = await SubscriptionEventModel.find({ userId: user._id });
      expect(subscriptionEvents).to.have.lengthOf(1);
      expect(subscriptionEvents[0]).to.have.property('userId', user._id);
      expect(subscriptionEvents[0]).to.have.property('eventType', 'subscribed');
      expect(subscriptionEvents[0]).to.have.property('paymentMethod', 'stripe');
      expect(subscriptionEvents[0]).to.have.property('customerId', 'cus_123');
      expect(subscriptionEvents[0]).to.have.property('planId', 'plan_123');
    });
    it('creates a subscription event with cancellation reason when a user cancels', async () => {
      user._id = '00000000-0000-0000-0000-000000000004';
      await localAnalytics.trackSubscriptionEvent({
        eventType: 'cancelled',
        user,
        paymentMethod: 'stripe',
        customerId: 'cus_456',
        planId: 'plan_456',
        cancellationReason: 'No longer needed',
      });
      const subscriptionEvent = await SubscriptionEventModel.findOne({ userId: user._id });
      expect(subscriptionEvent).to.have.property('userId', user._id);
      expect(subscriptionEvent).to.have.property('eventType', 'cancelled');
      expect(subscriptionEvent).to.have.property('paymentMethod', 'stripe');
      expect(subscriptionEvent).to.have.property('customerId', 'cus_456');
      expect(subscriptionEvent).to.have.property('planId', 'plan_456');
      expect(subscriptionEvent).to.have.property('cancellationReason', 'No longer needed');
    });
  });
 });
@@ -1,4 +1,5 @@
 import os from 'os';
 import nconf from 'nconf';
 import requireAgain from 'require-again';
 const pathToMongoLib = '../../../../website/server/libs/mongodb';
@@ -28,4 +29,22 @@ describe('mongodb', () => {
      expect(string).to.equal('mongodb://hostname:3030');
    });
  });
  describe('getDefaultConnectionOptions', () => {
    it('returns development config when IS_PROD is false', () => {
      sandbox.stub(nconf, 'get').withArgs('IS_PROD').returns(false);
      const mongoLibOverride = requireAgain(pathToMongoLib);
      const options = mongoLibOverride.getDefaultConnectionOptions();
      expect(options).to.have.all.keys(['useNewUrlParser', 'useUnifiedTopology']);
    });
    it('returns production config when IS_PROD is true', () => {
      sandbox.stub(nconf, 'get').withArgs('IS_PROD').returns(true);
      const mongoLibOverride = requireAgain(pathToMongoLib);
      const options = mongoLibOverride.getDefaultConnectionOptions();
      expect(options).to.have.all.keys(['useNewUrlParser', 'useUnifiedTopology']);
    });
  });
 });
@@ -66,15 +66,13 @@ describe('Amazon Payments - Cancel Subscription', () => {
    group = generateGroup({
      name: 'test group',
      type: 'guild',
-      privacy: 'private',
+      privacy: 'public',
      leader: user._id,
    });
    group.purchased.plan.customerId = 'customer-id';
    group.purchased.plan.planId = subKey;
    group.purchased.plan.lastBillingDate = new Date();
    await group.save();
    user.guilds.push(group._id);
    await user.save();
    subscriptionBlock = common.content.subscriptionBlocks[subKey];
    subscriptionLength = subscriptionBlock.months * 30;
@@ -30,14 +30,12 @@ describe('Amazon Payments - Subscribe', () => {
    group = generateGroup({
      name: 'test group',
      type: 'guild',
-      privacy: 'private',
+      privacy: 'public',
      leader: user._id,
    });
    group.purchased.plan.customerId = 'customer-id';
    group.purchased.plan.planId = subKey;
    await group.save();
    user.guilds.push(group._id);
    await user.save();
    amount = common.content.subscriptionBlocks[subKey].price;
    billingAgreementId = 'billingAgreementId';
@@ -248,6 +246,11 @@ describe('Amazon Payments - Subscribe', () => {
    user.guilds.push(groupId);
    await user.save();
    // Add existing users
    user = new User();
    user.guilds.push(groupId);
    await user.save();
    // Set expected amount
    sub.key = 'group_monthly';
    sub.price = 9;
@@ -12,33 +12,11 @@ const { i18n } = common;
 describe('Apple Payments', () => {
  const subKey = 'basic_3mo';
  let iapSetupStub;
  let iapValidateStub;
  let iapIsValidatedStub;
  let iapIsCanceledStub;
  let iapIsExpiredStub;
  let paymentBuySkuStub;
  let iapGetPurchaseDataStub;
  let validateGiftMessageStub;
  let paymentsCreateSubscritionStub;
  beforeEach(() => {
    iapSetupStub = sinon.stub(iap, 'setup').resolves();
    iapValidateStub = sinon.stub(iap, 'validate').resolves({});
  });
  afterEach(() => {
    iap.setup.restore();
    iap.validate.restore();
    iap.isValidated.restore();
    iap.isExpired.restore();
    iap.isCanceled.restore();
    iap.getPurchaseData.restore();
  });
  describe('verifyPurchase', () => {
    let sku; let user; let token; let receipt; let
      headers;
    let iapSetupStub; let iapValidateStub; let iapIsValidatedStub; let paymentBuySkuStub; let
      iapGetPurchaseDataStub; let validateGiftMessageStub;
    beforeEach(() => {
      token = 'testToken';
@@ -47,9 +25,13 @@ describe('Apple Payments', () => {
      receipt = `{"token": "${token}", "productId": "${sku}"}`;
      headers = {};
      iapSetupStub = sinon.stub(iap, 'setup')
        .resolves();
      iapValidateStub = sinon.stub(iap, 'validate')
        .resolves({});
      iapIsValidatedStub = sinon.stub(iap, 'isValidated').returns(true);
-      iapIsCanceledStub = sinon.stub(iap, 'isCanceled').returns(false);
+      sinon.stub(iap, 'isExpired').returns(false);
-      iapIsExpiredStub = sinon.stub(iap, 'isExpired').returns(false);
+      sinon.stub(iap, 'isCanceled').returns(false);
      iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
        .returns([{
          productId: 'com.habitrpg.ios.Habitica.21gems',
@@ -60,6 +42,12 @@ describe('Apple Payments', () => {
    });
    afterEach(() => {
      iap.setup.restore();
      iap.validate.restore();
      iap.isValidated.restore();
      iap.isExpired.restore();
      iap.isCanceled.restore();
      iap.getPurchaseData.restore();
      payments.buySkuItem.restore();
      gems.validateGiftMessage.restore();
    });
@@ -221,6 +209,9 @@ describe('Apple Payments', () => {
  describe('subscribe', () => {
    let sub; let sku; let user; let token; let receipt; let headers; let
      nextPaymentProcessing;
    let iapSetupStub; let iapValidateStub; let iapIsValidatedStub;
    let paymentsCreateSubscritionStub; let
      iapGetPurchaseDataStub;
    beforeEach(() => {
      sub = common.content.subscriptionBlocks[subKey];
@@ -232,10 +223,12 @@ describe('Apple Payments', () => {
      nextPaymentProcessing = moment.utc().add({ days: 2 });
      user = new User();
      iapSetupStub = sinon.stub(iap, 'setup')
        .resolves();
      iapValidateStub = sinon.stub(iap, 'validate')
        .resolves({});
      iapIsValidatedStub = sinon.stub(iap, 'isValidated')
        .returns(true);
      iapIsCanceledStub = sinon.stub(iap, 'isCanceled').returns(false);
      iapIsExpiredStub = sinon.stub(iap, 'isExpired').returns(false);
      iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
        .returns([{
          expirationDate: moment.utc().subtract({ day: 1 }).toDate(),
@@ -257,6 +250,10 @@ describe('Apple Payments', () => {
    });
    afterEach(() => {
      iap.setup.restore();
      iap.validate.restore();
      iap.isValidated.restore();
      iap.getPurchaseData.restore();
      if (payments.createSubscription.restore) payments.createSubscription.restore();
    });
@@ -273,29 +270,6 @@ describe('Apple Payments', () => {
        });
    });
    it('should throw an error if no active subscription is found', async () => {
      iap.isCanceled.restore();
      iapIsCanceledStub = sinon.stub(iap, 'isCanceled')
        .returns(true);
      iap.getPurchaseData.restore();
      iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
        .returns([{
          expirationDate: moment.utc().add({ day: -2 }).toDate(),
          purchaseDate: new Date(),
          productId: 'subscription1month',
          transactionId: token,
          originalTransactionId: token,
        }]);
      await expect(applePayments.subscribe(user, receipt, headers, nextPaymentProcessing))
        .to.eventually.be.rejected.and.to.eql({
          httpCode: 401,
          name: 'NotAuthorized',
          message: applePayments.constants.RESPONSE_NO_ITEM_PURCHASED,
        });
    });
    const subOptions = [
      {
        sku: 'subscription1month',
@@ -600,7 +574,8 @@ describe('Apple Payments', () => {
  describe('cancelSubscribe ', () => {
    let user; let token; let receipt; let headers; let customerId; let
      expirationDate;
-    let paymentCancelSubscriptionSpy;
+    let iapSetupStub; let iapValidateStub; let iapIsValidatedStub; let iapGetPurchaseDataStub; let
      paymentCancelSubscriptionSpy;
    beforeEach(async () => {
      token = 'test-token';
@@ -609,7 +584,8 @@ describe('Apple Payments', () => {
      customerId = 'test-customerId';
      expirationDate = moment.utc();
-      iapValidateStub.restore();
+      iapSetupStub = sinon.stub(iap, 'setup')
        .resolves();
      iapValidateStub = sinon.stub(iap, 'validate')
        .resolves({
          expirationDate,
@@ -617,8 +593,8 @@ describe('Apple Payments', () => {
      iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
        .returns([{ expirationDate: expirationDate.toDate() }]);
      iapIsValidatedStub = sinon.stub(iap, 'isValidated').returns(true);
-      iapIsCanceledStub = sinon.stub(iap, 'isCanceled').returns(false);
+      sinon.stub(iap, 'isCanceled').returns(false);
-      iapIsExpiredStub = sinon.stub(iap, 'isExpired').returns(true);
+      sinon.stub(iap, 'isExpired').returns(true);
      user = new User();
      user.profile.name = 'sender';
      user.purchased.plan.paymentMethod = applePayments.constants.PAYMENT_METHOD_APPLE;
@@ -630,7 +606,13 @@ describe('Apple Payments', () => {
    });
    afterEach(() => {
-      paymentCancelSubscriptionSpy.restore();
+      iap.setup.restore();
      iap.validate.restore();
      iap.isValidated.restore();
      iap.isExpired.restore();
      iap.isCanceled.restore();
      iap.getPurchaseData.restore();
      payments.cancelSubscription.restore();
    });
    it('should throw an error if we are missing a subscription', async () => {
@@ -713,8 +695,6 @@ describe('Apple Payments', () => {
      expect(iapIsValidatedStub).to.be.calledWith({
        expirationDate,
      });
      expect(iapIsCanceledStub).to.be.calledOnce;
      expect(iapIsExpiredStub).to.be.calledOnce;
      expect(iapGetPurchaseDataStub).to.be.calledOnce;
      expect(paymentCancelSubscriptionSpy).to.be.calledOnce;
@@ -11,36 +11,12 @@ const { i18n } = common;
 describe('Google Payments', () => {
  const subKey = 'basic_3mo';
  let iapSetupStub;
  let iapValidateStub;
  let iapIsValidatedStub;
  let paymentBuySkuStub;
  let validateGiftMessageStub;
  beforeEach(() => {
    iapSetupStub = sinon.stub(iap, 'setup')
      .resolves();
    iapIsValidatedStub = sinon.stub(iap, 'isValidated')
      .returns(true);
    sinon.stub(iap, 'isCanceled').returns(false);
    sinon.stub(iap, 'isExpired').returns(false);
    paymentBuySkuStub = sinon.stub(payments, 'buySkuItem').resolves({});
    validateGiftMessageStub = sinon.stub(gems, 'validateGiftMessage');
  });
  afterEach(() => {
    iap.setup.restore();
    iap.validate.restore();
    iap.isValidated.restore();
    iap.isCanceled.restore();
    iap.isExpired.restore();
    payments.buySkuItem.restore();
    gems.validateGiftMessage.restore();
  });
  describe('verifyPurchase', () => {
    let sku; let user; let token; let receipt; let signature; let
      headers;
    let iapSetupStub; let iapValidateStub; let iapIsValidatedStub; let
      paymentBuySkuStub; let validateGiftMessageStub;
    beforeEach(() => {
      sku = 'com.habitrpg.android.habitica.iap.21gems';
@@ -49,7 +25,21 @@ describe('Google Payments', () => {
      signature = '';
      headers = {};
      iapSetupStub = sinon.stub(iap, 'setup')
        .resolves();
      iapValidateStub = sinon.stub(iap, 'validate').resolves({ productId: sku });
      iapIsValidatedStub = sinon.stub(iap, 'isValidated')
        .returns(true);
      paymentBuySkuStub = sinon.stub(payments, 'buySkuItem').resolves({});
      validateGiftMessageStub = sinon.stub(gems, 'validateGiftMessage');
    });
    afterEach(() => {
      iap.setup.restore();
      iap.validate.restore();
      iap.isValidated.restore();
      payments.buySkuItem.restore();
      gems.validateGiftMessage.restore();
    });
    it('should throw an error if receipt is invalid', async () => {
@@ -170,7 +160,8 @@ describe('Google Payments', () => {
  describe('subscribe', () => {
    let sub; let sku; let user; let token; let receipt; let signature; let headers; let
      nextPaymentProcessing;
-    let paymentsCreateSubscritionStub;
+    let iapSetupStub; let iapValidateStub; let iapIsValidatedStub; let
      paymentsCreateSubscritionStub;
    beforeEach(() => {
      sub = common.content.subscriptionBlocks[subKey];
@@ -182,12 +173,19 @@ describe('Google Payments', () => {
      signature = '';
      nextPaymentProcessing = moment.utc().add({ days: 2 });
      iapSetupStub = sinon.stub(iap, 'setup')
        .resolves();
      iapValidateStub = sinon.stub(iap, 'validate')
        .resolves({});
      iapIsValidatedStub = sinon.stub(iap, 'isValidated')
        .returns(true);
      paymentsCreateSubscritionStub = sinon.stub(payments, 'createSubscription').resolves({});
    });
    afterEach(() => {
      iap.setup.restore();
      iap.validate.restore();
      iap.isValidated.restore();
      payments.createSubscription.restore();
    });
@@ -245,7 +243,7 @@ describe('Google Payments', () => {
  describe('cancelSubscribe ', () => {
    let user; let token; let receipt; let signature; let headers; let customerId; let
      expirationDate;
-    let iapGetPurchaseDataStub; let
+    let iapSetupStub; let iapValidateStub; let iapIsValidatedStub; let iapGetPurchaseDataStub; let
      paymentCancelSubscriptionSpy;
    beforeEach(async () => {
@@ -255,12 +253,17 @@ describe('Google Payments', () => {
      signature = '';
      customerId = 'test-customerId';
      expirationDate = moment.utc();
      iapSetupStub = sinon.stub(iap, 'setup')
        .resolves();
      iapValidateStub = sinon.stub(iap, 'validate')
        .resolves({
          expirationDate,
        });
      iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
        .returns([{ expirationDate: expirationDate.toDate(), autoRenewing: false }]);
      iapIsValidatedStub = sinon.stub(iap, 'isValidated')
        .returns(true);
      user = new User();
      user.profile.name = 'sender';
@@ -273,6 +276,9 @@ describe('Google Payments', () => {
    });
    afterEach(() => {
      iap.setup.restore();
      iap.validate.restore();
      iap.isValidated.restore();
      iap.getPurchaseData.restore();
      payments.cancelSubscription.restore();
    });
@@ -302,8 +308,6 @@ describe('Google Payments', () => {
    });
    it('should cancel a user subscription', async () => {
      iap.isCanceled.restore();
      iap.isCanceled = sinon.stub(iap, 'isCanceled').returns(true);
      await googlePayments.cancelSubscribe(user, headers);
      expect(iapSetupStub).to.be.calledOnce;
@@ -328,20 +332,11 @@ describe('Google Payments', () => {
    });
    it('should cancel a user subscription with multiple inactive subscriptions', async () => {
      iap.isCanceled.restore();
      iap.isCanceled = sinon.stub(iap, 'isCanceled').returns(true);
      const laterDate = moment.utc().add(7, 'days');
      iap.getPurchaseData.restore();
      iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
-        .returns([{
+        .returns([{ expirationDate, autoRenewing: false },
-          startTimeMillis: expirationDate.valueOf(),
+          { expirationDate: laterDate, autoRenewing: false },
          expirationDate,
          autoRenewing: false,
        }, {
          startTimeMillis: laterDate.valueOf(),
          expirationDate: laterDate,
          autoRenewing: false,
        },
        ]);
      await googlePayments.cancelSubscribe(user, headers);
@@ -370,12 +365,7 @@ describe('Google Payments', () => {
      iap.getPurchaseData.restore();
      iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
        .returns([{ autoRenewing: true }]);
-      await expect(googlePayments.cancelSubscribe(user, headers))
+      await googlePayments.cancelSubscribe(user, headers);
        .to.eventually.be.rejected.and.to.eql({
          httpCode: 401,
          name: 'NotAuthorized',
          message: googlePayments.constants.RESPONSE_STILL_VALID,
        });
      expect(iapSetupStub).to.be.calledOnce;
      expect(iapValidateStub).to.be.calledOnce;
@@ -398,12 +388,8 @@ describe('Google Payments', () => {
        .returns([{ expirationDate, autoRenewing: false },
          { autoRenewing: true },
          { expirationDate, autoRenewing: false }]);
-      await expect(googlePayments.cancelSubscribe(user, headers))
+      await googlePayments.cancelSubscribe(user, headers);
-        .to.eventually.be.rejected.and.to.eql({
+
          httpCode: 401,
          name: 'NotAuthorized',
          message: googlePayments.constants.RESPONSE_STILL_VALID,
        });
      expect(iapSetupStub).to.be.calledOnce;
      expect(iapValidateStub).to.be.calledOnce;
      expect(iapValidateStub).to.be.calledWith(iap.GOOGLE, {
@@ -128,12 +128,11 @@ describe('Purchasing a group plan for group', () => {
    expect(publicGroup.purchased.plan.planId).to.not.exist;
    data.groupId = publicGroup._id;
    // Public Guilds are no longer even findable
    await expect(api.createSubscription(data))
      .to.eventually.be.rejected.and.to.eql({
-        httpCode: 404,
+        httpCode: 401,
-        name: 'NotFound',
+        name: 'NotAuthorized',
-        message: i18n.t('groupNotFound'),
+        message: i18n.t('onlyPrivateGuildsCanUpgrade'),
      });
    const updatedGroup = await Group.findById(publicGroup._id).exec();
@@ -3,6 +3,7 @@ import moment from 'moment';
 import * as sender from '../../../../../website/server/libs/email';
 import common from '../../../../../website/common';
 import api from '../../../../../website/server/libs/payments/payments';
 import * as analytics from '../../../../../website/server/libs/analyticsService';
 import * as notifications from '../../../../../website/server/libs/pushNotifications';
 import { model as User } from '../../../../../website/server/models/user';
 import { translate as t } from '../../../../helpers/api-integration/v3';
@@ -12,7 +13,6 @@ import {
 import * as worldState from '../../../../../website/server/libs/worldState';
 import { TransactionModel } from '../../../../../website/server/models/transaction';
 import { REPEATING_EVENTS } from '../../../../../website/common/script/content/constants/events';
 import { SubscriptionEventModel } from '../../../../../website/server/models/analytics/subscriptionEvent';
 describe('payments/index', () => {
  let user;
@@ -36,6 +36,8 @@ describe('payments/index', () => {
    sandbox.stub(sender, 'sendTxn');
    sandbox.stub(user, 'sendMessage');
    sandbox.stub(analytics.mockAnalyticsService, 'trackPurchase');
    sandbox.stub(analytics.mockAnalyticsService, 'track');
    sandbox.stub(notifications, 'sendNotification');
    data = {
@@ -95,16 +97,6 @@ describe('payments/index', () => {
        expect(recipient.items.pets['Jackalope-RoyalPurple']).to.eql(5);
      });
      it('tracks subscription events', async () => {
        await api.createSubscription(data);
        const subscriptionEvent = await SubscriptionEventModel.findOne({ userId: recipient._id });
        expect(subscriptionEvent).to.exist;
        expect(subscriptionEvent).to.have.property('eventType', 'subscribed');
        expect(subscriptionEvent).to.have.property('userId', recipient._id);
        expect(subscriptionEvent).to.have.property('planId', 'basic_3mo');
        expect(subscriptionEvent).to.have.property('paymentMethod', 'Payment Method');
      });
      it('adds extra months to an existing subscription', async () => {
        recipient.purchased.plan = plan;
@@ -306,6 +298,28 @@ describe('payments/index', () => {
        expect(notifications.sendNotification).to.be.calledOnce;
      });
      it('tracks subscription purchase as gift', async () => {
        await api.createSubscription(data);
        expect(analytics.mockAnalyticsService.trackPurchase).to.be.calledOnce;
        expect(analytics.mockAnalyticsService.trackPurchase).to.be.calledWith({
          uuid: user._id,
          groupId: undefined,
          itemPurchased: 'Subscription',
          sku: 'payment method-subscription',
          purchaseType: 'subscribe',
          paymentMethod: data.paymentMethod,
          quantity: 1,
          gift: true,
          purchaseValue: 15,
          firstPurchase: true,
          headers: {
            'x-client': 'habitica-web',
            'user-agent': '',
          },
        });
      });
      context('No Active Promotion', () => {
        beforeEach(() => {
          sinon.stub(worldState, 'getCurrentEventList').returns([]);
@@ -441,16 +455,6 @@ describe('payments/index', () => {
        expect(user.purchased.plan.dateCreated).to.exist;
      });
      it('tracks subscription events', async () => {
        await api.createSubscription(data);
        const subscriptionEvent = await SubscriptionEventModel.findOne({ userId: user._id });
        expect(subscriptionEvent).to.exist;
        expect(subscriptionEvent).to.have.property('userId', user._id);
        expect(subscriptionEvent).to.have.property('ipAddress');
        expect(subscriptionEvent).to.have.property('planId', 'basic_3mo');
        expect(subscriptionEvent).to.have.property('paymentMethod', 'Payment Method');
      });
      it('sets plan.dateCreated if it did not previously exist', async () => {
        expect(user.purchased.plan.dateCreated).to.not.exist;
@@ -539,24 +543,29 @@ describe('payments/index', () => {
        expect(sender.sendTxn).to.be.calledWith(data.user, 'subscription-begins');
      });
-      context('Upgrades subscription', () => {
+      it('tracks subscription purchase', async () => {
        it('tracks subscription events', async () => {
          data.sub.key = 'basic_earned';
          expect(user.purchased.plan.planId).to.not.exist;
        await api.createSubscription(data);
-          data.sub.key = 'basic_6mo';
+        expect(analytics.mockAnalyticsService.trackPurchase).to.be.calledOnce;
-          data.updatedFrom = { key: 'basic_earned' };
+        expect(analytics.mockAnalyticsService.trackPurchase).to.be.calledWith({
-          await api.createSubscription(data);
+          uuid: user._id,
-
+          groupId: undefined,
-          const subscriptionEvent = await SubscriptionEventModel.findOne({ userId: user._id, planId: 'basic_6mo' });
+          itemPurchased: 'Subscription',
-          expect(subscriptionEvent).to.exist;
+          sku: 'payment method-subscription',
-          expect(subscriptionEvent).to.have.property('eventType', 'upgraded');
+          purchaseType: 'subscribe',
-          expect(subscriptionEvent).to.have.property('userId', user._id);
+          paymentMethod: data.paymentMethod,
-          expect(subscriptionEvent).to.have.property('paymentMethod', 'Payment Method');
+          quantity: 1,
          gift: false,
          purchaseValue: 15,
          firstPurchase: true,
          headers: {
            'x-client': 'habitica-web',
            'user-agent': '',
          },
        });
      });
      context('Upgrades subscription', () => {
        it('from basic_earned to basic_6mo', async () => {
          data.sub.key = 'basic_earned';
          expect(user.purchased.plan.planId).to.not.exist;
@@ -599,23 +608,6 @@ describe('payments/index', () => {
      });
      context('Downgrades subscription', () => {
        it('tracks subscription events', async () => {
          data.sub.key = 'basic_6mo';
          expect(user.purchased.plan.planId).to.not.exist;
          await api.createSubscription(data);
          data.sub.key = 'basic_earned';
          data.updatedFrom = { key: 'basic_6mo' };
          await api.createSubscription(data);
          const subscriptionEvent = await SubscriptionEventModel.findOne({ userId: user._id, planId: 'basic_earned' });
          expect(subscriptionEvent).to.exist;
          expect(subscriptionEvent).to.have.property('eventType', 'downgraded');
          expect(subscriptionEvent).to.have.property('userId', user._id);
          expect(subscriptionEvent).to.have.property('paymentMethod', 'Payment Method');
        });
        it('from basic_6mo to basic_earned', async () => {
          data.sub.key = 'basic_6mo';
          expect(user.purchased.plan.planId).to.not.exist;
@@ -1144,15 +1136,6 @@ describe('payments/index', () => {
        expect(daysTillTermination).to.be.within(29, 30); // 1 month +/- 1 days
      });
      it('tracks subscription events', async () => {
        await api.cancelSubscription(data);
        const subscriptionEvent = await SubscriptionEventModel.findOne({ userId: user._id });
        expect(subscriptionEvent).to.exist;
        expect(subscriptionEvent).to.have.property('eventType', 'cancelled');
        expect(subscriptionEvent).to.have.property('userId', user._id);
      });
      it('adds extraMonths to dateTerminated value', async () => {
        user.purchased.plan.extraMonths = 2;
@@ -30,15 +30,13 @@ describe('paypal - subscribeCancel', () => {
    group = generateGroup({
      name: 'test group',
      type: 'guild',
-      privacy: 'private',
+      privacy: 'public',
      leader: user._id,
    });
    group.purchased.plan.customerId = groupCustomerId;
    group.purchased.plan.planId = subKey;
    group.purchased.plan.lastBillingDate = new Date();
    await group.save();
    user.guilds.push(group._id);
    await user.save();
    nextBillingDate = new Date();
@@ -236,7 +236,7 @@ describe('Stripe - Checkout', () => {
      const group = generateGroup({
        name: 'test group',
        type: 'guild',
-        privacy: 'private',
+        privacy: 'public',
        leader: user._id,
      });
      const groupId = group._id;
@@ -376,13 +376,11 @@ describe('Stripe - Checkout', () => {
        group = generateGroup({
          name: 'test group',
          type: 'guild',
-          privacy: 'private',
+          privacy: 'public',
          leader: user._id,
        });
        groupId = group._id;
        await group.save();
        user.guilds.push(group._id);
        await user.save();
      });
      it('throws if user is not allowed to change group plan', async () => {
@@ -136,7 +136,7 @@ describe('Stripe - Subscriptions', () => {
      group = generateGroup({
        name: 'test group',
        type: 'guild',
-        privacy: 'private',
+        privacy: 'public',
        leader: user._id,
      });
      groupId = group._id;
@@ -315,14 +315,12 @@ describe('Stripe - Subscriptions', () => {
      group = generateGroup({
        name: 'test group',
        type: 'guild',
-        privacy: 'private',
+        privacy: 'public',
        leader: user._id,
      });
      group.purchased.plan.customerId = 'customer-id';
      group.purchased.plan.planId = subKey;
      await group.save();
      user.guilds.push(group._id);
      await user.save();
      groupId = group._id;
    });
@@ -0,0 +1,50 @@
 /* eslint-disable global-require */
 import nconf from 'nconf';
 import requireAgain from 'require-again';
 import {
  generateRes,
  generateReq,
  generateNext,
 } from '../../../helpers/api-unit.helper';
 import * as analyticsService from '../../../../website/server/libs/analyticsService';
 describe('analytics middleware', () => {
  let res; let req; let
    next;
  const pathToAnalyticsMiddleware = '../../../../website/server/middlewares/analytics';
  beforeEach(() => {
    res = generateRes();
    req = generateReq();
    next = generateNext();
  });
  it('attaches analytics object to res', () => {
    const attachAnalytics = requireAgain(pathToAnalyticsMiddleware).default;
    attachAnalytics(req, res, next);
    expect(res.analytics).to.exist;
  });
  it('attaches stubbed methods for non-prod environments', () => {
    sandbox.stub(nconf, 'get').withArgs('IS_PROD').returns(false);
    const attachAnalytics = requireAgain(pathToAnalyticsMiddleware).default;
    attachAnalytics(req, res, next);
    expect(res.analytics.track).to.eql(analyticsService.mockAnalyticsService.track);
    expect(res.analytics.trackPurchase).to.eql(analyticsService.mockAnalyticsService.trackPurchase);
  });
  it('attaches real methods for prod environments', () => {
    sandbox.stub(nconf, 'get').withArgs('IS_PROD').returns(true);
    const attachAnalytics = requireAgain(pathToAnalyticsMiddleware).default;
    attachAnalytics(req, res, next);
    expect(res.analytics.track).to.eql(analyticsService.track);
    expect(res.analytics.trackPurchase).to.eql(analyticsService.trackPurchase);
  });
 });
@@ -1,11 +1,8 @@
 import nconf from 'nconf';
 import requireAgain from 'require-again';
 import {
  generateRes,
  generateReq,
 } from '../../../helpers/api-unit.helper';
-
+import { authWithHeaders as authWithHeadersFactory } from '../../../../website/server/middlewares/auth';
 const authPath = '../../../../website/server/middlewares/auth';
 describe('auth middleware', () => {
  let res; let req; let
@@ -19,7 +16,6 @@ describe('auth middleware', () => {
  describe('auth with headers', () => {
    it('allows to specify a list of user field that we do not want to load', done => {
      const authWithHeadersFactory = requireAgain(authPath).authWithHeaders;
      const authWithHeaders = authWithHeadersFactory({
        userFieldsToExclude: ['items'],
      });
@@ -39,7 +35,6 @@ describe('auth middleware', () => {
    });
    it('makes sure some fields are always included', done => {
      const authWithHeadersFactory = requireAgain(authPath).authWithHeaders;
      const authWithHeaders = authWithHeadersFactory({
        userFieldsToExclude: [
          'items', 'auth.timestamps',
@@ -65,57 +60,5 @@ describe('auth middleware', () => {
        return done();
      });
    });
    it('errors with InvalidCredentialsError and code when token is wrong', done => {
      const authWithHeadersFactory = requireAgain(authPath).authWithHeaders;
      const authWithHeaders = authWithHeadersFactory({ userFieldsToExclude: [] });
      req.headers['x-api-user'] = user._id;
      req.headers['x-api-key'] = 'totally-wrong-token';
      authWithHeaders(req, res, err => {
        expect(err).to.exist;
        expect(err.name).to.equal('InvalidCredentialsError');
        expect(err.code).to.equal('invalid_credentials');
        expect(err.message).to.equal(res.t('invalidCredentials'));
        return done();
      });
    });
    describe('when ENFORCE_CLIENT_HEADER is true', () => {
      let authFactory;
      beforeEach(() => {
        sandbox.stub(nconf, 'get').withArgs('ENFORCE_CLIENT_HEADER').returns('true');
        authFactory = requireAgain(authPath).authWithHeaders;
      });
      it('errors with missingClientHeader when x-client header is not present', done => {
        const authWithHeaders = authFactory({ userFieldsToExclude: [] });
        req.headers['x-api-user'] = user._id;
        req.headers['x-api-key'] = user;
        authWithHeaders(req, res, err => {
          expect(err).to.exist;
          expect(err.name).to.equal('BadRequest');
          expect(err.message).to.equal(res.t('missingClientHeader'));
          return done();
        });
      });
      it('allows request to pass when x-client header is present', done => {
        const authWithHeaders = authFactory({ userFieldsToExclude: [] });
        req.headers['x-api-user'] = user._id;
        req.headers['x-api-key'] = user.apiToken;
        req.headers['x-client'] = 'habitica-web';
        authWithHeaders(req, res, err => {
          if (err) return done(err);
          expect(res.locals.user).to.exist;
          return done();
        });
      });
    });
  });
 });
@@ -1,197 +0,0 @@
 import nconf from 'nconf';
 import requireAgain from 'require-again';
 import {
  generateRes,
  generateReq,
  generateNext,
 } from '../../../helpers/api-unit.helper';
 import { Forbidden } from '../../../../website/server/libs/errors';
 import { apiError } from '../../../../website/server/libs/apiError';
 import { model as Blocker } from '../../../../website/server/models/blocker';
 function checkIPBlockedErrorThrown (next) {
  expect(next).to.have.been.calledOnce;
  const calledWith = next.getCall(0).args;
  expect(calledWith[0].message).to.equal(apiError('ipAddressBlocked'));
  expect(calledWith[0] instanceof Forbidden).to.equal(true);
 }
 function checkClientBlockedErrorThrown (next) {
  expect(next).to.have.been.calledOnce;
  const calledWith = next.getCall(0).args;
  expect(calledWith[0].message).to.equal(apiError('clientBlocked'));
  expect(calledWith[0] instanceof Forbidden).to.equal(true);
 }
 function checkErrorNotThrown (next) {
  expect(next).to.have.been.calledOnce;
  const calledWith = next.getCall(0).args;
  expect(typeof calledWith[0] === 'undefined').to.equal(true);
 }
 describe('Blocker middleware', () => {
  const pathToBlocker = '../../../../website/server/middlewares/blocker';
  let res; let req; let next;
  beforeEach(() => {
    res = generateRes();
    req = generateReq();
    next = generateNext();
  });
  describe('Blocking IPs', () => {
    it('is disabled when the env var is not defined', () => {
      sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns(undefined);
      const attachBlocker = requireAgain(pathToBlocker).default;
      attachBlocker(req, res, next);
      checkErrorNotThrown(next);
    });
    it('is disabled when the env var is an empty string', () => {
      sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns('');
      const attachBlocker = requireAgain(pathToBlocker).default;
      attachBlocker(req, res, next);
      checkErrorNotThrown(next);
    });
    it('is disabled when the env var contains comma separated empty strings', () => {
      sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns(' , , ');
      const attachBlocker = requireAgain(pathToBlocker).default;
      attachBlocker(req, res, next);
      checkErrorNotThrown(next);
    });
    it('does not throw when the ip does not match', () => {
      req.ip = '192.168.1.1';
      sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns('192.168.1.2');
      const attachBlocker = requireAgain(pathToBlocker).default;
      attachBlocker(req, res, next);
      checkErrorNotThrown(next);
    });
    it('does not throw when the blocker IP does not match', async () => {
      req.ip = '192.168.1.1';
      sandbox.stub(Blocker, 'watchBlockers').returns({
        on: (event, callback) => {
          if (event === 'change') {
            callback({ operation: 'add', blocker: { type: 'ipaddress', area: 'full', value: '192.168.1.2' } });
          }
        },
      });
      const attachBlocker = requireAgain(pathToBlocker).default;
      attachBlocker(req, res, next);
      checkErrorNotThrown(next);
    });
    it('does not throw when a client is blocked', async () => {
      sandbox.stub(Blocker, 'watchBlockers').returns({
        on: (event, callback) => {
          if (event === 'change') {
            callback({ operation: 'add', blocker: { type: 'client', area: 'full', value: '192.168.1.1' } });
          }
        },
      });
      const attachBlocker = requireAgain(pathToBlocker).default;
      attachBlocker(req, res, next);
      checkErrorNotThrown(next);
    });
    it('throws when the blocker IP is blocked', async () => {
      req.ip = '192.168.1.1';
      sandbox.stub(Blocker, 'watchBlockers').returns({
        on: (event, callback) => {
          if (event === 'change') {
            callback({ operation: 'add', blocker: { type: 'ipaddress', area: 'full', value: '192.168.1.1' } });
          }
        },
      });
      const attachBlocker = requireAgain(pathToBlocker).default;
      attachBlocker(req, res, next);
      checkIPBlockedErrorThrown(next);
    });
  });
  describe('Blocking clients', () => {
    beforeEach(() => {
      sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns('');
      req.headers['x-client'] = 'test-client';
    });
    it('is disabled when no clients are blocked', () => {
      const attachBlocker = requireAgain(pathToBlocker).default;
      attachBlocker(req, res, next);
      checkErrorNotThrown(next);
    });
    it('does not throw when the client does not match', async () => {
      sandbox.stub(Blocker, 'watchBlockers').returns({
        on: (event, callback) => {
          if (event === 'change') {
            callback({ operation: 'add', blocker: { type: 'client', area: 'full', value: 'another-client' } });
          }
        },
      });
      const attachBlocker = requireAgain(pathToBlocker).default;
      attachBlocker(req, res, next);
      checkErrorNotThrown(next);
    });
    it('throws when the client is blocked', async () => {
      sandbox.stub(Blocker, 'watchBlockers').returns({
        on: (event, callback) => {
          if (event === 'change') {
            callback({ operation: 'add', blocker: { type: 'client', area: 'full', value: 'test-client' } });
          }
        },
      });
      const attachBlocker = requireAgain(pathToBlocker).default;
      attachBlocker(req, res, next);
      checkClientBlockedErrorThrown(next);
    });
    it('does not throw when an ip is blocked', async () => {
      sandbox.stub(Blocker, 'watchBlockers').returns({
        on: (event, callback) => {
          if (event === 'change') {
            callback({ operation: 'add', blocker: { type: 'ipaddress', area: 'full', value: 'test-client' } });
          }
        },
      });
      const attachBlocker = requireAgain(pathToBlocker).default;
      attachBlocker(req, res, next);
      checkErrorNotThrown(next);
    });
    it('updates the list when data changes', async () => {
      let blockCallback;
      sandbox.stub(Blocker, 'watchBlockers').returns({
        on: (event, callback) => {
          blockCallback = callback;
          if (event === 'change') {
            callback({ operation: 'add', blocker: { type: 'client', area: 'full', value: 'another-client' } });
          }
        },
      });
      const attachBlocker = requireAgain(pathToBlocker).default;
      attachBlocker(req, res, next);
      checkErrorNotThrown(next);
      blockCallback({ operation: 'add', blocker: { type: 'client', area: 'full', value: 'test-client' } });
      attachBlocker(req, res, next);
      expect(next).to.have.been.calledTwice;
      const calledWith = next.getCall(1).args;
      expect(calledWith[0].message).to.equal(apiError('clientBlocked'));
      expect(calledWith[0] instanceof Forbidden).to.equal(true);
    });
  });
 });
@@ -0,0 +1,332 @@
 import moment from 'moment';
 import { v4 as generateUUID } from 'uuid';
 import {
  generateRes,
  generateReq,
  generateTodo,
  generateDaily,
 } from '../../../helpers/api-unit.helper';
 import cronMiddleware from '../../../../website/server/middlewares/cron';
 import { model as User } from '../../../../website/server/models/user';
 import { model as Group } from '../../../../website/server/models/group';
 import * as Tasks from '../../../../website/server/models/task';
 import * as analyticsService from '../../../../website/server/libs/analyticsService';
 import * as cronLib from '../../../../website/server/libs/cron';
 const CRON_TIMEOUT_WAIT = new Date(60 * 60 * 1000).getTime();
 const CRON_TIMEOUT_UNIT = new Date(60 * 1000).getTime();
 describe('cron middleware', () => {
  let res; let
    req;
  let user;
  beforeEach(async () => {
    res = generateRes();
    req = generateReq();
    user = await res.locals.user.save();
    res.analytics = analyticsService;
  });
  afterEach(() => {
    sandbox.restore();
  });
  it('calls next when user is not attached', done => {
    res.locals.user = null;
    cronMiddleware(req, res, done);
  });
  it('calls next when days have not been missed', done => {
    cronMiddleware(req, res, done);
  });
  it('should clear todos older than 30 days for free users', async () => {
    user.lastCron = moment(new Date()).subtract({ days: 2 });
    const task = generateTodo(user);
    task.dateCompleted = moment(new Date()).subtract({ days: 31 });
    task.completed = true;
    await task.save();
    await user.save();
    await new Promise((resolve, reject) => {
      cronMiddleware(req, res, err => {
        if (err) return reject(err);
        Tasks.Task.findOne({ _id: task }).then(foundTask => {
          expect(foundTask).to.not.exist;
          resolve();
        });
        return null;
      });
    });
  });
  it('should not clear todos older than 30 days for subscribed users', async () => {
    user.purchased.plan.customerId = 'subscribedId';
    user.purchased.plan.dateUpdated = moment('012013', 'MMYYYY');
    user.lastCron = moment(new Date()).subtract({ days: 2 });
    const task = generateTodo(user);
    task.dateCompleted = moment(new Date()).subtract({ days: 31 });
    task.completed = true;
    await task.save();
    await user.save();
    await new Promise((resolve, reject) => {
      cronMiddleware(req, res, err => {
        if (err) return reject(err);
        Tasks.Task.findOne({ _id: task }).then(foundTask => {
          expect(foundTask).to.exist;
          return resolve();
        });
        return null;
      });
    });
  });
  it('should clear todos older than 90 days for subscribed users', async () => {
    user.purchased.plan.customerId = 'subscribedId';
    user.purchased.plan.dateUpdated = moment('012013', 'MMYYYY');
    user.lastCron = moment(new Date()).subtract({ days: 2 });
    const task = generateTodo(user);
    task.dateCompleted = moment(new Date()).subtract({ days: 91 });
    task.completed = true;
    await task.save();
    await user.save();
    await new Promise((resolve, reject) => {
      cronMiddleware(req, res, err => {
        if (err) return reject(err);
        Tasks.Task.findOne({ _id: task }).then(foundTask => {
          expect(foundTask).to.not.exist;
          return resolve();
        });
        return null;
      });
    });
  });
  it('should call next if user was not modified after cron', async () => {
    const hpBefore = user.stats.hp;
    user.lastCron = moment(new Date()).subtract({ days: 2 });
    await user.save();
    await new Promise((resolve, reject) => {
      cronMiddleware(req, res, err => {
        if (err) return reject(err);
        expect(hpBefore).to.equal(user.stats.hp);
        return resolve();
      });
    });
  });
  it('runs cron if previous cron was incomplete', async () => {
    user.lastCron = moment(new Date()).subtract({ days: 1 });
    user.auth.timestamps.loggedin = moment(new Date()).subtract({ days: 4 });
    const now = new Date();
    await user.save();
    await new Promise((resolve, reject) => {
      cronMiddleware(req, res, err => {
        if (err) return reject(err);
        expect(moment(now).isSame(user.lastCron, 'day'));
        expect(moment(now).isSame(user.auth.timestamps.loggedin, 'day'));
        return resolve();
      });
    });
  });
  it('updates user.auth.timestamps.loggedin and lastCron', async () => {
    user.lastCron = moment(new Date()).subtract({ days: 2 });
    const now = new Date();
    await user.save();
    await new Promise((resolve, reject) => {
      cronMiddleware(req, res, err => {
        if (err) return reject(err);
        expect(moment(now).isSame(user.lastCron, 'day'));
        expect(moment(now).isSame(user.auth.timestamps.loggedin, 'day'));
        return resolve();
      });
    });
  });
  it('does damage for missing dailies', async () => {
    const hpBefore = user.stats.hp;
    user.lastCron = moment(new Date()).subtract({ days: 2 });
    const daily = generateDaily(user);
    daily.startDate = moment(new Date()).subtract({ days: 2 });
    await daily.save();
    await user.save();
    await new Promise((resolve, reject) => {
      cronMiddleware(req, res, err => {
        if (err) return reject(err);
        return User.findOne({ _id: user._id }).then(updatedUser => {
          expect(updatedUser.stats.hp).to.be.lessThan(hpBefore);
          return resolve();
        });
      });
    });
  });
  it('updates tasks', async () => {
    user.lastCron = moment(new Date()).subtract({ days: 2 });
    const todo = generateTodo(user);
    const todoValueBefore = todo.value;
    await Promise.all([todo.save(), user.save()]);
    await new Promise((resolve, reject) => {
      cronMiddleware(req, res, err => {
        if (err) return reject(err);
        return Tasks.Task.findOne({ _id: todo._id }).then(todoFound => {
          expect(todoFound.value).to.be.lessThan(todoValueBefore);
          return resolve();
        });
      });
    });
  });
  it('applies quest progress', async () => {
    const hpBefore = user.stats.hp;
    user.lastCron = moment(new Date()).subtract({ days: 2 });
    const daily = generateDaily(user);
    daily.startDate = moment(new Date()).subtract({ days: 2 });
    await daily.save();
    const questKey = 'dilatory';
    user.party.quest.key = questKey;
    const party = new Group({
      type: 'party',
      name: generateUUID(),
      leader: user._id,
    });
    party.quest.members[user._id] = true;
    party.quest.key = questKey;
    await party.save();
    user.party._id = party._id;
    await user.save();
    party.startQuest(user);
    await new Promise((resolve, reject) => {
      cronMiddleware(req, res, err => {
        if (err) return reject(err);
        return User.findOne({ _id: user._id }).then(updatedUser => {
          expect(updatedUser.stats.hp).to.be.lessThan(hpBefore);
          return resolve();
        });
      });
    });
  });
  it('recovers from failed cron and does not error when user is already cronning', async () => {
    user.lastCron = moment(new Date()).subtract({ days: 2 });
    await user.save();
    const updatedUser = user.toObject();
    updatedUser.matchedCount = 0;
    sandbox.spy(cronLib, 'recoverCron');
    sandbox.stub(User, 'updateOne')
      .withArgs({
        _id: user._id,
        $or: [
          { _cronSignature: 'NOT_RUNNING' },
          { _cronSignature: { $lt: sinon.match.number } },
        ],
      })
      .returns({
        exec () {
          return Promise.resolve(updatedUser);
        },
      });
    await new Promise((resolve, reject) => {
      cronMiddleware(req, res, err => {
        if (err) return reject(err);
        expect(cronLib.recoverCron).to.be.calledOnce;
        return resolve();
      });
    });
  });
  it('cronSignature less than an hour ago should error', async () => {
    user.lastCron = moment(new Date()).subtract({ days: 2 });
    const now = new Date();
    await User.updateOne({
      _id: user._id,
    }, {
      $set: {
        _cronSignature: now.getTime() - CRON_TIMEOUT_WAIT + CRON_TIMEOUT_UNIT,
      },
    }).exec();
    await user.save();
    const expectedErrMessage = `Impossible to recover from cron for user ${user._id}.`;
    await new Promise((resolve, reject) => {
      cronMiddleware(req, res, err => {
        if (!err) return reject(new Error('Cron should have failed.'));
        expect(err.message).to.be.equal(expectedErrMessage);
        return resolve();
      });
    });
  });
  it('cronSignature longer than an hour ago should allow cron', async () => {
    user.lastCron = moment(new Date()).subtract({ days: 2 });
    const now = new Date();
    await User.updateOne({
      _id: user._id,
    }, {
      $set: {
        _cronSignature: now.getTime() - CRON_TIMEOUT_WAIT - CRON_TIMEOUT_UNIT,
      },
    }).exec();
    await user.save();
    await new Promise((resolve, reject) => {
      cronMiddleware(req, res, err => {
        if (err) return reject(err);
        expect(moment(now).isSame(user.auth.timestamps.loggedin, 'day'));
        expect(user._cronSignature).to.be.equal('NOT_RUNNING');
        return resolve();
      });
    });
  });
  it('cron should not run more than once', async () => {
    user.lastCron = moment(new Date()).subtract({ days: 2 });
    await user.save();
    sandbox.spy(cronLib, 'cron');
    await Promise.all([new Promise((resolve, reject) => {
      cronMiddleware(req, res, err => {
        if (err) return reject(err);
        return resolve();
      });
    }), new Promise((resolve, reject) => {
      cronMiddleware(req, res, err => {
        if (err) return reject(err);
        return resolve();
      });
    }), new Promise((resolve, reject) => {
      setTimeout(() => {
        cronMiddleware(req, res, err => {
          if (err) return reject(err);
          return resolve();
        });
      }, 400);
    }),
    ]);
    expect(cronLib.cron).to.be.calledOnce;
  });
 });
@@ -0,0 +1,76 @@
 import nconf from 'nconf';
 import requireAgain from 'require-again';
 import {
  generateRes,
  generateReq,
  generateNext,
 } from '../../../helpers/api-unit.helper';
 import { Forbidden } from '../../../../website/server/libs/errors';
 import { apiError } from '../../../../website/server/libs/apiError';
 function checkErrorThrown (next) {
  expect(next).to.have.been.calledOnce;
  const calledWith = next.getCall(0).args;
  expect(calledWith[0].message).to.equal(apiError('ipAddressBlocked'));
  expect(calledWith[0] instanceof Forbidden).to.equal(true);
 }
 function checkErrorNotThrown (next) {
  expect(next).to.have.been.calledOnce;
  const calledWith = next.getCall(0).args;
  expect(typeof calledWith[0] === 'undefined').to.equal(true);
 }
 describe('ipBlocker middleware', () => {
  const pathToIpBlocker = '../../../../website/server/middlewares/ipBlocker';
  let res; let req; let next;
  beforeEach(() => {
    res = generateRes();
    req = generateReq();
    next = generateNext();
  });
  it('is disabled when the env var is not defined', () => {
    sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns(undefined);
    const attachIpBlocker = requireAgain(pathToIpBlocker).default;
    attachIpBlocker(req, res, next);
    checkErrorNotThrown(next);
  });
  it('is disabled when the env var is an empty string', () => {
    sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns('');
    const attachIpBlocker = requireAgain(pathToIpBlocker).default;
    attachIpBlocker(req, res, next);
    checkErrorNotThrown(next);
  });
  it('is disabled when the env var contains comma separated empty strings', () => {
    sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns(' , , ');
    const attachIpBlocker = requireAgain(pathToIpBlocker).default;
    attachIpBlocker(req, res, next);
    checkErrorNotThrown(next);
  });
  it('does not throw when the ip does not match', () => {
    req.ip = '192.168.1.1';
    sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns('192.168.1.2');
    const attachIpBlocker = requireAgain(pathToIpBlocker).default;
    attachIpBlocker(req, res, next);
    checkErrorNotThrown(next);
  });
  it('throws when the ip is blocked', () => {
    req.ip = '192.168.1.1';
    sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns('192.168.1.1');
    const attachIpBlocker = requireAgain(pathToIpBlocker).default;
    attachIpBlocker(req, res, next);
    checkErrorThrown(next);
  });
 });
@@ -32,8 +32,7 @@ describe('rateLimiter middleware', () => {
  it('is disabled when the env var is not defined', () => {
    nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns(undefined);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
    const attachRateLimiter = setupRateLimiter();
    attachRateLimiter(req, res, next);
    expect(next).to.have.been.calledOnce;
@@ -44,8 +43,7 @@ describe('rateLimiter middleware', () => {
  it('is disabled when the env var is an not "true"', () => {
    nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('false');
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
    const attachRateLimiter = setupRateLimiter();
    attachRateLimiter(req, res, next);
    expect(next).to.have.been.calledOnce;
@@ -57,8 +55,7 @@ describe('rateLimiter middleware', () => {
  it('does not throw when there are available points', async () => {
    nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
    nconfGetStub.withArgs('RATE_LIMITER_IP_COST').returns(1);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
    const attachRateLimiter = setupRateLimiter();
    await attachRateLimiter(req, res, next);
    expect(next).to.have.been.calledOnce;
@@ -80,8 +77,7 @@ describe('rateLimiter middleware', () => {
    sandbox.stub(RateLimiterMemory.prototype, 'consume')
      .returns(Promise.reject(new Error('Unknown error.')));
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
    const attachRateLimiter = setupRateLimiter();
    await attachRateLimiter(req, res, next);
    expect(next).to.have.been.calledOnce;
@@ -96,8 +92,7 @@ describe('rateLimiter middleware', () => {
  it('does not throw when LIVELINESS_PROBE_KEY is correct', async () => {
    nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
    nconfGetStub.withArgs('LIVELINESS_PROBE_KEY').returns('abc');
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
    const attachRateLimiter = setupRateLimiter();
    req.query.liveliness = 'abc';
    await attachRateLimiter(req, res, next);
@@ -112,8 +107,7 @@ describe('rateLimiter middleware', () => {
    nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
    nconfGetStub.withArgs('LIVELINESS_PROBE_KEY').returns('abc');
    nconfGetStub.withArgs('RATE_LIMITER_IP_COST').returns(1);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
    const attachRateLimiter = setupRateLimiter();
    req.query.liveliness = 'das';
    await attachRateLimiter(req, res, next);
@@ -130,8 +124,7 @@ describe('rateLimiter middleware', () => {
    nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
    nconfGetStub.withArgs('LIVELINESS_PROBE_KEY').returns(undefined);
    nconfGetStub.withArgs('RATE_LIMITER_IP_COST').returns(1);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
    const attachRateLimiter = setupRateLimiter();
    await attachRateLimiter(req, res, next);
@@ -147,8 +140,7 @@ describe('rateLimiter middleware', () => {
    nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
    nconfGetStub.withArgs('LIVELINESS_PROBE_KEY').returns('');
    nconfGetStub.withArgs('RATE_LIMITER_IP_COST').returns(1);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
    const attachRateLimiter = setupRateLimiter();
    req.query.liveliness = '';
    await attachRateLimiter(req, res, next);
@@ -164,8 +156,7 @@ describe('rateLimiter middleware', () => {
  it('throws when there are no available points remaining', async () => {
    nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
    nconfGetStub.withArgs('RATE_LIMITER_IP_COST').returns(1);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
    const attachRateLimiter = setupRateLimiter();
    // call for 31 times
    for (let i = 0; i < 31; i += 1) {
@@ -189,8 +180,7 @@ describe('rateLimiter middleware', () => {
  it('uses the user id if supplied or the ip address', async () => {
    nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
    nconfGetStub.withArgs('RATE_LIMITER_IP_COST').returns(1);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
    const attachRateLimiter = setupRateLimiter();
    req.ip = 1;
    await attachRateLimiter(req, res, next);
@@ -220,8 +210,7 @@ describe('rateLimiter middleware', () => {
  it('applies increased cost for registration calls with and without user id', async () => {
    nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
    nconfGetStub.withArgs('RATE_LIMITER_REGISTRATION_COST').returns(3);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
    const attachRateLimiter = setupRateLimiter();
    req.path = '/api/v4/user/auth/local/register';
    req.ip = 1;
@@ -252,8 +241,7 @@ describe('rateLimiter middleware', () => {
  it('applies increased cost for unauthenticated API calls', async () => {
    nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
    nconfGetStub.withArgs('RATE_LIMITER_IP_COST').returns(10);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
    const attachRateLimiter = setupRateLimiter();
    req.ip = 1;
    await attachRateLimiter(req, res, next);
@@ -6,8 +6,6 @@ import {
  SPAM_MESSAGE_LIMIT,
  SPAM_MIN_EXEMPT_CONTRIB_LEVEL,
  SPAM_WINDOW_LENGTH,
  MAX_CHAT_COUNT,
  MAX_SUBBED_GROUP_CHAT_COUNT,
  INVITES_LIMIT,
  model as Group,
 } from '../../../../website/server/models/group';
@@ -20,7 +18,6 @@ import {
 import * as email from '../../../../website/server/libs/email';
 import { TAVERN_ID } from '../../../../website/common/script/constants';
 import shared from '../../../../website/common';
 import { chatModel as Chat } from '../../../../website/server/models/message';
 describe('Group Model', () => {
  let party; let questLeader; let participatingMember;
@@ -1359,29 +1356,6 @@ describe('Group Model', () => {
      });
    });
    describe('#getEffectiveChatLimit', () => {
      it('returns the correct chat limit', () => {
        const group = new Group();
        expect(group.getEffectiveChatLimit()).to.eql(MAX_CHAT_COUNT);
      });
      it('returns the passed limit if it is lower than the max', () => {
        const group = new Group();
        expect(group.getEffectiveChatLimit(10)).to.eql(10);
      });
      it('returns the max if the passed limit is higher', () => {
        const group = new Group();
        expect(group.getEffectiveChatLimit(MAX_CHAT_COUNT + 10)).to.eql(MAX_CHAT_COUNT);
      });
      it('returns the max for group plans', () => {
        const group = new Group();
        group.purchased.plan.customerId = '110002222333';
        expect(group.getEffectiveChatLimit()).to.eql(MAX_SUBBED_GROUP_CHAT_COUNT);
      });
    });
    describe('#sendChat', () => {
      beforeEach(() => {
        sandbox.spy(User, 'updateOne');
@@ -1488,34 +1462,6 @@ describe('Group Model', () => {
      });
    });
    describe('#trimChat', () => {
      it('Only checks last message when not enough messages to trim', async () => {
        sandbox.spy(Chat, 'find');
        sandbox.spy(Chat, 'deleteMany');
        await Chat.insertOne({ groupId: party._id, timestamp: new Date() });
        await Chat.insertOne({ groupId: party._id, timestamp: new Date() });
        await Chat.insertOne({ groupId: party._id, timestamp: new Date() });
        await party.trimChat();
        expect(Chat.find).to.be.calledOnce;
        expect(Chat.deleteMany).to.not.be.called;
        expect(await Chat.countDocuments({ groupId: party._id })).to.eql(3);
      });
      it('Deletes messages over the limit', async () => {
        sandbox.spy(Chat, 'find');
        sandbox.spy(Chat, 'deleteMany');
        await Chat.insertOne({ groupId: party._id, timestamp: new Date() });
        await Chat.insertOne({ groupId: party._id, timestamp: new Date() });
        await Chat.insertOne({ groupId: party._id, timestamp: new Date() });
        await party.trimChat(1);
        expect(Chat.find).to.be.calledOnce;
        expect(Chat.deleteMany).to.be.calledOnce;
        expect(await Chat.countDocuments({ groupId: party._id })).to.eql(1);
      });
    });
    describe('#startQuest', () => {
      context('Failure Conditions', () => {
        it('throws an error if group is not a party', async () => {
@@ -1,13 +1,9 @@
 import moment from 'moment';
 import requireAgain from 'require-again';
 import { model as User } from '../../../../website/server/models/user';
 import { model as NewsPost } from '../../../../website/server/models/newsPost';
 import { model as Group } from '../../../../website/server/models/group';
 import { model as Blocker } from '../../../../website/server/models/blocker';
 import common from '../../../../website/common';
 const pathToUserSchema = '../../../../website/server/models/user/schema';
 describe('User Model', () => {
  describe('.toJSON()', () => {
    it('keeps user._tmp when calling .toJSON', () => {
@@ -916,73 +912,4 @@ describe('User Model', () => {
      expect(user.toJSON().flags.newStuff).to.equal(true);
    });
  });
  describe('validates email', () => {
    it('does not throw an error for a valid email', () => {
      const user = new User();
      user.auth.local.email = 'hello@example.com';
      const errors = user.validateSync();
      expect(errors.errors['auth.local.email']).to.not.exist;
    });
    it('throws an error if email is not valid', () => {
      const user = new User();
      user.auth.local.email = 'invalid-email';
      const errors = user.validateSync();
      expect(errors.errors['auth.local.email'].message).to.equal(common.i18n.t('invalidEmail'));
    });
    it('throws an error if email is using a restricted domain', () => {
      const user = new User();
      user.auth.local.email = 'scammer@habitica.com';
      const errors = user.validateSync();
      expect(errors.errors['auth.local.email'].message).to.equal(common.i18n.t('invalidEmailDomain', { domains: 'habitica.com, habitrpg.com' }));
    });
    it('throws an error if email was blocked specifically', () => {
      sandbox.stub(Blocker, 'watchBlockers').returns({
        on: (event, callback) => {
          callback({ operation: 'add', blocker: { type: 'email', area: 'full', value: 'blocked@example.com' } });
        },
      });
      const schema = requireAgain(pathToUserSchema).UserSchema;
      const valid = schema.paths['auth.local.email'].options.validate.every(v => v.validator('blocked@example.com'));
      expect(valid).to.equal(false);
    });
    it('throws an error if email domain was blocked', () => {
      sandbox.stub(Blocker, 'watchBlockers').returns({
        on: (event, callback) => {
          callback({ operation: 'add', blocker: { type: 'email', area: 'full', value: '@example.com' } });
        },
      });
      const schema = requireAgain(pathToUserSchema).UserSchema;
      const valid = schema.paths['auth.local.email'].options.validate.every(v => v.validator('blocked@example.com'));
      expect(valid).to.equal(false);
    });
    it('throws an error if user portion of email was blocked', () => {
      sandbox.stub(Blocker, 'watchBlockers').returns({
        on: (event, callback) => {
          callback({ operation: 'add', blocker: { type: 'email', area: 'full', value: 'blocked@' } });
        },
      });
      const schema = requireAgain(pathToUserSchema).UserSchema;
      const valid = schema.paths['auth.local.email'].options.validate.every(v => v.validator('blocked@example.com'));
      expect(valid).to.equal(false);
    });
    it('does not throw an error if email is not blocked', () => {
      sandbox.stub(Blocker, 'watchBlockers').returns({
        on: (event, callback) => {
          callback({ operation: 'add', blocker: { type: 'email', area: 'full', value: '@example.com' } });
          callback({ operation: 'add', blocker: { type: 'email', area: 'full', value: 'blocked@' } });
          callback({ operation: 'add', blocker: { type: 'email', area: 'full', value: 'bad@test.com' } });
        },
      });
      const schema = requireAgain(pathToUserSchema).UserSchema;
      const valid = schema.paths['auth.local.email'].options.validate.every(v => v.validator('good@test.com'));
      expect(valid).to.equal(true);
    });
  });
 });
@@ -50,59 +50,5 @@ describe('UserNotification Model', () => {
      expect(safeNotifications[0].type).to.equal('NEW_CHAT_MESSAGE');
      expect(safeNotifications[0].id).to.equal('123');
    });
    it('removes duplicate STREAK_ACHIEVEMENT notifications', () => {
      // Fixes issue #13325 - Users receiving duplicate streak achievement notifications
      const notifications = [
        new UserNotification({
          type: 'STREAK_ACHIEVEMENT',
          id: 123,
          data: {},
        }),
        new UserNotification({
          type: 'STREAK_ACHIEVEMENT',
          id: 456,
          data: {},
        }),
        new UserNotification({
          type: 'CRON',
          id: 789,
          data: {},
        }), // different type, should be kept
      ];
      const safeNotifications = UserNotification.cleanupCorruptData(notifications);
      expect(safeNotifications.length).to.equal(2);
      expect(safeNotifications[0].type).to.equal('STREAK_ACHIEVEMENT');
      expect(safeNotifications[0].id).to.equal('123');
      expect(safeNotifications[1].type).to.equal('CRON');
      expect(safeNotifications[1].id).to.equal('789');
    });
    it('handles multiple STREAK_ACHIEVEMENT duplicates correctly', () => {
      // Test case: 3 duplicate STREAK_ACHIEVEMENT notifications
      const notifications = [
        new UserNotification({
          type: 'STREAK_ACHIEVEMENT',
          id: 111,
          data: {},
        }),
        new UserNotification({
          type: 'STREAK_ACHIEVEMENT',
          id: 222,
          data: {},
        }),
        new UserNotification({
          type: 'STREAK_ACHIEVEMENT',
          id: 333,
          data: {},
        }),
      ];
      const safeNotifications = UserNotification.cleanupCorruptData(notifications);
      expect(safeNotifications.length).to.equal(1);
      expect(safeNotifications[0].type).to.equal('STREAK_ACHIEVEMENT');
      expect(safeNotifications[0].id).to.equal('111'); // Keep first one
    });
  });
 });
@@ -0,0 +1,19 @@
 import {
  generateUser,
  requester,
 } from '../../../../helpers/api-integration/v3';
 import { mockAnalyticsService as analytics } from '../../../../../website/server/libs/analyticsService';
 describe('POST /analytics/track/:eventName', () => {
  it('calls res.analytics', async () => {
    const user = await generateUser();
    sandbox.spy(analytics, 'track');
    const requestWithHeaders = requester(user, { 'x-client': 'habitica-web' });
    await requestWithHeaders.post('/analytics/track/eventName', { data: 'example' }, { 'x-client': 'habitica-web' });
    expect(analytics.track).to.be.calledOnce;
    expect(analytics.track).to.be.calledWith('eventName', sandbox.match({ data: 'example' }));
    sandbox.restore();
  });
 });
@@ -5,8 +5,6 @@ import {
  createAndPopulateGroup,
  translate as t,
 } from '../../../../helpers/api-integration/v3';
 import { model as Group } from '../../../../../website/server/models/group';
 import { TAVERN_ID } from '../../../../../website/common/script/constants';
 describe('POST /challenges/:challengeId/join', () => {
  it('returns error when challengeId is not a valid UUID', async () => {
@@ -29,37 +27,6 @@ describe('POST /challenges/:challengeId/join', () => {
    });
  });
  context('public Guild', () => {
    let group;
    let groupLeader;
    let members;
    let challenge;
    before(async () => {
      ({ group, groupLeader, members } = await createAndPopulateGroup({
        groupDetails: {
          name: 'test group',
          type: 'guild',
          privacy: 'private',
        },
        members: 1,
        upgradeToGroupPlan: true,
      }));
      challenge = await generateChallenge(groupLeader, group);
      // Creation API is shut down, we need to simulate an extant public group
      await Group.updateOne({ _id: group._id }, { $set: { privacy: 'public' }, $unset: { 'purchased.plan': 1 } }).exec();
    });
    it('returns error when challengeId is in an old public Guild', async () => {
      const authorizedUser = members[0]; // eslint-disable-line prefer-destructuring
      await expect(authorizedUser.post(`/challenges/${challenge._id}/join`)).to.eventually.be.rejected.and.eql({
        code: 404,
        error: 'NotFound',
        message: t('challengeNotFound'),
      });
    });
  });
  context('Joining a valid challenge', () => {
    let groupLeader;
    let group;
@@ -99,15 +66,6 @@ describe('POST /challenges/:challengeId/join', () => {
      expect(res.name).to.equal(challenge.name);
    });
    it('succeeds when it\'s a Tavern challenge, even if the user isn\'t a "member" of Tavern', async () => {
      const tavern = await groupLeader.get(`/groups/${TAVERN_ID}`);
      const tavernChallenge = await generateChallenge(groupLeader, tavern, { prize: 1 });
      const generalUser = await generateUser();
      const res = await generalUser.post(`/challenges/${tavernChallenge._id}/join`);
      expect(res.name).to.equal(tavernChallenge.name);
    });
    it('returns challenge data', async () => {
      const res = await authorizedUser.post(`/challenges/${challenge._id}/join`);
@@ -62,9 +62,9 @@ describe('GET /groups/:groupId/chat', () => {
    it('returns error if user attempts to fetch a sunset Guild', async () => {
      await expect(user.get(`/groups/${group._id}/chat`)).to.eventually.be.rejected.and.eql({
-        code: 404,
+        code: 400,
-        error: 'NotFound',
+        error: 'BadRequest',
-        message: t('groupNotFound'),
+        message: t('featureRetired'),
      });
    });
  });
@@ -121,9 +121,9 @@ describe('POST /chat/:chatId/like', () => {
    await expect(user.post(`/groups/${groupWithChat._id}/chat/${message.message.id}/like`))
      .to.eventually.be.rejected.and.eql({
-        code: 404,
+        code: 400,
-        error: 'NotFound',
+        error: 'BadRequest',
-        message: t('groupNotFound'),
+        message: t('featureRetired'),
      });
  });
 });
@@ -9,7 +9,7 @@ import {
 import {
  SPAM_MIN_EXEMPT_CONTRIB_LEVEL,
 } from '../../../../../website/server/models/group';
-import { MAX_MESSAGE_LENGTH, CHAT_FLAG_FROM_SHADOW_MUTE } from '../../../../../website/common/script/constants';
+import { MAX_MESSAGE_LENGTH } from '../../../../../website/common/script/constants';
 import * as email from '../../../../../website/server/libs/email';
 describe('POST /chat', () => {
@@ -80,20 +80,17 @@ describe('POST /chat', () => {
      member.updateOne({ 'flags.chatRevoked': false });
    });
-    it('errors when chat privileges are revoked when sending a message to a private guild', async () => {
+    it('does not error when chat privileges are revoked when sending a message to a private guild', async () => {
      await member.updateOne({
        'flags.chatRevoked': true,
      });
-      await expect(member.post(`/groups/${groupWithChat._id}/chat`, { message: testMessage }))
+      const message = await member.post(`/groups/${groupWithChat._id}/chat`, { message: testMessage });
-        .to.eventually.be.rejected.and.eql({
+
-          code: 401,
+      expect(message.message.id).to.exist;
          error: 'NotAuthorized',
          message: t('chatPrivilegesRevoked'),
        });
    });
-    it('errors when chat privileges are revoked when sending a message to a party', async () => {
+    it('does not error when chat privileges are revoked when sending a message to a party', async () => {
      const { group, members } = await createAndPopulateGroup({
        groupDetails: {
          name: 'Party',
@@ -109,12 +106,9 @@ describe('POST /chat', () => {
        'auth.timestamps.created': new Date('2022-01-01'),
      });
-      await expect(privatePartyMemberWithChatsRevoked.post(`/groups/${group._id}/chat`, { message: testMessage }))
+      const message = await privatePartyMemberWithChatsRevoked.post(`/groups/${group._id}/chat`, { message: testMessage });
-        .to.eventually.be.rejected.and.eql({
+
-          code: 401,
+      expect(message.message.id).to.exist;
          error: 'NotAuthorized',
          message: t('chatPrivilegesRevoked'),
        });
    });
  });
@@ -129,7 +123,7 @@ describe('POST /chat', () => {
      member.updateOne({ 'flags.chatShadowMuted': false });
    });
-    it('creates a chat with flagCount set when sending a message to a private guild', async () => {
+    it('creates a chat with zero flagCount when sending a message to a private guild', async () => {
      await member.updateOne({
        'flags.chatShadowMuted': true,
      });
@@ -137,10 +131,10 @@ describe('POST /chat', () => {
      const message = await member.post(`/groups/${groupWithChat._id}/chat`, { message: testMessage });
      expect(message.message.id).to.exist;
-      expect(message.message.flagCount).to.eql(CHAT_FLAG_FROM_SHADOW_MUTE);
+      expect(message.message.flagCount).to.eql(0);
    });
-    it('creates a chat with flagCount set when sending a message to a party', async () => {
+    it('creates a chat with zero flagCount when sending a message to a party', async () => {
      const { group, members } = await createAndPopulateGroup({
        groupDetails: {
          name: 'Party',
@@ -159,7 +153,7 @@ describe('POST /chat', () => {
      const message = await userWithChatShadowMuted.post(`/groups/${group._id}/chat`, { message: testMessage });
      expect(message.message.id).to.exist;
-      expect(message.message.flagCount).to.eql(CHAT_FLAG_FROM_SHADOW_MUTE);
+      expect(message.message.flagCount).to.eql(0);
    });
  });
@@ -244,18 +238,6 @@ describe('POST /chat', () => {
    expect(groupMessages[0].id).to.exist;
  });
  it('creates a chat with case-insensitive mentions', async () => {
    const originalUsername = member.auth.local.username;
    const uppercaseUsername = originalUsername.toUpperCase();
    const messageWithMentions = `hi @${uppercaseUsername}`;
    const newMessage = await user.post(`/groups/${groupWithChat._id}/chat`, { message: messageWithMentions });
    const groupMessages = await user.get(`/groups/${groupWithChat._id}/chat`);
    expect(newMessage.message.id).to.exist;
    expect(newMessage.message.text).to.include(`[@${uppercaseUsername}](/profile/${member._id})`);
    expect(groupMessages[0].id).to.exist;
  });
  it('creates a chat with a max length of 3000 chars', async () => {
    const veryLongMessage = `
    123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789.
@@ -1,7 +1,6 @@
 import {
  requester,
  translate as t,
  generateUser,
 } from '../../../../helpers/api-integration/v3';
 import i18n from '../../../../../website/common/script/i18n';
@@ -57,28 +56,4 @@ describe('GET /content', () => {
    const res = await requester().get('/content?filter=backgroundsFlat,invalid');
    expect(res).to.not.have.property('backgroundsFlat');
  });
  describe('authenticated user', () => {
    let user;
    it('returns content in user\'s preferred language when no language parameter is provided', async () => {
      user = await generateUser({ 'preferences.language': 'de' });
      const res = await user.get('/content');
      expect(res).to.have.nested.property('backgrounds.backgrounds062014.beach');
      expect(res.backgrounds.backgrounds062014.beach.text).to.equal(i18n.t('backgroundBeachText', 'de'));
    });
    it('respects language parameter over user\'s preferred language', async () => {
      user = await generateUser({ 'preferences.language': 'de' });
      const res = await user.get('/content?language=fr');
      expect(res).to.have.nested.property('backgrounds.backgrounds062014.beach');
      expect(res.backgrounds.backgrounds062014.beach.text).to.equal(i18n.t('backgroundBeachText', 'fr'));
    });
    it('falls back to English if user\'s preferred language is invalid', async () => {
      user = await generateUser({ 'preferences.language': 'invalid_lang' });
      const res = await user.get('/content');
      expect(res).to.have.nested.property('backgrounds.backgrounds062014.beach');
      expect(res.backgrounds.backgrounds062014.beach.text).to.equal(t('backgroundBeachText'));
    });
  });
 });
@@ -0,0 +1,35 @@
 import { v4 as generateUUID } from 'uuid';
 import {
  generateUser,
  translate as t,
 } from '../../../../helpers/api-integration/v3';
 xdescribe('GET /export/avatar-:memberId.html', () => {
  let user;
  before(async () => {
    user = await generateUser();
  });
  it('validates req.params.memberId', async () => {
    await expect(user.get('/export/avatar-:memberId.html')).to.eventually.be.rejected.and.eql({
      code: 400,
      error: 'BadRequest',
      message: t('invalidReqParams'),
    });
  });
  it('handles non-existing members', async () => {
    const dummyId = generateUUID();
    await expect(user.get(`/export/avatar-${dummyId}.html`)).to.eventually.be.rejected.and.eql({
      code: 404,
      error: 'NotFound',
      message: t('userWithIDNotFound', { userId: dummyId }),
    });
  });
  it('returns an html page', async () => {
    const res = await user.get(`/export/avatar-${user._id}.html`);
    expect(res.substring(0, 100).indexOf('<!DOCTYPE html>')).to.equal(0);
  });
 });
@@ -0,0 +1,3 @@
 // TODO how to test this route since it points to a file on AWS s3?
 describe('GET /export/avatar-:memberId.png', () => {});
@@ -38,7 +38,7 @@ describe('GET /export/inbox.html', () => {
  it('renders the markdown messages as html', async () => {
    const res = await user.get('/export/inbox.html');
-    expect(res).to.include('😄');
+    expect(res).to.include('img class="habitica-emoji"');
    expect(res).to.include('<h1>Hello!</h1>');
    expect(res).to.include('<li>list 1</li>');
  });
@@ -46,7 +46,7 @@ describe('GET /export/inbox.html', () => {
  it('sorts messages from newest to oldest', async () => {
    const res = await user.get('/export/inbox.html');
-    const emojiPosition = res.indexOf('😄');
+    const emojiPosition = res.indexOf('img class="habitica-emoji"');
    const headingPosition = res.indexOf('<h1>Hello!</h1>');
    const listPosition = res.indexOf('<li>list 1</li>');
@@ -61,24 +61,6 @@ describe('Post /groups/:groupId/invite', () => {
        });
    });
    it('fakes sending an invite if user is shadow muted', async () => {
      const inviterMuted = await inviter.updateOne({ 'flags.chatShadowMuted': true });
      const userToInvite = await generateUser();
      const response = await inviterMuted.post(`/groups/${group._id}/invite`, {
        usernames: [userToInvite.auth.local.lowerCaseUsername],
      });
      expect(response).to.be.an('Array');
      expect(response[0]).to.have.all.keys(['_id', 'id', 'name', 'inviter']);
      expect(response[0]._id).to.be.a('String');
      expect(response[0].id).to.eql(group._id);
      expect(response[0].name).to.eql(groupName);
      expect(response[0].inviter).to.eql(inviter._id);
      await expect(userToInvite.get('/user'))
        .to.eventually.not.have.nested.property('invitations.parties[0].id', group._id);
    });
    it('invites a user to a group by username', async () => {
      const userToInvite = await generateUser();
@@ -227,24 +209,6 @@ describe('Post /groups/:groupId/invite', () => {
        });
    });
    it('fakes sending an invite if user is shadow muted', async () => {
      const inviterMuted = await inviter.updateOne({ 'flags.chatShadowMuted': true });
      const userToInvite = await generateUser();
      const response = await inviterMuted.post(`/groups/${group._id}/invite`, {
        uuids: [userToInvite._id],
      });
      expect(response).to.be.an('Array');
      expect(response[0]).to.have.all.keys(['_id', 'id', 'name', 'inviter']);
      expect(response[0]._id).to.be.a('String');
      expect(response[0].id).to.eql(group._id);
      expect(response[0].name).to.eql(groupName);
      expect(response[0].inviter).to.eql(inviter._id);
      await expect(userToInvite.get('/user'))
        .to.eventually.not.have.nested.property('invitations.parties[0].id', group._id);
    });
    it('invites a user to a group by uuid', async () => {
      const userToInvite = await generateUser();
@@ -317,19 +281,6 @@ describe('Post /groups/:groupId/invite', () => {
        });
    });
    it('fakes sending invite when inviter is shadow muted', async () => {
      const inviterMuted = await inviter.updateOne({ 'flags.chatShadowMuted': true });
      const res = await inviterMuted.post(`/groups/${group._id}/invite`, {
        emails: [testInvite],
        inviter: 'inviter name',
      });
      const updatedUser = await inviterMuted.sync();
      expect(res).to.exist;
      expect(updatedUser.invitesSent).to.eql(1);
    });
    it('returns an error when invite is missing an email', async () => {
      await expect(inviter.post(`/groups/${group._id}/invite`, {
        emails: [{ name: 'test' }],
@@ -454,19 +405,6 @@ describe('Post /groups/:groupId/invite', () => {
        });
    });
    it('fakes sending an invite if user is shadow muted', async () => {
      const inviterMuted = await inviter.updateOne({ 'flags.chatShadowMuted': true });
      const newUser = await generateUser();
      const invite = await inviterMuted.post(`/groups/${group._id}/invite`, {
        uuids: [newUser._id],
        emails: [{ name: 'test', email: 'test@habitica.com' }],
      });
      const invitedUser = await newUser.get('/user');
      expect(invitedUser.invitations.parties[0]).to.not.exist;
      expect(invite).to.exist;
    });
    it('invites users to a group by uuid and email', async () => {
      const newUser = await generateUser();
      const invite = await inviter.post(`/groups/${group._id}/invite`, {
@@ -10,7 +10,6 @@ describe('GET /heroes/:heroId', () => {
  const heroFields = [
    '_id', 'id', 'auth', 'balance', 'contributor', 'flags', 'items',
    'lastCron', 'party', 'preferences', 'profile', 'purchased', 'secret', 'achievements',
    'stats',
  ];
  before(async () => {
@@ -11,7 +11,6 @@ describe('PUT /heroes/:heroId', () => {
  const heroFields = [
    '_id', 'auth', 'balance', 'contributor', 'flags', 'items', 'lastCron',
    'party', 'preferences', 'profile', 'purchased', 'secret', 'permissions', 'achievements',
    'stats',
  ];
  before(async () => {
@@ -61,12 +60,12 @@ describe('PUT /heroes/:heroId', () => {
    expect(heroRes.profile).to.have.all.keys(['name']);
    // test response values
-    expect(heroRes.balance).to.equal(3 + 2.5); // 3+2.5 for first contrib level
+    expect(heroRes.balance).to.equal(3 + 0.75); // 3+0.75 for first contrib level
    expect(heroRes.contributor.level).to.equal(1);
    expect(heroRes.purchased.ads).to.equal(true);
    // test hero values
    await hero.sync();
-    expect(hero.balance).to.equal(3 + 2.5); // 3+2.5 for first contrib level
+    expect(hero.balance).to.equal(3 + 0.75); // 3+0.75 for first contrib level
    expect(hero.contributor.level).to.equal(1);
    expect(hero.purchased.ads).to.equal(true);
    expect(hero.auth.blocked).to.equal(prevBlockState);
@@ -137,12 +136,12 @@ describe('PUT /heroes/:heroId', () => {
    expect(heroRes.profile).to.have.all.keys(['name']);
    // test response values
-    expect(heroRes.balance).to.equal(15); // 0+15 for sixth contrib level
+    expect(heroRes.balance).to.equal(1); // 0+1 for sixth contrib level
    expect(heroRes.contributor.level).to.equal(6);
    expect(heroRes.items.pets['Dragon-Hydra']).to.equal(5);
    // test hero values
    await hero.sync();
-    expect(hero.balance).to.equal(15); // 0+15 for sixth contrib level
+    expect(hero.balance).to.equal(1); // 0+1 for sixth contrib level
    expect(hero.contributor.level).to.equal(6);
    expect(hero.items.pets['Dragon-Hydra']).to.equal(5);
  });
@@ -47,7 +47,7 @@ describe('GET /inbox/messages', () => {
  it('returns four messages when using page-query ', async () => {
    const promises = [];
-    for (let i = 0; i < 50; i += 1) {
+    for (let i = 0; i < 10; i += 1) {
      promises.push(user.post('/members/send-private-message', {
        toUserId: user.id,
        message: 'fourth',
@@ -43,7 +43,7 @@ describe('POST /members/send-private-message', () => {
    });
  });
-  it('returns error when recipient has blocked the sender', async () => {
+  it('returns error when to user has blocked the sender', async () => {
    const receiver = await generateUser({ 'inbox.blocks': [userToSendMessage._id] });
    await expect(userToSendMessage.post('/members/send-private-message', {
@@ -56,7 +56,7 @@ describe('POST /members/send-private-message', () => {
    });
  });
-  it('returns error when sender has blocked recipient', async () => {
+  it('returns error when sender has blocked to user', async () => {
    const receiver = await generateUser();
    const sender = await generateUser({ 'inbox.blocks': [receiver._id] });
@@ -70,7 +70,7 @@ describe('POST /members/send-private-message', () => {
    });
  });
-  it('returns error when recipient has opted out of messaging', async () => {
+  it('returns error when to user has opted out of messaging', async () => {
    const receiver = await generateUser({ 'inbox.optOut': true });
    await expect(userToSendMessage.post('/members/send-private-message', {
@@ -174,7 +174,7 @@ describe('POST /members/send-private-message', () => {
    expect(notification.data.excerpt).to.equal(messageExcerpt);
  });
-  it('allows admin to send when recipient has blocked the admin', async () => {
+  it('allows admin to send when sender has blocked the admin', async () => {
    userToSendMessage = await generateUser({
      'permissions.moderator': true,
    });
@@ -202,7 +202,7 @@ describe('POST /members/send-private-message', () => {
    expect(sendersMessageInSendersInbox).to.exist;
  });
-  it('allows admin to send when recipient has opted out of messaging', async () => {
+  it('allows admin to send when to user has opted out of messaging', async () => {
    userToSendMessage = await generateUser({
      'permissions.moderator': true,
    });
@@ -229,58 +229,4 @@ describe('POST /members/send-private-message', () => {
    expect(sendersMessageInReceiversInbox).to.exist;
    expect(sendersMessageInSendersInbox).to.exist;
  });
  describe('sender is shadow muted', () => {
    beforeEach(async () => {
      userToSendMessage = await generateUser({
        'flags.chatShadowMuted': true,
      });
    });
    it('does not save the message in the receiver inbox', async () => {
      const receiver = await generateUser();
      const response = await userToSendMessage.post('/members/send-private-message', {
        message: messageToSend,
        toUserId: receiver._id,
      });
      expect(response.message.uuid).to.equal(receiver._id);
      const updatedReceiver = await receiver.get('/user');
      const updatedSender = await userToSendMessage.get('/user');
      const sendersMessageInReceiversInbox = _.find(
        updatedReceiver.inbox.messages,
        message => message.uuid === userToSendMessage._id && message.text === messageToSend,
      );
      const sendersMessageInSendersInbox = _.find(
        updatedSender.inbox.messages,
        message => message.uuid === receiver._id && message.text === messageToSend,
      );
      expect(sendersMessageInReceiversInbox).to.not.exist;
      expect(sendersMessageInSendersInbox).to.exist;
    });
    it('does not save the message message twice if recipient is sender', async () => {
      const response = await userToSendMessage.post('/members/send-private-message', {
        message: messageToSend,
        toUserId: userToSendMessage._id,
      });
      expect(response.message.uuid).to.equal(userToSendMessage._id);
      const updatedSender = await userToSendMessage.get('/user');
      const sendersMessageInSendersInbox = _.find(
        updatedSender.inbox.messages,
        message => message.uuid === userToSendMessage._id && message.text === messageToSend,
      );
      expect(sendersMessageInSendersInbox).to.exist;
      expect(Object.keys(updatedSender.inbox.messages).length).to.equal(1);
    });
  });
 });
@@ -19,7 +19,7 @@ describe('GET /members/username/:username', () => {
    });
  });
-  it('returns a member\'s public data only', async () => {
+  it('returns a member public data only', async () => {
    // make sure user has all the fields that can be returned by the getMember call
    const member = await generateUser({
      contributor: { level: 1 },
@@ -91,23 +91,6 @@ describe('POST /groups/:groupId/quests/accept', () => {
      expect(partyMembers[0].party.quest.RSVPNeeded).to.be.false;
    });
    it('heals stuck RSVPNeeded when group already has the user accepted', async () => {
      await leader.post(`/groups/${questingGroup._id}/quests/invite/${PET_QUEST}`);
      await partyMembers[0].post(`/groups/${questingGroup._id}/quests/accept`);
      await partyMembers[0].updateOne({ 'party.quest.RSVPNeeded': true });
      await partyMembers[0].sync();
      expect(partyMembers[0].party.quest.RSVPNeeded).to.be.true;
      const res = await partyMembers[0].post(`/groups/${questingGroup._id}/quests/accept`);
      expect(res).to.exist;
      await partyMembers[0].sync();
      await questingGroup.sync();
      expect(partyMembers[0].party.quest.RSVPNeeded).to.equal(false);
      expect(questingGroup.quest.members[partyMembers[0]._id]).to.equal(true);
    });
    it('does not accept invite for a quest already underway', async () => {
      await leader.post(`/groups/${questingGroup._id}/quests/invite/${PET_QUEST}`);
      await partyMembers[0].post(`/groups/${questingGroup._id}/quests/accept`);
@@ -100,23 +100,6 @@ describe('POST /groups/:groupId/quests/reject', () => {
      expect(partyMembers[0].party.quest.RSVPNeeded).to.be.false;
    });
    it('heals stuck RSVPNeeded when group already has the user rejected', async () => {
      await leader.post(`/groups/${questingGroup._id}/quests/invite/${PET_QUEST}`);
      await partyMembers[0].post(`/groups/${questingGroup._id}/quests/reject`);
      await partyMembers[0].updateOne({ 'party.quest.RSVPNeeded': true });
      await partyMembers[0].sync();
      expect(partyMembers[0].party.quest.RSVPNeeded).to.be.true;
      const res = await partyMembers[0].post(`/groups/${questingGroup._id}/quests/reject`);
      expect(res).to.exist;
      await partyMembers[0].sync();
      await questingGroup.sync();
      expect(partyMembers[0].party.quest.RSVPNeeded).to.equal(false);
      expect(questingGroup.quest.members[partyMembers[0]._id]).to.equal(false);
    });
    it('return an error when a user rejects an invite already accepted', async () => {
      await leader.post(`/groups/${questingGroup._id}/quests/invite/${PET_QUEST}`);
      await partyMembers[0].post(`/groups/${questingGroup._id}/quests/accept`);
@@ -101,6 +101,34 @@ describe('GET /tasks/user', () => {
    expect(allCompletedTodos[allCompletedTodos.length - 1].text).to.equal('todo to complete 2');
  });
  it('returns only some completed todos if req.query.type is "completedTodos" or "_allCompletedTodos"', async () => {
    const LIMIT = 30;
    const numberOfTodos = LIMIT + 1;
    const todosInput = [];
    for (let i = 0; i < numberOfTodos; i += 1) {
      todosInput[i] = { text: `todo to complete ${i}`, type: 'todo' };
    }
    const todos = await user.post('/tasks/user', todosInput);
    await user.sync();
    const initialTodoCount = user.tasksOrder.todos.length;
    for (let i = 0; i < numberOfTodos; i += 1) {
      const id = todos[i]._id;
      await user.post(`/tasks/${id}/score/up`); // eslint-disable-line no-await-in-loop
    }
    await user.sync();
    expect(user.tasksOrder.todos.length).to.equal(initialTodoCount - numberOfTodos);
    const completedTodos = await user.get('/tasks/user?type=completedTodos');
    expect(completedTodos.length).to.equal(LIMIT);
    const allCompletedTodos = await user.get('/tasks/user?type=_allCompletedTodos');
    expect(allCompletedTodos.length).to.equal(numberOfTodos);
  });
  it('returns dailies with isDue for the date specified', async () => {
    // @TODO Add required format
    const startDate = moment().subtract('1', 'days').toISOString();
@@ -1,6 +1,7 @@
 import {
  generateUser,
 } from '../../../../helpers/api-integration/v3';
 import { mockAnalyticsService as analytics } from '../../../../../website/server/libs/analyticsService';
 describe('POST /user/sleep', () => {
  let user;
@@ -22,4 +23,15 @@ describe('POST /user/sleep', () => {
    await user.sync();
    expect(user.preferences.sleep).to.be.false;
  });
  it('sends sleep status to analytics service', async () => {
    sandbox.spy(analytics, 'track');
    await user.post('/user/sleep');
    await user.sync();
    expect(analytics.track).to.be.calledOnce;
    expect(analytics.track).to.be.calledWith('sleep', sandbox.match.has('status', user.preferences.sleep));
    sandbox.restore();
  });
 });
@@ -25,7 +25,7 @@ describe('GET /user/auth/apple', () => {
  });
  it('registers a new user', async () => {
-    const response = await api.get(`${appleEndpoint}?allowRegister=true`);
+    const response = await api.get(appleEndpoint);
    expect(response.apiToken).to.exist;
    expect(response.id).to.exist;
@@ -35,7 +35,7 @@ describe('GET /user/auth/apple', () => {
  });
  it('logs an existing user in', async () => {
-    const registerResponse = await api.get(`${appleEndpoint}?allowRegister=true`);
+    const registerResponse = await api.get(appleEndpoint);
    const response = await api.get(appleEndpoint);
@@ -238,28 +238,6 @@ describe('POST /user/auth/reset-password-set-new-one', () => {
    expect(isPassValid).to.equal(true);
  });
  it('changes the apiToken on password reset', async () => {
    const user = await generateUser();
    const previousToken = user.apiToken;
    const code = encrypt(JSON.stringify({
      userId: user._id,
      expiresAt: moment().add({ days: 1 }),
    }));
    await user.updateOne({
      'auth.local.passwordResetCode': code,
    });
    await api.post(`${endpoint}`, {
      newPassword: 'my new password',
      confirmPassword: 'my new password',
      code,
    });
    await user.sync();
    expect(user.apiToken).to.not.eql(previousToken);
  });
  it('renders the success page and convert the password from sha1 to bcrypt', async () => {
    const user = await generateUser();
@@ -44,7 +44,7 @@ describe('POST /user/auth/local/login', () => {
    })).to.eventually.be.rejected.and.eql({
      code: 401,
      error: 'NotAuthorized',
-      message: t('accountSuspended', { communityManagerEmail: nconf.get('EMAILS_COMMUNITY_MANAGER_EMAIL'), userId: user._id, username: user.auth.local.username }),
+      message: t('accountSuspended', { communityManagerEmail: nconf.get('EMAILS_COMMUNITY_MANAGER_EMAIL'), userId: user._id }),
    });
  });
@@ -110,18 +110,6 @@ describe('POST /user/auth/local/login', () => {
    expect(isValidPassword).to.equal(true);
  });
  it('sets auth.timestamps.updated', async () => {
    const oldUpdated = new Date(user.auth.timestamps.updated);
    // login
    await api.post(endpoint, {
      username: user.auth.local.email,
      password,
    });
    await user.sync();
    expect(user.auth.timestamps.updated).to.be.greaterThan(oldUpdated);
  });
  it('user uses social authentication and has no password', async () => {
    await user.unset({
      'auth.local.hashed_password': 1,
@@ -9,7 +9,6 @@ import {
 } from '../../../../../helpers/api-integration/v3';
 import { ApiUser } from '../../../../../helpers/api-integration/api-classes';
 import { encrypt } from '../../../../../../website/server/libs/encryption';
 import { RegistrationEventModel } from '../../../../../../website/server/models/analytics/registrationEvent';
 function generateRandomUserName () {
  return (Date.now() + uuid()).substring(0, 20);
@@ -42,25 +41,6 @@ describe('POST /user/auth/local/register', () => {
      expect(user.newUser).to.eql(true);
    });
    it('tracks a registration event', async () => {
      const username = generateRandomUserName();
      const email = `${username}@example.com`;
      const password = 'password';
      const user = await api.post('/user/auth/local/register', {
        username,
        email,
        password,
        confirmPassword: password,
      });
      const registrationEvent = await RegistrationEventModel.findOne({ userId: user._id });
      expect(registrationEvent).to.exist;
      expect(registrationEvent).to.have.property('userId', user._id);
      expect(registrationEvent).to.have.property('ipAddress');
      expect(registrationEvent).to.have.property('authenticationMethod', 'local');
    });
    it('registers a new user and sets verifiedUsername to true', async () => {
      const username = generateRandomUserName();
      const email = `${username}@example.com`;
@@ -6,8 +6,6 @@ import {
  translate as t,
  getProperty,
 } from '../../../../../helpers/api-integration/v3';
 import apiErrorMessages from '../../../../../../website/common/script/errors/apiErrorMessages';
 import { RegistrationEventModel } from '../../../../../../website/server/models/analytics/registrationEvent';
 describe('POST /user/auth/social', () => {
  let api;
@@ -66,77 +64,6 @@ describe('POST /user/auth/social', () => {
      await expect(getProperty('users', response.id, 'profile.name')).to.eventually.equal('a google user');
    });
    it('tracks a registration event', async () => {
      const socialUser = await api.post(endpoint, {
        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
        network,
      });
      const registrationEvent = await RegistrationEventModel.findOne({ userId: socialUser.id });
      expect(registrationEvent).to.exist;
      expect(registrationEvent).to.have.property('userId', socialUser.id);
      expect(registrationEvent).to.have.property('ipAddress');
      expect(registrationEvent).to.have.property('authenticationMethod', 'google');
    });
    it('includes sanitized version of provided username', async () => {
      const response = await api.post(endpoint, {
        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
        network,
        username: 'Google User Name',
      });
      await expect(getProperty('users', response.id, 'auth.local.username')).to.eventually.equal('GoogleUserName');
      await expect(getProperty('users', response.id, 'auth.local.lowerCaseUsername')).to.eventually.equal('googleusername');
    });
    it('generates a random username if provided username contains only disallowed characters', async () => {
      const response = await api.post(endpoint, {
        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
        network,
        username: 'Áîüè',
      });
      await expect(getProperty('users', response.id, 'auth.local.username')).to.eventually.contain('hb-');
      await expect(getProperty('users', response.id, 'auth.local.lowerCaseUsername')).to.eventually.contain('hb-');
    });
    it('generates a random username if provided username contains a disallowed word', async () => {
      const response = await api.post(endpoint, {
        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
        network,
        username: 'i am a TESTPLACEHOLDERSLURWORDHERE',
      });
      await expect(getProperty('users', response.id, 'auth.local.username')).to.eventually.contain('hb-');
      await expect(getProperty('users', response.id, 'auth.local.lowerCaseUsername')).to.eventually.contain('hb-');
    });
    it('generates a random username if sanitized username conflicts with an extant user', async () => {
      user = await generateUser({ 'auth.local.username': 'GoogleUserName' });
      const response = await api.post(endpoint, {
        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
        network,
        username: 'Google User Name',
      });
      await expect(getProperty('users', response.id, 'auth.local.username')).to.eventually.contain('hb-');
      await expect(getProperty('users', response.id, 'auth.local.lowerCaseUsername')).to.eventually.contain('hb-');
    });
    it('fails if allowRegister is false and user does not exist', async () => {
      await expect(api.post(endpoint, {
        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
        network,
        allowRegister: false,
      })).to.eventually.be.rejected.and.eql({
        code: 404,
        error: 'NotFound',
        message: `${apiErrorMessages.socialFlowUserNotFound} ${user.auth.local.username}+google@example.com`,
      });
    });
    it('logs an existing user in', async () => {
      const registerResponse = await api.post(endpoint, {
        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
@@ -204,36 +131,6 @@ describe('POST /user/auth/social', () => {
      expect(response.newUser).to.be.false;
    });
    it('logs an existing user into their social account if allowRegister is false', async () => {
      const registerResponse = await api.post(endpoint, {
        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
        network,
      });
      expect(registerResponse.newUser).to.be.true;
      // This is important for existing accounts before the new social handling
      passport._strategies.google.userProfile.restore();
      const expectedResult = {
        id: randomGoogleId,
        displayName: 'a google user',
        emails: [
          { value: user.auth.local.email },
        ],
      };
      sandbox.stub(passport._strategies.google, 'userProfile').yields(null, expectedResult);
      const response = await api.post(endpoint, {
        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
        network,
        allowRegister: false,
      });
      expect(response.apiToken).to.eql(registerResponse.apiToken);
      expect(response.id).to.eql(registerResponse.id);
      expect(response.apiToken).not.to.eql(user.apiToken);
      expect(response.id).not.to.eql(user._id);
      expect(response.newUser).to.be.false;
    });
    it('add social auth to an existing user', async () => {
      const response = await user.post(endpoint, {
        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
@@ -245,17 +142,6 @@ describe('POST /user/auth/social', () => {
      expect(response.newUser).to.be.false;
    });
    it('does not track a registration event for existing users', async () => {
      const beforeEvents = await RegistrationEventModel.find({ userId: user._id });
      await user.post(endpoint, {
        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
        network,
      });
      const registrationEvents = await RegistrationEventModel.find({ userId: user._id });
      expect(registrationEvents).to.have.lengthOf(beforeEvents.length);
    });
    it('does not log into other account if social auth already exists', async () => {
      const registerResponse = await api.post(endpoint, {
        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
@@ -281,24 +167,5 @@ describe('POST /user/auth/social', () => {
      await expect(getProperty('users', user._id, '_ABtests')).to.eventually.be.a('object');
    });
    it('sets auth.timestamps.updated', async () => {
      let oldUpdated = new Date(user.auth.timestamps.updated);
      await user.post(endpoint, {
        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
        network,
      });
      await user.sync();
      expect(user.auth.timestamps.updated).to.be.greaterThan(oldUpdated);
      oldUpdated = new Date(user.auth.timestamps.updated);
      // Do it again to ensure it updates even when nothing else changes
      await api.post(endpoint, {
        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
        network,
      });
      await user.sync();
      expect(user.auth.timestamps.updated).to.be.greaterThan(oldUpdated);
    });
  });
 });
@@ -27,30 +27,11 @@ describe('PUT /user/auth/update-password', async () => {
      newPassword,
      confirmPassword: newPassword,
    });
-
+    expect(response).to.eql({});
    expect(response).to.exist;
    expect(response.apiToken).to.exist;
    await user.sync();
    expect(user.auth.local.hashed_password).to.not.eql(previousHashedPassword);
  });
  it('should change the apiToken on password change', async () => {
    const previousToken = user.apiToken;
    const response = await user.put(ENDPOINT, {
      password,
      newPassword,
      confirmPassword: newPassword,
    });
    const newToken = response.apiToken;
    expect(newToken).to.exist;
    await user.sync();
    expect(user.apiToken).to.eql(newToken);
    expect(user.apiToken).to.not.eql(previousToken);
  });
  it('returns an error when confirmPassword does not match newPassword', async () => {
    await expect(user.put(ENDPOINT, {
      password,
@@ -66,7 +66,7 @@ describe('GET /inbox/conversations', () => {
  it('returns five messages when using page-query ', async () => {
    const promises = [];
-    for (let i = 0; i < 50; i += 1) {
+    for (let i = 0; i < 10; i += 1) {
      promises.push(user.post('/members/send-private-message', {
        toUserId: user.id,
        message: 'fourth',
@@ -26,7 +26,7 @@ describe('POST /inbox/like-private-message/:messageId', () => {
    userToSendMessage = await generateUser();
  });
-  it('returns an error when private message is not found', async () => {
+  it('Returns an error when private message is not found', async () => {
    await expect(userToSendMessage.post(getLikeUrl('some-unknown-id')))
      .to.eventually.be.rejected.and.eql({
        code: 404,
@@ -35,7 +35,7 @@ describe('POST /inbox/like-private-message/:messageId', () => {
      });
  });
-  it('likes a message', async () => {
+  it('Likes a message', async () => {
    const receiver = await generateUser();
    const sentMessageResult = await userToSendMessage.post('/members/send-private-message', {
@@ -57,7 +57,7 @@ describe('POST /inbox/like-private-message/:messageId', () => {
    expectMessagesLikeStatus(receiversMessages, uniqueMessageId, receiver._id, true);
  });
-  it('allows a user to like their own private message', async () => {
+  it('Allows to likes their own private message', async () => {
    const receiver = await generateUser();
    const sentMessageResult = await userToSendMessage.post('/members/send-private-message', {
@@ -78,7 +78,7 @@ describe('POST /inbox/like-private-message/:messageId', () => {
    expectMessagesLikeStatus(receiversMessages, uniqueMessageId, userToSendMessage._id, true);
  });
-  it('unlikes a message', async () => {
+  it('Unlikes a message', async () => {
    const receiver = await generateUser();
    const sentMessageResult = await userToSendMessage.post('/members/send-private-message', {
@@ -1,66 +0,0 @@
 import {
  translate as t,
  requester,
  generateUser,
 } from '../../../../helpers/api-integration/v4';
 const ENDPOINT = '/user/auth/check-email';
 describe('POST /user/auth/check-email', () => {
  const email = 'SOmE-nEw-emAIl_2@example.net';
  let api;
  beforeEach(async () => {
    api = requester();
  });
  it('returns email if it is not used yet', async () => {
    const response = await api.post(ENDPOINT, {
      email,
    });
    expect(response.email).to.eql(email);
    expect(response.valid).to.be.true;
  });
  it('rejects if email is not provided', async () => {
    await expect(api.post(ENDPOINT, {
    })).to.eventually.be.rejected.and.eql({
      code: 400,
      error: 'BadRequest',
      message: 'Invalid request parameters.',
    });
  });
  it('rejects if email is already taken', async () => {
    const user = await generateUser();
    const response = await api.post(ENDPOINT, {
      email: user.auth.local.email,
    });
    expect(response).to.eql({
      valid: false,
      email: user.auth.local.email,
      error: t('cannotFulfillReq'),
    });
  });
  it('rejects if casing is different', async () => {
    const user = await generateUser();
    const response = await api.post(ENDPOINT, {
      email: user.auth.local.email.toUpperCase(),
    });
    expect(response).to.eql({
      valid: false,
      email: user.auth.local.email.toUpperCase(),
      error: t('cannotFulfillReq'),
    });
  });
  it('rejects if email uses restricted domain', async () => {
    const response = await api.post(ENDPOINT, {
      email: 'fake@habitica.com',
    });
    expect(response.valid).to.be.false;
  });
 });
@@ -1,67 +0,0 @@
 import md from 'habitica-markdown';
 describe('habiticaMarkdown emoji plugin', () => {
  it('renders standard emoji as Unicode', () => {
    const result = md.render(':smile:');
    expect(result).to.include('😄');
    expect(result).not.to.include('img');
  });
  it('renders thumbsup emoji as Unicode', () => {
    const result = md.render(':thumbsup:');
    expect(result).to.include('👍');
  });
  it('renders +1 emoji as Unicode', () => {
    const result = md.render(':+1:');
    expect(result).to.include('👍');
  });
  it('renders melior as an img tag', () => {
    const result = md.render(':melior:');
    expect(result).to.include('<img class="habitica-emoji"');
    expect(result).to.include('src="https://s3.amazonaws.com/habitica-assets/cdn/emoji/melior.png"');
    expect(result).to.include('alt="melior"');
  });
  it('does NOT convert emoji inside markdown links', () => {
    const result = md.render('[:smile: link](http://example.com)');
    expect(result).to.include(':smile: link');
    expect(result).not.to.include('😄');
  });
  it('converts emoji outside of links normally', () => {
    const result = md.render(':smile: [link](http://example.com)');
    expect(result).to.include('😄');
    expect(result).to.include('link');
  });
  it('leaves removed custom emoji (bowtie) as literal text', () => {
    const result = md.render(':bowtie:');
    expect(result).to.include(':bowtie:');
    expect(result).not.to.include('img');
  });
  it('leaves unknown shortcodes as literal text', () => {
    const result = md.render(':nonexistent_emoji_xyz:');
    expect(result).to.include(':nonexistent_emoji_xyz:');
  });
  it('renders new emoji not in the old dataset', () => {
    const result = md.render(':yawning_face:');
    expect(result).to.include('🥱');
  });
  it('supports unsafeHTMLRender', () => {
    const result = md.unsafeHTMLRender('<b>bold</b> :smile:');
    expect(result).to.include('<b>bold</b>');
    expect(result).to.include('😄');
  });
  it('supports renderWithMentions', () => {
    const result = md.renderWithMentions(':smile: @testuser', { userName: 'testuser' });
    expect(result).to.include('😄');
    expect(result).to.include('at-text');
    expect(result).to.include('at-highlight');
  });
 });
@@ -13,6 +13,7 @@ import { errorMessage } from '../../../../website/common/script/libs/errorMessag
 describe('shared.ops.buy', () => {
  let user;
  const analytics = { track () {} };
  beforeEach(() => {
    user = generateUser({
@@ -31,6 +32,12 @@ describe('shared.ops.buy', () => {
        },
      },
    });
    sinon.stub(analytics, 'track');
  });
  afterEach(() => {
    analytics.track.restore();
  });
  it('returns error when key is not provided', async () => {
@@ -44,8 +51,10 @@ describe('shared.ops.buy', () => {
  it('buys health potion', async () => {
    user.stats.hp = 30;
-    await buy(user, { params: { key: 'potion' } });
+    await buy(user, { params: { key: 'potion' } }, analytics);
    expect(user.stats.hp).to.eql(45);
    expect(analytics.track).to.be.calledOnce;
  });
  it('adds equipment to inventory', async () => {
@@ -29,9 +29,10 @@ describe('shared.ops.buyArmoire', () => {
  const YIELD_EQUIPMENT = 0.5;
  const YIELD_FOOD = 0.7;
  const YIELD_EXP = 0.9;
  const analytics = { track () {} };
-  async function buyArmoire (_user, _req) {
+  async function buyArmoire (_user, _req, _analytics) {
-    const buyOp = new BuyArmoireOperation(_user, _req);
+    const buyOp = new BuyArmoireOperation(_user, _req, _analytics);
    return buyOp.purchase();
  }
@@ -49,10 +50,12 @@ describe('shared.ops.buyArmoire', () => {
    user.items.food = {};
    sandbox.stub(randomValFns, 'trueRandom');
    sinon.stub(analytics, 'track');
  });
  afterEach(() => {
    randomValFns.trueRandom.restore();
    analytics.track.restore();
  });
  context('failure conditions', () => {
@@ -144,7 +147,7 @@ describe('shared.ops.buyArmoire', () => {
      expect(_.size(user.items.gear.owned)).to.equal(2);
-      await buyArmoire(user, {});
+      await buyArmoire(user, {}, analytics);
      expect(_.size(user.items.gear.owned)).to.equal(3);
@@ -152,6 +155,7 @@ describe('shared.ops.buyArmoire', () => {
      expect(armoireCount).to.eql(_.size(getFullArmoire()) - 2);
      expect(user.stats.gp).to.eql(100);
      expect(analytics.track).to.be.calledTwice;
    });
  });
 });
@@ -1,5 +1,6 @@
 /* eslint-disable camelcase */
 import sinon from 'sinon'; // eslint-disable-line no-shadow
 import {
  generateUser,
 } from '../../../helpers/common.helper';
@@ -10,14 +11,15 @@ import i18n from '../../../../website/common/script/i18n';
 import { BuyGemOperation } from '../../../../website/common/script/ops/buy/buyGem';
 import planGemLimits from '../../../../website/common/script/libs/planGemLimits';
-async function buyGem (user, req) {
+async function buyGem (user, req, analytics) {
-  const buyOp = new BuyGemOperation(user, req);
+  const buyOp = new BuyGemOperation(user, req, analytics);
  return buyOp.purchase();
 }
 describe('shared.ops.buyGem', () => {
  let user;
  const analytics = { track () {} };
  const goldPoints = 40;
  const gemsBought = 40;
  const userGemAmount = 10;
@@ -33,16 +35,23 @@ describe('shared.ops.buyGem', () => {
        },
      },
    });
    sinon.stub(analytics, 'track');
  });
  afterEach(() => {
    analytics.track.restore();
  });
  context('Gems', () => {
    it('purchases gems', async () => {
-      const [, message] = await buyGem(user, { params: { type: 'gems', key: 'gem' } });
+      const [, message] = await buyGem(user, { params: { type: 'gems', key: 'gem' } }, analytics);
      expect(message).to.equal(i18n.t('plusGem', { count: 1 }));
      expect(user.balance).to.equal(userGemAmount + 0.25);
      expect(user.purchased.plan.gemsBought).to.equal(1);
      expect(user.stats.gp).to.equal(goldPoints - planGemLimits.convRate);
      expect(analytics.track).to.be.calledOnce;
    });
    it('purchases gems with a different language than the default', async () => {
@@ -10,9 +10,10 @@ import i18n from '../../../../website/common/script/i18n';
 describe('shared.ops.buyHealthPotion', () => {
  let user;
  const analytics = { track () {} };
-  async function buyHealthPotion (_user, _req) {
+  async function buyHealthPotion (_user, _req, _analytics) {
-    const buyOp = new BuyHealthPotionOperation(_user, _req);
+    const buyOp = new BuyHealthPotionOperation(_user, _req, _analytics);
    return buyOp.purchase();
  }
@@ -31,13 +32,19 @@ describe('shared.ops.buyHealthPotion', () => {
      },
      stats: { gp: 200 },
    });
    sinon.stub(analytics, 'track');
  });
  afterEach(() => {
    analytics.track.restore();
  });
  context('Potion', () => {
    it('recovers 15 hp', async () => {
      user.stats.hp = 30;
-      await buyHealthPotion(user, {});
+      await buyHealthPotion(user, {}, analytics);
      expect(user.stats.hp).to.eql(45);
      expect(analytics.track).to.be.calledOnce;
    });
    it('does not increase hp above 50', async () => {
@@ -13,14 +13,15 @@ import {
 import i18n from '../../../../website/common/script/i18n';
 import { errorMessage } from '../../../../website/common/script/libs/errorMessage';
-async function buyGear (user, req) {
+async function buyGear (user, req, analytics) {
-  const buyOp = new BuyMarketGearOperation(user, req);
+  const buyOp = new BuyMarketGearOperation(user, req, analytics);
  return buyOp.purchase();
 }
 describe('shared.ops.buyMarketGear', () => {
  let user;
  const analytics = { track () {} };
  let clock;
  beforeEach(() => {
@@ -46,12 +47,14 @@ describe('shared.ops.buyMarketGear', () => {
    sinon.stub(shared, 'randomVal');
    sinon.stub(shared.onboarding, 'checkOnboardingStatus');
    sinon.stub(shared.fns, 'predictableRandom');
    sinon.stub(analytics, 'track');
  });
  afterEach(() => {
    shared.randomVal.restore();
    shared.fns.predictableRandom.restore();
    shared.onboarding.checkOnboardingStatus.restore();
    analytics.track.restore();
    if (clock) {
      clock.restore();
@@ -62,7 +65,7 @@ describe('shared.ops.buyMarketGear', () => {
    it('adds equipment to inventory', async () => {
      user.stats.gp = 31;
-      await buyGear(user, { params: { key: 'armor_warrior_1' } });
+      await buyGear(user, { params: { key: 'armor_warrior_1' } }, analytics);
      expect(user.items.gear.owned).to.eql({
        weapon_warrior_0: true,
@@ -89,12 +92,13 @@ describe('shared.ops.buyMarketGear', () => {
        eyewear_special_whiteHalfMoon: true,
        eyewear_special_yellowHalfMoon: true,
      });
      expect(analytics.track).to.be.calledOnce;
    });
    it('adds the onboarding achievement to the user and checks the onboarding status', async () => {
      user.stats.gp = 31;
-      await buyGear(user, { params: { key: 'armor_warrior_1' } });
+      await buyGear(user, { params: { key: 'armor_warrior_1' } }, analytics);
      expect(user.addAchievement).to.be.calledOnce;
      expect(user.addAchievement).to.be.calledWith('purchasedEquipment');
@@ -107,7 +111,7 @@ describe('shared.ops.buyMarketGear', () => {
      user.stats.gp = 31;
      user.achievements.purchasedEquipment = true;
-      await buyGear(user, { params: { key: 'armor_warrior_1' } });
+      await buyGear(user, { params: { key: 'armor_warrior_1' } }, analytics);
      expect(user.addAchievement).to.not.be.called;
    });
@@ -14,6 +14,7 @@ import { errorMessage } from '../../../../website/common/script/libs/errorMessag
 describe('shared.ops.buyMysterySet', () => {
  let user;
  const analytics = { track () {} };
  let clock;
  beforeEach(() => {
@@ -26,9 +27,11 @@ describe('shared.ops.buyMysterySet', () => {
        },
      },
    });
    sinon.stub(analytics, 'track');
  });
  afterEach(() => {
    analytics.track.restore();
    if (clock) {
      clock.restore();
    }
@@ -90,7 +93,7 @@ describe('shared.ops.buyMysterySet', () => {
    context('successful purchases', () => {
      it('buys Steampunk Accessories Set', async () => {
        user.purchased.plan.consecutive.trinkets = 1;
-        await buyMysterySet(user, { params: { key: '301404' } });
+        await buyMysterySet(user, { params: { key: '301404' } }, analytics);
        expect(user.purchased.plan.consecutive.trinkets).to.eql(0);
        expect(user.items.gear.owned).to.have.property('weapon_warrior_0', true);
@@ -103,7 +106,7 @@ describe('shared.ops.buyMysterySet', () => {
      it('buys mystery set if it is available', async () => {
        clock = sinon.useFakeTimers(new Date('2024-01-16'));
        user.purchased.plan.consecutive.trinkets = 1;
-        await buyMysterySet(user, { params: { key: '201601' } });
+        await buyMysterySet(user, { params: { key: '201601' } }, analytics);
        expect(user.purchased.plan.consecutive.trinkets).to.eql(0);
        expect(user.items.gear.owned).to.have.property('shield_mystery_201601', true);
@@ -12,9 +12,10 @@ describe('shared.ops.buyQuestGems', () => {
  let user;
  let clock;
  const goldPoints = 40;
  const analytics = { track () {} };
-  async function buyQuest (_user, _req) {
+  async function buyQuest (_user, _req, _analytics) {
-    const buyOp = new BuyQuestWithGemOperation(_user, _req);
+    const buyOp = new BuyQuestWithGemOperation(_user, _req, _analytics);
    return buyOp.purchase();
  }
@@ -24,11 +25,13 @@ describe('shared.ops.buyQuestGems', () => {
  });
  beforeEach(() => {
    sinon.stub(analytics, 'track');
    sinon.spy(pinnedGearUtils, 'removeItemByPath');
    clock = sinon.useFakeTimers(new Date('2024-01-16'));
  });
  afterEach(() => {
    analytics.track.restore();
    pinnedGearUtils.removeItemByPath.restore();
    clock.restore();
  });
@@ -12,15 +12,21 @@ import { errorMessage } from '../../../../website/common/script/libs/errorMessag
 describe('shared.ops.buyQuest', () => {
  let user;
  const analytics = { track () {} };
-  async function buyQuest (_user, _req) {
+  async function buyQuest (_user, _req, _analytics) {
-    const buyOp = new BuyQuestWithGoldOperation(_user, _req);
+    const buyOp = new BuyQuestWithGoldOperation(_user, _req, _analytics);
    return buyOp.purchase();
  }
  beforeEach(() => {
    user = generateUser();
    sinon.stub(analytics, 'track');
  });
  afterEach(() => {
    analytics.track.restore();
  });
  it('buys a Quest scroll', async () => {
@@ -29,11 +35,12 @@ describe('shared.ops.buyQuest', () => {
      params: {
        key: 'dilatoryDistress1',
      },
-    });
+    }, analytics);
    expect(user.items.quests).to.eql({
      dilatoryDistress1: 1,
    });
    expect(user.stats.gp).to.equal(5);
    expect(analytics.track).to.be.calledOnce;
  });
  it('if a user\'s count of a quest scroll is negative, it will be reset to 0 before incrementing when they buy a new one.', async () => {
@@ -42,9 +49,10 @@ describe('shared.ops.buyQuest', () => {
    user.items.quests[key] = -1;
    await buyQuest(user, {
      params: { key },
-    });
+    }, analytics);
    expect(user.items.quests[key]).to.equal(1);
    expect(user.stats.gp).to.equal(5);
    expect(analytics.track).to.be.calledOnce;
  });
  it('buys a Quest scroll with the right quantity if a string is passed for quantity', async () => {
@@ -53,13 +61,13 @@ describe('shared.ops.buyQuest', () => {
      params: {
        key: 'dilatoryDistress1',
      },
-    });
+    }, analytics);
    await buyQuest(user, {
      params: {
        key: 'dilatoryDistress1',
      },
      quantity: '3',
-    });
+    }, analytics);
    expect(user.items.quests).to.eql({
      dilatoryDistress1: 4,
@@ -74,7 +82,7 @@ describe('shared.ops.buyQuest', () => {
          key: 'dilatoryDistress1',
        },
        quantity: 'a',
-      });
+      }, analytics);
    } catch (err) {
      expect(err).to.be.an.instanceof(BadRequest);
      expect(err.message).to.equal(i18n.t('invalidQuantity'));
@@ -179,11 +187,12 @@ describe('shared.ops.buyQuest', () => {
      params: {
        key: 'dilatoryDistress3',
      },
-    });
+    }, analytics);
    expect(user.items.quests).to.eql({
      dilatoryDistress3: 1,
    });
    expect(user.stats.gp).to.equal(100);
    expect(analytics.track).to.be.calledOnce;
  });
 });
@@ -14,17 +14,20 @@ import { errorMessage } from '../../../../website/common/script/libs/errorMessag
 describe('shared.ops.buySpecialSpell', () => {
  let user;
  let clock;
  const analytics = { track () {} };
-  async function buySpecialSpell (_user, _req) {
+  async function buySpecialSpell (_user, _req, _analytics) {
-    const buyOp = new BuySpellOperation(_user, _req);
+    const buyOp = new BuySpellOperation(_user, _req, _analytics);
    return buyOp.purchase();
  }
  beforeEach(() => {
    user = generateUser();
    sinon.stub(analytics, 'track');
  });
  afterEach(() => {
    analytics.track.restore();
    if (clock) {
      clock.restore();
    }
@@ -75,7 +78,7 @@ describe('shared.ops.buySpecialSpell', () => {
        params: {
          key: 'thankyou',
        },
-      });
+      }, analytics);
      expect(user.stats.gp).to.equal(1);
      expect(user.items.special.thankyou).to.equal(1);
@@ -86,6 +89,7 @@ describe('shared.ops.buySpecialSpell', () => {
      expect(message).to.equal(i18n.t('messageBought', {
        itemText: item.text(),
      }));
      expect(analytics.track).to.be.calledOnce;
    });
    it('buys a limited card when it is available', async () => {
@@ -97,7 +101,7 @@ describe('shared.ops.buySpecialSpell', () => {
        params: {
          key: 'nye',
        },
-      });
+      }, analytics);
      expect(user.stats.gp).to.equal(1);
      expect(user.items.special.nye).to.equal(1);
@@ -108,6 +112,7 @@ describe('shared.ops.buySpecialSpell', () => {
      expect(message).to.equal(i18n.t('messageBought', {
        itemText: item.text(),
      }));
      expect(analytics.track).to.be.calledOnce;
    });
    it('throws an error if the card is not currently available', async () => {
@@ -135,7 +140,7 @@ describe('shared.ops.buySpecialSpell', () => {
        params: {
          key: 'seafoam',
        },
-      });
+      }, analytics);
      expect(user.stats.gp).to.equal(1);
      expect(user.items.special.seafoam).to.equal(1);
@@ -146,6 +151,7 @@ describe('shared.ops.buySpecialSpell', () => {
      expect(message).to.equal(i18n.t('messageBought', {
        itemText: item.text(),
      }));
      expect(analytics.track).to.be.calledOnce;
    });
    it('throws an error if the spell is not currently available', async () => {
@@ -13,15 +13,21 @@ import { BuyHourglassMountOperation } from '../../../../website/common/script/op
 describe('common.ops.hourglassPurchase', () => {
  let user;
  const analytics = { track () {} };
-  async function buyMount (_user, _req) {
+  async function buyMount (_user, _req, _analytics) {
-    const buyOp = new BuyHourglassMountOperation(_user, _req);
+    const buyOp = new BuyHourglassMountOperation(_user, _req, _analytics);
    return buyOp.purchase();
  }
  beforeEach(() => {
    user = generateUser();
    sinon.stub(analytics, 'track');
  });
  afterEach(() => {
    analytics.track.restore();
  });
  context('failure conditions', () => {
@@ -125,11 +131,12 @@ describe('common.ops.hourglassPurchase', () => {
    it('buys a pet', async () => {
      user.purchased.plan.consecutive.trinkets = 2;
-      const [, message] = await hourglassPurchase(user, { params: { type: 'pets', key: 'MantisShrimp-Base' } });
+      const [, message] = await hourglassPurchase(user, { params: { type: 'pets', key: 'MantisShrimp-Base' } }, analytics);
      expect(message).to.eql(i18n.t('hourglassPurchase'));
      expect(user.purchased.plan.consecutive.trinkets).to.eql(1);
      expect(user.items.pets).to.eql({ 'MantisShrimp-Base': 5 });
      expect(analytics.track).to.be.calledOnce;
    });
    it('buys a mount', async () => {
@@ -17,17 +17,20 @@ describe('shared.ops.purchase', () => {
  let user;
  let clock;
  const goldPoints = 40;
  const analytics = { track () {} };
  before(() => {
    user = generateUser({ 'stats.class': 'rogue' });
  });
  beforeEach(() => {
    sinon.stub(analytics, 'track');
    sinon.spy(pinnedGearUtils, 'removeItemByPath');
    clock = sandbox.useFakeTimers(new Date('2024-01-10'));
  });
  afterEach(() => {
    analytics.track.restore();
    pinnedGearUtils.removeItemByPath.restore();
    clock.restore();
  });
@@ -184,10 +187,11 @@ describe('shared.ops.purchase', () => {
      const type = 'eggs';
      const key = 'Wolf';
-      await purchase(user, { params: { type, key } });
+      await purchase(user, { params: { type, key } }, analytics);
      expect(user.items[type][key]).to.equal(1);
      expect(pinnedGearUtils.removeItemByPath.notCalled).to.equal(true);
      expect(analytics.track).to.be.calledOnce;
    });
    it('purchases hatchingPotions', async () => {
@@ -328,7 +332,7 @@ describe('shared.ops.purchase', () => {
      const key = 'Wolf';
      try {
-        await purchase(user, { params: { type, key }, quantity: 'jamboree' });
+        await purchase(user, { params: { type, key }, quantity: 'jamboree' }, analytics);
      } catch (err) {
        expect(err).to.be.an.instanceof(BadRequest);
        expect(err.message).to.equal(i18n.t('invalidQuantity'));
@@ -341,7 +345,7 @@ describe('shared.ops.purchase', () => {
      user.balance = 10;
      try {
-        await purchase(user, { params: { type, key }, quantity: -2 });
+        await purchase(user, { params: { type, key }, quantity: -2 }, analytics);
      } catch (err) {
        expect(err).to.be.an.instanceof(BadRequest);
        expect(err.message).to.equal(i18n.t('invalidQuantity'));
@@ -354,7 +358,7 @@ describe('shared.ops.purchase', () => {
      user.balance = 10;
      try {
-        await purchase(user, { params: { type, key }, quantity: 2.9 });
+        await purchase(user, { params: { type, key }, quantity: 2.9 }, analytics);
      } catch (err) {
        expect(err).to.be.an.instanceof(BadRequest);
        expect(err.message).to.equal(i18n.t('invalidQuantity'));
@@ -211,32 +211,22 @@ describe('shared.ops.rebirth', () => {
    expect(user.achievements.rebirthLevel).to.equal(2);
  });
-  it('increments rebirth achievements even when level is lower than previous', async () => {
+  it('does not increment rebirth achievements when level is lower than previous', async () => {
    user.stats.lvl = 2;
    user.achievements.rebirths = 1;
    user.achievements.rebirthLevel = 3;
    await rebirth(user);
-    expect(user.achievements.rebirths).to.equal(2);
+    expect(user.achievements.rebirths).to.equal(1);
    expect(user.achievements.rebirthLevel).to.equal(3);
  });
-  it('updates rebirthLevel when current level is higher than previous', async () => {
+  it('always increments rebirth achievements when level is MAX_LEVEL', async () => {
    user.stats.lvl = 5;
    user.achievements.rebirths = 1;
    user.achievements.rebirthLevel = 3;
    await rebirth(user);
    expect(user.achievements.rebirths).to.equal(2);
    expect(user.achievements.rebirthLevel).to.equal(5);
  });
  it('increments rebirth achievements when level is MAX_LEVEL', async () => {
    user.stats.lvl = MAX_LEVEL;
    user.achievements.rebirths = 1;
-    user.achievements.rebirthLevel = MAX_LEVEL;
+    // this value is not actually possible (actually capped at MAX_LEVEL) but makes a good test
    user.achievements.rebirthLevel = MAX_LEVEL + 1;
    await rebirth(user);
@@ -244,10 +234,11 @@ describe('shared.ops.rebirth', () => {
    expect(user.achievements.rebirthLevel).to.equal(MAX_LEVEL);
  });
-  it('increments rebirth achievements when level is greater than MAX_LEVEL', async () => {
+  it('always increments rebirth achievements when level is greater than MAX_LEVEL', async () => {
    user.stats.lvl = MAX_LEVEL + 1;
    user.achievements.rebirths = 1;
-    user.achievements.rebirthLevel = MAX_LEVEL;
+    // this value is not actually possible (actually capped at MAX_LEVEL) but makes a good test
    user.achievements.rebirthLevel = MAX_LEVEL + 2;
    await rebirth(user);
@@ -20,9 +20,6 @@ describe('shared.ops.unlock', () => {
  beforeEach(() => {
    user = generateUser();
    user.balance = usersStartingGems;
    user.pinnedItems.push({ type: 'background', path: 'backgrounds.backgrounds042016.giant_florals' });
    user.pinnedItems.push({ type: 'haircolor', path: 'hair.color.rainbow' });
    user.pinnedItems.push({ type: 'shirt', path: 'shirt.convict' });
    clock = sandbox.useFakeTimers(new Date('2024-04-10'));
  });
@@ -275,7 +272,6 @@ describe('shared.ops.unlock', () => {
  });
  it('unlocks an item (appearance)', async () => {
    expect(user.pinnedItems.findIndex(item => item.type === 'shirt')).to.not.equal(-1);
    const path = unlockPath.split(',')[0];
    const initialShirts = Object.keys(user.purchased.shirt).length;
    const [, message] = await unlock(user, { query: { path } });
@@ -286,12 +282,11 @@ describe('shared.ops.unlock', () => {
    );
    expect(get(user.purchased, path)).to.be.true;
    expect(user.balance).to.equal(usersStartingGems - 0.5);
    expect(user.pinnedItems.findIndex(item => item.type === 'shirt')).to.equal(-1);
  });
  it('unlocks an item (hair color)', async () => {
    user.purchased.hair.color = {};
-    expect(user.pinnedItems.findIndex(item => item.type === 'haircolor')).to.not.equal(-1);
+
    const path = hairUnlockPath.split(',')[0];
    const initialColorHair = Object.keys(user.purchased.hair.color).length;
    const [, message] = await unlock(user, { query: { path } });
@@ -302,7 +297,6 @@ describe('shared.ops.unlock', () => {
    );
    expect(get(user.purchased, path)).to.be.true;
    expect(user.balance).to.equal(usersStartingGems - 0.5);
    expect(user.pinnedItems.findIndex(item => item.type === 'haircolor')).to.equal(-1);
  });
  it('unlocks an item (facial hair)', async () => {
@@ -340,7 +334,6 @@ describe('shared.ops.unlock', () => {
  it('unlocks an item (background)', async () => {
    const initialBackgrounds = Object.keys(user.purchased.background).length;
    expect(user.pinnedItems.findIndex(item => item.type === 'background')).to.not.equal(-1);
    const [, message] = await unlock(user, {
      query: { path: backgroundUnlockPath },
    });
@@ -351,7 +344,6 @@ describe('shared.ops.unlock', () => {
    );
    expect(get(user.purchased, backgroundUnlockPath)).to.be.true;
    expect(user.balance).to.equal(usersStartingGems - 1.75);
    expect(user.pinnedItems.findIndex(item => item.type === 'background')).to.equal(-1);
  });
  it('handles an invalid hair path gracefully', async () => {
@@ -1,41 +0,0 @@
 import { getMatchingSwap, makeSubstitutionMap } from '../../website/common/script/content/constants/aprilFools';
 describe('April Fools', () => {
  describe('getMatchingSwap', () => {
    it('returns Veggie for 2020', () => {
      const swap = getMatchingSwap(new Date('2020-04-01'));
      expect(swap).to.equal('Veggie');
    });
    it('returns Alien for 2026', () => {
      const swap = getMatchingSwap(new Date('2026-04-01'));
      expect(swap).to.equal('Alien');
    });
    it('Cycles through swaps correctly', () => {
      const swap = getMatchingSwap(new Date('2027-04-01'));
      expect(swap).to.equal('Veggie');
    });
  });
  describe('makeSubstitutionMap', () => {
    it('returns correct substitution for Veggie', () => {
      const substitutions = makeSubstitutionMap('Veggie');
      expect(substitutions.pets['Pet-Wolf-']).to.equal('Pet-Wolf-Veggie');
      expect(substitutions.pets['Pet-TigerCub-']).to.equal('Pet-TigerCub-Veggie');
      expect(substitutions.pets['Pet-Yarn-']).to.equal('Pet-BearCub-Veggie');
      expect(substitutions.pets.default).to.equal('Pet-Dragon-Veggie');
      expect(substitutions.pets.noPet).to.equal('Pet-Wolf-Veggie');
      expect(substitutions.pets.noPetIOS).to.equal('Pet-TigerCub-Veggie');
      expect(substitutions.pets.noPetAndroid).to.equal('Pet-Cactus-Veggie');
    });
    it('returns correct substitution for Cryptid', () => {
      const substitutions = makeSubstitutionMap('Cryptid');
      expect(substitutions.pets['Pet-Fox-']).to.equal('Pet-Fox-Cryptid');
      expect(substitutions.pets['Pet-FlyingPig-']).to.equal('Pet-FlyingPig-Cryptid');
      expect(substitutions.pets['Pet-Yarn-']).to.equal('Pet-BearCub-Cryptid');
      expect(substitutions.pets.default).to.equal('Pet-Dragon-Cryptid');
      expect(substitutions.pets.noPet).to.equal('Pet-Wolf-Cryptid');
      expect(substitutions.pets.noPetAndroid).to.equal('Pet-Cactus-Cryptid');
    });
  });
 });
@@ -54,4 +54,19 @@ describe('armoire', () => {
    const febuaryItems = armoire.all;
    expect(febuaryItems.length).to.equal(384);
  });
  it('sets have at least 2 items', () => {
    const setMap = {};
    forEach(armoire.all, item => {
      // Gotta have one outlier
      if (!item.set || item.set.startsWith('armoire-')) return;
      if (setMap[item.set] === undefined) {
        setMap[item.set] = 0;
      }
      setMap[item.set] += 1;
    });
    Object.keys(setMap).forEach(set => {
      expect(setMap[set], set).to.be.at.least(2);
    });
  });
 });
@@ -10,7 +10,7 @@ describe('events', () => {
  });
  it('returns empty array when no events are active', () => {
-    clock = sinon.useFakeTimers(new Date('2024-01-11'));
+    clock = sinon.useFakeTimers(new Date('2024-01-08'));
    const events = getRepeatingEvents();
    expect(events).to.be.empty;
  });
@@ -133,21 +133,21 @@ describe('Content Schedule', () => {
  });
  it('sets the end date for a gala', () => {
-    const date = new Date('2024-05-31');
+    const date = new Date('2024-05-20');
    const matchers = getAllScheduleMatchingGroups(date);
-    expect(matchers.seasonalGear.end).to.eql(moment.utc(`2024-06-01T${String(switchoverTime).padStart(2, '0')}:00:00.000Z`).toDate());
+    expect(matchers.seasonalGear.end).to.eql(moment.utc(`2024-06-21T${String(switchoverTime).padStart(2, '0')}:00:00.000Z`).toDate());
  });
  it('sets the end date for a winter gala', () => {
-    const date = new Date('2025-02-28');
+    const date = new Date('2024-12-22');
    const matchers = getAllScheduleMatchingGroups(date);
-    expect(matchers.seasonalGear.end).to.eql(moment.utc(`2025-03-01T${String(switchoverTime).padStart(2, '0')}:00:00.000Z`).toDate());
+    expect(matchers.seasonalGear.end).to.eql(moment.utc(`2025-03-21T${String(switchoverTime).padStart(2, '0')}:00:00.000Z`).toDate());
  });
  it('sets the end date in new year for a winter gala', () => {
-    const date = new Date('2025-02-28');
+    const date = new Date('2025-01-04');
    const matchers = getAllScheduleMatchingGroups(date);
-    expect(matchers.seasonalGear.end).to.eql(moment.utc(`2025-03-01T${String(switchoverTime).padStart(2, '0')}:00:00.000Z`).toDate());
+    expect(matchers.seasonalGear.end).to.eql(moment.utc(`2025-03-21T${String(switchoverTime).padStart(2, '0')}:00:00.000Z`).toDate());
  });
  it('uses correct date for first hours of the month', () => {
@@ -190,7 +190,7 @@ describe('Content Schedule', () => {
    const date = new Date('2024-04-15');
    const matchers = getAllScheduleMatchingGroups(date);
    expect(matchers.premiumHatchingPotions).to.exist;
-    expect(matchers.premiumHatchingPotions.items.length).to.equal(6);
+    expect(matchers.premiumHatchingPotions.items.length).to.equal(5);
    expect(matchers.premiumHatchingPotions.items.indexOf('Veggie')).to.not.equal(-1);
    expect(matchers.premiumHatchingPotions.items.indexOf('Porcelain')).to.not.equal(-1);
  });
@@ -18,7 +18,7 @@ describe('Shop Featured Items', () => {
    });
    it('contains the current premium hatching potions', () => {
-      clock = Sinon.useFakeTimers(new Date('2024-04-09'));
+      clock = Sinon.useFakeTimers(new Date('2024-04-08'));
      const items = featuredItems.market();
      expect(_.find(items, item => item.path === 'premiumHatchingPotions.Porcelain')).to.exist;
    });
@@ -1,7 +1,12 @@
-import { STRING_DOES_NOT_EXIST_MSG } from '../helpers/content.helper';
+import { STRING_ERROR_MSG, STRING_DOES_NOT_EXIST_MSG } from '../helpers/content.helper';
 import translator from '../../website/common/script/content/translation';
 describe('Translator', () => {
  it('returns error message if string is not properly formatted', () => {
    const improperlyFormattedString = translator('petName', { attr: 0 })();
    expect(improperlyFormattedString).to.match(STRING_ERROR_MSG);
  });
  it('returns an error message if string does not exist', () => {
    const stringDoesNotExist = translator('stringDoesNotExist')();
    expect(stringDoesNotExist).to.match(STRING_DOES_NOT_EXIST_MSG);
@@ -40,6 +40,7 @@ function _requestMaker (user, method, additionalSets = {}) {
      || route.indexOf('/paypal') === 0
      || route.indexOf('/amazon') === 0
      || route.indexOf('/stripe') === 0
      || route.indexOf('/analytics') === 0
    ) {
      url += `${route}`;
    } else {
@@ -1,8 +1,8 @@
 import i18n from '../../website/common/script/i18n';
 import './globals.helper';
-import { contentTranslations } from '../../website/server/libs/i18n';
+import { translations } from '../../website/server/libs/i18n';
-i18n.translations = contentTranslations;
+i18n.translations = translations;
 export const STRING_ERROR_MSG = /^Error processing the string ".*". Please see Help > Report a Bug.$/;
 export const STRING_DOES_NOT_EXIST_MSG = /^String '.*' not found.$/;
@@ -21,7 +21,6 @@ export async function getProperty (collectionName, id, path) {
 // Specifically helpful for the GET /groups tests,
 // resets the db to an empty state and creates a tavern document
 export async function resetHabiticaDB () {
  console.info('Resetting Habitica DB');
  const groups = mongoose.connection.db.collection('groups');
  const users = mongoose.connection.db.collection('users');
  return mongoose.connection.dropDatabase()
@@ -75,10 +74,15 @@ export async function getDocument (collectionName, doc) {
 }
 before(done => {
-  mongoose.connection.once('open', async err => {
+  mongoose.connection.on('open', err => {
-    if (err) throw err;
+    if (err) return done(err);
-    await resetHabiticaDB();
+    return resetHabiticaDB()
      .then(() => {
        done();
      })
      .catch(error => {
        throw error;
      });
  });
 });
@@ -12,12 +12,20 @@ module.exports = {
  rules: {
    'no-console': process.env.NODE_ENV === 'production' ? 'error' : 'off',
    'no-debugger': process.env.NODE_ENV === 'production' ? 'error' : 'off',
    // TODO find a way to let eslint understand webpack aliases
    'import/no-unresolved': 'off',
    'import/no-extraneous-dependencies': 'off',
    'import/extensions': 'off',
    'prefer-regex-literals': 'warn',
    'vue/no-v-html': 'off',
    'vue/no-mutating-props': 'warn',
    // this creates issues with the current way we have to push the process.env vars to webpack
    // https://github.com/eslint/eslint/issues/14918
    // https://github.com/webpack/webpack/issues/5392
    // off for now, because any eslint --fix will then still do it anyway
    // maybe this can be turned on again once we switch to newer vue/vite
    // Important! process.env.XYZ should not be destructured
    'prefer-destructuring': 'off',
    'vue/html-self-closing': ['error', {
      html: {
        void: 'never',
@@ -1,22 +0,0 @@
 <!DOCTYPE html>
 <html>
  <head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>Habitica - FAQ</title>
    <meta name="description" content="Frequently Asked Questions about Habitica, the gamified task manager.">
    <link href="https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i|Roboto:400,400i,700,700i" rel="stylesheet">
    <link rel="shortcut icon" sizes="48x48" href="/static/icons/favicon.ico">
    <link rel="shortcut icon" sizes="192x192" href="/static/icons/favicon_192x192.png">
    <link rel="mask-icon" href="/static/icons/favicon.ico">
    <meta property="og:image" content="/static/emails/images/meta-image.png" />
    <script type="module" src="/src/main.js"></script>
  </head>
  <body>
    <div id="app"></div>
    <script type="text/javascript" src="//cloudfront.loggly.com/js/loggly.tracker-latest.min.js" async></script>
    <!-- Translations -->
    <script type='text/javascript' src='/api/v4/i18n/core' vite-ignore></script>
  </body>
 </html>
@@ -0,0 +1,36 @@
 <!DOCTYPE html>
 <html>
  <head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>Habitica - Gamify Your Life</title>
    <meta name="description" content="Habitica is a free habit and productivity app that treats your real life like a game. Habitica can help you achieve your goals to become healthy and happy.">
    <meta name="keywords" content="Habits,Goals,Todo,Gamification,Health,Fitness,School,Work">
    <link href="https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i|Roboto:400,400i,700,700i" rel="stylesheet">
    <link rel="shortcut icon" sizes="48x48" href="/static/icons/favicon.ico">
    <link rel="shortcut icon" sizes="192x192" href="/static/icons/favicon_192x192.png">
    <link rel="mask-icon" href="/static/icons/favicon.ico">
    <meta property="og:image" content="/static/emails/images/meta-image.png" />
    <script type="module" src="/src/main-static.js"></script>
  </head>
  <body>
    <div id="loading-screen">
      <svg width="80" height="80" viewBox="0 0 80 80" xmlns="http://www.w3.org/2000/svg">
        <path
        xmlns="http://www.w3.org/2000/svg"
        fill-rule="evenodd"
        clip-rule="evenodd"
        d="M79.05 72.15c-.8-1.766-2.643-2.62-3.845-1.766-1.201.855-2.867.985-4.448.602-1.584-.385-1.885-4.01-1.543-8.195.342-4.184.909-5.795 1.267-7.314.404-1.524 2.191-1.404 2.405-.209.215 1.196 1.454 1.196 3.266-.979 1.811-2.175 1.543-8.52-.546-13.684-2.088-5.163.817-4.661 1.66-4.149.844.513 1.362-.255 1.156-3.2-.204-2.945-2.916-5.247-5.096-6.657-2.184-1.41-4.842-2.967-4.78-6.745.063-3.777 5.2-3.658 5.897-3.596.697.063 2.037-.233 1.264-4.157-.773-3.924-3.575-4.673-5.332-4.567-1.758.106-2.943 1.071-5.427.133-2.484-.938-4.136-.572-6.45-.057-2.313.515-5.343 1.94-9.112 2.959-1.989.545-2.661.683-4.828.718-1.33.02-1.885 1.633-.106 3.61 1.408 1.608 4.597 2.036 6.515 1.768 1.236-.174 1.521.645 1.407 1.85a20.023 20.023 0 0 0-.024 4.488c.198 1.5.45 4.051-.258 5.713-.35.817-1.361 1.693-2.449 1.633-1.413-.084-2.555-1.75-3.537-3.726-2.06-4.152-4.48-5.033-13.509-8.835-8.12-3.417-12.516-8.749-15.24-12.185-2.421-3.042-4.846-1.89-4.626.855.179 2.128 1.48 9.008 4.781 13.141 4.058 6.314 10.32 9.177 17.534 9.739 1.885.149 3.065.52 3.225 1.383.236 1.835-1.557 3.11-4.898 2.722-3.341-.39-4.768.22-4.103 2.121 2.123 4.477 7.021 4.672 9.058 4.857.686.122 3.114 0 4.41.355 1.51.418 1.836 2.514-.353 3.648-3.892 1.903-5.59 3.479-7.561 7.075-1.486 2.826-2.77 7.555-1.435 14.365 1.283 6.62-8.342 6.83-12.497 5.89-1.793-.377-3.675-3.778.716-6.625 3.553-2.305 4.269-3.724 4.111-6.642-.184-3.4-2.058-3.644-2.053-6.598v-7.05c0-.602-.488-1.088-1.087-1.088h-3.334a1.087 1.087 0 0 1-1.087-1.087v-4.25c0-.602-.488-1.087-1.088-1.087h-3.317a1.087 1.087 0 0 1-1.087-1.088v-3.81c0-.602-.489-1.087-1.088-1.087h-4.04a1.087 1.087 0 0 1-1.089-1.088V26.25c0-.602-.488-1.088-1.087-1.088H1.088C.485 25.161 0 25.65 0 26.25v4.26c0 .602.488 1.087 1.088 1.087h4.049c.602 0 1.087.489 1.087 1.088v15.192c0 .602.489 1.087 1.088 1.087h4.277c.602 0 1.088.489 1.088 1.088v4.968c0 .602.488 1.087 1.087 1.087h6.005c1.836-.13 2.156 2.335 2.137 3.214-.04 2.007-2.308 2.652-3.382 3.487-2.861 2.21-5.077 4.459-3.78 8.781l.032.09c2.362 5.017 8.855 4.499 12.956 4.499h25.817c1.459 0 2.959.339 2.614-1.362-.342-1.7-1.063-4.024-3.162-4.024-2.1 0-1.758 1.166-3.81.57-2.054-.597-2.057-3.371 1.027-8.198 3.19-4.122 8.652-3.81 11.952-.895 3.301 2.915 2.325 7.978 1.633 10.885-.396 2.048.545 3.06 1.67 3.032H78.58c2.015-.035 1.62-1.391.464-4.035h.008z"
        fill="#fff"
      >
      </path>
    </svg>
    </div>
    <div id="app"></div>
    <script type="text/javascript" src="//cloudfront.loggly.com/js/loggly.tracker-latest.min.js" async></script>
    <!-- Translations -->
  </body>
 </html>
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Phillip Thelen	e10b7deb4b	attempt implementing prerendering	2025-02-04 17:43:30 +01:00
Phillip Thelen	d46fa98390	tell vite to ignore browser-script url	2025-02-04 17:42:55 +01:00
Phillip Thelen	3d6afa9f11	fix setupNconf imports	2025-02-04 12:29:33 +01:00
Phillip Thelen	e7616cae8d	setup nconf correctly for client build	2025-02-04 11:21:08 +01:00
Phillip Thelen	3a457f69a9	set serving url for vite content	2025-02-03 18:22:17 +01:00
Phillip Thelen	a4297283cb	fix lint	2025-02-03 17:45:09 +01:00
Phillip Thelen	ca08e3ef81	fix import	2025-02-03 17:41:41 +01:00
Phillip Thelen	c582dbd169	use vitest for client spec tests	2025-02-03 17:37:11 +01:00
Phillip Thelen	56ef07c8d2	fix various import issues	2025-02-03 16:05:03 +01:00
Phillip Thelen	896836f807	eslint fixes	2025-02-03 14:02:46 +01:00
Phillip Thelen	b5458bb604	remove gulp-nodemon and update nodemon	2025-02-03 14:00:04 +01:00
Phillip Thelen	2edb255e55	move from vue-cli-service/webpack to vite	2025-01-23 15:11:10 +01:00
Rafał Jagielski	200d917582	Fix intro guide (#15247 ) * Provide window.jquery to modules in vue.config.js * Fix curly-spacing lint error	2025-01-22 14:53:24 -06:00
negue	73082a8cf0	fix toggle disable icon position	2025-01-21 22:34:34 +01:00
Kalista Payne	dd08eee20c	chore(images): update css	2025-01-21 08:52:21 -06:00
negue	895241b7fa	show date tooltip above system / skill messages	2025-01-20 21:08:55 +01:00
negue	2535fd7095	Combined Message Pages/Redesign (#15310 ) * split component prepare new views / states * extract empty and disabled state as components * fix empty state mail icon * first logic switching between modes, move page to /private-messages/index.vue * extract autoCompleteHelper.js * style header + start new message input * style plus button + focus input * state logic, types for sanity * WIP PM new Message started * add /members/username test * first design changes to messageCard * delete private message or chat - based on the mode * copy as todo * mention links to modal * report chat or private message * WIP likeButton * likeButton styling * hide like on private message cards * fix unit test * replace copy as todo - to just a copy to clipboard * style changes * menu position + like button width * dropdown items background + like font * fix like button padding * move api endpoints and tests around to group inbox methods + like for inbox private messages * restyle system messages * Dropdown Radius and Padding * WIP system messages * fix lint * copy delta commit of allowing liking own private messages * enable liking private messages * fix menu non hovered item icon color * fix import path * ignore background on system messages * requested changes + migration * update migration to update the unique id to some messages and delete the duplicates * migration based on users pagination * fix(migration): use Promise.all * change to bulkWrites per User, and all messages in one run (of a user) * check for array * use rest operator ... * skip sorting to get the users * remove migration, disable like for private messages without uniqueMessageId * lean+bulkWrite for likes, add time checks for like and auth for further debugging * add a limit 2 get the messages by uniqueId * Adding a simple server start script * remove pinned nodemon dep * fix inbox controller/tests * fix / requested style changes * fix empty state padding / * hide avatar weapons on messages - fix avatar spacing on messages * Hourglass Simplification (#15323) * begin removing obsolete tests * begin refactoring * update cron tests * cleanup * finish basic implementation of new logic * add more subscription tests * subscription test improvements * return nextHourglassDate again * fix gem limit * fix(test): short circuit this. * fix(admin): correct logic and style for shrimple subs * WIP(frontend): draft of main subs page view * fix hourglass count * Fix hourglass logic for upgrades * fix admin panel display * WIP(subs): extant Stripe state * fix admin panel strings * fix missing transaction type * add new field for cumulative subscription count * show date for hourglass bonus if it was received * fix test * feat(subscription): max Gems progress readout * fix(css): correct and refactor heights and selection states * fix(subs): correct border-radius and redirect * fix(stripe): correct redirect after success * Admin panel display fixes * don’t give additional HG for new sub if they already got one this month * fix issue with promo hourglasses * fix(subscription): update layout when gifting * fix(subscriptions): more gift layout revisions * fix(subscriptions): minor visual updates * fix(subs): pass autoRenews through Stripe * fix(subs): gifts DON't renew * fix(lint): unnecessary ternary * fix(lint): do negate object ig * fix(subs): try again on gifts * fix(subs): unhovery and un-12-monthy * fix bug with incorrectly giving HG bonus * remove only * fix test * fix test * fix(subs): also redirect to subs after gift sub * fix(subs): fix typeError * fix(g1g1): don't try to find Gems promo during bogo --------- Co-authored-by: Phillip Thelen <phillip@habitica.com> Co-authored-by: Kalista Payne <sabe@habitica.com> * chore(sprites): update subproject * fix(layout): tighten cancellation note * fix(subs): Google wording and HG escape * chore(testing): fake g1g1 dates * fix(subs): don't hide HG preview entirely * fix(subs): center next hourglass message * working validatedTextInput.vue within start-new-conversation-input-header.vue 🎉 * fix(git): remove changes from old develop * Revert "fix(git): remove changes from old develop" This reverts commit `0e30f7df00`. * fix(git): no actually just this file i guesss * adding an empty loading state, hiding * fought the avatar arch nemesis again * fix chatMessages (party chat) message spacing * move disabled text back to above the input area - re-enable input area * show disabled private messages top panel * fix font color * fixing uiStates - removing disabled - moving the own user check to the last * fix(lint): add missing prop defaults * fix(lint): object default should be fn * fix(chat): correct grammar in error --------- Co-authored-by: SabreCat <sabe@habitica.com> Co-authored-by: Kalista Payne <sabrecat@gmail.com> Co-authored-by: Phillip Thelen <phillip@habitica.com>	2025-01-16 16:52:24 -06:00
`@@ -2,4 +2,4 @@`

	`This webpage includes the documentation for version 3 of the [Habitica](https://habitica.com) API.`	`This webpage includes the documentation for version 3 of the [Habitica](https://habitica.com) API.`

	`If you're developing a 3rd party tool that uses the Habitica API, read the [API Usage Guidelines](https://github.com/HabitRPG/habitica/wiki/API-Usage-Guidelines), which describe how to be a responsible user of our server resources!`	`If you're developing a 3rd party tool that uses the Habitica API you should read the [Guidance for Comrades](https://habitica.fandom.com/wiki/Guidance_for_Comrades) and in particular the section called [Rules for Third-Party Tools](https://habitica.fandom.com/wiki/Guidance_for_Comrades#Rules_for_Third-Party_Tools) which includes suggestions on how to best use the API and the rules to follow when interacting with it.`
		`@@ -0,0 +1,3 @@`
							`// TODO how to test this route since it points to a file on AWS s3?`

							`describe('GET /export/avatar-:memberId.png', () => {});`