attempt implementing prerendering

* Provide window.jquery to modules in vue.config.js

* Fix curly-spacing lint error

.babelrc

@@ -1,12 +1,12 @@
 {
-  "presets": [
+    "presets": [
-    [
+      [
-      "@babel/preset-env",
+        "@babel/preset-env",
-      {
+        {
-        "targets": {
+          "targets": {
-          "node": true
+            "node": true
+          }
         }
-      }
+      ]
     ]
-  ]
+  }
-}

.eslintrc.js

@@ -7,14 +7,5 @@ module.exports = {
   rules: {
     'prefer-regex-literals': 'warn',
     'import/no-extraneous-dependencies': 'off',
-    'require-await': 'error',
   },
-  overrides: [
-    {
-      files: ['migrations/**', 'gulp/**'], // Or *.test.js
-      rules: {
-        'require-await': 'off',
-      },
-    },
-  ],
 };

.github/workflows/test.yml

@@ -1,13 +1,6 @@
 name: Test
 
-on:
+on: [push, pull_request]
-  push:
-    branches-ignore:
-    - 'phillip/**'
-    - 'sabrecat/**'
-    - 'kalista/**'
-    - 'natalie/**'
-  pull_request:
 
 permissions:
   contents: read
@@ -82,7 +75,7 @@ jobs:
         CI: true
         NODE_ENV: test
     - run: npm run test:sanity
-
+  
   common:
     runs-on: ubuntu-latest
     strategy:
@@ -129,13 +122,13 @@ jobs:
         CI: true
         NODE_ENV: test
     - run: npm run test:content
-
+  
   api-unit:
     runs-on: ubuntu-latest
     strategy:
       matrix:
         node-version: [21.x]
-        mongodb-version: [7.0]
+        mongodb-version: [4.2]
     steps:
     - uses: actions/checkout@v4
       with:
@@ -144,13 +137,11 @@ jobs:
       uses: actions/setup-node@v4
       with:
         node-version: ${{ matrix.node-version }}
-
     - name: Start MongoDB ${{ matrix.mongodb-version }} Replica Set
-      uses: supercharge/mongodb-github-action@1.11.0
+      uses: supercharge/mongodb-github-action@1.3.0
       with:
         mongodb-version: ${{ matrix.mongodb-version }}
         mongodb-replica-set: rs
-
     - run: sudo apt update
     - run: sudo apt -y install libkrb5-dev
     - run: cp config.json.example config.json
@@ -160,17 +151,15 @@ jobs:
       env:
         CI: true
         NODE_ENV: test
-
     - run: npm run test:api:unit
       env:
         REQUIRES_SERVER=true: true
-
   api-v3-integration:
     runs-on: ubuntu-latest
     strategy:
       matrix:
         node-version: [21.x]
-        mongodb-version: [7.0]
+        mongodb-version: [4.2]
     steps:
     - uses: actions/checkout@v4
       with:
@@ -180,11 +169,10 @@ jobs:
       with:
         node-version: ${{ matrix.node-version }}
     - name: Start MongoDB ${{ matrix.mongodb-version }} Replica Set
-      uses: supercharge/mongodb-github-action@1.11.0
+      uses: supercharge/mongodb-github-action@1.3.0
       with:
         mongodb-version: ${{ matrix.mongodb-version }}
         mongodb-replica-set: rs
-
     - run: sudo apt update
     - run: sudo apt -y install libkrb5-dev
     - run: cp config.json.example config.json
@@ -194,18 +182,15 @@ jobs:
       env:
         CI: true
         NODE_ENV: test
-
     - run: npm run test:api-v3:integration
       env:
         REQUIRES_SERVER=true: true
-
   api-v4-integration:
     runs-on: ubuntu-latest
     strategy:
       matrix:
         node-version: [21.x]
-        mongodb-version: [7.0]
+        mongodb-version: [4.2]
-
     steps:
     - uses: actions/checkout@v4
       with:
@@ -215,11 +200,10 @@ jobs:
       with:
         node-version: ${{ matrix.node-version }}
     - name: Start MongoDB ${{ matrix.mongodb-version }} Replica Set
-      uses: supercharge/mongodb-github-action@1.11.0
+      uses: supercharge/mongodb-github-action@1.3.0
       with:
         mongodb-version: ${{ matrix.mongodb-version }}
         mongodb-replica-set: rs
-
     - run: sudo apt update
     - run: sudo apt -y install libkrb5-dev
     - run: cp config.json.example config.json
@@ -229,7 +213,6 @@ jobs:
       env:
         CI: true
         NODE_ENV: test
-
     - run: npm run test:api-v4:integration
       env:
         REQUIRES_SERVER=true: true

.gitignore

@@ -47,5 +47,5 @@ webpack.webstorm.config
 
 # mongodb replica set for local dev
 mongodb-*.tgz
-/mongodb-*
+/mongodb-data*
 /.nyc_output

apidoc/header.md

@@ -2,4 +2,4 @@
 
 This webpage includes the documentation for version 3 of the [Habitica](https://habitica.com) API.
 
-If you're developing a 3rd party tool that uses the Habitica API, read the [API Usage Guidelines](https://github.com/HabitRPG/habitica/wiki/API-Usage-Guidelines), which describe how to be a responsible user of our server resources!
+If you're developing a 3rd party tool that uses the Habitica API you should read the [Guidance for Comrades](https://habitica.fandom.com/wiki/Guidance_for_Comrades) and in particular the section called [Rules for Third-Party Tools](https://habitica.fandom.com/wiki/Guidance_for_Comrades#Rules_for_Third-Party_Tools) which includes suggestions on how to best use the API and the rules to follow when interacting with it.

config.json.example

@@ -8,26 +8,18 @@
   "AMAZON_PAYMENTS_SELLER_ID": "SELLER_ID",
   "AMPLITUDE_KEY": "AMPLITUDE_KEY",
   "AMPLITUDE_SECRET": "AMPLITUDE_SECRET",
-  "APPLE_AUTH_CLIENT_ID": "",
-  "APPLE_AUTH_KEY_ID": "",
-  "APPLE_AUTH_PRIVATE_KEY": "",
-  "APPLE_TEAM_ID": "",
   "BASE_URL": "http://localhost:3000",
-  "BLOCKED_IPS": "",
-  "CONTENT_SWITCHOVER_TIME_OFFSET": 8,
   "CRON_SAFE_MODE": "false",
   "CRON_SEMI_SAFE_MODE": "false",
-  "DEBUG_ENABLED": "false",
   "DISABLE_REQUEST_LOGGING": "true",
-  "EMAIL_SERVER_AUTH_PASSWORD": "password",
-  "EMAIL_SERVER_AUTH_USER": "user",
-  "EMAIL_SERVER_URL": "http://example.com",
   "EMAILS_COMMUNITY_MANAGER_EMAIL": "admin@habitica.com",
   "EMAILS_PRESS_ENQUIRY_EMAIL": "admin@habitica.com",
   "EMAILS_TECH_ASSISTANCE_EMAIL": "admin@habitica.com",
+  "EMAIL_SERVER_AUTH_PASSWORD": "password",
+  "EMAIL_SERVER_AUTH_USER": "user",
+  "EMAIL_SERVER_URL": "http://example.com",
   "ENABLE_CONSOLE_LOGS_IN_PROD": "false",
   "ENABLE_CONSOLE_LOGS_IN_TEST": "false",
-  "ENABLE_STACKDRIVER_TRACING": "false",
   "FACEBOOK_KEY": "123456789012345",
   "FACEBOOK_SECRET": "aaaabbbbccccddddeeeeffff00001111",
   "FLAG_REPORT_EMAIL": "email@example.com, email2@example.com",
@@ -37,16 +29,15 @@
   "IAP_GOOGLE_KEYDIR": "/path/to/google/public/key/dir/",
   "IGNORE_REDIRECT": "true",
   "ITUNES_SHARED_SECRET": "aaaabbbbccccddddeeeeffff00001111",
-  "LIVELINESS_PROBE_KEY": "",
-  "LOG_AMPLITUDE_EVENTS": "false",
-  "LOG_REQUESTS_EXCESSIVE_MODE": "false",
   "LOGGLY_CLIENT_TOKEN": "token",
   "LOGGLY_SUBDOMAIN": "example-subdomain",
   "LOGGLY_TOKEN": "example-token",
+  "LOG_REQUESTS_EXCESSIVE_MODE": "false",
   "MAINTENANCE_MODE": "false",
+  "NODE_DB_URI": "mongodb://localhost:27017/habitica-dev?replicaSet=rs",
+  "TEST_DB_URI": "mongodb://localhost:27017/habitica-test?replicaSet=rs",
   "MONGODB_POOL_SIZE": "10",
   "MONGODB_SOCKET_TIMEOUT": "20000",
-  "NODE_DB_URI": "mongodb://localhost:27017/habitica-dev?replicaSet=rs&directConnection=true&readPreference=secondary",
   "NODE_ENV": "development",
   "PATH": "bin:node_modules/.bin:/usr/local/bin:/usr/bin:/bin",
   "PAYPAL_BILLING_PLANS_basic_12mo": "basic_12mo",
@@ -64,33 +55,43 @@
   "PLAY_API_REFRESH_TOKEN": "aaaabbbbccccddddeeeeffff00001111",
   "PORT": 3000,
   "PUSH_CONFIGS_APN_ENABLED": "false",
-  "PUSH_CONFIGS_APN_KEY_ID": "xxxxxxxxxx",
   "PUSH_CONFIGS_APN_KEY": "xxxxxxxxxx",
+  "PUSH_CONFIGS_APN_KEY_ID": "xxxxxxxxxx",
   "PUSH_CONFIGS_APN_TEAM_ID": "aaabbbcccd",
   "PUSH_CONFIGS_FCM_SERVER_API_KEY": "aaabbbcccd",
-  "RATE_LIMITER_ENABLED": "false",
-  "REDIS_HOST": "aaabbbcccdddeeefff",
-  "REDIS_PASSWORD": "12345678",
-  "REDIS_PORT": "1234",
   "S3_ACCESS_KEY_ID": "accessKeyId",
   "S3_BUCKET": "bucket",
   "S3_SECRET_ACCESS_KEY": "secretAccessKey",
-  "SESSION_SECRET_KEY": "1234567891234567891234567891234567891234567891234567891234567891",
   "SESSION_SECRET": "YOUR SECRET HERE",
+  "SESSION_SECRET_IV": "12345678912345678912345678912345",
+  "SESSION_SECRET_KEY": "1234567891234567891234567891234567891234567891234567891234567891",
   "SITE_HTTP_AUTH_ENABLED": "false",
   "SITE_HTTP_AUTH_PASSWORDS": "password,wordpass,passkey",
   "SITE_HTTP_AUTH_USERNAMES": "admin,tester,contributor",
-  "SKIP_SSL_CHECK_KEY": "key",
   "SLACK_FLAGGING_FOOTER_LINK": "https://habitrpg.github.io/flag-o-rama/",
   "SLACK_FLAGGING_URL": "https://hooks.slack.com/services/id/id/id",
   "SLACK_SUBSCRIPTIONS_URL": "https://hooks.slack.com/services/id/id/id",
   "SLACK_URL": "https://hooks.slack.com/services/some-url",
-  "SLOW_REQUEST_THRESHOLD": 1000,
   "STRIPE_API_KEY": "aaaabbbbccccddddeeeeffff00001111",
   "STRIPE_PUB_KEY": "22223333444455556666777788889999",
   "STRIPE_WEBHOOKS_ENDPOINT_SECRET": "111111",
-  "TEST_DB_URI": "mongodb://localhost:27017/habitica-test?replicaSet=rs&directConnection=true&readPreference=secondary",
+  "TRANSIFEX_SLACK_CHANNEL": "transifex",
-  "TIME_TRAVEL_ENABLED": "false",
+  "WEB_CONCURRENCY": 1,
+  "SKIP_SSL_CHECK_KEY": "key",
+  "ENABLE_STACKDRIVER_TRACING": "false",
+  "APPLE_AUTH_PRIVATE_KEY": "",
+  "APPLE_TEAM_ID": "",
+  "APPLE_AUTH_CLIENT_ID": "",
+  "APPLE_AUTH_KEY_ID": "",
+  "BLOCKED_IPS": "",
+  "LOG_AMPLITUDE_EVENTS": "false",
+  "RATE_LIMITER_ENABLED": "false",
+  "LIVELINESS_PROBE_KEY": "",
+  "REDIS_HOST": "aaabbbcccdddeeefff",
+  "REDIS_PORT": "1234",
+  "REDIS_PASSWORD": "12345678",
   "TRUSTED_DOMAINS": "localhost,https://habitica.com",
-  "WEB_CONCURRENCY": 1
+  "TIME_TRAVEL_ENABLED": "false",
+  "DEBUG_ENABLED": "false",
+  "CONTENT_SWITCHOVER_TIME_OFFSET": 8
 }

docker-compose.dev.yml

@@ -0,0 +1,53 @@
+services:
+  client:
+    build:
+      context: .
+      dockerfile: ./Dockerfile-Dev
+    command: ["npm", "run", "client:dev"]
+    depends_on:
+      - server
+    environment:
+      - BASE_URL=http://server:3000
+    networks:
+      - habitica
+    ports:
+      - "8080:8080"
+    volumes:
+      - .:/usr/src/habitica
+      - /usr/src/habitica/node_modules
+      - /usr/src/habitica/website/client/node_modules
+  server:
+    build:
+      context: .
+      dockerfile: ./Dockerfile-Dev
+    command: ["npm", "start"]
+    depends_on:
+      mongo:
+        condition: service_healthy
+    environment:
+      - NODE_DB_URI=mongodb://mongo/habitrpg
+    networks:
+      - habitica
+    ports:
+      - "3000:3000"
+    volumes:
+      - .:/usr/src/habitica
+      - /usr/src/habitica/node_modules
+  mongo:
+    image: mongo:5.0.23
+    restart: unless-stopped
+    command: ["--replSet", "rs", "--bind_ip_all", "--port", "27017"]
+    healthcheck:
+      test: echo "try { rs.status() } catch (err) { rs.initiate() }" | mongosh --port 27017 --quiet
+      interval: 10s
+      timeout: 30s
+      start_period: 0s
+      start_interval: 1s
+      retries: 30
+    networks:
+      - habitica
+    ports:
+      - "27017:27017"
+networks:
+  habitica:
+    driver: bridge

docker-compose.mongo-only.yml

@@ -1,24 +0,0 @@
-networks:
-  mongodb-network:
-    name: "mongodb-network"
-    driver: bridge
-services:
-  mongodb:
-    image: "mongo:7.0"
-    container_name: "habitica-mongodb-only"
-    networks:
-      - mongodb-network
-    hostname: "mongodb"
-    ports:
-      - "27017:27017"
-    restart: "unless-stopped"
-    volumes:
-      - "./mongodb-data-docker:/data/db"
-    entrypoint: [ "/usr/bin/mongod", "--bind_ip_all", "--replSet", "rs" ]
-    healthcheck:
-      test: echo "try { rs.status() } catch (err) { rs.initiate() }" | mongosh --port 27017 --quiet
-      interval: 10s
-      timeout: 30s
-      start_period: 0s
-      retries: 30
-  

docker-compose.mongo-test-local.yml

@@ -1,23 +0,0 @@
-networks:
-  mongodb-network:
-    name: "mongodb-network"
-    driver: bridge
-services:
-  mongodb:
-    image: "mongo:7.0"
-    container_name: "habitica-mongodb-test"
-    networks:
-      - mongodb-network
-    hostname: "mongodb"
-    ports:
-      - "27017:27017"
-    restart: "unless-stopped"
-    volumes:
-      - "./mongodb-data-docker-testing:/data/db"
-    entrypoint: [ "/usr/bin/mongod", "--bind_ip_all", "--replSet", "rs" ]
-    healthcheck:
-      test: echo "try { rs.status() } catch (err) { rs.initiate() }" | mongosh --port 27017 --quiet
-      interval: 10s
-      timeout: 30s
-      start_period: 0s
-      retries: 30

docker-compose.yml

@@ -1,56 +1,35 @@
+version: "3"
 services:
+
   client:
-    build:
+    build: .
-      context: .
+    networks:
-      dockerfile: ./Dockerfile-Dev
+      - habitica
-    command: ["npm", "run", "client:dev:docker"]
-    depends_on:
-      - server
     environment:
       - BASE_URL=http://server:3000
-    networks:
-      - habitica
     ports:
-      - "5173:5173"
+        - "8080:8080"
-    volumes:
+    command: ["npm", "run", "client:dev"]
-      - .:/usr/src/habitica
-      - /usr/src/habitica/node_modules
-      - /usr/src/habitica/website/client/node_modules
-  server:
-    build:
-      context: .
-      dockerfile: ./Dockerfile-Dev
-    command: ["npm", "start"]
     depends_on:
-      mongo:
+      - server
-        condition: service_healthy
+
-    environment:
+  server:
-      - NODE_DB_URI=mongodb://mongo/habitrpg
+    build: .
-    networks:
-      - habitica
     ports:
       - "3000:3000"
-    volumes:
-      - .:/usr/src/habitica
-      - /usr/src/habitica/node_modules
-  mongo:
-    image: "mongo:7.0"
-    container_name: "habitica-mongodb"
     networks:
       - habitica
-    hostname: "mongodb"
+    environment:
+      - NODE_DB_URI=mongodb://mongo/habitrpg
+    depends_on:
+      - mongo
+
+  mongo:
+    image: mongo:3.6
     ports:
       - "27017:27017"
-    restart: "unless-stopped"
+    networks:
-    volumes:
+      - habitica
-      - "./mongodb-data-docker:/data/db"
-    entrypoint: [ "/usr/bin/mongod", "--bind_ip_all", "--replSet", "rs" ]
-    healthcheck:
-      test: echo "try { rs.status() } catch (err) { rs.initiate() }" | mongosh --port 27017 --quiet
-      interval: 10s
-      timeout: 30s
-      start_period: 0s
-      retries: 30
 
 networks:
   habitica:

gulp/gulp-build.js

@@ -5,7 +5,7 @@ import path from 'path';
 import babel from 'gulp-babel';
 import os from 'os';
 import fs from 'fs';
-import spawn from 'cross-spawn';
+import spawn from 'cross-spawn'; // eslint-disable-line import/no-extraneous-dependencies
 import clean from 'rimraf';
 
 gulp.task('build:babel:server', () => gulp.src('website/server/**/*.js')
@@ -35,7 +35,7 @@ gulp.task('build:prod', gulp.series(
 // When used on windows `run-rs` must first be run without the `--keep` option
 // in order to be setup correctly, afterwards it can be used.
 
-const MONGO_PATH = path.join(__dirname, '/../mongodb-data-docker/');
+const MONGO_PATH = path.join(__dirname, '/../mongodb-data/');
 
 gulp.task('build:prepare-mongo', async () => {
   if (fs.existsSync(MONGO_PATH)) {
@@ -51,32 +51,29 @@ gulp.task('build:prepare-mongo', async () => {
   console.log('MongoDB data folder is missing, setting up.'); // eslint-disable-line no-console
 
   // use run-rs without --keep, kill it as soon as the replica set starts
-  const dockerMongoProcess = spawn('npm', ['run', 'docker:mongo:dev']);
+  const runRsProcess = spawn('run-rs', ['-v', '4.1.1', '-l', 'ubuntu1804', '--dbpath', 'mongodb-data', '--number', '1', '--quiet']);
 
-  let manuallyStopped = false;
+  for await (const chunk of runRsProcess.stdout) {
-
-  for await (const chunk of dockerMongoProcess.stdout) {
     const stringChunk = chunk.toString();
     console.log(stringChunk); // eslint-disable-line no-console
     // kills the process after the replica set is setup
-    if (stringChunk.includes('mongod startup complete')) {
+    if (stringChunk.includes('Started replica set')) {
       console.log('MongoDB setup correctly.'); // eslint-disable-line no-console
-      dockerMongoProcess.kill();
+      runRsProcess.kill();
-      manuallyStopped = true;
     }
   }
 
   let error = '';
-  for await (const chunk of dockerMongoProcess.stderr) {
+  for await (const chunk of runRsProcess.stderr) {
     const stringChunk = chunk.toString();
     error += stringChunk;
   }
 
   const exitCode = await new Promise(resolve => {
-    dockerMongoProcess.on('close', resolve);
+    runRsProcess.on('close', resolve);
   });
 
-  if (!manuallyStopped && (exitCode || error.length > 0)) {
+  if (exitCode || error.length > 0) {
     // remove any leftover files
     clean.sync(MONGO_PATH);
 

gulp/gulp-cache.js

@@ -6,21 +6,9 @@ gulp.task('cache:content', done => {
   // Requiring at runtime because these files access `common`
   // code which in production works only if transpiled so after
   // gulp build:babel:common has run
-  const {
+  const { CONTENT_CACHE_PATH, getLocalizedContentResponse } = require('../website/server/libs/content'); // eslint-disable-line global-require
-    CONTENT_CACHE_PATH,
-    getLocalizedContentResponse,
-    IOS_FILTER,
-    ANDROID_FILTER,
-    buildFilterObject,
-    hashForFilter,
-  } = require('../website/server/libs/content'); // eslint-disable-line global-require
   const { langCodes } = require('../website/server/libs/i18n'); // eslint-disable-line global-require
 
-  const iosHash = hashForFilter(IOS_FILTER);
-  const iosFilterObj = buildFilterObject(IOS_FILTER);
-  const androidHash = hashForFilter(ANDROID_FILTER);
-  const androidFilterObj = buildFilterObject(ANDROID_FILTER);
-
   try {
     // create the cache folder (if it doesn't exist)
     try {
@@ -38,18 +26,6 @@ gulp.task('cache:content', done => {
         getLocalizedContentResponse(langCode),
         'utf8',
       );
-
-      fs.writeFileSync(
-        `${CONTENT_CACHE_PATH}${langCode}${iosHash}.json`,
-        getLocalizedContentResponse(langCode, iosFilterObj),
-        'utf8',
-      );
-
-      fs.writeFileSync(
-        `${CONTENT_CACHE_PATH}${langCode}${androidHash}.json`,
-        getLocalizedContentResponse(langCode, androidFilterObj),
-        'utf8',
-      );
     });
     done();
   } catch (err) {
@@ -57,37 +33,26 @@ gulp.task('cache:content', done => {
   }
 });
 
-function safeMkdir (path) {
-  try {
-    fs.mkdirSync(path);
-  } catch (err) {
-    if (err.code !== 'EEXIST') throw err;
-  }
-}
-
 gulp.task('cache:i18n', done => {
   // Requiring at runtime because these files access `common`
   // code which in production works only if transpiled so after
   // gulp build:babel:common has run
-  const { BROWSER_SCRIPT_CACHE_PATH, geti18nCoreBrowserScript, geti18nContentBrowserScript } = require('../website/server/libs/i18n'); // eslint-disable-line global-require
+  const { BROWSER_SCRIPT_CACHE_PATH, geti18nBrowserScript } = require('../website/server/libs/i18n'); // eslint-disable-line global-require
   const { langCodes } = require('../website/server/libs/i18n'); // eslint-disable-line global-require
 
   try {
-    // create the cache folders (if they doesn't exist)
+    // create the cache folder (if it doesn't exist)
-    safeMkdir(BROWSER_SCRIPT_CACHE_PATH);
+    try {
-    safeMkdir(`${BROWSER_SCRIPT_CACHE_PATH}core/`);
+      fs.mkdirSync(BROWSER_SCRIPT_CACHE_PATH);
-    safeMkdir(`${BROWSER_SCRIPT_CACHE_PATH}content/`);
+    } catch (err) {
+      if (err.code !== 'EEXIST') throw err;
+    }
 
     // create and save the i18n browser script for each language
     langCodes.forEach(languageCode => {
       fs.writeFileSync(
-        `${BROWSER_SCRIPT_CACHE_PATH}core/${languageCode}.js`,
+        `${BROWSER_SCRIPT_CACHE_PATH}${languageCode}.js`,
-        geti18nCoreBrowserScript(languageCode),
+        geti18nBrowserScript(languageCode),
-        'utf8',
-      );
-      fs.writeFileSync(
-        `${BROWSER_SCRIPT_CACHE_PATH}content/${languageCode}.js`,
-        geti18nContentBrowserScript(languageCode),
         'utf8',
       );
     });

gulp/gulp-sprites.js

@@ -64,15 +64,6 @@ function filterFile (file) {
   if (file.relative.indexOf('icon_background') === 0) {
     return false;
   }
-  if (file.relative.indexOf('notif_') === 0) {
-    return false;
-  }
-  if (file.relative.indexOf('quest_') === 0) {
-    return false;
-  }
-  if (file.relative.indexOf('inventory_quest_') === 0) {
-    return false;
-  }
   return true;
 }
 

gulp/gulp-tests.js

@@ -53,11 +53,6 @@ gulp.task('test:prepare:mongo', cb => {
   const mongooseOptions = getDefaultConnectionOptions();
   const connectionUrl = getDevelopmentConnectionUrl(TEST_DB_URI);
 
-  console.info({
-    mongooseOptions,
-    connectionUrl,
-  });
-
   mongoose.connect(connectionUrl, mongooseOptions)
     .then(() => mongoose.connection.dropDatabase())
     .then(() => mongoose.connection.close()).then(() => {

migrations/migration-runner.js

@@ -10,7 +10,7 @@ function setUpServer () {
 
   setupNconf();
 
-  // We require src/server and not src/index because
+  // We require src/server and npt src/index because
   // 1. nconf is already setup
   // 2. we don't need clustering
   require('../website/server/server'); // eslint-disable-line global-require

migrations/users/full-gear.js

@@ -11,7 +11,7 @@ const progressCount = 1000;
 let count = 0;
 
 /*
- * Award every extant piece of equippable gear
+ * Award users every extant pet and mount
  */
 
 async function updateUser (user) {

migrations/users/take-this.js

@@ -3,8 +3,7 @@ import { v4 as uuid } from 'uuid';
 
 import { model as User } from '../../website/server/models/user';
 
-const MIGRATION_NAME = 'YYYYMMDD_take_this';
+const MIGRATION_NAME = '20181203_take_this';
-const CHALLENGE_ID = 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx';
 
 const progressCount = 1000;
 let count = 0;
@@ -42,15 +41,15 @@ async function updateUser (user) {
   if (count % progressCount === 0) console.warn(`${count} ${user._id}`);
 
   if (push) {
-    return User.updateOne({ _id: user._id }, { $set: set, $push: push }).exec();
+    return User.update({ _id: user._id }, { $set: set, $push: push }).exec();
   }
-  return User.updateOne({ _id: user._id }, { $set: set }).exec();
+  return User.update({ _id: user._id }, { $set: set }).exec();
 }
 
 export default async function processUsers () {
   const query = {
     migration: { $ne: MIGRATION_NAME },
-    challenges: CHALLENGE_ID,
+    challenges: '00708425-d477-41a5-bf27-6270466e7976',
   };
 
   const fields = {
@@ -73,7 +72,7 @@ export default async function processUsers () {
       break;
     } else {
       query._id = {
-        $gt: users[users.length - 1]._id,
+        $gt: users[users.length - 1],
       };
     }
 

package.json

@@ -1,7 +1,7 @@
 {
   "name": "habitica",
   "description": "A habit tracker app which treats your goals like a Role Playing Game.",
-  "version": "5.48.0",
+  "version": "5.32.5",
   "main": "./website/server/index.js",
   "dependencies": {
     "@babel/core": "^7.22.10",
@@ -19,8 +19,8 @@
     "bcrypt": "^5.1.1",
     "body-parser": "^1.20.3",
     "bootstrap": "^4.6.2",
-    "compression": "^1.8.1",
+    "compression": "^1.7.4",
-    "cookie-session": "^2.1.1",
+    "cookie-session": "^2.0.0",
     "coupon-code": "^0.4.5",
     "csv-stringify": "^5.6.5",
     "cwait": "^1.1.1",
@@ -30,7 +30,6 @@
     "eslint-plugin-mocha": "^5.0.0",
     "express": "^4.21.1",
     "express-basic-auth": "^1.2.1",
-    "express-sitemap-xml": "^3.1.0",
     "express-validator": "^5.2.0",
     "firebase-admin": "^12.1.1",
     "glob": "^8.1.0",
@@ -40,8 +39,7 @@
     "gulp-filter": "^7.0.0",
     "gulp-imagemin": "^7.1.0",
     "gulp.spritesmith": "^6.13.0",
-    "habitica-markdown": "^4.1.0",
+    "habitica-markdown": "^3.0.0",
-    "heapdump": "^0.3.15",
     "helmet": "^4.6.0",
     "in-app-purchase": "^1.11.3",
     "js2xmlparser": "^5.0.0",
@@ -50,15 +48,14 @@
     "lodash": "^4.17.21",
     "merge-stream": "^2.0.0",
     "method-override": "^3.0.0",
-    "micromustache": "^8.0.3",
     "moment": "^2.29.4",
     "moment-recur": "git://github.com/HabitRPG/moment-recur.git#d3e8e6da0806f13b74dd2e4d7d9053e6a63db119",
-    "mongoose": "^8.23.0",
+    "mongoose": "^7.8.3",
-    "morgan": "^1.10.1",
+    "morgan": "^1.10.0",
-    "nan": "^2.25.0",
     "nconf": "^0.12.1",
     "node-gcm": "^1.0.5",
-    "on-headers": "^1.1.0",
+    "nodemon": "^3.1.9",
+    "on-headers": "^1.0.2",
     "passport": "^0.5.3",
     "passport-facebook": "^3.0.0",
     "passport-google-oauth2": "^0.2.0",
@@ -74,9 +71,11 @@
     "sinon": "^15.2.0",
     "stripe": "^12.18.0",
     "superagent": "^8.1.2",
+    "universal-analytics": "^0.5.3",
     "useragent": "^2.1.9",
     "uuid": "^9.0.0",
     "validator": "^13.11.0",
+    "webpack-bundle-analyzer": "^4.10.2",
     "winston": "^3.10.0",
     "winston-loggly-bulk": "^3.3.0",
     "xml2js": "^0.6.2"
@@ -103,22 +102,19 @@
     "coverage": "nyc report --reporter=html --report-dir coverage/results; open coverage/results/index.html",
     "sprites": "gulp sprites:compile",
     "client:dev": "cd website/client && npm run serve",
-    "client:dev:docker": "cd website/client && npm run serve:docker",
     "client:build": "cd website/client && npm run build",
     "client:unit": "cd website/client && npm run test:unit",
     "start": "node --watch ./website/server/index.js",
+    "start:simple": "node ./website/server/index.js",
     "debug": "node --watch --inspect ./website/server/index.js",
-    "docker:aio": "docker compose -f docker-compose.yml up",
+    "mongo:dev": "run-rs -v 5.0.23 -l ubuntu1804 --keep --dbpath mongodb-data --number 1 --quiet",
-    "docker:mongo:dev": "docker compose -f docker-compose.mongo-only.yml up",
+    "mongo:test": "run-rs -v 5.0.23 -l ubuntu1804 --keep --dbpath mongodb-data-testing --number 1 --quiet",
-    "docker:mongo:dev:down": "docker compose -f docker-compose.mongo-only.yml down",
-    "docker:mongo:test": "docker compose -f docker-compose.mongo-test-local.yml up",
-    "mongo:test": "node scripts/start-local-mongo.mjs --test-db",
     "postinstall": "git config --global url.\"https://\".insteadOf git:// && gulp build && cd website/client && npm install",
     "apidoc": "gulp apidoc",
     "heroku-postbuild": ".heroku/report_deploy.sh"
   },
   "devDependencies": {
-    "axios": "^1.8.2",
+    "axios": "^1.7.4",
     "chai": "^4.3.7",
     "chai-as-promised": "^7.1.1",
     "chai-moment": "^0.1.0",
@@ -128,6 +124,7 @@
     "monk": "^7.3.4",
     "nyc": "^15.1.0",
     "require-again": "^2.0.0",
+    "run-rs": "^0.7.7",
     "sinon-chai": "^3.7.0",
     "sinon-stub-promise": "^4.0.0"
   }

scripts/gdpr-delete-users.js

@@ -71,14 +71,15 @@ async function deleteHabiticaData (user, email) {
 }
 
 async function processEmailAddress (email) {
+  const emailRegex = new RegExp(`^${email}$`, 'i');
   const localUsers = await User.find(
-    { 'auth.local.email': email },
+    { 'auth.local.email': emailRegex },
     { _id: 1, apiToken: 1, auth: 1 },
   ).exec();
 
   const socialUsers = await User.find(
     {
-      'auth.local.email': { $ne: email },
+      'auth.local.email': { $not: emailRegex },
       $or: [
         { 'auth.facebook.emails.value': email },
         { 'auth.google.emails.value': email },

scripts/team-cron.js

@@ -8,17 +8,7 @@ const TASK_VALUE_CHANGE_FACTOR = 0.9747;
 const MIN_TASK_VALUE = -47.27;
 
 async function updateTeamTasks (team) {
-  if (team.purchased.plan.dateTerminated) {
-    const dateTerminated = new Date(team.purchased.plan.dateTerminated);
-    if (dateTerminated < new Date()) {
-      team.purchased.plan.customerId = undefined;
-      team.markModified('purchased.plan');
-      return team.save();
-    }
-  }
-
   const toSave = [];
-
   let teamLeader = await User.findOne({ _id: team.leader }, 'preferences').exec();
 
   if (!teamLeader) { // why would this happen?
@@ -103,7 +93,12 @@ async function updateTeamTasks (team) {
 export default async function processTeamsCron () {
   const activeTeams = await Group.find({
     'purchased.plan.customerId': { $exists: true },
-  }, { cron: 1, leader: 1, purchased: 1 }).exec();
+    $or: [
+      { 'purchased.plan.dateTerminated': { $exists: false } },
+      { 'purchased.plan.dateTerminated': null },
+      { 'purchased.plan.dateTerminated': { $gt: new Date() } },
+    ],
+  }).exec();
 
   const cronPromises = activeTeams.map(updateTeamTasks);
   return Promise.all(cronPromises);

test/api/unit/libs/analyticsService.test.js

@@ -0,0 +1,595 @@
+/* eslint-disable camelcase */
+import nconf from 'nconf';
+import Amplitude from 'amplitude';
+import { Visitor } from 'universal-analytics';
+import * as analyticsService from '../../../../website/server/libs/analyticsService';
+
+describe('analyticsService', () => {
+  beforeEach(() => {
+    sandbox.stub(Amplitude.prototype, 'track').returns(Promise.resolve());
+
+    sandbox.stub(Visitor.prototype, 'event');
+    sandbox.stub(Visitor.prototype, 'transaction');
+  });
+
+  afterEach(() => {
+    sandbox.restore();
+  });
+
+  describe('#getServiceByEnvironment', () => {
+    it('returns mock methods when not in production', () => {
+      sandbox.stub(nconf, 'get').withArgs('IS_PROD').returns(false);
+      expect(analyticsService.getAnalyticsServiceByEnvironment())
+        .to.equal(analyticsService.mockAnalyticsService);
+    });
+
+    it('returns real methods when in production', () => {
+      sandbox.stub(nconf, 'get').withArgs('IS_PROD').returns(true);
+      expect(analyticsService.getAnalyticsServiceByEnvironment().track)
+        .to.equal(analyticsService.track);
+      expect(analyticsService.getAnalyticsServiceByEnvironment().trackPurchase)
+        .to.equal(analyticsService.trackPurchase);
+    });
+  });
+
+  describe('#track', () => {
+    let eventType; let
+      data;
+
+    beforeEach(() => {
+      Visitor.prototype.event.yields();
+
+      eventType = 'Cron';
+      data = {
+        category: 'behavior',
+        uuid: 'unique-user-id',
+        resting: true,
+        cronCount: 5,
+        headers: {
+          'x-client': 'habitica-web',
+          'user-agent': '',
+        },
+      };
+    });
+
+    context('Amplitude', () => {
+      it('calls out to amplitude', () => analyticsService.track(eventType, data)
+        .then(() => {
+          expect(Amplitude.prototype.track).to.be.calledOnce;
+        }));
+
+      it('uses a dummy user id if none is provided', () => {
+        delete data.uuid;
+
+        return analyticsService.track(eventType, data)
+          .then(() => {
+            expect(Amplitude.prototype.track).to.be.calledWithMatch({
+              user_id: 'no-user-id-was-provided',
+            });
+          });
+      });
+
+      context('platform', () => {
+        it('logs web platform', () => {
+          data.headers = { 'x-client': 'habitica-web' };
+
+          return analyticsService.track(eventType, data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                platform: 'Web',
+              });
+            });
+        });
+
+        it('logs iOS platform', () => {
+          data.headers = { 'x-client': 'habitica-ios' };
+
+          return analyticsService.track(eventType, data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                platform: 'iOS',
+              });
+            });
+        });
+
+        it('logs Android platform', () => {
+          data.headers = { 'x-client': 'habitica-android' };
+
+          return analyticsService.track(eventType, data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                platform: 'Android',
+              });
+            });
+        });
+
+        it('logs 3rd Party platform', () => {
+          data.headers = { 'x-client': 'some-third-party' };
+
+          return analyticsService.track(eventType, data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                platform: '3rd Party',
+              });
+            });
+        });
+
+        it('logs unknown if headers are not passed in', () => {
+          delete data.headers;
+
+          return analyticsService.track(eventType, data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                platform: 'Unknown',
+              });
+            });
+        });
+      });
+
+      context('Operating System', () => {
+        it('sets default', () => {
+          data.headers = {
+            'x-client': 'third-party',
+            'user-agent': 'foo',
+          };
+
+          return analyticsService.track(eventType, data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                os_name: 'Other',
+                os_version: '0',
+              });
+            });
+        });
+
+        it('sets iOS', () => {
+          data.headers = {
+            'x-client': 'habitica-ios',
+            'user-agent': 'Habitica/148 (iPhone; iOS 9.3; Scale/2.00)',
+          };
+
+          return analyticsService.track(eventType, data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                os_name: 'iOS',
+                os_version: '9.3.0',
+              });
+            });
+        });
+
+        it('sets Android', () => {
+          data.headers = {
+            'x-client': 'habitica-android',
+            'user-agent': 'Mozilla/5.0 (Linux; Android 4.0.4; Galaxy Nexus Build/IMM76B) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.133 Mobile Safari/535.19',
+          };
+
+          return analyticsService.track(eventType, data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                os_name: 'Android',
+                os_version: '4.0.4',
+              });
+            });
+        });
+
+        it('sets Unknown if headers are not passed in', () => {
+          delete data.headers;
+
+          return analyticsService.track(eventType, data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                os_name: undefined,
+                os_version: undefined,
+              });
+            });
+        });
+      });
+
+      it('sends details about event', () => analyticsService.track(eventType, data)
+        .then(() => {
+          expect(Amplitude.prototype.track).to.be.calledWithMatch({
+            event_properties: {
+              category: 'behavior',
+              resting: true,
+              cronCount: 5,
+            },
+          });
+        }));
+
+      it('sends english item name for gear if itemKey is provided', () => {
+        data.itemKey = 'headAccessory_special_foxEars';
+
+        return analyticsService.track(eventType, data)
+          .then(() => {
+            expect(Amplitude.prototype.track).to.be.calledWithMatch({
+              event_properties: {
+                itemKey: data.itemKey,
+                itemName: 'Fox Ears',
+              },
+            });
+          });
+      });
+
+      it('sends english item name for egg if itemKey is provided', () => {
+        data.itemKey = 'Wolf';
+
+        return analyticsService.track(eventType, data)
+          .then(() => {
+            expect(Amplitude.prototype.track).to.be.calledWithMatch({
+              event_properties: {
+                itemKey: data.itemKey,
+                itemName: 'Wolf Egg',
+              },
+            });
+          });
+      });
+
+      it('sends english item name for food if itemKey is provided', () => {
+        data.itemKey = 'Cake_Skeleton';
+
+        return analyticsService.track(eventType, data)
+          .then(() => {
+            expect(Amplitude.prototype.track).to.be.calledWithMatch({
+              event_properties: {
+                itemKey: data.itemKey,
+                itemName: 'Bare Bones Cake',
+              },
+            });
+          });
+      });
+
+      it('sends english item name for hatching potion if itemKey is provided', () => {
+        data.itemKey = 'Golden';
+
+        return analyticsService.track(eventType, data)
+          .then(() => {
+            expect(Amplitude.prototype.track).to.be.calledWithMatch({
+              event_properties: {
+                itemKey: data.itemKey,
+                itemName: 'Golden Hatching Potion',
+              },
+            });
+          });
+      });
+
+      it('sends english item name for quest if itemKey is provided', () => {
+        data.itemKey = 'atom1';
+
+        return analyticsService.track(eventType, data)
+          .then(() => {
+            expect(Amplitude.prototype.track).to.be.calledWithMatch({
+              event_properties: {
+                itemKey: data.itemKey,
+                itemName: 'Attack of the Mundane, Part 1: Dish Disaster!',
+              },
+            });
+          });
+      });
+
+      it('sends english item name for purchased spell if itemKey is provided', () => {
+        data.itemKey = 'seafoam';
+
+        return analyticsService.track(eventType, data)
+          .then(() => {
+            expect(Amplitude.prototype.track).to.be.calledWithMatch({
+              event_properties: {
+                itemKey: data.itemKey,
+                itemName: 'Seafoam',
+              },
+            });
+          });
+      });
+
+      it('sends user data if provided', () => {
+        const stats = {
+          class: 'wizard', exp: 5, gp: 23, hp: 10, lvl: 4, mp: 30,
+        };
+        const user = {
+          stats,
+          contributor: { level: 1 },
+          purchased: { plan: { planId: 'foo-plan' } },
+          flags: { tour: { intro: -2 } },
+          habits: [{ _id: 'habit' }],
+          dailys: [{ _id: 'daily' }],
+          todos: [{ _id: 'todo' }],
+          rewards: [{ _id: 'reward' }],
+          balance: 12,
+          loginIncentives: 1,
+        };
+
+        data.user = user;
+
+        return analyticsService.track(eventType, data)
+          .then(() => {
+            expect(Amplitude.prototype.track).to.be.calledWithMatch({
+              user_properties: {
+                Class: 'wizard',
+                Experience: 5,
+                Gold: 23,
+                Health: 10,
+                Level: 4,
+                Mana: 30,
+                tutorialComplete: true,
+                'Number Of Tasks': {
+                  habits: 1,
+                  dailys: 1,
+                  todos: 1,
+                  rewards: 1,
+                },
+                contributorLevel: 1,
+                subscription: 'foo-plan',
+                balance: 12,
+                balanceGemAmount: 48,
+                loginIncentives: 1,
+              },
+            });
+          });
+      });
+    });
+
+    context('GA', () => {
+      it('calls out to GA', () => analyticsService.track(eventType, data)
+        .then(() => {
+          expect(Visitor.prototype.event).to.be.calledOnce;
+        }));
+
+      it('sends details about event', () => analyticsService.track(eventType, data)
+        .then(() => {
+          expect(Visitor.prototype.event).to.be.calledWith({
+            ea: 'Cron',
+            ec: 'behavior',
+          });
+        }));
+    });
+  });
+
+  describe('#trackPurchase', () => {
+    let data; let
+      itemSpy;
+
+    beforeEach(() => {
+      Visitor.prototype.event.yields();
+
+      itemSpy = sandbox.stub().returnsThis();
+
+      Visitor.prototype.transaction.returns({
+        item: itemSpy,
+        send: sandbox.stub().yields(),
+      });
+
+      data = {
+        uuid: 'user-id',
+        sku: 'paypal-checkout',
+        paymentMethod: 'PayPal',
+        itemPurchased: 'Gems',
+        purchaseValue: 8,
+        purchaseType: 'checkout',
+        gift: false,
+        quantity: 1,
+        headers: {
+          'x-client': 'habitica-web',
+          'user-agent': '',
+        },
+      };
+    });
+
+    context('Amplitude', () => {
+      it('calls out to amplitude', () => analyticsService.trackPurchase(data)
+        .then(() => {
+          expect(Amplitude.prototype.track).to.be.calledOnce;
+        }));
+
+      it('uses a dummy user id if none is provided', () => {
+        delete data.uuid;
+
+        return analyticsService.trackPurchase(data)
+          .then(() => {
+            expect(Amplitude.prototype.track).to.be.calledWithMatch({
+              user_id: 'no-user-id-was-provided',
+            });
+          });
+      });
+
+      context('platform', () => {
+        it('logs web platform', () => {
+          data.headers = { 'x-client': 'habitica-web' };
+
+          return analyticsService.trackPurchase(data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                platform: 'Web',
+              });
+            });
+        });
+
+        it('logs iOS platform', () => {
+          data.headers = { 'x-client': 'habitica-ios' };
+
+          return analyticsService.trackPurchase(data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                platform: 'iOS',
+              });
+            });
+        });
+
+        it('logs Android platform', () => {
+          data.headers = { 'x-client': 'habitica-android' };
+
+          return analyticsService.trackPurchase(data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                platform: 'Android',
+              });
+            });
+        });
+
+        it('logs 3rd Party platform', () => {
+          data.headers = { 'x-client': 'some-third-party' };
+
+          return analyticsService.trackPurchase(data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                platform: '3rd Party',
+              });
+            });
+        });
+
+        it('logs unknown if headers are not passed in', () => {
+          delete data.headers;
+
+          return analyticsService.trackPurchase(data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                platform: 'Unknown',
+              });
+            });
+        });
+      });
+
+      context('Operating System', () => {
+        it('sets default', () => {
+          data.headers = {
+            'x-client': 'third-party',
+            'user-agent': 'foo',
+          };
+
+          return analyticsService.trackPurchase(data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                os_name: 'Other',
+                os_version: '0',
+              });
+            });
+        });
+
+        it('sets iOS', () => {
+          data.headers = {
+            'x-client': 'habitica-ios',
+            'user-agent': 'Habitica/148 (iPhone; iOS 9.3; Scale/2.00)',
+          };
+
+          return analyticsService.trackPurchase(data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                os_name: 'iOS',
+                os_version: '9.3.0',
+              });
+            });
+        });
+
+        it('sets Android', () => {
+          data.headers = {
+            'x-client': 'habitica-android',
+            'user-agent': 'Mozilla/5.0 (Linux; Android 4.0.4; Galaxy Nexus Build/IMM76B) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.133 Mobile Safari/535.19',
+          };
+
+          return analyticsService.trackPurchase(data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                os_name: 'Android',
+                os_version: '4.0.4',
+              });
+            });
+        });
+
+        it('sets Unknown if headers are not passed in', () => {
+          delete data.headers;
+
+          return analyticsService.trackPurchase(data)
+            .then(() => {
+              expect(Amplitude.prototype.track).to.be.calledWithMatch({
+                os_name: undefined,
+                os_version: undefined,
+              });
+            });
+        });
+      });
+
+      it('sends details about purchase', () => analyticsService.trackPurchase(data)
+        .then(() => {
+          expect(Amplitude.prototype.track).to.be.calledWithMatch({
+            event_properties: {
+              gift: false,
+              itemPurchased: 'Gems',
+              paymentMethod: 'PayPal',
+              purchaseType: 'checkout',
+              quantity: 1,
+              sku: 'paypal-checkout',
+            },
+          });
+        }));
+
+      it('sends user data if provided', () => {
+        const stats = {
+          class: 'wizard', exp: 5, gp: 23, hp: 10, lvl: 4, mp: 30,
+        };
+        const user = {
+          stats,
+          contributor: { level: 1 },
+          purchased: { plan: { planId: 'foo-plan' } },
+          flags: { tour: { intro: -2 } },
+          habits: [{ _id: 'habit' }],
+          dailys: [{ _id: 'daily' }],
+          todos: [{ _id: 'todo' }],
+          rewards: [{ _id: 'reward' }],
+        };
+
+        data.user = user;
+
+        return analyticsService.trackPurchase(data)
+          .then(() => {
+            expect(Amplitude.prototype.track).to.be.calledWithMatch({
+              user_properties: {
+                Class: 'wizard',
+                Experience: 5,
+                Gold: 23,
+                Health: 10,
+                Level: 4,
+                Mana: 30,
+                tutorialComplete: true,
+                'Number Of Tasks': {
+                  habits: 1,
+                  dailys: 1,
+                  todos: 1,
+                  rewards: 1,
+                },
+                contributorLevel: 1,
+                subscription: 'foo-plan',
+              },
+            });
+          });
+      });
+    });
+
+    context('GA', () => {
+      it('calls out to GA', () => analyticsService.trackPurchase(data)
+        .then(() => {
+          expect(Visitor.prototype.event).to.be.calledOnce;
+          expect(Visitor.prototype.transaction).to.be.calledOnce;
+        }));
+
+      it('sends details about purchase', () => analyticsService.trackPurchase(data)
+        .then(() => {
+          expect(Visitor.prototype.event).to.be.calledWith({
+            ea: 'checkout',
+            ec: 'commerce',
+            el: 'PayPal',
+            ev: 8,
+          });
+          expect(Visitor.prototype.transaction).to.be.calledWith('user-id', 8);
+          expect(itemSpy).to.be.calledWith(8, 1, 'paypal-checkout', 'Gems', 'checkout');
+        }));
+    });
+  });
+
+  describe('mockAnalyticsService', () => {
+    it('has stubbed track method', () => {
+      expect(analyticsService.mockAnalyticsService).to.respondTo('track');
+    });
+
+    it('has stubbed trackPurchase method', () => {
+      expect(analyticsService.mockAnalyticsService).to.respondTo('trackPurchase');
+    });
+  });
+});

test/api/unit/libs/bug-report.test.js

@@ -34,7 +34,6 @@ describe('bug-report', () => {
       emailData: {
         BROWSER_UA: userAgent,
         REPORT_MSG: userMessage,
-        USER_ANALYTICS: undefined,
         USER_CLASS: 'warrior',
         USER_CONSECUTIVE_MONTHS: 0,
         USER_COSTUME: 'false',

test/api/unit/libs/email.test.js

@@ -150,7 +150,7 @@ describe('emails', () => {
 
       sendTxn(mailingInfo, emailType);
       expect(got.post).to.be.called;
-      expect(got.post).to.be.calledWith('http://example.com/job', sinon.match({
+      expect(got.post).to.be.calledWith('undefined/job', sinon.match({
         json: {
           data: {
             emailType: sinon.match.same(emailType),
@@ -171,23 +171,23 @@ describe('emails', () => {
       expect(got.post).not.to.be.called;
     });
 
-    it('throws error when mail target is only a string', async () => {
+    it('throws error when mail target is only a string', () => {
       const emailType = 'an email type';
       const mailingInfo = 'my email';
 
-      await expect(sendTxn(mailingInfo, emailType)).to.be.rejectedWith('Argument Error mailingInfoArray: does not contain email or _id');
+      expect(sendTxn(mailingInfo, emailType)).to.throw;
     });
 
-    it('throws error when mail target has no _id or email', async () => {
+    it('throws error when mail target has no _id or email', () => {
       const emailType = 'an email type';
       const mailingInfo = {
 
       };
 
-      await expect(sendTxn(mailingInfo, emailType)).to.be.rejectedWith('Argument Error mailingInfoArray: does not contain email or _id');
+      expect(sendTxn(mailingInfo, emailType)).to.throw;
     });
 
-    it('throws error when variables not an array', async () => {
+    it('throws error when variables not an array', () => {
       const emailType = 'an email type';
       const mailingInfo = {
         name: 'my name',
@@ -195,10 +195,9 @@ describe('emails', () => {
       };
       const variables = {};
 
-      await expect(sendTxn(mailingInfo, emailType, variables)).to.be.rejectedWith('Argument Error variables: is not an array');
+      expect(sendTxn(mailingInfo, emailType, variables)).to.throw;
     });
-
+    it('throws error when variables array not contain name/content', () => {
-    it('throws error when variables array not contain name/content', async () => {
       const emailType = 'an email type';
       const mailingInfo = {
         name: 'my name',
@@ -210,9 +209,8 @@ describe('emails', () => {
         },
       ];
 
-      await expect(sendTxn(mailingInfo, emailType, variables)).to.be.rejectedWith('Argument Error variables: does not contain name or content');
+      expect(sendTxn(mailingInfo, emailType, variables)).to.throw;
     });
-
     it('throws no error when variables array contain name but no content', () => {
       const emailType = 'an email type';
       const mailingInfo = {
@@ -234,7 +232,7 @@ describe('emails', () => {
 
       sendTxn(mailingInfo, emailType);
       expect(got.post).to.be.called;
-      expect(got.post).to.be.calledWith('http://example.com/job', sinon.match({
+      expect(got.post).to.be.calledWith('undefined/job', sinon.match({
         json: {
           data: {
             emailType: sinon.match.same(emailType),
@@ -254,7 +252,7 @@ describe('emails', () => {
 
       sendTxn(mailingInfo, emailType, variables);
       expect(got.post).to.be.called;
-      expect(got.post).to.be.calledWith('http://example.com/job', sinon.match({
+      expect(got.post).to.be.calledWith('undefined/job', sinon.match({
         json: {
           data: {
             variables: sinon.match(value => value[0].name === 'BASE_URL', 'matches variables'),

test/api/unit/libs/highlightMentions.test.js

@@ -47,12 +47,6 @@ describe('highlightMentions', () => {
     expect(result[0]).to.equal('[@user-dash](/profile/444): message [@user_underscore](/profile/555)');
   });
 
-  it('highlights users with case-insensitive matching', async () => {
-    const text = '@USER: message @User2 @USER3';
-    const result = await highlightMentions(text);
-    expect(result[0]).to.equal('[@USER](/profile/111): message [@User2](/profile/222) [@USER3](/profile/333)');
-  });
-
   it('doesn\'t highlight nonexisting users', async () => {
     const text = '@nouser message';
     const result = await highlightMentions(text);

test/api/unit/libs/localAnalytics.test.js

@@ -1,100 +0,0 @@
-import nconf from 'nconf';
-import requireAgain from 'require-again';
-import { model as User } from '../../../../website/server/models/user';
-import { RegistrationEventModel } from '../../../../website/server/models/analytics/registrationEvent';
-import { SubscriptionEventModel } from '../../../../website/server/models/analytics/subscriptionEvent';
-
-describe('localAnalytics', () => {
-  let user;
-  let localAnalytics;
-  before(() => {
-    const nconfGetStub = sandbox.stub(nconf, 'get');
-    nconfGetStub.withArgs('ANALYTICS_DB').returns('analytics');
-    nconfGetStub.withArgs('DISABLE_LOCAL_ANALYTICS').returns(false);
-    localAnalytics = requireAgain('../../../../website/server/libs/localAnalytics');
-  });
-
-  beforeEach(async () => {
-    user = new User({
-      auth: {
-        local: {
-          username: 'username',
-          email: 'email@example.com',
-        },
-      },
-      registeredThrough: 'habitica-web',
-    });
-  });
-
-  describe('trackRegistrationEvent', () => {
-    afterEach(async () => {
-      await RegistrationEventModel.deleteMany({});
-    });
-
-    it('creates a registration event when a user registers', async () => {
-      user._id = '00000000-0000-0000-0000-000000000001';
-      await localAnalytics.trackRegistrationEvent({ user, ipAddress: '127.0.0.1' });
-
-      const registrationEvents = await RegistrationEventModel.find({ userId: user._id });
-      expect(registrationEvents).to.have.lengthOf(1);
-      expect(registrationEvents[0]).to.have.property('userId', user._id);
-      expect(registrationEvents[0]).to.have.property('ipAddress', '127.0.0.1');
-    });
-
-    it('saves the correct data to the database', async () => {
-      user._id = '00000000-0000-0000-0000-000000000002';
-      user.auth.google = { id: 'abc', emails: [{ value: 'email@example.com' }] };
-      await localAnalytics.trackRegistrationEvent({ user, ipAddress: '127.0.0.2' });
-
-      const registrationEvent = await RegistrationEventModel.findOne({ userId: user._id });
-      expect(registrationEvent).to.have.property('userId', user._id);
-      expect(registrationEvent).to.have.property('ipAddress', '127.0.0.2');
-      expect(registrationEvent).to.have.property('authenticationMethod', 'google');
-    });
-  });
-
-  describe('trackSubscriptionEvent', () => {
-    afterEach(async () => {
-      await SubscriptionEventModel.deleteMany({});
-    });
-
-    it('creates a subscription event when a user subscribes', async () => {
-      user._id = '00000000-0000-0000-0000-000000000003';
-      await localAnalytics.trackSubscriptionEvent({
-        eventType: 'subscribed',
-        user,
-        paymentMethod: 'stripe',
-        customerId: 'cus_123',
-        planId: 'plan_123',
-      });
-
-      const subscriptionEvents = await SubscriptionEventModel.find({ userId: user._id });
-      expect(subscriptionEvents).to.have.lengthOf(1);
-      expect(subscriptionEvents[0]).to.have.property('userId', user._id);
-      expect(subscriptionEvents[0]).to.have.property('eventType', 'subscribed');
-      expect(subscriptionEvents[0]).to.have.property('paymentMethod', 'stripe');
-      expect(subscriptionEvents[0]).to.have.property('customerId', 'cus_123');
-      expect(subscriptionEvents[0]).to.have.property('planId', 'plan_123');
-    });
-
-    it('creates a subscription event with cancellation reason when a user cancels', async () => {
-      user._id = '00000000-0000-0000-0000-000000000004';
-      await localAnalytics.trackSubscriptionEvent({
-        eventType: 'cancelled',
-        user,
-        paymentMethod: 'stripe',
-        customerId: 'cus_456',
-        planId: 'plan_456',
-        cancellationReason: 'No longer needed',
-      });
-
-      const subscriptionEvent = await SubscriptionEventModel.findOne({ userId: user._id });
-      expect(subscriptionEvent).to.have.property('userId', user._id);
-      expect(subscriptionEvent).to.have.property('eventType', 'cancelled');
-      expect(subscriptionEvent).to.have.property('paymentMethod', 'stripe');
-      expect(subscriptionEvent).to.have.property('customerId', 'cus_456');
-      expect(subscriptionEvent).to.have.property('planId', 'plan_456');
-      expect(subscriptionEvent).to.have.property('cancellationReason', 'No longer needed');
-    });
-  });
-});

test/api/unit/libs/mongodb.js

@@ -1,4 +1,5 @@
 import os from 'os';
+import nconf from 'nconf';
 import requireAgain from 'require-again';
 
 const pathToMongoLib = '../../../../website/server/libs/mongodb';
@@ -28,4 +29,22 @@ describe('mongodb', () => {
       expect(string).to.equal('mongodb://hostname:3030');
     });
   });
+
+  describe('getDefaultConnectionOptions', () => {
+    it('returns development config when IS_PROD is false', () => {
+      sandbox.stub(nconf, 'get').withArgs('IS_PROD').returns(false);
+      const mongoLibOverride = requireAgain(pathToMongoLib);
+
+      const options = mongoLibOverride.getDefaultConnectionOptions();
+      expect(options).to.have.all.keys(['useNewUrlParser', 'useUnifiedTopology']);
+    });
+
+    it('returns production config when IS_PROD is true', () => {
+      sandbox.stub(nconf, 'get').withArgs('IS_PROD').returns(true);
+      const mongoLibOverride = requireAgain(pathToMongoLib);
+
+      const options = mongoLibOverride.getDefaultConnectionOptions();
+      expect(options).to.have.all.keys(['useNewUrlParser', 'useUnifiedTopology']);
+    });
+  });
 });

test/api/unit/libs/payments/amazon/cancel.test.js

@@ -66,15 +66,13 @@ describe('Amazon Payments - Cancel Subscription', () => {
     group = generateGroup({
       name: 'test group',
       type: 'guild',
-      privacy: 'private',
+      privacy: 'public',
       leader: user._id,
     });
     group.purchased.plan.customerId = 'customer-id';
     group.purchased.plan.planId = subKey;
     group.purchased.plan.lastBillingDate = new Date();
     await group.save();
-    user.guilds.push(group._id);
-    await user.save();
 
     subscriptionBlock = common.content.subscriptionBlocks[subKey];
     subscriptionLength = subscriptionBlock.months * 30;

test/api/unit/libs/payments/amazon/subscribe.test.js

@@ -30,14 +30,12 @@ describe('Amazon Payments - Subscribe', () => {
     group = generateGroup({
       name: 'test group',
       type: 'guild',
-      privacy: 'private',
+      privacy: 'public',
       leader: user._id,
     });
     group.purchased.plan.customerId = 'customer-id';
     group.purchased.plan.planId = subKey;
     await group.save();
-    user.guilds.push(group._id);
-    await user.save();
 
     amount = common.content.subscriptionBlocks[subKey].price;
     billingAgreementId = 'billingAgreementId';
@@ -248,6 +246,11 @@ describe('Amazon Payments - Subscribe', () => {
     user.guilds.push(groupId);
     await user.save();
 
+    // Add existing users
+    user = new User();
+    user.guilds.push(groupId);
+    await user.save();
+
     // Set expected amount
     sub.key = 'group_monthly';
     sub.price = 9;

test/api/unit/libs/payments/apple.test.js

@@ -12,33 +12,11 @@ const { i18n } = common;
 describe('Apple Payments', () => {
   const subKey = 'basic_3mo';
 
-  let iapSetupStub;
-  let iapValidateStub;
-  let iapIsValidatedStub;
-  let iapIsCanceledStub;
-  let iapIsExpiredStub;
-  let paymentBuySkuStub;
-  let iapGetPurchaseDataStub;
-  let validateGiftMessageStub;
-  let paymentsCreateSubscritionStub;
-
-  beforeEach(() => {
-    iapSetupStub = sinon.stub(iap, 'setup').resolves();
-    iapValidateStub = sinon.stub(iap, 'validate').resolves({});
-  });
-
-  afterEach(() => {
-    iap.setup.restore();
-    iap.validate.restore();
-    iap.isValidated.restore();
-    iap.isExpired.restore();
-    iap.isCanceled.restore();
-    iap.getPurchaseData.restore();
-  });
-
   describe('verifyPurchase', () => {
     let sku; let user; let token; let receipt; let
       headers;
+    let iapSetupStub; let iapValidateStub; let iapIsValidatedStub; let paymentBuySkuStub; let
+      iapGetPurchaseDataStub; let validateGiftMessageStub;
 
     beforeEach(() => {
       token = 'testToken';
@@ -47,9 +25,13 @@ describe('Apple Payments', () => {
       receipt = `{"token": "${token}", "productId": "${sku}"}`;
       headers = {};
 
+      iapSetupStub = sinon.stub(iap, 'setup')
+        .resolves();
+      iapValidateStub = sinon.stub(iap, 'validate')
+        .resolves({});
       iapIsValidatedStub = sinon.stub(iap, 'isValidated').returns(true);
-      iapIsCanceledStub = sinon.stub(iap, 'isCanceled').returns(false);
+      sinon.stub(iap, 'isExpired').returns(false);
-      iapIsExpiredStub = sinon.stub(iap, 'isExpired').returns(false);
+      sinon.stub(iap, 'isCanceled').returns(false);
       iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
         .returns([{
           productId: 'com.habitrpg.ios.Habitica.21gems',
@@ -60,6 +42,12 @@ describe('Apple Payments', () => {
     });
 
     afterEach(() => {
+      iap.setup.restore();
+      iap.validate.restore();
+      iap.isValidated.restore();
+      iap.isExpired.restore();
+      iap.isCanceled.restore();
+      iap.getPurchaseData.restore();
       payments.buySkuItem.restore();
       gems.validateGiftMessage.restore();
     });
@@ -221,6 +209,9 @@ describe('Apple Payments', () => {
   describe('subscribe', () => {
     let sub; let sku; let user; let token; let receipt; let headers; let
       nextPaymentProcessing;
+    let iapSetupStub; let iapValidateStub; let iapIsValidatedStub;
+    let paymentsCreateSubscritionStub; let
+      iapGetPurchaseDataStub;
 
     beforeEach(() => {
       sub = common.content.subscriptionBlocks[subKey];
@@ -232,10 +223,12 @@ describe('Apple Payments', () => {
       nextPaymentProcessing = moment.utc().add({ days: 2 });
       user = new User();
 
+      iapSetupStub = sinon.stub(iap, 'setup')
+        .resolves();
+      iapValidateStub = sinon.stub(iap, 'validate')
+        .resolves({});
       iapIsValidatedStub = sinon.stub(iap, 'isValidated')
         .returns(true);
-      iapIsCanceledStub = sinon.stub(iap, 'isCanceled').returns(false);
-      iapIsExpiredStub = sinon.stub(iap, 'isExpired').returns(false);
       iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
         .returns([{
           expirationDate: moment.utc().subtract({ day: 1 }).toDate(),
@@ -257,6 +250,10 @@ describe('Apple Payments', () => {
     });
 
     afterEach(() => {
+      iap.setup.restore();
+      iap.validate.restore();
+      iap.isValidated.restore();
+      iap.getPurchaseData.restore();
       if (payments.createSubscription.restore) payments.createSubscription.restore();
     });
 
@@ -273,29 +270,6 @@ describe('Apple Payments', () => {
         });
     });
 
-    it('should throw an error if no active subscription is found', async () => {
-      iap.isCanceled.restore();
-      iapIsCanceledStub = sinon.stub(iap, 'isCanceled')
-        .returns(true);
-
-      iap.getPurchaseData.restore();
-      iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
-        .returns([{
-          expirationDate: moment.utc().add({ day: -2 }).toDate(),
-          purchaseDate: new Date(),
-          productId: 'subscription1month',
-          transactionId: token,
-          originalTransactionId: token,
-        }]);
-
-      await expect(applePayments.subscribe(user, receipt, headers, nextPaymentProcessing))
-        .to.eventually.be.rejected.and.to.eql({
-          httpCode: 401,
-          name: 'NotAuthorized',
-          message: applePayments.constants.RESPONSE_NO_ITEM_PURCHASED,
-        });
-    });
-
     const subOptions = [
       {
         sku: 'subscription1month',
@@ -600,7 +574,8 @@ describe('Apple Payments', () => {
   describe('cancelSubscribe ', () => {
     let user; let token; let receipt; let headers; let customerId; let
       expirationDate;
-    let paymentCancelSubscriptionSpy;
+    let iapSetupStub; let iapValidateStub; let iapIsValidatedStub; let iapGetPurchaseDataStub; let
+      paymentCancelSubscriptionSpy;
 
     beforeEach(async () => {
       token = 'test-token';
@@ -609,7 +584,8 @@ describe('Apple Payments', () => {
       customerId = 'test-customerId';
       expirationDate = moment.utc();
 
-      iapValidateStub.restore();
+      iapSetupStub = sinon.stub(iap, 'setup')
+        .resolves();
       iapValidateStub = sinon.stub(iap, 'validate')
         .resolves({
           expirationDate,
@@ -617,8 +593,8 @@ describe('Apple Payments', () => {
       iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
         .returns([{ expirationDate: expirationDate.toDate() }]);
       iapIsValidatedStub = sinon.stub(iap, 'isValidated').returns(true);
-      iapIsCanceledStub = sinon.stub(iap, 'isCanceled').returns(false);
+      sinon.stub(iap, 'isCanceled').returns(false);
-      iapIsExpiredStub = sinon.stub(iap, 'isExpired').returns(true);
+      sinon.stub(iap, 'isExpired').returns(true);
       user = new User();
       user.profile.name = 'sender';
       user.purchased.plan.paymentMethod = applePayments.constants.PAYMENT_METHOD_APPLE;
@@ -630,7 +606,13 @@ describe('Apple Payments', () => {
     });
 
     afterEach(() => {
-      paymentCancelSubscriptionSpy.restore();
+      iap.setup.restore();
+      iap.validate.restore();
+      iap.isValidated.restore();
+      iap.isExpired.restore();
+      iap.isCanceled.restore();
+      iap.getPurchaseData.restore();
+      payments.cancelSubscription.restore();
     });
 
     it('should throw an error if we are missing a subscription', async () => {
@@ -713,8 +695,6 @@ describe('Apple Payments', () => {
       expect(iapIsValidatedStub).to.be.calledWith({
         expirationDate,
       });
-      expect(iapIsCanceledStub).to.be.calledOnce;
-      expect(iapIsExpiredStub).to.be.calledOnce;
       expect(iapGetPurchaseDataStub).to.be.calledOnce;
 
       expect(paymentCancelSubscriptionSpy).to.be.calledOnce;

test/api/unit/libs/payments/google.test.js

@@ -11,36 +11,12 @@ const { i18n } = common;
 
 describe('Google Payments', () => {
   const subKey = 'basic_3mo';
-  let iapSetupStub;
-  let iapValidateStub;
-  let iapIsValidatedStub;
-  let paymentBuySkuStub;
-  let validateGiftMessageStub;
-
-  beforeEach(() => {
-    iapSetupStub = sinon.stub(iap, 'setup')
-      .resolves();
-    iapIsValidatedStub = sinon.stub(iap, 'isValidated')
-      .returns(true);
-    sinon.stub(iap, 'isCanceled').returns(false);
-    sinon.stub(iap, 'isExpired').returns(false);
-    paymentBuySkuStub = sinon.stub(payments, 'buySkuItem').resolves({});
-    validateGiftMessageStub = sinon.stub(gems, 'validateGiftMessage');
-  });
-
-  afterEach(() => {
-    iap.setup.restore();
-    iap.validate.restore();
-    iap.isValidated.restore();
-    iap.isCanceled.restore();
-    iap.isExpired.restore();
-    payments.buySkuItem.restore();
-    gems.validateGiftMessage.restore();
-  });
 
   describe('verifyPurchase', () => {
     let sku; let user; let token; let receipt; let signature; let
       headers;
+    let iapSetupStub; let iapValidateStub; let iapIsValidatedStub; let
+      paymentBuySkuStub; let validateGiftMessageStub;
 
     beforeEach(() => {
       sku = 'com.habitrpg.android.habitica.iap.21gems';
@@ -49,7 +25,21 @@ describe('Google Payments', () => {
       signature = '';
       headers = {};
 
+      iapSetupStub = sinon.stub(iap, 'setup')
+        .resolves();
       iapValidateStub = sinon.stub(iap, 'validate').resolves({ productId: sku });
+      iapIsValidatedStub = sinon.stub(iap, 'isValidated')
+        .returns(true);
+      paymentBuySkuStub = sinon.stub(payments, 'buySkuItem').resolves({});
+      validateGiftMessageStub = sinon.stub(gems, 'validateGiftMessage');
+    });
+
+    afterEach(() => {
+      iap.setup.restore();
+      iap.validate.restore();
+      iap.isValidated.restore();
+      payments.buySkuItem.restore();
+      gems.validateGiftMessage.restore();
     });
 
     it('should throw an error if receipt is invalid', async () => {
@@ -170,7 +160,8 @@ describe('Google Payments', () => {
   describe('subscribe', () => {
     let sub; let sku; let user; let token; let receipt; let signature; let headers; let
       nextPaymentProcessing;
-    let paymentsCreateSubscritionStub;
+    let iapSetupStub; let iapValidateStub; let iapIsValidatedStub; let
+      paymentsCreateSubscritionStub;
 
     beforeEach(() => {
       sub = common.content.subscriptionBlocks[subKey];
@@ -182,12 +173,19 @@ describe('Google Payments', () => {
       signature = '';
       nextPaymentProcessing = moment.utc().add({ days: 2 });
 
+      iapSetupStub = sinon.stub(iap, 'setup')
+        .resolves();
       iapValidateStub = sinon.stub(iap, 'validate')
         .resolves({});
+      iapIsValidatedStub = sinon.stub(iap, 'isValidated')
+        .returns(true);
       paymentsCreateSubscritionStub = sinon.stub(payments, 'createSubscription').resolves({});
     });
 
     afterEach(() => {
+      iap.setup.restore();
+      iap.validate.restore();
+      iap.isValidated.restore();
       payments.createSubscription.restore();
     });
 
@@ -245,7 +243,7 @@ describe('Google Payments', () => {
   describe('cancelSubscribe ', () => {
     let user; let token; let receipt; let signature; let headers; let customerId; let
       expirationDate;
-    let iapGetPurchaseDataStub; let
+    let iapSetupStub; let iapValidateStub; let iapIsValidatedStub; let iapGetPurchaseDataStub; let
       paymentCancelSubscriptionSpy;
 
     beforeEach(async () => {
@@ -255,12 +253,17 @@ describe('Google Payments', () => {
       signature = '';
       customerId = 'test-customerId';
       expirationDate = moment.utc();
+
+      iapSetupStub = sinon.stub(iap, 'setup')
+        .resolves();
       iapValidateStub = sinon.stub(iap, 'validate')
         .resolves({
           expirationDate,
         });
       iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
         .returns([{ expirationDate: expirationDate.toDate(), autoRenewing: false }]);
+      iapIsValidatedStub = sinon.stub(iap, 'isValidated')
+        .returns(true);
 
       user = new User();
       user.profile.name = 'sender';
@@ -273,6 +276,9 @@ describe('Google Payments', () => {
     });
 
     afterEach(() => {
+      iap.setup.restore();
+      iap.validate.restore();
+      iap.isValidated.restore();
       iap.getPurchaseData.restore();
       payments.cancelSubscription.restore();
     });
@@ -302,8 +308,6 @@ describe('Google Payments', () => {
     });
 
     it('should cancel a user subscription', async () => {
-      iap.isCanceled.restore();
-      iap.isCanceled = sinon.stub(iap, 'isCanceled').returns(true);
       await googlePayments.cancelSubscribe(user, headers);
 
       expect(iapSetupStub).to.be.calledOnce;
@@ -328,20 +332,11 @@ describe('Google Payments', () => {
     });
 
     it('should cancel a user subscription with multiple inactive subscriptions', async () => {
-      iap.isCanceled.restore();
-      iap.isCanceled = sinon.stub(iap, 'isCanceled').returns(true);
       const laterDate = moment.utc().add(7, 'days');
       iap.getPurchaseData.restore();
       iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
-        .returns([{
+        .returns([{ expirationDate, autoRenewing: false },
-          startTimeMillis: expirationDate.valueOf(),
+          { expirationDate: laterDate, autoRenewing: false },
-          expirationDate,
-          autoRenewing: false,
-        }, {
-          startTimeMillis: laterDate.valueOf(),
-          expirationDate: laterDate,
-          autoRenewing: false,
-        },
         ]);
       await googlePayments.cancelSubscribe(user, headers);
 
@@ -370,12 +365,7 @@ describe('Google Payments', () => {
       iap.getPurchaseData.restore();
       iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
         .returns([{ autoRenewing: true }]);
-      await expect(googlePayments.cancelSubscribe(user, headers))
+      await googlePayments.cancelSubscribe(user, headers);
-        .to.eventually.be.rejected.and.to.eql({
-          httpCode: 401,
-          name: 'NotAuthorized',
-          message: googlePayments.constants.RESPONSE_STILL_VALID,
-        });
 
       expect(iapSetupStub).to.be.calledOnce;
       expect(iapValidateStub).to.be.calledOnce;
@@ -398,12 +388,8 @@ describe('Google Payments', () => {
         .returns([{ expirationDate, autoRenewing: false },
           { autoRenewing: true },
           { expirationDate, autoRenewing: false }]);
-      await expect(googlePayments.cancelSubscribe(user, headers))
+      await googlePayments.cancelSubscribe(user, headers);
-        .to.eventually.be.rejected.and.to.eql({
+
-          httpCode: 401,
-          name: 'NotAuthorized',
-          message: googlePayments.constants.RESPONSE_STILL_VALID,
-        });
       expect(iapSetupStub).to.be.calledOnce;
       expect(iapValidateStub).to.be.calledOnce;
       expect(iapValidateStub).to.be.calledWith(iap.GOOGLE, {

test/api/unit/libs/payments/group-plans/group-payments-create.test.js

@@ -128,12 +128,11 @@ describe('Purchasing a group plan for group', () => {
     expect(publicGroup.purchased.plan.planId).to.not.exist;
     data.groupId = publicGroup._id;
 
-    // Public Guilds are no longer even findable
     await expect(api.createSubscription(data))
       .to.eventually.be.rejected.and.to.eql({
-        httpCode: 404,
+        httpCode: 401,
-        name: 'NotFound',
+        name: 'NotAuthorized',
-        message: i18n.t('groupNotFound'),
+        message: i18n.t('onlyPrivateGuildsCanUpgrade'),
       });
 
     const updatedGroup = await Group.findById(publicGroup._id).exec();

test/api/unit/libs/payments/payments.test.js

@@ -3,6 +3,7 @@ import moment from 'moment';
 import * as sender from '../../../../../website/server/libs/email';
 import common from '../../../../../website/common';
 import api from '../../../../../website/server/libs/payments/payments';
+import * as analytics from '../../../../../website/server/libs/analyticsService';
 import * as notifications from '../../../../../website/server/libs/pushNotifications';
 import { model as User } from '../../../../../website/server/models/user';
 import { translate as t } from '../../../../helpers/api-integration/v3';
@@ -12,7 +13,6 @@ import {
 import * as worldState from '../../../../../website/server/libs/worldState';
 import { TransactionModel } from '../../../../../website/server/models/transaction';
 import { REPEATING_EVENTS } from '../../../../../website/common/script/content/constants/events';
-import { SubscriptionEventModel } from '../../../../../website/server/models/analytics/subscriptionEvent';
 
 describe('payments/index', () => {
   let user;
@@ -36,6 +36,8 @@ describe('payments/index', () => {
 
     sandbox.stub(sender, 'sendTxn');
     sandbox.stub(user, 'sendMessage');
+    sandbox.stub(analytics.mockAnalyticsService, 'trackPurchase');
+    sandbox.stub(analytics.mockAnalyticsService, 'track');
     sandbox.stub(notifications, 'sendNotification');
 
     data = {
@@ -95,16 +97,6 @@ describe('payments/index', () => {
         expect(recipient.items.pets['Jackalope-RoyalPurple']).to.eql(5);
       });
 
-      it('tracks subscription events', async () => {
-        await api.createSubscription(data);
-        const subscriptionEvent = await SubscriptionEventModel.findOne({ userId: recipient._id });
-        expect(subscriptionEvent).to.exist;
-        expect(subscriptionEvent).to.have.property('eventType', 'subscribed');
-        expect(subscriptionEvent).to.have.property('userId', recipient._id);
-        expect(subscriptionEvent).to.have.property('planId', 'basic_3mo');
-        expect(subscriptionEvent).to.have.property('paymentMethod', 'Payment Method');
-      });
-
       it('adds extra months to an existing subscription', async () => {
         recipient.purchased.plan = plan;
 
@@ -306,6 +298,28 @@ describe('payments/index', () => {
         expect(notifications.sendNotification).to.be.calledOnce;
       });
 
+      it('tracks subscription purchase as gift', async () => {
+        await api.createSubscription(data);
+
+        expect(analytics.mockAnalyticsService.trackPurchase).to.be.calledOnce;
+        expect(analytics.mockAnalyticsService.trackPurchase).to.be.calledWith({
+          uuid: user._id,
+          groupId: undefined,
+          itemPurchased: 'Subscription',
+          sku: 'payment method-subscription',
+          purchaseType: 'subscribe',
+          paymentMethod: data.paymentMethod,
+          quantity: 1,
+          gift: true,
+          purchaseValue: 15,
+          firstPurchase: true,
+          headers: {
+            'x-client': 'habitica-web',
+            'user-agent': '',
+          },
+        });
+      });
+
       context('No Active Promotion', () => {
         beforeEach(() => {
           sinon.stub(worldState, 'getCurrentEventList').returns([]);
@@ -441,16 +455,6 @@ describe('payments/index', () => {
         expect(user.purchased.plan.dateCreated).to.exist;
       });
 
-      it('tracks subscription events', async () => {
-        await api.createSubscription(data);
-        const subscriptionEvent = await SubscriptionEventModel.findOne({ userId: user._id });
-        expect(subscriptionEvent).to.exist;
-        expect(subscriptionEvent).to.have.property('userId', user._id);
-        expect(subscriptionEvent).to.have.property('ipAddress');
-        expect(subscriptionEvent).to.have.property('planId', 'basic_3mo');
-        expect(subscriptionEvent).to.have.property('paymentMethod', 'Payment Method');
-      });
-
       it('sets plan.dateCreated if it did not previously exist', async () => {
         expect(user.purchased.plan.dateCreated).to.not.exist;
 
@@ -539,24 +543,29 @@ describe('payments/index', () => {
         expect(sender.sendTxn).to.be.calledWith(data.user, 'subscription-begins');
       });
 
-      context('Upgrades subscription', () => {
+      it('tracks subscription purchase', async () => {
-        it('tracks subscription events', async () => {
+        await api.createSubscription(data);
-          data.sub.key = 'basic_earned';
-          expect(user.purchased.plan.planId).to.not.exist;
 
-          await api.createSubscription(data);
+        expect(analytics.mockAnalyticsService.trackPurchase).to.be.calledOnce;
-
+        expect(analytics.mockAnalyticsService.trackPurchase).to.be.calledWith({
-          data.sub.key = 'basic_6mo';
+          uuid: user._id,
-          data.updatedFrom = { key: 'basic_earned' };
+          groupId: undefined,
-          await api.createSubscription(data);
+          itemPurchased: 'Subscription',
-
+          sku: 'payment method-subscription',
-          const subscriptionEvent = await SubscriptionEventModel.findOne({ userId: user._id, planId: 'basic_6mo' });
+          purchaseType: 'subscribe',
-          expect(subscriptionEvent).to.exist;
+          paymentMethod: data.paymentMethod,
-          expect(subscriptionEvent).to.have.property('eventType', 'upgraded');
+          quantity: 1,
-          expect(subscriptionEvent).to.have.property('userId', user._id);
+          gift: false,
-          expect(subscriptionEvent).to.have.property('paymentMethod', 'Payment Method');
+          purchaseValue: 15,
+          firstPurchase: true,
+          headers: {
+            'x-client': 'habitica-web',
+            'user-agent': '',
+          },
         });
+      });
 
+      context('Upgrades subscription', () => {
         it('from basic_earned to basic_6mo', async () => {
           data.sub.key = 'basic_earned';
           expect(user.purchased.plan.planId).to.not.exist;
@@ -599,23 +608,6 @@ describe('payments/index', () => {
       });
 
       context('Downgrades subscription', () => {
-        it('tracks subscription events', async () => {
-          data.sub.key = 'basic_6mo';
-          expect(user.purchased.plan.planId).to.not.exist;
-
-          await api.createSubscription(data);
-
-          data.sub.key = 'basic_earned';
-          data.updatedFrom = { key: 'basic_6mo' };
-          await api.createSubscription(data);
-
-          const subscriptionEvent = await SubscriptionEventModel.findOne({ userId: user._id, planId: 'basic_earned' });
-          expect(subscriptionEvent).to.exist;
-          expect(subscriptionEvent).to.have.property('eventType', 'downgraded');
-          expect(subscriptionEvent).to.have.property('userId', user._id);
-          expect(subscriptionEvent).to.have.property('paymentMethod', 'Payment Method');
-        });
-
         it('from basic_6mo to basic_earned', async () => {
           data.sub.key = 'basic_6mo';
           expect(user.purchased.plan.planId).to.not.exist;
@@ -1144,15 +1136,6 @@ describe('payments/index', () => {
         expect(daysTillTermination).to.be.within(29, 30); // 1 month +/- 1 days
       });
 
-      it('tracks subscription events', async () => {
-        await api.cancelSubscription(data);
-
-        const subscriptionEvent = await SubscriptionEventModel.findOne({ userId: user._id });
-        expect(subscriptionEvent).to.exist;
-        expect(subscriptionEvent).to.have.property('eventType', 'cancelled');
-        expect(subscriptionEvent).to.have.property('userId', user._id);
-      });
-
       it('adds extraMonths to dateTerminated value', async () => {
         user.purchased.plan.extraMonths = 2;
 

test/api/unit/libs/payments/paypal/subscribe-cancel.test.js

@@ -30,15 +30,13 @@ describe('paypal - subscribeCancel', () => {
     group = generateGroup({
       name: 'test group',
       type: 'guild',
-      privacy: 'private',
+      privacy: 'public',
       leader: user._id,
     });
     group.purchased.plan.customerId = groupCustomerId;
     group.purchased.plan.planId = subKey;
     group.purchased.plan.lastBillingDate = new Date();
     await group.save();
-    user.guilds.push(group._id);
-    await user.save();
 
     nextBillingDate = new Date();
 

test/api/unit/libs/payments/stripe/checkout.test.js

@@ -236,7 +236,7 @@ describe('Stripe - Checkout', () => {
       const group = generateGroup({
         name: 'test group',
         type: 'guild',
-        privacy: 'private',
+        privacy: 'public',
         leader: user._id,
       });
       const groupId = group._id;
@@ -376,13 +376,11 @@ describe('Stripe - Checkout', () => {
         group = generateGroup({
           name: 'test group',
           type: 'guild',
-          privacy: 'private',
+          privacy: 'public',
           leader: user._id,
         });
         groupId = group._id;
         await group.save();
-        user.guilds.push(group._id);
-        await user.save();
       });
 
       it('throws if user is not allowed to change group plan', async () => {

test/api/unit/libs/payments/stripe/subscriptions.test.js

@@ -136,7 +136,7 @@ describe('Stripe - Subscriptions', () => {
       group = generateGroup({
         name: 'test group',
         type: 'guild',
-        privacy: 'private',
+        privacy: 'public',
         leader: user._id,
       });
       groupId = group._id;
@@ -315,14 +315,12 @@ describe('Stripe - Subscriptions', () => {
       group = generateGroup({
         name: 'test group',
         type: 'guild',
-        privacy: 'private',
+        privacy: 'public',
         leader: user._id,
       });
       group.purchased.plan.customerId = 'customer-id';
       group.purchased.plan.planId = subKey;
       await group.save();
-      user.guilds.push(group._id);
-      await user.save();
 
       groupId = group._id;
     });

test/api/unit/middlewares/analytics.test.js

@@ -0,0 +1,50 @@
+/* eslint-disable global-require */
+import nconf from 'nconf';
+import requireAgain from 'require-again';
+import {
+  generateRes,
+  generateReq,
+  generateNext,
+} from '../../../helpers/api-unit.helper';
+import * as analyticsService from '../../../../website/server/libs/analyticsService';
+
+describe('analytics middleware', () => {
+  let res; let req; let
+    next;
+  const pathToAnalyticsMiddleware = '../../../../website/server/middlewares/analytics';
+
+  beforeEach(() => {
+    res = generateRes();
+    req = generateReq();
+    next = generateNext();
+  });
+
+  it('attaches analytics object to res', () => {
+    const attachAnalytics = requireAgain(pathToAnalyticsMiddleware).default;
+
+    attachAnalytics(req, res, next);
+
+    expect(res.analytics).to.exist;
+  });
+
+  it('attaches stubbed methods for non-prod environments', () => {
+    sandbox.stub(nconf, 'get').withArgs('IS_PROD').returns(false);
+    const attachAnalytics = requireAgain(pathToAnalyticsMiddleware).default;
+
+    attachAnalytics(req, res, next);
+
+    expect(res.analytics.track).to.eql(analyticsService.mockAnalyticsService.track);
+    expect(res.analytics.trackPurchase).to.eql(analyticsService.mockAnalyticsService.trackPurchase);
+  });
+
+  it('attaches real methods for prod environments', () => {
+    sandbox.stub(nconf, 'get').withArgs('IS_PROD').returns(true);
+
+    const attachAnalytics = requireAgain(pathToAnalyticsMiddleware).default;
+
+    attachAnalytics(req, res, next);
+
+    expect(res.analytics.track).to.eql(analyticsService.track);
+    expect(res.analytics.trackPurchase).to.eql(analyticsService.trackPurchase);
+  });
+});

test/api/unit/middlewares/auth.test.js

@@ -1,11 +1,8 @@
-import nconf from 'nconf';
-import requireAgain from 'require-again';
 import {
   generateRes,
   generateReq,
 } from '../../../helpers/api-unit.helper';
-
+import { authWithHeaders as authWithHeadersFactory } from '../../../../website/server/middlewares/auth';
-const authPath = '../../../../website/server/middlewares/auth';
 
 describe('auth middleware', () => {
   let res; let req; let
@@ -19,7 +16,6 @@ describe('auth middleware', () => {
 
   describe('auth with headers', () => {
     it('allows to specify a list of user field that we do not want to load', done => {
-      const authWithHeadersFactory = requireAgain(authPath).authWithHeaders;
       const authWithHeaders = authWithHeadersFactory({
         userFieldsToExclude: ['items'],
       });
@@ -39,7 +35,6 @@ describe('auth middleware', () => {
     });
 
     it('makes sure some fields are always included', done => {
-      const authWithHeadersFactory = requireAgain(authPath).authWithHeaders;
       const authWithHeaders = authWithHeadersFactory({
         userFieldsToExclude: [
           'items', 'auth.timestamps',
@@ -65,57 +60,5 @@ describe('auth middleware', () => {
         return done();
       });
     });
-
-    it('errors with InvalidCredentialsError and code when token is wrong', done => {
-      const authWithHeadersFactory = requireAgain(authPath).authWithHeaders;
-      const authWithHeaders = authWithHeadersFactory({ userFieldsToExclude: [] });
-
-      req.headers['x-api-user'] = user._id;
-      req.headers['x-api-key'] = 'totally-wrong-token';
-
-      authWithHeaders(req, res, err => {
-        expect(err).to.exist;
-        expect(err.name).to.equal('InvalidCredentialsError');
-        expect(err.code).to.equal('invalid_credentials');
-        expect(err.message).to.equal(res.t('invalidCredentials'));
-        return done();
-      });
-    });
-
-    describe('when ENFORCE_CLIENT_HEADER is true', () => {
-      let authFactory;
-
-      beforeEach(() => {
-        sandbox.stub(nconf, 'get').withArgs('ENFORCE_CLIENT_HEADER').returns('true');
-        authFactory = requireAgain(authPath).authWithHeaders;
-      });
-
-      it('errors with missingClientHeader when x-client header is not present', done => {
-        const authWithHeaders = authFactory({ userFieldsToExclude: [] });
-
-        req.headers['x-api-user'] = user._id;
-        req.headers['x-api-key'] = user;
-        authWithHeaders(req, res, err => {
-          expect(err).to.exist;
-          expect(err.name).to.equal('BadRequest');
-          expect(err.message).to.equal(res.t('missingClientHeader'));
-          return done();
-        });
-      });
-
-      it('allows request to pass when x-client header is present', done => {
-        const authWithHeaders = authFactory({ userFieldsToExclude: [] });
-
-        req.headers['x-api-user'] = user._id;
-        req.headers['x-api-key'] = user.apiToken;
-        req.headers['x-client'] = 'habitica-web';
-
-        authWithHeaders(req, res, err => {
-          if (err) return done(err);
-          expect(res.locals.user).to.exist;
-          return done();
-        });
-      });
-    });
   });
 });

test/api/unit/middlewares/blocker.test.js

@@ -1,197 +0,0 @@
-import nconf from 'nconf';
-import requireAgain from 'require-again';
-import {
-  generateRes,
-  generateReq,
-  generateNext,
-} from '../../../helpers/api-unit.helper';
-import { Forbidden } from '../../../../website/server/libs/errors';
-import { apiError } from '../../../../website/server/libs/apiError';
-import { model as Blocker } from '../../../../website/server/models/blocker';
-
-function checkIPBlockedErrorThrown (next) {
-  expect(next).to.have.been.calledOnce;
-  const calledWith = next.getCall(0).args;
-  expect(calledWith[0].message).to.equal(apiError('ipAddressBlocked'));
-  expect(calledWith[0] instanceof Forbidden).to.equal(true);
-}
-
-function checkClientBlockedErrorThrown (next) {
-  expect(next).to.have.been.calledOnce;
-  const calledWith = next.getCall(0).args;
-  expect(calledWith[0].message).to.equal(apiError('clientBlocked'));
-  expect(calledWith[0] instanceof Forbidden).to.equal(true);
-}
-
-function checkErrorNotThrown (next) {
-  expect(next).to.have.been.calledOnce;
-  const calledWith = next.getCall(0).args;
-  expect(typeof calledWith[0] === 'undefined').to.equal(true);
-}
-
-describe('Blocker middleware', () => {
-  const pathToBlocker = '../../../../website/server/middlewares/blocker';
-
-  let res; let req; let next;
-
-  beforeEach(() => {
-    res = generateRes();
-    req = generateReq();
-    next = generateNext();
-  });
-
-  describe('Blocking IPs', () => {
-    it('is disabled when the env var is not defined', () => {
-      sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns(undefined);
-      const attachBlocker = requireAgain(pathToBlocker).default;
-      attachBlocker(req, res, next);
-
-      checkErrorNotThrown(next);
-    });
-
-    it('is disabled when the env var is an empty string', () => {
-      sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns('');
-      const attachBlocker = requireAgain(pathToBlocker).default;
-      attachBlocker(req, res, next);
-
-      checkErrorNotThrown(next);
-    });
-
-    it('is disabled when the env var contains comma separated empty strings', () => {
-      sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns(' , , ');
-      const attachBlocker = requireAgain(pathToBlocker).default;
-      attachBlocker(req, res, next);
-
-      checkErrorNotThrown(next);
-    });
-
-    it('does not throw when the ip does not match', () => {
-      req.ip = '192.168.1.1';
-      sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns('192.168.1.2');
-      const attachBlocker = requireAgain(pathToBlocker).default;
-      attachBlocker(req, res, next);
-
-      checkErrorNotThrown(next);
-    });
-
-    it('does not throw when the blocker IP does not match', async () => {
-      req.ip = '192.168.1.1';
-      sandbox.stub(Blocker, 'watchBlockers').returns({
-        on: (event, callback) => {
-          if (event === 'change') {
-            callback({ operation: 'add', blocker: { type: 'ipaddress', area: 'full', value: '192.168.1.2' } });
-          }
-        },
-      });
-      const attachBlocker = requireAgain(pathToBlocker).default;
-      attachBlocker(req, res, next);
-
-      checkErrorNotThrown(next);
-    });
-
-    it('does not throw when a client is blocked', async () => {
-      sandbox.stub(Blocker, 'watchBlockers').returns({
-        on: (event, callback) => {
-          if (event === 'change') {
-            callback({ operation: 'add', blocker: { type: 'client', area: 'full', value: '192.168.1.1' } });
-          }
-        },
-      });
-      const attachBlocker = requireAgain(pathToBlocker).default;
-      attachBlocker(req, res, next);
-
-      checkErrorNotThrown(next);
-    });
-
-    it('throws when the blocker IP is blocked', async () => {
-      req.ip = '192.168.1.1';
-      sandbox.stub(Blocker, 'watchBlockers').returns({
-        on: (event, callback) => {
-          if (event === 'change') {
-            callback({ operation: 'add', blocker: { type: 'ipaddress', area: 'full', value: '192.168.1.1' } });
-          }
-        },
-      });
-      const attachBlocker = requireAgain(pathToBlocker).default;
-      attachBlocker(req, res, next);
-
-      checkIPBlockedErrorThrown(next);
-    });
-  });
-
-  describe('Blocking clients', () => {
-    beforeEach(() => {
-      sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns('');
-      req.headers['x-client'] = 'test-client';
-    });
-    it('is disabled when no clients are blocked', () => {
-      const attachBlocker = requireAgain(pathToBlocker).default;
-      attachBlocker(req, res, next);
-
-      checkErrorNotThrown(next);
-    });
-
-    it('does not throw when the client does not match', async () => {
-      sandbox.stub(Blocker, 'watchBlockers').returns({
-        on: (event, callback) => {
-          if (event === 'change') {
-            callback({ operation: 'add', blocker: { type: 'client', area: 'full', value: 'another-client' } });
-          }
-        },
-      });
-      const attachBlocker = requireAgain(pathToBlocker).default;
-      attachBlocker(req, res, next);
-
-      checkErrorNotThrown(next);
-    });
-
-    it('throws when the client is blocked', async () => {
-      sandbox.stub(Blocker, 'watchBlockers').returns({
-        on: (event, callback) => {
-          if (event === 'change') {
-            callback({ operation: 'add', blocker: { type: 'client', area: 'full', value: 'test-client' } });
-          }
-        },
-      });
-      const attachBlocker = requireAgain(pathToBlocker).default;
-      attachBlocker(req, res, next);
-
-      checkClientBlockedErrorThrown(next);
-    });
-
-    it('does not throw when an ip is blocked', async () => {
-      sandbox.stub(Blocker, 'watchBlockers').returns({
-        on: (event, callback) => {
-          if (event === 'change') {
-            callback({ operation: 'add', blocker: { type: 'ipaddress', area: 'full', value: 'test-client' } });
-          }
-        },
-      });
-      const attachBlocker = requireAgain(pathToBlocker).default;
-      attachBlocker(req, res, next);
-
-      checkErrorNotThrown(next);
-    });
-
-    it('updates the list when data changes', async () => {
-      let blockCallback;
-      sandbox.stub(Blocker, 'watchBlockers').returns({
-        on: (event, callback) => {
-          blockCallback = callback;
-          if (event === 'change') {
-            callback({ operation: 'add', blocker: { type: 'client', area: 'full', value: 'another-client' } });
-          }
-        },
-      });
-      const attachBlocker = requireAgain(pathToBlocker).default;
-      attachBlocker(req, res, next);
-      checkErrorNotThrown(next);
-      blockCallback({ operation: 'add', blocker: { type: 'client', area: 'full', value: 'test-client' } });
-      attachBlocker(req, res, next);
-      expect(next).to.have.been.calledTwice;
-      const calledWith = next.getCall(1).args;
-      expect(calledWith[0].message).to.equal(apiError('clientBlocked'));
-      expect(calledWith[0] instanceof Forbidden).to.equal(true);
-    });
-  });
-});

test/api/unit/middlewares/cronMiddleware.js

@@ -0,0 +1,332 @@
+import moment from 'moment';
+import { v4 as generateUUID } from 'uuid';
+import {
+  generateRes,
+  generateReq,
+  generateTodo,
+  generateDaily,
+} from '../../../helpers/api-unit.helper';
+import cronMiddleware from '../../../../website/server/middlewares/cron';
+import { model as User } from '../../../../website/server/models/user';
+import { model as Group } from '../../../../website/server/models/group';
+import * as Tasks from '../../../../website/server/models/task';
+import * as analyticsService from '../../../../website/server/libs/analyticsService';
+import * as cronLib from '../../../../website/server/libs/cron';
+
+const CRON_TIMEOUT_WAIT = new Date(60 * 60 * 1000).getTime();
+const CRON_TIMEOUT_UNIT = new Date(60 * 1000).getTime();
+
+describe('cron middleware', () => {
+  let res; let
+    req;
+  let user;
+
+  beforeEach(async () => {
+    res = generateRes();
+    req = generateReq();
+    user = await res.locals.user.save();
+    res.analytics = analyticsService;
+  });
+
+  afterEach(() => {
+    sandbox.restore();
+  });
+
+  it('calls next when user is not attached', done => {
+    res.locals.user = null;
+    cronMiddleware(req, res, done);
+  });
+
+  it('calls next when days have not been missed', done => {
+    cronMiddleware(req, res, done);
+  });
+
+  it('should clear todos older than 30 days for free users', async () => {
+    user.lastCron = moment(new Date()).subtract({ days: 2 });
+    const task = generateTodo(user);
+    task.dateCompleted = moment(new Date()).subtract({ days: 31 });
+    task.completed = true;
+    await task.save();
+    await user.save();
+
+    await new Promise((resolve, reject) => {
+      cronMiddleware(req, res, err => {
+        if (err) return reject(err);
+
+        Tasks.Task.findOne({ _id: task }).then(foundTask => {
+          expect(foundTask).to.not.exist;
+          resolve();
+        });
+
+        return null;
+      });
+    });
+  });
+
+  it('should not clear todos older than 30 days for subscribed users', async () => {
+    user.purchased.plan.customerId = 'subscribedId';
+    user.purchased.plan.dateUpdated = moment('012013', 'MMYYYY');
+    user.lastCron = moment(new Date()).subtract({ days: 2 });
+    const task = generateTodo(user);
+    task.dateCompleted = moment(new Date()).subtract({ days: 31 });
+    task.completed = true;
+    await task.save();
+    await user.save();
+
+    await new Promise((resolve, reject) => {
+      cronMiddleware(req, res, err => {
+        if (err) return reject(err);
+        Tasks.Task.findOne({ _id: task }).then(foundTask => {
+          expect(foundTask).to.exist;
+          return resolve();
+        });
+        return null;
+      });
+    });
+  });
+
+  it('should clear todos older than 90 days for subscribed users', async () => {
+    user.purchased.plan.customerId = 'subscribedId';
+    user.purchased.plan.dateUpdated = moment('012013', 'MMYYYY');
+    user.lastCron = moment(new Date()).subtract({ days: 2 });
+
+    const task = generateTodo(user);
+    task.dateCompleted = moment(new Date()).subtract({ days: 91 });
+    task.completed = true;
+    await task.save();
+    await user.save();
+
+    await new Promise((resolve, reject) => {
+      cronMiddleware(req, res, err => {
+        if (err) return reject(err);
+        Tasks.Task.findOne({ _id: task }).then(foundTask => {
+          expect(foundTask).to.not.exist;
+          return resolve();
+        });
+        return null;
+      });
+    });
+  });
+
+  it('should call next if user was not modified after cron', async () => {
+    const hpBefore = user.stats.hp;
+    user.lastCron = moment(new Date()).subtract({ days: 2 });
+    await user.save();
+
+    await new Promise((resolve, reject) => {
+      cronMiddleware(req, res, err => {
+        if (err) return reject(err);
+        expect(hpBefore).to.equal(user.stats.hp);
+        return resolve();
+      });
+    });
+  });
+
+  it('runs cron if previous cron was incomplete', async () => {
+    user.lastCron = moment(new Date()).subtract({ days: 1 });
+    user.auth.timestamps.loggedin = moment(new Date()).subtract({ days: 4 });
+    const now = new Date();
+    await user.save();
+
+    await new Promise((resolve, reject) => {
+      cronMiddleware(req, res, err => {
+        if (err) return reject(err);
+        expect(moment(now).isSame(user.lastCron, 'day'));
+        expect(moment(now).isSame(user.auth.timestamps.loggedin, 'day'));
+        return resolve();
+      });
+    });
+  });
+
+  it('updates user.auth.timestamps.loggedin and lastCron', async () => {
+    user.lastCron = moment(new Date()).subtract({ days: 2 });
+    const now = new Date();
+    await user.save();
+
+    await new Promise((resolve, reject) => {
+      cronMiddleware(req, res, err => {
+        if (err) return reject(err);
+        expect(moment(now).isSame(user.lastCron, 'day'));
+        expect(moment(now).isSame(user.auth.timestamps.loggedin, 'day'));
+        return resolve();
+      });
+    });
+  });
+
+  it('does damage for missing dailies', async () => {
+    const hpBefore = user.stats.hp;
+    user.lastCron = moment(new Date()).subtract({ days: 2 });
+    const daily = generateDaily(user);
+    daily.startDate = moment(new Date()).subtract({ days: 2 });
+    await daily.save();
+    await user.save();
+
+    await new Promise((resolve, reject) => {
+      cronMiddleware(req, res, err => {
+        if (err) return reject(err);
+        return User.findOne({ _id: user._id }).then(updatedUser => {
+          expect(updatedUser.stats.hp).to.be.lessThan(hpBefore);
+          return resolve();
+        });
+      });
+    });
+  });
+
+  it('updates tasks', async () => {
+    user.lastCron = moment(new Date()).subtract({ days: 2 });
+    const todo = generateTodo(user);
+    const todoValueBefore = todo.value;
+    await Promise.all([todo.save(), user.save()]);
+
+    await new Promise((resolve, reject) => {
+      cronMiddleware(req, res, err => {
+        if (err) return reject(err);
+        return Tasks.Task.findOne({ _id: todo._id }).then(todoFound => {
+          expect(todoFound.value).to.be.lessThan(todoValueBefore);
+          return resolve();
+        });
+      });
+    });
+  });
+
+  it('applies quest progress', async () => {
+    const hpBefore = user.stats.hp;
+    user.lastCron = moment(new Date()).subtract({ days: 2 });
+    const daily = generateDaily(user);
+    daily.startDate = moment(new Date()).subtract({ days: 2 });
+    await daily.save();
+
+    const questKey = 'dilatory';
+    user.party.quest.key = questKey;
+
+    const party = new Group({
+      type: 'party',
+      name: generateUUID(),
+      leader: user._id,
+    });
+    party.quest.members[user._id] = true;
+    party.quest.key = questKey;
+    await party.save();
+
+    user.party._id = party._id;
+    await user.save();
+
+    party.startQuest(user);
+
+    await new Promise((resolve, reject) => {
+      cronMiddleware(req, res, err => {
+        if (err) return reject(err);
+        return User.findOne({ _id: user._id }).then(updatedUser => {
+          expect(updatedUser.stats.hp).to.be.lessThan(hpBefore);
+          return resolve();
+        });
+      });
+    });
+  });
+
+  it('recovers from failed cron and does not error when user is already cronning', async () => {
+    user.lastCron = moment(new Date()).subtract({ days: 2 });
+    await user.save();
+
+    const updatedUser = user.toObject();
+    updatedUser.matchedCount = 0;
+
+    sandbox.spy(cronLib, 'recoverCron');
+
+    sandbox.stub(User, 'updateOne')
+      .withArgs({
+        _id: user._id,
+        $or: [
+          { _cronSignature: 'NOT_RUNNING' },
+          { _cronSignature: { $lt: sinon.match.number } },
+        ],
+      })
+      .returns({
+        exec () {
+          return Promise.resolve(updatedUser);
+        },
+      });
+
+    await new Promise((resolve, reject) => {
+      cronMiddleware(req, res, err => {
+        if (err) return reject(err);
+        expect(cronLib.recoverCron).to.be.calledOnce;
+
+        return resolve();
+      });
+    });
+  });
+
+  it('cronSignature less than an hour ago should error', async () => {
+    user.lastCron = moment(new Date()).subtract({ days: 2 });
+    const now = new Date();
+    await User.updateOne({
+      _id: user._id,
+    }, {
+      $set: {
+        _cronSignature: now.getTime() - CRON_TIMEOUT_WAIT + CRON_TIMEOUT_UNIT,
+      },
+    }).exec();
+    await user.save();
+    const expectedErrMessage = `Impossible to recover from cron for user ${user._id}.`;
+
+    await new Promise((resolve, reject) => {
+      cronMiddleware(req, res, err => {
+        if (!err) return reject(new Error('Cron should have failed.'));
+        expect(err.message).to.be.equal(expectedErrMessage);
+        return resolve();
+      });
+    });
+  });
+
+  it('cronSignature longer than an hour ago should allow cron', async () => {
+    user.lastCron = moment(new Date()).subtract({ days: 2 });
+    const now = new Date();
+    await User.updateOne({
+      _id: user._id,
+    }, {
+      $set: {
+        _cronSignature: now.getTime() - CRON_TIMEOUT_WAIT - CRON_TIMEOUT_UNIT,
+      },
+    }).exec();
+    await user.save();
+
+    await new Promise((resolve, reject) => {
+      cronMiddleware(req, res, err => {
+        if (err) return reject(err);
+        expect(moment(now).isSame(user.auth.timestamps.loggedin, 'day'));
+        expect(user._cronSignature).to.be.equal('NOT_RUNNING');
+        return resolve();
+      });
+    });
+  });
+
+  it('cron should not run more than once', async () => {
+    user.lastCron = moment(new Date()).subtract({ days: 2 });
+    await user.save();
+
+    sandbox.spy(cronLib, 'cron');
+
+    await Promise.all([new Promise((resolve, reject) => {
+      cronMiddleware(req, res, err => {
+        if (err) return reject(err);
+        return resolve();
+      });
+    }), new Promise((resolve, reject) => {
+      cronMiddleware(req, res, err => {
+        if (err) return reject(err);
+        return resolve();
+      });
+    }), new Promise((resolve, reject) => {
+      setTimeout(() => {
+        cronMiddleware(req, res, err => {
+          if (err) return reject(err);
+          return resolve();
+        });
+      }, 400);
+    }),
+    ]);
+
+    expect(cronLib.cron).to.be.calledOnce;
+  });
+});

test/api/unit/middlewares/ipBlocker.test.js

@@ -0,0 +1,76 @@
+import nconf from 'nconf';
+import requireAgain from 'require-again';
+import {
+  generateRes,
+  generateReq,
+  generateNext,
+} from '../../../helpers/api-unit.helper';
+import { Forbidden } from '../../../../website/server/libs/errors';
+import { apiError } from '../../../../website/server/libs/apiError';
+
+function checkErrorThrown (next) {
+  expect(next).to.have.been.calledOnce;
+  const calledWith = next.getCall(0).args;
+  expect(calledWith[0].message).to.equal(apiError('ipAddressBlocked'));
+  expect(calledWith[0] instanceof Forbidden).to.equal(true);
+}
+
+function checkErrorNotThrown (next) {
+  expect(next).to.have.been.calledOnce;
+  const calledWith = next.getCall(0).args;
+  expect(typeof calledWith[0] === 'undefined').to.equal(true);
+}
+
+describe('ipBlocker middleware', () => {
+  const pathToIpBlocker = '../../../../website/server/middlewares/ipBlocker';
+
+  let res; let req; let next;
+
+  beforeEach(() => {
+    res = generateRes();
+    req = generateReq();
+    next = generateNext();
+  });
+
+  it('is disabled when the env var is not defined', () => {
+    sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns(undefined);
+    const attachIpBlocker = requireAgain(pathToIpBlocker).default;
+    attachIpBlocker(req, res, next);
+
+    checkErrorNotThrown(next);
+  });
+
+  it('is disabled when the env var is an empty string', () => {
+    sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns('');
+    const attachIpBlocker = requireAgain(pathToIpBlocker).default;
+    attachIpBlocker(req, res, next);
+
+    checkErrorNotThrown(next);
+  });
+
+  it('is disabled when the env var contains comma separated empty strings', () => {
+    sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns(' , , ');
+    const attachIpBlocker = requireAgain(pathToIpBlocker).default;
+    attachIpBlocker(req, res, next);
+
+    checkErrorNotThrown(next);
+  });
+
+  it('does not throw when the ip does not match', () => {
+    req.ip = '192.168.1.1';
+    sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns('192.168.1.2');
+    const attachIpBlocker = requireAgain(pathToIpBlocker).default;
+    attachIpBlocker(req, res, next);
+
+    checkErrorNotThrown(next);
+  });
+
+  it('throws when the ip is blocked', () => {
+    req.ip = '192.168.1.1';
+    sandbox.stub(nconf, 'get').withArgs('BLOCKED_IPS').returns('192.168.1.1');
+    const attachIpBlocker = requireAgain(pathToIpBlocker).default;
+    attachIpBlocker(req, res, next);
+
+    checkErrorThrown(next);
+  });
+});

test/api/unit/middlewares/rateLimiter.test.js

@@ -32,8 +32,7 @@ describe('rateLimiter middleware', () => {
 
   it('is disabled when the env var is not defined', () => {
     nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns(undefined);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
-    const attachRateLimiter = setupRateLimiter();
     attachRateLimiter(req, res, next);
 
     expect(next).to.have.been.calledOnce;
@@ -44,8 +43,7 @@ describe('rateLimiter middleware', () => {
 
   it('is disabled when the env var is an not "true"', () => {
     nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('false');
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
-    const attachRateLimiter = setupRateLimiter();
     attachRateLimiter(req, res, next);
 
     expect(next).to.have.been.calledOnce;
@@ -57,8 +55,7 @@ describe('rateLimiter middleware', () => {
   it('does not throw when there are available points', async () => {
     nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
     nconfGetStub.withArgs('RATE_LIMITER_IP_COST').returns(1);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
-    const attachRateLimiter = setupRateLimiter();
     await attachRateLimiter(req, res, next);
 
     expect(next).to.have.been.calledOnce;
@@ -80,8 +77,7 @@ describe('rateLimiter middleware', () => {
     sandbox.stub(RateLimiterMemory.prototype, 'consume')
       .returns(Promise.reject(new Error('Unknown error.')));
 
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
-    const attachRateLimiter = setupRateLimiter();
     await attachRateLimiter(req, res, next);
 
     expect(next).to.have.been.calledOnce;
@@ -96,8 +92,7 @@ describe('rateLimiter middleware', () => {
   it('does not throw when LIVELINESS_PROBE_KEY is correct', async () => {
     nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
     nconfGetStub.withArgs('LIVELINESS_PROBE_KEY').returns('abc');
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
-    const attachRateLimiter = setupRateLimiter();
 
     req.query.liveliness = 'abc';
     await attachRateLimiter(req, res, next);
@@ -112,8 +107,7 @@ describe('rateLimiter middleware', () => {
     nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
     nconfGetStub.withArgs('LIVELINESS_PROBE_KEY').returns('abc');
     nconfGetStub.withArgs('RATE_LIMITER_IP_COST').returns(1);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
-    const attachRateLimiter = setupRateLimiter();
 
     req.query.liveliness = 'das';
     await attachRateLimiter(req, res, next);
@@ -130,8 +124,7 @@ describe('rateLimiter middleware', () => {
     nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
     nconfGetStub.withArgs('LIVELINESS_PROBE_KEY').returns(undefined);
     nconfGetStub.withArgs('RATE_LIMITER_IP_COST').returns(1);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
-    const attachRateLimiter = setupRateLimiter();
 
     await attachRateLimiter(req, res, next);
 
@@ -147,8 +140,7 @@ describe('rateLimiter middleware', () => {
     nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
     nconfGetStub.withArgs('LIVELINESS_PROBE_KEY').returns('');
     nconfGetStub.withArgs('RATE_LIMITER_IP_COST').returns(1);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
-    const attachRateLimiter = setupRateLimiter();
 
     req.query.liveliness = '';
     await attachRateLimiter(req, res, next);
@@ -164,8 +156,7 @@ describe('rateLimiter middleware', () => {
   it('throws when there are no available points remaining', async () => {
     nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
     nconfGetStub.withArgs('RATE_LIMITER_IP_COST').returns(1);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
-    const attachRateLimiter = setupRateLimiter();
 
     // call for 31 times
     for (let i = 0; i < 31; i += 1) {
@@ -189,8 +180,7 @@ describe('rateLimiter middleware', () => {
   it('uses the user id if supplied or the ip address', async () => {
     nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
     nconfGetStub.withArgs('RATE_LIMITER_IP_COST').returns(1);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
-    const attachRateLimiter = setupRateLimiter();
 
     req.ip = 1;
     await attachRateLimiter(req, res, next);
@@ -220,8 +210,7 @@ describe('rateLimiter middleware', () => {
   it('applies increased cost for registration calls with and without user id', async () => {
     nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
     nconfGetStub.withArgs('RATE_LIMITER_REGISTRATION_COST').returns(3);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
-    const attachRateLimiter = setupRateLimiter();
     req.path = '/api/v4/user/auth/local/register';
 
     req.ip = 1;
@@ -252,8 +241,7 @@ describe('rateLimiter middleware', () => {
   it('applies increased cost for unauthenticated API calls', async () => {
     nconfGetStub.withArgs('RATE_LIMITER_ENABLED').returns('true');
     nconfGetStub.withArgs('RATE_LIMITER_IP_COST').returns(10);
-    const setupRateLimiter = requireAgain(pathToRateLimiter).default;
+    const attachRateLimiter = requireAgain(pathToRateLimiter).default;
-    const attachRateLimiter = setupRateLimiter();
 
     req.ip = 1;
     await attachRateLimiter(req, res, next);

test/api/unit/models/group.test.js

@@ -6,8 +6,6 @@ import {
   SPAM_MESSAGE_LIMIT,
   SPAM_MIN_EXEMPT_CONTRIB_LEVEL,
   SPAM_WINDOW_LENGTH,
-  MAX_CHAT_COUNT,
-  MAX_SUBBED_GROUP_CHAT_COUNT,
   INVITES_LIMIT,
   model as Group,
 } from '../../../../website/server/models/group';
@@ -20,7 +18,6 @@ import {
 import * as email from '../../../../website/server/libs/email';
 import { TAVERN_ID } from '../../../../website/common/script/constants';
 import shared from '../../../../website/common';
-import { chatModel as Chat } from '../../../../website/server/models/message';
 
 describe('Group Model', () => {
   let party; let questLeader; let participatingMember;
@@ -1359,29 +1356,6 @@ describe('Group Model', () => {
       });
     });
 
-    describe('#getEffectiveChatLimit', () => {
-      it('returns the correct chat limit', () => {
-        const group = new Group();
-        expect(group.getEffectiveChatLimit()).to.eql(MAX_CHAT_COUNT);
-      });
-
-      it('returns the passed limit if it is lower than the max', () => {
-        const group = new Group();
-        expect(group.getEffectiveChatLimit(10)).to.eql(10);
-      });
-
-      it('returns the max if the passed limit is higher', () => {
-        const group = new Group();
-        expect(group.getEffectiveChatLimit(MAX_CHAT_COUNT + 10)).to.eql(MAX_CHAT_COUNT);
-      });
-
-      it('returns the max for group plans', () => {
-        const group = new Group();
-        group.purchased.plan.customerId = '110002222333';
-        expect(group.getEffectiveChatLimit()).to.eql(MAX_SUBBED_GROUP_CHAT_COUNT);
-      });
-    });
-
     describe('#sendChat', () => {
       beforeEach(() => {
         sandbox.spy(User, 'updateOne');
@@ -1488,34 +1462,6 @@ describe('Group Model', () => {
       });
     });
 
-    describe('#trimChat', () => {
-      it('Only checks last message when not enough messages to trim', async () => {
-        sandbox.spy(Chat, 'find');
-        sandbox.spy(Chat, 'deleteMany');
-        await Chat.insertOne({ groupId: party._id, timestamp: new Date() });
-        await Chat.insertOne({ groupId: party._id, timestamp: new Date() });
-        await Chat.insertOne({ groupId: party._id, timestamp: new Date() });
-        await party.trimChat();
-
-        expect(Chat.find).to.be.calledOnce;
-        expect(Chat.deleteMany).to.not.be.called;
-        expect(await Chat.countDocuments({ groupId: party._id })).to.eql(3);
-      });
-      it('Deletes messages over the limit', async () => {
-        sandbox.spy(Chat, 'find');
-        sandbox.spy(Chat, 'deleteMany');
-        await Chat.insertOne({ groupId: party._id, timestamp: new Date() });
-        await Chat.insertOne({ groupId: party._id, timestamp: new Date() });
-        await Chat.insertOne({ groupId: party._id, timestamp: new Date() });
-
-        await party.trimChat(1);
-
-        expect(Chat.find).to.be.calledOnce;
-        expect(Chat.deleteMany).to.be.calledOnce;
-        expect(await Chat.countDocuments({ groupId: party._id })).to.eql(1);
-      });
-    });
-
     describe('#startQuest', () => {
       context('Failure Conditions', () => {
         it('throws an error if group is not a party', async () => {

test/api/unit/models/user.test.js

@@ -1,13 +1,9 @@
 import moment from 'moment';
-import requireAgain from 'require-again';
 import { model as User } from '../../../../website/server/models/user';
 import { model as NewsPost } from '../../../../website/server/models/newsPost';
 import { model as Group } from '../../../../website/server/models/group';
-import { model as Blocker } from '../../../../website/server/models/blocker';
 import common from '../../../../website/common';
 
-const pathToUserSchema = '../../../../website/server/models/user/schema';
-
 describe('User Model', () => {
   describe('.toJSON()', () => {
     it('keeps user._tmp when calling .toJSON', () => {
@@ -916,73 +912,4 @@ describe('User Model', () => {
       expect(user.toJSON().flags.newStuff).to.equal(true);
     });
   });
-
-  describe('validates email', () => {
-    it('does not throw an error for a valid email', () => {
-      const user = new User();
-      user.auth.local.email = 'hello@example.com';
-      const errors = user.validateSync();
-      expect(errors.errors['auth.local.email']).to.not.exist;
-    });
-
-    it('throws an error if email is not valid', () => {
-      const user = new User();
-      user.auth.local.email = 'invalid-email';
-      const errors = user.validateSync();
-      expect(errors.errors['auth.local.email'].message).to.equal(common.i18n.t('invalidEmail'));
-    });
-
-    it('throws an error if email is using a restricted domain', () => {
-      const user = new User();
-      user.auth.local.email = 'scammer@habitica.com';
-      const errors = user.validateSync();
-      expect(errors.errors['auth.local.email'].message).to.equal(common.i18n.t('invalidEmailDomain', { domains: 'habitica.com, habitrpg.com' }));
-    });
-
-    it('throws an error if email was blocked specifically', () => {
-      sandbox.stub(Blocker, 'watchBlockers').returns({
-        on: (event, callback) => {
-          callback({ operation: 'add', blocker: { type: 'email', area: 'full', value: 'blocked@example.com' } });
-        },
-      });
-      const schema = requireAgain(pathToUserSchema).UserSchema;
-      const valid = schema.paths['auth.local.email'].options.validate.every(v => v.validator('blocked@example.com'));
-      expect(valid).to.equal(false);
-    });
-
-    it('throws an error if email domain was blocked', () => {
-      sandbox.stub(Blocker, 'watchBlockers').returns({
-        on: (event, callback) => {
-          callback({ operation: 'add', blocker: { type: 'email', area: 'full', value: '@example.com' } });
-        },
-      });
-      const schema = requireAgain(pathToUserSchema).UserSchema;
-      const valid = schema.paths['auth.local.email'].options.validate.every(v => v.validator('blocked@example.com'));
-      expect(valid).to.equal(false);
-    });
-
-    it('throws an error if user portion of email was blocked', () => {
-      sandbox.stub(Blocker, 'watchBlockers').returns({
-        on: (event, callback) => {
-          callback({ operation: 'add', blocker: { type: 'email', area: 'full', value: 'blocked@' } });
-        },
-      });
-      const schema = requireAgain(pathToUserSchema).UserSchema;
-      const valid = schema.paths['auth.local.email'].options.validate.every(v => v.validator('blocked@example.com'));
-      expect(valid).to.equal(false);
-    });
-
-    it('does not throw an error if email is not blocked', () => {
-      sandbox.stub(Blocker, 'watchBlockers').returns({
-        on: (event, callback) => {
-          callback({ operation: 'add', blocker: { type: 'email', area: 'full', value: '@example.com' } });
-          callback({ operation: 'add', blocker: { type: 'email', area: 'full', value: 'blocked@' } });
-          callback({ operation: 'add', blocker: { type: 'email', area: 'full', value: 'bad@test.com' } });
-        },
-      });
-      const schema = requireAgain(pathToUserSchema).UserSchema;
-      const valid = schema.paths['auth.local.email'].options.validate.every(v => v.validator('good@test.com'));
-      expect(valid).to.equal(true);
-    });
-  });
 });

test/api/unit/models/userNotification.test.js

@@ -50,59 +50,5 @@ describe('UserNotification Model', () => {
       expect(safeNotifications[0].type).to.equal('NEW_CHAT_MESSAGE');
       expect(safeNotifications[0].id).to.equal('123');
     });
-
-    it('removes duplicate STREAK_ACHIEVEMENT notifications', () => {
-      // Fixes issue #13325 - Users receiving duplicate streak achievement notifications
-      const notifications = [
-        new UserNotification({
-          type: 'STREAK_ACHIEVEMENT',
-          id: 123,
-          data: {},
-        }),
-        new UserNotification({
-          type: 'STREAK_ACHIEVEMENT',
-          id: 456,
-          data: {},
-        }),
-        new UserNotification({
-          type: 'CRON',
-          id: 789,
-          data: {},
-        }), // different type, should be kept
-      ];
-
-      const safeNotifications = UserNotification.cleanupCorruptData(notifications);
-      expect(safeNotifications.length).to.equal(2);
-      expect(safeNotifications[0].type).to.equal('STREAK_ACHIEVEMENT');
-      expect(safeNotifications[0].id).to.equal('123');
-      expect(safeNotifications[1].type).to.equal('CRON');
-      expect(safeNotifications[1].id).to.equal('789');
-    });
-
-    it('handles multiple STREAK_ACHIEVEMENT duplicates correctly', () => {
-      // Test case: 3 duplicate STREAK_ACHIEVEMENT notifications
-      const notifications = [
-        new UserNotification({
-          type: 'STREAK_ACHIEVEMENT',
-          id: 111,
-          data: {},
-        }),
-        new UserNotification({
-          type: 'STREAK_ACHIEVEMENT',
-          id: 222,
-          data: {},
-        }),
-        new UserNotification({
-          type: 'STREAK_ACHIEVEMENT',
-          id: 333,
-          data: {},
-        }),
-      ];
-
-      const safeNotifications = UserNotification.cleanupCorruptData(notifications);
-      expect(safeNotifications.length).to.equal(1);
-      expect(safeNotifications[0].type).to.equal('STREAK_ACHIEVEMENT');
-      expect(safeNotifications[0].id).to.equal('111'); // Keep first one
-    });
   });
 });

test/api/v3/integration/analytics/POST-analytics_track_eventName.test.js

@@ -0,0 +1,19 @@
+import {
+  generateUser,
+  requester,
+} from '../../../../helpers/api-integration/v3';
+import { mockAnalyticsService as analytics } from '../../../../../website/server/libs/analyticsService';
+
+describe('POST /analytics/track/:eventName', () => {
+  it('calls res.analytics', async () => {
+    const user = await generateUser();
+    sandbox.spy(analytics, 'track');
+
+    const requestWithHeaders = requester(user, { 'x-client': 'habitica-web' });
+    await requestWithHeaders.post('/analytics/track/eventName', { data: 'example' }, { 'x-client': 'habitica-web' });
+    expect(analytics.track).to.be.calledOnce;
+    expect(analytics.track).to.be.calledWith('eventName', sandbox.match({ data: 'example' }));
+
+    sandbox.restore();
+  });
+});

test/api/v3/integration/challenges/POST-challenges_challengeId_join.test.js

@@ -5,8 +5,6 @@ import {
   createAndPopulateGroup,
   translate as t,
 } from '../../../../helpers/api-integration/v3';
-import { model as Group } from '../../../../../website/server/models/group';
-import { TAVERN_ID } from '../../../../../website/common/script/constants';
 
 describe('POST /challenges/:challengeId/join', () => {
   it('returns error when challengeId is not a valid UUID', async () => {
@@ -29,37 +27,6 @@ describe('POST /challenges/:challengeId/join', () => {
     });
   });
 
-  context('public Guild', () => {
-    let group;
-    let groupLeader;
-    let members;
-    let challenge;
-    before(async () => {
-      ({ group, groupLeader, members } = await createAndPopulateGroup({
-        groupDetails: {
-          name: 'test group',
-          type: 'guild',
-          privacy: 'private',
-        },
-        members: 1,
-        upgradeToGroupPlan: true,
-      }));
-      challenge = await generateChallenge(groupLeader, group);
-      // Creation API is shut down, we need to simulate an extant public group
-      await Group.updateOne({ _id: group._id }, { $set: { privacy: 'public' }, $unset: { 'purchased.plan': 1 } }).exec();
-    });
-
-    it('returns error when challengeId is in an old public Guild', async () => {
-      const authorizedUser = members[0]; // eslint-disable-line prefer-destructuring
-
-      await expect(authorizedUser.post(`/challenges/${challenge._id}/join`)).to.eventually.be.rejected.and.eql({
-        code: 404,
-        error: 'NotFound',
-        message: t('challengeNotFound'),
-      });
-    });
-  });
-
   context('Joining a valid challenge', () => {
     let groupLeader;
     let group;
@@ -99,15 +66,6 @@ describe('POST /challenges/:challengeId/join', () => {
       expect(res.name).to.equal(challenge.name);
     });
 
-    it('succeeds when it\'s a Tavern challenge, even if the user isn\'t a "member" of Tavern', async () => {
-      const tavern = await groupLeader.get(`/groups/${TAVERN_ID}`);
-      const tavernChallenge = await generateChallenge(groupLeader, tavern, { prize: 1 });
-      const generalUser = await generateUser();
-
-      const res = await generalUser.post(`/challenges/${tavernChallenge._id}/join`);
-      expect(res.name).to.equal(tavernChallenge.name);
-    });
-
     it('returns challenge data', async () => {
       const res = await authorizedUser.post(`/challenges/${challenge._id}/join`);
 

test/api/v3/integration/chat/GET-chat.test.js

@@ -62,9 +62,9 @@ describe('GET /groups/:groupId/chat', () => {
 
     it('returns error if user attempts to fetch a sunset Guild', async () => {
       await expect(user.get(`/groups/${group._id}/chat`)).to.eventually.be.rejected.and.eql({
-        code: 404,
+        code: 400,
-        error: 'NotFound',
+        error: 'BadRequest',
-        message: t('groupNotFound'),
+        message: t('featureRetired'),
       });
     });
   });

test/api/v3/integration/chat/POST-chat.like.test.js

@@ -121,9 +121,9 @@ describe('POST /chat/:chatId/like', () => {
 
     await expect(user.post(`/groups/${groupWithChat._id}/chat/${message.message.id}/like`))
       .to.eventually.be.rejected.and.eql({
-        code: 404,
+        code: 400,
-        error: 'NotFound',
+        error: 'BadRequest',
-        message: t('groupNotFound'),
+        message: t('featureRetired'),
       });
   });
 });

test/api/v3/integration/chat/POST-chat.test.js

@@ -9,7 +9,7 @@ import {
 import {
   SPAM_MIN_EXEMPT_CONTRIB_LEVEL,
 } from '../../../../../website/server/models/group';
-import { MAX_MESSAGE_LENGTH, CHAT_FLAG_FROM_SHADOW_MUTE } from '../../../../../website/common/script/constants';
+import { MAX_MESSAGE_LENGTH } from '../../../../../website/common/script/constants';
 import * as email from '../../../../../website/server/libs/email';
 
 describe('POST /chat', () => {
@@ -80,20 +80,17 @@ describe('POST /chat', () => {
       member.updateOne({ 'flags.chatRevoked': false });
     });
 
-    it('errors when chat privileges are revoked when sending a message to a private guild', async () => {
+    it('does not error when chat privileges are revoked when sending a message to a private guild', async () => {
       await member.updateOne({
         'flags.chatRevoked': true,
       });
 
-      await expect(member.post(`/groups/${groupWithChat._id}/chat`, { message: testMessage }))
+      const message = await member.post(`/groups/${groupWithChat._id}/chat`, { message: testMessage });
-        .to.eventually.be.rejected.and.eql({
+
-          code: 401,
+      expect(message.message.id).to.exist;
-          error: 'NotAuthorized',
-          message: t('chatPrivilegesRevoked'),
-        });
     });
 
-    it('errors when chat privileges are revoked when sending a message to a party', async () => {
+    it('does not error when chat privileges are revoked when sending a message to a party', async () => {
       const { group, members } = await createAndPopulateGroup({
         groupDetails: {
           name: 'Party',
@@ -109,12 +106,9 @@ describe('POST /chat', () => {
         'auth.timestamps.created': new Date('2022-01-01'),
       });
 
-      await expect(privatePartyMemberWithChatsRevoked.post(`/groups/${group._id}/chat`, { message: testMessage }))
+      const message = await privatePartyMemberWithChatsRevoked.post(`/groups/${group._id}/chat`, { message: testMessage });
-        .to.eventually.be.rejected.and.eql({
+
-          code: 401,
+      expect(message.message.id).to.exist;
-          error: 'NotAuthorized',
-          message: t('chatPrivilegesRevoked'),
-        });
     });
   });
 
@@ -129,7 +123,7 @@ describe('POST /chat', () => {
       member.updateOne({ 'flags.chatShadowMuted': false });
     });
 
-    it('creates a chat with flagCount set when sending a message to a private guild', async () => {
+    it('creates a chat with zero flagCount when sending a message to a private guild', async () => {
       await member.updateOne({
         'flags.chatShadowMuted': true,
       });
@@ -137,10 +131,10 @@ describe('POST /chat', () => {
       const message = await member.post(`/groups/${groupWithChat._id}/chat`, { message: testMessage });
 
       expect(message.message.id).to.exist;
-      expect(message.message.flagCount).to.eql(CHAT_FLAG_FROM_SHADOW_MUTE);
+      expect(message.message.flagCount).to.eql(0);
     });
 
-    it('creates a chat with flagCount set when sending a message to a party', async () => {
+    it('creates a chat with zero flagCount when sending a message to a party', async () => {
       const { group, members } = await createAndPopulateGroup({
         groupDetails: {
           name: 'Party',
@@ -159,7 +153,7 @@ describe('POST /chat', () => {
       const message = await userWithChatShadowMuted.post(`/groups/${group._id}/chat`, { message: testMessage });
 
       expect(message.message.id).to.exist;
-      expect(message.message.flagCount).to.eql(CHAT_FLAG_FROM_SHADOW_MUTE);
+      expect(message.message.flagCount).to.eql(0);
     });
   });
 
@@ -244,18 +238,6 @@ describe('POST /chat', () => {
     expect(groupMessages[0].id).to.exist;
   });
 
-  it('creates a chat with case-insensitive mentions', async () => {
-    const originalUsername = member.auth.local.username;
-    const uppercaseUsername = originalUsername.toUpperCase();
-    const messageWithMentions = `hi @${uppercaseUsername}`;
-    const newMessage = await user.post(`/groups/${groupWithChat._id}/chat`, { message: messageWithMentions });
-    const groupMessages = await user.get(`/groups/${groupWithChat._id}/chat`);
-
-    expect(newMessage.message.id).to.exist;
-    expect(newMessage.message.text).to.include(`[@${uppercaseUsername}](/profile/${member._id})`);
-    expect(groupMessages[0].id).to.exist;
-  });
-
   it('creates a chat with a max length of 3000 chars', async () => {
     const veryLongMessage = `
     123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789.

test/api/v3/integration/content/GET-content.test.js

@@ -1,7 +1,6 @@
 import {
   requester,
   translate as t,
-  generateUser,
 } from '../../../../helpers/api-integration/v3';
 import i18n from '../../../../../website/common/script/i18n';
 
@@ -57,28 +56,4 @@ describe('GET /content', () => {
     const res = await requester().get('/content?filter=backgroundsFlat,invalid');
     expect(res).to.not.have.property('backgroundsFlat');
   });
-
-  describe('authenticated user', () => {
-    let user;
-    it('returns content in user\'s preferred language when no language parameter is provided', async () => {
-      user = await generateUser({ 'preferences.language': 'de' });
-      const res = await user.get('/content');
-      expect(res).to.have.nested.property('backgrounds.backgrounds062014.beach');
-      expect(res.backgrounds.backgrounds062014.beach.text).to.equal(i18n.t('backgroundBeachText', 'de'));
-    });
-
-    it('respects language parameter over user\'s preferred language', async () => {
-      user = await generateUser({ 'preferences.language': 'de' });
-      const res = await user.get('/content?language=fr');
-      expect(res).to.have.nested.property('backgrounds.backgrounds062014.beach');
-      expect(res.backgrounds.backgrounds062014.beach.text).to.equal(i18n.t('backgroundBeachText', 'fr'));
-    });
-
-    it('falls back to English if user\'s preferred language is invalid', async () => {
-      user = await generateUser({ 'preferences.language': 'invalid_lang' });
-      const res = await user.get('/content');
-      expect(res).to.have.nested.property('backgrounds.backgrounds062014.beach');
-      expect(res.backgrounds.backgrounds062014.beach.text).to.equal(t('backgroundBeachText'));
-    });
-  });
 });

test/api/v3/integration/dataexport/GET-export_avatar-memberId.html.test.js

@@ -0,0 +1,35 @@
+import { v4 as generateUUID } from 'uuid';
+import {
+  generateUser,
+  translate as t,
+} from '../../../../helpers/api-integration/v3';
+
+xdescribe('GET /export/avatar-:memberId.html', () => {
+  let user;
+
+  before(async () => {
+    user = await generateUser();
+  });
+
+  it('validates req.params.memberId', async () => {
+    await expect(user.get('/export/avatar-:memberId.html')).to.eventually.be.rejected.and.eql({
+      code: 400,
+      error: 'BadRequest',
+      message: t('invalidReqParams'),
+    });
+  });
+
+  it('handles non-existing members', async () => {
+    const dummyId = generateUUID();
+    await expect(user.get(`/export/avatar-${dummyId}.html`)).to.eventually.be.rejected.and.eql({
+      code: 404,
+      error: 'NotFound',
+      message: t('userWithIDNotFound', { userId: dummyId }),
+    });
+  });
+
+  it('returns an html page', async () => {
+    const res = await user.get(`/export/avatar-${user._id}.html`);
+    expect(res.substring(0, 100).indexOf('<!DOCTYPE html>')).to.equal(0);
+  });
+});

test/api/v3/integration/dataexport/GET-export_avatar-memberId.png.test.js

@@ -0,0 +1,3 @@
+// TODO how to test this route since it points to a file on AWS s3?
+
+describe('GET /export/avatar-:memberId.png', () => {});

test/api/v3/integration/dataexport/GET-export_inbox.html.test.js

@@ -38,7 +38,7 @@ describe('GET /export/inbox.html', () => {
   it('renders the markdown messages as html', async () => {
     const res = await user.get('/export/inbox.html');
 
-    expect(res).to.include('😄');
+    expect(res).to.include('img class="habitica-emoji"');
     expect(res).to.include('<h1>Hello!</h1>');
     expect(res).to.include('<li>list 1</li>');
   });
@@ -46,7 +46,7 @@ describe('GET /export/inbox.html', () => {
   it('sorts messages from newest to oldest', async () => {
     const res = await user.get('/export/inbox.html');
 
-    const emojiPosition = res.indexOf('😄');
+    const emojiPosition = res.indexOf('img class="habitica-emoji"');
     const headingPosition = res.indexOf('<h1>Hello!</h1>');
     const listPosition = res.indexOf('<li>list 1</li>');
 

test/api/v3/integration/groups/POST-groups_invite.test.js

@@ -61,24 +61,6 @@ describe('Post /groups/:groupId/invite', () => {
         });
     });
 
-    it('fakes sending an invite if user is shadow muted', async () => {
-      const inviterMuted = await inviter.updateOne({ 'flags.chatShadowMuted': true });
-      const userToInvite = await generateUser();
-
-      const response = await inviterMuted.post(`/groups/${group._id}/invite`, {
-        usernames: [userToInvite.auth.local.lowerCaseUsername],
-      });
-      expect(response).to.be.an('Array');
-      expect(response[0]).to.have.all.keys(['_id', 'id', 'name', 'inviter']);
-      expect(response[0]._id).to.be.a('String');
-      expect(response[0].id).to.eql(group._id);
-      expect(response[0].name).to.eql(groupName);
-      expect(response[0].inviter).to.eql(inviter._id);
-
-      await expect(userToInvite.get('/user'))
-        .to.eventually.not.have.nested.property('invitations.parties[0].id', group._id);
-    });
-
     it('invites a user to a group by username', async () => {
       const userToInvite = await generateUser();
 
@@ -227,24 +209,6 @@ describe('Post /groups/:groupId/invite', () => {
         });
     });
 
-    it('fakes sending an invite if user is shadow muted', async () => {
-      const inviterMuted = await inviter.updateOne({ 'flags.chatShadowMuted': true });
-      const userToInvite = await generateUser();
-
-      const response = await inviterMuted.post(`/groups/${group._id}/invite`, {
-        uuids: [userToInvite._id],
-      });
-      expect(response).to.be.an('Array');
-      expect(response[0]).to.have.all.keys(['_id', 'id', 'name', 'inviter']);
-      expect(response[0]._id).to.be.a('String');
-      expect(response[0].id).to.eql(group._id);
-      expect(response[0].name).to.eql(groupName);
-      expect(response[0].inviter).to.eql(inviter._id);
-
-      await expect(userToInvite.get('/user'))
-        .to.eventually.not.have.nested.property('invitations.parties[0].id', group._id);
-    });
-
     it('invites a user to a group by uuid', async () => {
       const userToInvite = await generateUser();
 
@@ -317,19 +281,6 @@ describe('Post /groups/:groupId/invite', () => {
         });
     });
 
-    it('fakes sending invite when inviter is shadow muted', async () => {
-      const inviterMuted = await inviter.updateOne({ 'flags.chatShadowMuted': true });
-      const res = await inviterMuted.post(`/groups/${group._id}/invite`, {
-        emails: [testInvite],
-        inviter: 'inviter name',
-      });
-
-      const updatedUser = await inviterMuted.sync();
-
-      expect(res).to.exist;
-      expect(updatedUser.invitesSent).to.eql(1);
-    });
-
     it('returns an error when invite is missing an email', async () => {
       await expect(inviter.post(`/groups/${group._id}/invite`, {
         emails: [{ name: 'test' }],
@@ -454,19 +405,6 @@ describe('Post /groups/:groupId/invite', () => {
         });
     });
 
-    it('fakes sending an invite if user is shadow muted', async () => {
-      const inviterMuted = await inviter.updateOne({ 'flags.chatShadowMuted': true });
-      const newUser = await generateUser();
-      const invite = await inviterMuted.post(`/groups/${group._id}/invite`, {
-        uuids: [newUser._id],
-        emails: [{ name: 'test', email: 'test@habitica.com' }],
-      });
-      const invitedUser = await newUser.get('/user');
-
-      expect(invitedUser.invitations.parties[0]).to.not.exist;
-      expect(invite).to.exist;
-    });
-
     it('invites users to a group by uuid and email', async () => {
       const newUser = await generateUser();
       const invite = await inviter.post(`/groups/${group._id}/invite`, {

test/api/v3/integration/hall/GET-hall_heroes_heroId.test.js

@@ -10,7 +10,6 @@ describe('GET /heroes/:heroId', () => {
   const heroFields = [
     '_id', 'id', 'auth', 'balance', 'contributor', 'flags', 'items',
     'lastCron', 'party', 'preferences', 'profile', 'purchased', 'secret', 'achievements',
-    'stats',
   ];
 
   before(async () => {

test/api/v3/integration/hall/PUT-hall_heores_heroId.test.js

@@ -11,7 +11,6 @@ describe('PUT /heroes/:heroId', () => {
   const heroFields = [
     '_id', 'auth', 'balance', 'contributor', 'flags', 'items', 'lastCron',
     'party', 'preferences', 'profile', 'purchased', 'secret', 'permissions', 'achievements',
-    'stats',
   ];
 
   before(async () => {
@@ -61,12 +60,12 @@ describe('PUT /heroes/:heroId', () => {
     expect(heroRes.profile).to.have.all.keys(['name']);
 
     // test response values
-    expect(heroRes.balance).to.equal(3 + 2.5); // 3+2.5 for first contrib level
+    expect(heroRes.balance).to.equal(3 + 0.75); // 3+0.75 for first contrib level
     expect(heroRes.contributor.level).to.equal(1);
     expect(heroRes.purchased.ads).to.equal(true);
     // test hero values
     await hero.sync();
-    expect(hero.balance).to.equal(3 + 2.5); // 3+2.5 for first contrib level
+    expect(hero.balance).to.equal(3 + 0.75); // 3+0.75 for first contrib level
     expect(hero.contributor.level).to.equal(1);
     expect(hero.purchased.ads).to.equal(true);
     expect(hero.auth.blocked).to.equal(prevBlockState);
@@ -137,12 +136,12 @@ describe('PUT /heroes/:heroId', () => {
     expect(heroRes.profile).to.have.all.keys(['name']);
 
     // test response values
-    expect(heroRes.balance).to.equal(15); // 0+15 for sixth contrib level
+    expect(heroRes.balance).to.equal(1); // 0+1 for sixth contrib level
     expect(heroRes.contributor.level).to.equal(6);
     expect(heroRes.items.pets['Dragon-Hydra']).to.equal(5);
     // test hero values
     await hero.sync();
-    expect(hero.balance).to.equal(15); // 0+15 for sixth contrib level
+    expect(hero.balance).to.equal(1); // 0+1 for sixth contrib level
     expect(hero.contributor.level).to.equal(6);
     expect(hero.items.pets['Dragon-Hydra']).to.equal(5);
   });

test/api/v3/integration/inbox/GET-inbox_messages.test.js

@@ -47,7 +47,7 @@ describe('GET /inbox/messages', () => {
   it('returns four messages when using page-query ', async () => {
     const promises = [];
 
-    for (let i = 0; i < 50; i += 1) {
+    for (let i = 0; i < 10; i += 1) {
       promises.push(user.post('/members/send-private-message', {
         toUserId: user.id,
         message: 'fourth',

test/api/v3/integration/inbox/POST-send_private_message.test.js

@@ -43,7 +43,7 @@ describe('POST /members/send-private-message', () => {
     });
   });
 
-  it('returns error when recipient has blocked the sender', async () => {
+  it('returns error when to user has blocked the sender', async () => {
     const receiver = await generateUser({ 'inbox.blocks': [userToSendMessage._id] });
 
     await expect(userToSendMessage.post('/members/send-private-message', {
@@ -56,7 +56,7 @@ describe('POST /members/send-private-message', () => {
     });
   });
 
-  it('returns error when sender has blocked recipient', async () => {
+  it('returns error when sender has blocked to user', async () => {
     const receiver = await generateUser();
     const sender = await generateUser({ 'inbox.blocks': [receiver._id] });
 
@@ -70,7 +70,7 @@ describe('POST /members/send-private-message', () => {
     });
   });
 
-  it('returns error when recipient has opted out of messaging', async () => {
+  it('returns error when to user has opted out of messaging', async () => {
     const receiver = await generateUser({ 'inbox.optOut': true });
 
     await expect(userToSendMessage.post('/members/send-private-message', {
@@ -174,7 +174,7 @@ describe('POST /members/send-private-message', () => {
     expect(notification.data.excerpt).to.equal(messageExcerpt);
   });
 
-  it('allows admin to send when recipient has blocked the admin', async () => {
+  it('allows admin to send when sender has blocked the admin', async () => {
     userToSendMessage = await generateUser({
       'permissions.moderator': true,
     });
@@ -202,7 +202,7 @@ describe('POST /members/send-private-message', () => {
     expect(sendersMessageInSendersInbox).to.exist;
   });
 
-  it('allows admin to send when recipient has opted out of messaging', async () => {
+  it('allows admin to send when to user has opted out of messaging', async () => {
     userToSendMessage = await generateUser({
       'permissions.moderator': true,
     });
@@ -229,58 +229,4 @@ describe('POST /members/send-private-message', () => {
     expect(sendersMessageInReceiversInbox).to.exist;
     expect(sendersMessageInSendersInbox).to.exist;
   });
-
-  describe('sender is shadow muted', () => {
-    beforeEach(async () => {
-      userToSendMessage = await generateUser({
-        'flags.chatShadowMuted': true,
-      });
-    });
-
-    it('does not save the message in the receiver inbox', async () => {
-      const receiver = await generateUser();
-
-      const response = await userToSendMessage.post('/members/send-private-message', {
-        message: messageToSend,
-        toUserId: receiver._id,
-      });
-
-      expect(response.message.uuid).to.equal(receiver._id);
-
-      const updatedReceiver = await receiver.get('/user');
-      const updatedSender = await userToSendMessage.get('/user');
-
-      const sendersMessageInReceiversInbox = _.find(
-        updatedReceiver.inbox.messages,
-        message => message.uuid === userToSendMessage._id && message.text === messageToSend,
-      );
-
-      const sendersMessageInSendersInbox = _.find(
-        updatedSender.inbox.messages,
-        message => message.uuid === receiver._id && message.text === messageToSend,
-      );
-
-      expect(sendersMessageInReceiversInbox).to.not.exist;
-      expect(sendersMessageInSendersInbox).to.exist;
-    });
-
-    it('does not save the message message twice if recipient is sender', async () => {
-      const response = await userToSendMessage.post('/members/send-private-message', {
-        message: messageToSend,
-        toUserId: userToSendMessage._id,
-      });
-
-      expect(response.message.uuid).to.equal(userToSendMessage._id);
-
-      const updatedSender = await userToSendMessage.get('/user');
-
-      const sendersMessageInSendersInbox = _.find(
-        updatedSender.inbox.messages,
-        message => message.uuid === userToSendMessage._id && message.text === messageToSend,
-      );
-
-      expect(sendersMessageInSendersInbox).to.exist;
-      expect(Object.keys(updatedSender.inbox.messages).length).to.equal(1);
-    });
-  });
 });

test/api/v3/integration/members/GET-members_username.test.js

@@ -19,7 +19,7 @@ describe('GET /members/username/:username', () => {
     });
   });
 
-  it('returns a member\'s public data only', async () => {
+  it('returns a member public data only', async () => {
     // make sure user has all the fields that can be returned by the getMember call
     const member = await generateUser({
       contributor: { level: 1 },

test/api/v3/integration/quests/POST-groups_groupId_quests_accept.test.js

@@ -91,23 +91,6 @@ describe('POST /groups/:groupId/quests/accept', () => {
       expect(partyMembers[0].party.quest.RSVPNeeded).to.be.false;
     });
 
-    it('heals stuck RSVPNeeded when group already has the user accepted', async () => {
-      await leader.post(`/groups/${questingGroup._id}/quests/invite/${PET_QUEST}`);
-      await partyMembers[0].post(`/groups/${questingGroup._id}/quests/accept`);
-
-      await partyMembers[0].updateOne({ 'party.quest.RSVPNeeded': true });
-      await partyMembers[0].sync();
-      expect(partyMembers[0].party.quest.RSVPNeeded).to.be.true;
-
-      const res = await partyMembers[0].post(`/groups/${questingGroup._id}/quests/accept`);
-      expect(res).to.exist;
-
-      await partyMembers[0].sync();
-      await questingGroup.sync();
-      expect(partyMembers[0].party.quest.RSVPNeeded).to.equal(false);
-      expect(questingGroup.quest.members[partyMembers[0]._id]).to.equal(true);
-    });
-
     it('does not accept invite for a quest already underway', async () => {
       await leader.post(`/groups/${questingGroup._id}/quests/invite/${PET_QUEST}`);
       await partyMembers[0].post(`/groups/${questingGroup._id}/quests/accept`);

test/api/v3/integration/quests/POST-groups_groupid_quests_reject.test.js

@@ -100,23 +100,6 @@ describe('POST /groups/:groupId/quests/reject', () => {
       expect(partyMembers[0].party.quest.RSVPNeeded).to.be.false;
     });
 
-    it('heals stuck RSVPNeeded when group already has the user rejected', async () => {
-      await leader.post(`/groups/${questingGroup._id}/quests/invite/${PET_QUEST}`);
-      await partyMembers[0].post(`/groups/${questingGroup._id}/quests/reject`);
-
-      await partyMembers[0].updateOne({ 'party.quest.RSVPNeeded': true });
-      await partyMembers[0].sync();
-      expect(partyMembers[0].party.quest.RSVPNeeded).to.be.true;
-
-      const res = await partyMembers[0].post(`/groups/${questingGroup._id}/quests/reject`);
-      expect(res).to.exist;
-
-      await partyMembers[0].sync();
-      await questingGroup.sync();
-      expect(partyMembers[0].party.quest.RSVPNeeded).to.equal(false);
-      expect(questingGroup.quest.members[partyMembers[0]._id]).to.equal(false);
-    });
-
     it('return an error when a user rejects an invite already accepted', async () => {
       await leader.post(`/groups/${questingGroup._id}/quests/invite/${PET_QUEST}`);
       await partyMembers[0].post(`/groups/${questingGroup._id}/quests/accept`);

test/api/v3/integration/tasks/GET-tasks_user.test.js

@@ -101,6 +101,34 @@ describe('GET /tasks/user', () => {
     expect(allCompletedTodos[allCompletedTodos.length - 1].text).to.equal('todo to complete 2');
   });
 
+  it('returns only some completed todos if req.query.type is "completedTodos" or "_allCompletedTodos"', async () => {
+    const LIMIT = 30;
+    const numberOfTodos = LIMIT + 1;
+    const todosInput = [];
+
+    for (let i = 0; i < numberOfTodos; i += 1) {
+      todosInput[i] = { text: `todo to complete ${i}`, type: 'todo' };
+    }
+    const todos = await user.post('/tasks/user', todosInput);
+    await user.sync();
+    const initialTodoCount = user.tasksOrder.todos.length;
+
+    for (let i = 0; i < numberOfTodos; i += 1) {
+      const id = todos[i]._id;
+
+      await user.post(`/tasks/${id}/score/up`); // eslint-disable-line no-await-in-loop
+    }
+    await user.sync();
+
+    expect(user.tasksOrder.todos.length).to.equal(initialTodoCount - numberOfTodos);
+
+    const completedTodos = await user.get('/tasks/user?type=completedTodos');
+    expect(completedTodos.length).to.equal(LIMIT);
+
+    const allCompletedTodos = await user.get('/tasks/user?type=_allCompletedTodos');
+    expect(allCompletedTodos.length).to.equal(numberOfTodos);
+  });
+
   it('returns dailies with isDue for the date specified', async () => {
     // @TODO Add required format
     const startDate = moment().subtract('1', 'days').toISOString();

test/api/v3/integration/user/POST-user_sleep.test.js

@@ -1,6 +1,7 @@
 import {
   generateUser,
 } from '../../../../helpers/api-integration/v3';
+import { mockAnalyticsService as analytics } from '../../../../../website/server/libs/analyticsService';
 
 describe('POST /user/sleep', () => {
   let user;
@@ -22,4 +23,15 @@ describe('POST /user/sleep', () => {
     await user.sync();
     expect(user.preferences.sleep).to.be.false;
   });
+
+  it('sends sleep status to analytics service', async () => {
+    sandbox.spy(analytics, 'track');
+
+    await user.post('/user/sleep');
+    await user.sync();
+    expect(analytics.track).to.be.calledOnce;
+    expect(analytics.track).to.be.calledWith('sleep', sandbox.match.has('status', user.preferences.sleep));
+
+    sandbox.restore();
+  });
 });

test/api/v3/integration/user/auth/GET-user_auth_apple.test.js

@@ -25,7 +25,7 @@ describe('GET /user/auth/apple', () => {
   });
 
   it('registers a new user', async () => {
-    const response = await api.get(`${appleEndpoint}?allowRegister=true`);
+    const response = await api.get(appleEndpoint);
 
     expect(response.apiToken).to.exist;
     expect(response.id).to.exist;
@@ -35,7 +35,7 @@ describe('GET /user/auth/apple', () => {
   });
 
   it('logs an existing user in', async () => {
-    const registerResponse = await api.get(`${appleEndpoint}?allowRegister=true`);
+    const registerResponse = await api.get(appleEndpoint);
 
     const response = await api.get(appleEndpoint);
 

test/api/v3/integration/user/auth/POST-auth_reset-password-set-new-one.js

@@ -238,28 +238,6 @@ describe('POST /user/auth/reset-password-set-new-one', () => {
     expect(isPassValid).to.equal(true);
   });
 
-  it('changes the apiToken on password reset', async () => {
-    const user = await generateUser();
-    const previousToken = user.apiToken;
-
-    const code = encrypt(JSON.stringify({
-      userId: user._id,
-      expiresAt: moment().add({ days: 1 }),
-    }));
-    await user.updateOne({
-      'auth.local.passwordResetCode': code,
-    });
-
-    await api.post(`${endpoint}`, {
-      newPassword: 'my new password',
-      confirmPassword: 'my new password',
-      code,
-    });
-
-    await user.sync();
-    expect(user.apiToken).to.not.eql(previousToken);
-  });
-
   it('renders the success page and convert the password from sha1 to bcrypt', async () => {
     const user = await generateUser();
 

test/api/v3/integration/user/auth/POST-login-local.test.js

@@ -44,7 +44,7 @@ describe('POST /user/auth/local/login', () => {
     })).to.eventually.be.rejected.and.eql({
       code: 401,
       error: 'NotAuthorized',
-      message: t('accountSuspended', { communityManagerEmail: nconf.get('EMAILS_COMMUNITY_MANAGER_EMAIL'), userId: user._id, username: user.auth.local.username }),
+      message: t('accountSuspended', { communityManagerEmail: nconf.get('EMAILS_COMMUNITY_MANAGER_EMAIL'), userId: user._id }),
     });
   });
 
@@ -110,18 +110,6 @@ describe('POST /user/auth/local/login', () => {
     expect(isValidPassword).to.equal(true);
   });
 
-  it('sets auth.timestamps.updated', async () => {
-    const oldUpdated = new Date(user.auth.timestamps.updated);
-    // login
-    await api.post(endpoint, {
-      username: user.auth.local.email,
-      password,
-    });
-
-    await user.sync();
-    expect(user.auth.timestamps.updated).to.be.greaterThan(oldUpdated);
-  });
-
   it('user uses social authentication and has no password', async () => {
     await user.unset({
       'auth.local.hashed_password': 1,

test/api/v3/integration/user/auth/POST-register_local.test.js

@@ -9,7 +9,6 @@ import {
 } from '../../../../../helpers/api-integration/v3';
 import { ApiUser } from '../../../../../helpers/api-integration/api-classes';
 import { encrypt } from '../../../../../../website/server/libs/encryption';
-import { RegistrationEventModel } from '../../../../../../website/server/models/analytics/registrationEvent';
 
 function generateRandomUserName () {
   return (Date.now() + uuid()).substring(0, 20);
@@ -42,25 +41,6 @@ describe('POST /user/auth/local/register', () => {
       expect(user.newUser).to.eql(true);
     });
 
-    it('tracks a registration event', async () => {
-      const username = generateRandomUserName();
-      const email = `${username}@example.com`;
-      const password = 'password';
-
-      const user = await api.post('/user/auth/local/register', {
-        username,
-        email,
-        password,
-        confirmPassword: password,
-      });
-
-      const registrationEvent = await RegistrationEventModel.findOne({ userId: user._id });
-      expect(registrationEvent).to.exist;
-      expect(registrationEvent).to.have.property('userId', user._id);
-      expect(registrationEvent).to.have.property('ipAddress');
-      expect(registrationEvent).to.have.property('authenticationMethod', 'local');
-    });
-
     it('registers a new user and sets verifiedUsername to true', async () => {
       const username = generateRandomUserName();
       const email = `${username}@example.com`;

test/api/v3/integration/user/auth/POST-user_auth_social.test.js

@@ -6,8 +6,6 @@ import {
   translate as t,
   getProperty,
 } from '../../../../../helpers/api-integration/v3';
-import apiErrorMessages from '../../../../../../website/common/script/errors/apiErrorMessages';
-import { RegistrationEventModel } from '../../../../../../website/server/models/analytics/registrationEvent';
 
 describe('POST /user/auth/social', () => {
   let api;
@@ -66,77 +64,6 @@ describe('POST /user/auth/social', () => {
       await expect(getProperty('users', response.id, 'profile.name')).to.eventually.equal('a google user');
     });
 
-    it('tracks a registration event', async () => {
-      const socialUser = await api.post(endpoint, {
-        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
-        network,
-      });
-
-      const registrationEvent = await RegistrationEventModel.findOne({ userId: socialUser.id });
-      expect(registrationEvent).to.exist;
-      expect(registrationEvent).to.have.property('userId', socialUser.id);
-      expect(registrationEvent).to.have.property('ipAddress');
-      expect(registrationEvent).to.have.property('authenticationMethod', 'google');
-    });
-
-    it('includes sanitized version of provided username', async () => {
-      const response = await api.post(endpoint, {
-        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
-        network,
-        username: 'Google User Name',
-      });
-
-      await expect(getProperty('users', response.id, 'auth.local.username')).to.eventually.equal('GoogleUserName');
-      await expect(getProperty('users', response.id, 'auth.local.lowerCaseUsername')).to.eventually.equal('googleusername');
-    });
-
-    it('generates a random username if provided username contains only disallowed characters', async () => {
-      const response = await api.post(endpoint, {
-        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
-        network,
-        username: 'Áîüè',
-      });
-
-      await expect(getProperty('users', response.id, 'auth.local.username')).to.eventually.contain('hb-');
-      await expect(getProperty('users', response.id, 'auth.local.lowerCaseUsername')).to.eventually.contain('hb-');
-    });
-
-    it('generates a random username if provided username contains a disallowed word', async () => {
-      const response = await api.post(endpoint, {
-        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
-        network,
-        username: 'i am a TESTPLACEHOLDERSLURWORDHERE',
-      });
-
-      await expect(getProperty('users', response.id, 'auth.local.username')).to.eventually.contain('hb-');
-      await expect(getProperty('users', response.id, 'auth.local.lowerCaseUsername')).to.eventually.contain('hb-');
-    });
-
-    it('generates a random username if sanitized username conflicts with an extant user', async () => {
-      user = await generateUser({ 'auth.local.username': 'GoogleUserName' });
-
-      const response = await api.post(endpoint, {
-        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
-        network,
-        username: 'Google User Name',
-      });
-
-      await expect(getProperty('users', response.id, 'auth.local.username')).to.eventually.contain('hb-');
-      await expect(getProperty('users', response.id, 'auth.local.lowerCaseUsername')).to.eventually.contain('hb-');
-    });
-
-    it('fails if allowRegister is false and user does not exist', async () => {
-      await expect(api.post(endpoint, {
-        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
-        network,
-        allowRegister: false,
-      })).to.eventually.be.rejected.and.eql({
-        code: 404,
-        error: 'NotFound',
-        message: `${apiErrorMessages.socialFlowUserNotFound} ${user.auth.local.username}+google@example.com`,
-      });
-    });
-
     it('logs an existing user in', async () => {
       const registerResponse = await api.post(endpoint, {
         authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
@@ -204,36 +131,6 @@ describe('POST /user/auth/social', () => {
       expect(response.newUser).to.be.false;
     });
 
-    it('logs an existing user into their social account if allowRegister is false', async () => {
-      const registerResponse = await api.post(endpoint, {
-        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
-        network,
-      });
-      expect(registerResponse.newUser).to.be.true;
-      // This is important for existing accounts before the new social handling
-      passport._strategies.google.userProfile.restore();
-      const expectedResult = {
-        id: randomGoogleId,
-        displayName: 'a google user',
-        emails: [
-          { value: user.auth.local.email },
-        ],
-      };
-      sandbox.stub(passport._strategies.google, 'userProfile').yields(null, expectedResult);
-
-      const response = await api.post(endpoint, {
-        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
-        network,
-        allowRegister: false,
-      });
-
-      expect(response.apiToken).to.eql(registerResponse.apiToken);
-      expect(response.id).to.eql(registerResponse.id);
-      expect(response.apiToken).not.to.eql(user.apiToken);
-      expect(response.id).not.to.eql(user._id);
-      expect(response.newUser).to.be.false;
-    });
-
     it('add social auth to an existing user', async () => {
       const response = await user.post(endpoint, {
         authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
@@ -245,17 +142,6 @@ describe('POST /user/auth/social', () => {
       expect(response.newUser).to.be.false;
     });
 
-    it('does not track a registration event for existing users', async () => {
-      const beforeEvents = await RegistrationEventModel.find({ userId: user._id });
-      await user.post(endpoint, {
-        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
-        network,
-      });
-
-      const registrationEvents = await RegistrationEventModel.find({ userId: user._id });
-      expect(registrationEvents).to.have.lengthOf(beforeEvents.length);
-    });
-
     it('does not log into other account if social auth already exists', async () => {
       const registerResponse = await api.post(endpoint, {
         authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
@@ -281,24 +167,5 @@ describe('POST /user/auth/social', () => {
 
       await expect(getProperty('users', user._id, '_ABtests')).to.eventually.be.a('object');
     });
-
-    it('sets auth.timestamps.updated', async () => {
-      let oldUpdated = new Date(user.auth.timestamps.updated);
-      await user.post(endpoint, {
-        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
-        network,
-      });
-      await user.sync();
-      expect(user.auth.timestamps.updated).to.be.greaterThan(oldUpdated);
-      oldUpdated = new Date(user.auth.timestamps.updated);
-
-      // Do it again to ensure it updates even when nothing else changes
-      await api.post(endpoint, {
-        authResponse: { access_token: randomAccessToken }, // eslint-disable-line camelcase
-        network,
-      });
-      await user.sync();
-      expect(user.auth.timestamps.updated).to.be.greaterThan(oldUpdated);
-    });
   });
 });

test/api/v3/integration/user/auth/PUT-user_update_password.test.js

@@ -27,30 +27,11 @@ describe('PUT /user/auth/update-password', async () => {
       newPassword,
       confirmPassword: newPassword,
     });
-
+    expect(response).to.eql({});
-    expect(response).to.exist;
-    expect(response.apiToken).to.exist;
-
     await user.sync();
     expect(user.auth.local.hashed_password).to.not.eql(previousHashedPassword);
   });
 
-  it('should change the apiToken on password change', async () => {
-    const previousToken = user.apiToken;
-    const response = await user.put(ENDPOINT, {
-      password,
-      newPassword,
-      confirmPassword: newPassword,
-    });
-
-    const newToken = response.apiToken;
-    expect(newToken).to.exist;
-
-    await user.sync();
-    expect(user.apiToken).to.eql(newToken);
-    expect(user.apiToken).to.not.eql(previousToken);
-  });
-
   it('returns an error when confirmPassword does not match newPassword', async () => {
     await expect(user.put(ENDPOINT, {
       password,

test/api/v4/inbox/GET-inbox-conversations.test.js

@@ -66,7 +66,7 @@ describe('GET /inbox/conversations', () => {
   it('returns five messages when using page-query ', async () => {
     const promises = [];
 
-    for (let i = 0; i < 50; i += 1) {
+    for (let i = 0; i < 10; i += 1) {
       promises.push(user.post('/members/send-private-message', {
         toUserId: user.id,
         message: 'fourth',

test/api/v4/inbox/POST-inbox_message_like.test.js

@@ -26,7 +26,7 @@ describe('POST /inbox/like-private-message/:messageId', () => {
     userToSendMessage = await generateUser();
   });
 
-  it('returns an error when private message is not found', async () => {
+  it('Returns an error when private message is not found', async () => {
     await expect(userToSendMessage.post(getLikeUrl('some-unknown-id')))
       .to.eventually.be.rejected.and.eql({
         code: 404,
@@ -35,7 +35,7 @@ describe('POST /inbox/like-private-message/:messageId', () => {
       });
   });
 
-  it('likes a message', async () => {
+  it('Likes a message', async () => {
     const receiver = await generateUser();
 
     const sentMessageResult = await userToSendMessage.post('/members/send-private-message', {
@@ -57,7 +57,7 @@ describe('POST /inbox/like-private-message/:messageId', () => {
     expectMessagesLikeStatus(receiversMessages, uniqueMessageId, receiver._id, true);
   });
 
-  it('allows a user to like their own private message', async () => {
+  it('Allows to likes their own private message', async () => {
     const receiver = await generateUser();
 
     const sentMessageResult = await userToSendMessage.post('/members/send-private-message', {
@@ -78,7 +78,7 @@ describe('POST /inbox/like-private-message/:messageId', () => {
     expectMessagesLikeStatus(receiversMessages, uniqueMessageId, userToSendMessage._id, true);
   });
 
-  it('unlikes a message', async () => {
+  it('Unlikes a message', async () => {
     const receiver = await generateUser();
 
     const sentMessageResult = await userToSendMessage.post('/members/send-private-message', {

test/api/v4/user/auth/POST-check_email.test.js

@@ -1,66 +0,0 @@
-import {
-  translate as t,
-  requester,
-  generateUser,
-} from '../../../../helpers/api-integration/v4';
-
-const ENDPOINT = '/user/auth/check-email';
-
-describe('POST /user/auth/check-email', () => {
-  const email = 'SOmE-nEw-emAIl_2@example.net';
-  let api;
-
-  beforeEach(async () => {
-    api = requester();
-  });
-
-  it('returns email if it is not used yet', async () => {
-    const response = await api.post(ENDPOINT, {
-      email,
-    });
-    expect(response.email).to.eql(email);
-    expect(response.valid).to.be.true;
-  });
-
-  it('rejects if email is not provided', async () => {
-    await expect(api.post(ENDPOINT, {
-    })).to.eventually.be.rejected.and.eql({
-      code: 400,
-      error: 'BadRequest',
-      message: 'Invalid request parameters.',
-    });
-  });
-
-  it('rejects if email is already taken', async () => {
-    const user = await generateUser();
-
-    const response = await api.post(ENDPOINT, {
-      email: user.auth.local.email,
-    });
-    expect(response).to.eql({
-      valid: false,
-      email: user.auth.local.email,
-      error: t('cannotFulfillReq'),
-    });
-  });
-
-  it('rejects if casing is different', async () => {
-    const user = await generateUser();
-
-    const response = await api.post(ENDPOINT, {
-      email: user.auth.local.email.toUpperCase(),
-    });
-    expect(response).to.eql({
-      valid: false,
-      email: user.auth.local.email.toUpperCase(),
-      error: t('cannotFulfillReq'),
-    });
-  });
-
-  it('rejects if email uses restricted domain', async () => {
-    const response = await api.post(ENDPOINT, {
-      email: 'fake@habitica.com',
-    });
-    expect(response.valid).to.be.false;
-  });
-});

test/common/libs/habiticaMarkdown.test.js

@@ -1,67 +0,0 @@
-import md from 'habitica-markdown';
-
-describe('habiticaMarkdown emoji plugin', () => {
-  it('renders standard emoji as Unicode', () => {
-    const result = md.render(':smile:');
-    expect(result).to.include('😄');
-    expect(result).not.to.include('img');
-  });
-
-  it('renders thumbsup emoji as Unicode', () => {
-    const result = md.render(':thumbsup:');
-    expect(result).to.include('👍');
-  });
-
-  it('renders +1 emoji as Unicode', () => {
-    const result = md.render(':+1:');
-    expect(result).to.include('👍');
-  });
-
-  it('renders melior as an img tag', () => {
-    const result = md.render(':melior:');
-    expect(result).to.include('<img class="habitica-emoji"');
-    expect(result).to.include('src="https://s3.amazonaws.com/habitica-assets/cdn/emoji/melior.png"');
-    expect(result).to.include('alt="melior"');
-  });
-
-  it('does NOT convert emoji inside markdown links', () => {
-    const result = md.render('[:smile: link](http://example.com)');
-    expect(result).to.include(':smile: link');
-    expect(result).not.to.include('😄');
-  });
-
-  it('converts emoji outside of links normally', () => {
-    const result = md.render(':smile: [link](http://example.com)');
-    expect(result).to.include('😄');
-    expect(result).to.include('link');
-  });
-
-  it('leaves removed custom emoji (bowtie) as literal text', () => {
-    const result = md.render(':bowtie:');
-    expect(result).to.include(':bowtie:');
-    expect(result).not.to.include('img');
-  });
-
-  it('leaves unknown shortcodes as literal text', () => {
-    const result = md.render(':nonexistent_emoji_xyz:');
-    expect(result).to.include(':nonexistent_emoji_xyz:');
-  });
-
-  it('renders new emoji not in the old dataset', () => {
-    const result = md.render(':yawning_face:');
-    expect(result).to.include('🥱');
-  });
-
-  it('supports unsafeHTMLRender', () => {
-    const result = md.unsafeHTMLRender('<b>bold</b> :smile:');
-    expect(result).to.include('<b>bold</b>');
-    expect(result).to.include('😄');
-  });
-
-  it('supports renderWithMentions', () => {
-    const result = md.renderWithMentions(':smile: @testuser', { userName: 'testuser' });
-    expect(result).to.include('😄');
-    expect(result).to.include('at-text');
-    expect(result).to.include('at-highlight');
-  });
-});

test/common/ops/buy/buy.test.js

@@ -13,6 +13,7 @@ import { errorMessage } from '../../../../website/common/script/libs/errorMessag
 
 describe('shared.ops.buy', () => {
   let user;
+  const analytics = { track () {} };
 
   beforeEach(() => {
     user = generateUser({
@@ -31,6 +32,12 @@ describe('shared.ops.buy', () => {
         },
       },
     });
+
+    sinon.stub(analytics, 'track');
+  });
+
+  afterEach(() => {
+    analytics.track.restore();
   });
 
   it('returns error when key is not provided', async () => {
@@ -44,8 +51,10 @@ describe('shared.ops.buy', () => {
 
   it('buys health potion', async () => {
     user.stats.hp = 30;
-    await buy(user, { params: { key: 'potion' } });
+    await buy(user, { params: { key: 'potion' } }, analytics);
     expect(user.stats.hp).to.eql(45);
+
+    expect(analytics.track).to.be.calledOnce;
   });
 
   it('adds equipment to inventory', async () => {

test/common/ops/buy/buyArmoire.test.js

@@ -29,9 +29,10 @@ describe('shared.ops.buyArmoire', () => {
   const YIELD_EQUIPMENT = 0.5;
   const YIELD_FOOD = 0.7;
   const YIELD_EXP = 0.9;
+  const analytics = { track () {} };
 
-  async function buyArmoire (_user, _req) {
+  async function buyArmoire (_user, _req, _analytics) {
-    const buyOp = new BuyArmoireOperation(_user, _req);
+    const buyOp = new BuyArmoireOperation(_user, _req, _analytics);
 
     return buyOp.purchase();
   }
@@ -49,10 +50,12 @@ describe('shared.ops.buyArmoire', () => {
     user.items.food = {};
 
     sandbox.stub(randomValFns, 'trueRandom');
+    sinon.stub(analytics, 'track');
   });
 
   afterEach(() => {
     randomValFns.trueRandom.restore();
+    analytics.track.restore();
   });
 
   context('failure conditions', () => {
@@ -144,7 +147,7 @@ describe('shared.ops.buyArmoire', () => {
 
       expect(_.size(user.items.gear.owned)).to.equal(2);
 
-      await buyArmoire(user, {});
+      await buyArmoire(user, {}, analytics);
 
       expect(_.size(user.items.gear.owned)).to.equal(3);
 
@@ -152,6 +155,7 @@ describe('shared.ops.buyArmoire', () => {
 
       expect(armoireCount).to.eql(_.size(getFullArmoire()) - 2);
       expect(user.stats.gp).to.eql(100);
+      expect(analytics.track).to.be.calledTwice;
     });
   });
 });

test/common/ops/buy/buyGem.test.js

@@ -1,5 +1,6 @@
 /* eslint-disable camelcase */
 
+import sinon from 'sinon'; // eslint-disable-line no-shadow
 import {
   generateUser,
 } from '../../../helpers/common.helper';
@@ -10,14 +11,15 @@ import i18n from '../../../../website/common/script/i18n';
 import { BuyGemOperation } from '../../../../website/common/script/ops/buy/buyGem';
 import planGemLimits from '../../../../website/common/script/libs/planGemLimits';
 
-async function buyGem (user, req) {
+async function buyGem (user, req, analytics) {
-  const buyOp = new BuyGemOperation(user, req);
+  const buyOp = new BuyGemOperation(user, req, analytics);
 
   return buyOp.purchase();
 }
 
 describe('shared.ops.buyGem', () => {
   let user;
+  const analytics = { track () {} };
   const goldPoints = 40;
   const gemsBought = 40;
   const userGemAmount = 10;
@@ -33,16 +35,23 @@ describe('shared.ops.buyGem', () => {
         },
       },
     });
+
+    sinon.stub(analytics, 'track');
+  });
+
+  afterEach(() => {
+    analytics.track.restore();
   });
 
   context('Gems', () => {
     it('purchases gems', async () => {
-      const [, message] = await buyGem(user, { params: { type: 'gems', key: 'gem' } });
+      const [, message] = await buyGem(user, { params: { type: 'gems', key: 'gem' } }, analytics);
 
       expect(message).to.equal(i18n.t('plusGem', { count: 1 }));
       expect(user.balance).to.equal(userGemAmount + 0.25);
       expect(user.purchased.plan.gemsBought).to.equal(1);
       expect(user.stats.gp).to.equal(goldPoints - planGemLimits.convRate);
+      expect(analytics.track).to.be.calledOnce;
     });
 
     it('purchases gems with a different language than the default', async () => {

test/common/ops/buy/buyHealthPotion.test.js

@@ -10,9 +10,10 @@ import i18n from '../../../../website/common/script/i18n';
 
 describe('shared.ops.buyHealthPotion', () => {
   let user;
+  const analytics = { track () {} };
 
-  async function buyHealthPotion (_user, _req) {
+  async function buyHealthPotion (_user, _req, _analytics) {
-    const buyOp = new BuyHealthPotionOperation(_user, _req);
+    const buyOp = new BuyHealthPotionOperation(_user, _req, _analytics);
 
     return buyOp.purchase();
   }
@@ -31,13 +32,19 @@ describe('shared.ops.buyHealthPotion', () => {
       },
       stats: { gp: 200 },
     });
+    sinon.stub(analytics, 'track');
+  });
+
+  afterEach(() => {
+    analytics.track.restore();
   });
 
   context('Potion', () => {
     it('recovers 15 hp', async () => {
       user.stats.hp = 30;
-      await buyHealthPotion(user, {});
+      await buyHealthPotion(user, {}, analytics);
       expect(user.stats.hp).to.eql(45);
+      expect(analytics.track).to.be.calledOnce;
     });
 
     it('does not increase hp above 50', async () => {

test/common/ops/buy/buyMarketGear.test.js

@@ -13,14 +13,15 @@ import {
 import i18n from '../../../../website/common/script/i18n';
 import { errorMessage } from '../../../../website/common/script/libs/errorMessage';
 
-async function buyGear (user, req) {
+async function buyGear (user, req, analytics) {
-  const buyOp = new BuyMarketGearOperation(user, req);
+  const buyOp = new BuyMarketGearOperation(user, req, analytics);
 
   return buyOp.purchase();
 }
 
 describe('shared.ops.buyMarketGear', () => {
   let user;
+  const analytics = { track () {} };
   let clock;
 
   beforeEach(() => {
@@ -46,12 +47,14 @@ describe('shared.ops.buyMarketGear', () => {
     sinon.stub(shared, 'randomVal');
     sinon.stub(shared.onboarding, 'checkOnboardingStatus');
     sinon.stub(shared.fns, 'predictableRandom');
+    sinon.stub(analytics, 'track');
   });
 
   afterEach(() => {
     shared.randomVal.restore();
     shared.fns.predictableRandom.restore();
     shared.onboarding.checkOnboardingStatus.restore();
+    analytics.track.restore();
 
     if (clock) {
       clock.restore();
@@ -62,7 +65,7 @@ describe('shared.ops.buyMarketGear', () => {
     it('adds equipment to inventory', async () => {
       user.stats.gp = 31;
 
-      await buyGear(user, { params: { key: 'armor_warrior_1' } });
+      await buyGear(user, { params: { key: 'armor_warrior_1' } }, analytics);
 
       expect(user.items.gear.owned).to.eql({
         weapon_warrior_0: true,
@@ -89,12 +92,13 @@ describe('shared.ops.buyMarketGear', () => {
         eyewear_special_whiteHalfMoon: true,
         eyewear_special_yellowHalfMoon: true,
       });
+      expect(analytics.track).to.be.calledOnce;
     });
 
     it('adds the onboarding achievement to the user and checks the onboarding status', async () => {
       user.stats.gp = 31;
 
-      await buyGear(user, { params: { key: 'armor_warrior_1' } });
+      await buyGear(user, { params: { key: 'armor_warrior_1' } }, analytics);
 
       expect(user.addAchievement).to.be.calledOnce;
       expect(user.addAchievement).to.be.calledWith('purchasedEquipment');
@@ -107,7 +111,7 @@ describe('shared.ops.buyMarketGear', () => {
       user.stats.gp = 31;
       user.achievements.purchasedEquipment = true;
 
-      await buyGear(user, { params: { key: 'armor_warrior_1' } });
+      await buyGear(user, { params: { key: 'armor_warrior_1' } }, analytics);
 
       expect(user.addAchievement).to.not.be.called;
     });

test/common/ops/buy/buyMysterySet.test.js

@@ -14,6 +14,7 @@ import { errorMessage } from '../../../../website/common/script/libs/errorMessag
 
 describe('shared.ops.buyMysterySet', () => {
   let user;
+  const analytics = { track () {} };
   let clock;
 
   beforeEach(() => {
@@ -26,9 +27,11 @@ describe('shared.ops.buyMysterySet', () => {
         },
       },
     });
+    sinon.stub(analytics, 'track');
   });
 
   afterEach(() => {
+    analytics.track.restore();
     if (clock) {
       clock.restore();
     }
@@ -90,7 +93,7 @@ describe('shared.ops.buyMysterySet', () => {
     context('successful purchases', () => {
       it('buys Steampunk Accessories Set', async () => {
         user.purchased.plan.consecutive.trinkets = 1;
-        await buyMysterySet(user, { params: { key: '301404' } });
+        await buyMysterySet(user, { params: { key: '301404' } }, analytics);
 
         expect(user.purchased.plan.consecutive.trinkets).to.eql(0);
         expect(user.items.gear.owned).to.have.property('weapon_warrior_0', true);
@@ -103,7 +106,7 @@ describe('shared.ops.buyMysterySet', () => {
       it('buys mystery set if it is available', async () => {
         clock = sinon.useFakeTimers(new Date('2024-01-16'));
         user.purchased.plan.consecutive.trinkets = 1;
-        await buyMysterySet(user, { params: { key: '201601' } });
+        await buyMysterySet(user, { params: { key: '201601' } }, analytics);
 
         expect(user.purchased.plan.consecutive.trinkets).to.eql(0);
         expect(user.items.gear.owned).to.have.property('shield_mystery_201601', true);

test/common/ops/buy/buyQuestGems.test.js

@@ -12,9 +12,10 @@ describe('shared.ops.buyQuestGems', () => {
   let user;
   let clock;
   const goldPoints = 40;
+  const analytics = { track () {} };
 
-  async function buyQuest (_user, _req) {
+  async function buyQuest (_user, _req, _analytics) {
-    const buyOp = new BuyQuestWithGemOperation(_user, _req);
+    const buyOp = new BuyQuestWithGemOperation(_user, _req, _analytics);
 
     return buyOp.purchase();
   }
@@ -24,11 +25,13 @@ describe('shared.ops.buyQuestGems', () => {
   });
 
   beforeEach(() => {
+    sinon.stub(analytics, 'track');
     sinon.spy(pinnedGearUtils, 'removeItemByPath');
     clock = sinon.useFakeTimers(new Date('2024-01-16'));
   });
 
   afterEach(() => {
+    analytics.track.restore();
     pinnedGearUtils.removeItemByPath.restore();
     clock.restore();
   });

test/common/ops/buy/buyQuestGold.test.js

@@ -12,15 +12,21 @@ import { errorMessage } from '../../../../website/common/script/libs/errorMessag
 
 describe('shared.ops.buyQuest', () => {
   let user;
+  const analytics = { track () {} };
 
-  async function buyQuest (_user, _req) {
+  async function buyQuest (_user, _req, _analytics) {
-    const buyOp = new BuyQuestWithGoldOperation(_user, _req);
+    const buyOp = new BuyQuestWithGoldOperation(_user, _req, _analytics);
 
     return buyOp.purchase();
   }
 
   beforeEach(() => {
     user = generateUser();
+    sinon.stub(analytics, 'track');
+  });
+
+  afterEach(() => {
+    analytics.track.restore();
   });
 
   it('buys a Quest scroll', async () => {
@@ -29,11 +35,12 @@ describe('shared.ops.buyQuest', () => {
       params: {
         key: 'dilatoryDistress1',
       },
-    });
+    }, analytics);
     expect(user.items.quests).to.eql({
       dilatoryDistress1: 1,
     });
     expect(user.stats.gp).to.equal(5);
+    expect(analytics.track).to.be.calledOnce;
   });
 
   it('if a user\'s count of a quest scroll is negative, it will be reset to 0 before incrementing when they buy a new one.', async () => {
@@ -42,9 +49,10 @@ describe('shared.ops.buyQuest', () => {
     user.items.quests[key] = -1;
     await buyQuest(user, {
       params: { key },
-    });
+    }, analytics);
     expect(user.items.quests[key]).to.equal(1);
     expect(user.stats.gp).to.equal(5);
+    expect(analytics.track).to.be.calledOnce;
   });
 
   it('buys a Quest scroll with the right quantity if a string is passed for quantity', async () => {
@@ -53,13 +61,13 @@ describe('shared.ops.buyQuest', () => {
       params: {
         key: 'dilatoryDistress1',
       },
-    });
+    }, analytics);
     await buyQuest(user, {
       params: {
         key: 'dilatoryDistress1',
       },
       quantity: '3',
-    });
+    }, analytics);
 
     expect(user.items.quests).to.eql({
       dilatoryDistress1: 4,
@@ -74,7 +82,7 @@ describe('shared.ops.buyQuest', () => {
           key: 'dilatoryDistress1',
         },
         quantity: 'a',
-      });
+      }, analytics);
     } catch (err) {
       expect(err).to.be.an.instanceof(BadRequest);
       expect(err.message).to.equal(i18n.t('invalidQuantity'));
@@ -179,11 +187,12 @@ describe('shared.ops.buyQuest', () => {
       params: {
         key: 'dilatoryDistress3',
       },
-    });
+    }, analytics);
 
     expect(user.items.quests).to.eql({
       dilatoryDistress3: 1,
     });
     expect(user.stats.gp).to.equal(100);
+    expect(analytics.track).to.be.calledOnce;
   });
 });

test/common/ops/buy/buySpell.test.js

@@ -14,17 +14,20 @@ import { errorMessage } from '../../../../website/common/script/libs/errorMessag
 describe('shared.ops.buySpecialSpell', () => {
   let user;
   let clock;
+  const analytics = { track () {} };
 
-  async function buySpecialSpell (_user, _req) {
+  async function buySpecialSpell (_user, _req, _analytics) {
-    const buyOp = new BuySpellOperation(_user, _req);
+    const buyOp = new BuySpellOperation(_user, _req, _analytics);
 
     return buyOp.purchase();
   }
   beforeEach(() => {
     user = generateUser();
+    sinon.stub(analytics, 'track');
   });
 
   afterEach(() => {
+    analytics.track.restore();
     if (clock) {
       clock.restore();
     }
@@ -75,7 +78,7 @@ describe('shared.ops.buySpecialSpell', () => {
         params: {
           key: 'thankyou',
         },
-      });
+      }, analytics);
 
       expect(user.stats.gp).to.equal(1);
       expect(user.items.special.thankyou).to.equal(1);
@@ -86,6 +89,7 @@ describe('shared.ops.buySpecialSpell', () => {
       expect(message).to.equal(i18n.t('messageBought', {
         itemText: item.text(),
       }));
+      expect(analytics.track).to.be.calledOnce;
     });
 
     it('buys a limited card when it is available', async () => {
@@ -97,7 +101,7 @@ describe('shared.ops.buySpecialSpell', () => {
         params: {
           key: 'nye',
         },
-      });
+      }, analytics);
 
       expect(user.stats.gp).to.equal(1);
       expect(user.items.special.nye).to.equal(1);
@@ -108,6 +112,7 @@ describe('shared.ops.buySpecialSpell', () => {
       expect(message).to.equal(i18n.t('messageBought', {
         itemText: item.text(),
       }));
+      expect(analytics.track).to.be.calledOnce;
     });
 
     it('throws an error if the card is not currently available', async () => {
@@ -135,7 +140,7 @@ describe('shared.ops.buySpecialSpell', () => {
         params: {
           key: 'seafoam',
         },
-      });
+      }, analytics);
 
       expect(user.stats.gp).to.equal(1);
       expect(user.items.special.seafoam).to.equal(1);
@@ -146,6 +151,7 @@ describe('shared.ops.buySpecialSpell', () => {
       expect(message).to.equal(i18n.t('messageBought', {
         itemText: item.text(),
       }));
+      expect(analytics.track).to.be.calledOnce;
     });
 
     it('throws an error if the spell is not currently available', async () => {

test/common/ops/buy/hourglassPurchase.test.js

@@ -13,15 +13,21 @@ import { BuyHourglassMountOperation } from '../../../../website/common/script/op
 
 describe('common.ops.hourglassPurchase', () => {
   let user;
+  const analytics = { track () {} };
 
-  async function buyMount (_user, _req) {
+  async function buyMount (_user, _req, _analytics) {
-    const buyOp = new BuyHourglassMountOperation(_user, _req);
+    const buyOp = new BuyHourglassMountOperation(_user, _req, _analytics);
 
     return buyOp.purchase();
   }
 
   beforeEach(() => {
     user = generateUser();
+    sinon.stub(analytics, 'track');
+  });
+
+  afterEach(() => {
+    analytics.track.restore();
   });
 
   context('failure conditions', () => {
@@ -125,11 +131,12 @@ describe('common.ops.hourglassPurchase', () => {
     it('buys a pet', async () => {
       user.purchased.plan.consecutive.trinkets = 2;
 
-      const [, message] = await hourglassPurchase(user, { params: { type: 'pets', key: 'MantisShrimp-Base' } });
+      const [, message] = await hourglassPurchase(user, { params: { type: 'pets', key: 'MantisShrimp-Base' } }, analytics);
 
       expect(message).to.eql(i18n.t('hourglassPurchase'));
       expect(user.purchased.plan.consecutive.trinkets).to.eql(1);
       expect(user.items.pets).to.eql({ 'MantisShrimp-Base': 5 });
+      expect(analytics.track).to.be.calledOnce;
     });
 
     it('buys a mount', async () => {

test/common/ops/buy/purchase.test.js

@@ -17,17 +17,20 @@ describe('shared.ops.purchase', () => {
   let user;
   let clock;
   const goldPoints = 40;
+  const analytics = { track () {} };
 
   before(() => {
     user = generateUser({ 'stats.class': 'rogue' });
   });
 
   beforeEach(() => {
+    sinon.stub(analytics, 'track');
     sinon.spy(pinnedGearUtils, 'removeItemByPath');
     clock = sandbox.useFakeTimers(new Date('2024-01-10'));
   });
 
   afterEach(() => {
+    analytics.track.restore();
     pinnedGearUtils.removeItemByPath.restore();
     clock.restore();
   });
@@ -184,10 +187,11 @@ describe('shared.ops.purchase', () => {
       const type = 'eggs';
       const key = 'Wolf';
 
-      await purchase(user, { params: { type, key } });
+      await purchase(user, { params: { type, key } }, analytics);
 
       expect(user.items[type][key]).to.equal(1);
       expect(pinnedGearUtils.removeItemByPath.notCalled).to.equal(true);
+      expect(analytics.track).to.be.calledOnce;
     });
 
     it('purchases hatchingPotions', async () => {
@@ -328,7 +332,7 @@ describe('shared.ops.purchase', () => {
       const key = 'Wolf';
 
       try {
-        await purchase(user, { params: { type, key }, quantity: 'jamboree' });
+        await purchase(user, { params: { type, key }, quantity: 'jamboree' }, analytics);
       } catch (err) {
         expect(err).to.be.an.instanceof(BadRequest);
         expect(err.message).to.equal(i18n.t('invalidQuantity'));
@@ -341,7 +345,7 @@ describe('shared.ops.purchase', () => {
       user.balance = 10;
 
       try {
-        await purchase(user, { params: { type, key }, quantity: -2 });
+        await purchase(user, { params: { type, key }, quantity: -2 }, analytics);
       } catch (err) {
         expect(err).to.be.an.instanceof(BadRequest);
         expect(err.message).to.equal(i18n.t('invalidQuantity'));
@@ -354,7 +358,7 @@ describe('shared.ops.purchase', () => {
       user.balance = 10;
 
       try {
-        await purchase(user, { params: { type, key }, quantity: 2.9 });
+        await purchase(user, { params: { type, key }, quantity: 2.9 }, analytics);
       } catch (err) {
         expect(err).to.be.an.instanceof(BadRequest);
         expect(err.message).to.equal(i18n.t('invalidQuantity'));

test/common/ops/rebirth.js

@@ -211,32 +211,22 @@ describe('shared.ops.rebirth', () => {
     expect(user.achievements.rebirthLevel).to.equal(2);
   });
 
-  it('increments rebirth achievements even when level is lower than previous', async () => {
+  it('does not increment rebirth achievements when level is lower than previous', async () => {
     user.stats.lvl = 2;
     user.achievements.rebirths = 1;
     user.achievements.rebirthLevel = 3;
 
     await rebirth(user);
 
-    expect(user.achievements.rebirths).to.equal(2);
+    expect(user.achievements.rebirths).to.equal(1);
     expect(user.achievements.rebirthLevel).to.equal(3);
   });
 
-  it('updates rebirthLevel when current level is higher than previous', async () => {
+  it('always increments rebirth achievements when level is MAX_LEVEL', async () => {
-    user.stats.lvl = 5;
-    user.achievements.rebirths = 1;
-    user.achievements.rebirthLevel = 3;
-
-    await rebirth(user);
-
-    expect(user.achievements.rebirths).to.equal(2);
-    expect(user.achievements.rebirthLevel).to.equal(5);
-  });
-
-  it('increments rebirth achievements when level is MAX_LEVEL', async () => {
     user.stats.lvl = MAX_LEVEL;
     user.achievements.rebirths = 1;
-    user.achievements.rebirthLevel = MAX_LEVEL;
+    // this value is not actually possible (actually capped at MAX_LEVEL) but makes a good test
+    user.achievements.rebirthLevel = MAX_LEVEL + 1;
 
     await rebirth(user);
 
@@ -244,10 +234,11 @@ describe('shared.ops.rebirth', () => {
     expect(user.achievements.rebirthLevel).to.equal(MAX_LEVEL);
   });
 
-  it('increments rebirth achievements when level is greater than MAX_LEVEL', async () => {
+  it('always increments rebirth achievements when level is greater than MAX_LEVEL', async () => {
     user.stats.lvl = MAX_LEVEL + 1;
     user.achievements.rebirths = 1;
-    user.achievements.rebirthLevel = MAX_LEVEL;
+    // this value is not actually possible (actually capped at MAX_LEVEL) but makes a good test
+    user.achievements.rebirthLevel = MAX_LEVEL + 2;
 
     await rebirth(user);
 

test/common/ops/unlock.test.js

@@ -20,9 +20,6 @@ describe('shared.ops.unlock', () => {
   beforeEach(() => {
     user = generateUser();
     user.balance = usersStartingGems;
-    user.pinnedItems.push({ type: 'background', path: 'backgrounds.backgrounds042016.giant_florals' });
-    user.pinnedItems.push({ type: 'haircolor', path: 'hair.color.rainbow' });
-    user.pinnedItems.push({ type: 'shirt', path: 'shirt.convict' });
     clock = sandbox.useFakeTimers(new Date('2024-04-10'));
   });
 
@@ -275,7 +272,6 @@ describe('shared.ops.unlock', () => {
   });
 
   it('unlocks an item (appearance)', async () => {
-    expect(user.pinnedItems.findIndex(item => item.type === 'shirt')).to.not.equal(-1);
     const path = unlockPath.split(',')[0];
     const initialShirts = Object.keys(user.purchased.shirt).length;
     const [, message] = await unlock(user, { query: { path } });
@@ -286,12 +282,11 @@ describe('shared.ops.unlock', () => {
     );
     expect(get(user.purchased, path)).to.be.true;
     expect(user.balance).to.equal(usersStartingGems - 0.5);
-    expect(user.pinnedItems.findIndex(item => item.type === 'shirt')).to.equal(-1);
   });
 
   it('unlocks an item (hair color)', async () => {
     user.purchased.hair.color = {};
-    expect(user.pinnedItems.findIndex(item => item.type === 'haircolor')).to.not.equal(-1);
+
     const path = hairUnlockPath.split(',')[0];
     const initialColorHair = Object.keys(user.purchased.hair.color).length;
     const [, message] = await unlock(user, { query: { path } });
@@ -302,7 +297,6 @@ describe('shared.ops.unlock', () => {
     );
     expect(get(user.purchased, path)).to.be.true;
     expect(user.balance).to.equal(usersStartingGems - 0.5);
-    expect(user.pinnedItems.findIndex(item => item.type === 'haircolor')).to.equal(-1);
   });
 
   it('unlocks an item (facial hair)', async () => {
@@ -340,7 +334,6 @@ describe('shared.ops.unlock', () => {
 
   it('unlocks an item (background)', async () => {
     const initialBackgrounds = Object.keys(user.purchased.background).length;
-    expect(user.pinnedItems.findIndex(item => item.type === 'background')).to.not.equal(-1);
     const [, message] = await unlock(user, {
       query: { path: backgroundUnlockPath },
     });
@@ -351,7 +344,6 @@ describe('shared.ops.unlock', () => {
     );
     expect(get(user.purchased, backgroundUnlockPath)).to.be.true;
     expect(user.balance).to.equal(usersStartingGems - 1.75);
-    expect(user.pinnedItems.findIndex(item => item.type === 'background')).to.equal(-1);
   });
 
   it('handles an invalid hair path gracefully', async () => {

test/content/aprilFools.test.js

@@ -1,41 +0,0 @@
-import { getMatchingSwap, makeSubstitutionMap } from '../../website/common/script/content/constants/aprilFools';
-
-describe('April Fools', () => {
-  describe('getMatchingSwap', () => {
-    it('returns Veggie for 2020', () => {
-      const swap = getMatchingSwap(new Date('2020-04-01'));
-      expect(swap).to.equal('Veggie');
-    });
-    it('returns Alien for 2026', () => {
-      const swap = getMatchingSwap(new Date('2026-04-01'));
-      expect(swap).to.equal('Alien');
-    });
-    it('Cycles through swaps correctly', () => {
-      const swap = getMatchingSwap(new Date('2027-04-01'));
-      expect(swap).to.equal('Veggie');
-    });
-  });
-
-  describe('makeSubstitutionMap', () => {
-    it('returns correct substitution for Veggie', () => {
-      const substitutions = makeSubstitutionMap('Veggie');
-      expect(substitutions.pets['Pet-Wolf-']).to.equal('Pet-Wolf-Veggie');
-      expect(substitutions.pets['Pet-TigerCub-']).to.equal('Pet-TigerCub-Veggie');
-      expect(substitutions.pets['Pet-Yarn-']).to.equal('Pet-BearCub-Veggie');
-      expect(substitutions.pets.default).to.equal('Pet-Dragon-Veggie');
-      expect(substitutions.pets.noPet).to.equal('Pet-Wolf-Veggie');
-      expect(substitutions.pets.noPetIOS).to.equal('Pet-TigerCub-Veggie');
-      expect(substitutions.pets.noPetAndroid).to.equal('Pet-Cactus-Veggie');
-    });
-
-    it('returns correct substitution for Cryptid', () => {
-      const substitutions = makeSubstitutionMap('Cryptid');
-      expect(substitutions.pets['Pet-Fox-']).to.equal('Pet-Fox-Cryptid');
-      expect(substitutions.pets['Pet-FlyingPig-']).to.equal('Pet-FlyingPig-Cryptid');
-      expect(substitutions.pets['Pet-Yarn-']).to.equal('Pet-BearCub-Cryptid');
-      expect(substitutions.pets.default).to.equal('Pet-Dragon-Cryptid');
-      expect(substitutions.pets.noPet).to.equal('Pet-Wolf-Cryptid');
-      expect(substitutions.pets.noPetAndroid).to.equal('Pet-Cactus-Cryptid');
-    });
-  });
-});

test/content/armoire.test.js

@@ -54,4 +54,19 @@ describe('armoire', () => {
     const febuaryItems = armoire.all;
     expect(febuaryItems.length).to.equal(384);
   });
+
+  it('sets have at least 2 items', () => {
+    const setMap = {};
+    forEach(armoire.all, item => {
+      // Gotta have one outlier
+      if (!item.set || item.set.startsWith('armoire-')) return;
+      if (setMap[item.set] === undefined) {
+        setMap[item.set] = 0;
+      }
+      setMap[item.set] += 1;
+    });
+    Object.keys(setMap).forEach(set => {
+      expect(setMap[set], set).to.be.at.least(2);
+    });
+  });
 });

test/content/events.test.js

@@ -10,7 +10,7 @@ describe('events', () => {
   });
 
   it('returns empty array when no events are active', () => {
-    clock = sinon.useFakeTimers(new Date('2024-01-11'));
+    clock = sinon.useFakeTimers(new Date('2024-01-08'));
     const events = getRepeatingEvents();
     expect(events).to.be.empty;
   });

test/content/schedule.test.js

@@ -133,21 +133,21 @@ describe('Content Schedule', () => {
   });
 
   it('sets the end date for a gala', () => {
-    const date = new Date('2024-05-31');
+    const date = new Date('2024-05-20');
     const matchers = getAllScheduleMatchingGroups(date);
-    expect(matchers.seasonalGear.end).to.eql(moment.utc(`2024-06-01T${String(switchoverTime).padStart(2, '0')}:00:00.000Z`).toDate());
+    expect(matchers.seasonalGear.end).to.eql(moment.utc(`2024-06-21T${String(switchoverTime).padStart(2, '0')}:00:00.000Z`).toDate());
   });
 
   it('sets the end date for a winter gala', () => {
-    const date = new Date('2025-02-28');
+    const date = new Date('2024-12-22');
     const matchers = getAllScheduleMatchingGroups(date);
-    expect(matchers.seasonalGear.end).to.eql(moment.utc(`2025-03-01T${String(switchoverTime).padStart(2, '0')}:00:00.000Z`).toDate());
+    expect(matchers.seasonalGear.end).to.eql(moment.utc(`2025-03-21T${String(switchoverTime).padStart(2, '0')}:00:00.000Z`).toDate());
   });
 
   it('sets the end date in new year for a winter gala', () => {
-    const date = new Date('2025-02-28');
+    const date = new Date('2025-01-04');
     const matchers = getAllScheduleMatchingGroups(date);
-    expect(matchers.seasonalGear.end).to.eql(moment.utc(`2025-03-01T${String(switchoverTime).padStart(2, '0')}:00:00.000Z`).toDate());
+    expect(matchers.seasonalGear.end).to.eql(moment.utc(`2025-03-21T${String(switchoverTime).padStart(2, '0')}:00:00.000Z`).toDate());
   });
 
   it('uses correct date for first hours of the month', () => {
@@ -190,7 +190,7 @@ describe('Content Schedule', () => {
     const date = new Date('2024-04-15');
     const matchers = getAllScheduleMatchingGroups(date);
     expect(matchers.premiumHatchingPotions).to.exist;
-    expect(matchers.premiumHatchingPotions.items.length).to.equal(6);
+    expect(matchers.premiumHatchingPotions.items.length).to.equal(5);
     expect(matchers.premiumHatchingPotions.items.indexOf('Veggie')).to.not.equal(-1);
     expect(matchers.premiumHatchingPotions.items.indexOf('Porcelain')).to.not.equal(-1);
   });

test/content/shop-featuredItems.test.js

@@ -18,7 +18,7 @@ describe('Shop Featured Items', () => {
     });
 
     it('contains the current premium hatching potions', () => {
-      clock = Sinon.useFakeTimers(new Date('2024-04-09'));
+      clock = Sinon.useFakeTimers(new Date('2024-04-08'));
       const items = featuredItems.market();
       expect(_.find(items, item => item.path === 'premiumHatchingPotions.Porcelain')).to.exist;
     });

test/content/translator.js

@@ -1,7 +1,12 @@
-import { STRING_DOES_NOT_EXIST_MSG } from '../helpers/content.helper';
+import { STRING_ERROR_MSG, STRING_DOES_NOT_EXIST_MSG } from '../helpers/content.helper';
 import translator from '../../website/common/script/content/translation';
 
 describe('Translator', () => {
+  it('returns error message if string is not properly formatted', () => {
+    const improperlyFormattedString = translator('petName', { attr: 0 })();
+    expect(improperlyFormattedString).to.match(STRING_ERROR_MSG);
+  });
+
   it('returns an error message if string does not exist', () => {
     const stringDoesNotExist = translator('stringDoesNotExist')();
     expect(stringDoesNotExist).to.match(STRING_DOES_NOT_EXIST_MSG);

test/helpers/api-integration/requester.js

@@ -40,6 +40,7 @@ function _requestMaker (user, method, additionalSets = {}) {
       || route.indexOf('/paypal') === 0
       || route.indexOf('/amazon') === 0
       || route.indexOf('/stripe') === 0
+      || route.indexOf('/analytics') === 0
     ) {
       url += `${route}`;
     } else {

test/helpers/content.helper.js

@@ -1,8 +1,8 @@
 import i18n from '../../website/common/script/i18n';
 import './globals.helper';
-import { contentTranslations } from '../../website/server/libs/i18n';
+import { translations } from '../../website/server/libs/i18n';
 
-i18n.translations = contentTranslations;
+i18n.translations = translations;
 
 export const STRING_ERROR_MSG = /^Error processing the string ".*". Please see Help > Report a Bug.$/;
 export const STRING_DOES_NOT_EXIST_MSG = /^String '.*' not found.$/;

test/helpers/mongo.js

@@ -21,7 +21,6 @@ export async function getProperty (collectionName, id, path) {
 // Specifically helpful for the GET /groups tests,
 // resets the db to an empty state and creates a tavern document
 export async function resetHabiticaDB () {
-  console.info('Resetting Habitica DB');
   const groups = mongoose.connection.db.collection('groups');
   const users = mongoose.connection.db.collection('users');
   return mongoose.connection.dropDatabase()
@@ -75,10 +74,15 @@ export async function getDocument (collectionName, doc) {
 }
 
 before(done => {
-  mongoose.connection.once('open', async err => {
+  mongoose.connection.on('open', err => {
-    if (err) throw err;
+    if (err) return done(err);
-    await resetHabiticaDB();
+    return resetHabiticaDB()
-    done();
+      .then(() => {
+        done();
+      })
+      .catch(error => {
+        throw error;
+      });
   });
 });
 

website/client/.eslintrc.js

@@ -12,12 +12,20 @@ module.exports = {
   rules: {
     'no-console': process.env.NODE_ENV === 'production' ? 'error' : 'off',
     'no-debugger': process.env.NODE_ENV === 'production' ? 'error' : 'off',
+    // TODO find a way to let eslint understand webpack aliases
     'import/no-unresolved': 'off',
     'import/no-extraneous-dependencies': 'off',
     'import/extensions': 'off',
     'prefer-regex-literals': 'warn',
     'vue/no-v-html': 'off',
     'vue/no-mutating-props': 'warn',
+    // this creates issues with the current way we have to push the process.env vars to webpack
+    // https://github.com/eslint/eslint/issues/14918
+    // https://github.com/webpack/webpack/issues/5392
+    // off for now, because any eslint --fix will then still do it anyway
+    // maybe this can be turned on again once we switch to newer vue/vite
+    // Important! process.env.XYZ should not be destructured
+    'prefer-destructuring': 'off',
     'vue/html-self-closing': ['error', {
       html: {
         void: 'never',

website/client/index-faq.html

@@ -1,22 +0,0 @@
-<!DOCTYPE html>
-<html>
-  <head>
-    <meta charset="utf-8">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <meta name="viewport" content="width=device-width, initial-scale=1">
-    <title>Habitica - FAQ</title>
-    <meta name="description" content="Frequently Asked Questions about Habitica, the gamified task manager.">
-    <link href="https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i|Roboto:400,400i,700,700i" rel="stylesheet">
-    <link rel="shortcut icon" sizes="48x48" href="/static/icons/favicon.ico">
-    <link rel="shortcut icon" sizes="192x192" href="/static/icons/favicon_192x192.png">
-    <link rel="mask-icon" href="/static/icons/favicon.ico">
-    <meta property="og:image" content="/static/emails/images/meta-image.png" />
-    <script type="module" src="/src/main.js"></script>
-  </head>
-  <body>
-    <div id="app"></div>
-    <script type="text/javascript" src="//cloudfront.loggly.com/js/loggly.tracker-latest.min.js" async></script>
-    <!-- Translations -->
-    <script type='text/javascript' src='/api/v4/i18n/core' vite-ignore></script>
-  </body>
-</html>