@openneuro/server 4.47.4 → 4.47.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/package.json +3 -3
  2. package/src/datalad/__tests__/dataset.spec.ts +0 -1
  3. package/src/graphql/resolvers/__tests__/user.spec.ts +22 -1
  4. package/src/graphql/resolvers/user.ts +1 -1
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@openneuro/server",
3
- "version": "4.47.4",
3
+ "version": "4.47.6",
4
4
  "description": "Core service for the OpenNeuro platform.",
5
5
  "license": "MIT",
6
6
  "main": "src/server.js",
@@ -21,7 +21,7 @@
21
21
  "@elastic/elasticsearch": "8.13.1",
22
22
  "@graphql-tools/schema": "^10.0.0",
23
23
  "@keyv/redis": "^4.5.0",
24
- "@openneuro/search": "^4.47.4",
24
+ "@openneuro/search": "^4.47.6",
25
25
  "@sentry/node": "^10.37.0",
26
26
  "@sentry/profiling-node": "^10.37.0",
27
27
  "base64url": "^3.0.0",
@@ -89,5 +89,5 @@
89
89
  "publishConfig": {
90
90
  "access": "public"
91
91
  },
92
- "gitHead": "fee430e60d713799a1c304676d0eaa758fa578ff"
92
+ "gitHead": "e00e369a538900524544a396e7fd60e5e41d715e"
93
93
  }
package/src/datalad/__tests__/dataset.spec.ts CHANGED
@@ -1,4 +1,3 @@
1
- /* eslint-disable @typescript-eslint/no-explicit-any */
2
1
  import { vi } from "vitest"
3
2
  import request from "superagent"
4
3
  import { createDataset, datasetsFilter, testBlacklist } from "../dataset"
package/src/graphql/resolvers/__tests__/user.spec.ts CHANGED
@@ -10,7 +10,7 @@ import {
10
10
  import { MongoMemoryServer } from "mongodb-memory-server"
11
11
  import mongoose, { Types } from "mongoose"
12
12
  import User from "../../../models/user"
13
- import { users } from "../user.js"
13
+ import { user, users } from "../user.js"
14
14
  import type { GraphQLContext } from "../user.js"
15
15
 
16
16
  vi.mock("ioredis")
@@ -132,6 +132,27 @@ describe("user resolvers", () => {
132
132
  await User.insertMany(testUsersSeedData)
133
133
  })
134
134
 
135
+ describe("user()", () => {
136
+ it("does not crash when userInfo is undefined (anonymous request)", async () => {
137
+ const result = await user(null, { id: "u1" }, {})
138
+ expect(result).not.toBeNull()
139
+ expect(result!.id).toBe("u1")
140
+ // Email should be hidden for anonymous users
141
+ expect(result!.email).toBeUndefined()
142
+ })
143
+
144
+ it("does not crash when context is completely missing", async () => {
145
+ const result = await user(null, { id: "u1" }, undefined)
146
+ expect(result).not.toBeNull()
147
+ expect(result!.id).toBe("u1")
148
+ })
149
+
150
+ it("returns null for non-existent user", async () => {
151
+ const result = await user(null, { id: "nonexistent" }, {})
152
+ expect(result).toBeNull()
153
+ })
154
+ })
155
+
135
156
  describe("users()", () => {
136
157
  it("returns sanitized data for non-admin context", async () => {
137
158
  const result = await users(null, {}, nonAdminContext)
package/src/graphql/resolvers/user.ts CHANGED
@@ -34,7 +34,7 @@ export async function user(
34
34
  { id },
35
35
  { userInfo }: { userInfo?: Record<string, unknown> } = {},
36
36
  ): Promise<Partial<GraphQLUserType> | null> {
37
- if (userInfo.reviewer) {
37
+ if (userInfo?.reviewer) {
38
38
  const oneWeekAgo = new Date()
39
39
  oneWeekAgo.setDate(oneWeekAgo.getDate() - 7)
40
40
  return {