Merge pull request #298 from medusajs/fix/customer-metadata-update

fix(medusa): improved /store/customers endpoints

integration-tests/api/__tests__/store/customer.js

@@ -0,0 +1,134 @@
+const { dropDatabase } = require("pg-god");
+const path = require("path");
+const { Customer } = require("@medusajs/medusa");
+
+const setupServer = require("../../../helpers/setup-server");
+const { useApi } = require("../../../helpers/use-api");
+const { initDb } = require("../../../helpers/use-db");
+
+const customerSeeder = require("../../helpers/customer-seeder");
+
+jest.setTimeout(30000);
+
+describe("/store/customers", () => {
+  let medusaProcess;
+  let dbConnection;
+
+  const doAfterEach = async (manager) => {
+    await manager.query(`DELETE FROM "address"`);
+    await manager.query(`DELETE FROM "customer"`);
+  };
+
+  beforeAll(async () => {
+    const cwd = path.resolve(path.join(__dirname, "..", ".."));
+    dbConnection = await initDb({ cwd });
+    medusaProcess = await setupServer({ cwd });
+  });
+
+  afterAll(async () => {
+    dbConnection.close();
+    await dropDatabase({ databaseName: "medusa-integration" });
+
+    medusaProcess.kill();
+  });
+
+  describe("POST /store/customers", () => {
+    beforeEach(async () => {
+      const manager = dbConnection.manager;
+      await manager.insert(Customer, {
+        id: "test_customer",
+        first_name: "John",
+        last_name: "Deere",
+        email: "john@deere.com",
+        has_account: true,
+      });
+    });
+
+    afterEach(async () => {
+      const manager = dbConnection.manager;
+      await doAfterEach(manager);
+    });
+
+    it("creates a customer", async () => {
+      const api = useApi();
+
+      const response = await api.post("/store/customers", {
+        first_name: "James",
+        last_name: "Bond",
+        email: "james@bond.com",
+        password: "test",
+      });
+
+      expect(response.status).toEqual(200);
+      expect(response.data.customer).not.toHaveProperty("password_hash");
+    });
+
+    it("responds 409 on duplicate", async () => {
+      const api = useApi();
+
+      const response = await api
+        .post("/store/customers", {
+          first_name: "James",
+          last_name: "Bond",
+          email: "john@deere.com",
+          password: "test",
+        })
+        .catch((err) => err.response);
+
+      expect(response.status).toEqual(409);
+    });
+  });
+
+  describe("POST /store/customers/:id", () => {
+    beforeEach(async () => {
+      const manager = dbConnection.manager;
+      await manager.insert(Customer, {
+        id: "test_customer",
+        first_name: "John",
+        last_name: "Deere",
+        email: "john@deere.com",
+        password_hash:
+          "c2NyeXB0AAEAAAABAAAAAVMdaddoGjwU1TafDLLlBKnOTQga7P2dbrfgf3fB+rCD/cJOMuGzAvRdKutbYkVpuJWTU39P7OpuWNkUVoEETOVLMJafbI8qs8Qx/7jMQXkN", // password matching "test"
+        has_account: true,
+      });
+    });
+
+    afterEach(async () => {
+      const manager = dbConnection.manager;
+      await doAfterEach(manager);
+    });
+
+    it("updates a customer", async () => {
+      const api = useApi();
+
+      const authResponse = await api.post("/store/auth", {
+        email: "john@deere.com",
+        password: "test",
+      });
+
+      const customerId = authResponse.data.customer.id;
+      const [authCookie] = authResponse.headers["set-cookie"][0].split(";");
+
+      const response = await api.post(
+        `/store/customers/${customerId}`,
+        {
+          password: "test",
+          metadata: { key: "value" },
+        },
+        {
+          headers: {
+            Cookie: authCookie,
+          },
+        }
+      );
+
+      expect(response.status).toEqual(200);
+      expect(response.data.customer).not.toHaveProperty("password_hash");
+      expect(response.data.customer).toEqual(
+        expect.objectContaining({
+          metadata: { key: "value" },
+        })
+      );
+    });
+  });
+});

integration-tests/api/package.json

@@ -8,15 +8,15 @@
     "build": "babel src -d dist --extensions \".ts,.js\""
   },
   "dependencies": {
-    "@medusajs/medusa": "1.1.23-dev-1623081876060",
-    "medusa-interfaces": "1.1.10-dev-1623081876060",
+    "@medusajs/medusa": "1.1.28-dev-1624965921528",
+    "medusa-interfaces": "1.1.16-dev-1624965921528",
     "typeorm": "^0.2.31"
   },
   "devDependencies": {
     "@babel/cli": "^7.12.10",
     "@babel/core": "^7.12.10",
     "@babel/node": "^7.12.10",
-    "babel-preset-medusa-package": "1.1.3-dev-1623168481467",
+    "babel-preset-medusa-package": "1.1.9-dev-1624965921528",
     "jest": "^26.6.3"
   }
 }

integration-tests/api/yarn.lock

@@ -1215,10 +1215,10 @@
     "@types/yargs" "^15.0.0"
     chalk "^4.0.0"
 
-"@medusajs/medusa@1.1.23-dev-1623081876060":
-  version "1.1.23"
-  resolved "http://localhost:4873/@medusajs%2fmedusa/-/medusa-1.1.23.tgz#420eae69b20bc3b5a4c8f81825ba46252a1f1c92"
-  integrity sha512-1n9unNwt1jQV0SGd7053BIIb5P/PzPhX3fFgpwT4OzVbMOewnF6CLNMDaiQ1gI53JbkFY1rbjUPsRZk+9jVrYg==
+"@medusajs/medusa@1.1.28-dev-1624965921528":
+  version "1.1.28-dev-1624965921528"
+  resolved "http://localhost:4873/@medusajs%2fmedusa/-/medusa-1.1.28-dev-1624965921528.tgz#f01db1e56c0dc98e02b64d197ca7df7f8041e5a1"
+  integrity sha512-SBD+fe1neJSJ0EF1oZGsnspB1aU59+qhqxjMAnWung2VJ0VIcraT0cQLkKgsED2XCTkqJQwOYK7X1AW+fZYecg==
   dependencies:
     "@hapi/joi" "^16.1.8"
     "@types/lodash" "^4.14.168"
@@ -1239,8 +1239,8 @@
     joi "^17.3.0"
     joi-objectid "^3.0.1"
     jsonwebtoken "^8.5.1"
-    medusa-core-utils "^1.1.9"
-    medusa-test-utils "^1.1.12"
+    medusa-core-utils "1.1.15-dev-1624965921528"
+    medusa-test-utils "1.1.18-dev-1624965921528"
     morgan "^1.9.1"
     multer "^1.4.2"
     passport "^0.4.0"
@@ -1696,10 +1696,10 @@ babel-preset-jest@^26.6.2:
     babel-plugin-jest-hoist "^26.6.2"
     babel-preset-current-node-syntax "^1.0.0"
 
-babel-preset-medusa-package@1.1.3-dev-1623168481467:
-  version "1.1.3-dev-1623168481467"
-  resolved "http://localhost:4873/babel-preset-medusa-package/-/babel-preset-medusa-package-1.1.3-dev-1623168481467.tgz#ae9167644267c52c1016c4695294d81059dfc2ff"
-  integrity sha512-QombHh4IHvYll+DwUgeL93+uNCcFCSW6/rv/rrmcS4MMB+TeZ5iQrK+i1Gf/ns10v1WH2q0+VdExu9GDrdwU3Q==
+babel-preset-medusa-package@1.1.9-dev-1624965921528:
+  version "1.1.9-dev-1624965921528"
+  resolved "http://localhost:4873/babel-preset-medusa-package/-/babel-preset-medusa-package-1.1.9-dev-1624965921528.tgz#e8aaba99cdf6edd524a0db0346e030782da451e0"
+  integrity sha512-5waz8A/kFh9wNqr48m0pA85rEmModR+/yih4yVRJoP240ZcIoG793XCtDZPHhcy7vIxp6Ab+dv5+TnuhYIDBIQ==
   dependencies:
     "@babel/plugin-proposal-class-properties" "^7.12.1"
     "@babel/plugin-proposal-decorators" "^7.12.1"
@@ -4150,28 +4150,28 @@ media-typer@0.3.0:
   resolved "http://localhost:4873/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748"
   integrity sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g=
 
-medusa-core-utils@^1.1.9:
-  version "1.1.9"
-  resolved "http://localhost:4873/medusa-core-utils/-/medusa-core-utils-1.1.9.tgz#7b93c72d9c318ff4ab971381401158eee7d3edd9"
-  integrity sha512-XBxwpCQT82gi/S92Bc0qfCSYyD5Hj+zstUbyOCKGp7nhwFPvYwJ0hp6NPKDSwHZ1uPEmb4rdHcW2qyf1bM4L1Q==
+medusa-core-utils@1.1.15-dev-1624965921528:
+  version "1.1.15-dev-1624965921528"
+  resolved "http://localhost:4873/medusa-core-utils/-/medusa-core-utils-1.1.15-dev-1624965921528.tgz#7da932df2423e9656ed4e800971fbc00d5124b3c"
+  integrity sha512-2iuVowwgGfygjDGW1NwR2ubtG/TFVVqBiNECn+N7/rNajN2DIIa863bVTd9qZAy6uFX6CrT1gjBqQNdPUsTitA==
   dependencies:
     joi "^17.3.0"
     joi-objectid "^3.0.1"
 
-medusa-interfaces@1.1.10-dev-1623081876060:
-  version "1.1.10"
-  resolved "http://localhost:4873/medusa-interfaces/-/medusa-interfaces-1.1.10.tgz#e81b885e11d6c2f05db8d2971edf30b8f8e7ddaa"
-  integrity sha512-FJSpX3CE5jx2mYqRARFSp5C6x5Hq+MEZ6p2UikuWnm40qjGsbHNl4naZFdBS1u/vSnXq+607oHuZnCNnpRDrPQ==
+medusa-interfaces@1.1.16-dev-1624965921528:
+  version "1.1.16-dev-1624965921528"
+  resolved "http://localhost:4873/medusa-interfaces/-/medusa-interfaces-1.1.16-dev-1624965921528.tgz#4fa2e25bba5ecb1bdcdaa8da788e204435c53e69"
+  integrity sha512-WKSfrCEAbkJ4I1NetiRULRURCmGY59Mue16cT7RZ2yb8U1Wnskui0OsG/EaS5JdV9HZq/iViEgzWIRTALNT1EQ==
   dependencies:
-    medusa-core-utils "^1.1.9"
+    medusa-core-utils "1.1.15-dev-1624965921528"
 
-medusa-test-utils@^1.1.12:
-  version "1.1.12"
-  resolved "http://localhost:4873/medusa-test-utils/-/medusa-test-utils-1.1.12.tgz#1a731a3bd0c7266105b75d88dce7c09657432002"
-  integrity sha512-h/xpN0Mq1DRS7pDzEDjHfkZtpw1iLDKnytwBd12Lzs9RsWpQOJArfqSocAqdDrIO7GbxykhkFDCdl3Yi/q59gw==
+medusa-test-utils@1.1.18-dev-1624965921528:
+  version "1.1.18-dev-1624965921528"
+  resolved "http://localhost:4873/medusa-test-utils/-/medusa-test-utils-1.1.18-dev-1624965921528.tgz#d94926109b349b62d5deb6329f0d46f5f5e953eb"
+  integrity sha512-P28P5pBV6HBXNiNUQbYgSaOrHcnq7GCNAIFuBmLYqDiZnNL8zfU+IxcWo3+xucXyLfX3flGCirpO4g7h65JGWQ==
   dependencies:
     "@babel/plugin-transform-classes" "^7.9.5"
-    medusa-core-utils "^1.1.9"
+    medusa-core-utils "1.1.15-dev-1624965921528"
     randomatic "^3.1.1"
 
 merge-descriptors@1.0.1:

packages/medusa-core-utils/src/errors.js

@@ -5,10 +5,11 @@
 export const MedusaErrorTypes = {
   /** Errors stemming from the database */
   DB_ERROR: "database_error",
+  DUPLICATE_ERROR: "duplicate_error",
   INVALID_ARGUMENT: "invalid_argument",
   INVALID_DATA: "invalid_data",
   NOT_FOUND: "not_found",
-  NOT_ALLOWED: "not_allowed"
+  NOT_ALLOWED: "not_allowed",
 }
 
 /**

packages/medusa/src/api/middlewares/error-handler.js

@@ -9,6 +9,9 @@ export default () => {
 
     let statusCode = 500
     switch (err.name) {
+      case MedusaError.Types.DUPLICATE_ERROR:
+        statusCode = 409
+        break
       case MedusaError.Types.NOT_ALLOWED:
       case MedusaError.Types.INVALID_DATA:
         statusCode = 400

packages/medusa/src/api/routes/store/customers/__tests__/create-customer.js

@@ -1,6 +1,7 @@
 import { IdMap } from "medusa-test-utils"
 import { request } from "../../../../../helpers/test-request"
 import { CustomerServiceMock } from "../../../../../services/__mocks__/customer"
+import { defaultFields, defaultRelations } from "../"
 
 describe("POST /store/customers", () => {
   describe("successfully creates a customer", () => {
@@ -34,7 +35,7 @@ describe("POST /store/customers", () => {
       expect(CustomerServiceMock.retrieve).toHaveBeenCalledTimes(1)
       expect(CustomerServiceMock.retrieve).toHaveBeenCalledWith(
         IdMap.getId("lebron"),
-        { relations: ["shipping_addresses"] }
+        { relations: defaultRelations, select: defaultFields }
       )
     })
 

packages/medusa/src/api/routes/store/customers/__tests__/update-customer.js

@@ -1,5 +1,6 @@
 import { IdMap } from "medusa-test-utils"
 import { request } from "../../../../../helpers/test-request"
+import { defaultFields, defaultRelations } from "../"
 import { CustomerServiceMock } from "../../../../../services/__mocks__/customer"
 
 describe("POST /store/customers/:id", () => {
@@ -42,7 +43,7 @@ describe("POST /store/customers/:id", () => {
       expect(CustomerServiceMock.retrieve).toHaveBeenCalledTimes(1)
       expect(CustomerServiceMock.retrieve).toHaveBeenCalledWith(
         IdMap.getId("lebron"),
-        { relations: ["shipping_addresses"] }
+        { relations: defaultRelations, select: defaultFields }
       )
     })
 

packages/medusa/src/api/routes/store/customers/create-address.js

@@ -1,4 +1,5 @@
 import { Validator, MedusaError } from "medusa-core-utils"
+import { defaultRelations, defaultFields } from "./"
 
 /**
  * @oas [post] /customers/{id}/addresses
@@ -45,7 +46,8 @@ export default async (req, res) => {
 
     let customer = await customerService.addAddress(id, value.address)
     customer = await customerService.retrieve(id, {
-      relations: ["shipping_addresses"],
+      relations: defaultRelations,
+      select: defaultFields,
     })
 
     res.status(200).json({ customer })

packages/medusa/src/api/routes/store/customers/create-customer.js

@@ -1,6 +1,7 @@
 import jwt from "jsonwebtoken"
 import { Validator, MedusaError } from "medusa-core-utils"
 import config from "../../../../config"
+import { defaultRelations, defaultFields } from "./"
 
 /**
  * @oas [post] /customers
@@ -40,6 +41,7 @@ export default async (req, res) => {
   if (error) {
     throw new MedusaError(MedusaError.Types.INVALID_DATA, error.details)
   }
+
   try {
     const customerService = req.scope.resolve("customerService")
     let customer = await customerService.create(value)
@@ -50,7 +52,8 @@ export default async (req, res) => {
     })
 
     customer = await customerService.retrieve(customer.id, {
-      relations: ["shipping_addresses"],
+      relations: defaultRelations,
+      select: defaultFields,
     })
 
     res.status(200).json({ customer })

packages/medusa/src/api/routes/store/customers/delete-address.js

@@ -1,3 +1,5 @@
+import { defaultRelations, defaultFields } from "./"
+
 /**
  * @oas [delete] /customers/{id}/addresses/{address_id}
  * operationId: DeleteCustomersCustomerAddressesAddress
@@ -25,7 +27,8 @@ export default async (req, res) => {
   try {
     await customerService.removeAddress(id, address_id)
     customer = await customerService.retrieve(id, {
-      relations: ["shipping_addresses"],
+      relations: defaultRelations,
+      select: defaultFields,
     })
 
     res.json({ customer })

packages/medusa/src/api/routes/store/customers/get-customer.js

@@ -1,3 +1,5 @@
+import { defaultRelations, defaultFields } from "./"
+
 /**
  * @oas [get] /customers/{id}
  * operationId: GetCustomersCustomer
@@ -22,7 +24,8 @@ export default async (req, res) => {
   try {
     const customerService = req.scope.resolve("customerService")
     const customer = await customerService.retrieve(id, {
-      relations: ["shipping_addresses"],
+      relations: defaultRelations,
+      select: defaultFields,
     })
     res.json({ customer })
   } catch (err) {

packages/medusa/src/api/routes/store/customers/index.js

@@ -57,3 +57,39 @@ export default (app, container) => {
 
   return app
 }
+
+export const defaultRelations = ["shipping_addresses"]
+
+export const defaultFields = [
+  "id",
+  "email",
+  "first_name",
+  "last_name",
+  "billing_address_id",
+  "phone",
+  "has_account",
+  "created_at",
+  "updated_at",
+  "deleted_at",
+  "metadata",
+]
+
+export const allowedRelations = [
+  "shipping_addresses",
+  "billing_address",
+  "orders",
+]
+
+export const allowedFields = [
+  "id",
+  "email",
+  "first_name",
+  "last_name",
+  "billing_address_id",
+  "phone",
+  "has_account",
+  "created_at",
+  "updated_at",
+  "deleted_at",
+  "metadata",
+]

packages/medusa/src/api/routes/store/customers/update-address.js

@@ -1,4 +1,5 @@
 import { Validator, MedusaError } from "medusa-core-utils"
+import { defaultRelations, defaultFields } from "./"
 
 /**
  * @oas [post] /customers/{id}/addresses/{address_id}
@@ -50,7 +51,8 @@ export default async (req, res) => {
     )
 
     customer = await customerService.retrieve(id, {
-      relations: ["shipping_addresses"],
+      relations: defaultRelations,
+      select: defaultFields,
     })
 
     res.json({ customer })

packages/medusa/src/api/routes/store/customers/update-customer.js

@@ -1,4 +1,5 @@
 import { Validator, MedusaError } from "medusa-core-utils"
+import { defaultRelations, defaultFields } from "./"
 
 /**
  * @oas [post] /customers/{id}
@@ -24,6 +25,9 @@ import { Validator, MedusaError } from "medusa-core-utils"
  *           phone:
  *             description: "The Customer's phone number."
  *             type: string
+ *           metadata:
+ *             description: "Metadata about the customer."
+ *             type: object
  * tags:
  *   - Customer
  * responses:
@@ -44,6 +48,7 @@ export default async (req, res) => {
     last_name: Validator.string().optional(),
     password: Validator.string().optional(),
     phone: Validator.string().optional(),
+    metadata: Validator.object().optional(),
   })
 
   const { value, error } = schema.validate(req.body)
@@ -56,7 +61,8 @@ export default async (req, res) => {
     let customer = await customerService.update(id, value)
 
     customer = await customerService.retrieve(customer.id, {
-      relations: ["shipping_addresses"],
+      relations: defaultRelations,
+      select: defaultFields,
     })
 
     res.status(200).json({ customer })

packages/medusa/src/services/customer.js

@@ -318,6 +318,13 @@ class CustomerService extends BaseService {
 
       const existing = await this.retrieveByEmail(email).catch(err => undefined)
 
+      if (existing && existing.has_account) {
+        throw new MedusaError(
+          MedusaError.Types.DUPLICATE_ERROR,
+          "A customer with the given email already has an account. Log in instead"
+        )
+      }
+
       if (existing && password && !existing.has_account) {
         const hashedPassword = await this.hashPassword_(password)
         customer.password_hash = hashedPassword