diff --git a/.changeset/fair-bees-wash.md b/.changeset/fair-bees-wash.md new file mode 100644 index 0000000000000..fb35ae55eb2bb --- /dev/null +++ b/.changeset/fair-bees-wash.md @@ -0,0 +1,6 @@ +--- +'@rocket.chat/rest-typings': major +'@rocket.chat/meteor': major +--- + +Removes deprecated endpoint `pw.getPolicyReset`. Moving forward, use the `pw.getPolicy` endpoint. diff --git a/apps/meteor/app/api/server/v1/misc.ts b/apps/meteor/app/api/server/v1/misc.ts index d0c8ebe5f1b11..5d7505074a018 100644 --- a/apps/meteor/app/api/server/v1/misc.ts +++ b/apps/meteor/app/api/server/v1/misc.ts @@ -10,7 +10,6 @@ import { isMethodCallAnonProps, isFingerprintProps, isMeteorCall, - validateParamsPwGetPolicyRest, } from '@rocket.chat/rest-typings'; import { escapeHTML } from '@rocket.chat/string-helpers'; import EJSON from 'ejson'; @@ -408,36 +407,6 @@ API.v1.addRoute( }, ); -API.v1.addRoute( - 'pw.getPolicyReset', - { - authRequired: false, - validateParams: validateParamsPwGetPolicyRest, - deprecation: { - version: '7.0.0', - alternatives: ['pw.getPolicy'], - }, - }, - { - async get() { - check( - this.queryParams, - Match.ObjectIncluding({ - token: String, - }), - ); - const { token } = this.queryParams; - - const user = await Users.findOneByResetToken(token, { projection: { _id: 1 } }); - if (!user) { - return API.v1.unauthorized(); - } - - return API.v1.success(passwordPolicy.getPasswordPolicy()); - }, - }, -); - /** * @openapi * /api/v1/stdout.queue: diff --git a/apps/meteor/tests/end-to-end/api/miscellaneous.ts b/apps/meteor/tests/end-to-end/api/miscellaneous.ts index b68f3635560b0..f664882cb3859 100644 --- a/apps/meteor/tests/end-to-end/api/miscellaneous.ts +++ b/apps/meteor/tests/end-to-end/api/miscellaneous.ts @@ -662,49 +662,6 @@ describe('miscellaneous', () => { }); }); - describe('/pw.getPolicyReset', () => { - it('should fail if no token provided', (done) => { - void request - .get(api('pw.getPolicyReset')) - .expect('Content-Type', 'application/json') - .expect(400) - .expect((res) => { - expect(res.body).to.have.property('success', false); - expect(res.body).to.have.property('errorType', 'invalid-params'); - }) - .end(done); - }); - - it('should fail if no token is invalid format', (done) => { - void request - .get(api('pw.getPolicyReset')) - .query({ token: '123' }) - .expect('Content-Type', 'application/json') - .expect(403) - .expect((res) => { - expect(res.body).to.have.property('success', false); - expect(res.body).to.have.property('error', 'unauthorized'); - }) - .end(done); - }); - - // not sure we have a way to get the reset token, looks like it is only sent via email by Meteor - it.skip('should return policies if correct token is provided', (done) => { - void request - .get(api('pw.getPolicyReset')) - .query({ token: '' }) - .set(credentials) - .expect('Content-Type', 'application/json') - .expect(403) - .expect((res) => { - expect(res.body).to.have.property('success', true); - expect(res.body).to.have.property('enabled'); - expect(res.body).to.have.property('policy').and.to.be.an('array'); - }) - .end(done); - }); - }); - describe('[/stdout.queue]', () => { let testUser: TestUser; let testUsername: string; diff --git a/packages/rest-typings/src/v1/misc.ts b/packages/rest-typings/src/v1/misc.ts index cc06e1cc330a0..de327085df8b4 100644 --- a/packages/rest-typings/src/v1/misc.ts +++ b/packages/rest-typings/src/v1/misc.ts @@ -180,21 +180,6 @@ const FingerprintSchema = { export const isFingerprintProps = ajv.compile(FingerprintSchema); -type PwGetPolicyReset = { token: string }; - -const PwGetPolicyResetSchema = { - type: 'object', - properties: { - token: { - type: 'string', - }, - }, - required: ['token'], - additionalProperties: false, -}; - -export const validateParamsPwGetPolicyRest = ajv.compile(PwGetPolicyResetSchema); - export type MiscEndpoints = { '/v1/stdout.queue': { GET: () => { @@ -226,13 +211,6 @@ export type MiscEndpoints = { }; }; - '/v1/pw.getPolicyReset': { - GET: (params: PwGetPolicyReset) => { - enabled: boolean; - policy: [name: string, options?: Record][]; - }; - }; - '/v1/method.call/:method': { POST: (params: { message: string }) => { message: string;