fix: reset password regression (#1574)

src/admin/components/views/Account/Default.tsx

@@ -138,7 +138,7 @@ const DefaultAccount: React.FC<Props> = (props) => {
                       data={data}
                     />
                     {hasSavePermission && (
-                    <FormSubmit>{t('general:save')}</FormSubmit>
+                    <FormSubmit buttonId="action-save">{t('general:save')}</FormSubmit>
                     )}
                   </div>
                   <div className={`${baseClass}__sidebar-fields`}>

src/admin/components/views/collections/Edit/Auth/index.tsx

@@ -101,6 +101,7 @@ const Auth: React.FC<Props> = (props) => {
       )}
       {(!changingPassword && !requirePassword) && (
         <Button
+          id="change-password"
           size="small"
           buttonStyle="secondary"
           onClick={() => handleChangePassword(true)}

src/collections/operations/update.ts

@@ -72,13 +72,15 @@ async function update(incomingArgs: Arguments): Promise<Document> {
     autosave = false,
   } = args;
 
-  let { data } = args;
-
   if (!id) {
     throw new APIError('Missing ID of document to update.', httpStatus.BAD_REQUEST);
   }
 
+  let { data } = args;
+  const { password } = data;
   const shouldSaveDraft = Boolean(draftArg && collectionConfig.versions.drafts);
+  const shouldSavePassword = Boolean(password && collectionConfig.auth && !shouldSaveDraft);
+  const lean = !shouldSavePassword;
 
   // /////////////////////////////////////
   // Access
@@ -109,12 +111,13 @@ async function update(incomingArgs: Arguments): Promise<Document> {
 
   const query = await Model.buildQuery(queryToBuild, locale);
 
-  const doc = await getLatestCollectionVersion({ payload, collection, id, query });
+  const doc = await getLatestCollectionVersion({ payload, collection, id, query, lean });
 
   if (!doc && !hasWherePolicy) throw new NotFound(t);
   if (!doc && hasWherePolicy) throw new Forbidden(t);
 
-  const docWithLocales: Document = JSON.parse(JSON.stringify(doc));
+  let docWithLocales: Document = JSON.stringify(lean ? doc : doc.toJSON({ virtuals: true }));
+  docWithLocales = JSON.parse(docWithLocales);
 
   const originalDoc = await afterRead({
     depth: 0,
@@ -211,9 +214,7 @@ async function update(incomingArgs: Arguments): Promise<Document> {
   // Handle potential password update
   // /////////////////////////////////////
 
-  const { password } = data;
-
-  if (password && collectionConfig.auth && !shouldSaveDraft) {
+  if (shouldSavePassword) {
     await doc.setPassword(password as string);
     await doc.save();
     delete data.password;

src/versions/getLatestCollectionVersion.ts

@@ -7,6 +7,7 @@ type Args = {
   collection: Collection,
   query: Record<string, unknown>
   id: string | number
+  lean?: boolean
 }
 
 export const getLatestCollectionVersion = async <T extends TypeWithID = any>({
@@ -17,6 +18,7 @@ export const getLatestCollectionVersion = async <T extends TypeWithID = any>({
   },
   query,
   id,
+  lean = true,
 }: Args): Promise<T> => {
   let version;
   if (config.versions?.drafts) {
@@ -24,10 +26,10 @@ export const getLatestCollectionVersion = async <T extends TypeWithID = any>({
       parent: id,
     }, {}, {
       sort: { updatedAt: 'desc' },
-      lean: true,
+      lean,
     });
   }
-  const collection = await Model.findOne(query).lean() as Document;
+  const collection = await Model.findOne(query, {}, { lean }) as Document;
   version = await version;
   if (!version || version.updatedAt < collection.updatedAt) {
     return collection;

test/auth/config.ts

@@ -1,4 +1,5 @@
 import { buildConfig } from '../buildConfig';
+import { devUser } from '../credentials';
 
 export const slug = 'users';
 
@@ -33,8 +34,16 @@ export default buildConfig({
           saveToJWT: true,
           hasMany: true,
         },
-
       ],
     },
   ],
+  onInit: async (payload) => {
+    await payload.create({
+      collection: 'users',
+      data: {
+        email: devUser.email,
+        password: devUser.password,
+      },
+    });
+  },
 });

test/auth/e2e.spec.ts

@@ -0,0 +1,46 @@
+import type { Page } from '@playwright/test';
+import { expect, test } from '@playwright/test';
+import { AdminUrlUtil } from '../helpers/adminUrlUtil';
+import { initPayloadE2E } from '../helpers/configHelpers';
+import { login, saveDocAndAssert } from '../helpers';
+import { slug } from './config';
+
+/**
+ * TODO: Auth
+ *   create first user
+ *   unlock
+ *   generate api key
+ *   log out
+ */
+
+const { beforeAll, describe } = test;
+let url: AdminUrlUtil;
+
+describe('auth', () => {
+  let page: Page;
+
+  beforeAll(async ({ browser }) => {
+    const { serverURL } = await initPayloadE2E(__dirname);
+    url = new AdminUrlUtil(serverURL, slug);
+
+    const context = await browser.newContext();
+    page = await context.newPage();
+
+    await login({
+      page,
+      serverURL,
+    });
+  });
+
+  describe('authenticated users', () => {
+    test('should allow change password', async () => {
+      await page.goto(url.account);
+
+      await page.locator('#change-password').click();
+      await page.locator('#field-password').fill('password');
+      await page.locator('#field-confirm-password').fill('password');
+
+      await saveDocAndAssert(page);
+    });
+  });
+});

test/auth/e2e.todo-spec.ts

@@ -1,17 +0,0 @@
-import type { Page } from '@playwright/test';
-import { expect, test } from '@playwright/test';
-import { AdminUrlUtil } from '../helpers/adminUrlUtil';
-import { initPayloadTest } from '../helpers/configHelpers';
-import { firstRegister } from '../helpers';
-import { slug } from './config';
-
-/**
- * TODO: Auth
- * change password
- * unlock
- * generate api key
- * log out
- */
-
-const { beforeAll, describe } = test;
-let url: AdminUrlUtil;