diff --git a/src/queries/anonymousCartByCartId.js b/src/queries/anonymousCartByCartId.js index 67d90422488..4720c5baeee 100644 --- a/src/queries/anonymousCartByCartId.js +++ b/src/queries/anonymousCartByCartId.js @@ -20,5 +20,8 @@ export default async function anonymousCartByCartId(context, { cartId, cartToken throw new ReactionError("invalid-param", "You must provide a cartId"); } - return Cart.findOne({ $or: [{ _id: cartId }, { anonymousAccessToken: hashToken(cartToken) }] }); + return Cart.findOne({ + _id: cartId, + anonymousAccessToken: hashToken(cartToken) + }); } diff --git a/src/queries/anonymousCartByCartId.test.js b/src/queries/anonymousCartByCartId.test.js new file mode 100644 index 00000000000..c5c3d838416 --- /dev/null +++ b/src/queries/anonymousCartByCartId.test.js @@ -0,0 +1,37 @@ +import mockContext from "@reactioncommerce/api-utils/tests/mockContext.js"; +import hashToken from "@reactioncommerce/api-utils/hashToken.js"; +import anonymousCartByCartId from "./anonymousCartByCartId.js"; + +test("query anonymous cart", async () => { + const cartId = "123"; + const cartToken = "xyz"; + const cart = { + _id: cartId, + anonymousAccessToken: cartToken + }; + const callingParams = { + _id: cartId, + anonymousAccessToken: hashToken(cartToken) + }; + + mockContext.collections.Cart.findOne.mockReturnValueOnce(Promise.resolve(cart)); + + const result = await anonymousCartByCartId(mockContext, { cartId, cartToken }); + expect(result).toEqual(cart); + expect(mockContext.collections.Cart.findOne).toHaveBeenCalledWith(callingParams); +}); + +test("query without hashed access token", async () => { + const cartId = "123"; + const cartToken = "xyz"; + const callingParams = { + _id: cartId, + anonymousAccessToken: cartToken + }; + + mockContext.collections.Cart.findOne.mockReturnValueOnce(Promise.resolve(null)); + + const result = await anonymousCartByCartId(mockContext, { cartId, cartToken }); + expect(result).toEqual(null); + expect(mockContext.collections.Cart.findOne).not.toHaveBeenCalledWith(callingParams); +});