From e891424c17a5d7ab618b3a9c1c85f1303266af9a Mon Sep 17 00:00:00 2001
From: geisterfurz007 <michelvonv@me.com>
Date: Thu, 27 Oct 2022 19:32:49 +0200
Subject: [PATCH] fix: empty payload deleting single user session

---
 app/controllers/api/users.php                 |  3 +-
 .../Realtime/RealtimeCustomClientTest.php     | 67 ++++++++++++++++---
 2 files changed, 58 insertions(+), 12 deletions(-)

diff --git a/app/controllers/api/users.php b/app/controllers/api/users.php
index c95105b775..0d40d532dd 100644
--- a/app/controllers/api/users.php
+++ b/app/controllers/api/users.php
@@ -1004,7 +1004,8 @@ App::delete('/v1/users/:userId/sessions/:sessionId')
 
         $events
             ->setParam('userId', $user->getId())
-            ->setParam('sessionId', $sessionId);
+            ->setParam('sessionId', $sessionId)
+            ->setPayload($response->output($session, Response::MODEL_SESSION));
 
         $response->noContent();
     });
diff --git a/tests/e2e/Services/Realtime/RealtimeCustomClientTest.php b/tests/e2e/Services/Realtime/RealtimeCustomClientTest.php
index 7f09cb5703..71c37678ed 100644
--- a/tests/e2e/Services/Realtime/RealtimeCustomClientTest.php
+++ b/tests/e2e/Services/Realtime/RealtimeCustomClientTest.php
@@ -458,21 +458,29 @@ class RealtimeCustomClientTest extends Scope
         $this->assertContains("users.*", $response['data']['events']);
         $this->assertNotEmpty($response['data']['payload']);
 
+        $createSession = function () use ($projectId): array {
+            $response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
+                'origin' => 'http://localhost',
+                'content-type' => 'application/json',
+                'x-appwrite-project' => $projectId,
+            ]), [
+                'email' => 'torsten@appwrite.io',
+                'password' => 'new-password',
+            ]);
+
+            $sessionNew = $this->client->parseCookie((string)$response['headers']['set-cookie'])['a_session_' . $projectId];
+            $sessionNewId = $response['body']['$id'];
+
+            return array("session" => $sessionNew, "sessionId" => $sessionNewId);
+        };
+
         /**
          * Test Account Session Create
          */
-        $response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
-            'origin' => 'http://localhost',
-            'content-type' => 'application/json',
-            'x-appwrite-project' => $projectId,
-        ]), [
-            'email' => 'torsten@appwrite.io',
-            'password' => 'new-password',
-        ]);
-
-        $sessionNew = $this->client->parseCookie((string)$response['headers']['set-cookie'])['a_session_' . $projectId];
-        $sessionNewId = $response['body']['$id'];
+        $sessionData = $createSession();
 
+        $sessionNew = $sessionData['session'];
+        $sessionNewId = $sessionData['sessionId'];
         $response = json_decode($client->receive(), true);
 
         $this->assertArrayHasKey('type', $response);
@@ -527,6 +535,43 @@ class RealtimeCustomClientTest extends Scope
         $this->assertContains("users.*", $response['data']['events']);
         $this->assertNotEmpty($response['data']['payload']);
 
+        /**
+         * Test User Account Session Delete
+         */
+
+        $sessionData = $createSession();
+        $sessionNew = $sessionData['session'];
+        $sessionNewId = $sessionData['sessionId'];
+        $client->receive(); // Receive the creation message and drop; this was tested earlier already
+
+        $this->client->call(Client::METHOD_DELETE, '/users/' . $userId . '/sessions/' . $sessionNewId, array_merge([
+            'origin' => 'http://localhost',
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $projectId,
+            'x-appwrite-key' => $this->getProject()['apiKey'],
+        ]));
+
+        $response = json_decode($client->receive(), true);
+        $this->assertArrayHasKey('type', $response);
+        $this->assertArrayHasKey('data', $response);
+        $this->assertEquals('event', $response['type']);
+        $this->assertNotEmpty($response['data']);
+        $this->assertCount(2, $response['data']['channels']);
+        $this->assertArrayHasKey('timestamp', $response['data']);
+        $this->assertContains('account', $response['data']['channels']);
+        $this->assertContains('account.' . $userId, $response['data']['channels']);
+        $this->assertContains("users.{$userId}.sessions.{$sessionNewId}.delete", $response['data']['events']);
+        $this->assertContains("users.{$userId}.sessions.{$sessionNewId}", $response['data']['events']);
+        $this->assertContains("users.{$userId}.sessions.*.delete", $response['data']['events']);
+        $this->assertContains("users.{$userId}.sessions.*", $response['data']['events']);
+        $this->assertContains("users.{$userId}", $response['data']['events']);
+        $this->assertContains("users.*.sessions.{$sessionNewId}.delete", $response['data']['events']);
+        $this->assertContains("users.*.sessions.{$sessionNewId}", $response['data']['events']);
+        $this->assertContains("users.*.sessions.*.delete", $response['data']['events']);
+        $this->assertContains("users.*.sessions.*", $response['data']['events']);
+        $this->assertContains("users.*", $response['data']['events']);
+        $this->assertNotEmpty($response['data']['payload']);
+
         /**
          * Test Account Create Recovery
          */