Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

FIX: display warning when SSO email is different from invite email (#13804) 

In this commit, we skipped frontend validation when email is obfuscated:
https://github.com/discourse/discourse/commit/534008ba24c

However, if email from SSO is different from email from invite, we should still display warning.
This commit is contained in:
Krzysztof Kotlarek 2021-07-21 17:03:04 +10:00 committed by GitHub
parent 7162ecfb04
commit 40f6ceb6f2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 48 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
app/assets/javascripts/discourse/app/controllers/invites-show.js
View File

@ -31,6 +31,7 @@ export default Controller.extend(
accountEmail: alias("email"), accountEmail: alias("email"),
hiddenEmail: alias("model.hidden_email"), hiddenEmail: alias("model.hidden_email"),
emailVerifiedByLink: alias("model.email_verified_by_link"), emailVerifiedByLink: alias("model.email_verified_by_link"),
differentExternalEmail: alias("model.different_external_email"),
accountUsername: alias("model.username"), accountUsername: alias("model.username"),
passwordRequired: notEmpty("accountPassword"), passwordRequired: notEmpty("accountPassword"),
successMessage: null, successMessage: null,
@ -130,7 +131,8 @@ export default Controller.extend(
"authOptions.email", "authOptions.email",
"authOptions.email_valid", "authOptions.email_valid",
"hiddenEmail", "hiddenEmail",
"emailVerifiedByLink" "emailVerifiedByLink",
"differentExternalEmail"
) )
emailValidation( emailValidation(
email, email,
@ -138,9 +140,10 @@ export default Controller.extend(
externalAuthEmail, externalAuthEmail,
externalAuthEmailValid, externalAuthEmailValid,
hiddenEmail, hiddenEmail,
emailVerifiedByLink emailVerifiedByLink,
differentExternalEmail
) { ) {
if (hiddenEmail) { if (hiddenEmail && !differentExternalEmail) {
return EmberObject.create({ return EmberObject.create({
ok: true, ok: true,
reason: I18n.t("user.email.ok"), reason: I18n.t("user.email.ok"),

36
app/assets/javascripts/discourse/tests/acceptance/invite-accept-test.js
View File

@ -1,6 +1,7 @@
import { import {
acceptance, acceptance,
exists, exists,
query,
queryAll, queryAll,
} from "discourse/tests/helpers/qunit-helpers"; } from "discourse/tests/helpers/qunit-helpers";
import { fillIn, visit } from "@ember/test-helpers"; import { fillIn, visit } from "@ember/test-helpers";
@ -22,7 +23,12 @@ function setAuthenticationData(hooks, json) {
}); });
} }
function preloadInvite({ link = false, email_verified_by_link = false } = {}) { function preloadInvite({
link = false,
email_verified_by_link = false,
different_external_email = false,
hidden_email = false,
} = {}) {
const info = { const info = {
invited_by: { invited_by: {
id: 123, id: 123,
@ -33,6 +39,8 @@ function preloadInvite({ link = false, email_verified_by_link = false } = {}) {
}, },
username: "invited", username: "invited",
email_verified_by_link: email_verified_by_link, email_verified_by_link: email_verified_by_link,
different_external_email: different_external_email,
hidden_email: hidden_email,
}; };
if (link) { if (link) {
@ -362,6 +370,32 @@ acceptance(
} }
); );
acceptance(
"Email Invite link with different external email address",
function (needs) {
needs.settings({ enable_local_logins: false });
setAuthenticationData(needs.hooks, {
auth_provider: "facebook",
email: "foobar+different@example.com",
email_valid: true,
username: "foobar",
name: "barfoo",
});
test("display information that email is invalid", async function (assert) {
preloadInvite({ different_external_email: true, hidden_email: true });
await visit("/invites/myvalidinvitetoken");
assert.equal(
query(".bad").textContent.trim(),
"Your invitation email does not match the email authenticated by Facebook"
);
});
}
);
acceptance( acceptance(
"Email Invite link with valid authentication data, valid email token, unverified authentication email", "Email Invite link with valid authentication data, valid email token, unverified authentication email",
function (needs) { function (needs) {

7
app/controllers/invites_controller.rb
View File

@ -50,10 +50,13 @@ class InvitesController < ApplicationController
email = Email.obfuscate(invite.email) email = Email.obfuscate(invite.email)
# Show email if the user already authenticated their email # Show email if the user already authenticated their email
different_external_email = false
if session[:authentication] if session[:authentication]
auth_result = Auth::Result.from_session_data(session[:authentication], user: nil) auth_result = Auth::Result.from_session_data(session[:authentication], user: nil)
if invite.email == auth_result.email if invite.email == auth_result.email
email = invite.email email = invite.email
else
different_external_email = true
end end
end end
@ -73,6 +76,10 @@ class InvitesController < ApplicationController
email_verified_by_link: email_verified_by_link email_verified_by_link: email_verified_by_link
} }
if different_external_email
info[:different_external_email] = true
end
if staged_user = User.where(staged: true).with_email(invite.email).first if staged_user = User.where(staged: true).with_email(invite.email).first
info[:username] = staged_user.username info[:username] = staged_user.username
info[:user_fields] = staged_user.user_fields info[:user_fields] = staged_user.user_fields