FIX: Make `email` a required param when accepting invite links.

A missing email when accepting an invite link does not make sense so we
should make it a required param which helps to catch bugs in our test
suite and also prevent potential bugs in our code base when the code
trips on a `nil` email.
This commit is contained in:
Alan Guo Xiang Tan 2021-03-03 16:12:30 +08:00
parent ae3839580e
commit 51483e1aef
2 changed files with 13 additions and 4 deletions

View File

@ -145,14 +145,23 @@ class InvitesController < ApplicationController
if invite.present? if invite.present?
begin begin
user = invite.redeem( attrs = {
email: invite.is_invite_link? ? params[:email] : invite.email,
username: params[:username], username: params[:username],
name: params[:name], name: params[:name],
password: params[:password], password: params[:password],
user_custom_fields: params[:user_custom_fields], user_custom_fields: params[:user_custom_fields],
ip_address: request.remote_ip ip_address: request.remote_ip
) }
attrs[:email] =
if invite.is_invite_link?
params.require([:email])
params[:email]
else
invite.email
end
user = invite.redeem(attrs)
rescue ActiveRecord::RecordInvalid, ActiveRecord::RecordNotSaved => e rescue ActiveRecord::RecordInvalid, ActiveRecord::RecordNotSaved => e
return render json: failed_json.merge(errors: e.record&.errors&.to_hash, message: I18n.t('invite.error_message')), status: 412 return render json: failed_json.merge(errors: e.record&.errors&.to_hash, message: I18n.t('invite.error_message')), status: 412
rescue Invite::UserExists => e rescue Invite::UserExists => e

View File

@ -337,7 +337,7 @@ describe InvitesController do
fab!(:invite_link) { Fabricate(:invite, email: nil, max_redemptions_allowed: 5, expires_at: 1.day.ago, emailed_status: Invite.emailed_status_types[:not_required]) } fab!(:invite_link) { Fabricate(:invite, email: nil, max_redemptions_allowed: 5, expires_at: 1.day.ago, emailed_status: Invite.emailed_status_types[:not_required]) }
it "response is not successful" do it "response is not successful" do
put "/invites/show/#{invite_link.invite_key}.json" put "/invites/show/#{invite_link.invite_key}.json", params: { email: "foobar@example.com" }
expect(response.status).to eq(404) expect(response.status).to eq(404)
expect(response.parsed_body["message"]).to eq(I18n.t('invite.not_found_json')) expect(response.parsed_body["message"]).to eq(I18n.t('invite.not_found_json'))