FIX: do not suggest "user1" as a username to invited users (#15031)

Recently, the wrong new behavior appeared – we started to suggest to invited users usernames like "user1". To reproduce: 1. Create an invitation with default settings, do not restrict it to email 2. Copy an invitation link and follow it in incognito mode See username already filled, with eg “user1”. See screenshot. Should be empty. This bug was very likely introduced by my recent changes to UserNameSuggester.
2021-11-30 16:59:37 +04:00 · 2021-11-30 16:59:37 +04:00 · 88f9bb3dc9
parent 24356e339b
commit 88f9bb3dc9
2 changed files with 14 additions and 2 deletions
--- a/app/controllers/invites_controller.rb
+++ b/app/controllers/invites_controller.rb
@ -69,11 +69,17 @@ class InvitesController < ApplicationController

      hidden_email = email != invite.email

+      if hidden_email || invite.email.nil?
+        username = ""
+      else
+        username = UserNameSuggester.suggest(invite.email)
+      end
+
      info = {
        invited_by: UserNameSerializer.new(invite.invited_by, scope: guardian, root: false),
        email: email,
        hidden_email: hidden_email,
-        username: hidden_email ? '' : UserNameSuggester.suggest(invite.email),
+        username: username,
        is_invite_link: invite.is_invite_link?,
        email_verified_by_link: email_verified_by_link
      }
--- a/spec/requests/invites_controller_spec.rb
+++ b/spec/requests/invites_controller_spec.rb
@ -13,9 +13,15 @@ describe InvitesController do
      get "/invites/#{invite.invite_key}"
      expect(response.status).to eq(200)
      expect(response.body).to have_tag(:script, with: { src: '/assets/application.js' })
-      expect(response.body).to include('i*****g@a***********e.ooo')
      expect(response.body).not_to include(invite.email)
      expect(response.body).to_not include(I18n.t('invite.not_found_template', site_name: SiteSetting.title, base_url: Discourse.base_url))
+
+      expect(response.body).to have_tag('div#data-preloaded') do |element|
+        json = JSON.parse(element.current_scope.attribute('data-preloaded').value)
+        invite_info = JSON.parse(json['invite_info'])
+        expect(invite_info['username']).to eq('')
+        expect(invite_info['email']).to eq('i*****g@a***********e.ooo')
+      end
    end

    it 'shows unobfuscated email if email data is present in authentication data' do