diff --git a/app/controllers/invites_controller.rb b/app/controllers/invites_controller.rb index 1a7f87b7aac..923e822ce0d 100644 --- a/app/controllers/invites_controller.rb +++ b/app/controllers/invites_controller.rb @@ -6,6 +6,7 @@ class InvitesController < ApplicationController before_filter :ensure_logged_in, only: [:destroy, :create, :create_invite_link, :resend_invite, :check_csv_chunk, :upload_csv_chunk] before_filter :ensure_new_registrations_allowed, only: [:show, :redeem_disposable_invite] + before_filter :ensure_not_logged_in, only: [:show, :redeem_disposable_invite] def show invite = Invite.find_by(invite_key: params[:id]) @@ -195,4 +196,12 @@ class InvitesController < ApplicationController false end end + + def ensure_not_logged_in + if current_user + flash[:error] = I18n.t("login.already_logged_in", current_user: current_user.username) + render layout: 'no_ember' + false + end + end end diff --git a/app/views/invites/redeem_disposable_invite.html.erb b/app/views/invites/redeem_disposable_invite.html.erb new file mode 100644 index 00000000000..cc4b0acc1e7 --- /dev/null +++ b/app/views/invites/redeem_disposable_invite.html.erb @@ -0,0 +1,7 @@ +
+ <%if flash[:error]%> +
+ <%=flash[:error]%> +
+ <%end%> +
diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml index f3b3e13919b..f81cc685574 100644 --- a/config/locales/server.en.yml +++ b/config/locales/server.en.yml @@ -1386,6 +1386,7 @@ en: reserved_username: "That username is not allowed." missing_user_field: "You have not completed all the user fields" close_window: "Authentication is complete. Close this window to continue." + already_logged_in: "Oops, looks like you are attempting to accept an invitation for another user. If you are not %{current_user}, please log out and try again?" user: no_accounts_associated: "No accounts associated" diff --git a/spec/controllers/invites_controller_spec.rb b/spec/controllers/invites_controller_spec.rb index ca0d4823eb8..745c781f9cb 100644 --- a/spec/controllers/invites_controller_spec.rb +++ b/spec/controllers/invites_controller_spec.rb @@ -218,6 +218,16 @@ describe InvitesController do end end + context 'user is already logged in' do + let!(:user) { log_in } + let(:topic) { Fabricate(:topic) } + let(:invite) { topic.invite_by_email(topic.user, "iceking@adventuretime.ooo") } + + it "doesn't redeem the invite" do + Invite.any_instance.stubs(:redeem).never + get :show, id: invite.invite_key + end + end end context '.create_disposable_invite' do