FEATURE: Add new site setting to restrict how many times you can click on an

invite to "passthrough" as logged in, with a default of 0 hours. Also changes default invite expiry from 7 days to 1.
2014-07-01 12:52:52 -04:00 · 2014-07-01 12:52:52 -04:00 · d9e583af1a
parent bad5938cdd
commit d9e583af1a
4 changed files with 32 additions and 6 deletions
--- a/app/models/invite_redeemer.rb
+++ b/app/models/invite_redeemer.rb
@ -2,10 +2,19 @@ InviteRedeemer = Struct.new(:invite) do

  def redeem
    Invite.transaction do
-      process_invitation if invite_was_redeemed?
+      if invite_was_redeemed?
+        process_invitation
+        return invited_user
+      end
    end

-    invited_user
+    # If `invite_passthrough_hours` is defined, allow them to re-use the invite link
+    # to login again.
+    if invite.redeemed_at >= SiteSetting.invite_passthrough_hours.hours.ago
+      return invited_user
+    end
+
+    nil
  end

  # extracted from User cause it is very specific to invites
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@ -713,6 +713,7 @@ en:
    force_hostname: "DEVELOPER ONLY! WARNING! Specify a hostname in the URL. Leave blank for default."

    invite_expiry_days: "How long user invitation keys are valid, in days"
+    invite_passthrough_hours: "How long a user can use a previously redeemed invitation key to log in, in hours"

    # TODO: perhaps we need a way of protecting these settings for hosted solution, global settings ...

--- a/config/site_settings.yml
+++ b/config/site_settings.yml
@ -247,7 +247,8 @@ users:
  enable_names:
    client: true
    default: true
-  invite_expiry_days: 4
+  invite_expiry_days: 1
+  invite_passthrough_hours: 0
  invites_shown:
    client: true
    default: 30
--- a/spec/models/invite_spec.rb
+++ b/spec/models/invite_spec.rb
@ -197,11 +197,26 @@ describe Invite do


        context 'again' do
-          it 'will not redeem twice' do
-            invite.redeem.should == user
-            invite.redeem.send_welcome_message.should be_false
+          context "without a passthrough" do
+            before do
+              SiteSetting.invite_passthrough_hours = 0
+            end
+
+            it 'will not redeem twice' do
+              invite.redeem.should be_blank
+            end
          end

+          context "with a passthrough" do
+            before do
+              SiteSetting.invite_passthrough_hours = 1
+            end
+
+            it 'will not redeem twice' do
+              invite.redeem.should be_present
+              invite.redeem.send_welcome_message.should be_false
+            end
+          end
        end
      end