mirror of
https://github.com/discourse/discourse.git
synced 2024-11-25 10:20:58 -06:00
FIX: Ensure that login does not fail for users with invite records (#15647)
In the unlikely, but possible, scenario where a user has no email_tokens, and has an invite record for their email address, login would fail. This commit fixes the `Invite` `user_doesnt_already_exist` validation so that it only applies to new invites, or when changing the email address.
This regressed in d8fe0f4199
(based on `git bisect`)
This commit is contained in:
parent
5b7bddf966
commit
820564826e
@ -32,7 +32,7 @@ class Invite < ActiveRecord::Base
|
||||
validates :email, email: true, allow_blank: true
|
||||
validate :ensure_max_redemptions_allowed
|
||||
validate :valid_domain, if: :will_save_change_to_domain?
|
||||
validate :user_doesnt_already_exist
|
||||
validate :user_doesnt_already_exist, if: :will_save_change_to_email?
|
||||
|
||||
before_create do
|
||||
self.invite_key ||= SecureRandom.base58(10)
|
||||
|
@ -411,6 +411,20 @@ RSpec.describe Users::OmniauthCallbacksController do
|
||||
expect(user.confirm_password?("securepassword")).to eq(false)
|
||||
end
|
||||
|
||||
it "should work if the user has no email_tokens, and an invite" do
|
||||
# Confirming existing email_tokens has a side effect of redeeming invites.
|
||||
# Pretend we don't have any email_tokens
|
||||
user.email_tokens.destroy_all
|
||||
|
||||
invite = Fabricate(:invite, invited_by: Fabricate(:admin))
|
||||
invite.update_column(:email, user.email) # (avoid validation)
|
||||
|
||||
get "/auth/google_oauth2/callback.json"
|
||||
expect(response.status).to eq(302)
|
||||
|
||||
expect(invite.reload.invalidated_at).not_to eq(nil)
|
||||
end
|
||||
|
||||
it "should update name/username/email when SiteSetting.auth_overrides_* are enabled" do
|
||||
SiteSetting.email_editable = false
|
||||
SiteSetting.auth_overrides_email = true
|
||||
|
Loading…
Reference in New Issue
Block a user