FIX: Prioritize explicit 'connect' over matching by email

This is an edge case that was previously handled by TwitterAuthenticator, but not FacebookAuthenticator.
This commit is contained in:
David Taylor
2018-12-07 14:12:08 +00:00
parent 3cad3f9df1
commit 86f8734bc0
2 changed files with 9 additions and 1 deletions

View File

@@ -55,7 +55,7 @@ class Auth::ManagedAuthenticator < Auth::Authenticator
end
# Matching an account by email
if match_by_email && association.nil? && (user = User.find_by_email(email))
if match_by_email && association.nil? && result.user.nil? && (user = User.find_by_email(email))
UserAssociatedAccount.where(user: user, provider_name: auth_token[:provider]).destroy_all # Destroy existing associations for the new user
result.user = user
end

View File

@@ -55,6 +55,14 @@ describe Auth::ManagedAuthenticator do
expect(UserAssociatedAccount.exists?(user_id: user2.id)).to eq(true)
end
it 'still works if another user has a matching email' do
Fabricate(:user, email: hash.dig(:info, :email))
result = authenticator.after_authenticate(hash, existing_account: user2)
expect(result.user.id).to eq(user2.id)
expect(UserAssociatedAccount.exists?(user_id: user1.id)).to eq(false)
expect(UserAssociatedAccount.exists?(user_id: user2.id)).to eq(true)
end
it 'does not work when disabled' do
authenticator = Class.new(described_class) do
def name