IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

FIX: If the admin sso sync has no external ID, don't throw an error

Browse Source 
Instead, return a HTTP error code and a message explaining the problem,
to avoid log pollution.
This commit is contained in:
Robin Ward
2020-01-08 11:47:01 -05:00
parent 4d5b142f1d
commit e616b92511
3 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
spec/requests/admin/users_controller_spec.rb
View File

@@ -872,6 +872,16 @@ RSpec.describe Admin::UsersController do
expect(JSON.parse(response.body)["message"]).to include(I18n.t('sso.login_error'))
expect(JSON.parse(response.body)["message"]).not_to include(correct_payload["sig"])
end
it "returns 404 if the external id does not exist" do
sso.name = "Dr. Claw"
sso.username = "dr_claw"
sso.email = "dr@claw.com"
sso.external_id = ""
post "/admin/users/sync_sso.json", params: Rack::Utils.parse_query(sso.payload)
expect(response.status).to eq(422)
expect(JSON.parse(response.body)["message"]).to include(I18n.t('sso.blank_id_error'))
end
end
describe '#disable_second_factor' do