overleaf/services/web/app/src/Features/User/UserEmailsController.js

185 lines
5 KiB
JavaScript
Raw Normal View History

let UserEmailsController
const AuthenticationController = require('../Authentication/AuthenticationController')
const UserGetter = require('./UserGetter')
const UserUpdater = require('./UserUpdater')
const EmailHelper = require('../Helpers/EmailHelper')
const UserEmailsConfirmationHandler = require('./UserEmailsConfirmationHandler')
const { endorseAffiliation } = require('../Institutions/InstitutionsAPI')
const logger = require('logger-sharelatex')
const Errors = require('../Errors/Errors')
const HttpErrors = require('@overleaf/o-error/http')
function add(req, res, next) {
const userId = AuthenticationController.getLoggedInUserId(req)
const email = EmailHelper.parseEmail(req.body.email)
if (!email) {
return res.sendStatus(422)
}
const affiliationOptions = {
university: req.body.university,
role: req.body.role,
department: req.body.department
}
UserUpdater.addEmailAddress(userId, email, affiliationOptions, function(
error
) {
if (error) {
return UserEmailsController._handleEmailError(error, req, res, next)
}
UserEmailsConfirmationHandler.sendConfirmationEmail(userId, email, function(
error
) {
if (error) {
return next(error)
}
res.sendStatus(204)
})
})
}
module.exports = UserEmailsController = {
list(req, res, next) {
const userId = AuthenticationController.getLoggedInUserId(req)
UserGetter.getUserFullEmails(userId, function(error, fullEmails) {
if (error) {
return next(error)
}
res.json(fullEmails)
})
},
add,
remove(req, res, next) {
const userId = AuthenticationController.getLoggedInUserId(req)
const email = EmailHelper.parseEmail(req.body.email)
if (!email) {
return res.sendStatus(422)
}
UserUpdater.removeEmailAddress(userId, email, function(error) {
if (error) {
return next(error)
}
res.sendStatus(200)
})
},
setDefault(req, res, next) {
const userId = AuthenticationController.getLoggedInUserId(req)
const email = EmailHelper.parseEmail(req.body.email)
if (!email) {
return res.sendStatus(422)
}
UserUpdater.setDefaultEmailAddress(userId, email, err => {
if (err) {
return UserEmailsController._handleEmailError(err, req, res, next)
}
AuthenticationController.setInSessionUser(req, { email: email })
res.sendStatus(200)
})
},
endorse(req, res, next) {
const userId = AuthenticationController.getLoggedInUserId(req)
const email = EmailHelper.parseEmail(req.body.email)
if (!email) {
return res.sendStatus(422)
}
endorseAffiliation(
userId,
email,
req.body.role,
req.body.department,
function(error) {
if (error) {
return next(error)
}
res.sendStatus(204)
}
)
},
resendConfirmation(req, res, next) {
const userId = AuthenticationController.getLoggedInUserId(req)
const email = EmailHelper.parseEmail(req.body.email)
if (!email) {
return res.sendStatus(422)
}
UserGetter.getUserByAnyEmail(email, { _id: 1 }, function(error, user) {
if (error) {
return next(error)
}
if (!user || user._id.toString() !== userId) {
logger.log(
{ userId, email, foundUserId: user && user._id },
"email doesn't match logged in user"
)
return res.sendStatus(422)
}
logger.log({ userId, email }, 'resending email confirmation token')
UserEmailsConfirmationHandler.sendConfirmationEmail(
userId,
email,
function(error) {
if (error) {
return next(error)
}
res.sendStatus(200)
}
)
})
},
showConfirm(req, res, next) {
res.render('user/confirm_email', {
token: req.query.token,
title: 'confirm_email'
})
},
confirm(req, res, next) {
const { token } = req.body
if (!token) {
return res.sendStatus(422)
}
UserEmailsConfirmationHandler.confirmEmailFromToken(token, function(error) {
if (error) {
if (error instanceof Errors.NotFoundError) {
res.status(404).json({
message:
'Sorry, your confirmation token is invalid or has expired. Please request a new email confirmation link.'
})
} else {
next(error)
}
} else {
res.sendStatus(200)
}
})
},
_handleEmailError(error, req, res, next) {
if (error instanceof Errors.UnconfirmedEmailError) {
return next(
new HttpErrors.ConflictError({
info: {
public: { message: 'email must be confirmed' }
}
}).withCause(error)
)
} else if (error instanceof Errors.EmailExistsError) {
return next(
new HttpErrors.ConflictError({
info: {
public: { message: req.i18n.translate('email_already_registered') }
}
}).withCause(error)
)
}
next(new HttpErrors.InternalServerError().withCause(error))
}
}