mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-21 20:47:08 -05:00
Merge pull request #1775 from overleaf/ta-fetch-user-before-confirm
Check User Exists Before Confirming Email GitOrigin-RevId: 3622044f31f78e8499ccd084ca99297ca297ca97
This commit is contained in:
parent
276310bd23
commit
0e38ca1fd7
2 changed files with 19 additions and 2 deletions
|
@ -5,6 +5,7 @@ settings = require 'settings-sharelatex'
|
|||
Errors = require "../Errors/Errors"
|
||||
logger = require "logger-sharelatex"
|
||||
UserUpdater = require "./UserUpdater"
|
||||
UserGetter = require "./UserGetter"
|
||||
|
||||
ONE_YEAR_IN_S = 365 * 24 * 60 * 60
|
||||
|
||||
|
@ -34,4 +35,8 @@ module.exports = UserEmailsConfirmationHandler =
|
|||
logger.log {data, user_id, email, token_start: token.slice(0,8)}, 'found data for email confirmation'
|
||||
if !user_id? or email != EmailHelper.parseEmail(email)
|
||||
return callback(new Errors.NotFoundError('invalid data'))
|
||||
UserUpdater.confirmEmail user_id, email, callback
|
||||
UserGetter.getUser user_id, {}, (error, user) ->
|
||||
return callback(error) if error?
|
||||
unless user?._id
|
||||
return callback(new Errors.NotFoundError('user not found'))
|
||||
UserUpdater.confirmEmail user_id, email, callback
|
||||
|
|
|
@ -17,9 +17,12 @@ describe "UserEmailsConfirmationHandler", ->
|
|||
"../Security/OneTimeTokenHandler": @OneTimeTokenHandler = {}
|
||||
"../Errors/Errors": Errors
|
||||
"./UserUpdater": @UserUpdater = {}
|
||||
"./UserGetter": @UserGetter =
|
||||
getUser: sinon.stub().yields(null, @mockUser)
|
||||
"../Email/EmailHandler": @EmailHandler = {}
|
||||
"../Helpers/EmailHelper": EmailHelper
|
||||
@user_id = "mock-user-id"
|
||||
@mockUser = _id: "mock-user-id"
|
||||
@user_id = @mockUser._id
|
||||
@email = "mock@example.com"
|
||||
@callback = sinon.stub()
|
||||
|
||||
|
@ -124,3 +127,12 @@ describe "UserEmailsConfirmationHandler", ->
|
|||
it "should call the callback with a NotFoundError", ->
|
||||
@callback.calledWith(sinon.match.instanceOf(Errors.NotFoundError)).should.equal true
|
||||
|
||||
|
||||
describe 'with no user found', ->
|
||||
beforeEach ->
|
||||
@UserGetter.getUser.yields(null, null)
|
||||
@UserEmailsConfirmationHandler.confirmEmailFromToken @token = 'mock-token', @callback
|
||||
|
||||
it "should call the callback with a NotFoundError", ->
|
||||
@callback.calledWith(sinon.match.instanceOf(Errors.NotFoundError)).should.equal true
|
||||
|
||||
|
|
Loading…
Reference in a new issue