Merge pull request #6254 from overleaf/jel-saml-entitlement

[web] Always update entitlement in v1 after SAML callback GitOrigin-RevId: 2569d6d8e6142786ad2875c62c9cd4568837654a
2024-11-21 20:47:08 -05:00 · 2022-01-12 10:19:23 -06:00 · 2022-01-12 10:19:23 -06:00 · 1122a83b60
commit 1122a83b60
parent bbc5e2d34c
2 changed files with 30 additions and 21 deletions
--- a/services/web/app/src/Features/User/SAMLIdentityManager.js
+++ b/services/web/app/src/Features/User/SAMLIdentityManager.js
@ -339,12 +339,6 @@ async function updateEntitlement(
  }
  // update v2 user
  await User.updateOne(query, update).exec()
  // update v1 affiliations record
  if (hasEntitlement) {
    await InstitutionsAPI.promises.addEntitlement(userId, institutionEmail)
  } else {
    await InstitutionsAPI.promises.removeEntitlement(userId, institutionEmail)
  }
 }
 function entitlementAttributeMatches(entitlementAttribute, entitlementMatcher) {
--- a/services/web/test/acceptance/src/mocks/MockV1Api.js
+++ b/services/web/test/acceptance/src/mocks/MockV1Api.js
@ -91,7 +91,8 @@ class MockV1Api extends AbstractMockApi {
    )
  }
-  addAffiliation(userId, email) {
+  addAffiliation(userId, email, entitlement) {
    let newAffiliation = true
    const institution = {}
    if (!email) return
    if (!this.affiliations[userId]) this.affiliations[userId] = []
@ -101,26 +102,36 @@ class MockV1Api extends AbstractMockApi {
        return affiliationData.email === email
      })
    )
-      return
+      newAffiliation = false
-    const domain = email.split('@').pop()
+    if (newAffiliation) {
      const domain = email.split('@').pop()
-    if (this.blocklistedDomains.indexOf(domain.replace('.com', '')) !== -1) {
+      if (this.blocklistedDomains.indexOf(domain.replace('.com', '')) !== -1) {
-      return
+        return
-    }
+      }
-    if (this.allInstitutionDomains.has(domain)) {
+      if (this.allInstitutionDomains.has(domain)) {
-      for (const [institutionId, domainData] of Object.entries(
+        for (const [institutionId, domainData] of Object.entries(
-        this.institutionDomains
+          this.institutionDomains
-      )) {
+        )) {
-        if (domainData[domain]) {
+          if (domainData[domain]) {
-          institution.id = institutionId
+            institution.id = institutionId
          }
        }
      }
      if (institution.id) {
        this.affiliations[userId].push({ email, institution })
      }
    }
-    if (institution.id) {
+    if (entitlement !== undefined) {
-      this.affiliations[userId].push({ email, institution })
+      this.affiliations[userId].forEach(affiliation => {
        if (affiliation.email === email) {
          affiliation.cached_entitlement = entitlement
        }
      })
    }
  }
@ -231,7 +242,11 @@ class MockV1Api extends AbstractMockApi {
    })
    this.app.post('/api/v2/users/:userId/affiliations', (req, res) => {
-      this.addAffiliation(req.params.userId, req.body.email)
+      this.addAffiliation(
        req.params.userId,
        req.body.email,
        req.body.entitlement
      )
      res.sendStatus(201)
    })