Merge pull request #2605 from overleaf/jel-sso-registration

Do not block SSO registration on nonessential errors GitOrigin-RevId: c9d6a7803aa8a48dbc1a8aae84d6f2588bad654e
2024-11-07 20:31:06 -05:00 · 2020-02-20 11:08:18 -05:00 · 2020-02-20 11:08:18 -05:00 · 506543d6a0
commit 506543d6a0
parent b94e1791e0
2 changed files with 23 additions and 2 deletions
--- a/services/web/app/src/Features/User/UserController.js
+++ b/services/web/app/src/Features/User/UserController.js
@ -16,6 +16,7 @@ const OError = require('@overleaf/o-error')
 const HttpErrors = require('@overleaf/o-error/http')
 const EmailHandler = require('../Email/EmailHandler')
 const UrlHelper = require('../Helpers/UrlHelper')
+const { promisify } = require('util')

 const UserController = {
  tryDeleteUser(req, res, next) {
@ -231,7 +232,7 @@ const UserController = {
    })
  },

-  _doLogout(req, cb) {
+  doLogout(req, cb) {
    metrics.inc('user.logout')
    const user = AuthenticationController.getSessionUser(req)
    logger.log({ user }, 'logging out')
@ -258,7 +259,7 @@ const UserController = {
      : undefined
    const redirectUrl = requestedRedirect || '/login'

-    UserController._doLogout(req, err => {
+    UserController.doLogout(req, err => {
      if (err != null) {
        return next(err)
      }
@ -397,4 +398,8 @@ const UserController = {
  }
 }

+UserController.promises = {
+  doLogout: promisify(UserController.doLogout)
+}
+
 module.exports = UserController
--- a/services/web/test/unit/src/User/UserControllerTests.js
+++ b/services/web/test/unit/src/User/UserControllerTests.js
@ -44,6 +44,7 @@ describe('UserController', function() {
          email: 'old@something.com'
        }
      },
+      sessionID: '123',
      body: {},
      i18n: {
        translate: text => text
@ -461,6 +462,21 @@ describe('UserController', function() {
      return this.UserController.logout(this.req, this.res)
    })

+    it('should untrack session', function(done) {
+      this.req.session.destroy = sinon.stub().callsArgWith(0)
+      this.SudoModeHandler.clearSudoMode = sinon.stub()
+      this.res.redirect = url => {
+        url.should.equal('/login')
+        this.UserSessionsManager.untrackSession.callCount.should.equal(1)
+        this.UserSessionsManager.untrackSession
+          .calledWith(sinon.match(this.req.user), this.req.sessionID)
+          .should.equal(true)
+        return done()
+      }
+
+      return this.UserController.logout(this.req, this.res)
+    })
+
    it('should redirect after logout', function(done) {
      this.req.body.redirect = '/institutional-login'
      this.req.session.destroy = sinon.stub().callsArgWith(0)