Merge pull request #1726 from sharelatex/hb-sso-password-setting

Check for password from v1 before showing password change form GitOrigin-RevId: 58ef0f9d3c8ce3ab7ca51d3538f1be13f05d4658
2024-11-30 04:15:25 -05:00 · 2019-04-25 15:21:47 +01:00 · 2019-04-25 15:21:47 +01:00 · 5517adcbd1
commit 5517adcbd1
parent 16f905358a
3 changed files with 41 additions and 8 deletions
--- a/services/web/app/coffee/Features/User/UserPagesController.coffee
+++ b/services/web/app/coffee/Features/User/UserPagesController.coffee
@ -3,10 +3,11 @@ UserSessionsManager = require("./UserSessionsManager")
 ErrorController = require("../Errors/ErrorController")
 logger = require("logger-sharelatex")
 Settings = require("settings-sharelatex")
 request = require 'request'
 fs = require('fs')
 AuthenticationController = require('../Authentication/AuthenticationController')
-module.exports =
+module.exports = UserPagesController =
 	registerPage : (req, res)->
 		sharedProjectData =
@ -72,12 +73,17 @@ module.exports =
 		shouldAllowEditingDetails = !(Settings?.ldap?.updateUserDetailsOnLogin) and !(Settings?.saml?.updateUserDetailsOnLogin)
 		UserGetter.getUser user_id, (err, user)->
 			return next(err) if err?
-			res.render 'user/settings',
+
-				title:'account_settings'
+			UserPagesController._hasPassword user, (err, passwordPresent) ->
-				user: user,
+				if err
-				shouldAllowEditingDetails: shouldAllowEditingDetails
+					logger.err {err}, "error getting password status from v1"
-				languages: Settings.languages,
+				res.render 'user/settings',
-				accountSettingsTabActive: true
+					title:'account_settings'
 					user: user,
 					hasPassword: passwordPresent,
 					shouldAllowEditingDetails: shouldAllowEditingDetails
 					languages: Settings.languages,
 					accountSettingsTabActive: true
 	sessionsPage: (req, res, next) ->
 		user = AuthenticationController.getSessionUser(req)
@ -89,3 +95,19 @@ module.exports =
 			res.render 'user/sessions',
 				title: "sessions"
 				sessions: sessions
 	_hasPassword: (user, callback) ->
 		request.get {
 			url: "#{Settings.apis.v1.url}/api/v1/sharelatex/has_password"
 			auth: { user: Settings.apis.v1.user, pass: Settings.apis.v1.pass }
 			body: { user_id: user?.overleaf?.id }
 			timeout: 20 * 1000
 			json: true
 		}, (err, response, body) ->
 			if err
 				# for errors assume password and show password setting form
 				return callback(err, true)
 			else if body?.has_password
 				return callback(err, true)
 			return callback(err, false)
--- a/services/web/app/views/user/settings.pug
+++ b/services/web/app/views/user/settings.pug
@ -88,6 +88,9 @@ block content
 									if externalAuthenticationSystemUsed() && !settings.overleaf
 										p
 											Password settings are managed externally
 									else if !hasPassword
 										p
 											| #[a(href="/user/password/reset", target='_blank') #{translate("no_existing_password")}]
 									else
 										- var submitAction
 										if settings.overleaf
--- a/services/web/test/unit/coffee/User/UserPagesControllerTests.coffee
+++ b/services/web/test/unit/coffee/User/UserPagesControllerTests.coffee
@ -10,7 +10,13 @@ describe "UserPagesController", ->
 	beforeEach ->
-		@settings = {}
+		@settings = {
 			apis:
 				v1:
 						url: 'some.host'
 						user: 'one'
 						pass: 'two'
 		}
 		@user =
 			_id: @user_id = "kwjewkl"
 			features:{}
@ -39,6 +45,7 @@ describe "UserPagesController", ->
 			"../Errors/ErrorController": @ErrorController
 			'../Dropbox/DropboxHandler': @DropboxHandler
 			'../Authentication/AuthenticationController': @AuthenticationController
 			'request': @request = sinon.stub()
 		@req =
 			query:{}
 			session:
@ -133,6 +140,7 @@ describe "UserPagesController", ->
 	describe "settingsPage", ->
 		beforeEach ->
 			@request.get = sinon.stub().callsArgWith(1, null, {statusCode: 200}, {has_password: true})
 			@UserGetter.getUser = sinon.stub().callsArgWith(1, null, @user)
 		it "should render user/settings", (done)->