Merge branch 'master' of https://github.com/sharelatex/web-sharelatex

services/web/app/coffee/Features/PasswordReset/PasswordResetController.coffee

@@ -1,6 +1,6 @@
 PasswordResetHandler = require("./PasswordResetHandler")
 RateLimiter = require("../../infrastructure/RateLimiter")
-
+logger = require "logger-sharelatex"
 
 module.exports =
 
@@ -18,11 +18,13 @@ module.exports =
 		RateLimiter.addCount opts, (err, canCompile)->
 			if !canCompile
 				return res.send 500, { message: req.i18n.translate("rate_limit_hit_wait")}
-			PasswordResetHandler.generateAndEmailResetToken email, (err)->
+			PasswordResetHandler.generateAndEmailResetToken email, (err, exists)->
 				if err?
 					res.send 500, {message:err?.message}
-				else
+				else if exists
 					res.send 200
+				else
+					res.send 404, {message: req.i18n.translate("cant_find_email")}
 
 	renderSetPasswordForm: (req, res)->
 		res.render "user/setPassword", 

services/web/app/coffee/Features/PasswordReset/PasswordResetHandler.coffee

@@ -8,18 +8,20 @@ logger = require("logger-sharelatex")
 
 module.exports =
 
-	generateAndEmailResetToken:(email, callback)->
+	generateAndEmailResetToken:(email, callback = (error, exists) ->)->
 		UserGetter.getUser email:email, (err, user)->
 			if err then return callback(err)
 			if !user?
 				logger.err email:email, "user could not be found for password reset"
-				return callback(message:"Can't find that email, sorry.")
+				return callback(null, false)
 			PasswordResetTokenHandler.getNewToken user._id, (err, token)->
 				if err then return callback(err)
 				emailOptions =
 					to : email
 					setNewPasswordUrl : "#{settings.siteUrl}/user/password/set?passwordResetToken=#{token}"
-				EmailHandler.sendEmail "passwordResetRequested", emailOptions, callback		
+				EmailHandler.sendEmail "passwordResetRequested", emailOptions, (error) ->
+					return callback(error) if error?
+					callback null, true
 
 	setNewUserPassword: (token, password, callback)->
 		PasswordResetTokenHandler.getUserIdFromTokenAndExpire token, (err, user_id)->

services/web/public/coffee/directives/asyncForm.coffee

@@ -43,7 +43,7 @@ define [
 							response.success = false
 							response.error = true
 							response.message =
-								text: data.message?.text or "Something went wrong talking to the server :(. Please try again."
+								text: data.message?.text or data.message or "Something went wrong talking to the server :(. Please try again."
 								type: 'error'
 							ga('send', 'event', formName, 'failure', data.message)
 		}

services/web/test/UnitTests/coffee/PasswordReset/PasswordResetControllerTests.coffee

@@ -39,7 +39,7 @@ describe "PasswordResetController", ->
 	describe "requestReset", ->
 
 		it "should error if the rate limit is hit", (done)->
-			@PasswordResetHandler.generateAndEmailResetToken.callsArgWith(1)
+			@PasswordResetHandler.generateAndEmailResetToken.callsArgWith(1, null, true)
 			@RateLimiter.addCount.callsArgWith(1, null, false)
 			@res.send = (code)=>
 				code.should.equal 500
@@ -50,7 +50,7 @@ describe "PasswordResetController", ->
 
 		it "should tell the handler to process that email", (done)->
 			@RateLimiter.addCount.callsArgWith(1, null, true)
-			@PasswordResetHandler.generateAndEmailResetToken.callsArgWith(1)
+			@PasswordResetHandler.generateAndEmailResetToken.callsArgWith(1, null, true)
 			@res.send = (code)=>
 				code.should.equal 200
 				@PasswordResetHandler.generateAndEmailResetToken.calledWith(@email.trim()).should.equal true
@@ -65,11 +65,19 @@ describe "PasswordResetController", ->
 				done()
 			@PasswordResetController.requestReset @req, @res
 
+		it "should send a 404 if the email doesn't exist", (done)->
+			@RateLimiter.addCount.callsArgWith(1, null, true)
+			@PasswordResetHandler.generateAndEmailResetToken.callsArgWith(1, null, false)
+			@res.send = (code)=>
+				code.should.equal 404
+				done()
+			@PasswordResetController.requestReset @req, @res
+
 		it "should lowercase the email address", (done)->
 			@email = "UPerCaseEMAIL@example.Com"
 			@req.body.email = @email
 			@RateLimiter.addCount.callsArgWith(1, null, true)
-			@PasswordResetHandler.generateAndEmailResetToken.callsArgWith(1)
+			@PasswordResetHandler.generateAndEmailResetToken.callsArgWith(1, null, true)
 			@res.send = (code)=>
 				code.should.equal 200
 				@PasswordResetHandler.generateAndEmailResetToken.calledWith(@email.toLowerCase()).should.equal true

services/web/test/UnitTests/coffee/PasswordReset/PasswordResetHandlerTests.coffee

@@ -42,8 +42,8 @@ describe "PasswordResetHandler", ->
 		it "should check the user exists", (done)->
 			@UserGetter.getUser.callsArgWith(1)
 			@PasswordResetTokenHandler.getNewToken.callsArgWith(1)
-			@PasswordResetHandler.generateAndEmailResetToken @user.email, (err)=>
-				should.exist(err)
+			@PasswordResetHandler.generateAndEmailResetToken @user.email, (err, exists)=>
+				exists.should.equal false
 				done()
 
 
@@ -52,8 +52,9 @@ describe "PasswordResetHandler", ->
 			@UserGetter.getUser.callsArgWith(1, null, @user)
 			@PasswordResetTokenHandler.getNewToken.callsArgWith(1, null, @token)
 			@EmailHandler.sendEmail.callsArgWith(2)
-			@PasswordResetHandler.generateAndEmailResetToken @user.email, (err)=>
+			@PasswordResetHandler.generateAndEmailResetToken @user.email, (err, exists)=>
 				@EmailHandler.sendEmail.called.should.equal true
+				exists.should.equal true
 				args = @EmailHandler.sendEmail.args[0]
 				args[0].should.equal "passwordResetRequested"
 				args[1].setNewPasswordUrl.should.equal "#{@settings.siteUrl}/user/password/set?passwordResetToken=#{@token}"