From 9c40657ba4a23e2bea074fb1654923b17327ab84 Mon Sep 17 00:00:00 2001
From: Neil Lalonde <neillalonde@gmail.com>
Date: Wed, 28 Dec 2016 17:36:02 -0500
Subject: [PATCH] FIX: error during signup saying "Password is the same as your
 current password" due to automatic group membership granting a trust level

---
 app/models/group.rb      |  5 +++++
 app/models/user.rb       | 20 +++++++++++++++++---
 spec/models/user_spec.rb | 11 +++++++++++
 3 files changed, 33 insertions(+), 3 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index b97c34356c5..ecf0033ed39 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -370,6 +370,11 @@ class Group < ActiveRecord::Base
     self.where("string_to_array(incoming_email, '|') @> ARRAY[?]", Email.downcase(email)).first
   end
 
+  def self.grants_by_email_domain
+    Group.where(automatic: false)
+         .where("LENGTH(COALESCE(automatic_membership_email_domains, '')) > 0")
+  end
+
   def bulk_add(user_ids)
     if user_ids.present?
       Group.exec_sql("INSERT INTO group_users
diff --git a/app/models/user.rb b/app/models/user.rb
index b1c5273b495..27e87e3c6ec 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -930,9 +930,7 @@ class User < ActiveRecord::Base
   end
 
   def automatic_group_membership
-    Group.where(automatic: false)
-         .where("LENGTH(COALESCE(automatic_membership_email_domains, '')) > 0")
-         .each do |group|
+    Group.grants_by_email_domain.each do |group|
       domains = group.automatic_membership_email_domains.gsub('.', '\.')
       if self.email =~ Regexp.new("@(#{domains})$", true) && !group.users.include?(self)
         group.add(self)
@@ -941,6 +939,14 @@ class User < ActiveRecord::Base
     end
   end
 
+  def automatic_group_from_email
+    Group.grants_by_email_domain.each do |group|
+      domains = group.automatic_membership_email_domains.gsub('.', '\.')
+      return group if self.email =~ Regexp.new("@(#{domains})$", true)
+    end
+    nil
+  end
+
   def create_user_stat
     stat = UserStat.new(new_since: Time.now)
     stat.user_id = id
@@ -970,7 +976,15 @@ class User < ActiveRecord::Base
   def add_trust_level
     # there is a possibility we did not load trust level column, skip it
     return unless has_attribute? :trust_level
+
     self.trust_level ||= SiteSetting.default_trust_level
+
+    group_from_email = automatic_group_from_email
+    if group_from_email&.grant_trust_level &&
+        group_from_email.grant_trust_level > self.trust_level
+      self.trust_level = group_from_email.grant_trust_level
+      self.trust_level_locked = true
+    end
   end
 
   def update_username_lower
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index de661098940..dbec2af755a 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -1175,6 +1175,17 @@ describe User do
       expect(group_history.target_user).to eq(user)
     end
 
+    it "get attributes from the group" do
+      group = Fabricate(:group, automatic_membership_email_domains: "bar.com|wat.com", grant_trust_level: 1, title: "bars and wats", primary_group: true)
+      user = Fabricate.build(:user, trust_level: 0, email: "foo@bar.com", password: "strongpassword4Uguys")
+      user.password_required!
+      expect(user.save).to eq(true)
+      user.reload
+      expect(user.title).to eq("bars and wats")
+      expect(user.trust_level).to eq(1)
+      expect(user.trust_level_locked).to eq(true)
+    end
+
   end
 
   describe "number_of_flags_given" do