github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-24 03:36:18 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: apply automatic group rules when using social login providers

Browse Source
This commit is contained in:
OsamaSayegh
2018-05-23 02:26:07 +03:00
parent 9f422c93f6
commit f6d412465b
4 changed files with 72 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
app/services/user_authenticator.rb
View File

@ -21,7 +21,10 @@ class UserAuthenticator
end end
def finish def finish
authenticator.after_create_account(@user, @session) if authenticator if authenticator
authenticator.after_create_account(@user, @session)
confirm_email
end
@session = nil @session = nil
end end
@ -30,11 +33,18 @@ class UserAuthenticator
end end
def authenticated? def authenticated?
@session && @session[:email] == @user.email && @session[:email_valid] @session && @session[:email]&.downcase == @user.email.downcase && @session[:email_valid].to_s == "true"
end end
private private
def confirm_email
if authenticated?
EmailToken.confirm(@user.email_tokens.first.token)
@user.set_automatic_groups
end
end
def authenticator def authenticator
if authenticator_name if authenticator_name
@authenticator ||= @authenticator_finder.find_authenticator(authenticator_name) @authenticator ||= @authenticator_finder.find_authenticator(authenticator_name)

4
lib/auth/google_oauth2_authenticator.rb
View File

@ -44,10 +44,6 @@ class Auth::GoogleOAuth2Authenticator < Auth::Authenticator
def after_create_account(user, auth) def after_create_account(user, auth)
data = auth[:extra_data] data = auth[:extra_data]
GoogleUserInfo.create({ user_id: user.id }.merge(data)) GoogleUserInfo.create({ user_id: user.id }.merge(data))
if auth[:email_valid].to_s == 'true' && data[:email]&.downcase == user.email
EmailToken.confirm(user.email_tokens.first.token)
user.set_automatic_groups
end
end end
def register_middleware(omniauth) def register_middleware(omniauth)

31
spec/components/auth/google_oauth2_authenticator_spec.rb
View File

@ -81,35 +81,4 @@ describe Auth::GoogleOAuth2Authenticator do
expect(result.extra_data[:name]).to eq("Jane Doe") expect(result.extra_data[:name]).to eq("Jane Doe")
end end
end end
context 'after_create_account' do
it 'confirms email' do
authenticator = Auth::GoogleOAuth2Authenticator.new
user = Fabricate(:user, email: 'realgoogleuser@gmail.com')
session = {
email_valid: "true",
extra_data: {
google_user_id: 1,
email: 'realgoogleuser@gmail.com'
}
}
authenticator.after_create_account(user, session)
expect(user.email_confirmed?).to eq(true)
end
it "doesn't confirm email if it was changed" do
authenticator = Auth::GoogleOAuth2Authenticator.new
user = Fabricate(:user, email: 'changed@gmail.com')
session = {
email_valid: "true",
extra_data: {
google_user_id: 1,
email: 'realgoogleuser@gmail.com'
}
}
authenticator.after_create_account(user, session)
expect(user.email_confirmed?).to eq(false)
end
end
end end

60
spec/services/user_authenticator_spec.rb Normal file
View File

@ -0,0 +1,60 @@
require 'rails_helper'
require_dependency 'user_authenticator'
def github_auth(email_valid)
{
email: "user53@discourse.org",
username: "joedoe546",
email_valid: email_valid,
omit_username: nil,
name: "Joe Doe 546",
authenticator_name: "github",
extra_data: {
github_user_id: "100",
github_screen_name: "joedoe546"
},
skip_email_validation: false
}
end
describe UserAuthenticator do
context "#finish" do
let(:authenticator) { Auth::GithubAuthenticator.new }
let(:group) { Fabricate(:group, automatic_membership_email_domains: "discourse.org") }
before do
SiteSetting.enable_github_logins = true
end
it "confirms email and adds the user to appropraite groups based on email" do
user = Fabricate(:user, email: "user53@discourse.org")
expect(group.usernames).not_to include(user.username)
authentication = github_auth(true)
UserAuthenticator.new(user, authentication: authentication).finish
expect(user.email_confirmed?).to be_truthy
expect(group.usernames).to include(user.username)
end
it "doesn't confirm email if email is invalid" do
user = Fabricate(:user, email: "user53@discourse.org")
authentication = github_auth(false)
UserAuthenticator.new(user, authentication: authentication).finish
expect(user.email_confirmed?).to be_falsey
expect(group.usernames).not_to include(user.username)
end
it "doesn't confirm email if it was changed" do
user = Fabricate(:user, email: "changed@discourse.org")
authentication = github_auth(true)
UserAuthenticator.new(user, authentication: authentication).finish
expect(user.email_confirmed?).to be_falsey
expect(group.usernames).not_to include(user.username)
end
end
end