FEATURE: Retrieve an existing link only invite (#12575)

In Improve invite system, a newly created link only invite cannot be retrieved via API with the invitee's email once created. A new route, /invites/retrieve, is introduced to fetch an already created invite by email address.
2025-04-15 15:10:57 +08:00 · 2021-04-07 03:01:07 +12:00 · 2021-04-07 03:01:07 +12:00 · 0052fcf7c4
commit 0052fcf7c4
parent 1ebb40a713
3 changed files with 43 additions and 1 deletions
--- a/app/controllers/invites_controller.rb
+++ b/app/controllers/invites_controller.rb
@ -4,7 +4,7 @@ require 'csv'

 class InvitesController < ApplicationController

-  requires_login only: [:create, :destroy, :destroy_all_expired, :resend_invite, :resend_all_invites, :upload_csv]
+  requires_login only: [:create, :retrieve, :destroy, :destroy_all_expired, :resend_invite, :resend_all_invites, :upload_csv]

  skip_before_action :check_xhr, except: [:perform_accept_invitation]
  skip_before_action :preload_json, except: [:show]
@ -104,6 +104,17 @@ class InvitesController < ApplicationController
    end
  end

+  def retrieve
+    params.require(:email)
+
+    invite = Invite.find_by(invited_by: current_user, email: params[:email])
+    raise Discourse::InvalidParameters.new(:email) if invite.blank?
+
+    guardian.ensure_can_invite_to_forum!(nil)
+
+    render_serialized(invite, InviteSerializer, scope: guardian, root: nil, show_emails: params.has_key?(:email))
+  end
+
  def update
    invite = Invite.find_by(invited_by: current_user, id: params[:id])
    raise Discourse::InvalidParameters.new(:id) if invite.blank?
--- a/config/routes.rb
+++ b/config/routes.rb
@ -835,6 +835,7 @@ Discourse::Application.routes.draw do
    post "invites/reinvite-all" => "invites#resend_all_invites"
    delete "invites" => "invites#destroy"
    put "invites/show/:id" => "invites#perform_accept_invitation", as: 'perform_accept_invite'
+    get "invites/retrieve" => "invites#retrieve"

    resources :export_csv do
      collection do
--- a/spec/requests/invites_controller_spec.rb
+++ b/spec/requests/invites_controller_spec.rb
@ -252,6 +252,36 @@ describe InvitesController do
    end
  end

+  context '#retrieve' do
+    it 'requires to be logged in' do
+      get '/invites/retrieve.json', params: { email: 'test@example.com' }
+      expect(response.status).to eq(403)
+    end
+
+    context 'while logged in' do
+      before do
+        sign_in(user)
+      end
+
+      fab!(:invite) { Fabricate(:invite, invited_by: user, email: 'test@example.com') }
+
+      it 'raises an error when the email is missing' do
+        get '/invites/retrieve.json'
+        expect(response.status).to eq(400)
+      end
+
+      it 'raises an error when the email cannot be found' do
+        get '/invites/retrieve.json', params: { email: 'test2@example.com' }
+        expect(response.status).to eq(400)
+      end
+
+      it 'can retrieve the invite' do
+        get '/invites/retrieve.json', params: { email: 'test@example.com' }
+        expect(response.status).to eq(200)
+      end
+    end
+  end
+
  context '#update' do
    fab!(:invite) { Fabricate(:invite, invited_by: admin, email: 'test@example.com') }