2019-04-30 08:27:42 +08:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2022-07-28 10:27:38 +08:00
|
|
|
RSpec.describe InviteRedeemer do
|
2022-06-03 11:43:52 +08:00
|
|
|
fab!(:admin) { Fabricate(:admin) }
|
2013-08-28 15:18:31 +08:00
|
|
|
|
2022-06-02 22:10:48 +08:00
|
|
|
describe '.create_user_from_invite' do
|
2013-08-28 15:18:31 +08:00
|
|
|
it "should be created correctly" do
|
2020-06-09 23:19:32 +08:00
|
|
|
invite = Fabricate(:invite, email: 'walter.white@email.com')
|
|
|
|
|
user = InviteRedeemer.create_user_from_invite(invite: invite, email: invite.email, username: 'walter', name: 'Walter White')
|
2014-12-31 22:55:03 +08:00
|
|
|
expect(user.username).to eq('walter')
|
|
|
|
|
expect(user.name).to eq('Walter White')
|
|
|
|
|
expect(user.email).to eq('walter.white@email.com')
|
2022-06-02 22:10:48 +08:00
|
|
|
expect(user.approved).to eq(false)
|
2021-04-14 17:15:56 +08:00
|
|
|
expect(user.active).to eq(false)
|
2013-08-28 15:18:31 +08:00
|
|
|
end
|
2017-02-14 05:19:41 +08:00
|
|
|
|
2019-04-13 15:34:25 +08:00
|
|
|
it "can set the password and ip_address" do
|
2017-02-14 05:19:41 +08:00
|
|
|
password = 's3cure5tpasSw0rD'
|
2019-04-13 15:34:25 +08:00
|
|
|
ip_address = '192.168.1.1'
|
2020-06-09 23:19:32 +08:00
|
|
|
invite = Fabricate(:invite, email: 'walter.white@email.com')
|
|
|
|
|
user = InviteRedeemer.create_user_from_invite(invite: invite, email: invite.email, username: 'walter', name: 'Walter White', password: password, ip_address: ip_address)
|
2017-02-14 05:19:41 +08:00
|
|
|
expect(user).to have_password
|
|
|
|
|
expect(user.confirm_password?(password)).to eq(true)
|
2022-06-02 22:10:48 +08:00
|
|
|
expect(user.approved).to eq(false)
|
2019-04-13 15:34:25 +08:00
|
|
|
expect(user.ip_address).to eq(ip_address)
|
|
|
|
|
expect(user.registration_ip_address).to eq(ip_address)
|
2017-02-14 05:19:41 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "raises exception with record and errors" do
|
|
|
|
|
error = nil
|
2020-06-09 23:19:32 +08:00
|
|
|
invite = Fabricate(:invite, email: 'walter.white@email.com')
|
2017-02-14 05:19:41 +08:00
|
|
|
begin
|
2020-06-09 23:19:32 +08:00
|
|
|
InviteRedeemer.create_user_from_invite(invite: invite, email: invite.email, username: 'walter', name: 'Walter White', password: 'aaa')
|
2017-02-14 05:19:41 +08:00
|
|
|
rescue ActiveRecord::RecordInvalid => e
|
|
|
|
|
error = e
|
|
|
|
|
end
|
|
|
|
|
expect(error).to be_present
|
|
|
|
|
expect(error.record.errors[:password]).to be_present
|
|
|
|
|
end
|
2018-01-19 22:29:15 +08:00
|
|
|
|
|
|
|
|
it "should unstage user" do
|
|
|
|
|
staged_user = Fabricate(:staged, email: 'staged@account.com', active: true, username: 'staged1', name: 'Stage Name')
|
2020-06-09 23:19:32 +08:00
|
|
|
invite = Fabricate(:invite, email: 'staged@account.com')
|
|
|
|
|
user = InviteRedeemer.create_user_from_invite(invite: invite, email: invite.email, username: 'walter', name: 'Walter White')
|
2018-01-19 22:29:15 +08:00
|
|
|
|
|
|
|
|
expect(user.id).to eq(staged_user.id)
|
|
|
|
|
expect(user.username).to eq('walter')
|
|
|
|
|
expect(user.name).to eq('Walter White')
|
2018-12-11 06:24:02 +08:00
|
|
|
expect(user.staged).to eq(false)
|
2018-01-19 22:29:15 +08:00
|
|
|
expect(user.email).to eq('staged@account.com')
|
2022-06-02 22:10:48 +08:00
|
|
|
expect(user.approved).to eq(false)
|
2018-01-19 22:29:15 +08:00
|
|
|
end
|
2019-07-19 13:59:12 +08:00
|
|
|
|
2021-04-14 17:15:56 +08:00
|
|
|
it "activates user invited via email with a token" do
|
|
|
|
|
invite = Fabricate(:invite, invited_by: Fabricate(:admin), email: 'walter.white@email.com', emailed_status: Invite.emailed_status_types[:sent])
|
|
|
|
|
user = InviteRedeemer.create_user_from_invite(invite: invite, email: invite.email, username: 'walter', name: 'Walter White', email_token: invite.email_token)
|
|
|
|
|
|
|
|
|
|
expect(user.username).to eq('walter')
|
|
|
|
|
expect(user.name).to eq('Walter White')
|
|
|
|
|
expect(user.email).to eq('walter.white@email.com')
|
2022-06-02 22:10:48 +08:00
|
|
|
expect(user.approved).to eq(false)
|
2021-04-14 17:15:56 +08:00
|
|
|
expect(user.active).to eq(true)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "does not activate user invited via email with a wrong token" do
|
|
|
|
|
invite = Fabricate(:invite, invited_by: Fabricate(:user), email: 'walter.white@email.com', emailed_status: Invite.emailed_status_types[:sent])
|
|
|
|
|
user = InviteRedeemer.create_user_from_invite(invite: invite, email: invite.email, username: 'walter', name: 'Walter White', email_token: 'wrong_token')
|
|
|
|
|
expect(user.active).to eq(false)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "does not activate user invited via email without a token" do
|
|
|
|
|
invite = Fabricate(:invite, invited_by: Fabricate(:user), email: 'walter.white@email.com', emailed_status: Invite.emailed_status_types[:sent])
|
|
|
|
|
user = InviteRedeemer.create_user_from_invite(invite: invite, email: invite.email, username: 'walter', name: 'Walter White')
|
|
|
|
|
expect(user.active).to eq(false)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "does not activate user invited via links" do
|
2020-06-09 23:19:32 +08:00
|
|
|
invite = Fabricate(:invite, email: 'walter.white@email.com', emailed_status: Invite.emailed_status_types[:not_required])
|
|
|
|
|
user = InviteRedeemer.create_user_from_invite(invite: invite, email: invite.email, username: 'walter', name: 'Walter White')
|
|
|
|
|
|
2019-07-19 13:59:12 +08:00
|
|
|
expect(user.username).to eq('walter')
|
|
|
|
|
expect(user.name).to eq('Walter White')
|
|
|
|
|
expect(user.email).to eq('walter.white@email.com')
|
2021-06-07 23:57:08 +08:00
|
|
|
expect(user.approved).to eq(false)
|
2022-06-02 22:10:48 +08:00
|
|
|
expect(user.active).to eq(false)
|
2021-06-07 23:57:08 +08:00
|
|
|
end
|
2022-06-03 11:43:52 +08:00
|
|
|
|
|
|
|
|
it "approves and actives user when redeeming an invite with email token and SiteSetting.invite_only is enabled" do
|
|
|
|
|
SiteSetting.invite_only = true
|
|
|
|
|
Jobs.run_immediately!
|
|
|
|
|
|
|
|
|
|
invite = Fabricate(:invite,
|
|
|
|
|
invited_by: admin,
|
|
|
|
|
email: 'walter.white@email.com',
|
|
|
|
|
emailed_status: Invite.emailed_status_types[:sent],
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
user = InviteRedeemer.create_user_from_invite(
|
|
|
|
|
invite: invite,
|
|
|
|
|
email: invite.email,
|
|
|
|
|
email_token: invite.email_token,
|
|
|
|
|
username: 'walter',
|
|
|
|
|
name: 'Walter White'
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
expect(user.name).to eq("Walter White")
|
|
|
|
|
expect(user.username).to eq("walter")
|
|
|
|
|
expect(user.email).to eq("walter.white@email.com")
|
|
|
|
|
expect(user.approved).to eq(true)
|
|
|
|
|
expect(user.active).to eq(true)
|
|
|
|
|
expect(ReviewableUser.count).to eq(0)
|
|
|
|
|
end
|
2013-08-28 15:18:31 +08:00
|
|
|
end
|
2016-07-13 11:58:31 +08:00
|
|
|
|
|
|
|
|
describe "#redeem" do
|
2020-04-01 02:29:15 +08:00
|
|
|
fab!(:invite) { Fabricate(:invite, email: "foobar@example.com") }
|
2016-07-13 11:58:31 +08:00
|
|
|
let(:name) { 'john snow' }
|
|
|
|
|
let(:username) { 'kingofthenorth' }
|
2017-02-14 05:19:41 +08:00
|
|
|
let(:password) { 'know5nOthiNG' }
|
2020-06-09 23:19:32 +08:00
|
|
|
let(:invite_redeemer) { InviteRedeemer.new(invite: invite, email: invite.email, username: username, name: name) }
|
2016-07-13 11:58:31 +08:00
|
|
|
|
2022-06-02 22:10:48 +08:00
|
|
|
context "when must_approve_users setting is enabled" do
|
|
|
|
|
before do
|
|
|
|
|
SiteSetting.must_approve_users = true
|
|
|
|
|
end
|
2016-07-13 11:58:31 +08:00
|
|
|
|
2022-06-02 22:10:48 +08:00
|
|
|
it "should redeem an invite but not approve the user when invite is created by a staff user" do
|
|
|
|
|
inviter = invite.invited_by
|
|
|
|
|
inviter.update!(admin: true)
|
|
|
|
|
user = invite_redeemer.redeem
|
2017-03-05 21:55:21 +08:00
|
|
|
|
2022-06-02 22:10:48 +08:00
|
|
|
expect(user.name).to eq(name)
|
|
|
|
|
expect(user.username).to eq(username)
|
|
|
|
|
expect(user.invited_by).to eq(inviter)
|
|
|
|
|
expect(user.approved).to eq(false)
|
2017-03-05 21:55:21 +08:00
|
|
|
|
2022-06-02 22:10:48 +08:00
|
|
|
expect(inviter.notifications.count).to eq(1)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "should redeem the invite but not approve the user when invite is created by a regular user" do
|
|
|
|
|
inviter = invite.invited_by
|
|
|
|
|
user = invite_redeemer.redeem
|
|
|
|
|
|
|
|
|
|
expect(user.name).to eq(name)
|
|
|
|
|
expect(user.username).to eq(username)
|
|
|
|
|
expect(user.invited_by).to eq(inviter)
|
|
|
|
|
expect(user.approved).to eq(false)
|
|
|
|
|
|
|
|
|
|
expect(inviter.notifications.count).to eq(1)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "should redeem the invite and approve the user when user email is in auto_approve_email_domains setting" do
|
|
|
|
|
SiteSetting.auto_approve_email_domains = "example.com"
|
|
|
|
|
user = invite_redeemer.redeem
|
|
|
|
|
|
|
|
|
|
expect(user.name).to eq(name)
|
|
|
|
|
expect(user.username).to eq(username)
|
|
|
|
|
expect(user.approved).to eq(true)
|
|
|
|
|
expect(user.approved_by).to eq(Discourse.system_user)
|
|
|
|
|
end
|
2017-03-05 21:55:21 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "should redeem the invite if invited by non staff and approve if staff not required to approve" do
|
|
|
|
|
inviter = invite.invited_by
|
|
|
|
|
user = invite_redeemer.redeem
|
|
|
|
|
|
|
|
|
|
expect(user.name).to eq(name)
|
|
|
|
|
expect(user.username).to eq(username)
|
|
|
|
|
expect(user.invited_by).to eq(inviter)
|
|
|
|
|
expect(inviter.notifications.count).to eq(1)
|
2022-06-02 22:10:48 +08:00
|
|
|
expect(user.approved).to eq(false)
|
2020-04-01 02:29:15 +08:00
|
|
|
end
|
|
|
|
|
|
2020-06-09 23:19:32 +08:00
|
|
|
it "should delete invite if invited_by user has been removed" do
|
2016-07-13 11:58:31 +08:00
|
|
|
invite.invited_by.destroy!
|
2020-06-09 23:19:32 +08:00
|
|
|
expect { invite.reload }.to raise_error(ActiveRecord::RecordNotFound)
|
2016-07-13 11:58:31 +08:00
|
|
|
end
|
2017-02-14 05:19:41 +08:00
|
|
|
|
|
|
|
|
it "can set password" do
|
2020-06-09 23:19:32 +08:00
|
|
|
user = InviteRedeemer.new(invite: invite, email: invite.email, username: username, name: name, password: password).redeem
|
2017-02-14 05:19:41 +08:00
|
|
|
expect(user).to have_password
|
|
|
|
|
expect(user.confirm_password?(password)).to eq(true)
|
2022-06-02 22:10:48 +08:00
|
|
|
expect(user.approved).to eq(false)
|
2017-02-14 05:19:41 +08:00
|
|
|
end
|
2017-06-09 03:10:43 +08:00
|
|
|
|
|
|
|
|
it "can set custom fields" do
|
|
|
|
|
required_field = Fabricate(:user_field)
|
|
|
|
|
optional_field = Fabricate(:user_field, required: false)
|
|
|
|
|
user_fields = {
|
|
|
|
|
required_field.id.to_s => 'value1',
|
|
|
|
|
optional_field.id.to_s => 'value2'
|
|
|
|
|
}
|
2020-06-09 23:19:32 +08:00
|
|
|
user = InviteRedeemer.new(invite: invite, email: invite.email, username: username, name: name, password: password, user_custom_fields: user_fields).redeem
|
2017-06-09 03:10:43 +08:00
|
|
|
|
|
|
|
|
expect(user).to be_present
|
|
|
|
|
expect(user.custom_fields["user_field_#{required_field.id}"]).to eq('value1')
|
|
|
|
|
expect(user.custom_fields["user_field_#{optional_field.id}"]).to eq('value2')
|
|
|
|
|
end
|
2017-11-24 00:39:24 +08:00
|
|
|
|
2020-06-15 17:13:56 +08:00
|
|
|
it "does not add user to group if inviter does not have permissions" do
|
|
|
|
|
group = Fabricate(:group, grant_trust_level: 2)
|
|
|
|
|
InvitedGroup.create(group_id: group.id, invite_id: invite.id)
|
|
|
|
|
user = InviteRedeemer.new(invite: invite, email: invite.email, username: username, name: name, password: password).redeem
|
|
|
|
|
|
|
|
|
|
expect(user.group_users.count).to eq(0)
|
|
|
|
|
end
|
|
|
|
|
|
2017-11-24 00:39:24 +08:00
|
|
|
it "adds user to group" do
|
|
|
|
|
group = Fabricate(:group, grant_trust_level: 2)
|
|
|
|
|
InvitedGroup.create(group_id: group.id, invite_id: invite.id)
|
2020-06-15 17:13:56 +08:00
|
|
|
group.add_owner(invite.invited_by)
|
|
|
|
|
|
2020-06-09 23:19:32 +08:00
|
|
|
user = InviteRedeemer.new(invite: invite, email: invite.email, username: username, name: name, password: password).redeem
|
2017-11-24 00:39:24 +08:00
|
|
|
|
|
|
|
|
expect(user.group_users.count).to eq(4)
|
|
|
|
|
expect(user.trust_level).to eq(2)
|
|
|
|
|
end
|
2018-04-27 21:51:10 +08:00
|
|
|
|
|
|
|
|
it "only allows one user to be created per invite" do
|
|
|
|
|
user = invite_redeemer.redeem
|
|
|
|
|
invite.reload
|
|
|
|
|
|
|
|
|
|
user.email = "john@example.com"
|
|
|
|
|
user.save!
|
|
|
|
|
|
2020-06-09 23:19:32 +08:00
|
|
|
another_invite_redeemer = InviteRedeemer.new(invite: invite, email: invite.email, username: username, name: name)
|
2018-04-27 21:51:10 +08:00
|
|
|
another_user = another_invite_redeemer.redeem
|
|
|
|
|
expect(another_user).to eq(nil)
|
|
|
|
|
end
|
2019-12-17 23:13:49 +08:00
|
|
|
|
|
|
|
|
it "should correctly update the invite redeemed_at date" do
|
|
|
|
|
SiteSetting.invite_expiry_days = 2
|
|
|
|
|
invite.update!(created_at: 10.days.ago)
|
|
|
|
|
|
|
|
|
|
inviter = invite.invited_by
|
|
|
|
|
inviter.admin = true
|
|
|
|
|
user = invite_redeemer.redeem
|
|
|
|
|
invite.reload
|
|
|
|
|
|
|
|
|
|
expect(user.invited_by).to eq(inviter)
|
|
|
|
|
expect(inviter.notifications.count).to eq(1)
|
2020-06-09 23:19:32 +08:00
|
|
|
expect(invite.invited_users.first).to be_present
|
|
|
|
|
end
|
|
|
|
|
|
2022-11-02 00:33:32 +08:00
|
|
|
it "raises an error if the email does not match the invite email" do
|
|
|
|
|
redeemer = InviteRedeemer.new(invite: invite, email: "blah@test.com", username: username, name: name)
|
|
|
|
|
expect { redeemer.redeem }.to raise_error(ActiveRecord::RecordNotSaved, I18n.t("invite.not_matching_email"))
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context "when a redeeming user is passed in" do
|
|
|
|
|
fab!(:redeeming_user) { Fabricate(:user, email: "foobar@example.com") }
|
|
|
|
|
|
|
|
|
|
it "raises an error if the email does not match the invite email" do
|
|
|
|
|
redeeming_user.update!(email: "foo@bar.com")
|
|
|
|
|
redeemer = InviteRedeemer.new(invite: invite, redeeming_user: redeeming_user)
|
|
|
|
|
expect { redeemer.redeem }.to raise_error(ActiveRecord::RecordNotSaved, I18n.t("invite.not_matching_email"))
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with domain' do
|
|
|
|
|
fab!(:invite) { Fabricate(:invite, email: nil, domain: "test.com") }
|
|
|
|
|
|
|
|
|
|
it "raises an error if the email domain does not match the invite domain" do
|
|
|
|
|
redeemer = InviteRedeemer.new(invite: invite, email: "blah@somesite.com", username: username, name: name)
|
|
|
|
|
expect { redeemer.redeem }.to raise_error(ActiveRecord::RecordNotSaved, I18n.t("invite.domain_not_allowed"))
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context "when a redeeming user is passed in" do
|
|
|
|
|
fab!(:redeeming_user) { Fabricate(:user, email: "foo@test.com") }
|
|
|
|
|
|
|
|
|
|
it "raises an error if the user's email domain does not match the invite domain" do
|
|
|
|
|
redeeming_user.update!(email: "foo@bar.com")
|
|
|
|
|
redeemer = InviteRedeemer.new(invite: invite, redeeming_user: redeeming_user)
|
|
|
|
|
expect { redeemer.redeem }.to raise_error(ActiveRecord::RecordNotSaved, I18n.t("invite.domain_not_allowed"))
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2022-07-28 00:14:14 +08:00
|
|
|
context 'with invite_link' do
|
2021-01-20 16:50:02 +08:00
|
|
|
fab!(:invite_link) { Fabricate(:invite, email: nil, max_redemptions_allowed: 5, expires_at: 1.month.from_now, emailed_status: Invite.emailed_status_types[:not_required]) }
|
2020-06-09 23:19:32 +08:00
|
|
|
let(:invite_redeemer) { InviteRedeemer.new(invite: invite_link, email: 'foo@example.com') }
|
|
|
|
|
|
|
|
|
|
it 'works as expected' do
|
|
|
|
|
user = invite_redeemer.redeem
|
|
|
|
|
invite_link.reload
|
|
|
|
|
|
|
|
|
|
expect(user.send_welcome_message).to eq(true)
|
|
|
|
|
expect(user.trust_level).to eq(SiteSetting.default_invitee_trust_level)
|
|
|
|
|
expect(user.active).to eq(false)
|
|
|
|
|
expect(invite_link.redemption_count).to eq(1)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "should not redeem the invite if InvitedUser record already exists for email" do
|
2022-11-02 00:33:32 +08:00
|
|
|
invite_redeemer.redeem
|
2020-06-09 23:19:32 +08:00
|
|
|
invite_link.reload
|
|
|
|
|
|
|
|
|
|
another_invite_redeemer = InviteRedeemer.new(invite: invite_link, email: 'foo@example.com')
|
|
|
|
|
another_user = another_invite_redeemer.redeem
|
|
|
|
|
expect(another_user).to eq(nil)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "should redeem the invite if InvitedUser record does not exists for email" do
|
2022-11-02 00:33:32 +08:00
|
|
|
invite_redeemer.redeem
|
2020-06-09 23:19:32 +08:00
|
|
|
invite_link.reload
|
|
|
|
|
|
|
|
|
|
another_invite_redeemer = InviteRedeemer.new(invite: invite_link, email: 'bar@example.com')
|
|
|
|
|
another_user = another_invite_redeemer.redeem
|
|
|
|
|
expect(another_user.is_a?(User)).to eq(true)
|
|
|
|
|
end
|
2019-12-17 23:13:49 +08:00
|
|
|
|
2022-11-02 00:33:32 +08:00
|
|
|
it "raises an error if the email is already being used by an existing user" do
|
|
|
|
|
Fabricate(:user, email: 'foo@example.com')
|
|
|
|
|
expect { invite_redeemer.redeem }.to raise_error(ActiveRecord::RecordInvalid, /Primary email has already been taken/)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context "when a redeeming user is passed in" do
|
|
|
|
|
fab!(:redeeming_user) { Fabricate(:user, email: 'foo@example.com') }
|
|
|
|
|
|
|
|
|
|
it "does not create a new user" do
|
|
|
|
|
expect do
|
|
|
|
|
InviteRedeemer.new(invite: invite_link, redeeming_user: redeeming_user).redeem
|
|
|
|
|
end.not_to change { User.count }
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
2016-07-13 11:58:31 +08:00
|
|
|
end
|
2013-08-28 15:18:31 +08:00
|
|
|
end
|
