mirror of
https://github.com/discourse/discourse.git
synced 2025-01-18 11:32:46 +08:00
FIX: always unstage users when they log in
This commit is contained in:
parent
be6404d651
commit
2cf6fb7359
|
@ -125,7 +125,8 @@ class Users::OmniauthCallbacksController < ApplicationController
|
|||
|
||||
# automatically activate/unstage any account if a provider marked the email valid
|
||||
if @auth_result.email_valid && @auth_result.email == user.email
|
||||
user.update!(staged: false)
|
||||
user.unstage
|
||||
user.save
|
||||
|
||||
# ensure there is an active email token
|
||||
unless EmailToken.where(email: user.email, confirmed: true).exists? ||
|
||||
|
|
|
@ -57,7 +57,8 @@ class DiscourseSingleSignOn < SingleSignOn
|
|||
end
|
||||
|
||||
# ensure it's not staged anymore
|
||||
user.staged = false
|
||||
user.unstage
|
||||
user.save
|
||||
|
||||
# if the user isn't new or it's attached to the SSO record we might be overriding username or email
|
||||
unless user.new_record?
|
||||
|
|
|
@ -269,15 +269,18 @@ class User < ActiveRecord::Base
|
|||
user
|
||||
end
|
||||
|
||||
def unstage
|
||||
self.staged = false
|
||||
self.custom_fields[FROM_STAGED] = true
|
||||
self.notifications.destroy_all
|
||||
DiscourseEvent.trigger(:user_unstaged, self)
|
||||
end
|
||||
|
||||
def self.unstage(params)
|
||||
if user = User.where(staged: true).with_email(params[:email].strip.downcase).first
|
||||
params.each { |k, v| user.send("#{k}=", v) }
|
||||
user.staged = false
|
||||
user.active = false
|
||||
user.custom_fields[FROM_STAGED] = true
|
||||
user.notifications.destroy_all
|
||||
|
||||
DiscourseEvent.trigger(:user_unstaged, user)
|
||||
user.unstage
|
||||
end
|
||||
user
|
||||
end
|
||||
|
|
|
@ -131,7 +131,6 @@ class Auth::DefaultCurrentUserProvider
|
|||
end
|
||||
|
||||
def refresh_session(user, session, cookies)
|
||||
|
||||
# if user was not loaded, no point refreshing session
|
||||
# it could be an anonymous path, this would add cost
|
||||
return if is_api? || !@env.key?(CURRENT_USER_KEY)
|
||||
|
@ -162,6 +161,7 @@ class Auth::DefaultCurrentUserProvider
|
|||
client_ip: @request.ip)
|
||||
|
||||
cookies[TOKEN_COOKIE] = cookie_hash(@user_token.unhashed_auth_token)
|
||||
unstage_user(user)
|
||||
make_developer_admin(user)
|
||||
enable_bootstrap_mode(user)
|
||||
@env[CURRENT_USER_KEY] = user
|
||||
|
@ -182,6 +182,13 @@ class Auth::DefaultCurrentUserProvider
|
|||
hash
|
||||
end
|
||||
|
||||
def unstage_user(user)
|
||||
if user.staged
|
||||
user.unstage
|
||||
user.save
|
||||
end
|
||||
end
|
||||
|
||||
def make_developer_admin(user)
|
||||
if user.active? &&
|
||||
!user.admin &&
|
||||
|
@ -193,11 +200,16 @@ class Auth::DefaultCurrentUserProvider
|
|||
end
|
||||
|
||||
def enable_bootstrap_mode(user)
|
||||
Jobs.enqueue(:enable_bootstrap_mode, user_id: user.id) if user.admin && user.last_seen_at.nil? && !SiteSetting.bootstrap_mode_enabled && user.is_singular_admin?
|
||||
return if SiteSetting.bootstrap_mode_enabled
|
||||
|
||||
if user.admin && user.last_seen_at.nil? && user.is_singular_admin?
|
||||
Jobs.enqueue(:enable_bootstrap_mode, user_id: user.id)
|
||||
end
|
||||
end
|
||||
|
||||
def log_off_user(session, cookies)
|
||||
user = current_user
|
||||
|
||||
if SiteSetting.log_out_strict && user
|
||||
user.user_auth_tokens.destroy_all
|
||||
|
||||
|
|
|
@ -313,6 +313,13 @@ describe Auth::DefaultCurrentUserProvider do
|
|||
expect(provider("/", "HTTP_COOKIE" => "_t=#{token.unhashed_auth_token}").current_user).to eq(nil)
|
||||
end
|
||||
|
||||
it "always unstage users" do
|
||||
staged_user = Fabricate(:user, staged: true)
|
||||
provider("/").log_on_user(staged_user, {}, {})
|
||||
staged_user.reload
|
||||
expect(staged_user.staged).to eq(false)
|
||||
end
|
||||
|
||||
context "user api" do
|
||||
let :user do
|
||||
Fabricate(:user)
|
||||
|
|
Loading…
Reference in New Issue
Block a user