discourse/db
Martin Brennan aca0f239c8
SECURITY: Prevent email from being nil in InviteRedeemer (#19005)
This commit adds some protections in InviteRedeemer to ensure that email
can never be nil, which could cause issues with inviting the invited
person to private topics since there was an incorrect inner join.

If the email is nil and the invite is scoped to an email, we just use
that invite.email unconditionally.  If a redeeming_user (an existing
    user) is passed in when redeeming an email, we use their email to
override the passed in email.  Otherwise we just use the passed in
email.  We now raise an error after all this if the email is still nil.
This commit also adds some tests to catch the private topic fix, and
some general improvements and comments around the invite code.

This commit also includes a migration to delete TopicAllowedUser records
for users who were mistakenly added to topics as part of the invite
redemption process.
2022-11-14 12:02:09 +10:00
..
fixtures DEV: update comments on unused Uploads. -4 is now considered reserved. (#14362) 2021-09-16 17:44:51 -04:00
migrate SECURITY: Prevent email from being nil in InviteRedeemer (#19005) 2022-11-14 12:02:09 +10:00
post_migrate SECURITY: Fix invite link validation (stable) (#18818) 2022-11-01 16:50:14 +00:00
api_test_seeds.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00