Skip to content

Commit

Permalink
🐛 fix owner user slug (#8263)
Browse files Browse the repository at this point in the history 
closes #8067

- this is only a bug present for remote authentication
- right now the remote service does not return the name of the user
- depends on an internal PR
- force regenerating the slug on setup
- override name for signin or invite if needed
  • Loading branch information
@kirrg001 @ErisDS
kirrg001 authored and ErisDS committed Apr 4, 2017
1 parent 9b73949 commit d4836af
Show file tree
Hide file tree
Showing 2 changed files with 43 additions and 30 deletions.
7 changes: 5 additions & 2 deletions core/server/auth/auth-strategies.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,12 +115,11 @@ strategies = {

return models.User.add({
email: profile.email,
name: profile.email,
name: profile.name,
password: utils.uid(50),
roles: [invite.toJSON().role_id],
ghost_auth_id: profile.id,
ghost_auth_access_token: ghostAuthAccessToken

}, options);
})
.then(function destroyInvite(_user) {
Expand All @@ -141,8 +140,11 @@ strategies = {
});
}

// CASE: slug null forces regenerating the slug (ghost-owner is default and needs to be overridden)
return models.User.edit({
email: profile.email,
name: profile.name,
slug: null,
status: 'active',
ghost_auth_id: profile.id,
ghost_auth_access_token: ghostAuthAccessToken
Expand All @@ -169,6 +171,7 @@ strategies = {

return models.User.edit({
email: profile.email,
name: profile.name,
ghost_auth_id: profile.id,
ghost_auth_access_token: ghostAuthAccessToken
}, _.merge({id: user.id}, options));
Expand Down
66 changes: 38 additions & 28 deletions core/test/unit/auth/auth-strategies_spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -226,13 +226,13 @@ describe('Auth Strategies', function () {
});

describe('Ghost Strategy', function () {
var inviteStub, userAddStub, userEditStub, userFindOneStub;
var inviteFindOneStub, userAddStub, userEditStub, userFindOneStub;

beforeEach(function () {
userFindOneStub = sandbox.stub(Models.User, 'findOne');
userAddStub = sandbox.stub(Models.User, 'add');
userEditStub = sandbox.stub(Models.User, 'edit');
inviteStub = sandbox.stub(Models.Invite, 'findOne');
inviteFindOneStub = sandbox.stub(Models.Invite, 'findOne');
});

it('with invite, but with wrong invite token', function (done) {
Expand All @@ -241,13 +241,13 @@ describe('Auth Strategies', function () {
profile = {email: 'test@example.com', id: '1234'};

userFindOneStub.returns(Promise.resolve(null));
inviteStub.returns(Promise.reject(new errors.NotFoundError()));
inviteFindOneStub.returns(Promise.reject(new errors.NotFoundError()));

authStrategies.ghostStrategy(req, ghostAuthAccessToken, null, profile, function (err) {
should.exist(err);
(err instanceof errors.NotFoundError).should.eql(true);
userFindOneStub.calledOnce.should.be.false();
inviteStub.calledOnce.should.be.true();
inviteFindOneStub.calledOnce.should.be.true();
done();
});
});
Expand All @@ -258,7 +258,7 @@ describe('Auth Strategies', function () {
profile = {email: 'test@example.com', id: '1234'};

userFindOneStub.returns(Promise.resolve(null));
inviteStub.returns(Promise.resolve(Models.Invite.forge({
inviteFindOneStub.returns(Promise.resolve(Models.Invite.forge({
id: 1,
token: 'token',
expires: Date.now() - 1000
Expand All @@ -268,26 +268,40 @@ describe('Auth Strategies', function () {
should.exist(err);
(err instanceof errors.NotFoundError).should.eql(true);
userFindOneStub.calledOnce.should.be.false();
inviteStub.calledOnce.should.be.true();
inviteFindOneStub.calledOnce.should.be.true();
done();
});
});

it('with correct invite token', function (done) {
var ghostAuthAccessToken = '12345',
req = {body: {inviteToken: 'token'}},
invitedProfile = {email: 'test@example.com', id: '1234'},
invitedProfile = {email: 'test@example.com', name: 'Wolfram Alpha', id: '1234'},
invitedUser = {id: 2},
inviteModel = Models.Invite.forge({
id: 1,
token: 'token',
expires: Date.now() + 1000
expires: Date.now() + 2000,
role_id: '2'
});

sandbox.stub(globalUtils, 'uid').returns('12345678');

userFindOneStub.returns(Promise.resolve(null));
userAddStub.returns(Promise.resolve(invitedUser));

userAddStub.withArgs({
email: invitedProfile.email,
name: invitedProfile.name,
password: '12345678',
roles: [inviteModel.get('role_id')],
ghost_auth_id: invitedProfile.id,
ghost_auth_access_token: ghostAuthAccessToken
}, {
context: {internal: true}
}).returns(Promise.resolve(invitedUser));

userEditStub.returns(Promise.resolve(invitedUser));
inviteStub.returns(Promise.resolve(inviteModel));
inviteFindOneStub.returns(Promise.resolve(inviteModel));
sandbox.stub(inviteModel, 'destroy').returns(Promise.resolve());

authStrategies.ghostStrategy(req, ghostAuthAccessToken, null, invitedProfile, function (err, user, profile) {
Expand All @@ -297,16 +311,17 @@ describe('Auth Strategies', function () {
user.should.eql(invitedUser);
profile.should.eql(invitedProfile);

userAddStub.calledOnce.should.be.true();
userFindOneStub.calledOnce.should.be.false();
inviteStub.calledOnce.should.be.true();
inviteFindOneStub.calledOnce.should.be.true();
done();
});
});

it('setup', function (done) {
var ghostAuthAccessToken = '12345',
req = {body: {}},
ownerProfile = {email: 'test@example.com', id: '1234'},
ownerProfile = {email: 'test@example.com', name: 'Wolfram Alpha', id: '1234'},
owner = {id: 2};

userFindOneStub.withArgs({ghost_auth_id: ownerProfile.id})
Expand All @@ -316,28 +331,22 @@ describe('Auth Strategies', function () {
.returns(Promise.resolve(_.merge({}, {status: 'inactive'}, owner)));

userEditStub.withArgs({
email: ownerProfile.email,
name: ownerProfile.name,
slug: null,
status: 'active',
email: 'test@example.com',
ghost_auth_id: ownerProfile.id,
ghost_auth_access_token: ghostAuthAccessToken
}, {
context: {internal: true},
id: owner.id
}).returns(Promise.resolve(owner));

userEditStub.withArgs({
ghost_auth_access_token: ghostAuthAccessToken,
ghost_auth_id: ownerProfile.id,
email: ownerProfile.email
}, {
context: {internal: true},
id: owner.id
}).returns(Promise.resolve(owner));

authStrategies.ghostStrategy(req, ghostAuthAccessToken, null, ownerProfile, function (err, user, profile) {
should.not.exist(err);
userFindOneStub.calledTwice.should.be.true();
inviteStub.calledOnce.should.be.false();
inviteFindOneStub.calledOnce.should.be.false();
userEditStub.calledOnce.should.be.true();

should.exist(user);
should.exist(profile);
Expand All @@ -350,7 +359,7 @@ describe('Auth Strategies', function () {
it('sign in', function (done) {
var ghostAuthAccessToken = '12345',
req = {body: {}},
ownerProfile = {email: 'test@example.com', id: '12345'},
ownerProfile = {email: 'test@example.com', name: 'Wolfram Alpha', id: '12345'},
owner = {
id: 2, isActive: function () {
return true;
Expand All @@ -359,9 +368,10 @@ describe('Auth Strategies', function () {

userFindOneStub.returns(Promise.resolve(owner));
userEditStub.withArgs({
email: ownerProfile.email,
name: ownerProfile.name,
ghost_auth_access_token: ghostAuthAccessToken,
ghost_auth_id: ownerProfile.id,
email: ownerProfile.email
ghost_auth_id: ownerProfile.id
}, {
context: {internal: true},
id: owner.id
Expand All @@ -371,7 +381,7 @@ describe('Auth Strategies', function () {
should.not.exist(err);
userFindOneStub.calledOnce.should.be.true();
userEditStub.calledOnce.should.be.true();
inviteStub.calledOnce.should.be.false();
inviteFindOneStub.calledOnce.should.be.false();

should.exist(user);
should.exist(profile);
Expand Down Expand Up @@ -407,7 +417,7 @@ describe('Auth Strategies', function () {

userFindOneStub.calledOnce.should.be.true();
userEditStub.calledOnce.should.be.false();
inviteStub.calledOnce.should.be.false();
inviteFindOneStub.calledOnce.should.be.false();

should.not.exist(user);
should.not.exist(profile);
Expand Down

0 comments on commit d4836af

Please sign in to comment.