From 19ba95e88b18298a32fbecef6d027181c7f916f6 Mon Sep 17 00:00:00 2001
From: Anna Headley <anna.headley@gmail.com>
Date: Fri, 28 Feb 2020 16:45:44 -0500
Subject: [PATCH] Allow external users

Their uid and username are both their email address. princeton.edu is no
longer appended to make the email address if the uid is already an email address.
---
 app/models/user.rb       | 15 +++++++-
 spec/models/user_spec.rb | 81 +++++++++++++++++++++++++++++-----------
 2 files changed, 73 insertions(+), 23 deletions(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index 799e2608..bd79ece4 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -25,19 +25,30 @@ def to_s
 
   def set_cas_defaults
     self.provider = "cas"
-    self.username = email.gsub(/@.*/, '')
+    self.username = default_username
     self.uid = username
   end
 
+  def default_username
+    username, domain = email.split('@')
+    return username if domain == "princeton.edu"
+    email
+  end
+
   def self.from_omniauth(access_token)
     User.where(provider: access_token.provider, uid: access_token.uid, email: "#{access_token.uid}@princeton.edu").first_or_create do |user|
       user.uid = access_token.uid
       user.provider = access_token.provider
       user.username = access_token.uid
-      user.email = "#{access_token.uid}@princeton.edu"
+      user.email = initialize_email(access_token.uid)
     end
   end
 
+  def self.initialize_email(uid)
+    return uid if /@/.match?(uid)
+    "#{uid}@princeton.edu"
+  end
+
   # No reason to ever send invites, because of CAS.
   def invite_pending?
     false
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index a238b04d..5d76b819 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -10,31 +10,70 @@
   end
 
   describe ".from_omniauth" do
-    let(:token) { OmniAuth::AuthHash::InfoHash.new(provider: "cas", uid: "test") }
-    let(:user) { described_class.from_omniauth(token) }
+    context "with a campus user" do
+      let(:token) { OmniAuth::AuthHash::InfoHash.new(provider: "cas", uid: "test") }
+      let(:user) { described_class.from_omniauth(token) }
 
-    it "creates a persisted user" do
-      expect(user).to be_persisted
+      it "creates a persisted user" do
+        expect(user).to be_persisted
+      end
+      it "has a cas provider" do
+        expect(user.provider).to eq "cas"
+      end
+      it "has a uid" do
+        expect(user.uid).to eq "test"
+      end
+      it "has a username" do
+        expect(user.username).to eq "test"
+      end
+      it "creates an email address based on netid" do
+        expect(user.email).to eq("test@princeton.edu")
+      end
+      it "doesn't make them an administrator" do
+        expect(user.roles).to eq []
+      end
     end
-    it "has a cas provider" do
-      expect(user.provider).to eq "cas"
-    end
-    it "has a uid" do
-      expect(user.uid).to eq "test"
-    end
-    it "has a username" do
-      expect(user.username).to eq "test"
-    end
-    it "doesn't make them an administrator" do
-      expect(user.roles).to eq []
+
+    context "with an external user" do
+      let(:token) { OmniAuth::AuthHash::InfoHash.new(provider: "cas", uid: "test@example.com") }
+      let(:user) { described_class.from_omniauth(token) }
+
+      it "creates a persisted user" do
+        expect(user).to be_persisted
+      end
+      it "has a cas provider" do
+        expect(user.provider).to eq "cas"
+      end
+      it "has a uid" do
+        expect(user.uid).to eq "test@example.com"
+      end
+      it "has a username" do
+        expect(user.username).to eq "test@example.com"
+      end
+      it "has email equal to uid" do
+        expect(user.email).to eq("test@example.com")
+      end
+      it "doesn't make them an administrator" do
+        expect(user.roles).to eq []
+      end
     end
   end
 
-  it "can invite users" do
-    expect { described_class.invite!(email: 'a-user-that-does-not-exist@princeton.edu', skip_invitation: true) }.not_to raise_error
-    expect(described_class.last.provider).to eq "cas"
-    expect(described_class.last.uid).to eq "a-user-that-does-not-exist"
-    expect(described_class.last.username).to eq "a-user-that-does-not-exist"
-    expect(described_class.last.invite_pending?).to eq false
+  describe "inviting users" do
+    it "can invite campus users" do
+      expect { described_class.invite!(email: 'a-user-that-does-not-exist@princeton.edu', skip_invitation: true) }.not_to raise_error
+      expect(described_class.last.provider).to eq "cas"
+      expect(described_class.last.uid).to eq "a-user-that-does-not-exist"
+      expect(described_class.last.username).to eq "a-user-that-does-not-exist"
+      expect(described_class.last.invite_pending?).to eq false
+    end
+
+    it "can invite external users" do
+      expect { described_class.invite!(email: 'new-user@example.com', skip_invitation: true) }.not_to raise_error
+      expect(described_class.last.provider).to eq "cas"
+      expect(described_class.last.uid).to eq "new-user@example.com"
+      expect(described_class.last.username).to eq "new-user@example.com"
+      expect(described_class.last.invite_pending?).to eq false
+    end
   end
 end