Use realm from current membership for emails (#1445)

* use realm from current membership for emails * one more * reset password only if membership exists
google · Dec 22, 2020 · c014257 · c014257
1 parent 618bd91
commit c014257
Show file tree

Hide file tree

Showing 6 changed files with 23 additions and 34 deletions.
diff --git a/pkg/controller/email.go b/pkg/controller/email.go
@@ -24,13 +24,8 @@ import (
 )
 
 // SendInviteEmailFunc returns a function capable of sending a new user invitation.
-func SendInviteEmailFunc(ctx context.Context, db *database.Database, h render.Renderer, email string) (auth.InviteUserEmailFunc, error) {
-	// Lookup the realm to get the email provider
-	realm := RealmFromContext(ctx)
-	if realm == nil {
-		return nil, nil
-	}
-
+func SendInviteEmailFunc(ctx context.Context, db *database.Database, h render.Renderer, email string,
+	realm *database.Realm) (auth.InviteUserEmailFunc, error) {
 	// Lookup the email provider
 	emailer, err := realm.EmailProvider(db)
 	if err != nil {
@@ -77,13 +72,8 @@ func SendInviteEmailFunc(ctx context.Context, db *database.Database, h render.Re
 
 // SendPasswordResetEmailFunc returns a function capable of sending a password
 // reset for the given user.
-func SendPasswordResetEmailFunc(ctx context.Context, db *database.Database, h render.Renderer, email string) (auth.ResetPasswordEmailFunc, error) {
-	// Lookup the realm to get the email provider
-	realm := RealmFromContext(ctx)
-	if realm == nil {
-		return nil, nil
-	}
-
+func SendPasswordResetEmailFunc(ctx context.Context, db *database.Database, h render.Renderer, email string,
+	realm *database.Realm) (auth.ResetPasswordEmailFunc, error) {
 	// Lookup the email provider
 	emailer, err := realm.EmailProvider(db)
 	if err != nil {
@@ -129,13 +119,8 @@ func SendPasswordResetEmailFunc(ctx context.Context, db *database.Database, h re
 
 // SendEmailVerificationEmailFunc returns a function capable of sending an email
 // verification email.
-func SendEmailVerificationEmailFunc(ctx context.Context, db *database.Database, h render.Renderer, email string) (auth.EmailVerificationEmailFunc, error) {
-	// Lookup the realm to get the email provider
-	realm := RealmFromContext(ctx)
-	if realm == nil {
-		return nil, nil
-	}
-
+func SendEmailVerificationEmailFunc(ctx context.Context, db *database.Database, h render.Renderer, email string,
+	realm *database.Realm) (auth.EmailVerificationEmailFunc, error) {
 	// Lookup the email provider
 	emailer, err := realm.EmailProvider(db)
 	if err != nil {

diff --git a/pkg/controller/login/reset_password.go b/pkg/controller/login/reset_password.go
@@ -19,6 +19,7 @@ import (
 	"context"
 	"net/http"
 
+	"github.com/google/exposure-notifications-verification-server/internal/auth"
 	"github.com/google/exposure-notifications-verification-server/pkg/controller"
 	"github.com/google/exposure-notifications-verification-server/pkg/database"
 )
@@ -74,11 +75,17 @@ func (c *Controller) HandleSubmitResetPassword() http.Handler {
 			return
 		}
 
+		// nil composer falls back to firebase and no custom message.
+		var resetComposer auth.ResetPasswordEmailFunc
+
+		membership := controller.MembershipFromContext(ctx)
 		// Build the emailer.
-		resetComposer, err := controller.SendPasswordResetEmailFunc(ctx, c.db, c.h, user.Email)
-		if err != nil {
-			controller.InternalError(w, r, c.h, err)
-			return
+		if membership != nil {
+			resetComposer, err = controller.SendPasswordResetEmailFunc(ctx, c.db, c.h, user.Email, membership.Realm)
+			if err != nil {
+				controller.InternalError(w, r, c.h, err)
+				return
+			}
 		}
 
 		// Reset the password.

diff --git a/pkg/controller/login/verify_email_send.go b/pkg/controller/login/verify_email_send.go
@@ -54,11 +54,8 @@ func (c *Controller) HandleSubmitVerifyEmail() http.Handler {
 		}
 		flash := controller.Flash(session)
 
-		currentUser := controller.UserFromContext(ctx)
-		if currentUser == nil {
-			controller.MissingUser(w, r, c.h)
-			return
-		}
+		membership := controller.MembershipFromContext(ctx)
+		currentUser := membership.User
 
 		var form FormData
 		if err := controller.BindForm(w, r, &form); err != nil {
@@ -68,7 +65,7 @@ func (c *Controller) HandleSubmitVerifyEmail() http.Handler {
 		}
 
 		// Build the email template.
-		verifyComposer, err := controller.SendEmailVerificationEmailFunc(ctx, c.db, c.h, currentUser.Email)
+		verifyComposer, err := controller.SendEmailVerificationEmailFunc(ctx, c.db, c.h, currentUser.Email, membership.Realm)
 		if err != nil {
 			controller.InternalError(w, r, c.h, err)
 			return

diff --git a/pkg/controller/user/create.go b/pkg/controller/user/create.go
@@ -99,7 +99,7 @@ func (c *Controller) HandleCreate() http.Handler {
 			return
 		}
 
-		inviteComposer, err := controller.SendInviteEmailFunc(ctx, c.db, c.h, user.Email)
+		inviteComposer, err := controller.SendInviteEmailFunc(ctx, c.db, c.h, user.Email, currentRealm)
 		if err != nil {
 			controller.InternalError(w, r, c.h, err)
 			return

diff --git a/pkg/controller/user/importbatch.go b/pkg/controller/user/importbatch.go
@@ -121,7 +121,7 @@ func (c *Controller) importUsers(ctx context.Context,
 		}
 
 		// Create the invitation email composer.
-		inviteComposer, err := controller.SendInviteEmailFunc(ctx, c.db, c.h, user.Email)
+		inviteComposer, err := controller.SendInviteEmailFunc(ctx, c.db, c.h, user.Email, realm)
 		if err != nil {
 			batchErr = multierror.Append(batchErr, err)
 			continue

diff --git a/pkg/controller/user/reset_password.go b/pkg/controller/user/reset_password.go
@@ -60,7 +60,7 @@ func (c *Controller) HandleResetPassword() http.Handler {
 		}
 
 		// Build the emailer.
-		resetComposer, err := controller.SendPasswordResetEmailFunc(ctx, c.db, c.h, user.Email)
+		resetComposer, err := controller.SendPasswordResetEmailFunc(ctx, c.db, c.h, user.Email, currentRealm)
 		if err != nil {
 			controller.InternalError(w, r, c.h, err)
 			return