Skip to content
This repository has been archived by the owner on Jul 12, 2023. It is now read-only.

Use realm from current membership for emails #1445

Merged
merged 3 commits into from
Dec 22, 2020
Merged

Use realm from current membership for emails #1445

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
c6bf67f
use realm from current membership for emails
whaught Dec 22, 2020
c8a1a2a
one more
whaught Dec 22, 2020
07e882a
reset password only if membership exists
whaught Dec 22, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 6 additions & 21 deletions pkg/controller/email.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,13 +24,8 @@ import (
)

// SendInviteEmailFunc returns a function capable of sending a new user invitation.
func SendInviteEmailFunc(ctx context.Context, db *database.Database, h render.Renderer, email string) (auth.InviteUserEmailFunc, error) {
// Lookup the realm to get the email provider
realm := RealmFromContext(ctx)
if realm == nil {
return nil, nil
}

func SendInviteEmailFunc(ctx context.Context, db *database.Database, h render.Renderer, email string,
realm *database.Realm) (auth.InviteUserEmailFunc, error) {
// Lookup the email provider
emailer, err := realm.EmailProvider(db)
if err != nil {
Expand Down Expand Up @@ -77,13 +72,8 @@ func SendInviteEmailFunc(ctx context.Context, db *database.Database, h render.Re

// SendPasswordResetEmailFunc returns a function capable of sending a password
// reset for the given user.
func SendPasswordResetEmailFunc(ctx context.Context, db *database.Database, h render.Renderer, email string) (auth.ResetPasswordEmailFunc, error) {
// Lookup the realm to get the email provider
realm := RealmFromContext(ctx)
if realm == nil {
return nil, nil
}

func SendPasswordResetEmailFunc(ctx context.Context, db *database.Database, h render.Renderer, email string,
realm *database.Realm) (auth.ResetPasswordEmailFunc, error) {
// Lookup the email provider
emailer, err := realm.EmailProvider(db)
if err != nil {
Expand Down Expand Up @@ -129,13 +119,8 @@ func SendPasswordResetEmailFunc(ctx context.Context, db *database.Database, h re

// SendEmailVerificationEmailFunc returns a function capable of sending an email
// verification email.
func SendEmailVerificationEmailFunc(ctx context.Context, db *database.Database, h render.Renderer, email string) (auth.EmailVerificationEmailFunc, error) {
// Lookup the realm to get the email provider
realm := RealmFromContext(ctx)
if realm == nil {
return nil, nil
}

func SendEmailVerificationEmailFunc(ctx context.Context, db *database.Database, h render.Renderer, email string,
realm *database.Realm) (auth.EmailVerificationEmailFunc, error) {
// Lookup the email provider
emailer, err := realm.EmailProvider(db)
if err != nil {
Expand Down
8 changes: 7 additions & 1 deletion pkg/controller/login/reset_password.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ import (

"github.com/google/exposure-notifications-verification-server/pkg/controller"
"github.com/google/exposure-notifications-verification-server/pkg/database"
"github.com/google/exposure-notifications-verification-server/pkg/rbac"
)

func (c *Controller) HandleShowResetPassword() http.Handler {
Expand Down Expand Up @@ -59,6 +60,11 @@ func (c *Controller) HandleSubmitResetPassword() http.Handler {
return
}

membership := controller.MembershipFromContext(ctx)
whaught marked this conversation as resolved.
Show resolved Hide resolved
if !membership.Can(rbac.UserWrite) {
whaught marked this conversation as resolved.
Show resolved Hide resolved
controller.Unauthorized(w, r, c.h)
return
}
// Does the user exist?
whaught marked this conversation as resolved.
Show resolved Hide resolved
user, err := c.db.FindUserByEmail(form.Email)
if err != nil {
Expand All @@ -75,7 +81,7 @@ func (c *Controller) HandleSubmitResetPassword() http.Handler {
}

// Build the emailer.
resetComposer, err := controller.SendPasswordResetEmailFunc(ctx, c.db, c.h, user.Email)
resetComposer, err := controller.SendPasswordResetEmailFunc(ctx, c.db, c.h, user.Email, membership.Realm)
if err != nil {
controller.InternalError(w, r, c.h, err)
return
Expand Down
9 changes: 3 additions & 6 deletions pkg/controller/login/verify_email_send.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,11 +54,8 @@ func (c *Controller) HandleSubmitVerifyEmail() http.Handler {
}
flash := controller.Flash(session)

currentUser := controller.UserFromContext(ctx)
if currentUser == nil {
controller.MissingUser(w, r, c.h)
return
}
membership := controller.MembershipFromContext(ctx)
currentUser := membership.User

var form FormData
if err := controller.BindForm(w, r, &form); err != nil {
Expand All @@ -68,7 +65,7 @@ func (c *Controller) HandleSubmitVerifyEmail() http.Handler {
}

// Build the email template.
verifyComposer, err := controller.SendEmailVerificationEmailFunc(ctx, c.db, c.h, currentUser.Email)
verifyComposer, err := controller.SendEmailVerificationEmailFunc(ctx, c.db, c.h, currentUser.Email, membership.Realm)
if err != nil {
controller.InternalError(w, r, c.h, err)
return
Expand Down
2 changes: 1 addition & 1 deletion pkg/controller/user/create.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ func (c *Controller) HandleCreate() http.Handler {
return
}

inviteComposer, err := controller.SendInviteEmailFunc(ctx, c.db, c.h, user.Email)
inviteComposer, err := controller.SendInviteEmailFunc(ctx, c.db, c.h, user.Email, currentRealm)
if err != nil {
controller.InternalError(w, r, c.h, err)
return
Expand Down
2 changes: 1 addition & 1 deletion pkg/controller/user/importbatch.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,7 @@ func (c *Controller) importUsers(ctx context.Context,
}

// Create the invitation email composer.
inviteComposer, err := controller.SendInviteEmailFunc(ctx, c.db, c.h, user.Email)
inviteComposer, err := controller.SendInviteEmailFunc(ctx, c.db, c.h, user.Email, realm)
if err != nil {
batchErr = multierror.Append(batchErr, err)
continue
Expand Down
2 changes: 1 addition & 1 deletion pkg/controller/user/reset_password.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ func (c *Controller) HandleResetPassword() http.Handler {
}

// Build the emailer.
resetComposer, err := controller.SendPasswordResetEmailFunc(ctx, c.db, c.h, user.Email)
resetComposer, err := controller.SendPasswordResetEmailFunc(ctx, c.db, c.h, user.Email, currentRealm)
if err != nil {
controller.InternalError(w, r, c.h, err)
return
Expand Down