Skip to content

Commit

Permalink
fix: notify all email send after peer authentication, not before
Browse files Browse the repository at this point in the history
  • Loading branch information
@rdubigny
rdubigny committed Jul 28, 2023
1 parent 0114076 commit 6375b36
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 32 deletions.
3 changes: 0 additions & 3 deletions src/controllers/organization.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@ import {
getOrganizationSuggestions,
joinOrganization,
} from '../managers/organization/join';
import { authenticateByPeers } from '../managers/organization/authentication-by-peers';

export const getJoinOrganizationController = async (
req: Request,
Expand Down Expand Up @@ -108,8 +107,6 @@ export const postJoinOrganizationMiddleware = async (
user_id: req.session.user!.id,
});

await authenticateByPeers(userOrganizationLink);

if (req.session.mustReturnOneOrganizationInPayload) {
await selectOrganization({
user_id: req.session.user!.id,
Expand Down
22 changes: 0 additions & 22 deletions src/managers/organization/authentication-by-peers.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ import {
NotFoundError,
UserAlreadyAskedForSponsorshipError,
} from '../../errors';
import { isEligibleToSponsorship } from '../../services/organization';
import { sendMail } from '../../connectors/sendinblue';
import { updateUserOrganizationLink } from '../../repositories/organization/setters';
import { getOrganizationsByUserId } from './main';
Expand All @@ -19,27 +18,6 @@ import {
} from '../../repositories/moderation';
import { SUPPORT_EMAIL_ADDRESS } from '../../env';

export const authenticateByPeers = async (
link: UserOrganizationLink
): Promise<{ hasBeenAuthenticated: boolean }> => {
const { organization_id, user_id, is_external } = link;
const organizationUsers = await getUsers(organization_id);
const user = organizationUsers.find(({ id }) => id === user_id);
const organization = await findOrganizationById(organization_id);

// The user should be in the organization already
if (isEmpty(user) || isEmpty(organization)) {
throw new NotFoundError();
}

if (isEligibleToSponsorship(organization)) {
return { hasBeenAuthenticated: false };
}

await notifyAllMembers(link);

return { hasBeenAuthenticated: true };
};
export const notifyAllMembers = async ({
organization_id,
user_id,
Expand Down
22 changes: 15 additions & 7 deletions src/middlewares/user.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,13 @@ import { isEmpty } from 'lodash';
import { isUrlTrusted } from '../services/security';
import { updateEmailAddressVerificationStatus } from '../managers/user';
import { isEligibleToSponsorship } from '../services/organization';
import { NotImplemented } from 'http-errors';
import { getOrganizationsByUserId } from '../managers/organization/main';
import { greetForJoiningOrganization } from '../managers/organization/authentication-by-peers';
import {
greetForJoiningOrganization,
notifyAllMembers,
} from '../managers/organization/authentication-by-peers';
import { getSelectedOrganizationId } from '../repositories/redis/selected-organization';
import { getUserOrganizationLink } from '../repositories/organization/getters';

// redirect user to start sign in page if no email is available in session
export const checkEmailInSessionMiddleware = async (
Expand Down Expand Up @@ -227,15 +230,20 @@ export const checkUserHasBeenAuthenticatedByPeersMiddleware = (

if (!isEmpty(organizationThatNeedsAuthenticationByPeers)) {
if (
!isEligibleToSponsorship(organizationThatNeedsAuthenticationByPeers)
isEligibleToSponsorship(organizationThatNeedsAuthenticationByPeers)
) {
// this should never happen as all members are notified by default
return next(new NotImplemented());
return res.redirect(
`/users/choose-sponsor/${organizationThatNeedsAuthenticationByPeers.id}`
);
}

return res.redirect(
`/users/choose-sponsor/${organizationThatNeedsAuthenticationByPeers.id}`
const link = await getUserOrganizationLink(
organizationThatNeedsAuthenticationByPeers.id,
req.session.user!.id
);

// link exists because we get the organization id from getOrganizationsByUserId above
await notifyAllMembers(link!);
}

return next();
Expand Down

0 comments on commit 6375b36

Please sign in to comment.