Fix: When logging with parter create accounts with lowercase emails (#1137)
* Fix: When logging with parter create accounts with lowercase emails * Sanitize emails instead of just lowercase them * linting Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
This commit is contained in:
parent
66a2152ea3
commit
38c9138cdb
|
@ -8,6 +8,7 @@ from newrelic import agent
|
|||
|
||||
from app.db import Session
|
||||
from app.email_utils import send_welcome_email
|
||||
from app.utils import sanitize_email
|
||||
from app.errors import AccountAlreadyLinkedToAnotherPartnerException
|
||||
from app.log import LOG
|
||||
from app.models import (
|
||||
|
@ -194,6 +195,8 @@ def get_login_strategy(
|
|||
def process_login_case(
|
||||
link_request: PartnerLinkRequest, partner: Partner
|
||||
) -> LinkResult:
|
||||
# Sanitize email just in case
|
||||
link_request.email = sanitize_email(link_request.email)
|
||||
# Try to find a SimpleLogin user registered with that partner user id
|
||||
partner_user = PartnerUser.get_by(
|
||||
partner_id=partner.id, external_user_id=link_request.external_user_id
|
||||
|
@ -217,6 +220,8 @@ def process_login_case(
|
|||
def link_user(
|
||||
link_request: PartnerLinkRequest, current_user: User, partner: Partner
|
||||
) -> LinkResult:
|
||||
# Sanitize email just in case
|
||||
link_request.email = sanitize_email(link_request.email)
|
||||
partner_user = ensure_partner_user_exists_for_user(
|
||||
link_request, current_user, partner
|
||||
)
|
||||
|
@ -260,6 +265,8 @@ def process_link_case(
|
|||
current_user: User,
|
||||
partner: Partner,
|
||||
) -> LinkResult:
|
||||
# Sanitize email just in case
|
||||
link_request.email = sanitize_email(link_request.email)
|
||||
# Try to find a SimpleLogin user linked with this Partner account
|
||||
partner_user = PartnerUser.get_by(
|
||||
partner_id=partner.id, external_user_id=link_request.external_user_id
|
||||
|
|
|
@ -92,6 +92,24 @@ def test_login_case_from_partner():
|
|||
assert res.user.activated is True
|
||||
|
||||
|
||||
def test_login_case_from_partner_with_uppercase_email():
|
||||
partner = get_proton_partner()
|
||||
link_request = random_link_request(
|
||||
external_user_id=random_string(),
|
||||
from_partner=True,
|
||||
)
|
||||
link_request.email = link_request.email.upper()
|
||||
res = process_login_case(link_request, partner)
|
||||
|
||||
assert res.strategy == NewUserStrategy.__name__
|
||||
assert res.user is not None
|
||||
assert res.user.email == link_request.email.lower()
|
||||
assert User.FLAG_CREATED_FROM_PARTNER == (
|
||||
res.user.flags & User.FLAG_CREATED_FROM_PARTNER
|
||||
)
|
||||
assert res.user.activated is True
|
||||
|
||||
|
||||
def test_login_case_from_web():
|
||||
partner = get_proton_partner()
|
||||
res = process_login_case(
|
||||
|
@ -119,6 +137,17 @@ def test_get_strategy_existing_sl_user():
|
|||
assert isinstance(strategy, ExistingUnlinkedUserStrategy)
|
||||
|
||||
|
||||
def test_get_strategy_existing_sl_user_with_uppercase_email():
|
||||
email = random_email()
|
||||
user = User.create(email, commit=True)
|
||||
strategy = get_login_strategy(
|
||||
link_request=random_link_request(email=email.upper()),
|
||||
user=user,
|
||||
partner=get_proton_partner(),
|
||||
)
|
||||
assert isinstance(strategy, ExistingUnlinkedUserStrategy)
|
||||
|
||||
|
||||
def test_get_strategy_existing_sl_user_linked_with_different_proton_account():
|
||||
# In this scenario we have
|
||||
# - PartnerUser1 (ID1, email1@proton)
|
||||
|
@ -321,3 +350,30 @@ def test_ensure_partner_user_exists_for_user_raises_exception_when_linked_to_ano
|
|||
user,
|
||||
partner_2,
|
||||
)
|
||||
|
||||
|
||||
def test_link_account_with_uppercase(flask_client):
|
||||
# In this scenario we have:
|
||||
# - PartnerUser (email1@partner)
|
||||
# - SimpleLoginUser registered with email1@proton
|
||||
# We will try to link both accounts with an uppercase email
|
||||
|
||||
email = random_email()
|
||||
partner_user_id = random_string()
|
||||
link_request = random_link_request(
|
||||
external_user_id=partner_user_id, email=email.upper()
|
||||
)
|
||||
user = create_user(email)
|
||||
|
||||
res = process_link_case(link_request, user, get_proton_partner())
|
||||
assert res is not None
|
||||
assert res.user is not None
|
||||
assert res.user.id == user.id
|
||||
assert res.user.email == email
|
||||
assert res.strategy == "Link"
|
||||
|
||||
partner_user = PartnerUser.get_by(
|
||||
partner_id=get_proton_partner().id, user_id=user.id
|
||||
)
|
||||
assert partner_user.partner_id == get_proton_partner().id
|
||||
assert partner_user.external_user_id == partner_user_id
|
||||
|
|
Loading…
Reference in New Issue