Users can now safely change their email address.
This commit is contained in:
		
							parent
							
								
									16b2869827
								
							
						
					
					
						commit
						11f5b0872b
					
				
					 2 changed files with 16 additions and 5 deletions
				
			
		|  | @ -4,6 +4,8 @@ require "uuid" | |||
| class AuthD::User | ||||
| 	include JSON::Serializable | ||||
| 
 | ||||
| 	def_clone | ||||
| 
 | ||||
| 	enum PermissionLevel | ||||
| 		None | ||||
| 		Read | ||||
|  | @ -18,6 +20,8 @@ class AuthD::User | |||
| 	class Contact | ||||
| 		include JSON::Serializable | ||||
| 
 | ||||
| 		def_clone | ||||
| 
 | ||||
| 		# the activation key is removed once the user is validated | ||||
| 		property activation_key : String? = nil | ||||
| 		property email          : String? | ||||
|  |  | |||
|  | @ -12,6 +12,7 @@ class AuthD::Request | |||
| 			logged_user = authd.get_logged_user_full? fd | ||||
| 			return Response::ErrorMustBeAuthenticated.new if logged_user.nil? | ||||
| 
 | ||||
| 			# The user will be modified, we should get a COPY of the user. | ||||
| 			user = if u = @user | ||||
| 				logged_user.assert_permission("authd", "*", User::PermissionLevel::Edit) | ||||
| 				authd.user? u | ||||
|  | @ -20,23 +21,29 @@ class AuthD::Request | |||
| 			end | ||||
| 			return Response::ErrorUserNotFound.new if user.nil? | ||||
| 
 | ||||
| 			cloned_user : AuthD::User = user.clone | ||||
| 
 | ||||
| 			# Only an admin can uprank or downrank someone. | ||||
| 			if admin = @admin | ||||
| 				logged_user.assert_permission("authd", "*", User::PermissionLevel::Admin) | ||||
| 				user.admin = admin | ||||
| 				cloned_user.admin = admin | ||||
| 			end | ||||
| 
 | ||||
| 			@password.try do |s| | ||||
| 				user.password_hash = authd.hash_password s | ||||
| 				cloned_user.password_hash = authd.hash_password s | ||||
| 			end | ||||
| 
 | ||||
| 			@email.try do |email| | ||||
| 				user.contact.email = email | ||||
| 				cloned_user.contact.email = email | ||||
| 			end | ||||
| 
 | ||||
| 			authd.users_per_uid.update user.uid.to_s, user | ||||
| 			begin | ||||
| 				authd.users_per_uid.update cloned_user.uid.to_s, cloned_user | ||||
| 			rescue e | ||||
| 				return Response::Error.new "could not update the user (email may already be used)" | ||||
| 			end | ||||
| 
 | ||||
| 			Response::UserEdited.new user.uid | ||||
| 			Response::UserEdited.new cloned_user.uid | ||||
| 		end | ||||
| 	end | ||||
| 	AuthD.requests << ModUser | ||||
|  |  | |||
		Loading…
	
	Add table
		
		Reference in a new issue