Merge pull request #9348 from ChiragAgg5k/pla-2470

Fix resend team invite if already accepted
2026-05-06 06:48:22 +00:00 · 2025-02-18 15:10:11 +05:30 · 2025-02-18 15:10:11 +05:30 · 27d2cc9f00
commit 27d2cc9f00
parent ae91869e76 2457485230
4 changed files with 15 additions and 24 deletions
--- a/app/config/errors.php
+++ b/app/config/errors.php
@ -356,7 +356,7 @@ return [
    ],
    Exception::TEAM_INVALID_SECRET => [
        'name' => Exception::TEAM_INVALID_SECRET,
-        'description' => 'The team invitation secret is invalid. Please request  a new invitation and try again.',
+        'description' => 'The team invitation secret is invalid. Please request a new invitation and try again.',
        'code' => 401,
    ],
    Exception::TEAM_MEMBERSHIP_MISMATCH => [
--- a/app/controllers/api/teams.php
+++ b/app/controllers/api/teams.php
@ -588,9 +588,8 @@ App::post('/v1/teams/:teamId/memberships')
            Query::equal('teamInternalId', [$team->getInternalId()]),
        ]);

+        $secret = Auth::tokenGenerator();
        if ($membership->isEmpty()) {
-            $secret = Auth::tokenGenerator();
-
            $membershipId = ID::unique();
            $membership = new Document([
                '$id' => $membershipId,
@ -618,7 +617,8 @@ App::post('/v1/teams/:teamId/memberships')
                $dbForProject->createDocument('memberships', $membership);
            Authorization::skip(fn () => $dbForProject->increaseDocumentAttribute('teams', $team->getId(), 'total', 1));

-        } else {
+        } elseif ($membership->getAttribute('confirm') === false) {
+            $membership->setAttribute('secret', Auth::hash($secret));
            $membership->setAttribute('invited', DateTime::now());

            if ($isPrivilegedUser || $isAppUser) {
@ -629,9 +629,10 @@ App::post('/v1/teams/:teamId/memberships')
            $membership = ($isPrivilegedUser || $isAppUser) ?
                Authorization::skip(fn () => $dbForProject->updateDocument('memberships', $membership->getId(), $membership)) :
                $dbForProject->updateDocument('memberships', $membership->getId(), $membership);
+        } else {
+            throw new Exception(Exception::MEMBERSHIP_ALREADY_CONFIRMED);
        }

-
        if ($isPrivilegedUser || $isAppUser) {
            $dbForProject->purgeCachedDocument('users', $invitee->getId());
        } else {
--- a/tests/e2e/Services/Teams/TeamsBaseClient.php
+++ b/tests/e2e/Services/Teams/TeamsBaseClient.php
@ -226,10 +226,6 @@ trait TeamsBaseClient
        $this->assertEquals($response['body']['teamId'], substr($lastEmail['text'], strpos($lastEmail['text'], '&teamId=', 0) + 8, 20));
        $this->assertEquals($teamName, substr($lastEmail['text'], strpos($lastEmail['text'], '&teamName=', 0) + 10, 7));

-        $secret = substr($lastEmail['text'], strpos($lastEmail['text'], '&secret=', 0) + 8, 256);
-        $membershipUid = substr($lastEmail['text'], strpos($lastEmail['text'], '?membershipId=', 0) + 14, 20);
-        $userUid = substr($lastEmail['text'], strpos($lastEmail['text'], '&userId=', 0) + 8, 20);
-
        /**
         * Test with UserId
         * Create user
@ -308,6 +304,11 @@ trait TeamsBaseClient

        $this->assertEquals(201, $response['headers']['status-code']);

+        $lastEmail = $this->getLastEmail();
+        $membershipUid = substr($lastEmail['text'], strpos($lastEmail['text'], '?membershipId=', 0) + 14, 20);
+        $userUid = substr($lastEmail['text'], strpos($lastEmail['text'], '&userId=', 0) + 8, 20);
+        $secret = substr($lastEmail['text'], strpos($lastEmail['text'], '&secret=', 0) + 8, 256);
+
        /**
         * Test for FAILURE
         */
--- a/tests/e2e/Services/Teams/TeamsBaseServer.php
+++ b/tests/e2e/Services/Teams/TeamsBaseServer.php
@ -175,17 +175,10 @@ trait TeamsBaseServer
        $userUid = $response['body']['userId'];
        $membershipUid = $response['body']['$id'];

-        // $response = $this->client->call(Client::METHOD_GET, '/users/'.$userUid, array_merge([
-        //     'content-type' => 'application/json',
-        //     'x-appwrite-project' => $this->getProject()['$id'],
-        // ], $this->getHeaders()), []);
+        /**
+         * Test for FAILURE
+         */

-        // $this->assertEquals($userUid, $response['body']['$id']);
-        // $this->assertContains('team:'.$teamUid, $response['body']['roles']);
-        // $this->assertContains('team:'.$teamUid.'/admin', $response['body']['roles']);
-        // $this->assertContains('team:'.$teamUid.'/editor', $response['body']['roles']);
-
-        // test for resending invitation
        $response = $this->client->call(Client::METHOD_POST, '/teams/' . $teamUid . '/memberships', array_merge([
            'content-type' => 'application/json',
            'x-appwrite-project' => $this->getProject()['$id'],
@ -196,11 +189,7 @@ trait TeamsBaseServer
            'url' => 'http://localhost:5000/join-us#title'
        ]);

-        $this->assertEquals(201, $response['headers']['status-code']);
-
-        /**
-         * Test for FAILURE
-         */
+        $this->assertEquals(409, $response['headers']['status-code']); // membership already created

        $response = $this->client->call(Client::METHOD_POST, '/teams/' . $teamUid . '/memberships', array_merge([
            'content-type' => 'application/json',