From 779623934c3919b3e2d0a8eccd7d607df8f3b627 Mon Sep 17 00:00:00 2001 From: Michal Nicpon <39177923+michalnicp@users.noreply.github.com> Date: Mon, 28 Mar 2022 09:38:57 -0600 Subject: [PATCH] Fix update invite email conflict (#4751) --- server/service/invites.go | 16 +++++++------ server/service/invites_test.go | 43 ++++++++++++++++++++++++++++++++++ server/vulnerabilities/cpe.go | 2 +- 3 files changed, 53 insertions(+), 8 deletions(-) diff --git a/server/service/invites.go b/server/service/invites.go index 8304c56d13..0498df689e 100644 --- a/server/service/invites.go +++ b/server/service/invites.go @@ -191,16 +191,12 @@ func (svc *Service) UpdateInvite(ctx context.Context, id uint, payload fleet.Inv return nil, err } - if err := fleet.ValidateRole(payload.GlobalRole.Ptr(), payload.Teams); err != nil { - return nil, err - } - invite, err := svc.ds.Invite(ctx, id) if err != nil { return nil, err } - if payload.Email != nil { + if payload.Email != nil && *payload.Email != invite.Email { switch _, err := svc.ds.UserByEmail(ctx, *payload.Email); { case err == nil: return nil, ctxerr.Wrap(ctx, alreadyExistsError{}) @@ -230,8 +226,14 @@ func (svc *Service) UpdateInvite(ctx context.Context, id uint, payload fleet.Inv if payload.SSOEnabled != nil { invite.SSOEnabled = *payload.SSOEnabled } - invite.GlobalRole = payload.GlobalRole - invite.Teams = payload.Teams + + if payload.GlobalRole.Valid || len(payload.Teams) > 0 { + if err := fleet.ValidateRole(payload.GlobalRole.Ptr(), payload.Teams); err != nil { + return nil, err + } + invite.GlobalRole = payload.GlobalRole + invite.Teams = payload.Teams + } return svc.ds.UpdateInvite(ctx, id, invite) } diff --git a/server/service/invites_test.go b/server/service/invites_test.go index 2249c520dc..081db36526 100644 --- a/server/service/invites_test.go +++ b/server/service/invites_test.go @@ -2,6 +2,7 @@ package service import ( "context" + "database/sql" "testing" "time" @@ -55,6 +56,48 @@ func TestInviteNewUserMock(t *testing.T) { require.NotNil(t, err, "should err if the user we're inviting already exists") } +func TestUpdateInvite(t *testing.T) { + ms := new(mock.Store) + ms.InviteFunc = func(ctx context.Context, id uint) (*fleet.Invite, error) { + if id != 1 { + return nil, sql.ErrNoRows + } + + return &fleet.Invite{ + ID: 1, + Name: "John Appleseed", + Email: "john_appleseed@example.com", + GlobalRole: null.NewString("observer", true), + }, nil + } + ms.UpdateInviteFunc = func(ctx context.Context, id uint, i *fleet.Invite) (*fleet.Invite, error) { + return nil, nil + } + + mailer := &mockMailService{SendEmailFn: func(e fleet.Email) error { return nil }} + + svc := validationMiddleware{&Service{ + ds: ms, + config: config.TestConfig(), + mailService: mailer, + clock: clock.NewMockClock(), + authz: authz.Must(), + }, ms, nil} + + // email is the same + payload := fleet.InvitePayload{ + Name: ptr.String("Johnny Appleseed"), + Email: ptr.String("john_appleseed@example.com"), + } + + ctx := test.UserContext(test.UserAdmin) + + // update the invite (email is the same) + _, err := svc.UpdateInvite(ctx, 1, payload) + require.NoError(t, err) + require.True(t, ms.InviteFuncInvoked) +} + func TestVerifyInvite(t *testing.T) { ms := new(mock.Store) svc := newTestService(t, ms, nil, nil) diff --git a/server/vulnerabilities/cpe.go b/server/vulnerabilities/cpe.go index dd3228059d..ed59b63259 100644 --- a/server/vulnerabilities/cpe.go +++ b/server/vulnerabilities/cpe.go @@ -39,7 +39,7 @@ var cpeSqliteRegex = regexp.MustCompile(`^cpe-.*\.sqlite\.gz$`) func GetLatestNVDRelease(client *http.Client) (*NVDRelease, error) { ghclient := github.NewClient(client) ctx := context.Background() - releases, _, err := ghclient.Repositories.ListReleases(ctx, owner, repo, &github.ListOptions{Page: 0, PerPage: 1}) + releases, _, err := ghclient.Repositories.ListReleases(ctx, owner, repo, &github.ListOptions{Page: 0, PerPage: 10}) if err != nil { return nil, err }