Hotfix/project member invite case sensitive #325
Conversation
…_field_project_estimations Added quantity field for project estimations as we need to store quantity for API add ons as of new API smart forms
…is a case difference — Fixed
There was a problem hiding this comment.
@vikasrohit I've tested it locally it works for new invitations.
Just want to note, that this fix wouldn't work for the old invitations which have been created before this fix. As inside ES index and DB we already can have invitations with email in one shape, while the user could use another shape during registration.
So if we imagine, that user invitation has been already sent with upper-case, and the user now is registering with lowercase after the fix:
1. I don't see a project I'm invited to in the list. Most likely because ES search for projects with invitation using case-sensitive query: https://github.com/topcoder-platform/tc-project-service/blob/hotfix/project_member_invite_case_sensitive/src/routes/projects/list.js#L145
2. When I try to directly access the project I'm invited to by link, I don't have permissions to access the project also.
Also, there is a couple of comments to make sure we are safe in the future.
One is commented below.
And another one: there is another method getProjectInvitesForUser which also gets invitations for a user but for all projects.
We either should update it the same way or remove it, as I cannot find any use case of this second method I think it would be better to remove it.
| _.assign(where, { $or: [ | ||
| { email: { $eq: email.toLowerCase() } }, | ||
| { userId: { $eq: userId } }, | ||
| ] }); | ||
| } else if (email) { | ||
| _.assign(where, { email }); |
There was a problem hiding this comment.
@vikasrohit It looks like we also have to fix this line even though currently we don't use this method with email only for now, but we can do in the future theoretically.
There was a problem hiding this comment.
Yep, sure. I would do the change in dev branch directly.
Dev version of hotifx