Skip to content

Fix reauth without password #497

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Oct 24, 2018
Merged

Fix reauth without password #497

merged 7 commits into from
Oct 24, 2018

Conversation

fisx
Copy link
Contributor

@fisx fisx commented Oct 23, 2018

galley end-points for deleting team members and deleting teams, resp., ask for a password even if the user calling the end-point doesn't have one. we change the behavior to be in sync with the end-points for adding and deleting devices.

@fisx fisx force-pushed the fisx-fix-reauth-without-password branch from 8bdc1ce to 0ab843a Compare October 23, 2018 19:02
@fisx fisx changed the title [WIP] Fix reauth without password Fix reauth without password Oct 23, 2018
@fisx fisx requested a review from tiago-loureiro October 24, 2018 06:32
tiago-loureiro
tiago-loureiro previously requested changes Oct 24, 2018
View reviewed changes
Copy link
Contributor

@tiago-loureiro tiago-loureiro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Other than the small comment, 👍

services/brig/test/integration/API/User/Client.hs Outdated
testRemoveClient :: Bool -> Brig -> Cannon -> Http ()
testRemoveClient hasPwd brig cannon = do
unless hasPwd $ error
"not implemented: for password-less users, we need to figure out another way to login."
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For password-less users, I'd just change the test so that no login is performed, i.e., one could simply skip:

     -- Permanent client with attached cookie
     login brig (defEmailLogin email) PersistentCookie
         !!! const 200 === statusCode
    numCookies <- countCookies brig uid defCookieLabel
    liftIO $ Just 1 @=? numCookies

@fisx fisx requested a review from tiago-loureiro October 24, 2018 09:51
@tiago-loureiro
Copy link
Contributor

like af46dcf?

Exactly

@fisx
Copy link
Contributor Author

fisx commented Oct 24, 2018

ci error is unrelated:

    delete non-binding team:                                     FAIL (3.52s)
      test/integration/API/Teams.hs:517:
      unexpected notification received: Notification {ntfId = 55aab829-d77b-11e8-8001-0a580ae94725, ntfTransient = False, ntfPayload = List1 {toNonEmpty = fromList [("connection",Object (fromList [("status",String "accepted"),("conversation",String "4f2a35f9-f9cc-4f78-bf5f-519524af1433"),("to",String "780e42fc-13ed-455a-b2f7-a5ddc65f3461"),("from",String "d71bf2fd-e5df-4a1e-8c67-abb85e4fdfd2"),("last_update",String "2018-10-24T10:55:35.089Z"),("message",String "Y")])),("user",Object (fromList [("name",String "success+67578cf0-b452-460f-a27b-4d7d483a063f@simulator.amazonses.com")])),("type",String "user.connection")] :| []}}

@fisx fisx merged commit 6da289a into develop Oct 24, 2018
@fisx fisx deleted the fisx-fix-reauth-without-password branch October 24, 2018 11:22
@fisx fisx mentioned this pull request Oct 25, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
1 more reviewer

@tiago-loureiro tiago-loureiro tiago-loureiro approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fisx @tiago-loureiro