From 016e61ce9ab44cf58355e843b0c0d0085d373fc7 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Thu, 29 May 2014 09:38:53 +0200
Subject: catch corner cases of account creation

Users now always check if their identity is valid. We need to make
sure this works if the user is a new record and once it has been
persisted.

While the user is a new record the identity will have no user_id.
Old identities that are left to block the login of a user who
canceled their account also have a blank user_id. They still should
render the new identity invalid so the user can't be saved with a
login that has been reserved.

Once the user has been persisted we set the user_id on the identity
and save it too when creating an Account. This allows us to create
a plain user and save it and it will still have an in memory identity
only. But the default is to create the user by means of creating an
account so an identity will be created as well.
---
 app/models/account.rb  |  9 ++++++---
 app/models/identity.rb | 13 +++++++++----
 2 files changed, 15 insertions(+), 7 deletions(-)

(limited to 'app')

diff --git a/app/models/account.rb b/app/models/account.rb
index bffa288..32ed445 100644
--- a/app/models/account.rb
+++ b/app/models/account.rb
@@ -16,10 +16,13 @@ class Account
 
   # Returns the user record so it can be used in views.
   def self.create(attrs)
-    @user = User.create(attrs).tap do |user|
-      Identity.create_for user
-      user.refresh_identity
+    @user = User.create(attrs)
+    if @user.persisted?
+      identity = @user.identity
+      identity.user_id = @user.id
+      identity.save
     end
+    return @user
   end
 
   def update(attrs)
diff --git a/app/models/identity.rb b/app/models/identity.rb
index a8eaba6..25be971 100644
--- a/app/models/identity.rb
+++ b/app/models/identity.rb
@@ -129,8 +129,12 @@ class Identity < CouchRest::Model::Base
   protected
 
   def alias_available
-    same_address = Identity.by_address.key(address)
-    if same_address.detect { |other| other != self && other.user != self.user }
+    blocking_identities = Identity.by_address.key(address).all
+    blocking_identities.delete self
+    if self.user
+      blocking_identities.reject! { |other| other.user == self.user }
+    end
+    if blocking_identities.any?
       errors.add :address, :taken
     end
   end
@@ -138,13 +142,14 @@ class Identity < CouchRest::Model::Base
   def address_local_email
     return if address.valid? #this ensures it is a valid local email address
     # we only hand on the first error for now.
-    self.errors.add(:address, address.errors.messages[:email].first)
+    self.errors.add(:address, address.errors.messages.values.first)
   end
 
   def destination_email
     return if destination.nil?   # this identity is disabled
     return if destination.valid? # this ensures it is Email
-    self.errors.add(:destination, destination.errors.messages[:email].first) #assumes only one error #TODO
+    # we only hand on the first error for now.
+    self.errors.add(:destination, destination.errors.messages.values.first)
   end
 
 end
-- 
cgit v1.2.3