refactor: Unify all the code for user creation into a new service. #29916
Conversation
|
pierre-lehnen-rc
force-pushed
the
chore/user-create
branch
from
018b161 to
dc8641a
Compare
Codecov Report
@@ Coverage Diff @@
## develop #29916 +/- ##
===========================================
+ Coverage 47.94% 48.47% +0.53%
===========================================
Files 696 697 +1
Lines 13904 13911 +7
Branches 2445 2446 +1
===========================================
+ Hits 6666 6744 +78
+ Misses 6867 6790 -77
- Partials 371 377 +6
Flags with carried forward coverage won't be shown. Click here to find out more. |
pierre-lehnen-rc
force-pushed
the
chore/user-create
branch
from
10e15da to
02e5075
Compare
| const verified = settings.get<boolean>('Accounts_Verify_Email_For_External_Accounts'); | ||
|
|
||
| for (const service of Object.values(user.services) as Record<string, any>[]) { | ||
| if (!user.name && typeof service === 'object' && ('name' in service || 'username' in service)) { |
There was a problem hiding this comment.
Can maybe this be a type assertion function? no perf benefit but we'll have it "typed"
There was a problem hiding this comment.
Ideally, yes. In this case the type this would assert to is not defined yet. I'll try to include its definition on the next PR.
|
As this first PR focuses on unifying the code while changing as little as possible, I've marked as resolved the suggestions related to code that was only moved from one file to another. I'm working on a second PR with the actual improvements over this code and I'll consider those suggestions there. |
Proposed changes (including videos or screenshots)
Moves the user creation code from Meteor's
Accounts.createUserAsyncandAccounts.insertUserDocto a newUserservice on rocket.chat, with only minimal changes to behavior.Changes:
Accounts.createUserAsyncwould query the user collection to check if the specified username and email were not already in use - but this check was only valid in regular user registration because in many of the places we call this function (such as OAuth), the username and email were filled in through callbacks after this check is done. So I dropped this check completely as in one way or another we already rely on the indexes for those fields.globalRolesto the user param when creating users withAccounts.insertUserDoc. I moved this attribute to the options param instead, so that the user object is compatible withIUser.Accounts.onCreateUserandAccounts.validateNewUserwill no longer be called. We had a few references to those in the code base and I moved all of them into the User service as well, except for the OAuthvalidateNewUserfunction that I moved into thebeforeCreateUsercallback instead.Accounts.insertUserDocwill be redirected to this new service automatically. OAuth login is still handled by Meteor code so it relies on this. I made no such fallbacks forAccounts.validateNewUser.Issue(s)
Steps to test or reproduce
Further comments
This adds a reference to a new meteor package,
oauth-encryption. This package was previously used internally onAccounts.insertUserDocto handle a special case in OAuth logins, where some data may have been encrypted and stored before the user's ID was generated. TheinsertUserDocfunction decrypts that data and re-encrypts using the ID once it is available.