Email not unique for new users
Chris-Boe opened this issue · 4 comments
Describe the bug
A clear and concise description of what the bug is.
Users can be created with emails that belong to other users
To Reproduce
Steps to reproduce the behavior:
- Go to Create PM page
- Fill form out with an email that belongs to another user
- Submit the form
- See success message when it should have given a 400
Expected behavior
A clear and concise description of what you expected to happen.
An error should show when trying to create a user with an email that already exists
Screenshots
If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
- OS: [e.g. iOS]
- Browser [e.g. chrome, safari]
- Version [e.g. 22]
Smartphone (please complete the following information):
- Device: [e.g. iPhone6]
- OS: [e.g. iOS8.1]
- Browser [e.g. stock browser, safari]
- Version [e.g. 22]
Additional context
Add any other context about the problem here.
I don't think there is an issue here.
What's happening in the backend is that it's resends the invitation.
We could change this behavior if desired, but there is currently no place for the admin to view pending invitations and resend invitations.
It would probably be nice to see a list of pending invitation so that the admin can edit/resend/cancel invitation as needed.
It's finding the current user by the supplied email address, gets a new token, and resends the invitation email
The message displayed is fixed in the frontend. and looks like we respond with a 201 regardless if its resending invitation or not.
There might be a couple things that could be done here:
If the supplied email already exists and the user has accepted the invitation.
- Then show a message stating that the email address supplied is already in use
If the supplied email already exists and the user was invited and has not accepted yet
- Then ask if invitation should be resent?
I don't know. I think I'd like a list of invitation with a button next to them to either edit/update/resend invitation
And then if the form is filled out and the email is already taken then simply return a 422 with appropriate error message.
I don't think there is an issue here.
What's happening in the backend is that it's resends the invitation.
We could change this behavior if desired, but there is currently no place for the admin to view pending invitations and resend invitations.
It would probably be nice to see a list of pending invitation so that the admin can edit/resend/cancel invitation as needed.
It's finding the current user by the supplied email address, gets a new token, and resends the invitation email
The message displayed is fixed in the frontend. and looks like we respond with a 201 regardless if its resending invitation or not.
There might be a couple things that could be done here: If the supplied email already exists and the user has accepted the invitation.
- Then show a message stating that the email address supplied is already in use
If the supplied email already exists and the user was invited and has not accepted yet
- Then ask if invitation should be resent?
I don't know. I think I'd like a list of invitation with a button next to them to either edit/update/resend invitation And then if the form is filled out and the email is already taken then simply return a 422 with appropriate error message.
I think the first two options you supplied are sufficient. Or even instead of asking the admin if we need to resend the invitation, just resend it automatically, send back a different response, and the success message in the frontend can tell the user we are resending the invitation
just resend it automatically, send back a different response, and the success message in the frontend can tell the user we are resending the invitation
Sounds good
We are just resending the invitation for the user, no issue here