joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixes issue affecting linking users to a 3rd party auth (#4047)

Browse Source 
* Fixes issue affecting linking users to a 3rd party auth

* Fixes problematic test

* Better fix

* nits
This commit is contained in:
Florent Vilmart
2017-07-25 15:26:34 -04:00
committed by GitHub
parent 7e54265f6d
commit 92d51def6b
3 changed files with 45 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/RestWrite.js
View File

@@ -297,7 +297,14 @@ RestWrite.prototype.handleAuthData = function(authData) {
}
});
const hasMutatedAuthData = Object.keys(mutatedAuthData).length !== 0;
if (!this.query) {
let userId;
if (this.query && this.query.objectId) {
userId = this.query.objectId;
} else if (this.auth && this.auth.user && this.auth.user.id) {
userId = this.auth.user.id;
}
if (!userId || userId === userResult.objectId) { // no user making the call
// OR the user making the call is the right one
// Login with auth data
delete results[0].password;
@@ -328,10 +335,10 @@ RestWrite.prototype.handleAuthData = function(authData) {
// Just update the authData part
return this.config.database.update(this.className, {objectId: this.data.objectId}, {authData: mutatedAuthData}, {});
});
} else if (this.query && this.query.objectId) {
} else if (userId) {
// Trying to update auth data but users
// are different
if (userResult.objectId !== this.query.objectId) {
if (userResult.objectId !== userId) {
throw new Parse.Error(Parse.Error.ACCOUNT_ALREADY_LINKED,
'this auth is already used');
}