Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion app/controllers/repp/v1/base_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@ def authenticate_user
end

def authentication_failure_message
if @current_user&.active? && !@current_user.identity_verified?
if @current_user&.active? && @current_user.subject.present? && !@current_user.identity_verified?
I18n.t('registrar.authorization.identity_not_verified')
else
I18n.t('registrar.authorization.invalid_authorization_information')
Expand Down
4 changes: 2 additions & 2 deletions app/models/api_user.rb
Original file line number Diff line number Diff line change
Expand Up @@ -39,15 +39,15 @@ def self.min_password_length # Must precede .validates
after_commit :notify_registrar_subject_changed, on: :update

scope :eligible_for_sign_in, lambda {
where(active: true).where.not(verified_at: nil)
where(active: true).where('subject IS NULL OR subject = ? OR verified_at IS NOT NULL', '')
}

def identity_verified?
verified_at.present?
end

def eligible_for_sign_in?
active? && identity_verified?
active? && (subject.blank? || identity_verified?)
end

def verification_pending?
Expand Down
14 changes: 12 additions & 2 deletions test/integration/repp/v1/registrar/auth/check_info_test.rb
Original file line number Diff line number Diff line change
Expand Up @@ -39,8 +39,8 @@ def test_invalid_user_login
assert_equal json[:message], 'Invalid authorization information'
end

def test_rejects_unverified_user_login_with_valid_password
@user.update_columns(verified_at: nil)
def test_rejects_unverified_user_login_with_valid_password_when_subject_present
@user.update_columns(subject: 'EE1234', verified_at: nil)

get '/repp/v1/registrar/auth', headers: @auth_headers
json = JSON.parse(response.body, symbolize_names: true)
Expand All @@ -50,6 +50,16 @@ def test_rejects_unverified_user_login_with_valid_password
assert_equal false, json[:data][:eligible_for_sign_in]
end

def test_allows_unverified_user_login_without_subject
@user.update_columns(subject: nil, verified_at: nil)

get '/repp/v1/registrar/auth', headers: @auth_headers
json = JSON.parse(response.body, symbolize_names: true)

assert_response :ok
assert_equal json[:data][:username], @user.username
end

def test_returns_error_response_if_throttled
ENV['shunter_default_threshold'] = '1'
ENV['shunter_enabled'] = 'true'
Expand Down
7 changes: 6 additions & 1 deletion test/models/api_user_test.rb
Original file line number Diff line number Diff line change
Expand Up @@ -159,7 +159,7 @@ def test_linked_with_by_subject_only
assert_not @user.linked_with?(nil)
end

def test_eligible_for_sign_in_requires_active_and_verified
def test_eligible_for_sign_in_requires_active_and_verified_when_subject_present
@user.update_columns(active: true, verified_at: Time.zone.now)
assert @user.eligible_for_sign_in?

Expand All @@ -170,6 +170,11 @@ def test_eligible_for_sign_in_requires_active_and_verified
assert_not @user.eligible_for_sign_in?
end

def test_eligible_for_sign_in_allows_unverified_user_without_subject
@user.update_columns(active: true, subject: nil, verified_at: nil)
assert @user.eligible_for_sign_in?
end

def test_subject_change_clears_verification_status_when_subject_previously_present
@user.update_columns(
subject: 'EE1234',
Expand Down