diff --git a/app/controllers/users/invitations_controller.rb b/app/controllers/users/invitations_controller.rb index e320a141e..4159df7d6 100644 --- a/app/controllers/users/invitations_controller.rb +++ b/app/controllers/users/invitations_controller.rb @@ -14,6 +14,15 @@ module Users before_action :update_sanitized_params, only: :update + def new + raise NotImplementedError + end + + def create + # Replaced with invite_users action + raise NotImplementedError + end + def update return super unless Rails.configuration.x.new_team_on_signup @@ -24,11 +33,15 @@ module Users super do |user| if user.errors.blank? @team.created_by = user - @team.save + @team.save! end end end + def destroy + raise NotImplementedError + end + def accept_resource return super unless Rails.configuration.x.new_team_on_signup @@ -71,7 +84,7 @@ module Users next end # Check if user already exists - user = User.find_by(email: email) + user = User.find_by(email: email.downcase) if user result[:status] = :user_exists @@ -156,6 +169,11 @@ module Users private + def invite_resource + # Replaced with invite_users action + raise NotImplementedError + end + def update_sanitized_params # Solution for Devise < 4.0.0 devise_parameter_sanitizer.permit(:accept_invitation, keys: [:full_name]) diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index b964cd464..d2c7765a9 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -107,7 +107,7 @@ Devise.setup do |config| # The period the generated invitation token is valid, after # this period, the invited resource won't be able to accept the invitation. # When invite_for is 0 (the default), the invitation won't expire. - config.invite_for = 7.days + # config.invite_for = 7.days # Number of invitations users can send. # - If invitation_limit is nil, there is no limit for invitations, users can @@ -165,7 +165,7 @@ Devise.setup do |config| # their account can't be confirmed with the token any more. # Default is nil, meaning there is no restriction on how long a user can take # before confirming their account. - config.confirm_within = 7.days + config.confirm_within = ENV['SCINOTE_USERS_CONFIRM_WITHIN']&.to_i&.days # If true, requires any email changes to be confirmed (exactly the same way as # initial account confirmation) to be applied. Requires additional unconfirmed_email diff --git a/lib/tasks/data.rake b/lib/tasks/data.rake index 8caefd19e..141d3a16c 100644 --- a/lib/tasks/data.rake +++ b/lib/tasks/data.rake @@ -50,32 +50,36 @@ namespace :data do end end - desc "Remove unconfirmed user accounts" + desc 'Remove unconfirmed user accounts' task clean_unconfirmed_users: :environment do - Rails.logger.info "Cleaning unconfirmed users" + Rails.logger.info 'Cleaning unconfirmed users' # First, remove the users who signed up by themselves - users = User - .where(confirmed_at: nil) - .where.not(confirmation_token: nil) - .where(invitation_token: nil) - .where("created_at < ?", Devise.confirm_within.ago) - destroy_users(users) + if Devise.confirm_within.present? + users = User.where(confirmed_at: nil) + .where.not(confirmation_token: nil) + .where(invitation_token: nil) + .where(created_at: ...Devise.confirm_within.ago) + destroy_users(users) + end # Now, remove users who were invited - users = User - .where(confirmed_at: nil) - .where(invitation_accepted_at: nil) - .where(confirmation_token: nil) - .where.not(invitation_token: nil) - .where("created_at < ?", Devise.invite_for.ago) - destroy_users(users) + unless Devise.invite_for.zero? + users = User.where(confirmed_at: nil) + .where(invitation_accepted_at: nil) + .where(confirmation_token: nil) + .where.not(invitation_token: nil) + .where(created_at: ...Devise.invite_for.ago) + destroy_users(users) + end # Remove users who didn't finish signup with LinkedIn - users = User.joins(:user_identities) - .where(confirmed_at: nil) - .where('users.created_at < ?', Devise.confirm_within.ago) - destroy_users(users) + if Devise.confirm_within.present? + users = User.joins(:user_identities) + .where(confirmed_at: nil) + .where(users: { created_at: ...Devise.confirm_within.ago }) + destroy_users(users) + end end desc "Remove temporary and obsolete data"