diff --git a/app/account_linking.py b/app/account_linking.py index 7262ff31..72e6fbd0 100644 --- a/app/account_linking.py +++ b/app/account_linking.py @@ -9,17 +9,16 @@ from newrelic import agent from psycopg2.errors import UniqueViolation from sqlalchemy import or_ +from app import config from app.db import Session from app.email_utils import send_welcome_email -from app.events.event_dispatcher import EventDispatcher -from app.events.generated.event_pb2 import UserPlanChanged, EventContent -from app.partner_user_utils import create_partner_user, create_partner_subscription -from app.utils import sanitize_email, canonicalize_email from app.errors import ( AccountAlreadyLinkedToAnotherPartnerException, AccountIsUsingAliasAsEmail, AccountAlreadyLinkedToAnotherUserException, ) +from app.events.event_dispatcher import EventDispatcher +from app.events.generated.event_pb2 import UserPlanChanged, EventContent from app.log import LOG from app.models import ( PartnerSubscription, @@ -28,8 +27,10 @@ from app.models import ( User, Alias, ) +from app.partner_user_utils import create_partner_user, create_partner_subscription from app.user_audit_log_utils import emit_user_audit_log, UserAuditLogAction from app.utils import random_string +from app.utils import sanitize_email, canonicalize_email class SLPlanType(Enum): @@ -337,6 +338,11 @@ def link_user( def switch_already_linked_user( link_request: PartnerLinkRequest, partner_user: PartnerUser, current_user: User ): + if config.PROTON_PREVENT_CHANGE_LINKED_ACCOUNT: + LOG.i( + f"Proton account is linked to another user partner_user:{partner_user.id} from user:{current_user.id}" + ) + raise AccountAlreadyLinkedToAnotherUserException() # Find if the user has another link and unlink it other_partner_user = PartnerUser.get_by( user_id=current_user.id, @@ -346,7 +352,6 @@ def switch_already_linked_user( LOG.i( f"Deleting previous partner_user:{other_partner_user.id} from user:{current_user.id}" ) - emit_user_audit_log( user=other_partner_user.user, action=UserAuditLogAction.UnlinkAccount, diff --git a/app/auth/views/activate.py b/app/auth/views/activate.py index 885319a2..47fc505a 100644 --- a/app/auth/views/activate.py +++ b/app/auth/views/activate.py @@ -8,7 +8,6 @@ from app.extensions import limiter from app.log import LOG from app.models import ActivationCode from app.user_audit_log_utils import emit_user_audit_log, UserAuditLogAction -from app.utils import sanitize_next_url @auth_bp.route("/activate", methods=["GET", "POST"]) @@ -64,12 +63,5 @@ def activate(): email_utils.send_welcome_email(user) # The activation link contains the original page, for ex authorize page - if "next" in request.args: - next_url = sanitize_next_url(request.args.get("next")) - LOG.d("redirect user to %s", next_url) - return redirect(next_url) - else: - LOG.d("redirect user to dashboard") - return redirect(url_for("dashboard.index")) - # todo: redirect to account_activated page when more features are added into the browser extension - # return redirect(url_for("onboarding.account_activated")) + LOG.d("redirect user to dashboard") + return redirect(url_for("dashboard.index")) diff --git a/app/config.py b/app/config.py index 0671c779..c3636593 100644 --- a/app/config.py +++ b/app/config.py @@ -303,6 +303,9 @@ PROTON_BASE_URL = os.environ.get( "PROTON_BASE_URL", "https://account.protonmail.com/api" ) PROTON_VALIDATE_CERTS = "PROTON_VALIDATE_CERTS" in os.environ +PROTON_PREVENT_CHANGE_LINKED_ACCOUNT = ( + "PROTON_PREVENT_CHANGE_LINKED_ACCOUNT" in os.environ +) CONNECT_WITH_PROTON = "CONNECT_WITH_PROTON" in os.environ PROTON_EXTRA_HEADER_NAME = os.environ.get("PROTON_EXTRA_HEADER_NAME") PROTON_EXTRA_HEADER_VALUE = os.environ.get("PROTON_EXTRA_HEADER_VALUE")