Merge branch 'master' into bug/ch176500/default-api-key-does-not-exist

3 years ago · 30816688eb
parent e2a2102ccb ec63a5e12c
commit 30816688eb
8 changed files with 1051 additions and 1594 deletions
--- a/NEWS.md
+++ b/NEWS.md
@ -5,6 +5,7 @@ Development
 - None yet

 ### Features
+* Upgrade to deck.gl 8.5.6 [16338](https://github.com/CartoDB/cartodb/pull/16338)
 * Update DO Catalog dependencies and some changes to use bundle on CARTO Workspace [#16325](https://github.com/CartoDB/cartodb/pull/16325)
 * Send data to Hubspot when accessing datasets [#16313](https://github.com/CartoDB/cartodb/pull/16313)
 * Request access to datasets directly from DO Catalog [#16291](https://github.com/CartoDB/cartodb/pull/16291)
@ -22,6 +23,7 @@ Development
 - Use the organization user's data while editing a user from organization settings [#16280](https://github.com/CartoDB/cartodb/pull/16280)
 - Fix schema name in layers created by free users [#16307](https://github.com/CartoDB/cartodb/pull/16307)
 - Limit start parameter of Dropbox connector [#16264](https://github.com/CartoDB/cartodb/pull/16264)
+- Fix deck.gl dependency conflicts [#16339](https://github.com/CartoDB/cartodb/pull/16339)
 - Migrate Redis DO subscription information in inter-cloud migrations [#16315](https://github.com/CartoDB/cartodb/pull/16315)
 - OauthApps restricted by default [#16304](https://github.com/CartoDB/cartodb/pull/16304)
 - Support staging hostname in the catalog [#16258](https://github.com/CartoDB/cartodb/pull/16258)
@ -33,11 +35,13 @@ Development
 - Avoid updating the same layer more than once when reordering widgets in Builder [#16303](https://github.com/CartoDB/cartodb/pull/16303)
 - Add endpoint to update DO subscriptions and manage status of full access requests [#16277](https://github.com/CartoDB/cartodb/pull/16277)
 - Add new fields `full_access_[aws|azure]_info` to DO subscriptions [#16278](https://github.com/CartoDB/cartodb/pull/16278)
+- Fix verification process for active users [#16337](https://github.com/CartoDB/cartodb/pull/16337)
 - Avoid updating analysis nodes more than once when moving layers in Builder [#16279](https://github.com/CartoDB/cartodb/pull/16279)
 - Fix subscription/sample filter for datasets [#16254](https://github.com/CartoDB/cartodb/pull/16254)
 - Use fully qualified table name while creating a new map from a shared dataset [#16241](https://github.com/CartoDB/cartodb/pull/16241)
 - Render tileset viewer features in front of basemap [#16333](https://github.com/CartoDB/cartodb/pull/16333)
 - Add new events for DO full access [#16290](https://github.com/CartoDB/cartodb/pull/16290)
+- Add username/email validation when a organization user is created [#16341](https://github.com/CartoDB/cartodb/pull/16341)
 - Bump Rubocop to v1.12.1 to fix the CI hook [#16305](https://github.com/CartoDB/cartodb/pull/16305)
 - Fix an issue that prevents API OPTIONS from succeeding because of undue CSRF check [#16292](https://github.com/CartoDB/cartodb/pull/16292)
 - Fix a regression test and add some warnings to source code [#16297](https://github.com/CartoDB/cartodb/pull/16297)
--- a/app/controllers/admin/organization_users_controller.rb
+++ b/app/controllers/admin/organization_users_controller.rb
@ -82,6 +82,11 @@ class Admin::OrganizationUsersController < Admin::AdminController
    end
    raise Carto::UnprocesableEntityError.new("Soft limits validation error") if validation_failure

+    if Cartodb::Central.api_sync_enabled?
+      response = central_new_organization_user_validation(@user)
+      raise Sequel::ValidationFailed, "Validation failed: #{response['error']}" unless response['valid']
+    end
+
    @user.save(raise_on_failure: true)
    @user.create_in_central
    common_data_url = CartoDB::Visualization::CommonDataService.build_url(self)
--- a/app/helpers/organization_users_helper.rb
+++ b/app/helpers/organization_users_helper.rb
@ -50,6 +50,10 @@ module OrganizationUsersHelper
    hardened_params.symbolize_keys
  end

+  def central_new_organization_user_validation(user)
+    Cartodb::Central.new.validate_new_organization_user(username: user.username, email: user.email)
+  end
+
  # This is not run at model validation flow because we might want to override this rules.
  # owner parameter allows validation before actual value setting
  def soft_limits_validation(user, params_to_update, owner = user.organization.owner)
--- a/app/models/carto/helpers/user_commons.rb
+++ b/app/models/carto/helpers/user_commons.rb
@ -86,11 +86,13 @@ module Carto::UserCommons
    @oauths ||= CartoDB::OAuths.new(self)
  end

+  # NOTE: This criterion should be equivalent to the one used in Central for 'active' and 'locked'
+  #       https://github.com/CartoDB/cartodb-central/blob/48cea80941bb481659aeab5ee26beba970576756/app/models/user.rb#L348-L350
  def unverified?
    (active? || locked?) &&
-    email_verification_token.present? &&
-    email_verification_sent_at.present? &&
-    email_verification_sent_at < 1.hour.ago && !oauth_signin?
+      email_verification_token.present? &&
+      email_verification_sent_at.present? &&
+      email_verification_sent_at < 7.days.ago && !oauth_signin?
  end

  def remove_logo?
--- a/lib/cartodb/central.rb
+++ b/lib/cartodb/central.rb
@ -24,10 +24,8 @@ module Cartodb
      !api_sync_enabled?
    end

-    class <<self
-
+    class << self
      alias login_redirection_enabled? api_sync_enabled?
-
    end

    def initialize
@ -93,6 +91,15 @@ module Cartodb
      send_request("api/organizations/#{ organization_name }/users/#{ username }", nil, :get, [200])
    end

+    def validate_new_organization_user(username:, email:)
+      send_request(
+        'api/organizations/users/validate_new',
+        { user: { username: username, email: email } },
+        :post,
+        [200, 400]
+      )
+    end
+
    def create_organization_user(organization_name, user_attributes)
      payload = {
        organization_name: organization_name
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "cartodb-ui",
-  "version": "1.0.0-assets.259",
+  "version": "1.0.0-assets.261",
  "description": "CARTO UI frontend",
  "repository": {
    "type": "git",
@ -23,15 +23,15 @@
    "@carto/carto.js": "^4.2.1",
    "@carto/toolkit-core": "0.0.1-rc.18",
    "@carto/toolkit-custom-storage": "0.0.1-rc.18",
-    "@carto/viewer": "CartoDB/viewer#v1.0.6",
+    "@carto/viewer": "github:CartoDB/viewer#v1.0.7",
    "@carto/zera": "1.0.7",
-    "@deck.gl/carto": "8.5.2",
-    "@deck.gl/core": "8.5.2",
-    "@deck.gl/extensions": "8.5.2",
-    "@deck.gl/geo-layers": "8.5.2",
-    "@deck.gl/google-maps": "8.5.2",
-    "@deck.gl/layers": "8.5.2",
-    "@deck.gl/mesh-layers": "8.5.2",
+    "@deck.gl/carto": "8.5.6",
+    "@deck.gl/core": "8.5.6",
+    "@deck.gl/extensions": "8.5.6",
+    "@deck.gl/geo-layers": "8.5.6",
+    "@deck.gl/google-maps": "8.5.6",
+    "@deck.gl/layers": "8.5.6",
+    "@deck.gl/mesh-layers": "8.5.6",
    "babel-polyfill": "^6.26.0",
    "backbone": "1.2.3",
    "backbone-forms": "0.14.0",
--- a/spec/factories/users.rb
+++ b/spec/factories/users.rb
@ -48,7 +48,7 @@ FactoryBot.define do

    trait :unverified do
      email_verification_token   { 'aaa' }
-      email_verification_sent_at { Time.current - 2.hours }
+      email_verification_sent_at { Time.current - 8.days }
    end

    trait :valid do