From be2e492aa4de9f86eaebccae69084fe45f384fdf Mon Sep 17 00:00:00 2001
From: AntonyAntonio <guillermo@opensupports.com>
Date: Fri, 23 Dec 2016 01:27:21 -0300
Subject: [PATCH] Guillermo -    add path /user/verify [skip ci]

---
 server/controllers/user/login.php | 10 +++++++++-
 server/data/ERRORS.php            |  1 +
 tests/scripts.rb                  |  5 +++++
 tests/system/edit-settings.rb     |  3 +--
 tests/user/get-users-test.rb      |  3 ++-
 tests/user/get.rb                 |  3 ++-
 tests/user/signup.rb              |  5 +++++
 7 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/server/controllers/user/login.php b/server/controllers/user/login.php
index 6a693558..7eada075 100644
--- a/server/controllers/user/login.php
+++ b/server/controllers/user/login.php
@@ -26,7 +26,15 @@ class LoginController extends Controller {
                 $this->userInstance->lastLogin = Date::getCurrentDate();
                 $this->userInstance->store();
             }
-            
+
+            $email =  Controller::request('email');
+            $userRow = User::getDataStore($email, 'email');
+
+            if($userRow->verificationToken !== null) {
+                Response::respondError(ERRORS::UNVERIFIED_USER);
+                return;
+            }
+
             Response::respondSuccess($this->getUserData());
         } else {
             Response::respondError(ERRORS::INVALID_CREDENTIALS);
diff --git a/server/data/ERRORS.php b/server/data/ERRORS.php
index b353240b..2dbe9857 100644
--- a/server/data/ERRORS.php
+++ b/server/data/ERRORS.php
@@ -31,4 +31,5 @@ class ERRORS {
     const INVALID_STAFF = 'INVALID_STAFF';
     const SAME_DEPARTMENT = 'SAME_DEPARTMENT';
     const INVALID_TOKEN = 'INVALID_TOKEN';
+    const UNVERIFIED_USER = 'UNVERIFIED_USER';
 }
diff --git a/tests/scripts.rb b/tests/scripts.rb
index 6b91569e..7e6a5506 100644
--- a/tests/scripts.rb
+++ b/tests/scripts.rb
@@ -9,6 +9,11 @@ class Scripts
         if response['status'] === 'fail'
             raise 'Could not create user'
         end
+        userRow = $database.getRow('user', email, 'email')
+        response = request('/user/verify', {
+                :email => email,
+                :token => userRow['verification_token']
+        })
     end
 
     def self.login(email = 'steve@jobs.com', password = 'custompassword', staff = false)
diff --git a/tests/system/edit-settings.rb b/tests/system/edit-settings.rb
index beb96aa1..0d9c1d02 100644
--- a/tests/system/edit-settings.rb
+++ b/tests/system/edit-settings.rb
@@ -18,7 +18,6 @@ describe'system/edit-settings' do
                 "smtp-user" => 'admin',
                 "smtp-pass" => 'pass1234',
             })
-            puts result['message']
 
             (result['status']).should.equal('success')
 
@@ -54,4 +53,4 @@ describe'system/edit-settings' do
 
             request('/user/logout')
         end
-end
\ No newline at end of file
+end
diff --git a/tests/user/get-users-test.rb b/tests/user/get-users-test.rb
index 8ccec70e..522f18c5 100644
--- a/tests/user/get-users-test.rb
+++ b/tests/user/get-users-test.rb
@@ -4,6 +4,7 @@ describe '/user/get-users' do
     Scripts.createUser('tests@hotmail.com','passdasdasdas','laasdasd')
     Scripts.createUser('tests2@hotmail.com','passfasfasfsa','laeaefae')
     Scripts.createUser('tests3@hotmail.com','passfasfasfws','laeczvwaf')
+
     result = request('/user/login', {
         email: 'staff@opensupports.com',
         password: 'staff',
@@ -86,4 +87,4 @@ describe '/user/get-users' do
         (result['data']['users'][3]['name']).should.equal('Cersei Lannister')
         (result['data']['users'][4]['name']).should.equal('Tyrion Lannister')
     end
-end
\ No newline at end of file
+end
diff --git a/tests/user/get.rb b/tests/user/get.rb
index ef89384e..c2e27109 100644
--- a/tests/user/get.rb
+++ b/tests/user/get.rb
@@ -10,6 +10,7 @@ describe '/user/get' do
         csrf_userid: $csrf_userid,
         csrf_token: $csrf_token
     })
+
     @ticketNumber = result['data']['ticketNumber']
 
     it 'should fail if not logged' do
@@ -52,4 +53,4 @@ describe '/user/get' do
         (ticketFromUser['owner']).should.equal(nil)
         (ticketFromUser['events']).should.equal([])
     end
-end
\ No newline at end of file
+end
diff --git a/tests/user/signup.rb b/tests/user/signup.rb
index b3e0978b..0e21b020 100644
--- a/tests/user/signup.rb
+++ b/tests/user/signup.rb
@@ -8,6 +8,11 @@ describe '/user/signup' do
 
         userRow = $database.getRow('user', response['data']['userId'])
 
+        request('/user/verify', {
+          :email => 'steve@jobs.com',
+          :token => userRow['verification_token']
+        })
+
         (userRow['email']).should.equal('steve@jobs.com')
         (userRow['name']).should.equal('Steve Jobs')
     end