CV2-6599: remove registration and restrict user to invitation only

app/controllers/api/v1/omniauth_callbacks_controller.rb

@@ -1,7 +1,6 @@
 module Api
   module V1
     class OmniauthCallbacksController < Devise::OmniauthCallbacksController
-      include TwitterAuthentication
       include FacebookAuthentication
       include SlackAuthentication
       include GoogleAuthentication
@@ -21,7 +20,6 @@ def failure
       end
 
       def setup
-        setup_twitter if request.env['omniauth.strategy'].is_a?(OmniAuth::Strategies::Twitter)
         setup_facebook if request.env['omniauth.strategy'].is_a?(OmniAuth::Strategies::Facebook)
         render plain: 'Setup complete.', status: 404
       end

app/models/concerns/user_invitation.rb

@@ -21,7 +21,7 @@ def self.send_user_invitation(members, text=nil)
               user = User.invite!({:email => email, :name => email.split("@").first, :invitation_role => role, :invitation_text => text}, User.current) do |iu|
                 iu.skip_invitation = true
               end
-              user.update_column(:raw_invitation_token, user.raw_invitation_token)
+              user.update_columns(raw_invitation_token: user.raw_invitation_token, encrypted_password: nil)
             else
               u.invitation_role = role
               u.invitation_text = text
@@ -110,17 +110,20 @@ def is_invited?(team = nil)
     private
 
     def create_team_user_invitation(options = {})
-      tu = TeamUser.new
-      tu.user_id = self.id
-      tu.team_id = Team.current.id
-      tu.role = self.invitation_role
-      tu.status = 'invited'
-      tu.invited_by_id = self.invited_by_id
-      tu.invited_by_id ||= User.current.id unless User.current.nil?
-      tu.invitation_token = self.invitation_token || options[:enc]
-      tu.raw_invitation_token = self.read_attribute(:raw_invitation_token) || self.raw_invitation_token || options[:raw]
-      tu.invitation_email = options[:email] || self.email
-      self.send_invitation_mail(tu) if tu.save!
+      team_id = Team.current&.id
+      unless team_id.nil?
+        tu = TeamUser.new
+        tu.user_id = self.id
+        tu.team_id = team_id
+        tu.role = self.invitation_role
+        tu.status = 'invited'
+        tu.invited_by_id = self.invited_by_id
+        tu.invited_by_id ||= User.current.id unless User.current.nil?
+        tu.invitation_token = self.invitation_token || options[:enc]
+        tu.raw_invitation_token = self.read_attribute(:raw_invitation_token) || self.raw_invitation_token || options[:raw]
+        tu.invitation_email = options[:email] || self.email
+        self.send_invitation_mail(tu) if tu.save!
+      end
     end
 
     def self.accept_team_user_invitation(tu, token, options)

app/models/concerns/user_multi_auth_login.rb

@@ -15,7 +15,8 @@ def self.from_omniauth(auth, current_user=nil)
       duplicate_user.accept_invitation_or_confirm unless duplicate_user.nil?
       u = self.check_merge_users(u, current_user, duplicate_user)
       u ||= current_user
-      user = self.create_omniauth_user(u, auth)
+      raise I18n.t('errors.messages.restrict_registration_to_invited_users_only') if u.nil?
+      user = self.update_omniauth_user(u, auth)
       User.create_omniauth_account(auth, user) unless auth.url.blank? || auth.provider.blank?
       user.reload
     end
@@ -39,11 +40,11 @@ def self.check_merge_users(u, current_user, duplicate_user)
       u
     end
 
-    def self.create_omniauth_user(u, auth)
-      user = u.nil? ? User.new : u
+    def self.update_omniauth_user(u, auth)
+      user = u
       user.email = user.email.presence || auth.info.email
       user.name = user.name.presence || auth.info.name
-      user.login = auth.info.nickname || auth.info.name.tr(' ', '-').downcase
+      user.login = auth.info.nickname.blank? ? auth.info.name.tr(' ', '-').downcase : auth.info.nickname
       user.from_omniauth_login = true
       user.skip_confirmation!
       user.last_accepted_terms_at = Time.now if user.last_accepted_terms_at.nil?

app/models/concerns/user_private.rb

@@ -25,18 +25,7 @@ def set_token
   end
 
   def set_login
-    if self.login.blank?
-      if self.email.blank?
-        self.login = self.name.tr(' ', '-').downcase
-      else
-        self.login = self.email.split('@')[0]
-      end
-    end
-  end
-
-  def send_welcome_email
-    config_value = JSON.parse(CheckConfig.get('send_welcome_email_on_registration').to_s)
-    RegistrationMailer.delay.welcome_email(self) if self.encrypted_password? && config_value && !self.is_invited?
+    self.login = self.email.split('@')[0] if self.login.blank?
   end
 
   def user_is_member_in_current_team
@@ -53,7 +42,10 @@ def validate_duplicate_email
     duplicate = User.get_duplicate_user(self.email, self.id)
     unless duplicate[:user].nil?
       errors.add(:email, I18n.t(:email_exists)) if duplicate[:type] == 'Account'
-      handle_duplicate_email(duplicate[:user])
+      unless duplicate[:user].is_active?
+        self.errors.clear
+        errors.add(:base, I18n.t(:banned_user, app_name: CheckConfig.get('app_name'), support_email: CheckConfig.get('support_email')))
+      end
       return false
     end
   end
@@ -63,16 +55,6 @@ def password_complexity
     errors.add :password, I18n.t(:error_password_not_strong)
   end
 
-  def handle_duplicate_email(u)
-    if u.is_active?
-      provider = u.get_user_provider(self.email)
-      RegistrationMailer.delay.duplicate_email_detection(self, provider) if self.new_record?
-    else
-      self.errors.clear
-      errors.add(:base, I18n.t(:banned_user, app_name: CheckConfig.get('app_name'), support_email: CheckConfig.get('support_email')))
-    end
-  end
-
   def skip_confirmation_for_non_email_provider
     self.skip_confirmation! if self.from_omniauth_login && self.skip_confirmation_mail.nil?
   end

app/models/user.rb

@@ -30,12 +30,11 @@ class ToSOrPrivacyPolicyReadError < StandardError; end
   has_many :api_keys
   has_many :explainers
 
-  devise :registerable,
-         :recoverable, :rememberable, :trackable, :validatable, :confirmable,
+  devise :recoverable, :rememberable, :trackable, :validatable, :confirmable,
          :omniauthable, omniauth_providers: [:twitter, :facebook, :slack, :google_oauth2]
 
   before_create :skip_confirmation_for_non_email_provider, :set_last_received_terms_email_at
-  after_create :create_source_and_account, :set_source_image, :send_welcome_email
+  after_create :create_source_and_account, :set_source_image
   before_save :set_token, :set_login
   after_update :set_blank_email_for_unconfirmed_user
   before_destroy :freeze_account_ids_and_source_id
@@ -174,23 +173,9 @@ def is_member_of?(team)
   end
 
   def handle
-    self.email.blank? ? get_provider_from_user_account : self.email
-  end
-
-  def get_provider_from_user_account
-    account = self.get_social_accounts_for_login
-    account = account.first unless account.nil?
-    return nil if account.nil?
-    provider = account.provider.capitalize
-    if !account.omniauth_info.nil?
-      if account.provider == 'slack'
-        provider = account.omniauth_info.dig('extra', 'raw_info', 'url')
-      else
-        provider = account.omniauth_info.dig('url')
-        return provider if !provider.nil?
-      end
-    end
-    "#{self.login} at #{provider}"
+    # As we must invite users first then the email must exists
+    # which means the handle is email address
+    self.email
   end
 
   # Whether two users are members of any same team