diff --git a/api/chalicelib/core/users.py b/api/chalicelib/core/users.py index 252d94bfc..d1b2abef6 100644 --- a/api/chalicelib/core/users.py +++ b/api/chalicelib/core/users.py @@ -1,6 +1,6 @@ import json -from chalicelib.core import authorizers +from chalicelib.core import authorizers, metadata, projects from chalicelib.utils import helper from chalicelib.utils import pg_client @@ -408,6 +408,11 @@ def delete_member(user_id, tenant_id, id_to_delete): SET deleted_at = timezone('utc'::text, now()) WHERE user_id=%(user_id)s;""", {"user_id": id_to_delete})) + cur.execute( + cur.mogrify(f"""UPDATE public.basic_authentication + SET password= NULL + WHERE user_id=%(user_id)s;""", + {"user_id": id_to_delete})) return {"data": get_members(tenant_id=tenant_id)} @@ -430,8 +435,26 @@ def set_password_invitation(user_id, new_password): "invitationToken": None, "invitedAt": None, "changePwdExpireAt": None, "changePwdToken": None} user = update(tenant_id=-1, user_id=user_id, changes=changes) - return {"data": user, - "jwt": authenticate(user["email"], new_password)["jwt"]} + r = authenticate(user['email'], user['password']) + tenant_id = r.pop("tenantId") + + r["limits"] = { + "teamMember": -1, + "projects": -1, + "metadata": metadata.get_remaining_metadata_with_count(tenant_id)} + + c = tenants.get_by_tenant_id(tenant_id) + c.pop("createdAt") + c["projects"] = projects.get_projects(tenant_id=tenant_id, recording_state=True, recorded=True, + stack_integrations=True) + c["smtp"] = helper.has_smtp() + return { + 'jwt': r.pop('jwt'), + 'data': { + "user": r, + "client": c + } + } def count_members(): diff --git a/ee/api/chalicelib/blueprints/bp_core_dynamic.py b/ee/api/chalicelib/blueprints/bp_core_dynamic.py index 46c663bc1..3eeff250e 100644 --- a/ee/api/chalicelib/blueprints/bp_core_dynamic.py +++ b/ee/api/chalicelib/blueprints/bp_core_dynamic.py @@ -380,7 +380,7 @@ def process_invitation_link(): 'Content-Type': 'text/plain'}) -@app.route('/users/invitation/password', methods=['POST', 'PUT'], authorizer=None) +@app.route('/password/reset', methods=['POST', 'PUT'], authorizer=None) def change_password_by_invitation(): data = app.current_request.json_body if data is None or len(data.get("invitation", "")) < 64 or len(data.get("pass", "")) < 8: diff --git a/ee/api/chalicelib/core/users.py b/ee/api/chalicelib/core/users.py index 8bb64e26b..3d8b1750c 100644 --- a/ee/api/chalicelib/core/users.py +++ b/ee/api/chalicelib/core/users.py @@ -1,6 +1,6 @@ import json -from chalicelib.core import authorizers +from chalicelib.core import authorizers, metadata, projects from chalicelib.core import tenants from chalicelib.utils import helper from chalicelib.utils import pg_client @@ -416,6 +416,11 @@ def delete_member(user_id, tenant_id, id_to_delete): SET deleted_at = timezone('utc'::text, now()) WHERE user_id=%(user_id)s AND tenant_id=%(tenant_id)s;""", {"user_id": id_to_delete, "tenant_id": tenant_id})) + cur.execute( + cur.mogrify(f"""UPDATE public.basic_authentication + SET password=NULL + WHERE user_id=%(user_id)s;""", + {"user_id": id_to_delete, "tenant_id": tenant_id})) return {"data": get_members(tenant_id=tenant_id)} @@ -440,8 +445,25 @@ def set_password_invitation(user_id, new_password): "invitationToken": None, "invitedAt": None, "changePwdExpireAt": None, "changePwdToken": None} user = update(tenant_id=-1, user_id=user_id, changes=changes) - return {"data": user, - "jwt": authenticate(user["email"], new_password)["jwt"]} + r = authenticate(user['email'], user['password']) + + tenant_id = r.pop("tenantId") + r["limits"] = { + "teamMember": -1, + "projects": -1, + "metadata": metadata.get_remaining_metadata_with_count(tenant_id)} + + c = tenants.get_by_tenant_id(tenant_id) + c.pop("createdAt") + c["projects"] = projects.get_projects(tenant_id=tenant_id, recording_state=True, recorded=True, + stack_integrations=True) + return { + 'jwt': r.pop('jwt'), + 'data': { + "user": r, + "client": c, + } + } def count_members(tenant_id):