From 6883fddb19b1319a378aa5dc2034670c3b27ce39 Mon Sep 17 00:00:00 2001 From: Claire Date: Tue, 24 Jan 2023 19:40:21 +0100 Subject: Fix account activation being triggered before email confirmation (#23245) * Add tests * Fix account activation being triggered before email confirmation Fixes #23098 --- app/models/user.rb | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) (limited to 'app/models') diff --git a/app/models/user.rb b/app/models/user.rb index 2a42ffaa1..d40044da3 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -195,10 +195,16 @@ class User < ApplicationRecord super - if new_user && approved? - prepare_new_user! - elsif new_user - notify_staff_about_pending_account! + if new_user + # Avoid extremely unlikely race condition when approving and confirming + # the user at the same time + reload unless approved? + + if approved? + prepare_new_user! + else + notify_staff_about_pending_account! + end end end @@ -209,7 +215,13 @@ class User < ApplicationRecord skip_confirmation! save! - prepare_new_user! if new_user && approved? + if new_user + # Avoid extremely unlikely race condition when approving and confirming + # the user at the same time + reload unless approved? + + prepare_new_user! if approved? + end end def update_sign_in!(new_sign_in: false) @@ -260,7 +272,11 @@ class User < ApplicationRecord return if approved? update!(approved: true) - prepare_new_user! + + # Avoid extremely unlikely race condition when approving and confirming + # the user at the same time + reload unless confirmed? + prepare_new_user! if confirmed? end def otp_enabled? -- cgit