Create account returns colliding users if ignoreNameCollision flag is not set.

Author: krulis-martin

app/V1Module/presenters/RegistrationPresenter.php

@@ -3,6 +3,7 @@
 namespace App\V1Module\Presenters;
 
 use App\Helpers\MetaFormats\Attributes\Post;
+use App\Helpers\MetaFormats\Validators\VBool;
 use App\Helpers\MetaFormats\Validators\VEmail;
 use App\Helpers\MetaFormats\Validators\VMixed;
 use App\Helpers\MetaFormats\Validators\VString;
@@ -162,6 +163,12 @@ public function checkCreateAccount()
     #[Post("instanceId", new VString(1), "Identifier of the instance to register in")]
     #[Post("titlesBeforeName", new VString(1), "Titles which is placed before user name", required: false)]
     #[Post("titlesAfterName", new VString(1), "Titles which is placed after user name", required: false)]
+    #[Post(
+        "ignoreNameCollision",
+        new VBool(),
+        "If a use with the same name exists, this needs to be set to true.",
+        required: false
+    )]
     public function actionCreateAccount()
     {
         $req = $this->getRequest();
@@ -179,8 +186,13 @@ public function actionCreateAccount()
         $instanceId = $req->getPost("instanceId");
         $instance = $this->getInstance($instanceId);
 
-        $titlesBeforeName = $req->getPost("titlesBeforeName") === null ? "" : $req->getPost("titlesBeforeName");
-        $titlesAfterName = $req->getPost("titlesAfterName") === null ? "" : $req->getPost("titlesAfterName");
+        $titlesBeforeName = trim($req->getPost("titlesBeforeName") ?? "");
+        $titlesAfterName = trim($req->getPost("titlesAfterName") ?? "");
+        $firstName = trim($req->getPost("firstName") ?? "");
+        $lastName = trim($req->getPost("lastName") ?? "");
+        if (!$firstName || !$lastName) {
+            throw new BadRequestException("The user's full name must be filled in.");
+        }
 
         // check given passwords
         $password = $req->getPost("password");
@@ -192,10 +204,23 @@ public function actionCreateAccount()
             );
         }
 
+        // Check for name collisions, unless the request explicitly says to ignore them.
+        if (!$req->getPost("ignoreNameCollision")) {
+            $sameName = $this->users->findByName($instance, $firstName, $lastName);
+            if ($sameName) {
+                // let's report the colliding users
+                $this->sendSuccessResponse([
+                    "user" => null,
+                    "usersWithSameName" => $this->userViewFactory->getUsers($sameName),
+                ]);
+                return;
+            }
+        }
+
         $user = new User(
             $email,
-            $req->getPost("firstName"),
-            $req->getPost("lastName"),
+            $firstName,
+            $lastName,
             $titlesBeforeName,
             $titlesAfterName,
             Roles::STUDENT_ROLE,

tests/Presenters/RegistrationPresenter.phpt

@@ -356,6 +356,93 @@ class TestRegistrationPresenter extends Tester\TestCase
         );
     }
 
+    public function testCreateAccountSameName()
+    {
+        $student = $this->presenter->users->getByEmail(PresenterTestHelper::STUDENT_GROUP_MEMBER_LOGIN);
+        Assert::notNull($student);
+
+        $email = "email@email.email";
+        $firstName = $student->getFirstName();
+        $lastName = $student->getLastName();
+        $password = "password";
+        $instances = $this->instances->findAll();
+        $instanceId = array_pop($instances)->getId();
+        $titlesBeforeName = "titlesBeforeName";
+        $titlesAfterName = "titlesAfterName";
+
+        $payload = PresenterTestHelper::performPresenterRequest(
+            $this->presenter,
+            $this->presenterPath,
+            'POST',
+            ['action' => 'createAccount'],
+            [
+                'email' => $email,
+                'firstName' => $firstName,
+                'lastName' => $lastName,
+                'password' => $password,
+                'passwordConfirm' => $password,
+                'instanceId' => $instanceId,
+                'titlesBeforeName' => $titlesBeforeName,
+                'titlesAfterName' => $titlesAfterName
+            ]
+        );
+
+        Assert::equal(null, $payload["user"]);
+        Assert::count(1, $payload["usersWithSameName"]);
+        $user = current($payload["usersWithSameName"]);
+        Assert::equal($student->getId(), $user["id"]);
+    }
+
+    public function testCreateAccountSameNameEnabled()
+    {
+        $student = $this->presenter->users->getByEmail(PresenterTestHelper::STUDENT_GROUP_MEMBER_LOGIN);
+        Assert::notNull($student);
+
+        $email = "email@email.email";
+        $firstName = $student->getFirstName();
+        $lastName = $student->getLastName();
+        $password = "password";
+        $instances = $this->instances->findAll();
+        $instanceId = array_pop($instances)->getId();
+        $titlesBeforeName = "titlesBeforeName";
+        $titlesAfterName = "titlesAfterName";
+
+        $request = new Nette\Application\Request(
+            $this->presenterPath,
+            'POST',
+            ['action' => 'createAccount'],
+            [
+                'email' => $email,
+                'firstName' => $firstName,
+                'lastName' => $lastName,
+                'password' => $password,
+                'passwordConfirm' => $password,
+                'instanceId' => $instanceId,
+                'titlesBeforeName' => $titlesBeforeName,
+                'titlesAfterName' => $titlesAfterName,
+                'ignoreNameCollision' => true,
+            ]
+        );
+        $response = $this->presenter->run($request);
+        Assert::type(Nette\Application\Responses\JsonResponse::class, $response);
+
+        $result = $response->getPayload();
+        Assert::equal(201, $result['code']);
+        Assert::equal(2, count($result['payload']));
+        Assert::true(array_key_exists("accessToken", $result["payload"]));
+        Assert::true(array_key_exists("user", $result["payload"]));
+
+        // check created user
+        $user = $result["payload"]["user"];
+        Assert::equal("$titlesBeforeName $firstName $lastName $titlesAfterName", $user["fullName"]);
+        Assert::equal($email, $user["privateData"]["email"]);
+
+        // check created login
+        $login = $this->logins->findByUserId($user["id"]);
+        Assert::equal($user["id"], $login->getUser()->getId());
+        Assert::true($login->passwordsMatchOrEmpty($password, $this->presenter->passwordsService));
+    }
+
     public function testValidateRegistrationData()
     {
         $request = new Nette\Application\Request(