From ed3a2103b34922f9f4bc3aac8bf66ae5a9fcc8cb Mon Sep 17 00:00:00 2001
From: Anand Chowdhary <mail@anandchowdhary.com>
Date: Mon, 16 Nov 2020 17:01:13 +0530
Subject: [PATCH] :bug: Combine specific keys of users, fix response

---
 src/modules/auth/auth.controller.ts   |  2 +-
 src/modules/auth/auth.service.ts      | 34 +++++++++++++++++++++++----
 src/modules/users/users.controller.ts |  2 +-
 src/modules/users/users.service.ts    |  5 ++--
 4 files changed, 34 insertions(+), 9 deletions(-)

diff --git a/src/modules/auth/auth.controller.ts b/src/modules/auth/auth.controller.ts
index 692f94382..d5a8e7b14 100644
--- a/src/modules/auth/auth.controller.ts
+++ b/src/modules/auth/auth.controller.ts
@@ -174,7 +174,7 @@ export class AuthController {
     duration: 60,
     errorMessage: 'Wait for 60 seconds before trying to merge accounts again',
   })
-  async merge(@Body('token') token: string): Promise<void> {
+  async merge(@Body('token') token: string): Promise<{ success: true }> {
     return this.authService.mergeUsers(token);
   }
 }
diff --git a/src/modules/auth/auth.service.ts b/src/modules/auth/auth.service.ts
index c1c038855..dd75db4e2 100644
--- a/src/modules/auth/auth.service.ts
+++ b/src/modules/auth/auth.service.ts
@@ -702,7 +702,7 @@ export class AuthService {
     return ids;
   }
 
-  async mergeUsers(token: string): Promise<void> {
+  async mergeUsers(token: string): Promise<{ success: true }> {
     let baseUserId: number | undefined = undefined;
     let mergeUserId: number | undefined = undefined;
     try {
@@ -718,7 +718,10 @@ export class AuthService {
     return this.merge(baseUserId, mergeUserId);
   }
 
-  private async merge(baseUserId: number, mergeUserId: number): Promise<void> {
+  private async merge(
+    baseUserId: number,
+    mergeUserId: number,
+  ): Promise<{ success: true }> {
     const baseUser = await this.prisma.users.findOne({
       where: { id: baseUserId },
     });
@@ -727,9 +730,26 @@ export class AuthService {
     });
     if (!baseUser || !mergeUser) throw new NotFoundException(USER_NOT_FOUND);
 
-    const combinedUser = { ...baseUser };
-    Object.keys(mergeUser).forEach((key) => {
-      if (mergeUser[key]) combinedUser[key] = mergeUser[key];
+    const combinedUser: Record<string, any> = {};
+    [
+      'checkLocationOnLogin',
+      'countryCode',
+      'gender',
+      'name',
+      'notificationEmails',
+      'active',
+      'prefersLanguage',
+      'prefersColorScheme',
+      'prefersReducedMotion',
+      'profilePictureUrl',
+      'role',
+      'timezone',
+      'twoFactorMethod',
+      'twoFactorPhone',
+      'twoFactorSecret',
+      'attributes',
+    ].forEach((key) => {
+      if (mergeUser[key] != null) combinedUser[key] = mergeUser[key];
     });
     await this.prisma.users.update({
       where: { id: baseUserId },
@@ -744,6 +764,7 @@ export class AuthService {
       this.prisma.backupCodes,
       this.prisma.identities,
       this.prisma.auditLogs,
+      this.prisma.apiKeys,
     ]) {
       for await (const item of await (dataType as emailsDelegate).findMany({
         where: { user: { id: mergeUserId } },
@@ -754,5 +775,8 @@ export class AuthService {
           data: { user: { connect: { id: baseUserId } } },
         });
     }
+
+    await this.prisma.users.delete({ where: { id: mergeUser.id } });
+    return { success: true };
   }
 }
diff --git a/src/modules/users/users.controller.ts b/src/modules/users/users.controller.ts
index a938ae767..f3fd9e6c8 100644
--- a/src/modules/users/users.controller.ts
+++ b/src/modules/users/users.controller.ts
@@ -69,7 +69,7 @@ export class UserController {
   async mergeRequest(
     @Param('userId', ParseIntPipe) id: number,
     @Body('email') email: string,
-  ): Promise<void> {
+  ): Promise<{ queued: true }> {
     return this.usersService.requestMerge(Number(id), email);
   }
 }
diff --git a/src/modules/users/users.service.ts b/src/modules/users/users.service.ts
index a2ac7d86d..b8bf1e6ef 100644
--- a/src/modules/users/users.service.ts
+++ b/src/modules/users/users.service.ts
@@ -111,7 +111,7 @@ export class UsersService {
     return this.prisma.expose<users>(user);
   }
 
-  async requestMerge(userId: number, email: string): Promise<void> {
+  async requestMerge(userId: number, email: string): Promise<{ queued: true }> {
     const emailSafe = safeEmail(email);
     const user = await this.prisma.users.findFirst({
       where: { emails: { some: { emailSafe } } },
@@ -122,7 +122,7 @@ export class UsersService {
     const minutes = parseInt(
       this.configService.get<string>('security.mergeUsersTokenExpiry') ?? '',
     );
-    return this.email.send({
+    this.email.send({
       to: `"${user.name}" <${user.prefersEmail.email}>`,
       template: 'auth/mfa-code',
       data: {
@@ -137,5 +137,6 @@ export class UsersService {
         )}`,
       },
     });
+    return { queued: true };
   }
 }