feat: Add conditional email verification via dynamic Parse Server options verifyUserEmails, sendUserEmailVerification that now accept functions

spec/EmailVerificationToken.spec.js

@@ -288,6 +288,112 @@ describe('Email Verification Token Expiration: ', () => {
       });
   });
 
+  it('can conditionally send emails', async () => {
+    let sendEmailOptions;
+    const emailAdapter = {
+      sendVerificationEmail: options => {
+        sendEmailOptions = options;
+      },
+      sendPasswordResetEmail: () => Promise.resolve(),
+      sendMail: () => {},
+    };
+    await reconfigureServer({
+      appName: 'emailVerifyToken',
+      verifyUserEmails: true,
+      emailAdapter: emailAdapter,
+      emailVerifyTokenValidityDuration: 5, // 5 seconds
+      publicServerURL: 'http://localhost:8378/1',
+    });
+    const beforeSave = {
+      method(req) {
+        expect(req.setSendEmailVerificationEmail).toBeTrue();
+        expect(req.setEmailVerified).toBeFalse();
+        req.setSendEmailVerificationEmail = false;
+        req.setEmailVerified = true;
+      },
+    };
+    const saveSpy = spyOn(beforeSave, 'method').and.callThrough();
+    const emailSpy = spyOn(emailAdapter, 'sendVerificationEmail').and.callThrough();
+    Parse.Cloud.beforeSave(Parse.User, beforeSave.method);
+    const user = new Parse.User();
+    user.setUsername('sets_email_verify_token_expires_at');
+    user.setPassword('expiringToken');
+    user.set('email', '[email protected]');
+    await user.signUp();
+
+    const config = Config.get('test');
+    const results = await config.database.find(
+      '_User',
+      {
+        username: 'sets_email_verify_token_expires_at',
+      },
+      {},
+      Auth.maintenance(config)
+    );
+
+    expect(results.length).toBe(1);
+    const user_data = results[0];
+    expect(typeof user_data).toBe('object');
+    expect(user_data.emailVerified).toEqual(true);
+    expect(user_data._email_verify_token).toBeUndefined();
+    expect(user_data._email_verify_token_expires_at).toBeUndefined();
+    expect(emailSpy).not.toHaveBeenCalled();
+    expect(saveSpy).toHaveBeenCalled();
+    expect(sendEmailOptions).toBeUndefined();
+  });
+
+  it('beforeSave options do not change existing behaviour', async () => {
+    let sendEmailOptions;
+    const emailAdapter = {
+      sendVerificationEmail: options => {
+        sendEmailOptions = options;
+      },
+      sendPasswordResetEmail: () => Promise.resolve(),
+      sendMail: () => {},
+    };
+    await reconfigureServer({
+      appName: 'emailVerifyToken',
+      verifyUserEmails: true,
+      emailAdapter: emailAdapter,
+      emailVerifyTokenValidityDuration: 5, // 5 seconds
+      publicServerURL: 'http://localhost:8378/1',
+    });
+    const beforeSave = {
+      method(req) {
+        if (!req.original) {
+          expect(req.setSendEmailVerificationEmail).toBeTrue();
+          expect(req.setEmailVerified).toBeFalse();
+        }
+      },
+    };
+    const saveSpy = spyOn(beforeSave, 'method').and.callThrough();
+    const emailSpy = spyOn(emailAdapter, 'sendVerificationEmail').and.callThrough();
+    Parse.Cloud.beforeSave(Parse.User, beforeSave.method);
+    const newUser = new Parse.User();
+    newUser.setUsername('unsets_email_verify_token_expires_at');
+    newUser.setPassword('expiringToken');
+    newUser.set('email', '[email protected]');
+    await newUser.signUp();
+    const response = await request({
+      url: sendEmailOptions.link,
+      followRedirects: false,
+    });
+    expect(response.status).toEqual(302);
+    const config = Config.get('test');
+    const results = await config.database.find('_User', {
+      username: 'unsets_email_verify_token_expires_at',
+    });
+
+    expect(results.length).toBe(1);
+    const user = results[0];
+    expect(typeof user).toBe('object');
+    expect(user.emailVerified).toEqual(true);
+    expect(typeof user._email_verify_token).toBe('undefined');
+    expect(typeof user._email_verify_token_expires_at).toBe('undefined');
+    expect(saveSpy).toHaveBeenCalled();
+    expect(emailSpy).toHaveBeenCalled();
+  });
+
   it('unsets the _email_verify_token_expires_at and _email_verify_token fields in the User class if email verification is successful', done => {
     const user = new Parse.User();
     let sendEmailOptions;

src/RestWrite.js

@@ -240,6 +240,11 @@ RestWrite.prototype.runBeforeSaveTrigger = function () {
     identifier,
   };
 
+  const additionalData = {};
+  if (this.config.userController.shouldVerifyEmails && !originalObject) {
+    additionalData.setSendEmailVerificationEmail = true;
+    additionalData.setEmailVerified = false;
+  }
   return Promise.resolve()
     .then(() => {
       // Before calling the trigger, validate the permissions for the save operation
@@ -277,7 +282,8 @@ RestWrite.prototype.runBeforeSaveTrigger = function () {
         updatedObject,
         originalObject,
         this.config,
-        this.context
+        this.context,
+        additionalData
       );
     })
     .then(response => {
@@ -299,6 +305,13 @@ RestWrite.prototype.runBeforeSaveTrigger = function () {
         }
       }
       this.checkProhibitedKeywords(this.data);
+
+      if (!additionalData.setSendEmailVerificationEmail) {
+        this.storage.sendVerificationEmail = false;
+      }
+      if (additionalData.setEmailVerified) {
+        this.storage.emailVerified = true;
+      }
     });
 };
 
@@ -612,6 +625,10 @@ RestWrite.prototype.transformUser = function () {
     throw new Parse.Error(Parse.Error.OPERATION_FORBIDDEN, error);
   }
 
+  if (this.storage.emailVerified) {
+    this.data.emailVerified = true;
+  }
+
   // Do not cleanup session if objectId is not set
   if (this.query && this.objectId()) {
     // If we're updating a _User object, we need to clear out the cache for that user. Find all their
@@ -742,10 +759,11 @@ RestWrite.prototype._validateEmail = function () {
         );
       }
       if (
-        !this.data.authData ||
-        !Object.keys(this.data.authData).length ||
-        (Object.keys(this.data.authData).length === 1 &&
-          Object.keys(this.data.authData)[0] === 'anonymous')
+        (!this.data.authData ||
+          !Object.keys(this.data.authData).length ||
+          (Object.keys(this.data.authData).length === 1 &&
+            Object.keys(this.data.authData)[0] === 'anonymous')) &&
+        this.storage.sendVerificationEmail !== false
       ) {
         // We updated the email, send a new validation
         this.storage['sendVerificationEmail'] = true;

src/triggers.js

@@ -831,7 +831,8 @@ export function maybeRunTrigger(
   parseObject,
   originalParseObject,
   config,
-  context
+  context,
+  additionalData
 ) {
   if (!parseObject) {
     return Promise.resolve({});
@@ -847,6 +848,9 @@ export function maybeRunTrigger(
       config,
       context
     );
+    if (additionalData) {
+      Object.assign(request, additionalData);
+    }
     var { success, error } = getResponseObject(
       request,
       object => {
@@ -868,6 +872,9 @@ export function maybeRunTrigger(
         ) {
           Object.assign(context, request.context);
         }
+        for (const key in additionalData || {}) {
+          additionalData[key] = request[key];
+        }
         resolve(object);
       },
       error => {