Merge pull request #9040 from paulovitin/user-roles-missing

[FIX] Error when user roles is missing or is invalid
RocketChat · Dec 19, 2017 · 9ed2653 · 9ed2653
2 parents ea99b58 + 850b8e1
commit 9ed2653
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 0 deletions.
diff --git a/packages/rocketchat-i18n/i18n/en.i18n.json b/packages/rocketchat-i18n/i18n/en.i18n.json
@@ -663,6 +663,7 @@
   "error-the-field-is-required": "The field __field__ is required.",
   "error-too-many-requests": "Error, too many requests. Please slow down. You must wait __seconds__ seconds before trying again.",
   "error-user-is-not-activated": "User is not activated",
+  "error-user-has-no-roles": "User has no roles",
   "error-user-limit-exceeded": "The number of users you are trying to invite to #channel_name exceeds the limit set by the administrator",
   "error-user-not-in-room": "User is not in this room",
   "error-user-registration-disabled": "User registration is disabled",

diff --git a/packages/rocketchat-i18n/i18n/pt-BR.i18n.json b/packages/rocketchat-i18n/i18n/pt-BR.i18n.json
@@ -452,6 +452,7 @@
   "error-the-field-is-required": "O campo __field__ é obrigatório.",
   "error-too-many-requests": "Erro, muitas solicitações. Por favor, diminua a velocidade. Você deve esperar __seconds__ segundos antes de tentar novamente.",
   "error-user-is-not-activated": "O usuário não está ativo",
+  "error-user-has-no-roles": "O usuário não possui permissões",
   "error-user-not-in-room": "O usuário não está nesta sala",
   "error-user-registration-disabled": "O registro do usuário está desativado",
   "error-user-registration-secret": "O registro de usuário é permitido somente via URL secreta",

diff --git a/server/lib/accounts.js b/server/lib/accounts.js
@@ -176,6 +176,12 @@ Accounts.validateLoginAttempt(function(login) {
 		});
 	}
 
+	if (!login.user.roles || !Array.isArray(login.user.roles)) {
+		throw new Meteor.Error('error-user-has-no-roles', 'User has no roles', {
+			'function': 'Accounts.validateLoginAttempt'
+		});
+	}
+
 	if (login.user.roles.includes('admin') === false && login.type === 'password' && RocketChat.settings.get('Accounts_EmailVerification') === true) {
 		const validEmail = login.user.emails.filter(email => email.verified === true);
 		if (validEmail.length === 0) {