Merge pull request #1509 from CVEProject/dr_1496_userValidationMiddleware_fixes

Resolves #1496 - user validation middleware fixes

Author: david-rocca

src/middleware/middleware.js

@@ -133,10 +133,7 @@ async function validateUser (req, res, next) {
       return res.status(401).json(error.unauthorized())
     }
 
-    const activeInOrg = true
-
-    if ((!useRegistry && !result.active) ||
-          (useRegistry && !activeInOrg)) {
+    if (result.active === false || result.status === 'inactive') {
       logger.warn(JSON.stringify({ uuid: req.ctx.uuid, message: 'User deactivated. Authentication failed for ' + user }))
       return res.status(401).json(error.unauthorized())
     }

src/repositories/baseUserRepository.js

@@ -189,7 +189,9 @@ class BaseUserRepository extends BaseRepository {
     legacyObjectRaw.secret = secret
 
     // Registry Only Fields
+    registryObjectRaw.status = 'active'
     // Legacy Specific fields
+    legacyObjectRaw.active = true
 
     // Get UUID of org, that is having the user added to it.
     const existingOrg = await baseOrgRepository.findOneByShortName(orgShortName)

test/unit-tests/middleware/validateUserTest.js

@@ -70,7 +70,7 @@ class NullUserRepo {
   }
 }
 
-describe.skip('Testing the user validation middleware', () => {
+describe('Testing the user validation middleware', () => {
   context('Negative Tests', () => {
     it('Org does not exist', (done) => {
       app.route('/validate-user-org-doesnt-exist')