fix: bulk migration to actually use the input value for the email verification (#1137)

Author: tamassoltesz

CHANGELOG.md

@@ -7,6 +7,11 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
 
+## [10.1.4]
+
+- Bulk migration now actually uses the `isVerified` field's value in the loginMethod input
+
+
 ## [10.1.3]
 
 - Version bumped for re-release

build.gradle

@@ -19,7 +19,7 @@ compileTestJava { options.encoding = "UTF-8" }
 //    }
 //}
 
-version = "10.1.3"
+version = "10.1.4"
 
 repositories {
     mavenCentral()

src/main/java/io/supertokens/bulkimport/BulkImport.java

@@ -73,6 +73,7 @@
 import io.supertokens.userroles.UserRoles;
 import io.supertokens.utils.Utils;
 import jakarta.servlet.ServletException;
+import org.jetbrains.annotations.NotNull;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -672,31 +673,45 @@ public static void createMultipleUserRoles(Main main, AppIdentifier appIdentifie
     public static void verifyMultipleEmailForAllLoginMethods(AppIdentifier appIdentifier, Storage storage,
                                                              List<BulkImportUser> users)
             throws StorageTransactionLogicException {
-        Map<String, String> emailToUserId = new HashMap<>();
-        for (BulkImportUser user : users) {
-            for (LoginMethod lm : user.loginMethods) {
-                emailToUserId.put(lm.getSuperTokenOrExternalUserId(), lm.email);
-            }
-        }
 
+        Map<String, String> emailToUserId = collectVerifiedEmailAddressesByUserIds(users);
         try {
-            if(!emailToUserId.isEmpty()) {
-                EmailVerificationSQLStorage emailVerificationSQLStorage = StorageUtils
-                        .getEmailVerificationStorage(storage);
-                emailVerificationSQLStorage.startTransaction(con -> {
-                    emailVerificationSQLStorage
-                            .updateMultipleIsEmailVerified_Transaction(appIdentifier, con,
-                                    emailToUserId, true);
-
-                    emailVerificationSQLStorage.commitTransaction(con);
-                    return null;
-                });
-            }
+            verifyCollectedEmailAddressesForUsers(appIdentifier, storage, emailToUserId);
         } catch (StorageQueryException e) {
             throw new StorageTransactionLogicException(e);
         }
     }
 
+    private static void verifyCollectedEmailAddressesForUsers(AppIdentifier appIdentifier, Storage storage, Map<String, String> emailToUserId)
+            throws StorageQueryException, StorageTransactionLogicException {
+        if(!emailToUserId.isEmpty()) {
+            EmailVerificationSQLStorage emailVerificationSQLStorage = StorageUtils
+                    .getEmailVerificationStorage(storage);
+            emailVerificationSQLStorage.startTransaction(con -> {
+                emailVerificationSQLStorage
+                        .updateMultipleIsEmailVerified_Transaction(appIdentifier, con,
+                                emailToUserId, true); //only the verified email addresses are expected to be in the map
+
+                emailVerificationSQLStorage.commitTransaction(con);
+                return null;
+            });
+        }
+    }
+
+    @NotNull
+    private static Map<String, String> collectVerifiedEmailAddressesByUserIds(List<BulkImportUser> users) {
+        Map<String, String> emailToUserId = new HashMap<>();
+        for (BulkImportUser user : users) {
+            for (LoginMethod lm : user.loginMethods) {
+                if(lm.isVerified) {
+                    //collect the verified email addresses for the userId
+                    emailToUserId.put(lm.getSuperTokenOrExternalUserId(), lm.email);
+                }
+            }
+        }
+        return emailToUserId;
+    }
+
     public static void createMultipleTotpDevices(Main main, AppIdentifier appIdentifier,
                                                  Storage storage, List<BulkImportUser> users)
             throws StorageTransactionLogicException {

src/test/java/io/supertokens/test/bulkimport/BulkImportTestUtils.java

@@ -45,6 +45,7 @@
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Random;
 
 import static org.junit.Assert.*;
 
@@ -79,13 +80,14 @@ public static List<BulkImportUser> generateBulkImportUserWithRoles(int numberOfU
 
             List<LoginMethod> loginMethods = new ArrayList<>();
             long currentTimeMillis = System.currentTimeMillis();
-            loginMethods.add(new LoginMethod(tenants, "emailpassword", true, true, currentTimeMillis, email, "$2a",
+            Random random = new Random();
+            loginMethods.add(new LoginMethod(tenants, "emailpassword", random.nextBoolean(), true, currentTimeMillis, email, "$2a",
                     "BCRYPT", null, null, null, null, io.supertokens.utils.Utils.getUUID()));
             loginMethods
-                    .add(new LoginMethod(tenants, "thirdparty", true, false, currentTimeMillis, email, null, null, null,
+                    .add(new LoginMethod(tenants, "thirdparty", random.nextBoolean(), false, currentTimeMillis, email, null, null, null,
                             "thirdPartyId" + i, "thirdPartyUserId" + i, null, io.supertokens.utils.Utils.getUUID()));
             loginMethods.add(
-                    new LoginMethod(tenants, "passwordless", true, false, currentTimeMillis, email, null, null, null,
+                    new LoginMethod(tenants, "passwordless", random.nextBoolean(), false, currentTimeMillis, email, null, null, null,
                             null, null, null, io.supertokens.utils.Utils.getUUID()));
             id = loginMethods.get(0).superTokensUserId;
             users.add(new BulkImportUser(id, externalId, userMetadata, userRoles, totpDevices, loginMethods));