From a88ccb01cc2cc30aba7f6973c6f8e6ffbc6fb1ab Mon Sep 17 00:00:00 2001
From: Drew Gross <drew.a.gross@gmail.com>
Date: Mon, 9 May 2016 17:36:11 -0700
Subject: [PATCH] Address comments

---
 spec/ValidationAndPasswordsReset.spec.js | 38 ++++++++++++++++++++++--
 spec/index.spec.js                       | 22 --------------
 src/Routers/UsersRouter.js               | 38 ++++++++++++++++--------
 3 files changed, 61 insertions(+), 37 deletions(-)

diff --git a/spec/ValidationAndPasswordsReset.spec.js b/spec/ValidationAndPasswordsReset.spec.js
index e953204931a..a0981e16028 100644
--- a/spec/ValidationAndPasswordsReset.spec.js
+++ b/spec/ValidationAndPasswordsReset.spec.js
@@ -1,7 +1,9 @@
 "use strict";
 
-var request = require('request');
-var Config = require("../src/Config");
+let MockEmailAdapterWithOptions = require('./MockEmailAdapterWithOptions');
+let request = require('request');
+let Config = require("../src/Config");
+
 describe("Custom Pages Configuration", () => {
   it("should set the custom pages", (done) => {
     setServerConfiguration({
@@ -282,6 +284,38 @@ describe("Email Verification", () => {
     });
   });
 
+  it('fails if you set include an emailAdapter, set verifyUserEmails to false, dont set a publicServerURL, and try to send a password reset email (regression test for #1649)', done => {
+    setServerConfiguration({
+      serverURL: 'http://localhost:8378/1',
+      appId: 'test',
+      appName: 'unused',
+      javascriptKey: 'test',
+      dotNetKey: 'windows',
+      clientKey: 'client',
+      restAPIKey: 'rest',
+      masterKey: 'test',
+      collectionPrefix: 'test_',
+      fileKey: 'test',
+      verifyUserEmails: false,
+      emailAdapter: MockEmailAdapterWithOptions({
+        fromAddress: 'parse@example.com',
+        apiKey: 'k',
+        domain: 'd',
+      }),
+    })
+
+    let user = new Parse.User();
+    user.setPassword("asdf");
+    user.setUsername("zxcv");
+    user.set("email", "cool_guy@parse.com");
+    user.signUp(null)
+    .then(user => Parse.User.requestPasswordReset("cool_guy@parse.com"))
+    .catch(error => {
+      expect(error.message).toEqual('An appName, publicServerURL, and emailAdapter are required for password reset functionality.')
+      done();
+    });
+  });
+
   it('does not send verification email if email verification is disabled', done => {
     var emailAdapter = {
       sendVerificationEmail: () => Promise.resolve(),
diff --git a/spec/index.spec.js b/spec/index.spec.js
index a7cc1a7a4fb..d0d54401b1c 100644
--- a/spec/index.spec.js
+++ b/spec/index.spec.js
@@ -361,26 +361,4 @@ describe('server', () => {
     expect(() => setServerConfiguration({ revokeSessionOnPasswordReset: 'non-bool' })).toThrow();
     done();
   });
-
-  it('fails if you set verifyUserEmails to true without setting an app ID or publicServerURL (regression test for #1649)', done => {
-    expect(() => setServerConfiguration({
-      serverURL: 'http://localhost:8378/1',
-      appId: 'test',
-      appName: 'unused',
-      javascriptKey: 'test',
-      dotNetKey: 'windows',
-      clientKey: 'client',
-      restAPIKey: 'rest',
-      masterKey: 'test',
-      collectionPrefix: 'test_',
-      fileKey: 'test',
-      verifyUserEmails: true,
-      emailAdapter: MockEmailAdapterWithOptions({
-        fromAddress: 'parse@example.com',
-        apiKey: 'k',
-        domain: 'd',
-      }),
-    })).toThrow('A public server url is required when using email verification.');
-    done();
-  });
 });
diff --git a/src/Routers/UsersRouter.js b/src/Routers/UsersRouter.js
index adba752f832..f92f42deef2 100644
--- a/src/Routers/UsersRouter.js
+++ b/src/Routers/UsersRouter.js
@@ -1,7 +1,7 @@
 // These methods handle the User-related routes.
 
 import deepcopy       from 'deepcopy';
-
+import Config         from '../Config';
 import ClassesRouter  from './ClassesRouter';
 import PromiseRouter  from '../PromiseRouter';
 import rest           from '../rest';
@@ -155,19 +155,31 @@ export class UsersRouter extends ClassesRouter {
   }
 
   handleResetRequest(req) {
-     let { email } = req.body;
-     if (!email) {
-       throw new Parse.Error(Parse.Error.EMAIL_MISSING, "you must provide an email");
-     }
-     let userController = req.config.userController;
-
+    try {
+      Config.validateEmailConfiguration({
+        verifyUserEmails: true, //A bit of a hack, as this isn't the intended purpose of this parameter
+        appName: req.config.appName,
+        publicServerURL: req.config.publicServerURL,
+      });
+    } catch (e) {
+      if (typeof e === 'string') {
+        throw new Parse.Error(Parse.Error.INTERNAL_SERVER_ERROR, 'An appName, publicServerURL, and emailAdapter are required for password reset functionality.');
+      } else {
+        throw e;
+      }
+    }
+    let { email } = req.body;
+    if (!email) {
+      throw new Parse.Error(Parse.Error.EMAIL_MISSING, "you must provide an email");
+    }
+    let userController = req.config.userController;
      return userController.sendPasswordResetEmail(email).then((token) => {
-        return Promise.resolve({
-          response: {}
-        });
-     }, (err) => {
-       throw new Parse.Error(Parse.Error.EMAIL_NOT_FOUND, `no user found with email ${email}`);
-     });
+       return Promise.resolve({
+         response: {}
+       });
+    }, (err) => {
+      throw new Parse.Error(Parse.Error.EMAIL_NOT_FOUND, `no user found with email ${email}`);
+    });
   }