FIX: Show invite validation errors to users (#12717)

FIX: Show invite validation errors to users (#12717)

The server used to respond with a generic ‘error, contact admin’ message which did not offer any hint what the error was. This happened even when the error could be easily corrected by the user (for example, if they chose a very common password).

diff --git a/app/controllers/invites_controller.rb b/app/controllers/invites_controller.rb
index 9caa9a1..b7cf7b3 100644
--- a/app/controllers/invites_controller.rb
+++ b/app/controllers/invites_controller.rb
@@ -228,9 +228,7 @@ class InvitesController < ApplicationController
         end
 
         user = invite.redeem(**attrs)
-      rescue ActiveRecord::RecordInvalid, ActiveRecord::RecordNotSaved => e
-        return render json: failed_json.merge(errors: e.record&.errors&.to_hash, message: I18n.t('invite.error_message')), status: 412
-      rescue Invite::UserExists => e
+      rescue ActiveRecord::RecordInvalid, ActiveRecord::RecordNotSaved, Invite::UserExists => e
         return render json: failed_json.merge(message: e.message), status: 412
       end
 
diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml
index b17c722..5d94936 100644
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@@ -239,7 +239,6 @@ en:
       <p>Otherwise please <a href="%{base_url}/password-reset">Reset Password</a>.</p>
     not_found_template_link: |
       <p>The invitation to <a href="%{base_url}">%{site_name}</a> can no longer be redeemed. Please ask the person who invited you to send you a new invitation.</p>
-    error_message: "There was an error accepting invite. Please contact the site's administrator."
     user_exists: "There's no need to invite <b>%{email}</b>, they <a href='%{base_path}/u/%{username}/summary'>already have an account!</a>"
     invalid_email: "%{email} isn't a valid email address."
     confirm_email: "<p>You’re almost done! We sent an activation mail to your email address. Please follow the instructions in the mail to activate your account.</p><p>If it doesn’t arrive, check your spam folder.</p>"
diff --git a/spec/requests/invites_controller_spec.rb b/spec/requests/invites_controller_spec.rb
index f2001d5..6684010 100644
--- a/spec/requests/invites_controller_spec.rb
+++ b/spec/requests/invites_controller_spec.rb
@@ -443,7 +443,6 @@ describe InvitesController do
       it 'does not log in the user if there are validation errors' do
         put "/invites/show/#{invite.invite_key}.json", params: { password: 'password' }
         expect(response.status).to eq(412)
-        expect(response.parsed_body['errors']['password']).to be_present
       end
 
       it 'fails when local login is disabled and no external auth is configured' do

GitHub sha: bfa301bd

This commit appears in #12717 which was approved by ZogStriP. It was merged by udan11.