From c4f210d19b4cdff0bbd2d905173926897dda3dbb Mon Sep 17 00:00:00 2001
From: Petar Hristov <hristov@itc.rwth-aachen.de>
Date: Mon, 8 Mar 2021 15:38:22 +0100
Subject: [PATCH] Fix: Removed UserID reference from ExecuteConfirmation method
 (coscine/issues#1294)

---
 src/Database/Models/ContactChangeModel.cs | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/Database/Models/ContactChangeModel.cs b/src/Database/Models/ContactChangeModel.cs
index b7ffe7d..4536380 100644
--- a/src/Database/Models/ContactChangeModel.cs
+++ b/src/Database/Models/ContactChangeModel.cs
@@ -47,9 +47,9 @@ namespace Coscine.Database.Models
             return contactChangeObjects;
         }
 
-        public UserObject ExecuteConfirmation(Guid userId, Guid token)
+        public UserObject ExecuteConfirmation(Guid token)
         {
-            ContactChange emailData = GetWhere((contactChange) => contactChange.UserId == userId && contactChange.ConfirmationToken == token);
+            ContactChange emailData = GetWhere((contactChange) => contactChange.ConfirmationToken == token);
             if (emailData != null)
             {
                 if (emailData.EditDate != null)
@@ -63,30 +63,30 @@ namespace Coscine.Database.Models
                     {
                         // VALID
                         UserModel userModel = new UserModel();
-                        User user = userModel.GetById(userId);
+                        User user = userModel.GetById(emailData.UserId);
                         user.EmailAddress = emailData.NewEmail; // Overwrite old Email with New.
                         userModel.Update(user); // Update Database (User Table).
                         Delete(emailData); // Delete Entry from Database (ContactChange Table).
-                        UserObject userObject = userModel.CreateReturnObjectFromDatabaseObject(userModel.GetWhere((usr) => usr.Id == userId));
+                        UserObject userObject = userModel.CreateReturnObjectFromDatabaseObject(userModel.GetWhere((usr) => usr.Id == emailData.UserId));
                         return userObject;
                     }
                     else
                     {
                         // EXPIRED
-                        throw new Exception("EXPIRED: Token " + token.ToString() + " for User with an ID " + userId.ToString() + " has expired.");
+                        throw new Exception("EXPIRED: Token " + token.ToString() + " has expired.");
                     }
                 }
                 else
                 {
                     // INVALID (null EditDate)
-                    throw new ArgumentNullException("INVALID: Value EditDate is NULL for Token " + token.ToString() + " and User with an ID " + userId.ToString() + ".");
+                    throw new ArgumentNullException("INVALID: Value EditDate is NULL for Token " + token.ToString() + ".");
                 }
 
             }
             else
             {
                 // INVALID (token-user combination not in Database)
-                throw new MissingFieldException("INVALID: The Token " + token.ToString() + " and User with an ID " + userId.ToString() + " combination is not valid. No entry inside the Database.");
+                throw new MissingFieldException("INVALID: The Token " + token.ToString() + " is not valid. No entry inside the Database.");
             }
         }
         
-- 
GitLab