From 90bdca04a669b60ff99da066441032df9669ea54 Mon Sep 17 00:00:00 2001
From: Ulf Gebhardt <ulf.gebhardt@webcraft-media.de>
Date: Fri, 18 Feb 2022 12:49:05 +0100
Subject: [PATCH] UserResolver - on login have a specific message for deleted
 users - when trying to register also check for deleted users and prevent
 registration

---
 backend/src/graphql/resolver/UserResolver.ts | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/backend/src/graphql/resolver/UserResolver.ts b/backend/src/graphql/resolver/UserResolver.ts
index 5bc30f6b4..fdae2a14e 100644
--- a/backend/src/graphql/resolver/UserResolver.ts
+++ b/backend/src/graphql/resolver/UserResolver.ts
@@ -250,9 +250,12 @@ export class UserResolver {
     @Ctx() context: any,
   ): Promise<User> {
     email = email.trim().toLowerCase()
-    const dbUser = await DbUser.findOneOrFail({ email }).catch(() => {
+    const dbUser = await DbUser.findOneOrFail({ email }, { withDeleted: true }).catch(() => {
       throw new Error('No user with this credentials')
     })
+    if (dbUser.deletedAt) {
+      throw new Error('This user was permanently disabled. Contact support for questions.')
+    }
     if (!dbUser.emailChecked) {
       throw new Error('User email not validated')
     }
@@ -335,9 +338,9 @@ export class UserResolver {
 
     // Validate email unique
     // TODO: i can register an email in upper/lower case twice
-    const userRepository = getCustomRepository(UserRepository)
-    const usersFound = await userRepository.count({ email })
-    if (usersFound !== 0) {
+    // TODO we cannot use repository.count(), since it does not allow to specify if you want to include the soft deletes
+    const userFound = await DbUser.findOne({ email }, { withDeleted: true })
+    if (userFound) {
       // TODO: this is unsecure, but the current implementation of the login server. This way it can be queried if the user with given EMail is existent.
       throw new Error(`User already exists.`)
     }