Fix bug where keyId was undefined in verifyRemove link

src/email/email.js

@@ -70,8 +70,8 @@ class Email {
       params: {
         name: userId.name,
         baseUrl: util.url(origin),
-        keyId: encodeURIComponent(keyId),
+        keyId: keyId,
-        nonce: encodeURIComponent(userId.nonce)
+        nonce: userId.nonce
       }
     };
     return yield this._sendHelper(message);

src/service/public-key.js

@@ -221,11 +221,12 @@ class PublicKey {
    */
   *requestRemove(options) {
     let keyId = options.keyId, email = options.email, origin = options.origin;
-    let userIds = yield this._flagForRemove(keyId, email);
+    let key = yield this._flagForRemove(keyId, email);
-    if (!userIds.length) {
+    if (!key) {
       util.throw(404, 'User id not found');
     }
-    for (let userId of userIds) {
+    keyId = key.keyId; // get keyId in case request was by email
+    for (let userId of key.userIds) {
       yield this._email.send({ template:tpl.verifyRemove, userId, keyId, origin });
     }
   }
@@ -241,14 +242,14 @@ class PublicKey {
     let query = email ? { 'userIds.email':email } : { keyId };
     let key = yield this._mongo.get(query, DB_TYPE);
     if (!key) {
-      return [];
+      return;
     }
     if (email) {
       let nonce = util.random();
       yield this._mongo.update(query, { 'userIds.$.nonce':nonce }, DB_TYPE);
       let uid = key.userIds.find(u => u.email === email);
       uid.nonce = nonce;
-      return [uid];
+      return { userIds:[uid], keyId:key.keyId };
     }
     if (keyId) {
       for (let uid of key.userIds) {
@@ -256,7 +257,7 @@ class PublicKey {
         yield this._mongo.update({ 'userIds.email':uid.email }, { 'userIds.$.nonce':nonce }, DB_TYPE);
         uid.nonce = nonce;
       }
-      return key.userIds;
+      return key;
     }
   }
 

test/integration/public-key-test.js

@@ -35,7 +35,7 @@ describe('Public Key Integration Tests', function() {
       return recipient.to.address === primaryEmail;
     }), sinon.match(params => {
       emailParams = params;
-      return !!params.nonce;
+      return params.nonce !== undefined && params.keyId !== undefined;
     }));
     sinon.stub(nodemailer, 'createTransport').returns({
       templateSender: () => { return sendEmailStub; }
@@ -253,18 +253,21 @@ describe('Public Key Integration Tests', function() {
       yield publicKey.verify(emailParams);
       emailParams = null;
       yield publicKey.requestRemove({ keyId, origin });
+      expect(emailParams.keyId).to.exist;
       expect(emailParams.nonce).to.exist;
     });
 
     it('should work for unverified key', function *() {
       emailParams = null;
       yield publicKey.requestRemove({ keyId, origin });
+      expect(emailParams.keyId).to.exist;
       expect(emailParams.nonce).to.exist;
     });
 
     it('should work by email address', function *() {
       emailParams = null;
       yield publicKey.requestRemove({ email:primaryEmail, origin });
+      expect(emailParams.keyId).to.exist;
       expect(emailParams.nonce).to.exist;
     });