From 36ead77e0cf7c643360e596da1a843a810aea0bc Mon Sep 17 00:00:00 2001
From: Matteo Pagliazzi <matteopagliazzi@gmail.com>
Date: Tue, 9 Oct 2018 20:07:50 +0200
Subject: [PATCH] Fixes group plan verify username (#10747)

Misc fixes
---
 website/server/controllers/api-v4/auth.js     | 19 +++++++++++++------
 website/server/libs/payments/groupPayments.js |  2 +-
 2 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/website/server/controllers/api-v4/auth.js b/website/server/controllers/api-v4/auth.js
index 4b5b328c6b..607562aca4 100644
--- a/website/server/controllers/api-v4/auth.js
+++ b/website/server/controllers/api-v4/auth.js
@@ -72,9 +72,10 @@ api.updateUsername = {
 api.verifyUsername = {
   method: 'POST',
   url: '/user/auth/verify-username',
+  middlewares: [authWithHeaders({
+    optional: true,
+  })],
   async handler (req, res) {
-    const user = res.locals.user;
-
     req.checkBody({
       username: {
         notEmpty: {errorMessage: res.t('missingUsername')},
@@ -84,11 +85,17 @@ api.verifyUsername = {
     const validationErrors = req.validationErrors();
     if (validationErrors) throw validationErrors;
 
-    const issues = verifyUsername(req.body.username, res);
+    const user = res.locals.user;
+    const chosenUsername = req.body.username;
 
-    const existingUser = await User.findOne({ 'auth.local.lowerCaseUsername': req.body.username.toLowerCase() }, {auth: 1}).exec();
-    if (existingUser && existingUser._id !== user._id) {
-      issues.push(res.t('usernameTaken'));
+    const issues = verifyUsername(chosenUsername, res);
+
+    const existingUser = await User.findOne({
+      'auth.local.lowerCaseUsername': chosenUsername.toLowerCase(),
+    }, {auth: 1}).exec();
+
+    if (existingUser) {
+      if (!user ||  existingUser._id !== user._id) issues.push(res.t('usernameTaken'));
     }
 
     if (issues.length > 0) {
diff --git a/website/server/libs/payments/groupPayments.js b/website/server/libs/payments/groupPayments.js
index 539200fe55..2ad944d71f 100644
--- a/website/server/libs/payments/groupPayments.js
+++ b/website/server/libs/payments/groupPayments.js
@@ -207,7 +207,7 @@ async function cancelGroupSubscriptionForUser (user, group, userWasRemoved = fal
   if (user.purchased.plan.customerId !== this.constants.GROUP_PLAN_CUSTOMER_ID) return;
 
   let userGroups = user.guilds.toObject();
-  userGroups.push('party');
+  if (user.party._id) userGroups.push(user.party._id);
 
   let index = userGroups.indexOf(group._id);
   userGroups.splice(index, 1);