fix(server): should allowed email addresses and domain be irrespective.

packages/server/src/api/controllers/Authentication.ts

@@ -277,30 +277,18 @@ export default class AuthenticationController extends BaseController {
           ],
         });
       }
-      if (error.errorType === 'SIGNUP_NOT_ALLOWED_EMAIL_DOMAIN') {
+      if (error.errorType === 'SIGNUP_RESTRICTED_NOT_ALLOWED') {
         return res.status(400).send({
           errors: [
             {
-              type: 'SIGNUP_NOT_ALLOWED_EMAIL_DOMAIN',
+              type: 'SIGNUP_RESTRICTED_NOT_ALLOWED',
               message:
-                'Sign-up is restricted the given email domain is not allowed to sign-up.',
+                'Sign-up is restricted the given email address is not allowed to sign-up.',
               code: 710,
             },
           ],
         });
       }
-      if (error.errorType === 'SIGNUP_NOT_ALLOWED_EMAIL_ADDRESS') {
-        return res.status(400).send({
-          errors: [
-            {
-              type: 'SIGNUP_NOT_ALLOWED_EMAIL_ADDRESS',
-              message:
-                'The sign-up restricted the given email address is not allowed to sign-up.',
-              code: 720,
-            },
-          ],
-        });
-      }
     }
     next(error);
   }

packages/server/src/services/Authentication/AuthSignup.ts

@@ -87,30 +87,24 @@ export class AuthSignupService {
     // Can't continue if the signup is not disabled.
     if (!config.signupRestrictions.disabled) return;
 
-    // Validate the allowed domains.
-    if (!isEmpty(config.signupRestrictions.allowedDomains)) {
+    // Validate the allowed email addresses and domains.
+    if (
+      !isEmpty(config.signupRestrictions.allowedEmails) ||
+      !isEmpty(config.signupRestrictions.allowedDomains)
+    ) {
       const emailDomain = email.split('@').pop();
-      const isAllowed = config.signupRestrictions.allowedDomains.some(
-        (domain) => emailDomain === domain
-      );
-      if (!isAllowed) {
-        throw new ServiceError(ERRORS.SIGNUP_NOT_ALLOWED_EMAIL_DOMAIN);
-      }
-    }
-    // Validate the allowed email addresses.
-    if (!isEmpty(config.signupRestrictions.allowedEmails)) {
-      const isAllowed =
+      const isAllowedEmail =
         config.signupRestrictions.allowedEmails.indexOf(email) !== -1;
 
-      if (!isAllowed) {
-        throw new ServiceError(ERRORS.SIGNUP_NOT_ALLOWED_EMAIL_ADDRESS);
+      const isAllowedDomain = config.signupRestrictions.allowedDomains.some(
+        (domain) => emailDomain === domain
+      );
+
+      if (!isAllowedEmail && !isAllowedDomain) {
+        throw new ServiceError(ERRORS.SIGNUP_RESTRICTED_NOT_ALLOWED);
       }
-    }
-    // Throw error if the signup is disabled with no exceptions.
-    if (
-      isEmpty(config.signupRestrictions.allowedDomains) &&
-      isEmpty(config.signupRestrictions.allowedEmails)
-    ) {
+      // Throw error if the signup is disabled with no exceptions.
+    } else {
       throw new ServiceError(ERRORS.SIGNUP_RESTRICTED);
     }
   }

packages/server/src/services/Authentication/_constants.ts

@@ -7,8 +7,6 @@ export const ERRORS = {
   TOKEN_EXPIRED: 'TOKEN_EXPIRED',
   PHONE_NUMBER_EXISTS: 'PHONE_NUMBER_EXISTS',
   EMAIL_EXISTS: 'EMAIL_EXISTS',
-
-  SIGNUP_NOT_ALLOWED_EMAIL_ADDRESS: 'SIGNUP_NOT_ALLOWED_EMAIL_ADDRESS',
-  SIGNUP_NOT_ALLOWED_EMAIL_DOMAIN: 'SIGNUP_NOT_ALLOWED_EMAIL_DOMAIN',
+  SIGNUP_RESTRICTED_NOT_ALLOWED: 'SIGNUP_RESTRICTED_NOT_ALLOWED',
   SIGNUP_RESTRICTED: 'SIGNUP_RESTRICTED',
 };