From 7952257a8946495ebb2ba1d651f1ecce19cc50f3 Mon Sep 17 00:00:00 2001
From: Neeraj Gupta <254676+ua741@users.noreply.github.com>
Date: Tue, 10 Dec 2024 11:45:24 +0530
Subject: [PATCH] Fix server status

---
 server/pkg/controller/emergency/recovery.go         | 11 +++++++++++
 server/pkg/controller/emergency/recovery_contact.go |  8 ++++----
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/server/pkg/controller/emergency/recovery.go b/server/pkg/controller/emergency/recovery.go
index b1a13acd4e..6915b3eedd 100644
--- a/server/pkg/controller/emergency/recovery.go
+++ b/server/pkg/controller/emergency/recovery.go
@@ -6,6 +6,7 @@ import (
 	"github.com/ente-io/stacktrace"
 	"github.com/gin-gonic/gin"
 	"github.com/google/uuid"
+	log "github.com/sirupsen/logrus"
 )
 
 func (c *Controller) GetRecoveryInfo(ctx *gin.Context,
@@ -50,6 +51,16 @@ func (c *Controller) ChangePassword(ctx *gin.Context, userID int64, request ente
 	if err != nil {
 		return nil, stacktrace.Propagate(err, "")
 	}
+
+	hasUpdate, err := c.Repo.UpdateRecoveryStatusForID(ctx, sessionID, ente.RecoveryStatusRecovered)
+	if err != nil {
+		return nil, stacktrace.Propagate(err, "failed to update recovery status")
+	}
+	if !hasUpdate {
+		log.WithField("userID", userID).WithField("req", request).
+			Warn("no row updated while rejecting recovery")
+	}
+
 	return resp, nil
 }
 
diff --git a/server/pkg/controller/emergency/recovery_contact.go b/server/pkg/controller/emergency/recovery_contact.go
index ef84f8f31e..769e19a179 100644
--- a/server/pkg/controller/emergency/recovery_contact.go
+++ b/server/pkg/controller/emergency/recovery_contact.go
@@ -8,13 +8,13 @@ import (
 )
 
 func (c *Controller) StartRecovery(ctx *gin.Context,
-	userID int64,
+	actorUserID int64,
 	req ente.ContactIdentifier) error {
 	if req.EmergencyContactID == req.UserID {
 		return stacktrace.Propagate(ente.NewBadRequestWithMessage("contact and user can not be same"), "")
 	}
-	if req.EmergencyContactID != userID {
-		return stacktrace.Propagate(ente.ErrPermissionDenied, "user can only update his own state")
+	if req.EmergencyContactID != actorUserID {
+		return stacktrace.Propagate(ente.ErrPermissionDenied, "only the emergency contact can start recovery")
 	}
 
 	contact, err := c.Repo.GetActiveEmergencyContact(ctx, req.UserID, req.EmergencyContactID)
@@ -24,7 +24,7 @@ func (c *Controller) StartRecovery(ctx *gin.Context,
 
 	hasUpdate, err := c.Repo.InsertIntoRecovery(ctx, req, *contact)
 	if !hasUpdate {
-		log.WithField("userID", userID).WithField("req", req).
+		log.WithField("userID", actorUserID).WithField("req", req).
 			Warn("No need to send email")
 	}
 	if err != nil {