From 406edf089cc13d5281d5af33fd941c1ef9f6a0c4 Mon Sep 17 00:00:00 2001
From: Reid Wakida <rwakida@gmail.com>
Date: Tue, 22 Sep 2015 21:57:49 -1000
Subject: [PATCH] Fix bug where username incorrectly passed to
 findOneByUsername.  Also adds arugment validation.

---
 server/methods/addUserToRoom.coffee | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/server/methods/addUserToRoom.coffee b/server/methods/addUserToRoom.coffee
index 5edcc19e39a0..f94226b8bf96 100644
--- a/server/methods/addUserToRoom.coffee
+++ b/server/methods/addUserToRoom.coffee
@@ -1,7 +1,13 @@
 Meteor.methods
 	addUserToRoom: (data) ->
 		fromId = Meteor.userId()
-		# console.log '[methods] addUserToRoom -> '.green, 'fromId:', fromId, 'data:', data
+		console.log '[methods] addUserToRoom -> '.green, 'data:', data
+
+		unless Match.test data?.rid, String
+			throw new Meteor.Error 'invalid-rid'
+
+		unless Match.test data?.username, String
+			throw new Meteor.Error 'invalid-username'
 
 		room = RocketChat.models.Rooms.findOneById data.rid
 
@@ -13,7 +19,7 @@ Meteor.methods
 		if room.usernames.indexOf(data.username) isnt -1
 			return
 
-		newUser = RocketChat.models.Users.findOneByUsername username: data.username
+		newUser = RocketChat.models.Users.findOneByUsername data.username
 
 		RocketChat.models.Rooms.addUsernameById data.rid, data.username