profile: send an email when the account is already taken
This commit is contained in:
parent
80074d6d82
commit
03fc555edf
6 changed files with 67 additions and 3 deletions
|
@ -12,8 +12,9 @@ module Users
|
|||
def update_email
|
||||
if @current_user.update(update_email_params)
|
||||
flash.notice = t('devise.registrations.update_needs_confirmation')
|
||||
# to avoid leaking who has signed in
|
||||
elsif @current_user.errors&.details&.dig(:email)&.any? { |e| e[:error] == :taken }
|
||||
UserMailer.account_already_taken(@current_user, requested_email).deliver_later
|
||||
# avoid leaking information about whether an account with this email exists or not
|
||||
flash.notice = t('devise.registrations.update_needs_confirmation')
|
||||
else
|
||||
flash.alert = @current_user.errors.full_messages
|
||||
|
@ -27,5 +28,9 @@ module Users
|
|||
def update_email_params
|
||||
params.require(:user).permit(:email)
|
||||
end
|
||||
|
||||
def requested_email
|
||||
update_email_params[:email]
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -8,4 +8,12 @@ class UserMailer < ApplicationMailer
|
|||
|
||||
mail(to: user.email, subject: @subject)
|
||||
end
|
||||
|
||||
def account_already_taken(user, requested_email)
|
||||
@user = user
|
||||
@requested_email = requested_email
|
||||
@subject = "Changement d’adresse email"
|
||||
|
||||
mail(to: requested_email, subject: @subject)
|
||||
end
|
||||
end
|
||||
|
|
20
app/views/user_mailer/account_already_taken.haml
Normal file
20
app/views/user_mailer/account_already_taken.haml
Normal file
|
@ -0,0 +1,20 @@
|
|||
- content_for(:title, @subject)
|
||||
|
||||
%p
|
||||
Bonjour,
|
||||
|
||||
%p
|
||||
L’utilisateur « #{@user.email} » a demandé le changement de son adresse vers « #{@requested_email} ».
|
||||
|
||||
%p
|
||||
Malheureusement, votre compte « #{@requested_email} » existe déjà. Nous ne pouvons pas fusionner automatiquement vos comptes.
|
||||
|
||||
%p
|
||||
%strong Nous ne pouvons donc pas effectuer le changement d’adresse email.
|
||||
|
||||
%p
|
||||
Si vous n'êtes pas à l’origine de cette demande, vous pouvez ignorer ce message. Et si vous avez besoin d’assistance, n’hésitez pas à nous contacter à
|
||||
= succeed '.' do
|
||||
= mail_to CONTACT_EMAIL
|
||||
|
||||
= render partial: "layouts/mailers/signature"
|
|
@ -1,6 +1,8 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe Users::ProfilController, type: :controller do
|
||||
include ActiveJob::TestHelper
|
||||
|
||||
let(:user) { create(:user) }
|
||||
|
||||
before { sign_in(user) }
|
||||
|
@ -34,13 +36,17 @@ describe Users::ProfilController, type: :controller do
|
|||
end
|
||||
|
||||
context 'when the mail is already taken' do
|
||||
let!(:user2) { create(:user) }
|
||||
let(:existing_user) { create(:user) }
|
||||
|
||||
before do
|
||||
patch :update_email, params: { user: { email: user2.email } }
|
||||
perform_enqueued_jobs do
|
||||
patch :update_email, params: { user: { email: existing_user.email } }
|
||||
end
|
||||
user.reload
|
||||
end
|
||||
|
||||
it { expect(user.unconfirmed_email).to be_nil }
|
||||
it { expect(ActionMailer::Base.deliveries.last.to).to eq([existing_user.email]) }
|
||||
it { expect(response).to redirect_to(profil_path) }
|
||||
it { expect(flash.notice).to eq(I18n.t('devise.registrations.update_needs_confirmation')) }
|
||||
end
|
||||
|
|
|
@ -3,6 +3,10 @@ class UserMailerPreview < ActionMailer::Preview
|
|||
UserMailer.new_account_warning(user)
|
||||
end
|
||||
|
||||
def account_already_taken
|
||||
UserMailer.account_already_taken(user, 'dircab@territoires.gouv.fr')
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def user
|
||||
|
|
21
spec/mailers/user_mailer_spec.rb
Normal file
21
spec/mailers/user_mailer_spec.rb
Normal file
|
@ -0,0 +1,21 @@
|
|||
require "rails_helper"
|
||||
|
||||
RSpec.describe UserMailer, type: :mailer do
|
||||
let(:user) { build(:user) }
|
||||
|
||||
describe '.new_account_warning' do
|
||||
subject { described_class.new_account_warning(user) }
|
||||
|
||||
it { expect(subject.to).to eq([user.email]) }
|
||||
it { expect(subject.body).to include(user.email) }
|
||||
end
|
||||
|
||||
describe '.account_already_taken' do
|
||||
let(:requested_email) { 'new@exemple.fr' }
|
||||
|
||||
subject { described_class.account_already_taken(user, requested_email) }
|
||||
|
||||
it { expect(subject.to).to eq([requested_email]) }
|
||||
it { expect(subject.body).to include(requested_email) }
|
||||
end
|
||||
end
|
Loading…
Reference in a new issue