DGNum/demarches-normaliennes
14
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

feat(User.validation): validates email when env var is present

Browse source
This commit is contained in:
Martin 2024-02-12 12:39:43 +01:00 committed by mfo
parent 25f92a7760
commit 05193e1d1e
5 changed files with 115 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
app/models/user.rb
View file

@ -33,10 +33,15 @@ class User < ApplicationRecord
accepts_nested_attributes_for :france_connect_information
default_scope { eager_load(:instructeur, :administrateur, :expert) }
before_validation -> { sanitize_email(:email) }
before_validation -> { sanitize_email(:email) }
validate :does_not_merge_on_self, if: :requested_merge_into_id_changed?
with_options if: :elligible_to_new_validation? do
before_validation :remove_devise_email_validator
validates :email, strict_email: true
end
def validate_password_complexity?
administrateur?
end
@ -268,4 +273,18 @@ class User < ApplicationRecord
def link_invites!
Invite.where(email: email).update_all(user_id: id)
end
def elligible_to_new_validation?
StrictEmailValidator.elligible_to_new_validation?(self)
end
def remove_devise_email_validator
_validators[:email]&.reject! { _1.is_a?(ActiveModel::Validations::FormatValidator) }
_validate_callbacks.each do |callback|
next if !callback.filter.is_a?(ActiveModel::Validations::FormatValidator)
next if !callback.filter.attributes.include? :email
callback.filter.attributes.delete(:email)
end
end
end

16
app/validators/strict_email_validator.rb
View file

@ -6,14 +6,22 @@ class StrictEmailValidator < ActiveModel::EachValidator
REGEXP = /\A[^@\s]+@[^@\s\.]+\.[^@\s]{2,}\z/
def validate_each(record, attribute, value)
if value.present? && !REGEXP.match?(value)
record.errors.add(attribute, :format)
if value.present? && !regexp_for(record).match?(value)
record.errors.add(attribute, :invalid_email_format)
end
end
def regexp_for(record)
if StrictEmailValidator.elligible_to_new_validation?(record)
REGEXP
else
Devise.email_regexp
end
end
def self.elligible_to_new_validation?(record)
return false if !strict_validation_enabled?
return false if (record.created_at || Time.now) < date_since_strict_email_validation
return false if (record.created_at || Time.zone.now) < date_since_strict_email_validation
true
end
@ -26,6 +34,4 @@ class StrictEmailValidator < ActiveModel::EachValidator
rescue
DateTime.new(1789, 5, 5, 0, 0) # french revolution, ds was not yet launched
end
end

1
config/locales/en.yml
View file

@ -605,6 +605,7 @@ en:
not_a_phone: 'Invalid phone number'
not_a_rna: 'Invalid RNA number'
url: 'is not a valid link'
invalid_email_format: "is not a valid email"
models:
attestation_template:
attributes:

1
config/locales/fr.yml
View file

@ -608,6 +608,7 @@ fr:
not_a_phone: 'Numéro de téléphone invalide'
not_a_rna: 'Numéro RNA invalide'
url: 'nest pas un lien valide'
invalid_email_format: "n'est pas un email valide"
models:
attestation_template:
attributes:

82
spec/models/user_spec.rb
View file

@ -493,4 +493,86 @@ describe User, type: :model do
end
end
end
describe 'discard default devise validation when needed' do
let(:now) { Time.zone.now }
let(:before) { now - 1.day }
let(:after) { now + 1.day }
subject { user.valid? }
shared_examples_for "validation of users.email was flacky" do
context 'when value is username' do
let(:email) { 'username' }
it { is_expected.to be_falsey }
end
context 'when value does not contain extension' do
let(:email) { 'username@mailserver' }
# what we allowed but was a mistake
it { is_expected.to be_truthy }
end
context 'when value include an alias' do
let(:email) { 'username+alias@mailserver.fr' }
it { is_expected.to be_truthy }
end
context 'when value includes accents' do
let(:email) { 'tech@démarches.gouv.fr' }
it { is_expected.to be_falsey }
end
context 'when value is the classic standard user@domain.ext' do
let(:email) { 'username@mailserver.domain' }
it { is_expected.to be_truthy }
end
end
context 'when env var is not present' do
let(:user) { build(:user, email: email) }
before { allow(StrictEmailValidator).to receive(:strict_validation_enabled?).and_return(false).at_least(1) }
it_behaves_like "validation of users.email was flacky"
end
context "record.created_at < ENV['STRICT_EMAIL_VALIDATION_STARTS_AT']" do
let(:user) { build(:user, email: email, created_at: before) }
before do
allow(StrictEmailValidator).to receive(:strict_validation_enabled?).and_return(true).at_least(1)
allow(StrictEmailValidator).to receive(:date_since_strict_email_validation).and_return(now).at_least(1)
end
it_behaves_like "validation of users.email was flacky"
end
context "record.created_at > ENV['STRICT_EMAIL_VALIDATION_STARTS_AT']" do
let(:user) { build(:user, email: email, created_at: after) }
before do
allow(StrictEmailValidator).to receive(:strict_validation_enabled?).and_return(true).at_least(1)
allow(StrictEmailValidator).to receive(:date_since_strict_email_validation).and_return(now).at_least(1)
end
context 'when value is username' do
let(:email) { 'username' }
it { is_expected.to be_falsey }
end
context 'when value does not contain extension' do
let(:email) { 'username@mailserver' }
it { is_expected.to be_falsey }
end
context 'when value include an alias' do
let(:email) { 'username+alias@mailserver.fr' }
it { is_expected.to be_truthy }
end
context 'when value includes accents' do
let(:email) { 'tech@démarches.gouv.fr' }
it { is_expected.to be_truthy }
end
context 'when value is the classic standard user@domain.ext' do
let(:email) { 'username@mailserver.domain' }
it { is_expected.to be_truthy }
end
end
end
end