diff --git a/app/controllers/users/activate_controller.rb b/app/controllers/users/activate_controller.rb index cadf2f9c1..56d9edca7 100644 --- a/app/controllers/users/activate_controller.rb +++ b/app/controllers/users/activate_controller.rb @@ -34,12 +34,12 @@ class Users::ActivateController < ApplicationController user = User.find_by(confirmation_token: params[:token]) if user && user.email_verified_at flash[:notice] = "Votre email est déjà vérifié" - elsif user && user.confirmation_sent_at > 2.days.ago + elsif user && 2.days.ago < user.confirmation_sent_at user.update!(email_verified_at: Time.zone.now) flash[:notice] = 'Votre email a bien été vérifié' else flash[:alert] = "le lien est trop vieux" - #to do relancer un lien if user + # to do relancer un lien if user end redirect_to root_path(user) end diff --git a/app/controllers/users/dossiers_controller.rb b/app/controllers/users/dossiers_controller.rb index ad2892394..5810b6708 100644 --- a/app/controllers/users/dossiers_controller.rb +++ b/app/controllers/users/dossiers_controller.rb @@ -147,7 +147,7 @@ module Users def update_identite @dossier = dossier @no_description = true - email = dossier_params[:individual_attributes][:email] + email = dossier_params.dig('individual_attributes', 'email') if @dossier.update(dossier_params) && @dossier.individual.valid? # verify for_tiers email diff --git a/app/models/user.rb b/app/models/user.rb index c792bbf18..e9d7e8a77 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -138,8 +138,8 @@ class User < ApplicationRecord def self.create_or_promote_to_tiers(email, password, dossier) user = User - .create_with(password: password, confirmed_at: Time.zone.now) - .find_or_create_by(email: email) + .create_with(password: password, confirmed_at: Time.zone.now) + .find_or_create_by(email: email) if user.valid? && user.unverified_email? user.invite_tiers!(dossier) diff --git a/spec/controllers/users/activate_controller_spec.rb b/spec/controllers/users/activate_controller_spec.rb index 01aeda490..fabee4688 100644 --- a/spec/controllers/users/activate_controller_spec.rb +++ b/spec/controllers/users/activate_controller_spec.rb @@ -37,4 +37,53 @@ describe Users::ActivateController, type: :controller do it { expect(response).to redirect_to(users_activate_path(token: token)) } end end + + describe '#confirm_email' do + let(:user) { create(:user) } + let(:dossier) { create(:dossier, user: user) } + + before { user.invite_tiers!(dossier) } + + context 'when the confirmation token is valid' do + before do + get :confirm_email, params: { token: user.confirmation_token } + user.reload + end + + it 'updates the email_verified_at' do + expect(user.email_verified_at).to be_present + expect(user.confirmation_token).to be_present + end + + it 'redirects to root path with a success notice' do + expect(response).to redirect_to(root_path(user)) + expect(flash[:notice]).to eq('Votre email a bien été vérifié') + end + end + + context 'when the confirmation token is not valid but already used' do + before do + get :confirm_email, params: { token: user.confirmation_token } + get :confirm_email, params: { token: user.confirmation_token } + end + + it 'redirects to root path with an explanation notice' do + expect(response).to redirect_to(root_path(user)) + expect(flash[:notice]).to eq('Votre email est déjà vérifié') + end + end + + context 'when the confirmation token is too old or not valid' do + before do + user.update!(confirmation_sent_at: 3.days.ago) + get :confirm_email, params: { token: user.confirmation_token } + user.reload + end + + it 'redirects to root path with an explanation notice' do + expect(response).to redirect_to(root_path(user)) + expect(flash[:alert]).to eq('le lien est trop vieux') + end + end + end end diff --git a/spec/controllers/users/dossiers_controller_spec.rb b/spec/controllers/users/dossiers_controller_spec.rb index f09fc4f47..99e83f237 100644 --- a/spec/controllers/users/dossiers_controller_spec.rb +++ b/spec/controllers/users/dossiers_controller_spec.rb @@ -162,19 +162,21 @@ describe Users::DossiersController, type: :controller do describe 'update_identite' do let(:procedure) { create(:procedure, :for_individual) } let(:dossier) { create(:dossier, user: user, procedure: procedure) } - let(:now) { Time.zone.parse('01/01/2100') } subject { post :update_identite, params: { id: dossier.id, dossier: dossier_params } } before do sign_in(user) - Timecop.freeze(now) do - subject - end end context 'with correct individual and dossier params' do let(:dossier_params) { { individual_attributes: { gender: 'M', nom: 'Mouse', prenom: 'Mickey' } } } + let(:now) { Time.zone.parse('01/01/2100') } + before do + Timecop.freeze(now) do + subject + end + end it do expect(response).to redirect_to(brouillon_dossier_path(dossier)) @@ -185,6 +187,7 @@ describe Users::DossiersController, type: :controller do context 'when the identite cannot be updated by the user' do let(:dossier) { create(:dossier, :with_individual, :en_instruction, user: user, procedure: procedure) } let(:dossier_params) { { individual_attributes: { gender: 'M', nom: 'Mouse', prenom: 'Mickey' } } } + before { subject } it 'redirects to the dossiers list' do expect(response).to redirect_to(dossier_path(dossier)) @@ -194,6 +197,7 @@ describe Users::DossiersController, type: :controller do context 'with incorrect individual and dossier params' do let(:dossier_params) { { individual_attributes: { gender: '', nom: '', prenom: '' } } } + before { subject } it do expect(response).not_to have_http_status(:redirect) @@ -201,17 +205,20 @@ describe Users::DossiersController, type: :controller do end end - context 'when a dossier is in broullon, for_tiers and we want to update the individual' do + context 'when a dossier is in brouillon, for_tiers and we want to update the individual' do let(:dossier) { create(:dossier, :for_tiers_without_notification, state: "brouillon", user: user, procedure: procedure) } let(:dossier_params) { { individual_attributes: { gender: 'M', nom: 'Mouse', prenom: 'Mickey', email: 'mickey@gmail.com', notification_method: 'email' } } } it 'updates the individual with valid notification_method' do + expect { subject }.to have_enqueued_mail(UserMailer, :invite_tiers) + .and change(User, :count).by(1) + dossier.reload individual = dossier.individual.reload expect(individual.errors.full_messages).to be_empty expect(individual.notification_method).to eq('email') expect(individual.email).to eq('mickey@gmail.com') - expect(individual.email_verified_at).to be_present + expect(individual.email_verified_at).to eq nil expect(response).to redirect_to(brouillon_dossier_path(dossier)) end @@ -219,6 +226,8 @@ describe Users::DossiersController, type: :controller do let(:dossier_params) { { mandataire_first_name: "Jean", mandataire_last_name: "Dupont" } } it 'updates the dossier mandataire first and last name' do + expect { subject }.not_to have_enqueued_mail(UserMailer, :invite_tiers) + dossier.reload individual = dossier.individual.reload expect(dossier.errors.full_messages).to be_empty diff --git a/spec/mailers/previews/user_mailer_preview.rb b/spec/mailers/previews/user_mailer_preview.rb index 84d3a0830..df46a0e06 100644 --- a/spec/mailers/previews/user_mailer_preview.rb +++ b/spec/mailers/previews/user_mailer_preview.rb @@ -25,7 +25,7 @@ class UserMailerPreview < ActionMailer::Preview end def invite_tiers - UserMailer.invite_tiers(user, 'aedfa0d0', Dossier.first ) + UserMailer.invite_tiers(user, 'aedfa0d0', Dossier.first) end def invite_gestionnaire