From 9e843a3df4690a39d3f325447517cdd29cec6160 Mon Sep 17 00:00:00 2001
From: Mathieu Magnin <mathieu@magnin.sh>
Date: Fri, 6 Sep 2024 12:06:05 +0200
Subject: [PATCH 1/2] [#10752] set email verified after password reset

---
 app/controllers/users/passwords_controller.rb      |  7 +++++++
 .../controllers/users/passwords_controller_spec.rb | 14 ++++++++++++++
 2 files changed, 21 insertions(+)

diff --git a/app/controllers/users/passwords_controller.rb b/app/controllers/users/passwords_controller.rb
index 459a01459..81aabf34d 100644
--- a/app/controllers/users/passwords_controller.rb
+++ b/app/controllers/users/passwords_controller.rb
@@ -5,6 +5,7 @@ class Users::PasswordsController < Devise::PasswordsController
 
   after_action :try_to_authenticate_instructeur, only: [:update]
   after_action :try_to_authenticate_administrateur, only: [:update]
+  after_action :update_email_verified_at, only: [:update]
 
   # GET /resource/password/new
   # def new
@@ -62,4 +63,10 @@ class Users::PasswordsController < Devise::PasswordsController
       end
     end
   end
+
+  def update_email_verified_at
+    if user_signed_in?
+      current_user.update!(email_verified_at: Time.zone.now)
+    end
+  end
 end
diff --git a/spec/controllers/users/passwords_controller_spec.rb b/spec/controllers/users/passwords_controller_spec.rb
index 8378ee7e3..784db1469 100644
--- a/spec/controllers/users/passwords_controller_spec.rb
+++ b/spec/controllers/users/passwords_controller_spec.rb
@@ -38,6 +38,20 @@ describe Users::PasswordsController, type: :controller do
         expect(subject.current_user).to eq(user)
         expect(subject.current_administrateur).to eq(administrateur)
       end
+
+      it "marks user's email as verified" do
+        expect(user.email_verified_at).to be_nil
+
+        put :update, params: {
+          user: {
+            reset_password_token: @token,
+            password: "mot de passe super secret",
+            password_confirmation: "mot de passe super secret"
+          }
+        }
+
+        expect(user.reload.email_verified_at).to be_present
+      end
     end
   end
 

From ced80bf23d08d71bf12816e946168933037559cb Mon Sep 17 00:00:00 2001
From: Mathieu Magnin <847942+mmagn@users.noreply.github.com>
Date: Fri, 6 Sep 2024 14:10:22 +0200
Subject: [PATCH 2/2] rewrite test with "expect to change" syntax

Co-authored-by: mfo <mfo@users.noreply.github.com>
---
 .../users/passwords_controller_spec.rb        | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/spec/controllers/users/passwords_controller_spec.rb b/spec/controllers/users/passwords_controller_spec.rb
index 784db1469..b0d942f01 100644
--- a/spec/controllers/users/passwords_controller_spec.rb
+++ b/spec/controllers/users/passwords_controller_spec.rb
@@ -40,17 +40,16 @@ describe Users::PasswordsController, type: :controller do
       end
 
       it "marks user's email as verified" do
-        expect(user.email_verified_at).to be_nil
-
-        put :update, params: {
-          user: {
-            reset_password_token: @token,
-            password: "mot de passe super secret",
-            password_confirmation: "mot de passe super secret"
+        expect do
+          put :update, params: {
+            user: {
+              reset_password_token: @token,
+              password: "mot de passe super secret",
+              password_confirmation: "mot de passe super secret"
+            }
           }
-        }
-
-        expect(user.reload.email_verified_at).to be_present
+        end.to change { user.reload.email_verified_at }
+          .from(nil).to(anything)
       end
     end
   end