Merge pull request #6653 from betagouv/6580/etq-utilisateur-j-aimerais-fusionner-mes-comptes-fc-ds-avec-un-mail-de-confirmation
6580 ETQ Utilisateur, j'aimerais fusionner mes comptes FC/DS avec un mail de confirmation
This commit is contained in:
commit
ae88a36902
14 changed files with 260 additions and 39 deletions
|
@ -556,3 +556,9 @@
|
|||
[data-reach-combobox-popover] {
|
||||
z-index: 20;
|
||||
}
|
||||
|
||||
.fconnect-form {
|
||||
input[type=password] {
|
||||
margin-bottom: 16px;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
class FranceConnect::ParticulierController < ApplicationController
|
||||
before_action :redirect_to_login_if_fc_aborted, only: [:callback]
|
||||
before_action :securely_retrieve_fci, only: [:merge, :merge_with_existing_account, :merge_with_new_account]
|
||||
before_action :securely_retrieve_fci, only: [:merge, :merge_with_existing_account, :merge_with_new_account, :mail_merge_with_existing_account, :resend_and_renew_merge_confirmation]
|
||||
|
||||
def login
|
||||
if FranceConnectService.enabled?
|
||||
|
@ -19,8 +19,12 @@ class FranceConnect::ParticulierController < ApplicationController
|
|||
if preexisting_unlinked_user.nil?
|
||||
fci.associate_user!(fci.email_france_connect)
|
||||
connect_france_connect_particulier(fci.user)
|
||||
elsif !preexisting_unlinked_user.can_france_connect?
|
||||
fci.destroy
|
||||
redirect_to new_user_session_path, alert: t('errors.messages.france_connect.forbidden_html', reset_link: new_user_password_path)
|
||||
else
|
||||
redirect_to france_connect_particulier_merge_path(fci.create_merge_token!)
|
||||
merge_token = fci.create_merge_token!
|
||||
redirect_to france_connect_particulier_merge_path(merge_token)
|
||||
end
|
||||
else
|
||||
user = fci.user
|
||||
|
@ -28,7 +32,7 @@ class FranceConnect::ParticulierController < ApplicationController
|
|||
if user.can_france_connect?
|
||||
fci.update(updated_at: Time.zone.now)
|
||||
connect_france_connect_particulier(user)
|
||||
else
|
||||
else # same behaviour as redirect nicely with message when instructeur/administrateur
|
||||
fci.destroy
|
||||
redirect_to new_user_session_path, alert: t('errors.messages.france_connect.forbidden_html', reset_link: new_user_password_path)
|
||||
end
|
||||
|
@ -47,23 +51,37 @@ class FranceConnect::ParticulierController < ApplicationController
|
|||
|
||||
if user.present? && user.valid_for_authentication? { user.valid_password?(password_params) }
|
||||
if !user.can_france_connect?
|
||||
flash.alert = "#{user.email} ne peut utiliser FranceConnect"
|
||||
flash.alert = t('errors.messages.france_connect.forbidden_html', reset_link: new_user_password_path)
|
||||
|
||||
render js: ajax_redirect(root_path)
|
||||
else
|
||||
@fci.update(user: user)
|
||||
@fci.delete_merge_token!
|
||||
|
||||
flash.notice = "Les comptes FranceConnect et #{APPLICATION_NAME} sont à présent fusionnés"
|
||||
flash.notice = t('france_connect.particulier.flash.connection_done', application_name: APPLICATION_NAME)
|
||||
connect_france_connect_particulier(user)
|
||||
end
|
||||
else
|
||||
flash.alert = 'Mauvais mot de passe'
|
||||
flash.alert = t('france_connect.particulier.flash.invalid_password')
|
||||
|
||||
render js: helpers.render_flash
|
||||
end
|
||||
end
|
||||
|
||||
def mail_merge_with_existing_account
|
||||
user = User.find_by(email: @fci.email_france_connect.downcase)
|
||||
if user.can_france_connect?
|
||||
@fci.update(user: user)
|
||||
@fci.delete_merge_token!
|
||||
|
||||
flash.notice = t('france_connect.particulier.flash.connection_done', application_name: APPLICATION_NAME)
|
||||
connect_france_connect_particulier(user)
|
||||
else # same behaviour as redirect nicely with message when instructeur/administrateur
|
||||
@fci.destroy
|
||||
redirect_to new_user_session_path, alert: t('errors.messages.france_connect.forbidden_html', reset_link: new_user_password_path)
|
||||
end
|
||||
end
|
||||
|
||||
def merge_with_new_account
|
||||
user = User.find_by(email: sanitized_email_params)
|
||||
|
||||
|
@ -71,7 +89,7 @@ class FranceConnect::ParticulierController < ApplicationController
|
|||
@fci.associate_user!(sanitized_email_params)
|
||||
@fci.delete_merge_token!
|
||||
|
||||
flash.notice = "Les comptes FranceConnect et #{APPLICATION_NAME} sont à présent fusionnés"
|
||||
flash.notice = t('france_connect.particulier.flash.connection_done', application_name: APPLICATION_NAME)
|
||||
connect_france_connect_particulier(@fci.user)
|
||||
else
|
||||
@email = sanitized_email_params
|
||||
|
@ -79,13 +97,20 @@ class FranceConnect::ParticulierController < ApplicationController
|
|||
end
|
||||
end
|
||||
|
||||
def resend_and_renew_merge_confirmation
|
||||
merge_token = @fci.create_merge_token!
|
||||
UserMailer.france_connect_merge_confirmation(@fci.email_france_connect, merge_token, @fci.merge_token_created_at).deliver_later
|
||||
redirect_to france_connect_particulier_merge_path(merge_token),
|
||||
notice: t('france_connect.particulier.flash.confirmation_mail_sent')
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def securely_retrieve_fci
|
||||
@fci = FranceConnectInformation.find_by(merge_token: merge_token_params)
|
||||
|
||||
if @fci.nil? || !@fci.valid_for_merge?
|
||||
flash.alert = 'Votre compte FranceConnect a expiré, veuillez recommencer.'
|
||||
flash.alert = t('france_connect.particulier.flash.merger_token_expired', application_name: APPLICATION_NAME)
|
||||
|
||||
respond_to do |format|
|
||||
format.html { redirect_to root_path }
|
||||
|
|
|
@ -20,6 +20,14 @@ class UserMailer < ApplicationMailer
|
|||
mail(to: requested_email, subject: @subject)
|
||||
end
|
||||
|
||||
def france_connect_merge_confirmation(email, merge_token, merge_token_created_at)
|
||||
@merge_token = merge_token
|
||||
@merge_token_created_at = merge_token_created_at
|
||||
@subject = "Veuillez confirmer la fusion de compte"
|
||||
|
||||
mail(to: email, subject: @subject)
|
||||
end
|
||||
|
||||
def invite_instructeur(user, reset_password_token)
|
||||
@reset_password_token = reset_password_token
|
||||
@user = user
|
||||
|
|
|
@ -1,12 +1,16 @@
|
|||
%p
|
||||
Le compte #{email} existe déjà sur #{APPLICATION_NAME}
|
||||
= t('.already_exists', email: email, application_name: APPLICATION_NAME)
|
||||
%br
|
||||
entrez votre mot de passe pour fusionner les comptes
|
||||
= t('.fill_in_password')
|
||||
|
||||
= form_tag france_connect_particulier_merge_with_existing_account_path, remote: true, class: 'mt-2 form' do
|
||||
= form_tag france_connect_particulier_merge_with_existing_account_path, remote: true, class: 'mt-2 form fconnect-form' do
|
||||
= hidden_field_tag :merge_token, merge_token
|
||||
= hidden_field_tag :email, email
|
||||
= label_tag :password, 'Mot de passe (8 caractères minimum)'
|
||||
= label_tag :password, t('views.registrations.new.password_label', min_length: 8)
|
||||
= password_field_tag :password, nil, autocomplete: 'current-password', id: 'password-for-another-account'
|
||||
= button_tag 'revenir en arrière', type: 'button', class: 'button secondary', onclick: 'DS.showNewAccount(event);'
|
||||
= submit_tag 'Fusionner les comptes', class: 'button primary'
|
||||
.mb-2
|
||||
= t('views.users.sessions.new.reset_password')
|
||||
= link_to france_connect_particulier_resend_and_renew_merge_confirmation_path(merge_token: merge_token), method: :post do
|
||||
= t('france_connect.particulier.merge.link_confirm_by_email')
|
||||
= button_tag t('.back'), type: 'button', class: 'button secondary', onclick: 'DS.showNewAccount(event);'
|
||||
= submit_tag t('france_connect.particulier.merge.button_merge'), class: 'button primary'
|
||||
|
|
|
@ -1,44 +1,46 @@
|
|||
= content_for :title, "Fusion des comptes FC et #{APPLICATION_NAME}"
|
||||
|
||||
.container
|
||||
%h1.page-title Fusion des comptes FranceConnect et #{APPLICATION_NAME}
|
||||
%h1.page-title= t('.title', application_name: APPLICATION_NAME)
|
||||
|
||||
%p
|
||||
Bonjour,
|
||||
%br
|
||||
%br
|
||||
Votre compte FranceConnect utilise <b class='bold'>#{@fci.email_france_connect}</b> comme email de contact.
|
||||
%br
|
||||
Or il existe un compte sur #{APPLICATION_NAME} avec cet email.
|
||||
%p= t('.subtitle', email: sanitize(@fci.email_france_connect), application_name: APPLICATION_NAME).html_safe
|
||||
|
||||
.form.mt-2
|
||||
%label Ce compte #{@fci.email_france_connect} vous appartient-il ?
|
||||
%label= t('.label_select_merge_flow', email: @fci.email_france_connect)
|
||||
%fieldset.radios
|
||||
%label{ onclick: "DS.showFusion(event);" }
|
||||
= radio_button_tag :value, true, false, autocomplete: "off", id: 'it-is-mine'
|
||||
Oui
|
||||
= t('utils.yes')
|
||||
|
||||
%label{ onclick: "DS.showNewAccount(event);" }
|
||||
= radio_button_tag :value, false, false, autocomplete: "off", id: 'it-is-not-mine'
|
||||
Non
|
||||
= t('utils.no')
|
||||
|
||||
.fusion.hidden
|
||||
%p Pour les fusionner, entrez votre mot de passe
|
||||
%p= t('.title_fill_in_password')
|
||||
|
||||
= form_tag france_connect_particulier_merge_with_existing_account_path, remote: true, class: 'mt-2 form' do
|
||||
= form_tag france_connect_particulier_merge_with_existing_account_path, remote: true, class: 'mt-2 form fconnect-form' do
|
||||
= hidden_field_tag :merge_token, @fci.merge_token
|
||||
= hidden_field_tag :email, @fci.email_france_connect
|
||||
= label_tag :password, 'Mot de passe (8 caractères minimum)'
|
||||
= password_field_tag :password, nil, autocomplete: 'current-password'
|
||||
= submit_tag 'Fusionner les comptes', class: 'button primary'
|
||||
|
||||
= label_tag :password, t('views.registrations.new.password_label', min_length: 8)
|
||||
= password_field_tag :password, nil, autocomplete: 'current-password', class: 'mb-1'
|
||||
.mb-2
|
||||
= t('views.users.sessions.new.reset_password')
|
||||
= link_to france_connect_particulier_resend_and_renew_merge_confirmation_path(merge_token: @fci.merge_token), method: :post do
|
||||
= t('.link_confirm_by_email')
|
||||
|
||||
= submit_tag t('.button_merge'), class: 'button primary'
|
||||
|
||||
|
||||
.new-account.hidden
|
||||
%p Donnez-nous alors le mail que #{APPLICATION_NAME} utilisera pour vous contacter
|
||||
%p= t('.title_fill_in_email', application_name: APPLICATION_NAME)
|
||||
|
||||
= form_tag france_connect_particulier_merge_with_new_account_path, remote: true, class: 'mt-2 form' do
|
||||
= hidden_field_tag :merge_token, @fci.merge_token
|
||||
= label_tag :email, 'Email (nom@site.com)'
|
||||
= email_field_tag :email
|
||||
= submit_tag 'Utiliser ce mail', class: 'button primary'
|
||||
= label_tag :email, t('views.registrations.new.email_label')
|
||||
= email_field_tag :email, "", required: true
|
||||
= submit_tag t('.button_use_this_email'), class: 'button primary'
|
||||
|
||||
|
||||
.new-account-password-confirmation.hidden
|
||||
|
|
20
app/views/user_mailer/france_connect_merge_confirmation.haml
Normal file
20
app/views/user_mailer/france_connect_merge_confirmation.haml
Normal file
|
@ -0,0 +1,20 @@
|
|||
- content_for(:title, @subject)
|
||||
|
||||
%p
|
||||
Bonjour,
|
||||
|
||||
%p
|
||||
Pour confirmer la fusion de votre compte, veuillez cliquer sur le lien suivant :
|
||||
= round_button 'Je confirme', france_connect_particulier_mail_merge_with_existing_account_url(merge_token: @merge_token), :primary
|
||||
|
||||
%p
|
||||
Vous pouvez aussi visiter ce lien : #{link_to france_connect_particulier_mail_merge_with_existing_account_url(merge_token: @merge_token), france_connect_particulier_mail_merge_with_existing_account_url(merge_token: @merge_token)}
|
||||
|
||||
%p Ce lien est valide #{distance_of_time_in_words(FranceConnectInformation::MERGE_VALIDITY)}, jusqu'à #{@merge_token_created_at.strftime("%d-%m-%Y à %H:%M (%Z)")}
|
||||
|
||||
%p
|
||||
Si vous n’êtes pas à l’origine de cette demande, vous pouvez ignorer ce message. Et si vous avez besoin d’assistance, n’hésitez pas à nous contacter à
|
||||
= succeed '.' do
|
||||
= mail_to CONTACT_EMAIL
|
||||
|
||||
= render partial: "layouts/mailers/signature"
|
|
@ -1,5 +1,36 @@
|
|||
{
|
||||
"ignored_warnings": [
|
||||
{
|
||||
"warning_type": "Cross-Site Scripting",
|
||||
"warning_code": 2,
|
||||
"fingerprint": "42099f4550a8377f455e830e8ab645cecd5806248481c5c646b4e17548c3cb07",
|
||||
"check_name": "CrossSiteScripting",
|
||||
"message": "Unescaped model attribute",
|
||||
"file": "app/views/france_connect/particulier/merge.html.haml",
|
||||
"line": 6,
|
||||
"link": "https://brakemanscanner.org/docs/warning_types/cross_site_scripting",
|
||||
"code": "t(\".subtitle\", :email => sanitize(FranceConnectInformation.find_by(:merge_token => merge_token_params).email_france_connect), :application_name => (APPLICATION_NAME))",
|
||||
"render_path": [
|
||||
{
|
||||
"type": "controller",
|
||||
"class": "FranceConnect::ParticulierController",
|
||||
"method": "merge",
|
||||
"line": 48,
|
||||
"file": "app/controllers/france_connect/particulier_controller.rb",
|
||||
"rendered": {
|
||||
"name": "france_connect/particulier/merge",
|
||||
"file": "app/views/france_connect/particulier/merge.html.haml"
|
||||
}
|
||||
}
|
||||
],
|
||||
"location": {
|
||||
"type": "template",
|
||||
"template": "france_connect/particulier/merge"
|
||||
},
|
||||
"user_input": "FranceConnectInformation.find_by(:merge_token => merge_token_params).email_france_connect",
|
||||
"confidence": "Weak",
|
||||
"note": "explicitely sanitized even if we are using html_safe"
|
||||
},
|
||||
{
|
||||
"warning_type": "Cross-Site Scripting",
|
||||
"warning_code": 2,
|
||||
|
@ -15,7 +46,7 @@
|
|||
"type": "controller",
|
||||
"class": "Users::DossiersController",
|
||||
"method": "merci",
|
||||
"line": 188,
|
||||
"line": 193,
|
||||
"file": "app/controllers/users/dossiers_controller.rb",
|
||||
"rendered": {
|
||||
"name": "users/dossiers/merci",
|
||||
|
@ -58,7 +89,7 @@
|
|||
"check_name": "Redirect",
|
||||
"message": "Possible unprotected redirect",
|
||||
"file": "app/controllers/instructeurs/procedures_controller.rb",
|
||||
"line": 180,
|
||||
"line": 190,
|
||||
"link": "https://brakemanscanner.org/docs/warning_types/redirect/",
|
||||
"code": "redirect_to(Export.find_or_create_export(params[:export_format], (params[:time_span_type] or \"everything\"), current_instructeur.groupe_instructeurs.where(:procedure => procedure)).file.service_url)",
|
||||
"render_path": null,
|
||||
|
@ -72,6 +103,6 @@
|
|||
"note": ""
|
||||
}
|
||||
],
|
||||
"updated": "2021-09-02 16:12:11 -0500",
|
||||
"updated": "2021-11-23 14:09:21 +0100",
|
||||
"brakeman_version": "5.1.1"
|
||||
}
|
||||
|
|
|
@ -382,3 +382,23 @@ en:
|
|||
identity_saved: "Identity data is registred"
|
||||
attestation:
|
||||
no_longer_available: "The certificate is no longer available on this file."
|
||||
france_connect:
|
||||
particulier:
|
||||
password_confirmation:
|
||||
back: 'back to previous step'
|
||||
already_exists: An account with %{email} already existis on %{application_name}
|
||||
fill_in_password: fill in your password to merge your accounts
|
||||
merge:
|
||||
title: "Merge your account FranceConnect and %{application_name}"
|
||||
subtitle: "Hello,<br /><br />Your account FranceConnect uses <b class='bold'>%{email}</b> as contact email.<br />But there is an existing %{application_name} account using this email."
|
||||
label_select_merge_flow: Is %{email} one of your email account ?
|
||||
title_fill_in_password: To merge your accounts fill in your password
|
||||
button_merge: Merge accounts
|
||||
title_fill_in_email: Fill in the email that %{application_name} will use to contact you
|
||||
button_use_this_email: Use this email
|
||||
link_confirm_by_email: Confirm by receiving an email
|
||||
flash:
|
||||
confirmation_mail_sent: "An email with the confirmation link has been sent, please click on the link."
|
||||
invalid_password: "The password is not correct."
|
||||
connection_done: "The accounts for FranceConnect and %{application_name} are now merged."
|
||||
merger_token_expired: "Le delay to merge your FranceConnect and %{application_name} accounts is expired. Please retry."
|
||||
|
|
|
@ -421,3 +421,23 @@ fr:
|
|||
ready: "Validé"
|
||||
needs_configuration: "À configurer"
|
||||
configure_api_particulier_token: "Configurer le jeton API particulier"
|
||||
france_connect:
|
||||
particulier:
|
||||
password_confirmation:
|
||||
back: 'revenir en arrière'
|
||||
already_exists: Le compte %{email} existe déjà sur %{application_name}
|
||||
fill_in_password: entrez votre mot de passe pour fusionner les comptes
|
||||
merge:
|
||||
title: "Fusion des comptes FranceConnect et %{application_name}"
|
||||
subtitle: "Bonjour,<br /><br />Votre compte FranceConnect utilise <b class='bold'>%{email}</b> comme email de contact.<br />Or il existe un compte sur %{application_name} avec cet email."
|
||||
label_select_merge_flow: Ce compte %{email} vous appartient-il ?
|
||||
title_fill_in_password: Pour les fusionner, entrez votre mot de passe
|
||||
button_merge: Fusionner les comptes
|
||||
title_fill_in_email: Donnez-nous alors le mail que %{application_name} utilisera pour vous contacter
|
||||
button_use_this_email: Utiliser ce mail
|
||||
link_confirm_by_email: Confirmer mon compte par email
|
||||
flash:
|
||||
confirmation_mail_sent: "Nous venons de vous envoyer le mail de confirmation, veuillez cliquer sur le lien contenu dans ce mail pour fusionner vos comptes"
|
||||
invalid_password: "Mauvais mot de passe"
|
||||
connection_done: "Les comptes FranceConnect et %{application_name} sont à présent fusionnés"
|
||||
merger_token_expired: "Le délai pour fusionner les comptes FranceConnect et %{application_name} est expirée. Veuillez recommencer la procédure pour vous fusionner les comptes."
|
||||
|
|
|
@ -125,6 +125,8 @@ Rails.application.routes.draw do
|
|||
get 'particulier' => 'particulier#login'
|
||||
get 'particulier/callback' => 'particulier#callback'
|
||||
get 'particulier/merge/:merge_token' => 'particulier#merge', as: :particulier_merge
|
||||
get 'particulier/mail_merge_with_existing_account/:merge_token' => 'particulier#mail_merge_with_existing_account', as: :particulier_mail_merge_with_existing_account
|
||||
post 'particulier/resend_and_renew_merge_confirmation' => 'particulier#resend_and_renew_merge_confirmation', as: :particulier_resend_and_renew_merge_confirmation
|
||||
post 'particulier/merge_with_existing_account' => 'particulier#merge_with_existing_account'
|
||||
post 'particulier/merge_with_new_account' => 'particulier#merge_with_new_account'
|
||||
end
|
||||
|
|
|
@ -106,6 +106,16 @@ describe FranceConnect::ParticulierController, type: :controller do
|
|||
expect(response).to redirect_to(france_connect_particulier_merge_path(fci.reload.merge_token))
|
||||
end
|
||||
end
|
||||
context 'and an instructeur with the same email exists' do
|
||||
let!(:preexisting_user) { create(:instructeur, email: email) }
|
||||
|
||||
it 'redirects to the merge process' do
|
||||
expect { subject }.not_to change { User.count }
|
||||
|
||||
expect(response).to redirect_to(new_user_session_path)
|
||||
expect(flash[:alert]).to eq(I18n.t('errors.messages.france_connect.forbidden_html', reset_link: new_user_password_path))
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -150,7 +160,7 @@ describe FranceConnect::ParticulierController, type: :controller do
|
|||
else
|
||||
expect(subject).to redirect_to root_path
|
||||
end
|
||||
expect(flash.alert).to eq('Votre compte FranceConnect a expiré, veuillez recommencer.')
|
||||
expect(flash.alert).to eq('Le délai pour fusionner les comptes FranceConnect et demarches-simplifiees.fr est expirée. Veuillez recommencer la procédure pour vous fusionner les comptes.')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -173,7 +183,7 @@ describe FranceConnect::ParticulierController, type: :controller do
|
|||
|
||||
it do
|
||||
expect(subject).to redirect_to root_path
|
||||
expect(flash.alert).to eq('Votre compte FranceConnect a expiré, veuillez recommencer.')
|
||||
expect(flash.alert).to eq("Le délai pour fusionner les comptes FranceConnect et demarches-simplifiees.fr est expirée. Veuillez recommencer la procédure pour vous fusionner les comptes.")
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -241,6 +251,55 @@ describe FranceConnect::ParticulierController, type: :controller do
|
|||
end
|
||||
end
|
||||
|
||||
describe '#mail_merge_with_existing_account' do
|
||||
let(:fci) { FranceConnectInformation.create!(user_info) }
|
||||
let!(:merge_token) { fci.create_merge_token! }
|
||||
|
||||
context 'when the merge_token is ok and the user is found' do
|
||||
subject { post :mail_merge_with_existing_account, params: { merge_token: fci.merge_token } }
|
||||
|
||||
let!(:user) { create(:user, email: email, password: 'abcdefgh') }
|
||||
|
||||
it 'merges the account, signs in, and delete the merge token' do
|
||||
subject
|
||||
fci.reload
|
||||
|
||||
expect(fci.user).to eq(user)
|
||||
expect(fci.merge_token).to be_nil
|
||||
expect(controller.current_user).to eq(user)
|
||||
expect(flash[:notice]).to eq("Les comptes FranceConnect et #{APPLICATION_NAME} sont à présent fusionnés")
|
||||
end
|
||||
|
||||
context 'but the targeted user is an instructeur' do
|
||||
let!(:user) { create(:instructeur, email: email, password: 'abcdefgh').user }
|
||||
|
||||
it 'redirects to the new session' do
|
||||
subject
|
||||
expect(FranceConnectInformation.exists?(fci.id)).to be_falsey
|
||||
expect(controller.current_user).to be_nil
|
||||
expect(response).to redirect_to(new_user_session_path)
|
||||
expect(flash[:alert]).to eq(I18n.t('errors.messages.france_connect.forbidden_html', reset_link: new_user_password_path))
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when the merge_token is not ok' do
|
||||
subject { post :mail_merge_with_existing_account, params: { merge_token: 'ko' } }
|
||||
|
||||
let!(:user) { create(:user, email: email) }
|
||||
|
||||
it 'increases the failed attempts counter' do
|
||||
subject
|
||||
fci.reload
|
||||
|
||||
expect(fci.user).to be_nil
|
||||
expect(fci.merge_token).not_to be_nil
|
||||
expect(controller.current_user).to be_nil
|
||||
expect(response).to redirect_to(root_path)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe '#merge_with_new_account' do
|
||||
let(:fci) { FranceConnectInformation.create!(user_info) }
|
||||
let(:merge_token) { fci.create_merge_token! }
|
||||
|
@ -280,4 +339,13 @@ describe FranceConnect::ParticulierController, type: :controller do
|
|||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe '#resend_and_renew_merge_confirmation' do
|
||||
let(:fci) { FranceConnectInformation.create!(user_info) }
|
||||
let(:merge_token) { fci.create_merge_token! }
|
||||
it 'renew token' do
|
||||
expect { post :resend_and_renew_merge_confirmation, params: { merge_token: merge_token } }.to change { fci.reload.merge_token }
|
||||
expect(response).to redirect_to(france_connect_particulier_merge_path(fci.reload.merge_token))
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -12,6 +12,10 @@ class UserMailerPreview < ActionMailer::Preview
|
|||
UserMailer.ask_for_merge(user, 'dircab@territoires.gouv.fr')
|
||||
end
|
||||
|
||||
def france_connect_merge_confirmation
|
||||
UserMailer.france_connect_merge_confirmation('new.exemple.fr', '123456', 15.minutes.from_now)
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def user
|
||||
|
|
|
@ -25,4 +25,14 @@ RSpec.describe UserMailer, type: :mailer do
|
|||
it { expect(subject.to).to eq([requested_email]) }
|
||||
it { expect(subject.body).to include(requested_email) }
|
||||
end
|
||||
|
||||
describe '.france_connect_merge_confirmation' do
|
||||
let(:email) { 'new.exemple.fr' }
|
||||
let(:code) { '123456' }
|
||||
|
||||
subject { described_class.france_connect_merge_confirmation(email, code, 15.minutes.from_now) }
|
||||
|
||||
it { expect(subject.to).to eq([email]) }
|
||||
it { expect(subject.body).to include(france_connect_particulier_mail_merge_with_existing_account_url(merge_token: code)) }
|
||||
end
|
||||
end
|
||||
|
|
1
vendor/assets/stylesheets/franceconnect.scss
vendored
1
vendor/assets/stylesheets/franceconnect.scss
vendored
|
@ -140,3 +140,4 @@
|
|||
height: 500px;
|
||||
margin: 60px auto 0 auto;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue