fix(profil_controller#update_email): ensure we are not merging same account
fix(profil_controller#update_email): changing email from current_user.email to current_user.email destroy current user. whoops ☠️'
Update config/locales/en.yml
Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>
Update config/locales/fr.yml
Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>
Update spec/controllers/users/profil_controller_spec.rb
Update config/locales/fr.yml
Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>
Update spec/controllers/users/profil_controller_spec.rb
fix(spec): broken due to typo
This commit is contained in:
parent
15f01149df
commit
d0ab1711ff
5 changed files with 36 additions and 7 deletions
|
@ -14,9 +14,7 @@ module Users
|
|||
|
||||
def update_email
|
||||
requested_user = User.find_by(email: requested_email)
|
||||
|
||||
if requested_user.present?
|
||||
current_user.ask_for_merge(requested_user)
|
||||
if requested_user.present? && current_user.ask_for_merge(requested_user)
|
||||
current_user.update(unconfirmed_email: nil)
|
||||
|
||||
flash.notice = t('devise.registrations.update_needs_confirmation')
|
||||
|
|
|
@ -63,6 +63,8 @@ class User < ApplicationRecord
|
|||
|
||||
before_validation -> { sanitize_email(:email) }
|
||||
|
||||
validate :does_not_merge_on_self, if: :requested_merge_into_id_changed?
|
||||
|
||||
def validate_password_complexity?
|
||||
administrateur?
|
||||
end
|
||||
|
@ -223,12 +225,21 @@ class User < ApplicationRecord
|
|||
end
|
||||
|
||||
def ask_for_merge(requested_user)
|
||||
update(requested_merge_into: requested_user)
|
||||
if update(requested_merge_into: requested_user)
|
||||
UserMailer.ask_for_merge(self, requested_user.email).deliver_later
|
||||
return true
|
||||
else
|
||||
return false
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def does_not_merge_on_self
|
||||
return if requested_merge_into_id != self.id
|
||||
errors.add(:requested_merge_into, :same)
|
||||
end
|
||||
|
||||
def link_invites!
|
||||
Invite.where(email: email).update_all(user_id: id)
|
||||
end
|
||||
|
|
|
@ -244,9 +244,16 @@ en:
|
|||
one: User
|
||||
other: Users
|
||||
attributes:
|
||||
default_attributes: &default_attributes
|
||||
password: 'password'
|
||||
requested_merge_into: 'new email address'
|
||||
user:
|
||||
siret: 'SIRET number'
|
||||
password: 'password'
|
||||
<< : *default_attributes
|
||||
instructeur:
|
||||
<< : *default_attributes
|
||||
super_admin:
|
||||
<< : *default_attributes
|
||||
instructeur:
|
||||
password: 'password'
|
||||
errors:
|
||||
|
@ -268,6 +275,8 @@ en:
|
|||
too_short: 'is too short'
|
||||
password_confirmation:
|
||||
confirmation: ': The two passwords do not match'
|
||||
requested_merge_into:
|
||||
same: "can't be the same as the old one"
|
||||
invite:
|
||||
attributes:
|
||||
email:
|
||||
|
|
|
@ -244,6 +244,7 @@ fr:
|
|||
attributes:
|
||||
default_attributes: &default_attributes
|
||||
password: 'Le mot de passe'
|
||||
requested_merge_into: 'La nouvelle adresse email'
|
||||
user:
|
||||
siret: 'Numéro SIRET'
|
||||
<< : *default_attributes
|
||||
|
@ -273,6 +274,8 @@ fr:
|
|||
not_strong: 'n’est pas assez complexe'
|
||||
password_confirmation:
|
||||
confirmation: ': Les deux mots de passe ne correspondent pas'
|
||||
requested_merge_into:
|
||||
same: "ne peut être identique à l’ancienne"
|
||||
invite:
|
||||
attributes:
|
||||
email:
|
||||
|
|
|
@ -48,6 +48,14 @@ describe Users::ProfilController, type: :controller do
|
|||
end
|
||||
|
||||
describe 'PATCH #update_email' do
|
||||
context 'when email is same as user' do
|
||||
it 'fails' do
|
||||
patch :update_email, params: { user: { email: user.email } }
|
||||
expect(response).to have_http_status(302)
|
||||
expect(flash[:alert]).to eq(["La nouvelle adresse email ne peut être identique à l’ancienne"])
|
||||
end
|
||||
end
|
||||
|
||||
context 'when everything is fine' do
|
||||
let(:previous_request) { create(:user) }
|
||||
|
||||
|
@ -69,7 +77,7 @@ describe Users::ProfilController, type: :controller do
|
|||
before do
|
||||
user.update(unconfirmed_email: 'unconfirmed@mail.com')
|
||||
|
||||
expect_any_instance_of(User).to receive(:ask_for_merge).with(existing_user)
|
||||
expect(UserMailer).to receive(:ask_for_merge).with(user, existing_user.email).and_return(double(deliver_later: true))
|
||||
|
||||
perform_enqueued_jobs do
|
||||
patch :update_email, params: { user: { email: existing_user.email } }
|
||||
|
|
Loading…
Reference in a new issue