Merge pull request #2230 from robertmuehsig/432-cancelemaichange

432: Cancel Email Address Change
NuGet · Jun 26, 2014 · cd57b3d · cd57b3d
2 parents 8354eee + 9035c0c
commit cd57b3d
Show file tree

Hide file tree

Showing 9 changed files with 117 additions and 6 deletions.
diff --git a/src/NuGetGallery.Core/Auditing/UserAuditRecord.cs b/src/NuGetGallery.Core/Auditing/UserAuditRecord.cs
@@ -81,6 +81,7 @@ public enum UserAuditAction
         RemovedCredential,
         RequestedPasswordReset,
         ChangeEmail,
+        CancelChangeEmail,
         ConfirmEmail,
     }
 }
diff --git a/src/NuGetGallery.Core/Entities/User.cs b/src/NuGetGallery.Core/Entities/User.cs
@@ -69,6 +69,12 @@ public void ConfirmEmailAddress()
             UnconfirmedEmailAddress = null;
         }
 
+        public void CancelChangeEmailAddress()
+        {
+            EmailConfirmationToken = null;
+            UnconfirmedEmailAddress = null;
+        }
+
         public void UpdateEmailAddress(string newEmailAddress, Func<string> generateToken)
         {
             if (!String.IsNullOrEmpty(UnconfirmedEmailAddress))

diff --git a/src/NuGetGallery/Controllers/UsersController.cs b/src/NuGetGallery/Controllers/UsersController.cs
@@ -333,6 +333,25 @@ public virtual async Task<ActionResult> ChangeEmail(AccountViewModel model)
             return RedirectToAction(actionName: "Account", controllerName: "Users");
         }
 
+        [HttpPost]
+        [Authorize]
+        public virtual async Task<ActionResult> CancelChangeEmail(AccountViewModel model)
+        {
+            var user = GetCurrentUser();
+
+            if(string.IsNullOrWhiteSpace(user.UnconfirmedEmailAddress))
+            {
+                return RedirectToAction(actionName: "Account", controllerName: "Users");
+            }
+
+            await UserService.CancelChangeEmailAddress(user);
+
+            TempData["Message"] = Strings.CancelEmailAddress;
+
+            return RedirectToAction(actionName: "Account", controllerName: "Users");
+        }
+
+
         [HttpPost]
         [Authorize]
         [ValidateAntiForgeryToken]
@@ -433,11 +452,6 @@ private async Task<ActionResult> RemoveCredential(User user, Credential cred, st
             return RedirectToAction("Account");
         }
 
-        private ActionResult EditProfileView()
-        {
-            return AccountView(new AccountViewModel());
-        }
-
         private ActionResult AccountView(AccountViewModel model)
         {
             // Load Credential info

diff --git a/src/NuGetGallery/Services/IUserService.cs b/src/NuGetGallery/Services/IUserService.cs
@@ -19,5 +19,7 @@ public interface IUserService
         Task<bool> ConfirmEmailAddress(User user, string token);
 
         Task ChangeEmailAddress(User user, string newEmailAddress);
+
+        Task CancelChangeEmailAddress(User user);
     }
 }
diff --git a/src/NuGetGallery/Services/UserService.cs b/src/NuGetGallery/Services/UserService.cs
@@ -98,6 +98,14 @@ public async Task ChangeEmailAddress(User user, string newEmailAddress)
             UserRepository.CommitChanges();
         }
 
+        public async Task CancelChangeEmailAddress(User user)
+        {
+            await Auditing.SaveAuditRecord(new UserAuditRecord(user, UserAuditAction.CancelChangeEmail, user.UnconfirmedEmailAddress));
+
+            user.CancelChangeEmailAddress();
+            UserRepository.CommitChanges();
+        }
+
         public async Task<bool> ConfirmEmailAddress(User user, string token)
         {
             if (user == null)

diff --git a/src/NuGetGallery/Strings.Designer.cs b/src/NuGetGallery/Strings.Designer.cs
diff --git a/src/NuGetGallery/Strings.resx b/src/NuGetGallery/Strings.resx
@@ -302,4 +302,7 @@ The {2} Team</value>
   <data name="DefaultUserSafeExceptionMessage" xml:space="preserve">
     <value>An unexpected error occurred. Contact support for assistance.</value>
   </data>
+  <data name="CancelEmailAddress" xml:space="preserve">
+    <value>You canceled your email address change request.</value>
+  </data>
 </root>
diff --git a/src/NuGetGallery/Views/Users/Account.cshtml b/src/NuGetGallery/Views/Users/Account.cshtml
@@ -163,7 +163,19 @@
         subtitle: currentEmailAddress,
         enabled: String.IsNullOrEmpty(CurrentUser.UnconfirmedEmailAddress),
         formModelStatePrefix: "ChangeEmail", 
-        actions: @<text>@item.ExpandButton("Change", "Cancel")</text>,
+        actions: @<text>@item.ExpandButton("Change", "Cancel")
+                  @if (!String.IsNullOrEmpty(CurrentUser.EmailAddress) && !String.IsNullOrEmpty(CurrentUser.UnconfirmedEmailAddress))
+                  {
+                      using (Html.BeginForm("CancelChangeEmail", "Users", FormMethod.Post, new { @class = "form-inline" }))
+                      {
+                        <fieldset class="form">
+                            <legend>Reset to Confirmed Email Address</legend>
+                            @Html.AntiForgeryToken()
+                            <button class="btn btn-inline" type="submit">Reset to Confirmed Email Address</button>
+                        </fieldset>
+                      }
+                  }
+                </text>,
         content: @<text>
             @using (Html.BeginForm("ChangeEmail", "Users", FormMethod.Post, new { @class = "form-inline" }))
             {

diff --git a/tests/NuGetGallery.Facts/Services/UserServiceFacts.cs b/tests/NuGetGallery.Facts/Services/UserServiceFacts.cs
@@ -302,6 +302,62 @@ public async Task WritesAuditRecord()
             }
         }
 
+        public class TheCancelChangeEmailAddressMethod
+        {
+            [Fact]
+            public async Task ClearsUnconfirmedEmail()
+            {
+                var user = new User { Username = "Bob", UnconfirmedEmailAddress = "unconfirmedEmail@example.org", EmailAddress = "confirmedEmail@example.org" };
+                var service = new TestableUserServiceWithDBFaking
+                {
+                    Users = new[] { user }
+                };
+
+                await service.CancelChangeEmailAddress(user);
+
+                Assert.Equal("confirmedEmail@example.org", user.EmailAddress);
+                Assert.Null(user.UnconfirmedEmailAddress);
+                service.FakeEntitiesContext.VerifyCommitChanges();
+            }
+
+            [Fact]
+            public async Task ClearsEmailConfirmationToken()
+            {
+                var user = new User { Username = "Bob", EmailConfirmationToken = Guid.NewGuid().ToString() ,UnconfirmedEmailAddress = "unconfirmedEmail@example.org", EmailAddress = "confirmedEmail@example.org" };
+                var service = new TestableUserServiceWithDBFaking
+                {
+                    Users = new[] { user }
+                };
+
+                await service.CancelChangeEmailAddress(user);
+
+                Assert.Equal("confirmedEmail@example.org", user.EmailAddress);
+                Assert.Null(user.EmailConfirmationToken);
+                service.FakeEntitiesContext.VerifyCommitChanges();
+            }
+
+            [Fact]
+            public async Task WritesAuditRecord()
+            {
+                // Arrange
+                var user = new User { Username = "Bob", EmailConfirmationToken = Guid.NewGuid().ToString(), UnconfirmedEmailAddress = "unconfirmedEmail@example.org", EmailAddress = "confirmedEmail@example.org" };
+                var service = new TestableUserServiceWithDBFaking
+                {
+                    Users = new[] { user }
+                };
+
+                // Act
+                await service.CancelChangeEmailAddress(user);
+
+                // Assert
+                Assert.True(service.Auditing.WroteRecord<UserAuditRecord>(ar =>
+                    ar.Action == UserAuditAction.CancelChangeEmail &&
+                    ar.AffectedEmailAddress == "unconfirmedEmail@example.org" &&
+                    ar.EmailAddress == "confirmedEmail@example.org"));
+            }
+        }
+
+
         public class TheUpdateProfileMethod
         {   
             [Fact]