Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Send email to current email address on request to update email #2392

Merged
merged 1 commit into from
Jul 13, 2020
Merged

Send email to current email address on request to update email #2392

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
1 change: 1 addition & 0 deletions app/jobs/email_reset_mailer.rb
View file
Open in desktop
Expand Up @@ -3,6 +3,7 @@ def perform
user = User.find(user_id)

if user.confirmation_token
Mailer.email_reset_update(user).deliver
Mailer.email_reset(user).deliver
else
Rails.logger.info("[jobs:email_reset_mailer] confirmation token not found. skipping sending mail for #{user.handle}")
Expand Down
6 changes: 6 additions & 0 deletions app/mailers/mailer.rb
View file
Open in desktop
Expand Up @@ -13,6 +13,12 @@ def email_reset(user)
default: "Please confirm your email address with RubyGems.org")
end

def email_reset_update(user)
@user = user
mail to: @user.email,
subject: I18n.t("mailer.email_reset_update.subject")
end

def email_confirmation(user)
@user = user
mail to: @user.email,
Expand Down
36 changes: 36 additions & 0 deletions app/views/mailer/email_reset_update.erb
View file
Open in desktop
@@ -0,0 +1,36 @@
<% @title = t(".title") %>
<% @sub_title = "Hi #{@user.handle}" %>

This comment was marked as resolved.

Sign in to view

This comment was marked as resolved.

Sign in to view


<!-- Body -->
<table width="100%" border="0" cellspacing="0" cellpadding="0" bgcolor="#ffffff">
<tr>
<td class="content-spacing" style="font-size:0pt; line-height:0pt; text-align:left" width="20"></td>
<td>
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="spacer" style="font-size:0pt; line-height:0pt; text-align:center; width:100%; min-width:100%"><tr><td height="35" class="spacer" style="font-size:0pt; line-height:0pt; text-align:center; width:100%; min-width:100%">&nbsp;</td></tr></table>

<div class="h3-1-center" style="color:#1e1e1e; font-family:Georgia, serif; min-width:auto !important; font-size:20px; line-height:26px;">
<p>
You have requested email update on RubyGems.org. Once you click on confirmation link sent to your new email address, your account will be disassociated from
<%= @user.email %>.
</p>
<p>
New email address: <strong><%= @user.unconfirmed_email %></strong>
</p>
<br/>
<p>If this email update is expected, you do not need to take further action.</p>
<p>
<strong>Only if this email update is unexpected</strong>
please take immediate steps to secure your account and gems:
</p>
<%= render "compromised_instructions" %>
</div>

<table width="100%" border="0" cellspacing="0" cellpadding="0" class="spacer" style="font-size:0pt; line-height:0pt; text-align:center; width:100%; min-width:100%"><tr><td height="30" class="spacer" style="font-size:0pt; line-height:0pt; text-align:center; width:100%; min-width:100%">&nbsp;</td></tr></table>

<table width="100%" border="0" cellspacing="0" cellpadding="0" class="spacer" style="font-size:0pt; line-height:0pt; text-align:center; width:100%; min-width:100%"><tr><td height="35" class="spacer" style="font-size:0pt; line-height:0pt; text-align:center; width:100%; min-width:100%">&nbsp;</td></tr></table>

</td>
<td class="content-spacing" style="font-size:0pt; line-height:0pt; text-align:left" width="20"></td>
</tr>
</table>
<!-- END Body -->
3 changes: 3 additions & 0 deletions config/locales/de.yml
View file
Open in desktop
Expand Up @@ -147,6 +147,9 @@ de:
subject:
title:
subtitle:
email_reset_update:
subject:
title:
news:
show:
title:
Expand Down
3 changes: 3 additions & 0 deletions config/locales/en.yml
View file
Open in desktop
Expand Up @@ -155,6 +155,9 @@ en:
subject: RubyGems.org API key was reset
title: API KEY RESET
subtitle: Hi %{handle}
email_reset_update:
subject: You have requested email address update on RubyGems.org
title: EMAIL UPDATE REQUESTED
news:
show:
title: New Releases — All Gems
Expand Down
3 changes: 3 additions & 0 deletions config/locales/es.yml
View file
Open in desktop
Expand Up @@ -155,6 +155,9 @@ es:
subject:
title:
subtitle:
email_reset_update:
subject:
title:
news:
show:
title: Nuevos lanzamientos — Todas las Gemas
Expand Down
3 changes: 3 additions & 0 deletions config/locales/fr.yml
View file
Open in desktop
Expand Up @@ -147,6 +147,9 @@ fr:
subject:
title:
subtitle:
email_reset_update:
subject:
title:
news:
show:
title: Nouvelles Versions - Toutes les Gems
Expand Down
3 changes: 3 additions & 0 deletions config/locales/ja.yml
View file
Open in desktop
Expand Up @@ -147,6 +147,9 @@ ja:
subject:
title:
subtitle:
email_reset_update:
subject:
title:
news:
show:
title: 新しくリリースされたGem
Expand Down
3 changes: 3 additions & 0 deletions config/locales/nl.yml
View file
Open in desktop
Expand Up @@ -147,6 +147,9 @@ nl:
subject:
title:
subtitle:
email_reset_update:
subject:
title:
news:
show:
title:
Expand Down
3 changes: 3 additions & 0 deletions config/locales/pt-BR.yml
View file
Open in desktop
Expand Up @@ -147,6 +147,9 @@ pt-BR:
subject:
title:
subtitle:
email_reset_update:
subject:
title:
news:
show:
title: Novos Releases - Todas as Gems
Expand Down
3 changes: 3 additions & 0 deletions config/locales/zh-CN.yml
View file
Open in desktop
Expand Up @@ -147,6 +147,9 @@ zh-CN:
subject:
title:
subtitle:
email_reset_update:
subject:
title:
news:
show:
title: 全部新发布 Gems
Expand Down
3 changes: 3 additions & 0 deletions config/locales/zh-TW.yml
View file
Open in desktop
Expand Up @@ -147,6 +147,9 @@ zh-TW:
subject:
title:
subtitle:
email_reset_update:
subject:
title:
news:
show:
title: 最新發佈
Expand Down
33 changes: 33 additions & 0 deletions test/functional/profiles_controller_test.rb
View file
Open in desktop
Expand Up @@ -165,7 +165,40 @@ class ProfilesControllerTest < ActionController::TestCase
refute_equal "cannotchange@tothis.com", @user.unconfirmed_email
end
end

context "updating email" do
context "yet to verify the updated email" do
setup do
@current_email = "john@doe.com"
@user = create(:user, email: @current_email)
sign_in_as(@user)
@new_email = "change@tothis.com"
end

should "set unconfirmed email and confirmation token" do
put :update, params: { user: { email: @new_email, password: @user.password } }
assert_equal @new_email, @user.unconfirmed_email
assert @user.confirmation_token
end

should "not update the current email" do
put :update, params: { user: { email: @new_email, password: @user.password } }
assert_equal @current_email, @user.email
end

should "send email reset mails to new and current email addresses" do
mailer = mock
mailer.stubs(:deliver)

Mailer.expects(:email_reset).returns(mailer).times(1)
Mailer.expects(:email_reset_update).returns(mailer).times(1)
put :update, params: { user: { email: @new_email, password: @user.password } }
Delayed::Worker.new.work_off
end
end
end
end

context "on DELETE to destroy" do
context "correct password" do
should "enqueue deletion request" do
Expand Down
4 changes: 4 additions & 0 deletions test/mailers/previews/mailer_preview.rb
View file
Open in desktop
Expand Up @@ -3,6 +3,10 @@ def email_reset
Mailer.email_reset(User.last)
end

def email_reset_update
Mailer.email_reset_update(User.last)
end

def email_confirmation
Mailer.email_confirmation(User.last)
end
Expand Down