stormpath · DamirSvrtan · Aug 29, 2016 · Aug 25, 2016 · Aug 25, 2016 · Aug 25, 2016
diff --git a/app/views/stormpath/rails/forgot_password/new.html.erb b/app/views/stormpath/rails/forgot_password/new.html.erb
@@ -37,7 +37,9 @@
           <% end %>
         </div>
       </div>
-      <%= link_to "Back to Log In", new_login_path, class: "forgot" %>
+      <% if Stormpath::Rails.config.web.login.enabled %>
+        <%= link_to "Back to Log In", new_login_path, class: "forgot" %>
+      <% end %>
     </div>
   </div>
 </div>
diff --git a/app/views/stormpath/rails/login/_form.html.erb b/app/views/stormpath/rails/login/_form.html.erb
@@ -17,7 +17,12 @@
     <% case params[:status] %>
     <% when 'unverified' %>
       <div class="alert alert-success">
-        <p>Your account verification email has been sent! Before you can log into your account, you need to activate your account by clicking the link we sent to your inbox. Didn't get the email? <%= link_to "Click Here", Stormpath::Rails.config.web.verify_email.uri %></p>
+        <% if Stormpath::Rails.config.web.verify_email.enabled %>
+          <p>
+            Your account verification email has been sent! Before you can log into your account, you need to activate your account by clicking the link we sent to your inbox. Didn't get the email?
+            <%= link_to "Click Here", new_verify_email_path %>
+          </p>
+        <% end %>
       </div>
     <% when 'verified' %>
       <div class="alert alert-success">

diff --git a/app/views/stormpath/rails/register/_form.html.erb b/app/views/stormpath/rails/register/_form.html.erb
@@ -14,6 +14,6 @@
       <%= render 'stormpath/rails/shared/input', form: form, input_config: Stormpath::Rails.config.web.register.form.fields.send(field), input_name: field.to_s.camelize(:lower), value: params[field.to_s.camelize(:lower)] %>
     <% end %>
 
-    <%= button_tag "Create Account", :class => "btn btn-register btn-sp-green", :type => "submit" %>
+    <%= button_tag "Create Account", class: "btn btn-register btn-sp-green", type: "submit" %>
   <% end %>
 </div>
diff --git a/app/views/stormpath/rails/register/new.html.erb b/app/views/stormpath/rails/register/new.html.erb
@@ -4,7 +4,9 @@
       <div class="box row">
         <%= render partial: 'stormpath/rails/register/form' %>
       </div>
-      <%= link_to "Back to Log In", new_login_path, class: "to-login" %>
+      <% if Stormpath::Rails.config.web.login.enabled %>
+        <%= link_to "Back to Log In", new_login_path, class: "to-login" %>
+      <% end %>
     </div>
   </div>
 </div>
diff --git a/app/views/stormpath/rails/verify_email/new.html.erb b/app/views/stormpath/rails/verify_email/new.html.erb
@@ -43,7 +43,9 @@
           <% end %>
         </div>
       </div>
-      <%= link_to "Back to Log In", new_login_path, class: "forgot" %>
+      <% if Stormpath::Rails.config.web.login.enabled %>
+        <%= link_to "Back to Log In", new_login_path, class: "forgot" %>
+      <% end %>
     </div>
   </div>
 </div>
diff --git a/lib/stormpath/rails/config/dynamic_configuration.rb b/lib/stormpath/rails/config/dynamic_configuration.rb
@@ -26,13 +26,23 @@ def change_password_enabled?
           password_reset_enabled?
         end
 
+        def verify_email_enabled?
+          return false if static_config.stormpath.web.verify_email.enabled == false
+          email_verification_enabled?
+        end
+
         private
 
         def password_reset_enabled?
           return false if default_account_store.nil?
           default_account_store.password_policy.reset_email_status == 'ENABLED'
         end
 
+        def email_verification_enabled?
+          return false if default_account_store.nil?
+          default_account_store.account_creation_policy.verification_email_status == 'ENABLED'
+        end
+
         def default_account_store
           @default_account_store ||=
             app.default_account_store_mapping && app.default_account_store_mapping.account_store

diff --git a/lib/stormpath/rails/configuration.rb b/lib/stormpath/rails/configuration.rb
@@ -26,6 +26,7 @@ def config_object
           config.stormpath.application.href = dynamic_config.app.href
           config.stormpath.web.forgot_password.enabled = dynamic_config.forgot_password_enabled?
           config.stormpath.web.change_password.enabled = dynamic_config.change_password_enabled?
+          config.stormpath.web.verify_email.enabled = dynamic_config.verify_email_enabled?
         end
       end
 

diff --git a/lib/stormpath/rails/router.rb b/lib/stormpath/rails/router.rb
@@ -63,7 +63,7 @@ def stormpath_rails_routes(actions: {})
 
           # VERIFY EMAIL
           if Stormpath::Rails.config.web.verify_email.enabled
-            get Stormpath::Rails.config.web.verify_email.uri => actions['verify_email#show']
+            get Stormpath::Rails.config.web.verify_email.uri => actions['verify_email#show'], as: :new_verify_email
             post Stormpath::Rails.config.web.verify_email.uri => actions['verify_email#create'], as: :verify_email
           end
         end

diff --git a/spec/factories.rb b/spec/factories.rb
@@ -7,6 +7,13 @@
     username { Faker::Internet.user_name }
   end
 
+  factory :account_without_username, class: Stormpath::Resource::Account do
+    sequence(:email) { |n| "dev#{n}@example.com" }
+    password 'Password1337'
+    given_name { Faker::Name.first_name }
+    surname { Faker::Name.last_name }
+  end
+
   factory :unverified_account, parent: :account do
     status 'UNVERIFIED'
   end

diff --git a/spec/features/email_verification_spec.rb b/spec/features/email_verification_spec.rb
@@ -44,6 +44,17 @@
           folder."
         )
       end
+
+      it 'does not blow up with wrong path helpers when login is disabled' do
+        allow(configuration.web.login).to receive(:enabled).and_return(false)
+
+        Rails.application.reload_routes!
+
+        visit 'verify'
+
+        expect(page.status_code).to eq(200)
+        expect(page).not_to have_content('Back to Log In')
+      end
     end
 
     describe 'with invalid sptoken' do

diff --git a/spec/features/forgot_password_feature_spec.rb b/spec/features/forgot_password_feature_spec.rb
@@ -7,6 +7,7 @@
 
   let(:account_attrs) { FactoryGirl.attributes_for(:account) }
 
+  before { Rails.application.reload_routes! }
   after { account.delete }
 
   describe 'GET /forgot' do
@@ -19,6 +20,17 @@
       visit 'forgot'
       expect(find_field('email')['placeholder']).to eq('Email')
     end
+
+    it 'should render the page when login is disabled' do
+      allow(configuration.web.login).to receive(:enabled).and_return(false)
+
+      Rails.application.reload_routes!
+
+      visit 'forgot'
+      expect(page.status_code).to eq(200)
+      expect(page).to have_content('Submit')
+      expect(page).not_to have_content('Back to Log In')
+    end
   end
 
   describe 'POST /forgot' do

diff --git a/spec/features/login_feature_spec.rb b/spec/features/login_feature_spec.rb
@@ -66,6 +66,29 @@
       expect(page).to have_content('Log in')
     end
 
+    it 'does not blow up with wrong path helpers when forgot_password is disabled' do
+      allow(configuration.web.forgot_password).to receive(:enabled).and_return(false)
+
+      Rails.application.reload_routes!
+
+      visit 'login'
+
+      expect(page.status_code).to eq(200)
+      expect(page).to have_content('Log in')
+    end
+
+    it 'does not blow up with wrong path helpers when verify_email is disabled' do
+      allow(configuration.web.verify_email).to receive(:enabled).and_return(false)
+
+      Rails.application.reload_routes!
+
+      visit 'login'
+
+      expect(page.status_code).to eq(200)
+      expect(page).not_to have_content('Click Here')
+      expect(page).to have_content('Log in')
+    end
+
     xit 'shows social logins when needed' do
     end
 

diff --git a/spec/features/register_feature_spec.rb b/spec/features/register_feature_spec.rb
@@ -16,6 +16,7 @@
       type: 'text'
     )
     reload_form_class
+    Rails.application.reload_routes!
   end
 
   after do
@@ -47,6 +48,17 @@
       expect(find_field('password')['placeholder']).to eq('Password')
       expect(find_field('confirmPassword')['placeholder']).to eq('Confirm Password')
     end
+
+    it 'should render the page when login is disabled' do
+      allow(configuration.web.login).to receive(:enabled).and_return(false)
+
+      Rails.application.reload_routes!
+
+      visit 'register'
+      expect(page.status_code).to eq(200)
+      expect(page).to have_content('Create Account')
+      expect(page).not_to have_content('Back to Log In')
+    end
   end
 
   describe 'POST /register' do
@@ -126,6 +138,9 @@ def delete_test_account
         end
 
         it 'creates an account and redirects to login with status UNVERIFIED' do
+          allow(configuration.web.verify_email).to receive(:enabled).and_return(true)
+          Rails.application.reload_routes!
+
           visit 'register'
 
           fill_in 'givenName', with: 'Damir'