emails: move edit email flow to emails controller.

2020-03-14 17:42:47 -05:00
parent 3dbdce3ae3
commit 167fe51a8a
9 changed files with 89 additions and 98 deletions
--- a/app/controllers/emails_controller.rb
+++ b/app/controllers/emails_controller.rb
@@ -0,0 +1,36 @@
+class EmailsController < ApplicationController
+  before_action :member_only
+  respond_to :html, :xml, :json
+
+  def edit
+    @user = User.find(params[:user_id])
+    check_privilege(@user)
+
+    respond_with(@user)
+  end
+
+  def update
+    @user = User.find(params[:user_id])
+    check_privilege(@user)
+
+    if User.authenticate(@user.name, params[:user][:password])
+      @user.update(email_address_attributes: { address: params[:user][:email] })
+    else
+      @user.errors[:base] << "Password was incorrect"
+    end
+
+    if @user.errors.none?
+      flash[:notice] = "Email updated"
+      respond_with(@user, location: settings_url)
+    else
+      flash[:notice] = @user.errors.full_messages.join("; ")
+      respond_with(@user)
+    end
+  end
+
+  private
+
+  def check_privilege(user)
+    raise User::PrivilegeError unless user.id == CurrentUser.id || CurrentUser.is_admin?
+  end
+end
--- a/app/controllers/maintenance/user/email_changes_controller.rb
+++ b/app/controllers/maintenance/user/email_changes_controller.rb
@@ -1,19 +0,0 @@
-module Maintenance
-  module User
-    class EmailChangesController < ApplicationController
-      def new
-      end
-
-      def create
-        email_change = UserEmailChange.new(CurrentUser.user, params[:email_change][:email], params[:email_change][:password])
-        email_change.process
-        if CurrentUser.user.errors.any?
-          flash[:notice] = CurrentUser.user.errors.full_messages.join("; ")
-          redirect_to(new_maintenance_user_email_change_path)
-        else
-          redirect_to(edit_user_path(CurrentUser.user.id), :notice => "Email was updated")
-        end
-      end
-    end
-  end
-end
--- a/app/logical/user_email_change.rb
+++ b/app/logical/user_email_change.rb
@@ -1,17 +0,0 @@
-class UserEmailChange
-  attr_reader :user, :password, :new_email
-
-  def initialize(user, new_email, password)
-    @user = user
-    @new_email = new_email
-    @password = password
-  end
-
-  def process
-    if User.authenticate(user.name, password)
-      user.update(email_address_attributes: { address: new_email })
-    else
-      user.errors[:base] << "Password was incorrect"
-    end
-  end
-end
--- a/app/views/emails/edit.html.erb
+++ b/app/views/emails/edit.html.erb
@@ -0,0 +1,15 @@
+<% page_title "Change Email" %>
+
+<div id="c-emails">
+  <div id="a-edit">
+    <h1>Change Email</h1>
+
+    <p>You must confirm your password in order to change your email address.</p>
+
+    <%= edit_form_for(@user, url: user_email_path(@user)) do |f| %>
+      <%= f.input :password %>
+      <%= f.input :email %>
+      <%= f.submit "Save" %>
+    <% end %>
+  </div>
+</div>
--- a/app/views/maintenance/user/email_changes/new.html.erb
+++ b/app/views/maintenance/user/email_changes/new.html.erb
@@ -1,23 +0,0 @@
-<div id="c-maintenance-user-email-changes">
-  <div id="a-new">
-    <h1>Change Email</h1>
-
-    <p>You must confirm your password in order to change your email address.</p>
-
-    <%= form_tag(maintenance_user_email_change_path, :class => "simple_form") do %>
-      <div class="input">
-        <label>New Email</label>
-        <%= email_field :email_change, :email %>
-      </div>
-
-      <div class="input">
-        <label>Password</label>
-        <%= password_field :email_change, :password %>
-      </div>
-
-      <div>
-        <%= submit_tag "Submit" %>
-      </div>
-    <% end %>
-  </div>
-</div>
--- a/app/views/users/edit.html.erb
+++ b/app/views/users/edit.html.erb
@@ -31,7 +31,7 @@
              <em>blank</em>
            <% end %>

-            - <%= link_to "Change your email", new_maintenance_user_email_change_path %>
+            - <%= link_to "Change your email", edit_user_email_path(@user) %>
          </p>
        </div>

--- a/config/routes.rb
+++ b/config/routes.rb
@@ -46,7 +46,6 @@ Rails.application.routes.draw do
      resource :count_fixes, only: [:new, :create]
      resource :email_notification, :only => [:show, :destroy]
      resource :deletion, :only => [:show, :destroy]
-      resource :email_change, :only => [:new, :create]
      resource :api_key, :only => [:show, :view, :update, :destroy] do
        post :view
      end
@@ -246,6 +245,7 @@ Rails.application.routes.draw do
  end
  resources :users do
    resources :favorite_groups, controller: "favorite_groups", only: [:index], as: "favorite_groups"
+    resource :email, only: [:edit, :update]
    resource :password, only: [:edit, :update]
    resource :api_key, :only => [:show, :view, :update, :destroy], :controller => "maintenance/user/api_keys" do
      post :view
--- a/test/functional/emails_controller_test.rb
+++ b/test/functional/emails_controller_test.rb
@@ -0,0 +1,36 @@
+require "test_helper"
+
+class EmailsControllerTest < ActionDispatch::IntegrationTest
+  context "in all cases" do
+    setup do
+      @user = create(:user, email_address: build(:email_address, { address: "bob@ogres.net" }))
+    end
+
+    context "#edit" do
+      should "render" do
+        get_auth edit_user_email_path(@user), @user
+        assert_response :success
+      end
+    end
+
+    context "#create" do
+      context "with the correct password" do
+        should "work" do
+          put_auth user_email_path(@user), @user, params: { user: { password: "password", email: "abc@ogres.net" }}
+
+          assert_redirected_to(settings_path)
+          assert_equal("abc@ogres.net", @user.reload.email_address.address)
+        end
+      end
+
+      context "with the incorrect password" do
+        should "not work" do
+          put_auth user_email_path(@user), @user, params: { user: { password: "passwordx", email: "abc@ogres.net" }}
+
+          assert_response :success
+          assert_equal("bob@ogres.net", @user.reload.email_address.address)
+        end
+      end
+    end
+  end
+end
--- a/test/functional/maintenance/user/email_changes_controller_test.rb
+++ b/test/functional/maintenance/user/email_changes_controller_test.rb
@@ -1,37 +0,0 @@
-require "test_helper"
-
-module Maintenance
-  module User
-    class EmailChangesControllerTest < ActionDispatch::IntegrationTest
-      context "in all cases" do
-        setup do
-          @user = create(:user, email_address: build(:email_address, { address: "bob@ogres.net" }))
-        end
-
-        context "#new" do
-          should "render" do
-            get_auth new_maintenance_user_email_change_path, @user
-            assert_response :success
-          end
-        end
-
-        context "#create" do
-          context "with the correct password" do
-            should "work" do
-              post_auth maintenance_user_email_change_path, @user, params: {:email_change => {:password => "password", :email => "abc@ogres.net"}}
-              assert_redirected_to(edit_user_path(@user))
-              assert_equal("abc@ogres.net", @user.reload.email_address.address)
-            end
-          end
-
-          context "with the incorrect password" do
-            should "not work" do
-              post_auth maintenance_user_email_change_path, @user, params: {:email_change => {:password => "passwordx", :email => "abc@ogres.net"}}
-              assert_equal("bob@ogres.net", @user.reload.email_address.address)
-            end
-          end
-        end
-      end
-    end
-  end
-end