fixes #1651

2013-05-21 17:52:03 -07:00
parent d1f2f1c09a
commit eab2eb1d82
6 changed files with 112 additions and 2 deletions
--- a/app/controllers/maintenance/user/email_changes_controller.rb
+++ b/app/controllers/maintenance/user/email_changes_controller.rb
@@ -0,0 +1,18 @@
+module Maintenance
+  module User
+    class EmailChangesController < ApplicationController
+      def new
+      end
+
+      def create
+        email_change = UserEmailChange.new(CurrentUser.user, params[:email_change][:email], params[:email_change][:password])
+        if email_change.process
+          redirect_to(edit_user_path(CurrentUser.user.id), :notice => "Email was updated")
+        else
+          flash[:notice] = "Password was incorrect"
+          render :action => "new"
+        end
+      end
+    end
+  end
+end
--- a/app/logical/user_email_change.rb
+++ b/app/logical/user_email_change.rb
@@ -0,0 +1,18 @@
+class UserEmailChange
+  attr_reader :user, :password, :new_email
+
+  def initialize(user, new_email, password)
+    @user = user
+    @new_email = new_email
+    @password = password
+  end
+
+  def process
+    if User.authenticate(user.name, password).nil?
+      false
+    else
+      user.email = new_email
+      user.save
+    end
+  end
+end
--- a/app/views/maintenance/user/email_changes/new.html.erb
+++ b/app/views/maintenance/user/email_changes/new.html.erb
@@ -0,0 +1,19 @@
+<h1>Change Email</h1>
+
+<p>You must confirm your password in order to change your email address.</p>
+
+<%= form_tag(maintenance_user_email_change_path, :class => "simple_form") do %>
+  <div class="input">
+    <label>New Email</label>
+    <%= email_field :email_change, :email %>
+  </div>
+
+  <div class="input">
+    <label>Password</label>
+    <%= password_field :email_change, :password %>
+  </div>
+
+  <div>
+    <%= submit_tag "Submit" %>
+  </div>
+<% end %>
--- a/app/views/users/edit.html.erb
+++ b/app/views/users/edit.html.erb
@@ -15,7 +15,19 @@
            <p>You must <%= link_to "upgrade your account", upgrade_information_users_path %> to request a name change</p>
          <% end %>
        </div>
-        <%= f.input :email, :required => Danbooru.config.enable_email_verification?, :hint => "Used for messages and for password resets", :as => :email %>
+
+        <div class="input">
+          <label>Email</label>
+          <p>
+            <% if CurrentUser.user.email.present? %>
+              <%= CurrentUser.user.email %>
+            <% else %>
+              <em>blank</em>
+            <% end %>
+            &ndash; 
+            <%= link_to "Change your email", new_maintenance_user_email_change_path %></p>
+        </div>
+
        <%= f.input :time_zone, :include_blank => false %>
        <%= f.input :receive_email_notifications, :as => :select, :include_blank => false %>
        <%= f.input :comment_threshold, :hint => "Comments below this score will be hidden by default" %>
@@ -52,7 +64,7 @@
      <fieldset>
        <legend>Delete Account</legend>
        <div class="input">
-          <p><%= link_to "Click here to delete your account", maintenance_user_deletion_path %></p>
+          <p><%= link_to "Delete your account", maintenance_user_deletion_path %></p>
        </div>
      </fieldset>

--- a/config/routes.rb
+++ b/config/routes.rb
@@ -48,6 +48,7 @@ Danbooru::Application.routes.draw do
      resource :password_reset, :only => [:new, :create, :edit, :update]
      resource :login_reminder, :only => [:new, :create]
      resource :deletion, :only => [:show, :destroy]
+      resource :email_change, :only => [:new, :create]
    end
  end

--- a/test/functional/maintenance/user/email_changes_controller_test.rb
+++ b/test/functional/maintenance/user/email_changes_controller_test.rb
@@ -0,0 +1,42 @@
+require "test_helper"
+
+module Maintenance
+  module User
+    class EmailChangesControllerTest < ActionController::TestCase
+      context "in all cases" do
+        setup do
+          @user = FactoryGirl.create(:user, :email => "bob@ogres.net")
+          CurrentUser.user = @user
+          CurrentUser.ip_addr = "127.0.0.1"
+        end
+
+        context "#new" do
+          should "render" do
+            get :new, {}, {:user_id => @user.id}
+            assert_response :success
+          end
+        end
+
+        context "#create" do
+          context "with the correct password" do
+            should "work" do
+              post :create, {:email_change => {:password => "password", :email => "abc@ogres.net"}}, {:user_id => @user.id}
+              assert_redirected_to(edit_user_path(@user))
+              @user.reload
+              assert_equal("abc@ogres.net", @user.email)
+            end
+          end
+
+          context "with the incorrect password" do
+            should "not work" do
+              post :create, {:email_change => {:password => "passwordx", :email => "abc@ogres.net"}}, {:user_id => @user.id}
+              assert_response :success
+              @user.reload
+              assert_equal("bob@ogres.net", @user.email)
+            end
+          end
+        end
+      end
+    end
+  end
+end