From efd1327f1e3799406483386e40116f10360ffac9 Mon Sep 17 00:00:00 2001
From: evazion <noizave@gmail.com>
Date: Sat, 14 Dec 2019 16:19:01 -0600
Subject: [PATCH] login: remove login reminder page.

Remove the login reminder page. The meaning of "login reminder" wasn't
clear (it's for recovering a forgotten username) and the functionality
was redundant. The password reset page can already be used to recover
forgotten usernames.

There was also a privacy leak, since the login reminder page could be
used to find out whether a given email is in use on Danbooru.
---
 .../user/login_reminders_controller.rb        | 20 -----------
 app/helpers/application_helper.rb             |  2 +-
 .../maintenance/user/login_reminder_mailer.rb | 12 -------
 .../login_reminder_mailer/notice.html.erb     |  1 -
 .../user/login_reminders/new.html.erb         | 24 -------------
 config/routes.rb                              |  1 -
 .../user/login_reminders_controller_test.rb   | 35 -------------------
 .../user/login_reminder_mailer_test.rb        | 18 ----------
 8 files changed, 1 insertion(+), 112 deletions(-)
 delete mode 100644 app/controllers/maintenance/user/login_reminders_controller.rb
 delete mode 100644 app/mailers/maintenance/user/login_reminder_mailer.rb
 delete mode 100644 app/views/maintenance/user/login_reminder_mailer/notice.html.erb
 delete mode 100644 app/views/maintenance/user/login_reminders/new.html.erb
 delete mode 100644 test/functional/maintenance/user/login_reminders_controller_test.rb
 delete mode 100644 test/unit/maintenance/user/login_reminder_mailer_test.rb

diff --git a/app/controllers/maintenance/user/login_reminders_controller.rb b/app/controllers/maintenance/user/login_reminders_controller.rb
deleted file mode 100644
index 0657a1228..000000000
--- a/app/controllers/maintenance/user/login_reminders_controller.rb
+++ /dev/null
@@ -1,20 +0,0 @@
-module Maintenance
-  module User
-    class LoginRemindersController < ApplicationController
-      def new
-      end
-
-      def create
-        @user = ::User.with_email(params[:user][:email]).first
-        if @user
-          LoginReminderMailer.notice(@user).deliver_now
-          flash[:notice] = "Email sent"
-        else
-          flash[:notice] = "Email address not found"
-        end
-
-        redirect_to new_maintenance_user_login_reminder_path
-      end
-    end
-  end
-end
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 0a906477f..c3414e380 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -255,7 +255,7 @@ module ApplicationHelper
 protected
   def nav_link_match(controller, url)
     url =~ case controller
-    when "sessions", "users", "maintenance/user/login_reminders", "maintenance/user/password_resets", "admin/users"
+    when "sessions", "users", "maintenance/user/password_resets", "admin/users"
       /^\/(session|users)/
 
     when "forum_posts"
diff --git a/app/mailers/maintenance/user/login_reminder_mailer.rb b/app/mailers/maintenance/user/login_reminder_mailer.rb
deleted file mode 100644
index 42debd272..000000000
--- a/app/mailers/maintenance/user/login_reminder_mailer.rb
+++ /dev/null
@@ -1,12 +0,0 @@
-module Maintenance
-  module User
-    class LoginReminderMailer < ActionMailer::Base
-      def notice(user)
-        @user = user
-        if user.email.present?
-          mail(:to => user.email, :subject => "#{Danbooru.config.app_name} login reminder", :from => Danbooru.config.contact_email)
-        end
-      end
-    end
-  end
-end
diff --git a/app/views/maintenance/user/login_reminder_mailer/notice.html.erb b/app/views/maintenance/user/login_reminder_mailer/notice.html.erb
deleted file mode 100644
index 354727928..000000000
--- a/app/views/maintenance/user/login_reminder_mailer/notice.html.erb
+++ /dev/null
@@ -1 +0,0 @@
-<p>Your username is <%= @user.name %>.</p>
diff --git a/app/views/maintenance/user/login_reminders/new.html.erb b/app/views/maintenance/user/login_reminders/new.html.erb
deleted file mode 100644
index 8f4fd4e36..000000000
--- a/app/views/maintenance/user/login_reminders/new.html.erb
+++ /dev/null
@@ -1,24 +0,0 @@
-<div id="c-maintenance-user-login-reminders">
-  <div id="a-new" class="fixed-width-container">
-    <h1>Login Reminder</h1>
-
-    <p>If you supplied an email address when signing up, <%= Danbooru.config.app_name %> can email you your login information. Password details will not be provided and will not be changed.</p>
-
-    <p>If you didn't supply a valid email address, you are out of luck.</p>
-
-    <%= form_tag(maintenance_user_login_reminder_path, :class => "simple_form") do %>
-      <div class="input email required">
-        <label for="user_email" class="required">Email</label>
-        <%= email_field(:user, :email) %>
-      </div>
-
-      <%= submit_tag "Submit" %>
-    <% end %>
-  </div>
-</div>
-
-<%= render "sessions/secondary_links" %>
-
-<% content_for(:page_title) do %>
-  Login Reminder - <%= Danbooru.config.app_name %>
-<% end %>
diff --git a/config/routes.rb b/config/routes.rb
index e79834876..3d95f51d9 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -59,7 +59,6 @@ Rails.application.routes.draw do
       resource :count_fixes, only: [:new, :create]
       resource :email_notification, :only => [:show, :destroy]
       resource :password_reset, :only => [:new, :create, :edit, :update]
-      resource :login_reminder, :only => [:new, :create]
       resource :deletion, :only => [:show, :destroy]
       resource :email_change, :only => [:new, :create]
       resource :dmail_filter, :only => [:edit, :update]
diff --git a/test/functional/maintenance/user/login_reminders_controller_test.rb b/test/functional/maintenance/user/login_reminders_controller_test.rb
deleted file mode 100644
index c7cd8e28c..000000000
--- a/test/functional/maintenance/user/login_reminders_controller_test.rb
+++ /dev/null
@@ -1,35 +0,0 @@
-require "test_helper"
-
-module Maintenance
-  module User
-    class LoginRemindersControllerTest < ActionDispatch::IntegrationTest
-      context "A login reminder controller" do
-        setup do
-          @user = create(:user)
-          @blank_email_user = create(:user, :email => "")
-          ActionMailer::Base.delivery_method = :test
-          ActionMailer::Base.deliveries.clear
-        end
-
-        should "render the new page" do
-          get new_maintenance_user_login_reminder_path
-          assert_response :success
-        end
-
-        should "deliver an email with the login to the user" do
-          post maintenance_user_login_reminder_path, params: {:user => {:email => @user.email}}
-          assert_equal(1, ActionMailer::Base.deliveries.size)
-        end
-
-        context "for a user with a blank email" do
-          should "fail" do
-            post maintenance_user_login_reminder_path, params: {:user => {:email => ""}}
-            @blank_email_user.reload
-            assert_equal(@blank_email_user.created_at.to_i, @blank_email_user.updated_at.to_i)
-            assert_equal(0, ActionMailer::Base.deliveries.size)
-          end
-        end
-      end
-    end
-  end
-end
diff --git a/test/unit/maintenance/user/login_reminder_mailer_test.rb b/test/unit/maintenance/user/login_reminder_mailer_test.rb
deleted file mode 100644
index 7d240bfdd..000000000
--- a/test/unit/maintenance/user/login_reminder_mailer_test.rb
+++ /dev/null
@@ -1,18 +0,0 @@
-require "test_helper"
-
-module Maintenance
-  module User
-    class LoginReminderMailerTest < ActionMailer::TestCase
-      context "The login reminder mailer" do
-        setup do
-          @user = FactoryBot.create(:user)
-        end
-
-        should "send the notice" do
-          LoginReminderMailer.notice(@user).deliver_now
-          assert !ActionMailer::Base.deliveries.empty?
-        end
-      end
-    end
-  end
-end