From d5402685cd270c31f78ca08481627e9705e3917b Mon Sep 17 00:00:00 2001 From: Jack S Date: Fri, 4 Aug 2023 15:48:16 +0100 Subject: [PATCH] send both emails --- app/mailers/devise_notify_mailer.rb | 30 ++++++++++++++++++++++---- spec/requests/users_controller_spec.rb | 14 +++++++++--- 2 files changed, 37 insertions(+), 7 deletions(-) diff --git a/app/mailers/devise_notify_mailer.rb b/app/mailers/devise_notify_mailer.rb index 58b26e82d..0edf70ef0 100644 --- a/app/mailers/devise_notify_mailer.rb +++ b/app/mailers/devise_notify_mailer.rb @@ -38,8 +38,12 @@ class DeviseNotifyMailer < Devise::Mailer username = record.email if email_changed?(record) username = record.unconfirmed_email - send_email_changed_to_old_email(record) - send_confirmation_email(record.unconfirmed_email, record, token, username) + if someone_else_changed_email?(record) + send_email_changed_to_old_email(record) + send_email_changed_to_new_email(record, token) + else + send_confirmation_email(record.unconfirmed_email, record, token, record.unconfirmed_email) + end end send_confirmation_email(record.email, record, token, username) end @@ -55,10 +59,12 @@ class DeviseNotifyMailer < Devise::Mailer Rails.application.credentials[:email_allowlist] || [] end - def send_email_changed_to_old_email(record) + def someone_else_changed_email?(record) # Do not send if user changed own email - return unless record.versions.last.actor != record && record.versions.last.changeset.key?("unconfirmed_email") && FeatureToggle.new_email_journey? + FeatureToggle.new_email_journey? && record.versions.last.actor != record && record.versions.last.changeset.key?("unconfirmed_email") + end + def send_email_changed_to_old_email(record) return true if intercept_send?(record.email) send_email( @@ -71,6 +77,22 @@ class DeviseNotifyMailer < Devise::Mailer ) end + def send_email_changed_to_new_email(record, token) + return true if intercept_send?(record.email) + + link = "#{user_confirmation_url}?confirmation_token=#{token}" + + send_email( + record.email, + User::FOR_NEW_EMAIL_CHANGED_BY_OTHER_USER_TEMPLATE_ID, + { + new_email: record.unconfirmed_email, + old_email: record.email, + link:, + }, + ) + end + def email_changed?(record) record.confirmable_template == User::CONFIRMABLE_TEMPLATE_ID && (record.unconfirmed_email.present? && record.unconfirmed_email != record.email) end diff --git a/spec/requests/users_controller_spec.rb b/spec/requests/users_controller_spec.rb index be2e27692..157d86bfd 100644 --- a/spec/requests/users_controller_spec.rb +++ b/spec/requests/users_controller_spec.rb @@ -1698,7 +1698,7 @@ RSpec.describe UsersController, type: :request do before do other_user.legacy_users.destroy_all - allow(FeatureToggle).to receive(:new_email_journey?).and_return(true) + allow(FeatureToggle).to receive(:new_email_journey?).and_return(false) end it "does not update the password" do @@ -1729,8 +1729,6 @@ RSpec.describe UsersController, type: :request do end it "sends a new flow emails" do - expect(notify_client).to receive(:send_email).with(email_address: other_user.email, template_id: User::CONFIRMABLE_TEMPLATE_ID, personalisation:).once - expect(notify_client).to receive(:send_email).with(email_address: new_email, template_id: User::CONFIRMABLE_TEMPLATE_ID, personalisation:).once expect(notify_client).to receive(:send_email).with( email_address: other_user.email, @@ -1741,6 +1739,16 @@ RSpec.describe UsersController, type: :request do }, ).once + expect(notify_client).to receive(:send_email).with( + email_address: other_user.email, + template_id: User::FOR_NEW_EMAIL_CHANGED_BY_OTHER_USER_TEMPLATE_ID, + personalisation: { + new_email:, + old_email: other_user.email, + link: include("/account/confirmation?confirmation_token="), + }, + ).once + patch "/users/#{other_user.id}", headers:, params: end end