* Admin: Show unconfirmed email address on account page * Admin: Allow staff to change user email addresses * ActionLog: On change_email, log current email address and new unconfirmed email addresspull/4/head
@ -0,0 +1,49 @@ | |||
# frozen_string_literal: true | |||
module Admin | |||
class ChangeEmailsController < BaseController | |||
before_action :set_account | |||
before_action :require_local_account! | |||
def show | |||
authorize @user, :change_email? | |||
end | |||
def update | |||
authorize @user, :change_email? | |||
new_email = resource_params.fetch(:unconfirmed_email) | |||
if new_email != @user.email | |||
@user.update!( | |||
unconfirmed_email: new_email, | |||
# Regenerate the confirmation token: | |||
confirmation_token: nil | |||
) | |||
log_action :change_email, @user | |||
@user.send_confirmation_instructions | |||
end | |||
redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.change_email.changed_msg') | |||
end | |||
private | |||
def set_account | |||
@account = Account.find(params[:account_id]) | |||
@user = @account.user | |||
end | |||
def require_local_account! | |||
redirect_to admin_account_path(@account.id) unless @account.local? && @account.user.present? | |||
end | |||
def resource_params | |||
params.require(:user).permit( | |||
:unconfirmed_email | |||
) | |||
end | |||
end | |||
end |
@ -0,0 +1,7 @@ | |||
- content_for :page_title do | |||
= t('admin.accounts.change_email.title', username: @account.acct) | |||
= simple_form_for @user, url: admin_account_change_email_path(@account.id) do |f| | |||
= f.input :email, wrapper: :with_label, disabled: true, label: t('admin.accounts.change_email.current_email') | |||
= f.input :unconfirmed_email, wrapper: :with_label, label: t('admin.accounts.change_email.new_email') | |||
= f.button :submit, class: "button", value: t('admin.accounts.change_email.submit') |
@ -0,0 +1,47 @@ | |||
require 'rails_helper' | |||
RSpec.describe Admin::ChangeEmailsController, type: :controller do | |||
render_views | |||
let(:admin) { Fabricate(:user, admin: true) } | |||
before do | |||
sign_in admin | |||
end | |||
describe "GET #show" do | |||
it "returns http success" do | |||
account = Fabricate(:account) | |||
user = Fabricate(:user, account: account) | |||
get :show, params: { account_id: account.id } | |||
expect(response).to have_http_status(:success) | |||
end | |||
end | |||
describe "GET #update" do | |||
before do | |||
allow(UserMailer).to receive(:confirmation_instructions).and_return(double('email', deliver_later: nil)) | |||
end | |||
it "returns http success" do | |||
account = Fabricate(:account) | |||
user = Fabricate(:user, account: account) | |||
previous_email = user.email | |||
post :update, params: { account_id: account.id, user: { unconfirmed_email: 'test@example.com' } } | |||
user.reload | |||
expect(user.email).to eq previous_email | |||
expect(user.unconfirmed_email).to eq 'test@example.com' | |||
expect(user.confirmation_token).not_to be_nil | |||
expect(UserMailer).to have_received(:confirmation_instructions).with(user, user.confirmation_token, { to: 'test@example.com' }) | |||
expect(response).to redirect_to(admin_account_path(account.id)) | |||
end | |||
end | |||
end |