* Admin: Show unconfirmed email address on account page * Admin: Allow staff to change user email addresses * ActionLog: On change_email, log current email address and new unconfirmed email addresspull/4/head
@ -0,0 +1,49 @@ | |||||
# frozen_string_literal: true | |||||
module Admin | |||||
class ChangeEmailsController < BaseController | |||||
before_action :set_account | |||||
before_action :require_local_account! | |||||
def show | |||||
authorize @user, :change_email? | |||||
end | |||||
def update | |||||
authorize @user, :change_email? | |||||
new_email = resource_params.fetch(:unconfirmed_email) | |||||
if new_email != @user.email | |||||
@user.update!( | |||||
unconfirmed_email: new_email, | |||||
# Regenerate the confirmation token: | |||||
confirmation_token: nil | |||||
) | |||||
log_action :change_email, @user | |||||
@user.send_confirmation_instructions | |||||
end | |||||
redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.change_email.changed_msg') | |||||
end | |||||
private | |||||
def set_account | |||||
@account = Account.find(params[:account_id]) | |||||
@user = @account.user | |||||
end | |||||
def require_local_account! | |||||
redirect_to admin_account_path(@account.id) unless @account.local? && @account.user.present? | |||||
end | |||||
def resource_params | |||||
params.require(:user).permit( | |||||
:unconfirmed_email | |||||
) | |||||
end | |||||
end | |||||
end |
@ -0,0 +1,7 @@ | |||||
- content_for :page_title do | |||||
= t('admin.accounts.change_email.title', username: @account.acct) | |||||
= simple_form_for @user, url: admin_account_change_email_path(@account.id) do |f| | |||||
= f.input :email, wrapper: :with_label, disabled: true, label: t('admin.accounts.change_email.current_email') | |||||
= f.input :unconfirmed_email, wrapper: :with_label, label: t('admin.accounts.change_email.new_email') | |||||
= f.button :submit, class: "button", value: t('admin.accounts.change_email.submit') |
@ -0,0 +1,47 @@ | |||||
require 'rails_helper' | |||||
RSpec.describe Admin::ChangeEmailsController, type: :controller do | |||||
render_views | |||||
let(:admin) { Fabricate(:user, admin: true) } | |||||
before do | |||||
sign_in admin | |||||
end | |||||
describe "GET #show" do | |||||
it "returns http success" do | |||||
account = Fabricate(:account) | |||||
user = Fabricate(:user, account: account) | |||||
get :show, params: { account_id: account.id } | |||||
expect(response).to have_http_status(:success) | |||||
end | |||||
end | |||||
describe "GET #update" do | |||||
before do | |||||
allow(UserMailer).to receive(:confirmation_instructions).and_return(double('email', deliver_later: nil)) | |||||
end | |||||
it "returns http success" do | |||||
account = Fabricate(:account) | |||||
user = Fabricate(:user, account: account) | |||||
previous_email = user.email | |||||
post :update, params: { account_id: account.id, user: { unconfirmed_email: 'test@example.com' } } | |||||
user.reload | |||||
expect(user.email).to eq previous_email | |||||
expect(user.unconfirmed_email).to eq 'test@example.com' | |||||
expect(user.confirmation_token).not_to be_nil | |||||
expect(UserMailer).to have_received(:confirmation_instructions).with(user, user.confirmation_token, { to: 'test@example.com' }) | |||||
expect(response).to redirect_to(admin_account_path(account.id)) | |||||
end | |||||
end | |||||
end |