Fix account activation being triggered before email confirmation (#23245)
* Add tests * Fix account activation being triggered before email confirmation Fixes #23098
This commit is contained in:
parent
4725191d3c
commit
6883fddb19
2 changed files with 152 additions and 10 deletions
|
@ -195,10 +195,16 @@ class User < ApplicationRecord
|
||||||
|
|
||||||
super
|
super
|
||||||
|
|
||||||
if new_user && approved?
|
if new_user
|
||||||
prepare_new_user!
|
# Avoid extremely unlikely race condition when approving and confirming
|
||||||
elsif new_user
|
# the user at the same time
|
||||||
notify_staff_about_pending_account!
|
reload unless approved?
|
||||||
|
|
||||||
|
if approved?
|
||||||
|
prepare_new_user!
|
||||||
|
else
|
||||||
|
notify_staff_about_pending_account!
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -209,7 +215,13 @@ class User < ApplicationRecord
|
||||||
skip_confirmation!
|
skip_confirmation!
|
||||||
save!
|
save!
|
||||||
|
|
||||||
prepare_new_user! if new_user && approved?
|
if new_user
|
||||||
|
# Avoid extremely unlikely race condition when approving and confirming
|
||||||
|
# the user at the same time
|
||||||
|
reload unless approved?
|
||||||
|
|
||||||
|
prepare_new_user! if approved?
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def update_sign_in!(new_sign_in: false)
|
def update_sign_in!(new_sign_in: false)
|
||||||
|
@ -260,7 +272,11 @@ class User < ApplicationRecord
|
||||||
return if approved?
|
return if approved?
|
||||||
|
|
||||||
update!(approved: true)
|
update!(approved: true)
|
||||||
prepare_new_user!
|
|
||||||
|
# Avoid extremely unlikely race condition when approving and confirming
|
||||||
|
# the user at the same time
|
||||||
|
reload unless confirmed?
|
||||||
|
prepare_new_user! if confirmed?
|
||||||
end
|
end
|
||||||
|
|
||||||
def otp_enabled?
|
def otp_enabled?
|
||||||
|
|
|
@ -142,10 +142,136 @@ RSpec.describe User, type: :model do
|
||||||
end
|
end
|
||||||
|
|
||||||
describe '#confirm' do
|
describe '#confirm' do
|
||||||
it 'sets email to unconfirmed_email' do
|
let(:new_email) { 'new-email@example.com' }
|
||||||
user = Fabricate.build(:user, confirmed_at: Time.now.utc, unconfirmed_email: 'new-email@example.com')
|
|
||||||
user.confirm
|
subject { user.confirm }
|
||||||
expect(user.email).to eq 'new-email@example.com'
|
|
||||||
|
before do
|
||||||
|
allow(TriggerWebhookWorker).to receive(:perform_async)
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when the user is already confirmed' do
|
||||||
|
let!(:user) { Fabricate(:user, confirmed_at: Time.now.utc, approved: true, unconfirmed_email: new_email) }
|
||||||
|
|
||||||
|
it 'sets email to unconfirmed_email' do
|
||||||
|
expect { subject }.to change { user.reload.email }.to(new_email)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'does not trigger the account.approved Web Hook' do
|
||||||
|
subject
|
||||||
|
expect(TriggerWebhookWorker).not_to have_received(:perform_async).with('account.approved', 'Account', user.account_id)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when the user is a new user' do
|
||||||
|
let(:user) { Fabricate(:user, confirmed_at: nil, unconfirmed_email: new_email) }
|
||||||
|
|
||||||
|
context 'when the user is already approved' do
|
||||||
|
around(:example) do |example|
|
||||||
|
registrations_mode = Setting.registrations_mode
|
||||||
|
Setting.registrations_mode = 'approved'
|
||||||
|
|
||||||
|
example.run
|
||||||
|
|
||||||
|
Setting.registrations_mode = registrations_mode
|
||||||
|
end
|
||||||
|
|
||||||
|
before do
|
||||||
|
user.approve!
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'sets email to unconfirmed_email' do
|
||||||
|
expect { subject }.to change { user.reload.email }.to(new_email)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'triggers the account.approved Web Hook' do
|
||||||
|
user.confirm
|
||||||
|
expect(TriggerWebhookWorker).to have_received(:perform_async).with('account.approved', 'Account', user.account_id).once
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when the user does not require explicit approval' do
|
||||||
|
around(:example) do |example|
|
||||||
|
registrations_mode = Setting.registrations_mode
|
||||||
|
Setting.registrations_mode = 'open'
|
||||||
|
|
||||||
|
example.run
|
||||||
|
|
||||||
|
Setting.registrations_mode = registrations_mode
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'sets email to unconfirmed_email' do
|
||||||
|
expect { subject }.to change { user.reload.email }.to(new_email)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'triggers the account.approved Web Hook' do
|
||||||
|
user.confirm
|
||||||
|
expect(TriggerWebhookWorker).to have_received(:perform_async).with('account.approved', 'Account', user.account_id).once
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when the user requires explicit approval but is not approved' do
|
||||||
|
around(:example) do |example|
|
||||||
|
registrations_mode = Setting.registrations_mode
|
||||||
|
Setting.registrations_mode = 'approved'
|
||||||
|
|
||||||
|
example.run
|
||||||
|
|
||||||
|
Setting.registrations_mode = registrations_mode
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'sets email to unconfirmed_email' do
|
||||||
|
expect { subject }.to change { user.reload.email }.to(new_email)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'does not trigger the account.approved Web Hook' do
|
||||||
|
subject
|
||||||
|
expect(TriggerWebhookWorker).to_not have_received(:perform_async).with('account.approved', 'Account', user.account_id)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe '#approve!' do
|
||||||
|
subject { user.approve! }
|
||||||
|
|
||||||
|
around(:example) do |example|
|
||||||
|
registrations_mode = Setting.registrations_mode
|
||||||
|
Setting.registrations_mode = 'approved'
|
||||||
|
|
||||||
|
example.run
|
||||||
|
|
||||||
|
Setting.registrations_mode = registrations_mode
|
||||||
|
end
|
||||||
|
|
||||||
|
before do
|
||||||
|
allow(TriggerWebhookWorker).to receive(:perform_async)
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when the user is already confirmed' do
|
||||||
|
let(:user) { Fabricate(:user, confirmed_at: Time.now.utc, approved: false) }
|
||||||
|
|
||||||
|
it 'sets the approved flag' do
|
||||||
|
expect { subject }.to change { user.reload.approved? }.to(true)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'triggers the account.approved Web Hook' do
|
||||||
|
subject
|
||||||
|
expect(TriggerWebhookWorker).to have_received(:perform_async).with('account.approved', 'Account', user.account_id).once
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when the user is not confirmed' do
|
||||||
|
let(:user) { Fabricate(:user, confirmed_at: nil, approved: false) }
|
||||||
|
|
||||||
|
it 'sets the approved flag' do
|
||||||
|
expect { subject }.to change { user.reload.approved? }.to(true)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'does not trigger the account.approved Web Hook' do
|
||||||
|
subject
|
||||||
|
expect(TriggerWebhookWorker).not_to have_received(:perform_async).with('account.approved', 'Account', user.account_id)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue