about summary refs log tree commit diff
diff options
context:
space:
mode:
authorPatrick Figel <patrick@figel.email>2018-01-05 00:15:35 +0100
committerEugen Rochko <eugen@zeonfederated.com>2018-01-05 00:15:35 +0100
commit5ec25ff3e1c53a4feab1e9b9a3f1660cca538c23 (patch)
tree0ce4c7b587c6fe35d4f1fb27cfdf394b8dc4bec9
parent49e296e1b03ffe2b17fb390b6ad298172b25040f (diff)
Fix email confirmation link not updating email (#6187)
A change introduced in #6125 prevents
`Devise::Models::Confirmable#confirm` from being called for existing
users, which in turn leads to `email` not being set to
`unconfirmed_email`, breaking email updates. This also adds a test
that would've caught this issue.
-rw-r--r--app/models/user.rb8
-rw-r--r--spec/controllers/auth/confirmations_controller_spec.rb40
-rw-r--r--spec/models/user_spec.rb8
3 files changed, 42 insertions, 14 deletions
diff --git a/app/models/user.rb b/app/models/user.rb
index a82a7d28a..9459db7fe 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -126,18 +126,18 @@ class User < ApplicationRecord
   end
 
   def confirm
-    return if confirmed?
+    new_user = !confirmed?
 
     super
-    update_statistics!
+    update_statistics! if new_user
   end
 
   def confirm!
-    return if confirmed?
+    new_user = !confirmed?
 
     skip_confirmation!
     save!
-    update_statistics!
+    update_statistics! if new_user
   end
 
   def promote!
diff --git a/spec/controllers/auth/confirmations_controller_spec.rb b/spec/controllers/auth/confirmations_controller_spec.rb
index 2ec36c060..80a06c43a 100644
--- a/spec/controllers/auth/confirmations_controller_spec.rb
+++ b/spec/controllers/auth/confirmations_controller_spec.rb
@@ -12,20 +12,40 @@ describe Auth::ConfirmationsController, type: :controller do
   end
 
   describe 'GET #show' do
-    let!(:user) { Fabricate(:user, confirmation_token: 'foobar', confirmed_at: nil) }
+    context 'when user is unconfirmed' do
+      let!(:user) { Fabricate(:user, confirmation_token: 'foobar', confirmed_at: nil) }
 
-    before do
-      allow(BootstrapTimelineWorker).to receive(:perform_async)
-      @request.env['devise.mapping'] = Devise.mappings[:user]
-      get :show, params: { confirmation_token: 'foobar' }
-    end
+      before do
+        allow(BootstrapTimelineWorker).to receive(:perform_async)
+        @request.env['devise.mapping'] = Devise.mappings[:user]
+        get :show, params: { confirmation_token: 'foobar' }
+      end
+
+      it 'redirects to login' do
+        expect(response).to redirect_to(new_user_session_path)
+      end
 
-    it 'redirects to login' do
-      expect(response).to redirect_to(new_user_session_path)
+      it 'queues up bootstrapping of home timeline' do
+        expect(BootstrapTimelineWorker).to have_received(:perform_async).with(user.account_id)
+      end
     end
 
-    it 'queues up bootstrapping of home timeline' do
-      expect(BootstrapTimelineWorker).to have_received(:perform_async).with(user.account_id)
+    context 'when user is updating email' do
+      let!(:user) { Fabricate(:user, confirmation_token: 'foobar', unconfirmed_email: 'new-email@example.com') }
+
+      before do
+        allow(BootstrapTimelineWorker).to receive(:perform_async)
+        @request.env['devise.mapping'] = Devise.mappings[:user]
+        get :show, params: { confirmation_token: 'foobar' }
+      end
+
+      it 'redirects to login' do
+        expect(response).to redirect_to(new_user_session_path)
+      end
+
+      it 'does not queue up bootstrapping of home timeline' do
+        expect(BootstrapTimelineWorker).to_not have_received(:perform_async)
+      end
     end
   end
 end
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 5ed7ed88b..8171c939a 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -148,6 +148,14 @@ RSpec.describe User, type: :model do
     end
   end
 
+  describe '#confirm' do
+    it 'sets email to unconfirmed_email' do
+      user = Fabricate.build(:user, confirmed_at: Time.now.utc, unconfirmed_email: 'new-email@example.com')
+      user.confirm
+      expect(user.email).to eq 'new-email@example.com'
+    end
+  end
+
   describe '#disable_two_factor!' do
     it 'saves false for otp_required_for_login' do
       user = Fabricate.build(:user, otp_required_for_login: true)