diff --git a/app/controllers/concerns/unconfirmed_user_concern.rb b/app/controllers/concerns/unconfirmed_user_concern.rb index 71175d710f8..7bdfb0b1ac0 100644 --- a/app/controllers/concerns/unconfirmed_user_concern.rb +++ b/app/controllers/concerns/unconfirmed_user_concern.rb @@ -62,7 +62,7 @@ def process_valid_confirmation_token def process_unsuccessful_confirmation @confirmation_token = params[:confirmation_token] flash[:error] = unsuccessful_confirmation_error - redirect_to sign_up_email_resend_url(request_id: params[:_request_id]) + redirect_to sign_up_register_url(request_id: params[:_request_id]) end def unsuccessful_confirmation_error diff --git a/app/controllers/sign_up/cancellations_controller.rb b/app/controllers/sign_up/cancellations_controller.rb index 4ff4472ff47..185f51056cd 100644 --- a/app/controllers/sign_up/cancellations_controller.rb +++ b/app/controllers/sign_up/cancellations_controller.rb @@ -55,7 +55,7 @@ def ensure_in_setup def ensure_valid_confirmation_token return if @user flash[:error] = error_message(@token_validator) - redirect_to sign_up_email_resend_url(request_id: params[:_request_id]) + redirect_to sign_up_register_url(request_id: params[:_request_id]) end def error_message(token_validator) diff --git a/app/controllers/sign_up/email_resend_controller.rb b/app/controllers/sign_up/email_resend_controller.rb deleted file mode 100644 index 016d16ad19d..00000000000 --- a/app/controllers/sign_up/email_resend_controller.rb +++ /dev/null @@ -1,10 +0,0 @@ -# frozen_string_literal: true - -module SignUp - class EmailResendController < ApplicationController - def new - @user = User.new - @resend_email_confirmation_form = ResendEmailConfirmationForm.new - end - end -end diff --git a/app/controllers/sign_up/emails_controller.rb b/app/controllers/sign_up/emails_controller.rb index b46b4df0fd8..0bc16b51b00 100644 --- a/app/controllers/sign_up/emails_controller.rb +++ b/app/controllers/sign_up/emails_controller.rb @@ -9,7 +9,8 @@ def show @resend_confirmation = params[:resend].present? email = session.delete(:email) - @resend_email_confirmation_form = ResendEmailConfirmationForm.new(email:) + terms_accepted = session.delete(:terms_accepted) + @resend_email_confirmation_form = ResendEmailConfirmationForm.new(email:, terms_accepted:) render :show, locals: { email: email } end diff --git a/app/controllers/sign_up/registrations_controller.rb b/app/controllers/sign_up/registrations_controller.rb index 0a639228e17..83e420643e7 100644 --- a/app/controllers/sign_up/registrations_controller.rb +++ b/app/controllers/sign_up/registrations_controller.rb @@ -59,6 +59,7 @@ def process_successful_creation resend_confirmation = params[:user][:resend] session[:email] = @register_user_email_form.email + session[:terms_accepted] = @register_user_email_form.terms_accepted session[:sign_in_flow] = :create_account redirect_to sign_up_verify_email_url(resend: resend_confirmation) diff --git a/app/forms/register_user_email_form.rb b/app/forms/register_user_email_form.rb index c705c3e4652..f712535b26c 100644 --- a/app/forms/register_user_email_form.rb +++ b/app/forms/register_user_email_form.rb @@ -48,13 +48,13 @@ def digested_base_email end def validate_terms_accepted - return if @terms_accepted || email_address_record&.user&.accepted_terms_at.present? + return if @terms_accepted errors.add(:terms_accepted, t('errors.registration.terms'), type: :terms) end def submit(params, instructions = nil) - @terms_accepted = params[:terms_accepted] == '1' + @terms_accepted = !!ActiveModel::Type::Boolean.new.cast(params[:terms_accepted]) build_user_and_email_address_with_email( email: params[:email], email_language: params[:email_language], diff --git a/app/forms/resend_email_confirmation_form.rb b/app/forms/resend_email_confirmation_form.rb index 020b9e8b85b..c4c59c9dfd2 100644 --- a/app/forms/resend_email_confirmation_form.rb +++ b/app/forms/resend_email_confirmation_form.rb @@ -3,7 +3,7 @@ class ResendEmailConfirmationForm include ActiveModel::Model - attr_reader :email + attr_reader :email, :terms_accepted def self.model_name ActiveModel::Name.new(self, nil, 'User') @@ -11,6 +11,7 @@ def self.model_name def initialize(params = {}) @email = params[:email] + @terms_accepted = params[:terms_accepted] end def resend diff --git a/app/views/sign_up/email_resend/new.html.erb b/app/views/sign_up/email_resend/new.html.erb deleted file mode 100644 index e81f11d76d9..00000000000 --- a/app/views/sign_up/email_resend/new.html.erb +++ /dev/null @@ -1,16 +0,0 @@ -<% self.title = t('titles.confirmations.new') %> - -<%= render PageHeadingComponent.new.with_content(t('headings.confirmations.new')) %> -<%= simple_form_for( - @resend_email_confirmation_form, - url: sign_up_register_path, - html: { autocomplete: 'off', method: :post }, - ) do |f| %> - <%= render ValidatedFieldComponent.new( - form: f, - name: :email, - label: t('forms.registration.labels.email'), - required: true, - ) %> - <%= f.submit t('forms.buttons.resend_confirmation'), class: 'margin-top-2 margin-bottom-1' %> -<% end %> diff --git a/app/views/sign_up/emails/show.html.erb b/app/views/sign_up/emails/show.html.erb index be934f3b8d7..d6a85546d9c 100644 --- a/app/views/sign_up/emails/show.html.erb +++ b/app/views/sign_up/emails/show.html.erb @@ -26,9 +26,10 @@ url: sign_up_register_path do |f| %> <%= f.input :email, as: :hidden %> <%= f.input :resend, as: :hidden %> + <%= f.input :terms_accepted, as: :hidden %> <%= f.button :button, t('notices.signed_up_but_unconfirmed.resend_confirmation_email') %> <% end %> - <% end %> + <% end %> <% c.with_option( url: sign_up_email_path, ).with_content(t('notices.use_diff_email.link').upcase_first) %> diff --git a/config/locales/forms/en.yml b/config/locales/forms/en.yml index 750fb790f5c..3f8038ec6ae 100644 --- a/config/locales/forms/en.yml +++ b/config/locales/forms/en.yml @@ -37,7 +37,6 @@ en: disable: Delete edit: Edit manage: Manage - resend_confirmation: Resend confirmation instructions send_link: Send link send_one_time_code: Send code submit: diff --git a/config/locales/forms/es.yml b/config/locales/forms/es.yml index 5530b4377f4..84994051f13 100644 --- a/config/locales/forms/es.yml +++ b/config/locales/forms/es.yml @@ -40,7 +40,6 @@ es: disable: Borrar edit: Editar manage: Administrar - resend_confirmation: Reenviar instrucciones de confirmación send_link: Enviar enlace send_one_time_code: Enviar código submit: diff --git a/config/locales/forms/fr.yml b/config/locales/forms/fr.yml index d701464683e..d52bf4b5cef 100644 --- a/config/locales/forms/fr.yml +++ b/config/locales/forms/fr.yml @@ -41,7 +41,6 @@ fr: disable: Effacer edit: Modifier manage: Administrer - resend_confirmation: Envoyer les instructions de confirmation de nouveau send_link: Envoyer le lien send_one_time_code: Envoyer le code submit: diff --git a/config/locales/headings/en.yml b/config/locales/headings/en.yml index 92bb4db275b..89dad46edc7 100644 --- a/config/locales/headings/en.yml +++ b/config/locales/headings/en.yml @@ -19,8 +19,6 @@ en: phone: Add a phone number cancellations: prompt: Are you sure you want to cancel? - confirmations: - new: Send another confirmation email create_account_new_users: Create an account for new users create_account_with_sp: sp_text: is using %{app_name} to allow you to sign in to your account safely and diff --git a/config/locales/headings/es.yml b/config/locales/headings/es.yml index e951e3ab7af..2e35e947912 100644 --- a/config/locales/headings/es.yml +++ b/config/locales/headings/es.yml @@ -19,8 +19,6 @@ es: phone: Agregar un número de teléfono cancellations: prompt: '¿Estas seguro que quieres cancelar?' - confirmations: - new: Enviar otro email de confirmación create_account_new_users: Crear una cuenta para usuarios nuevos create_account_with_sp: sp_text: está utilizando %{app_name} para permitirle iniciar sesión en su cuenta diff --git a/config/locales/headings/fr.yml b/config/locales/headings/fr.yml index d59540f0ce9..ad3f2805718 100644 --- a/config/locales/headings/fr.yml +++ b/config/locales/headings/fr.yml @@ -19,8 +19,6 @@ fr: phone: Ajouter un numéro de téléphone cancellations: prompt: Es-tu sûre de vouloir annuler? - confirmations: - new: Envoyer un autre courriel de confirmation create_account_new_users: Créer un compte pour les nouveaux utilisateurs create_account_with_sp: sp_text: utilise %{app_name} pour vous permettre de vous connecter à votre diff --git a/config/locales/titles/en.yml b/config/locales/titles/en.yml index 05857157719..e960b51410e 100644 --- a/config/locales/titles/en.yml +++ b/config/locales/titles/en.yml @@ -8,7 +8,6 @@ en: backup_codes: Don’t lose your backup codes confirmations: delete: Please confirm - new: Resend confirmation instructions for your account show: Choose a password doc_auth: address: Update your mailing address diff --git a/config/locales/titles/es.yml b/config/locales/titles/es.yml index 3a2fee7ec1e..11b409ab388 100644 --- a/config/locales/titles/es.yml +++ b/config/locales/titles/es.yml @@ -8,7 +8,6 @@ es: backup_codes: No pierda sus códigos de respaldo confirmations: delete: Por favor confirmar - new: Reenviar instrucciones de confirmación de su cuenta show: Elija una contraseña doc_auth: address: Actualice su dirección postal diff --git a/config/locales/titles/fr.yml b/config/locales/titles/fr.yml index 297b405d48f..93940a033d3 100644 --- a/config/locales/titles/fr.yml +++ b/config/locales/titles/fr.yml @@ -8,7 +8,6 @@ fr: backup_codes: Ne perdez pas vos codes de sauvegarde confirmations: delete: Veuillez confirmer - new: Envoyer les instructions de confirmation pour votre compte show: Choisissez un mot de passe doc_auth: address: Mettez à jour votre adresse postale diff --git a/config/routes.rb b/config/routes.rb index b2c815366a9..f37a9283f3a 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -300,7 +300,7 @@ as: :sign_up_create_email_confirmation get '/sign_up/enter_email' => 'sign_up/registrations#new', as: :sign_up_email post '/sign_up/enter_email' => 'sign_up/registrations#create', as: :sign_up_register - get '/sign_up/enter_email/resend' => 'sign_up/email_resend#new', as: :sign_up_email_resend + get '/sign_up/enter_email/resend' => redirect('/sign_up/enter_email') get '/sign_up/enter_password' => 'sign_up/passwords#new' get '/sign_up/verify_email' => 'sign_up/emails#show', as: :sign_up_verify_email get '/sign_up/completed' => 'sign_up/completions#show', as: :sign_up_completed diff --git a/spec/controllers/sign_up/cancellations_controller_spec.rb b/spec/controllers/sign_up/cancellations_controller_spec.rb index 5deb7e29a0b..96af62cb09b 100644 --- a/spec/controllers/sign_up/cancellations_controller_spec.rb +++ b/spec/controllers/sign_up/cancellations_controller_spec.rb @@ -32,7 +32,7 @@ it 'redirects if no user is present' do delete :destroy - expect(response).to redirect_to(sign_up_email_resend_url) + expect(response).to redirect_to(sign_up_register_url) end it 'redirects if user has completed sign up' do @@ -68,7 +68,7 @@ delete :destroy expect(flash[:error]).to eq t('errors.messages.confirmation_invalid_token') - expect(response).to redirect_to(sign_up_email_resend_url) + expect(response).to redirect_to(sign_up_register_url) end it 'redirects if confirmation_token is expired' do @@ -89,7 +89,7 @@ subject.session[:user_confirmation_token] = confirmation_token delete :destroy - expect(response).to redirect_to(sign_up_email_resend_url) + expect(response).to redirect_to(sign_up_register_url) expect(flash[:error]).to eq t('errors.messages.confirmation_period_expired') end diff --git a/spec/controllers/sign_up/email_confirmations_controller_spec.rb b/spec/controllers/sign_up/email_confirmations_controller_spec.rb index 38206991c33..36bcd7dc276 100644 --- a/spec/controllers/sign_up/email_confirmations_controller_spec.rb +++ b/spec/controllers/sign_up/email_confirmations_controller_spec.rb @@ -33,7 +33,7 @@ get :create, params: { confirmation_token: nil } expect(flash[:error]).to eq t('errors.messages.confirmation_invalid_token') - expect(response).to redirect_to sign_up_email_resend_path + expect(response).to redirect_to sign_up_register_url end it 'tracks blank email confirmation token' do @@ -47,7 +47,7 @@ get :create, params: { confirmation_token: '' } expect(flash[:error]).to eq t('errors.messages.confirmation_invalid_token') - expect(response).to redirect_to sign_up_email_resend_path + expect(response).to redirect_to sign_up_register_url end it 'tracks confirmation token as a single-quoted empty string' do @@ -61,7 +61,7 @@ get :create, params: { confirmation_token: "''" } expect(flash[:error]).to eq t('errors.messages.confirmation_invalid_token') - expect(response).to redirect_to sign_up_email_resend_path + expect(response).to redirect_to sign_up_register_url end it 'tracks confirmation token as a double-quoted empty string' do @@ -75,7 +75,7 @@ get :create, params: { confirmation_token: '""' } expect(flash[:error]).to eq t('errors.messages.confirmation_invalid_token') - expect(response).to redirect_to sign_up_email_resend_path + expect(response).to redirect_to sign_up_register_url end it 'tracks already confirmed token' do @@ -128,7 +128,7 @@ get :create, params: { confirmation_token: 'foo' } expect(flash[:error]).to eq t('errors.messages.confirmation_period_expired') - expect(response).to redirect_to sign_up_email_resend_path + expect(response).to redirect_to sign_up_register_url end it 'tracks blank confirmation_sent_at as expired token' do @@ -159,7 +159,7 @@ get :create, params: { confirmation_token: 'foo' } expect(flash[:error]).to eq t('errors.messages.confirmation_period_expired') - expect(response).to redirect_to sign_up_email_resend_path + expect(response).to redirect_to sign_up_register_url end describe 'sp metadata' do diff --git a/spec/controllers/sign_up/passwords_controller_spec.rb b/spec/controllers/sign_up/passwords_controller_spec.rb index 4dc62ad4ea1..d6d509ecc22 100644 --- a/spec/controllers/sign_up/passwords_controller_spec.rb +++ b/spec/controllers/sign_up/passwords_controller_spec.rb @@ -162,7 +162,7 @@ user.reload expect(user.valid_password?(password)).to eq false expect(user.confirmed?).to eq false - expect(response).to redirect_to(sign_up_email_resend_url) + expect(response).to redirect_to(sign_up_register_url) end end end @@ -181,7 +181,7 @@ ) get :new, params: { confirmation_token: token } - expect(response).to redirect_to(sign_up_email_resend_url) + expect(response).to redirect_to(sign_up_register_url) end end end diff --git a/spec/features/accessibility/user_pages_spec.rb b/spec/features/accessibility/user_pages_spec.rb index bd909ec6123..aacdf55a1f6 100644 --- a/spec/features/accessibility/user_pages_spec.rb +++ b/spec/features/accessibility/user_pages_spec.rb @@ -36,7 +36,8 @@ scenario 'invalid confirmation token' do visit sign_up_create_email_confirmation_path(confirmation_token: '123456') - expect(current_path).to eq(sign_up_email_resend_path) + expect(current_path).to eq(sign_up_register_path) + expect(page).to have_content(t('errors.messages.confirmation_invalid_token')) expect_page_to_have_no_accessibility_violations(page) end end diff --git a/spec/features/users/sign_up_spec.rb b/spec/features/users/sign_up_spec.rb index d963dd91bae..5e4c376801b 100644 --- a/spec/features/users/sign_up_spec.rb +++ b/spec/features/users/sign_up_spec.rb @@ -271,7 +271,7 @@ def clipboard_text it 'returns them to the resend email confirmation page' do visit sign_up_enter_password_path(confirmation_token: 'foo', request_id: 'bar') - expect(page).to have_current_path(sign_up_email_resend_path) + expect(page).to have_current_path(sign_up_register_path) expect(page). to have_content t('errors.messages.confirmation_invalid_token') diff --git a/spec/features/visitors/email_confirmation_spec.rb b/spec/features/visitors/email_confirmation_spec.rb index e424d34d319..ab984f0a983 100644 --- a/spec/features/visitors/email_confirmation_spec.rb +++ b/spec/features/visitors/email_confirmation_spec.rb @@ -1,6 +1,22 @@ require 'rails_helper' RSpec.feature 'Email confirmation during sign up', allowed_extra_analytics: [:*] do + it 'requires user to accept rules of use when registering email' do + visit sign_up_email_path + fill_in t('forms.registration.labels.email'), with: 'test@example.com' + click_submit_default + + expect(page).to have_current_path(sign_up_email_path) + expect(page).to have_content(t('errors.registration.terms')) + + fill_in t('forms.registration.labels.email'), with: 'test@example.com' + check t('sign_up.terms', app_name: APP_NAME) + click_submit_default + + expect(page).to have_current_path(sign_up_verify_email_url) + expect(page).not_to have_content(t('errors.registration.terms')) + end + scenario 'confirms valid email and sets valid password' do reset_email email = 'test@example.com' diff --git a/spec/features/visitors/password_recovery_spec.rb b/spec/features/visitors/password_recovery_spec.rb index beafe728c4b..efaa5e59b32 100644 --- a/spec/features/visitors/password_recovery_spec.rb +++ b/spec/features/visitors/password_recovery_spec.rb @@ -66,9 +66,10 @@ user = create(:user, :unconfirmed) confirm_last_user reset_email - visit sign_up_email_resend_path + visit sign_up_email_path fill_in t('forms.registration.labels.email'), with: user.email - click_button t('forms.buttons.resend_confirmation') + check t('sign_up.terms', app_name: APP_NAME) + click_submit_default open_last_email click_email_link_matching(/confirmation_token/) end diff --git a/spec/features/visitors/resend_email_confirmation_spec.rb b/spec/features/visitors/resend_email_confirmation_spec.rb index 9864029c032..1f86dc3459e 100644 --- a/spec/features/visitors/resend_email_confirmation_spec.rb +++ b/spec/features/visitors/resend_email_confirmation_spec.rb @@ -1,84 +1,17 @@ require 'rails_helper' -require 'email_spec' -RSpec.feature 'Visit requests confirmation instructions again during sign up', - allowed_extra_analytics: [:*] do - include(EmailSpec::Helpers) - include(EmailSpec::Matchers) - - let!(:user) { build(:user, confirmed_at: nil) } +RSpec.feature 'Visit requests confirmation instructions again during sign up' do + let!(:user) { create(:user, :unconfirmed) } before(:each) do - visit sign_up_email_resend_path + visit sign_up_email_path end scenario 'user can resend their confirmation instructions via email' do - user.save! fill_in t('forms.registration.labels.email'), with: user.email + check t('sign_up.terms', app_name: APP_NAME) + click_submit_default - click_button t('forms.buttons.resend_confirmation') expect(unread_emails_for(user.email)).to be_present end - - scenario 'user rate limited sending confirmation emails' do - user.save! - email = user.email - - max_attempts = IdentityConfig.store.reg_unconfirmed_email_max_attempts - (max_attempts - 1).times do |i| - submit_resend_email_confirmation(email) - expect(unread_emails_for(user.email).size).to eq(i + 1) - end - - expect(unread_emails_for(user.email).size).to eq(max_attempts - 1) - submit_resend_email_confirmation(email) - expect(unread_emails_for(user.email).size).to eq(max_attempts - 1) - end - - scenario 'user enters email with invalid format' do - invalid_addresses = [ - 'user@domain-without-suffix', - 'Buy Medz 0nl!ne http://pharma342.onlinestore.com', - ] - allow(ValidateEmail).to receive(:mx_valid?).and_return(false) - - button = t('forms.buttons.resend_confirmation') - invalid_addresses.each do |email| - fill_in t('forms.registration.labels.email'), with: email - click_button button - button = t('forms.buttons.submit.default') - - expect(page).to have_content t('valid_email.validations.email.invalid') - end - end - - scenario 'user enters email with invalid domain name' do - invalid_addresses = [ - 'foo@bar.com', - 'foo@example.com', - ] - allow(ValidateEmail).to receive(:mx_valid?).and_return(false) - - button = t('forms.buttons.resend_confirmation') - invalid_addresses.each do |email| - fill_in t('forms.registration.labels.email'), with: email - click_button button - button = t('forms.buttons.submit.default') - - expect(page).to have_content t('valid_email.validations.email.invalid') - end - end - - scenario 'user enters empty email' do - fill_in t('forms.registration.labels.email'), with: '' - click_button t('forms.buttons.resend_confirmation') - - expect(page).to have_content t('valid_email.validations.email.invalid') - end - - def submit_resend_email_confirmation(email) - visit sign_up_email_resend_path - fill_in t('forms.registration.labels.email'), with: email - click_button t('forms.buttons.resend_confirmation') - end end diff --git a/spec/forms/register_user_email_form_spec.rb b/spec/forms/register_user_email_form_spec.rb index 6bc9992f895..8d1da4e8afd 100644 --- a/spec/forms/register_user_email_form_spec.rb +++ b/spec/forms/register_user_email_form_spec.rb @@ -374,6 +374,37 @@ end end + context 'when terms accepted using castable value' do + it 'is successful' do + result = subject.submit(email: unregistered_email_address, terms_accepted: 'true') + + expect(result.to_h).to eq( + success: true, + errors: {}, + email_already_exists: false, + rate_limited: false, + user_id: User.find_with_email(unregistered_email_address).uuid, + domain_name: email_domain, + ) + end + end + + context 'when terms not accepted' do + it 'is unsuccessful with error for terms accepted' do + result = subject.submit(email: unregistered_email_address) + + expect(result.to_h).to eq( + success: false, + errors: { terms_accepted: [t('errors.registration.terms')] }, + error_details: { terms_accepted: { terms: true } }, + email_already_exists: false, + rate_limited: false, + user_id: 'anonymous-uuid', + domain_name: email_domain, + ) + end + end + context 'when request_id is invalid' do it 'returns successful and does not include request_id in email' do invalid_id = 'fake_id' diff --git a/spec/support/features/session_helper.rb b/spec/support/features/session_helper.rb index c59d6960414..4658d9ef97a 100644 --- a/spec/support/features/session_helper.rb +++ b/spec/support/features/session_helper.rb @@ -373,7 +373,8 @@ def sign_up_user_from_sp_without_confirming_email(email) attempt_to_confirm_email_with_invalid_token(sp_request_id) - expect(current_url).to eq sign_up_email_resend_url(request_id: sp_request_id) + expect(page).to have_current_path sign_up_register_path(request_id: sp_request_id) + expect(page).to have_content t('errors.messages.confirmation_invalid_token') submit_resend_email_confirmation_form_with_correct_email(email) @@ -438,7 +439,8 @@ def attempt_to_confirm_email_with_invalid_token(request_id) def submit_resend_email_confirmation_form_with_correct_email(email) fill_in t('forms.registration.labels.email'), with: email - click_button t('forms.buttons.resend_confirmation') + check t('sign_up.terms', app_name: APP_NAME) + click_submit_default end def click_confirmation_link_in_email(email) diff --git a/spec/views/sign_up/email_resend/new.html.erb_spec.rb b/spec/views/sign_up/email_resend/new.html.erb_spec.rb deleted file mode 100644 index fc5b5450542..00000000000 --- a/spec/views/sign_up/email_resend/new.html.erb_spec.rb +++ /dev/null @@ -1,20 +0,0 @@ -require 'rails_helper' - -RSpec.describe 'sign_up/email_resend/new.html.erb' do - before do - @user = User.new - @resend_email_confirmation_form = ResendEmailConfirmationForm.new - end - - it 'has a localized title' do - expect(view).to receive(:title=).with(t('titles.confirmations.new')) - - render - end - - it 'has a localized header' do - render - - expect(rendered).to have_selector('h1', text: t('headings.confirmations.new')) - end -end