Show correct email for authorization confirmation#11667
Conversation
vrajmohan
force-pushed
the
vm-correct-email-for-authorization-confirmation
branch
from
614c31a to
b5c849e
Compare
app/models/user.rb
Outdated
There was a problem hiding this comment.
I like how you are using this to simplify things like EmailContext.new(current_user)...etc
kevinsmaster5
left a comment
kevinsmaster5
left a comment
There was a problem hiding this comment.
Looks good and works as expected in bug ticket.
app/decorators/email_context.rb
Outdated
There was a problem hiding this comment.
I don't think these stubs were valid anyways, but might have been trying to refer to this method now removed and we could remove the stub as well?
app/models/user.rb
Outdated
There was a problem hiding this comment.
Similar comment about test coverage in spec/models/user_spec.rb. I'd be specifically concerned to have regression coverage in how we rely on confirmed_email_addresses to be ordered here, which I wouldn't think is a given.
There was a problem hiding this comment.
IMO, it would be better to use scopes as shown at the end of https://api.rubyonrails.org/v8.0.1/classes/ActiveRecord/Scoping/Named/ClassMethods.html#method-i-scope. Should I go ahead?
There was a problem hiding this comment.
What would scopes do for us here, or at least specifically in regard to my comment?
There was a problem hiding this comment.
We would be explicit when we say user.email_addresses.confirmed.last_signed_in.
vrajmohan
force-pushed
the
vm-correct-email-for-authorization-confirmation
branch
from
e17819d to
be8d297
Compare
|
Just realizing that I have misunderstood active service provider identities. Fixing... |
vrajmohan
force-pushed
the
vm-correct-email-for-authorization-confirmation
branch
from
be8d297 to
4aa4f42
Compare
|
Can you resolve the merge conflict? |
There was a problem hiding this comment.
Minor: I might expect the assignment here to happen in a before block so that if we added additional test cases to this context, each would have the same common behavior of "sharing has been set" without having to duplicate the code. Similar to what we're doing with feature flag enabling.
| context 'when an email address for sharing has been set' do | |
| it 'returns the shared email' do | |
| identity.email_address = shared_email_address | |
| context 'when an email address for sharing has been set' do | |
| before do | |
| identity.email_address = shared_email_address | |
| end | |
| it 'returns the shared email' do |
Same comment applies for context block below this.
app/models/user.rb
Outdated
There was a problem hiding this comment.
How are we ensuring last_sign_in_at ordering with this change?
There was a problem hiding this comment.
This line by itself does not ensure that. The change to User#last_sign_in_email_address on line 524 does it.
There was a problem hiding this comment.
After further discussion with @aduth, we decided to leave the sort order in, even though the tests pass. We plan to clean this up in a separate PR.
vrajmohan
force-pushed
the
vm-correct-email-for-authorization-confirmation
branch
from
4aa4f42 to
7d8fc14
Compare
There was a problem hiding this comment.
I think a rebase might have gone awry, reintroducing code removed in #11656 (causing build failure).
There was a problem hiding this comment.
Yep, saw that! Fixing.
vrajmohan
force-pushed
the
vm-correct-email-for-authorization-confirmation
branch
2 times, most recently
from
b83e589 to
076f430
Compare
app/models/email_address.rb
Outdated
There was a problem hiding this comment.
This looks like a scope? Can we mark it as one with
| def self.last_sign_in | |
| order('last_sign_in_at DESC NULLS LAST').first | |
| end | |
| scope :last_sign_in, -> { order('last_sign_in_at DESC NULLS LAST').first } |
There was a problem hiding this comment.
In my opinion, a "scope" has the connotation of a filter and not an ordering. I followed the example described in the Rails docs itself (see the last couple of sections).
There was a problem hiding this comment.
Also, scopes should return an ActiveRecord::Relation or nil whereas we are returning a single object.
vrajmohan
force-pushed
the
vm-correct-email-for-authorization-confirmation
branch
2 times, most recently
from
09d7e6d to
0cc4157
Compare
changelog: Upcoming Features, Partner account, Select email to share with partner - Refactor - add a ServiceProviderIdentity#email_address_for_sharing that does the right thing - Add tests to verify correct behavior in SAML and OIDC - Eliminate EmailContext class that seemed to be of limited value. - Create method EmailAddress#last_sign_in - Remove code duplication from SAML and OIDC - Get rid of EmailContext - Get rid of `reek` remnants - Fix minor typos
vrajmohan
force-pushed
the
vm-correct-email-for-authorization-confirmation
branch
from
0cc4157 to
2c07e2a
Compare
vrajmohan
deleted the
vm-correct-email-for-authorization-confirmation
branch
5 participants
🎫 Ticket
Link to the relevant ticket:
Authorization confirmation doesn't show selected email for partner
🛠 Summary of changes
ServiceProviderIdentity#email_address_for_sharingthat does the right thingEmailContextclass that seemed to be of limited value.📜 Testing Plan
Use the "Steps to reproduce" from the Jira ticket.