LG-6988 Email Submission Rate Limit events

app/controllers/sign_up/registrations_controller.rb

@@ -10,14 +10,18 @@ class RegistrationsController < ApplicationController
     CREATE_ACCOUNT = 'create_account'
 
     def new
-      @register_user_email_form = RegisterUserEmailForm.new(analytics: analytics)
+      @register_user_email_form = RegisterUserEmailForm.new(
+        analytics: analytics,
+        attempts_tracker: irs_attempts_api_tracker,
+      )
       analytics.user_registration_enter_email_visit
       render :new, locals: { request_id: nil }, formats: :html
     end
 
     def create
       @register_user_email_form = RegisterUserEmailForm.new(
         analytics: analytics,
+        attempts_tracker: irs_attempts_api_tracker,
       )
 
       result = @register_user_email_form.submit(permitted_params)

app/forms/register_user_email_form.rb

@@ -14,10 +14,11 @@ def self.model_name
     ActiveModel::Name.new(self, nil, 'User')
   end
 
-  def initialize(analytics:, password_reset_requested: false)
+  def initialize(analytics:, attempts_tracker:, password_reset_requested: false)
     @throttled = false
     @password_reset_requested = password_reset_requested
     @analytics = analytics
+    @attempts_tracker = attempts_tracker
   end
 
   def user
@@ -133,6 +134,9 @@ def send_sign_up_unconfirmed_email(request_id)
       @analytics.throttler_rate_limit_triggered(
         throttle_type: :reg_unconfirmed_email,
       )
+      @attempts_tracker.user_registration_email_submission_rate_limited(
+        email: email, email_already_registered: false,
+      )
     else
       SendSignUpEmailConfirmation.new(existing_user).call(request_id: request_id)
     end
@@ -146,6 +150,9 @@ def send_sign_up_confirmed_email
       @analytics.throttler_rate_limit_triggered(
         throttle_type: :reg_confirmed_email,
       )
+      @attempts_tracker.user_registration_email_submission_rate_limited(
+        email: email, email_already_registered: true,
+      )
     else
       UserMailer.signup_with_your_email(existing_user, email).deliver_now_or_later
     end

app/services/irs_attempts_api/tracker_events.rb

@@ -378,6 +378,20 @@ def user_registration_email_confirmation(
       )
     end
 
+    # Tracks when user is rate limited for submitting registration email
+    # @param [String] email
+    # @param [Boolean] email_already_registered
+    def user_registration_email_submission_rate_limited(
+      email:,
+      email_already_registered:
+    )
+      track_event(
+        :user_registration_email_submission_rate_limited,
+        email: email,
+        email_already_registered: email_already_registered,
+      )
+    end
+
     # Tracks when user submits registration email
     # @param [Boolean] success
     # @param [String] email

app/services/request_password_reset.rb

@@ -5,7 +5,11 @@
 ) do
   def perform
     if user_should_receive_registration_email?
-      form = RegisterUserEmailForm.new(password_reset_requested: true, analytics: analytics)
+      form = RegisterUserEmailForm.new(
+        password_reset_requested: true,
+        analytics: analytics,
+        attempts_tracker: irs_attempts_api_tracker,
+      )
       result = form.submit({ email: email, terms_accepted: '1' }, instructions)
       [form.user, result]
     else

spec/forms/register_user_email_form_spec.rb

@@ -2,7 +2,8 @@
 
 describe RegisterUserEmailForm do
   let(:analytics) { FakeAnalytics.new }
-  subject { RegisterUserEmailForm.new(analytics: analytics) }
+  let(:attempts_tracker) { IrsAttemptsApiTrackingHelper::FakeAttemptsTracker.new }
+  subject { RegisterUserEmailForm.new(analytics: analytics, attempts_tracker: attempts_tracker) }
 
   it_behaves_like 'email validation'
 
@@ -33,6 +34,12 @@
       end
 
       it 'creates throttle events after reaching throttle limit' do
+        expect(attempts_tracker).to receive(
+          :user_registration_email_submission_rate_limited,
+        ).with(
+          email: 'taken@example.com', email_already_registered: true,
+        )
+
         create(:user, :signed_up, email: 'taken@example.com')
 
         (IdentityConfig.store.reg_confirmed_email_max_attempts + 1).times do
@@ -72,6 +79,12 @@
       end
 
       it 'creates throttle events after reaching throttle limit' do
+        expect(attempts_tracker).to receive(
+          :user_registration_email_submission_rate_limited,
+        ).with(
+          email: 'test@example.com', email_already_registered: false,
+        )
+
         create(:user, email: 'test@example.com', confirmed_at: nil, uuid: '123')
         (IdentityConfig.store.reg_unconfirmed_email_max_attempts + 1).times do
           subject.submit(email: 'test@example.com', terms_accepted: '1')
@@ -122,7 +135,7 @@
       end
 
       it 'saves the user email_language for a valid form' do
-        form = RegisterUserEmailForm.new(analytics: analytics)
+        form = RegisterUserEmailForm.new(analytics: analytics, attempts_tracker: attempts_tracker)
 
         response = form.submit(
           email: 'not_taken@gmail.com', email_language: 'fr', terms_accepted: '1',

spec/views/sign_up/registrations/new.html.erb_spec.rb

@@ -10,7 +10,10 @@
   end
   before do
     allow(view).to receive(:current_user).and_return(nil)
-    @register_user_email_form = RegisterUserEmailForm.new(analytics: FakeAnalytics.new)
+    @register_user_email_form = RegisterUserEmailForm.new(
+      analytics: FakeAnalytics.new,
+      attempts_tracker: IrsAttemptsApiTrackingHelper::FakeAttemptsTracker.new,
+    )
     view_context = ActionController::Base.new.view_context
     allow(view_context).to receive(:new_user_session_url).
       and_return('https://www.example.com/')