Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Boxiang Sun
gitlab-ce
Commits
ed99c899
Commit
ed99c899
authored
Sep 18, 2017
by
Brett Walker
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
allow a verified secondary email to be use as the primary without
a reconfirmation
parent
442dbf6d
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
42 additions
and
7 deletions
+42
-7
app/models/user.rb
app/models/user.rb
+14
-4
spec/controllers/profiles_controller_spec.rb
spec/controllers/profiles_controller_spec.rb
+14
-0
spec/features/profiles/emails_spec.rb
spec/features/profiles/emails_spec.rb
+1
-1
spec/models/email_spec.rb
spec/models/email_spec.rb
+0
-2
spec/models/user_spec.rb
spec/models/user_spec.rb
+13
-0
No files found.
app/models/user.rb
View file @
ed99c899
...
@@ -161,15 +161,16 @@ class User < ActiveRecord::Base
...
@@ -161,15 +161,16 @@ class User < ActiveRecord::Base
before_validation
:sanitize_attrs
before_validation
:sanitize_attrs
before_validation
:set_notification_email
,
if: :email_changed?
before_validation
:set_notification_email
,
if: :email_changed?
before_validation
:set_public_email
,
if: :public_email_changed?
before_validation
:set_public_email
,
if: :public_email_changed?
after_update
:update_emails_with_primary_email
,
if: :email_changed?
before_save
:ensure_authentication_token
,
:ensure_incoming_email_token
before_save
:ensure_authentication_token
,
:ensure_incoming_email_token
before_save
:ensure_user_rights_and_limits
,
if: :external_changed?
before_save
:ensure_user_rights_and_limits
,
if: :external_changed?
before_save
:skip_reconfirmation!
,
if:
->
(
user
)
{
user
.
email_changed?
&&
user
.
read_only_attribute?
(
:email
)
}
before_save
:skip_reconfirmation!
,
if:
->
(
user
)
{
user
.
email_changed?
&&
user
.
read_only_attribute?
(
:email
)
}
before_save
:check_for_verified_email
,
if:
->
(
user
)
{
user
.
email_changed?
&&
!
user
.
new_record?
}
after_save
:ensure_namespace_correct
after_save
:ensure_namespace_correct
after_destroy
:post_destroy_hook
after_commit
:update_emails_with_primary_email
,
on: :update
,
if:
->
{
previous_changes
.
key?
(
'email'
)
}
after_commit
:update_invalid_gpg_signatures
,
on: :update
,
if:
->
{
previous_changes
.
key?
(
'email'
)
}
after_commit
:update_invalid_gpg_signatures
,
on: :update
,
if:
->
{
previous_changes
.
key?
(
'email'
)
}
after_initialize
:set_projects_limit
after_initialize
:set_projects_limit
after_destroy
:post_destroy_hook
# User's Layout preference
# User's Layout preference
enum
layout:
[
:fixed
,
:fluid
]
enum
layout:
[
:fixed
,
:fluid
]
...
@@ -222,6 +223,11 @@ class User < ActiveRecord::Base
...
@@ -222,6 +223,11 @@ class User < ActiveRecord::Base
end
end
end
end
# see if the new email is already a verified secondary email
def
check_for_verified_email
skip_reconfirmation!
if
emails
.
find_by
(
email:
self
.
email
).
try
(
:confirmed?
)
end
mount_uploader
:avatar
,
AvatarUploader
mount_uploader
:avatar
,
AvatarUploader
has_many
:uploads
,
as: :model
,
dependent: :destroy
# rubocop:disable Cop/ActiveRecordDependent
has_many
:uploads
,
as: :model
,
dependent: :destroy
# rubocop:disable Cop/ActiveRecordDependent
...
@@ -523,14 +529,18 @@ class User < ActiveRecord::Base
...
@@ -523,14 +529,18 @@ class User < ActiveRecord::Base
errors
.
add
(
:public_email
,
"is not an email you own"
)
unless
all_emails
.
include?
(
public_email
)
errors
.
add
(
:public_email
,
"is not an email you own"
)
unless
all_emails
.
include?
(
public_email
)
end
end
# note: the use of the Emails services will cause `saves` on the user object, running
# through the callbacks again and can have side effects, such as the `previous_changes`
# hash getting cleared.
def
update_emails_with_primary_email
def
update_emails_with_primary_email
primary_email_record
=
emails
.
find_by
(
email:
email
)
primary_email_record
=
emails
.
find_by
(
email:
email
)
if
primary_email_record
if
primary_email_record
previous_email
=
previous_changes
[
:email
][
0
]
Emails
::
DestroyService
.
new
(
self
).
execute
(
primary_email_record
)
Emails
::
DestroyService
.
new
(
self
).
execute
(
primary_email_record
)
# the original primary email was confirmed, and we want that to carry over. We don't
# the original primary email was confirmed, and we want that to carry over. We don't
# have access to the original confirmation values at this point, so just set confirmed_at
# have access to the original confirmation values at this point, so just set confirmed_at
Emails
::
CreateService
.
new
(
self
,
email:
email_was
).
execute
(
confirmed_at:
confirmed_at_was
)
Emails
::
CreateService
.
new
(
self
,
email:
previous_email
).
execute
(
confirmed_at:
confirmed_at
)
end
end
end
end
...
...
spec/controllers/profiles_controller_spec.rb
View file @
ed99c899
...
@@ -15,6 +15,20 @@ describe ProfilesController do
...
@@ -15,6 +15,20 @@ describe ProfilesController do
expect
(
user
.
unconfirmed_email
).
to
eq
(
'john@gmail.com'
)
expect
(
user
.
unconfirmed_email
).
to
eq
(
'john@gmail.com'
)
end
end
it
"allows an email update without confirmation if existing verified email"
do
user
=
create
(
:user
)
email
=
create
(
:email
,
:confirmed
,
user:
user
,
email:
'john@gmail.com'
)
sign_in
(
user
)
put
:update
,
user:
{
email:
"john@gmail.com"
,
name:
"John"
}
user
.
reload
expect
(
response
.
status
).
to
eq
(
302
)
expect
(
user
.
unconfirmed_email
).
to
eq
nil
end
it
"ignores an email update from a user with an external email address"
do
it
"ignores an email update from a user with an external email address"
do
stub_omniauth_setting
(
sync_profile_from_provider:
[
'ldap'
])
stub_omniauth_setting
(
sync_profile_from_provider:
[
'ldap'
])
stub_omniauth_setting
(
sync_profile_attributes:
true
)
stub_omniauth_setting
(
sync_profile_attributes:
true
)
...
...
spec/features/profiles/emails_spec.rb
View file @
ed99c899
...
@@ -4,7 +4,7 @@ feature 'Profile > Emails' do
...
@@ -4,7 +4,7 @@ feature 'Profile > Emails' do
let
(
:user
)
{
create
(
:user
)
}
let
(
:user
)
{
create
(
:user
)
}
before
do
before
do
login_as
(
user
)
sign_in
(
user
)
end
end
describe
'User adds an email'
do
describe
'User adds an email'
do
...
...
spec/models/email_spec.rb
View file @
ed99c899
...
@@ -24,8 +24,6 @@ describe Email do
...
@@ -24,8 +24,6 @@ describe Email do
email
=
user
.
emails
.
create
(
email:
'new@email.com'
)
email
=
user
.
emails
.
create
(
email:
'new@email.com'
)
expect
(
user
).
to
receive
(
:update_invalid_gpg_signatures
)
expect
(
user
).
to
receive
(
:update_invalid_gpg_signatures
)
email
.
confirm
email
.
confirm
# email.save
end
end
end
end
end
end
spec/models/user_spec.rb
View file @
ed99c899
...
@@ -359,6 +359,19 @@ describe User do
...
@@ -359,6 +359,19 @@ describe User do
expect
(
external_user
.
projects_limit
).
to
be
0
expect
(
external_user
.
projects_limit
).
to
be
0
end
end
end
end
describe
'#check_for_verified_email'
do
let
(
:user
)
{
create
(
:user
)
}
let
(
:secondary
)
{
create
(
:email
,
:confirmed
,
email:
'secondary@example.com'
,
user:
user
,
)
}
it
'allows a verfied secondary email to be used as the primary without needing reconfirmation'
do
user
.
update_attributes!
(
email:
secondary
.
email
)
user
.
reload
expect
(
user
.
email
).
to
eq
secondary
.
email
expect
(
user
.
unconfirmed_email
).
to
eq
nil
expect
(
user
.
confirmed?
).
to
be_truthy
end
end
end
end
describe
'after update hook'
do
describe
'after update hook'
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment