Merge branch '65483-add-a-resend-confirmation-link' into 'master'

Add a resend confirmation link when grace period is expired See merge request gitlab-org/gitlab-ce!31476

Merge branch '65483-add-a-resend-confirmation-link' into 'master'
Add a resend confirmation link when grace period is expired See merge request gitlab-org/gitlab-ce!31476
3cae58b3 · Mayra Cabrera · e9a424a2 · 0c526db5 · 3cae58b3 · 3cae58b3
Commit 3cae58b3 authored Aug 14, 2019 by Mayra Cabrera
6 changed files
--- a/app/helpers/sessions_helper.rb
+++ b/app/helpers/sessions_helper.rb
+# frozen_string_literal: true
+module SessionsHelper
+  def unconfirmed_email?
+    flash[:alert] == t(:unconfirmed, scope: [:devise, :failure])
+  end
+end
--- a/app/views/devise/sessions/_new_base.html.haml
+++ b/app/views/devise/sessions/_new_base.html.haml
 = form_for(resource, as: resource_name, url: session_path(resource_name), html: { class: 'new_user gl-show-field-errors', 'aria-live' => 'assertive'}) do |f|
  .form-group
-    = f.label "Username or email", for: "user_login", class: 'label-bold'
+    = f.label _('Username or email'), for: 'user_login', class: 'label-bold'
-    = f.text_field :login, class: "form-control top", autofocus: "autofocus", autocapitalize: "off", autocorrect: "off", required: true, title: "This field is required.", data: { qa_selector: 'login_field' }
+    = f.text_field :login, class: 'form-control top', autofocus: 'autofocus', autocapitalize: 'off', autocorrect: 'off', required: true, title: _('This field is required.'), data: { qa_selector: 'login_field' }
  .form-group
    = f.label :password, class: 'label-bold'
-    = f.password_field :password, class: "form-control bottom", required: true, title: "This field is required.", data: { qa_selector: 'password_field' }
+    = f.password_field :password, class: 'form-control bottom', required: true, title: _('This field is required.'), data: { qa_selector: 'password_field' }
  - if devise_mapping.rememberable?
    .remember-me
-      %label{ for: "user_remember_me" }
+      %label{ for: 'user_remember_me' }
        = f.check_box :remember_me, class: 'remember-me-checkbox'
        %span Remember me
-      .float-right.forgot-password
+      .float-right
-        = link_to "Forgot your password?", new_password_path(:user)
+        - if unconfirmed_email?
+          = link_to _('Resend confirmation email'), new_user_confirmation_path
+        - else
+          = link_to _('Forgot your password?'), new_password_path(:user)
    %div
    - if captcha_enabled?
      = recaptcha_tags
  .submit-container.move-submit-down
-    = f.submit "Sign in", class: "btn btn-success", data: { qa_selector: 'sign_in_button' }
+    = f.submit _('Sign in'), class: 'btn btn-success', data: { qa_selector: 'sign_in_button' }
--- a/changelogs/unreleased/65483-add-a-resend-confirmation-link.yml
+++ b/changelogs/unreleased/65483-add-a-resend-confirmation-link.yml
+---
+title: Allow users to resend a confirmation link when the grace period has expired
+merge_request: 31476
+author:
+type: changed
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -5077,6 +5077,9 @@ msgstr ""
 msgid "For public projects, anyone can view pipelines and access job details (output logs and artifacts)"
 msgstr ""
+msgid "Forgot your password?"
+msgstr ""
 msgid "Fork"
 msgstr ""
@@ -12527,6 +12530,9 @@ msgstr ""
 msgid "Username is available."
 msgstr ""
+msgid "Username or email"
+msgstr ""
 msgid "Users"
 msgstr ""

--- a/spec/features/users/login_spec.rb
+++ b/spec/features/users/login_spec.rb
@@ -95,6 +95,42 @@ describe 'Login' do
    end
  end
+  describe 'with an unconfirmed email address' do
+    let!(:user) { create(:user, confirmed_at: nil) }
+    let(:grace_period) { 2.days }
+    before do
+      stub_application_setting(send_user_confirmation_email: true)
+      allow(User).to receive(:allow_unconfirmed_access_for).and_return grace_period
+    end
+    context 'within the grace period' do
+      it 'allows to login' do
+        expect(authentication_metrics).to increment(:user_authenticated_counter)
+        gitlab_sign_in(user)
+        expect(page).not_to have_content('You have to confirm your email address before continuing.')
+        expect(page).not_to have_link('Resend confirmation email', href: new_user_confirmation_path)
+      end
+    end
+    context 'when the confirmation grace period is expired' do
+      it 'prevents the user from logging in and renders a resend confirmation email link' do
+        travel_to((grace_period + 1.day).from_now) do
+          expect(authentication_metrics)
+            .to increment(:user_unauthenticated_counter)
+            .and increment(:user_session_destroyed_counter).twice
+          gitlab_sign_in(user)
+          expect(page).to have_content('You have to confirm your email address before continuing.')
+          expect(page).to have_link('Resend confirmation email', href: new_user_confirmation_path)
+        end
+      end
+    end
+  end
  describe 'with the ghost user' do
    it 'disallows login' do
      expect(authentication_metrics)

--- a/spec/helpers/sessions_helper_spec.rb
+++ b/spec/helpers/sessions_helper_spec.rb
+# frozen_string_literal: true
+require 'spec_helper'
+describe SessionsHelper do
+  describe '#unconfirmed_email?' do
+    it 'returns true when the flash alert contains a devise failure unconfirmed message' do
+      flash[:alert] = t(:unconfirmed, scope: [:devise, :failure])
+      expect(helper.unconfirmed_email?).to be_truthy
+    end
+    it 'returns false when the flash alert does not contain a devise failure unconfirmed message' do
+      flash[:alert] = 'something else'
+      expect(helper.unconfirmed_email?).to be_falsey
+    end
+  end
+end