From bc9519f365731718da0730d486a9a3472e5ba1ed Mon Sep 17 00:00:00 2001 From: Aaron Spencer <62190777+Airk0n@users.noreply.github.com> Date: Fri, 16 Jun 2023 16:03:28 +0100 Subject: [PATCH] CLDC 2328: Resend invitation button (#1680) * CDCL-2326: Init - button moved, button added * CLDC-2328: Button cleanup, user controller endpoint created * CLDC-2328: Tests added * CLDC-2328: Tests added to user controller * CLDC-2328: WIp Testing * CLDC-2328: Testing of sent emails * CLDC-2328: Button uses post instead of get, tests reflect this. * CLDC-2328: Invite button only appears for support users. * CLDC-2328: Email test refactor. * CLDC-2328: Flash now shows email address, Button moved. --- app/controllers/users_controller.rb | 6 ++ app/views/users/show.html.erb | 27 +++++---- config/routes.rb | 1 + spec/features/user_spec.rb | 79 ++++++++++++++++++++++++++ spec/requests/users_controller_spec.rb | 35 ++++++++++++ 5 files changed, 137 insertions(+), 11 deletions(-) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 0c343b8c3..9e6491554 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -29,6 +29,12 @@ class UsersController < ApplicationController end end + def resend_invite + @user.send_confirmation_instructions + flash[:notice] = "Invitation sent to #{@user.email}" + render :show + end + def show; end def dpo; end diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb index e6cb9fd3e..845e6ebba 100644 --- a/app/views/users/show.html.erb +++ b/app/views/users/show.html.erb @@ -5,17 +5,6 @@

<%= content_for(:title) %>

-

- <% if current_user.can_toggle_active?(@user) %> - <% if @user.active? %> - <%= govuk_link_to "Deactivate user", "/users/#{@user.id}/deactivate" %> - <% else %> - - This user has been deactivated. <%= govuk_link_to "Reactivate user", "/users/#{@user.id}/reactivate" %> - - <% end %> - <% end %> -

Personal details @@ -103,5 +92,21 @@ end end %> <% end %> + +
+ <% if current_user.can_toggle_active?(@user) %> + <% if @user.active? %> + <%= govuk_button_link_to "Deactivate user", deactivate_user_path(@user), warning: true %> + <% if current_user.support? %> + <%= govuk_button_to "Resend invite link", resend_invite_user_path(@user), secondary: true %> + <% end %> + <% else %> + + This user has been deactivated. <%= govuk_button_link_to "Reactivate user", reactivate_user_path(@user) %> + + <% end %> + <% end %> +
+ diff --git a/config/routes.rb b/config/routes.rb index fa0cb598e..8b61f1ece 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -110,6 +110,7 @@ Rails.application.routes.draw do member do get "deactivate", to: "users#deactivate" get "reactivate", to: "users#reactivate" + post "resend-invite", to: "users#resend_invite" end end diff --git a/spec/features/user_spec.rb b/spec/features/user_spec.rb index 0c7f6c2c6..d4e1a6052 100644 --- a/spec/features/user_spec.rb +++ b/spec/features/user_spec.rb @@ -454,6 +454,85 @@ RSpec.describe "User Features" do end end + context "when signed in as support" do + let!(:user) { FactoryBot.create(:user, :support) } + let!(:other_user) { FactoryBot.create(:user, name: "new user", organisation: user.organisation, email: "new_user@example.com", confirmation_token: "abc") } + + context "when reinviting a user before initial confirmation email has been sent" do + let(:personalisation) do + { + name: "new user", + email: "new_user@example.com", + organisation: other_user.organisation.name, + link: include("/account/confirmation?confirmation_token=#{other_user.confirmation_token}"), + } + end + + before do + other_user.update!(initial_confirmation_sent: false) + allow(user).to receive(:need_two_factor_authentication?).and_return(false) + sign_in(user) + visit(user_path(user.id)) + end + + it "sends initial confirmable template email when the resend invite link is clicked" do + other_user.legacy_users.destroy_all + visit(user_path(other_user)) + expect(notify_client).to receive(:send_email).with(email_address: "new_user@example.com", template_id: User::CONFIRMABLE_TEMPLATE_ID, personalisation:).once + click_button("Resend invite link") + end + end + + context "when reinviting a user after initial confirmation email has been sent" do + let(:personalisation) do + { + name: "new user", + email: "new_user@example.com", + organisation: other_user.organisation.name, + link: include("/account/confirmation?confirmation_token=#{other_user.confirmation_token}"), + } + end + + before do + other_user.update!(initial_confirmation_sent: true) + allow(user).to receive(:need_two_factor_authentication?).and_return(false) + sign_in(user) + visit(user_path(user.id)) + end + + it "sends and email when the resend invite link is clicked" do + other_user.legacy_users.destroy_all + visit(user_path(other_user)) + expect(notify_client).to receive(:send_email).with(email_address: "new_user@example.com", template_id: User::RECONFIRMABLE_TEMPLATE_ID, personalisation:).once + click_button("Resend invite link") + end + end + + context "when reinviting a legacy user" do + let(:personalisation) do + { + name: "new user", + email: "new_user@example.com", + organisation: other_user.organisation.name, + link: include("/account/confirmation?confirmation_token=#{other_user.confirmation_token}"), + } + end + + before do + other_user.update!(initial_confirmation_sent: true) + allow(user).to receive(:need_two_factor_authentication?).and_return(false) + sign_in(user) + visit(user_path(user.id)) + end + + it "sends beta onboarding email to be sent when user is legacy" do + visit(user_path(other_user)) + expect(notify_client).to receive(:send_email).with(email_address: "new_user@example.com", template_id: User::BETA_ONBOARDING_TEMPLATE_ID, personalisation:).once + click_button("Resend invite link") + end + end + end + context "when the user is a customer support person" do let(:support_user) { FactoryBot.create(:user, :support, last_sign_in_at: Time.zone.now) } let(:devise_notify_mailer) { DeviseNotifyMailer.new } diff --git a/spec/requests/users_controller_spec.rb b/spec/requests/users_controller_spec.rb index a97086bb2..ecba12933 100644 --- a/spec/requests/users_controller_spec.rb +++ b/spec/requests/users_controller_spec.rb @@ -96,6 +96,13 @@ RSpec.describe UsersController, type: :request do expect(response).to redirect_to("/account/sign-in") end end + + describe "#resend_invite" do + it "does not allow resending activation emails" do + get deactivate_user_path(user.id), headers: headers, params: {} + expect(response).to redirect_to(new_user_session_path) + end + end end context "when user is signed in as a data provider" do @@ -123,6 +130,10 @@ RSpec.describe UsersController, type: :request do expect(page).not_to have_link("Deactivate user", href: "/users/#{user.id}/deactivate") end + it "does not allow resending invitation emails" do + expect(page).not_to have_button("Resend invite link") + end + context "when user is deactivated" do before do user.update!(active: false) @@ -132,6 +143,10 @@ RSpec.describe UsersController, type: :request do it "does not allow reactivating the user" do expect(page).not_to have_link("Reactivate user", href: "/users/#{user.id}/reactivate") end + + it "does not allow resending invitation emails" do + expect(page).not_to have_link("Resend invite link") + end end end @@ -184,6 +199,10 @@ RSpec.describe UsersController, type: :request do it "does not allow reactivating the user" do expect(page).not_to have_link("Reactivate user", href: "/users/#{other_user.id}/reactivate") end + + it "does not allow resending invitation emails" do + expect(page).not_to have_button("Resend invite link") + end end end @@ -499,6 +518,10 @@ RSpec.describe UsersController, type: :request do it "does not allow reactivating the user" do expect(page).not_to have_link("Reactivate user", href: "/users/#{user.id}/reactivate") end + + it "does not allow resending invitation emails" do + expect(page).not_to have_button("Resend invite link") + end end end @@ -530,6 +553,10 @@ RSpec.describe UsersController, type: :request do expect(page).to have_link("Deactivate user", href: "/users/#{other_user.id}/deactivate") end + it "does not allow you to resend invitation emails" do + expect(page).not_to have_button("Resend invite link") + end + context "when user is deactivated" do before do other_user.update!(active: false) @@ -543,6 +570,10 @@ RSpec.describe UsersController, type: :request do it "allows reactivating the user" do expect(page).to have_link("Reactivate user", href: "/users/#{other_user.id}/reactivate") end + + it "does not allow you to resend invitation emails" do + expect(page).not_to have_button("Resend invite link") + end end end @@ -1177,6 +1208,10 @@ RSpec.describe UsersController, type: :request do expect(page).to have_link("Deactivate user", href: "/users/#{other_user.id}/deactivate") end + it "allows you to resend invitation emails" do + expect(page).to have_button("Resend invite link") + end + context "when user is deactivated" do before do other_user.update!(active: false)