From bc9519f365731718da0730d486a9a3472e5ba1ed Mon Sep 17 00:00:00 2001
From: Aaron Spencer <62190777+Airk0n@users.noreply.github.com>
Date: Fri, 16 Jun 2023 16:03:28 +0100
Subject: [PATCH] CLDC 2328: Resend invitation button (#1680)
* CDCL-2326: Init - button moved, button added
* CLDC-2328: Button cleanup, user controller endpoint created
* CLDC-2328: Tests added
* CLDC-2328: Tests added to user controller
* CLDC-2328: WIp Testing
* CLDC-2328: Testing of sent emails
* CLDC-2328: Button uses post instead of get, tests reflect this.
* CLDC-2328: Invite button only appears for support users.
* CLDC-2328: Email test refactor.
* CLDC-2328: Flash now shows email address, Button moved.
---
app/controllers/users_controller.rb | 6 ++
app/views/users/show.html.erb | 27 +++++----
config/routes.rb | 1 +
spec/features/user_spec.rb | 79 ++++++++++++++++++++++++++
spec/requests/users_controller_spec.rb | 35 ++++++++++++
5 files changed, 137 insertions(+), 11 deletions(-)
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 0c343b8c3..9e6491554 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -29,6 +29,12 @@ class UsersController < ApplicationController
end
end
+ def resend_invite
+ @user.send_confirmation_instructions
+ flash[:notice] = "Invitation sent to #{@user.email}"
+ render :show
+ end
+
def show; end
def dpo; end
diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb
index e6cb9fd3e..845e6ebba 100644
--- a/app/views/users/show.html.erb
+++ b/app/views/users/show.html.erb
@@ -5,17 +5,6 @@
<%= content_for(:title) %>
-
- <% if current_user.can_toggle_active?(@user) %>
- <% if @user.active? %>
- <%= govuk_link_to "Deactivate user", "/users/#{@user.id}/deactivate" %>
- <% else %>
-
- This user has been deactivated. <%= govuk_link_to "Reactivate user", "/users/#{@user.id}/reactivate" %>
-
- <% end %>
- <% end %>
-
Personal details
@@ -103,5 +92,21 @@
end
end %>
<% end %>
+
+
+ <% if current_user.can_toggle_active?(@user) %>
+ <% if @user.active? %>
+ <%= govuk_button_link_to "Deactivate user", deactivate_user_path(@user), warning: true %>
+ <% if current_user.support? %>
+ <%= govuk_button_to "Resend invite link", resend_invite_user_path(@user), secondary: true %>
+ <% end %>
+ <% else %>
+
+ This user has been deactivated. <%= govuk_button_link_to "Reactivate user", reactivate_user_path(@user) %>
+
+ <% end %>
+ <% end %>
+
+
diff --git a/config/routes.rb b/config/routes.rb
index fa0cb598e..8b61f1ece 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -110,6 +110,7 @@ Rails.application.routes.draw do
member do
get "deactivate", to: "users#deactivate"
get "reactivate", to: "users#reactivate"
+ post "resend-invite", to: "users#resend_invite"
end
end
diff --git a/spec/features/user_spec.rb b/spec/features/user_spec.rb
index 0c7f6c2c6..d4e1a6052 100644
--- a/spec/features/user_spec.rb
+++ b/spec/features/user_spec.rb
@@ -454,6 +454,85 @@ RSpec.describe "User Features" do
end
end
+ context "when signed in as support" do
+ let!(:user) { FactoryBot.create(:user, :support) }
+ let!(:other_user) { FactoryBot.create(:user, name: "new user", organisation: user.organisation, email: "new_user@example.com", confirmation_token: "abc") }
+
+ context "when reinviting a user before initial confirmation email has been sent" do
+ let(:personalisation) do
+ {
+ name: "new user",
+ email: "new_user@example.com",
+ organisation: other_user.organisation.name,
+ link: include("/account/confirmation?confirmation_token=#{other_user.confirmation_token}"),
+ }
+ end
+
+ before do
+ other_user.update!(initial_confirmation_sent: false)
+ allow(user).to receive(:need_two_factor_authentication?).and_return(false)
+ sign_in(user)
+ visit(user_path(user.id))
+ end
+
+ it "sends initial confirmable template email when the resend invite link is clicked" do
+ other_user.legacy_users.destroy_all
+ visit(user_path(other_user))
+ expect(notify_client).to receive(:send_email).with(email_address: "new_user@example.com", template_id: User::CONFIRMABLE_TEMPLATE_ID, personalisation:).once
+ click_button("Resend invite link")
+ end
+ end
+
+ context "when reinviting a user after initial confirmation email has been sent" do
+ let(:personalisation) do
+ {
+ name: "new user",
+ email: "new_user@example.com",
+ organisation: other_user.organisation.name,
+ link: include("/account/confirmation?confirmation_token=#{other_user.confirmation_token}"),
+ }
+ end
+
+ before do
+ other_user.update!(initial_confirmation_sent: true)
+ allow(user).to receive(:need_two_factor_authentication?).and_return(false)
+ sign_in(user)
+ visit(user_path(user.id))
+ end
+
+ it "sends and email when the resend invite link is clicked" do
+ other_user.legacy_users.destroy_all
+ visit(user_path(other_user))
+ expect(notify_client).to receive(:send_email).with(email_address: "new_user@example.com", template_id: User::RECONFIRMABLE_TEMPLATE_ID, personalisation:).once
+ click_button("Resend invite link")
+ end
+ end
+
+ context "when reinviting a legacy user" do
+ let(:personalisation) do
+ {
+ name: "new user",
+ email: "new_user@example.com",
+ organisation: other_user.organisation.name,
+ link: include("/account/confirmation?confirmation_token=#{other_user.confirmation_token}"),
+ }
+ end
+
+ before do
+ other_user.update!(initial_confirmation_sent: true)
+ allow(user).to receive(:need_two_factor_authentication?).and_return(false)
+ sign_in(user)
+ visit(user_path(user.id))
+ end
+
+ it "sends beta onboarding email to be sent when user is legacy" do
+ visit(user_path(other_user))
+ expect(notify_client).to receive(:send_email).with(email_address: "new_user@example.com", template_id: User::BETA_ONBOARDING_TEMPLATE_ID, personalisation:).once
+ click_button("Resend invite link")
+ end
+ end
+ end
+
context "when the user is a customer support person" do
let(:support_user) { FactoryBot.create(:user, :support, last_sign_in_at: Time.zone.now) }
let(:devise_notify_mailer) { DeviseNotifyMailer.new }
diff --git a/spec/requests/users_controller_spec.rb b/spec/requests/users_controller_spec.rb
index a97086bb2..ecba12933 100644
--- a/spec/requests/users_controller_spec.rb
+++ b/spec/requests/users_controller_spec.rb
@@ -96,6 +96,13 @@ RSpec.describe UsersController, type: :request do
expect(response).to redirect_to("/account/sign-in")
end
end
+
+ describe "#resend_invite" do
+ it "does not allow resending activation emails" do
+ get deactivate_user_path(user.id), headers: headers, params: {}
+ expect(response).to redirect_to(new_user_session_path)
+ end
+ end
end
context "when user is signed in as a data provider" do
@@ -123,6 +130,10 @@ RSpec.describe UsersController, type: :request do
expect(page).not_to have_link("Deactivate user", href: "/users/#{user.id}/deactivate")
end
+ it "does not allow resending invitation emails" do
+ expect(page).not_to have_button("Resend invite link")
+ end
+
context "when user is deactivated" do
before do
user.update!(active: false)
@@ -132,6 +143,10 @@ RSpec.describe UsersController, type: :request do
it "does not allow reactivating the user" do
expect(page).not_to have_link("Reactivate user", href: "/users/#{user.id}/reactivate")
end
+
+ it "does not allow resending invitation emails" do
+ expect(page).not_to have_link("Resend invite link")
+ end
end
end
@@ -184,6 +199,10 @@ RSpec.describe UsersController, type: :request do
it "does not allow reactivating the user" do
expect(page).not_to have_link("Reactivate user", href: "/users/#{other_user.id}/reactivate")
end
+
+ it "does not allow resending invitation emails" do
+ expect(page).not_to have_button("Resend invite link")
+ end
end
end
@@ -499,6 +518,10 @@ RSpec.describe UsersController, type: :request do
it "does not allow reactivating the user" do
expect(page).not_to have_link("Reactivate user", href: "/users/#{user.id}/reactivate")
end
+
+ it "does not allow resending invitation emails" do
+ expect(page).not_to have_button("Resend invite link")
+ end
end
end
@@ -530,6 +553,10 @@ RSpec.describe UsersController, type: :request do
expect(page).to have_link("Deactivate user", href: "/users/#{other_user.id}/deactivate")
end
+ it "does not allow you to resend invitation emails" do
+ expect(page).not_to have_button("Resend invite link")
+ end
+
context "when user is deactivated" do
before do
other_user.update!(active: false)
@@ -543,6 +570,10 @@ RSpec.describe UsersController, type: :request do
it "allows reactivating the user" do
expect(page).to have_link("Reactivate user", href: "/users/#{other_user.id}/reactivate")
end
+
+ it "does not allow you to resend invitation emails" do
+ expect(page).not_to have_button("Resend invite link")
+ end
end
end
@@ -1177,6 +1208,10 @@ RSpec.describe UsersController, type: :request do
expect(page).to have_link("Deactivate user", href: "/users/#{other_user.id}/deactivate")
end
+ it "allows you to resend invitation emails" do
+ expect(page).to have_button("Resend invite link")
+ end
+
context "when user is deactivated" do
before do
other_user.update!(active: false)