* VRFS-311; reject users that try to set their email to the same email as it currently is

2013-05-12 22:27:12 -05:00 · 2013-05-12 22:27:12 -05:00 · 5f31daccd1
parent 2dfdf8463c
commit 5f31daccd1
4 changed files with 16 additions and 6 deletions
--- a/lib/jam_ruby/app/mailers/user_mailer.rb
+++ b/lib/jam_ruby/app/mailers/user_mailer.rb
@ -52,7 +52,7 @@ module JamRuby
    def updating_email(user)
      @user = user
      sendgrid_unique_args :type => "updating_email"
-      mail(:to => user.email, :subject => "Jamkazam Email Change Confirmation") do |format|
+      mail(:to => user.update_email, :subject => "Jamkazam Email Change Confirmation") do |format|
        format.text
        format.html
      end
--- a/lib/jam_ruby/constants/validation_messages.rb
+++ b/lib/jam_ruby/constants/validation_messages.rb
@ -30,7 +30,7 @@ module ValidationMessages
  # user
  OLD_PASSWORD_DOESNT_MATCH = "Your old password is incorrect."
  EMAIL_NOT_FOUND = "Email address not found."
-  NOT_YOUR_PASSWORD = "The password you entered is not your current password."
-  EMAIL_ALREADY_TAKEN = "This email is already taken."
-
+  NOT_YOUR_PASSWORD = "is not your current password"
+  EMAIL_ALREADY_TAKEN = "is already taken"
+  EMAIL_MATCHES_CURRENT = "is same as your current email"
 end
--- a/lib/jam_ruby/models/user.rb
+++ b/lib/jam_ruby/models/user.rb
@ -114,7 +114,7 @@ module JamRuby
    VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
    validates :email, presence: true, format: {with: VALID_EMAIL_REGEX},
              uniqueness: {case_sensitive: false}
-  validates :update_email, presence: true, format: {with: VALID_EMAIL_REGEX},
+    validates :update_email, presence: true, format: {with: VALID_EMAIL_REGEX},
            uniqueness: {case_sensitive: false}, :if => :updating_email
    validates_length_of :password, minimum: 6, maximum: 100, :if => :should_validate_password?

@ -138,7 +138,11 @@ module JamRuby
    end

    def check_update_email
-      errors.add(:update_email, ValidationMessages::EMAIL_ALREADY_TAKEN) if updating_email && User.find_by_email(self.update_email) != nil
+      if updating_email && self.update_email == self.email
+        errors.add(:update_email, ValidationMessages::EMAIL_MATCHES_CURRENT)
+      elsif updating_email && User.find_by_email(self.update_email) != nil
+        errors.add(:update_email, ValidationMessages::EMAIL_ALREADY_TAKEN)
+      end
    end

    def online
--- a/spec/jam_ruby/models/user_spec.rb
+++ b/spec/jam_ruby/models/user_spec.rb
@ -288,6 +288,12 @@ describe User do
        @user.errors[:password_validation][0].should == ValidationMessages::NOT_YOUR_PASSWORD
      end

+      it "matches current email" do
+        @user.begin_update_email(@user.email, "foobar", "http://www.jamkazam.com/confirm_email_update?token=")
+
+        @user.errors[:update_email][0].should == ValidationMessages::EMAIL_MATCHES_CURRENT
+      end
+
      it "existing email of another user" do
        another_user = FactoryGirl.create(:user)
        @user.begin_update_email(another_user.email, "foobar", "http://www.jamkazam.com/confirm_email_update?token=")