From 5f31daccd174b9fbaa547ac1dd637e61497651b7 Mon Sep 17 00:00:00 2001
From: Seth Call <seth@jamkazam.com>
Date: Sun, 12 May 2013 22:27:12 -0500
Subject: [PATCH] * VRFS-311; reject users that try to set their email to the
 same email as it currently is

---
 lib/jam_ruby/app/mailers/user_mailer.rb       | 2 +-
 lib/jam_ruby/constants/validation_messages.rb | 6 +++---
 lib/jam_ruby/models/user.rb                   | 8 ++++++--
 spec/jam_ruby/models/user_spec.rb             | 6 ++++++
 4 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/lib/jam_ruby/app/mailers/user_mailer.rb b/lib/jam_ruby/app/mailers/user_mailer.rb
index 33f0c5d86..3da683b70 100644
--- a/lib/jam_ruby/app/mailers/user_mailer.rb
+++ b/lib/jam_ruby/app/mailers/user_mailer.rb
@@ -52,7 +52,7 @@ module JamRuby
     def updating_email(user)
       @user = user
       sendgrid_unique_args :type => "updating_email"
-      mail(:to => user.email, :subject => "Jamkazam Email Change Confirmation") do |format|
+      mail(:to => user.update_email, :subject => "Jamkazam Email Change Confirmation") do |format|
         format.text
         format.html
       end
diff --git a/lib/jam_ruby/constants/validation_messages.rb b/lib/jam_ruby/constants/validation_messages.rb
index 50ce01c63..2ecf986a7 100644
--- a/lib/jam_ruby/constants/validation_messages.rb
+++ b/lib/jam_ruby/constants/validation_messages.rb
@@ -30,7 +30,7 @@ module ValidationMessages
   # user
   OLD_PASSWORD_DOESNT_MATCH = "Your old password is incorrect."
   EMAIL_NOT_FOUND = "Email address not found."
-  NOT_YOUR_PASSWORD = "The password you entered is not your current password."
-  EMAIL_ALREADY_TAKEN = "This email is already taken."
-
+  NOT_YOUR_PASSWORD = "is not your current password"
+  EMAIL_ALREADY_TAKEN = "is already taken"
+  EMAIL_MATCHES_CURRENT = "is same as your current email"
 end
diff --git a/lib/jam_ruby/models/user.rb b/lib/jam_ruby/models/user.rb
index 007ecd212..7ac8f8b32 100644
--- a/lib/jam_ruby/models/user.rb
+++ b/lib/jam_ruby/models/user.rb
@@ -114,7 +114,7 @@ module JamRuby
     VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
     validates :email, presence: true, format: {with: VALID_EMAIL_REGEX},
               uniqueness: {case_sensitive: false}
-  validates :update_email, presence: true, format: {with: VALID_EMAIL_REGEX},
+    validates :update_email, presence: true, format: {with: VALID_EMAIL_REGEX},
             uniqueness: {case_sensitive: false}, :if => :updating_email
     validates_length_of :password, minimum: 6, maximum: 100, :if => :should_validate_password?
 
@@ -138,7 +138,11 @@ module JamRuby
     end
 
     def check_update_email
-      errors.add(:update_email, ValidationMessages::EMAIL_ALREADY_TAKEN) if updating_email && User.find_by_email(self.update_email) != nil
+      if updating_email && self.update_email == self.email
+        errors.add(:update_email, ValidationMessages::EMAIL_MATCHES_CURRENT)
+      elsif updating_email && User.find_by_email(self.update_email) != nil
+        errors.add(:update_email, ValidationMessages::EMAIL_ALREADY_TAKEN)
+      end
     end
 
     def online
diff --git a/spec/jam_ruby/models/user_spec.rb b/spec/jam_ruby/models/user_spec.rb
index b0082bfbe..aa8ea7d0e 100644
--- a/spec/jam_ruby/models/user_spec.rb
+++ b/spec/jam_ruby/models/user_spec.rb
@@ -288,6 +288,12 @@ describe User do
         @user.errors[:password_validation][0].should == ValidationMessages::NOT_YOUR_PASSWORD
       end
 
+      it "matches current email" do
+        @user.begin_update_email(@user.email, "foobar", "http://www.jamkazam.com/confirm_email_update?token=")
+
+        @user.errors[:update_email][0].should == ValidationMessages::EMAIL_MATCHES_CURRENT
+      end
+
       it "existing email of another user" do
         another_user = FactoryGirl.create(:user)
         @user.begin_update_email(another_user.email, "foobar", "http://www.jamkazam.com/confirm_email_update?token=")