Chatwoot/spec/mailers/confirmation_instructions_spec.rb

# frozen_string_literal: true

require 'rails_helper'

RSpec.describe 'Confirmation Instructions', type: :mailer do
  describe :notify do
    let(:account) { create(:account) }
    let!(:confirmable_user) { create(:user, inviter: inviter_val, account: account) }
    let(:inviter_val) { nil }
    let(:mail) { Devise::Mailer.confirmation_instructions(confirmable_user.reload, nil, {}) }

    before do
      # to verify the token in email
      confirmable_user.send(:generate_confirmation_token)
    end

    it 'has the correct header data' do
      expect(mail.reply_to).to contain_exactly('accounts@chatwoot.com')
      expect(mail.to).to contain_exactly(confirmable_user.email)
      expect(mail.subject).to eq('Confirmation Instructions')
    end

    it 'uses the user\'s name' do
      expect(mail.body).to match("Welcome, #{CGI.escapeHTML(confirmable_user.name)}!")
    end

    it 'does not refer to the inviter and their account' do
      expect(mail.body).to_not match('has invited you to try out Chatwoot!')
    end

    it 'sends a confirmation link' do
      expect(mail.body).to include("app/auth/confirmation?confirmation_token=#{confirmable_user.confirmation_token}")
      expect(mail.body).not_to include('app/auth/password/edit')
    end

    context 'when there is an inviter' do
      let(:inviter_val) { create(:user, :administrator, skip_confirmation: true, account: account) }

      it 'refers to the inviter and their account' do
        expect(mail.body).to match(
          "#{CGI.escapeHTML(inviter_val.name)}, with #{CGI.escapeHTML(account.name)}, has invited you to try out Chatwoot!"
        )
      end

      it 'sends a password reset link' do
        expect(mail.body).to include('app/auth/password/edit?reset_password_token')
        expect(mail.body).not_to include('app/auth/confirmation')
      end
    end

    context 'when user updates the email' do
      before do
        confirmable_user.update!(email: 'user@example.com')
      end

      it 'sends a confirmation link' do
        confirmation_mail = Devise::Mailer.confirmation_instructions(confirmable_user.reload, nil, {})

        expect(confirmation_mail.body).to include('app/auth/confirmation?confirmation_token')
        expect(confirmation_mail.body).not_to include('app/auth/password/edit')
        expect(confirmable_user.unconfirmed_email.blank?).to be false
      end
    end
  end
end
Feature/update confirmation email information (#145) * Add `invited_by` foreign key to User Allows for a User to be tied to the user who invited them * Include `current_user` in new agent initialization parameters * Add `shoulda-matchers` for testing associations * Add Inviter information and associated account to welcome email * Only show inviter info if applicable * Update conversation spec for FFaker compatibility 2019-10-14 08:54:58 +00:00			`# frozen_string_literal: true`

🚨Fix Rubocop lint errors 2019-10-20 08:47:26 +00:00			`require 'rails_helper'`
Feature/update confirmation email information (#145) * Add `invited_by` foreign key to User Allows for a User to be tied to the user who invited them * Include `current_user` in new agent initialization parameters * Add `shoulda-matchers` for testing associations * Add Inviter information and associated account to welcome email * Only show inviter info if applicable * Update conversation spec for FFaker compatibility 2019-10-14 08:54:58 +00:00
			`RSpec.describe 'Confirmation Instructions', type: :mailer do`
			`describe :notify do`
Chore: Enable Users to create multiple accounts (#440) Addresses: #402 - migrations to split roles and other attributes from users table - make changes in code to accommodate this change Co-authored-by: Sojan Jose <sojan@pepalo.com> Co-authored-by: Pranav Raj Sreepuram <pranavrajs@gmail.com> 2020-03-07 06:48:16 +00:00			`let(:account) { create(:account) }`
Chore: Improve confirmation flow for agents (#3519) - Agents are redirected to the password reset page which confirms the agent as well as sets a new password. 2021-12-09 05:41:46 +00:00			`let!(:confirmable_user) { create(:user, inviter: inviter_val, account: account) }`
Feature/update confirmation email information (#145) * Add `invited_by` foreign key to User Allows for a User to be tied to the user who invited them * Include `current_user` in new agent initialization parameters * Add `shoulda-matchers` for testing associations * Add Inviter information and associated account to welcome email * Only show inviter info if applicable * Update conversation spec for FFaker compatibility 2019-10-14 08:54:58 +00:00			`let(:inviter_val) { nil }`
Chore: Improve confirmation flow for agents (#3519) - Agents are redirected to the password reset page which confirms the agent as well as sets a new password. 2021-12-09 05:41:46 +00:00			`let(:mail) { Devise::Mailer.confirmation_instructions(confirmable_user.reload, nil, {}) }`

			`before do`
			`# to verify the token in email`
			`confirmable_user.send(:generate_confirmation_token)`
			`end`
Feature/update confirmation email information (#145) * Add `invited_by` foreign key to User Allows for a User to be tied to the user who invited them * Include `current_user` in new agent initialization parameters * Add `shoulda-matchers` for testing associations * Add Inviter information and associated account to welcome email * Only show inviter info if applicable * Update conversation spec for FFaker compatibility 2019-10-14 08:54:58 +00:00
			`it 'has the correct header data' do`
			`expect(mail.reply_to).to contain_exactly('accounts@chatwoot.com')`
			`expect(mail.to).to contain_exactly(confirmable_user.email)`
			`expect(mail.subject).to eq('Confirmation Instructions')`
			`end`

			`it 'uses the user\'s name' do`
Chore: Ability to configure Mailer sender emails [#339] (#342) * Chore: Ability to configure Mailer sender emails [#339] fixes : #339 fixes : #330 * update the documentation 2019-12-03 17:24:08 +00:00			`expect(mail.body).to match("Welcome, #{CGI.escapeHTML(confirmable_user.name)}!")`
Feature/update confirmation email information (#145) * Add `invited_by` foreign key to User Allows for a User to be tied to the user who invited them * Include `current_user` in new agent initialization parameters * Add `shoulda-matchers` for testing associations * Add Inviter information and associated account to welcome email * Only show inviter info if applicable * Update conversation spec for FFaker compatibility 2019-10-14 08:54:58 +00:00			`end`

			`it 'does not refer to the inviter and their account' do`
			`expect(mail.body).to_not match('has invited you to try out Chatwoot!')`
			`end`

Chore: Improve confirmation flow for agents (#3519) - Agents are redirected to the password reset page which confirms the agent as well as sets a new password. 2021-12-09 05:41:46 +00:00			`it 'sends a confirmation link' do`
			`expect(mail.body).to include("app/auth/confirmation?confirmation_token=#{confirmable_user.confirmation_token}")`
			`expect(mail.body).not_to include('app/auth/password/edit')`
			`end`

Feature/update confirmation email information (#145) * Add `invited_by` foreign key to User Allows for a User to be tied to the user who invited them * Include `current_user` in new agent initialization parameters * Add `shoulda-matchers` for testing associations * Add Inviter information and associated account to welcome email * Only show inviter info if applicable * Update conversation spec for FFaker compatibility 2019-10-14 08:54:58 +00:00			`context 'when there is an inviter' do`
Chore: Enable Users to create multiple accounts (#440) Addresses: #402 - migrations to split roles and other attributes from users table - make changes in code to accommodate this change Co-authored-by: Sojan Jose <sojan@pepalo.com> Co-authored-by: Pranav Raj Sreepuram <pranavrajs@gmail.com> 2020-03-07 06:48:16 +00:00			`let(:inviter_val) { create(:user, :administrator, skip_confirmation: true, account: account) }`
Feature/update confirmation email information (#145) * Add `invited_by` foreign key to User Allows for a User to be tied to the user who invited them * Include `current_user` in new agent initialization parameters * Add `shoulda-matchers` for testing associations * Add Inviter information and associated account to welcome email * Only show inviter info if applicable * Update conversation spec for FFaker compatibility 2019-10-14 08:54:58 +00:00
			`it 'refers to the inviter and their account' do`
			`expect(mail.body).to match(`
chore: Fix emails being sent with the wrong translations (#2236) Co-authored-by: Pranav Raj S <pranav@chatwoot.com> 2021-06-08 17:15:01 +00:00			`"#{CGI.escapeHTML(inviter_val.name)}, with #{CGI.escapeHTML(account.name)}, has invited you to try out Chatwoot!"`
Feature/update confirmation email information (#145) * Add `invited_by` foreign key to User Allows for a User to be tied to the user who invited them * Include `current_user` in new agent initialization parameters * Add `shoulda-matchers` for testing associations * Add Inviter information and associated account to welcome email * Only show inviter info if applicable * Update conversation spec for FFaker compatibility 2019-10-14 08:54:58 +00:00			`)`
			`end`
Chore: Improve confirmation flow for agents (#3519) - Agents are redirected to the password reset page which confirms the agent as well as sets a new password. 2021-12-09 05:41:46 +00:00
			`it 'sends a password reset link' do`
			`expect(mail.body).to include('app/auth/password/edit?reset_password_token')`
			`expect(mail.body).not_to include('app/auth/confirmation')`
			`end`
Feature/update confirmation email information (#145) * Add `invited_by` foreign key to User Allows for a User to be tied to the user who invited them * Include `current_user` in new agent initialization parameters * Add `shoulda-matchers` for testing associations * Add Inviter information and associated account to welcome email * Only show inviter info if applicable * Update conversation spec for FFaker compatibility 2019-10-14 08:54:58 +00:00			`end`
chore: Fix user email re-confirmation flow (#3581) Users can change their email from profile settings. They will be logged out immediately. Users can log in again with the updated email without verifying the same. This is a security problem. So this change enforce the user to reconfirm the email after changing it. Users can log in with the updated email only after the confirmation. Fixes: https://huntr.dev/bounties/7afd04b4-232e-4907-8a3c-acf8bd4b5b22/ 2021-12-16 14:02:49 +00:00
			`context 'when user updates the email' do`
			`before do`
			`confirmable_user.update!(email: 'user@example.com')`
			`end`

			`it 'sends a confirmation link' do`
			`confirmation_mail = Devise::Mailer.confirmation_instructions(confirmable_user.reload, nil, {})`

			`expect(confirmation_mail.body).to include('app/auth/confirmation?confirmation_token')`
			`expect(confirmation_mail.body).not_to include('app/auth/password/edit')`
			`expect(confirmable_user.unconfirmed_email.blank?).to be false`
			`end`
			`end`
Feature/update confirmation email information (#145) * Add `invited_by` foreign key to User Allows for a User to be tied to the user who invited them * Include `current_user` in new agent initialization parameters * Add `shoulda-matchers` for testing associations * Add Inviter information and associated account to welcome email * Only show inviter info if applicable * Update conversation spec for FFaker compatibility 2019-10-14 08:54:58 +00:00			`end`
			`end`