]> git.openstreetmap.org Git - rails.git/commitdiff
projects / rails.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2b4096e)
Rename verified_email to email_hmac parameter in /users/new
authorMilan Cvetkovic <mcvetkovic@microsoft.com>
Mon, 22 Apr 2024 08:42:01 +0000 (08:42 +0000)
committerMilan Cvetkovic <mcvetkovic@microsoft.com>
Mon, 29 Apr 2024 11:32:54 +0000 (11:32 +0000)
app/controllers/users_controller.rb patch | blob | history
app/views/users/new.html.erb patch | blob | history
test/integration/user_creation_test.rb patch | blob | history

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index e022ff0c14915322faf0e7045d38ed803a0c34f8..3156497a441fabdca0d2dba62d04846bc01046fe 100644 (file)
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -71,7 +71,7 @@ class UsersController < ApplicationController
       # page, instead send them to the home page
       redirect_to @referer || { :controller => "site", :action => "index" }
     elsif params.key?(:auth_provider) && params.key?(:auth_uid)
-      @verified_email = params[:verified_email]
+      @email_hmac = params[:email_hmac]
 
       self.current_user = User.new(:email => params[:email],
                                    :display_name => params[:nickname],
@@ -109,7 +109,7 @@ class UsersController < ApplicationController
         render :action => "new"
       else
         # Save the user record
-        save_new_user params[:verified_email]
+        save_new_user params[:email_hmac]
       end
     end
   end
@@ -243,8 +243,8 @@ class UsersController < ApplicationController
           failed_login t("sessions.new.auth failure")
         end
       else
-        verified_email = UsersController.message_hmac(email) if email_verified && email
-        redirect_to :action => "new", :nickname => name, :email => email, :verified_email => verified_email,
+        email_hmac = UsersController.message_hmac(email) if email_verified && email
+        redirect_to :action => "new", :nickname => name, :email => email, :email_hmac => email_hmac,
                     :auth_provider => provider, :auth_uid => uid
       end
     end
@@ -262,7 +262,7 @@ class UsersController < ApplicationController
 
   def self.message_hmac(text)
     sha256 = Digest::SHA256.new
-    sha256 << Rails.application.key_generator.generate_key("openstreetmap/verified_email")
+    sha256 << Rails.application.key_generator.generate_key("openstreetmap/email_address")
     sha256 << text
     Base64.urlsafe_encode64(sha256.digest)
   end
diff --git a/app/views/users/new.html.erb b/app/views/users/new.html.erb
index 6e9c915240bd34d64ba299d677d7cb9085dadedf..bf96c4577fe5ecceac067c553b38cb65c53bccb5 100644 (file)
--- a/app/views/users/new.html.erb
+++ b/app/views/users/new.html.erb
@@ -43,11 +43,11 @@
 
   <%= bootstrap_form_for current_user, :url => { :action => "create" } do |f| %>
     <%= hidden_field_tag("referer", h(@referer)) unless @referer.nil? %>
-    <%= hidden_field_tag("verified_email", h(@verified_email)) unless @verified_email.nil? %>
+    <%= hidden_field_tag("email_hmac", h(@email_hmac)) unless @email_hmac.nil? %>
     <%= f.hidden_field :auth_provider unless current_user.auth_provider.nil? %>
     <%= f.hidden_field :auth_uid unless current_user.auth_uid.nil? %>
 
-    <% if current_user.auth_uid.nil? or @verified_email.nil? or not current_user.errors[:email].empty? %>
+    <% if current_user.auth_uid.nil? or @email_hmac.nil? or not current_user.errors[:email].empty? %>
       <%= f.email_field :email, :help => t(".email_help_html",
                                            :privacy_policy_link => link_to(t(".privacy_policy"),
                                                                            t(".privacy_policy_url"),
diff --git a/test/integration/user_creation_test.rb b/test/integration/user_creation_test.rb
index beb05a98a372341b514c4bfdb21e3e7e55d2eb06..59eb9ae30853cedb502d98cf65a81e1e15094bfe 100644 (file)
--- a/test/integration/user_creation_test.rb
+++ b/test/integration/user_creation_test.rb
@@ -366,7 +366,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
   def test_user_create_google_success
     new_email = "newtester-google@osm.org"
-    verified_email = UsersController.message_hmac(new_email)
+    email_hmac = UsersController.message_hmac(new_email)
     display_name = "new_tester-google"
     auth_uid = "123454321"
 
@@ -382,7 +382,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
           assert_redirected_to auth_success_path(:provider => "google")
           follow_redirect!
           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
-                               :email => new_email, :verified_email => verified_email,
+                               :email => new_email, :email_hmac => email_hmac,
                                :auth_provider => "google", :auth_uid => auth_uid
           follow_redirect!
 
@@ -392,7 +392,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                                        :auth_provider => "google",
                                        :auth_uid => auth_uid,
                                        :consider_pd => "1" },
-                            :verified_email => verified_email }
+                            :email_hmac => email_hmac }
           assert_redirected_to welcome_path
           follow_redirect!
         end
@@ -420,7 +420,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     assert_redirected_to auth_success_path(:provider => "google")
     follow_redirect!
     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
-                         :verified_email => UsersController.message_hmac(dup_user.email),
+                         :email_hmac => UsersController.message_hmac(dup_user.email),
                          :auth_provider => "google", :auth_uid => auth_uid
     follow_redirect!
 
@@ -452,7 +452,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
   def test_user_create_google_redirect
     orig_email = "redirect_tester_google_orig@google.com"
-    verified_email = UsersController.message_hmac(orig_email)
+    email_hmac = UsersController.message_hmac(orig_email)
     new_email =  "redirect_tester_google@osm.org"
     display_name = "redirect_tester_google"
     auth_uid = "123454321"
@@ -469,12 +469,12 @@ class UserCreationTest < ActionDispatch::IntegrationTest
           assert_redirected_to auth_success_path(:provider => "google")
           follow_redirect!
           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
-                               :email => orig_email, :verified_email => verified_email,
+                               :email => orig_email, :email_hmac => email_hmac,
                                :auth_provider => "google", :auth_uid => auth_uid
           follow_redirect!
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :verified_email => verified_email,
+                                       :email_hmac => email_hmac,
                                        :display_name => display_name,
                                        :auth_provider => "google",
                                        :auth_uid => auth_uid,
@@ -516,7 +516,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
   def test_user_create_facebook_success
     new_email = "newtester-facebook@osm.org"
-    verified_email = UsersController.message_hmac(new_email)
+    email_hmac = UsersController.message_hmac(new_email)
     display_name = "new_tester-facebook"
     auth_uid = "123454321"
 
@@ -531,7 +531,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
           assert_redirected_to auth_success_path(:provider => "facebook")
           follow_redirect!
           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
-                               :email => new_email, :verified_email => verified_email,
+                               :email => new_email, :email_hmac => email_hmac,
                                :auth_provider => "facebook", :auth_uid => auth_uid
           follow_redirect!
 
@@ -541,7 +541,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                                        :auth_provider => "facebook",
                                        :auth_uid => auth_uid,
                                        :consider_pd => "1" },
-                            :verified_email => verified_email }
+                            :email_hmac => email_hmac }
           assert_redirected_to welcome_path
           follow_redirect!
         end
@@ -568,7 +568,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     assert_redirected_to auth_success_path(:provider => "facebook")
     follow_redirect!
     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
-                         :verified_email => UsersController.message_hmac(dup_user.email),
+                         :email_hmac => UsersController.message_hmac(dup_user.email),
                          :auth_provider => "facebook", :auth_uid => auth_uid
     follow_redirect!
 
@@ -600,7 +600,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
   def test_user_create_facebook_redirect
     orig_email = "redirect_tester_facebook_orig@osm.org"
-    verified_email = UsersController.message_hmac(orig_email)
+    email_hmac = UsersController.message_hmac(orig_email)
     new_email = "redirect_tester_facebook@osm.org"
     display_name = "redirect_tester_facebook"
     auth_uid = "123454321"
@@ -617,13 +617,13 @@ class UserCreationTest < ActionDispatch::IntegrationTest
           assert_redirected_to auth_success_path(:provider => "facebook")
           follow_redirect!
           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
-                               :email => orig_email, :verified_email => verified_email,
+                               :email => orig_email, :email_hmac => email_hmac,
                                :auth_provider => "facebook", :auth_uid => auth_uid
           follow_redirect!
 
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :verified_email => verified_email,
+                                       :email_hmac => email_hmac,
                                        :display_name => display_name,
                                        :auth_provider => "facebook",
                                        :auth_uid => auth_uid,
@@ -665,7 +665,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
   def test_user_create_microsoft_success
     new_email = "newtester-microsoft@osm.org"
-    verified_email = UsersController.message_hmac(new_email)
+    email_hmac = UsersController.message_hmac(new_email)
     display_name = "new_tester-microsoft"
     auth_uid = "123454321"
 
@@ -680,7 +680,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
           assert_redirected_to auth_success_path(:provider => "microsoft")
           follow_redirect!
           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
-                               :email => new_email, :verified_email => verified_email,
+                               :email => new_email, :email_hmac => email_hmac,
                                :auth_provider => "microsoft", :auth_uid => auth_uid
           follow_redirect!
           post "/user/new",
@@ -689,7 +689,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                                        :auth_provider => "microsoft",
                                        :auth_uid => auth_uid,
                                        :consider_pd => "1" },
-                            :verified_email => verified_email }
+                            :email_hmac => email_hmac }
           assert_redirected_to welcome_path
           follow_redirect!
         end
@@ -716,7 +716,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     assert_redirected_to auth_success_path(:provider => "microsoft")
     follow_redirect!
     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
-                         :verified_email => UsersController.message_hmac(dup_user.email),
+                         :email_hmac => UsersController.message_hmac(dup_user.email),
                          :auth_provider => "microsoft", :auth_uid => auth_uid
     follow_redirect!
 
@@ -748,7 +748,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
   def test_user_create_microsoft_redirect
     orig_email = "redirect_tester_microsoft_orig@osm.org"
-    verified_email = UsersController.message_hmac(orig_email)
+    email_hmac = UsersController.message_hmac(orig_email)
     new_email = "redirect_tester_microsoft@osm.org"
     display_name = "redirect_tester_microsoft"
     auth_uid = "123454321"
@@ -764,13 +764,13 @@ class UserCreationTest < ActionDispatch::IntegrationTest
           assert_redirected_to auth_success_path(:provider => "microsoft")
           follow_redirect!
           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
-                               :email => orig_email, :verified_email => verified_email,
+                               :email => orig_email, :email_hmac => email_hmac,
                                :auth_provider => "microsoft", :auth_uid => auth_uid
           follow_redirect!
 
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :verified_email => verified_email,
+                                       :email_hmac => email_hmac,
                                        :display_name => display_name,
                                        :auth_provider => "microsoft",
                                        :auth_uid => auth_uid,
@@ -812,7 +812,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
   def test_user_create_github_success
     new_email = "newtester-github@osm.org"
-    verified_email = UsersController.message_hmac(new_email)
+    email_hmac = UsersController.message_hmac(new_email)
     display_name = "new_tester-github"
     password = "testtest"
     auth_uid = "123454321"
@@ -828,7 +828,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
           assert_redirected_to auth_success_path(:provider => "github")
           follow_redirect!
           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
-                               :email => new_email, :verified_email => verified_email,
+                               :email => new_email, :email_hmac => email_hmac,
                                :auth_provider => "github", :auth_uid => auth_uid
           follow_redirect!
 
@@ -841,7 +841,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                                        :pass_crypt_confirmation => password },
                             :read_ct => 1,
                             :read_tou => 1,
-                            :verified_email => verified_email }
+                            :email_hmac => email_hmac }
           assert_redirected_to welcome_path
           follow_redirect!
         end
@@ -869,7 +869,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     assert_redirected_to auth_success_path(:provider => "github")
     follow_redirect!
     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
-                         :email => dup_user.email, :verified_email => UsersController.message_hmac(dup_user.email),
+                         :email => dup_user.email, :email_hmac => UsersController.message_hmac(dup_user.email),
                          :auth_provider => "github", :auth_uid => auth_uid
     follow_redirect!
 
@@ -900,7 +900,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
   def test_user_create_github_redirect
     orig_email = "redirect_tester_github_orig@osm.org"
-    verified_email = UsersController.message_hmac(orig_email)
+    email_hmac = UsersController.message_hmac(orig_email)
     new_email = "redirect_tester_github@osm.org"
     display_name = "redirect_tester_github"
     auth_uid = "123454321"
@@ -916,12 +916,12 @@ class UserCreationTest < ActionDispatch::IntegrationTest
           assert_redirected_to auth_success_path(:provider => "github")
           follow_redirect!
           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
-                               :email => orig_email, :verified_email => verified_email,
+                               :email => orig_email, :email_hmac => email_hmac,
                                :auth_provider => "github", :auth_uid => auth_uid
           follow_redirect!
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :verified_email => verified_email,
+                                       :email_hmac => email_hmac,
                                        :display_name => display_name,
                                        :auth_provider => "github",
                                        :auth_uid => auth_uid,
@@ -963,7 +963,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
   def test_user_create_wikipedia_success
     new_email = "newtester-wikipedia@osm.org"
-    verified_email = UsersController.message_hmac(new_email)
+    email_hmac = UsersController.message_hmac(new_email)
     display_name = "new_tester-wikipedia"
     password = "testtest"
     auth_uid = "123454321"
@@ -979,7 +979,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
           follow_redirect!
           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
-                               :email => new_email, :verified_email => verified_email,
+                               :email => new_email, :email_hmac => email_hmac,
                                :auth_provider => "wikipedia", :auth_uid => auth_uid
           follow_redirect!
           post "/user/new",
@@ -991,7 +991,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                                        :pass_crypt_confirmation => password },
                             :read_ct => 1,
                             :read_tou => 1,
-                            :verified_email => verified_email }
+                            :email_hmac => email_hmac }
           assert_redirected_to welcome_path
           follow_redirect!
         end
@@ -1016,7 +1016,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
     follow_redirect!
     assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
-                         :email => dup_user.email, :verified_email => UsersController.message_hmac(dup_user.email),
+                         :email => dup_user.email, :email_hmac => UsersController.message_hmac(dup_user.email),
                          :auth_provider => "wikipedia", :auth_uid => auth_uid
     follow_redirect!
 
@@ -1048,7 +1048,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
   def test_user_create_wikipedia_redirect
     orig_email = "redirect_tester_wikipedia_orig@osm.org"
-    verified_email = UsersController.message_hmac(orig_email)
+    email_hmac = UsersController.message_hmac(orig_email)
     new_email = "redirect_tester_wikipedia@osm.org"
     display_name = "redirect_tester_wikipedia"
     auth_uid = "123454321"
@@ -1065,13 +1065,13 @@ class UserCreationTest < ActionDispatch::IntegrationTest
           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
           follow_redirect!
           assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
-                               :email => orig_email, :verified_email => verified_email,
+                               :email => orig_email, :email_hmac => email_hmac,
                                :auth_provider => "wikipedia", :auth_uid => auth_uid
           follow_redirect!
 
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :verified_email => verified_email,
+                                       :email_hmac => email_hmac,
                                        :display_name => display_name,
                                        :auth_provider => "wikipedia",
                                        :auth_uid => auth_uid,
The OpenStreetMap web site