Remove account confirmation logic from Jobseekers

Confirmation of the account/new email/etc is managed by GovUK OneLogin.

app/controllers/jobseekers/accounts_controller.rb

@@ -1,8 +1,6 @@
 class Jobseekers::AccountsController < Jobseekers::BaseController
   def show; end
 
-  def confirmation; end
-
   def account_found; end
 
   def account_not_found; end

app/controllers/jobseekers/registrations_controller.rb

@@ -25,17 +25,6 @@ def check_your_email
     @resource = Jobseeker.find_by(id: session[:jobseeker_id])
   end
 
-  def resend_instructions
-    if session[:jobseeker_id].blank?
-      redirect_to new_jobseeker_confirmation_path
-    else
-      @resource = Jobseeker.find(session[:jobseeker_id])
-      @resource.send_confirmation_instructions
-      flash[:success] = t("jobseekers.registrations.check_your_email.resent_email_confirmation")
-      render :check_your_email
-    end
-  end
-
   protected
 
   def check_password_difference
@@ -81,8 +70,8 @@ def after_inactive_sign_up_path_for(resource)
     jobseekers_check_your_email_path
   end
 
-  def after_update_path_for(resource)
-    resource.pending_reconfirmation? && !password_update? ? jobseekers_check_your_email_path : jobseekers_account_path
+  def after_update_path_for(_resource)
+    jobseekers_account_path
   end
 
   def close_account_feedback_form_params

app/helpers/notify_views_helper.rb

@@ -12,11 +12,6 @@ def choose_organisation_link(token)
     notify_link(url)
   end
 
-  def email_confirmation_url(token)
-    url = jobseeker_confirmation_url(confirmation_token: token, **utm_params)
-    notify_link(url)
-  end
-
   def expired_vacancy_feedback_link(vacancy)
     url = new_organisation_job_expired_feedback_url(vacancy.signed_id)
     notify_link(url, I18n.t("publishers.expired_vacancy_feedback_prompt_mailer.feedback_link_text"))

app/mailers/jobseekers/devise_emails.rb

@@ -1,26 +1,4 @@
 module Jobseekers::DeviseEmails
-  def confirmation_instructions(record, token, _opts = {})
-    to = subject = nil
-
-    if !record.confirmed? && record.confirmation_sent_at < 12.hours.ago
-      to = record.unconfirmed_email
-      subject = t(".reminder.subject")
-      @confirmation_type = ".reminder"
-    elsif record.pending_reconfirmation?
-      to = record.unconfirmed_email
-      subject = t(".reconfirmation.subject")
-      @confirmation_type = ".reconfirmation"
-    end
-
-    send_email(
-      jobseeker: record,
-      subject: subject,
-      template: template,
-      to: to,
-      token: token,
-    )
-  end
-
   def email_changed(record, _opts = {})
     send_email(
       jobseeker: record,
@@ -52,11 +30,6 @@ def send_email(template:, jobseeker:, token: nil, to: nil, subject: nil)
   end
 
   def dfe_analytics_custom_data
-    case action_name
-    when "confirmation_instructions"
-      @jobseeker.pending_reconfirmation? ? { previous_email_identifier: DfE::Analytics.anonymise(@jobseeker.email) } : {}
-    else
-      {}
-    end
+    {}
   end
 end

app/models/jobseeker.rb

@@ -2,7 +2,6 @@ class Jobseeker < ApplicationRecord
   has_encrypted :last_sign_in_ip, :current_sign_in_ip
 
   devise(*%I[
-    confirmable
     database_authenticatable
     registerable
     timeoutable
@@ -30,10 +29,6 @@ def account_closed?
     !!account_closed_on
   end
 
-  def needs_email_confirmation?
-    !confirmed? || unconfirmed_email.present?
-  end
-
   def self.create_from_govuk_one_login(email:, govuk_one_login_id:)
     return unless email.present? && govuk_one_login_id.present?
 

config/locales/devise.en.yml

@@ -39,8 +39,6 @@ en:
       already_signed_out: Signed out successfully.
   errors:
     messages:
-      already_confirmed: was already confirmed, please try signing in
-      confirmation_period_expired: needs to be confirmed within %{period}, please request a new one
       expired: has expired, please request a new one
       not_found: not found
       not_saved:

config/locales/jobseekers.yml

@@ -63,19 +63,6 @@ en:
     account_survey:
       survey_link_text: Give feedback
       survey_text: Take our quick survey about your experience of using Teaching Vacancies
-    confirmations:
-      already_confirmed:
-        description: Your email address has already been confirmed.
-        title: Email already confirmed
-      new_with_email:
-        description: We need to email another link so you can activate your account.
-        title: Resend confirmation
-      new_hidden_email:
-        description: We need to email another link to %{email} so you can activate your account.
-        title: Link has expired
-      show:
-        confirm: Confirm
-        title: Confirm your email address
     employments:
       break: Gap in work history
       current_role: Is this your current role?
@@ -567,7 +554,6 @@ en:
         resend_link: resend the email
         restart_link: provide another email address
         title: Check your email
-        resent_email_confirmation: Email has been resent
       confirm_destroy:
         feedback_title: Tell us why you are closing your account
         page_title: Close account

config/routes.rb

@@ -57,7 +57,6 @@
   draw :legacy_redirects
 
   devise_for :jobseekers, controllers: {
-    confirmations: "jobseekers/confirmations",
     registrations: "jobseekers/registrations",
     sessions: "jobseekers/sessions",
   }, path_names: {
@@ -77,7 +76,6 @@
       get :check_your_email, to: "registrations#check_your_email", as: :check_your_email
       get :confirm_destroy, to: "registrations#confirm_destroy", as: :confirm_destroy_account
       get :resend_instructions, to: "registrations#resend_instructions", as: :resend_instructions
-      post :confirm_email_address, to: "confirmations#show"
     end
 
     resources :job_applications, only: %i[index show destroy] do
@@ -178,7 +176,6 @@
     resources :subscriptions, only: %i[index]
     resource :account, only: %i[show] do
       member do
-        get :confirmation
         get :account_found
         get :account_not_found
       end

spec/controllers/jobseekers/sessions_controller_spec.rb

@@ -10,9 +10,6 @@
     before do
       # Required to test Devise controller independently of routing
       @request.env["devise.mapping"] = Devise.mappings[:jobseeker]
-
-      jobseeker.confirm
-
       session.merge!(unrelated_session_contents)
     end
 

spec/mailers/jobseekers/account_mailer_spec.rb

@@ -31,44 +31,6 @@
     end
   end
 
-  describe "#confirmation_instructions" do
-    let(:mail) { described_class.confirmation_instructions(jobseeker, token) }
-    let(:notify_template) { NOTIFY_PRODUCTION_TEMPLATE }
-
-    context "when the jobseeker is not pending reconfirmation" do
-      before { jobseeker.confirm }
-
-      it "sends a `jobseeker_confirmation_instructions` email" do
-        expect(mail.subject).to eq(I18n.t("jobseekers.account_mailer.confirmation_instructions.subject"))
-        expect(mail.to).to eq([email])
-        expect(mail.body.encoded).to include(I18n.t("jobseekers.account_mailer.confirmation_instructions.body"))
-                                 .and include(jobseeker_confirmation_path(confirmation_token: token))
-      end
-
-      it "triggers a `jobseeker_confirmation_instructions` email event" do
-        mail.deliver_now
-        expect(:jobseeker_confirmation_instructions).to have_been_enqueued_as_analytics_events
-      end
-    end
-
-    context "when the jobseeker is being reminded to confirm" do
-      let(:email_address) { Faker::Internet.email(domain: TEST_EMAIL_DOMAIN) }
-      let(:jobseeker) { create(:jobseeker, email: email_address, confirmation_token: token, unconfirmed_email: email_address, confirmed_at: nil, confirmation_sent_at: 18.hours.ago) }
-
-      it "sends a `jobseeker_confirmation_instructions` email" do
-        expect(mail.subject).to eq(I18n.t("jobseekers.account_mailer.confirmation_instructions.reminder.subject"))
-        expect(mail.to).to eq([email_address])
-        expect(mail.body.encoded).to include(I18n.t("jobseekers.account_mailer.confirmation_instructions.body"))
-                                 .and include(jobseeker_confirmation_path(confirmation_token: token))
-      end
-
-      it "triggers a `jobseeker_confirmation_instructions` email event" do
-        mail.deliver_now
-        expect(:jobseeker_confirmation_instructions).to have_been_enqueued_as_analytics_events
-      end
-    end
-  end
-
   describe "#email_changed" do
     let(:mail) { described_class.email_changed(jobseeker) }
     let(:notify_template) { NOTIFY_PRODUCTION_TEMPLATE }

spec/models/jobseeker_spec.rb

@@ -12,43 +12,10 @@
     it "updates the email address of every subscription associated with their previous email address" do
       expect {
         jobseeker.update!(email: new_email_address)
-        jobseeker.confirm
       }.to change { subscription.reload.email }.to(new_email_address)
     end
   end
 
-  describe "#needs_email_confirmation?" do
-    subject(:jobseeker) { build_stubbed(:jobseeker) }
-
-    context "when the user is confirmed" do
-      before { jobseeker.confirmed_at = Time.current }
-
-      context "when the user does not have a new unconfirmed email address" do
-        before { jobseeker.unconfirmed_email = nil }
-        it { is_expected.not_to be_needs_email_confirmation }
-      end
-
-      context "when the user has a new unconfirmed email address" do
-        before { jobseeker.unconfirmed_email = "[email protected]" }
-        it { is_expected.to be_needs_email_confirmation }
-      end
-    end
-
-    context "when the user is not confirmed" do
-      before { jobseeker.confirmed_at = nil }
-
-      context "when the user does not have a new unconfirmed email address" do
-        before { jobseeker.unconfirmed_email = nil }
-        it { is_expected.to be_needs_email_confirmation }
-      end
-
-      context "when the user has a new unconfirmed email address" do
-        before { jobseeker.unconfirmed_email = "[email protected]" }
-        it { is_expected.to be_needs_email_confirmation }
-      end
-    end
-  end
-
   describe ".create_from_govuk_one_login" do
     let(:email) { "[email protected]" }
     let(:govuk_one_login_id) { "urn:fdc:gov.uk:2022:VtcZjnU4Sif2oyJZola3OkN0e3Jeku1cIMN38rFlhU4" }

spec/system/jobseekers/jobseekers_can_change_password_spec.rb

@@ -22,21 +22,4 @@
     expect(page).to have_content I18n.t("devise.passwords.updated")
     expect(current_path).to eq(jobseekers_account_path)
   end
-
-  context "when email is not pending reconfirmation" do
-    before { jobseeker.confirm }
-
-    it "changes the password and redirects to the account details page" do
-      click_on I18n.t("buttons.update_password")
-
-      expect(page).to have_content("There is a problem")
-
-      fill_in "jobseeker[current_password]", with: "password1234"
-      fill_in "jobseeker[password]", with: "4321newpass"
-      click_on I18n.t("buttons.update_password")
-
-      expect(page).to have_content I18n.t("devise.passwords.updated")
-      expect(current_path).to eq(jobseekers_account_path)
-    end
-  end
 end