Skip to content

Commit

Permalink
[TRELLO-2160] Implement update my email address
Browse files Browse the repository at this point in the history
  • Loading branch information
@charlescd
charlescd committed Jan 22, 2024
1 parent 4b99f70 commit 239827d
Show file tree
Hide file tree
Showing 7 changed files with 34 additions and 7 deletions.
8 changes: 6 additions & 2 deletions app/controllers/AccountController.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -158,10 +158,14 @@ class AccountController(
} yield NoContent
}

def updateEmailAddress(token: String) = SecuredAction.async(parse.json) { implicit request =>
def updateEmailAddress(token: String) = SecuredAction.async { implicit request =>
for {
updatedUser <- accessesOrchestrator.updateEmailAddress(request.identity, token)
} yield Ok(Json.toJson(updatedUser))
cookie <- authenticator.init(updatedUser.email) match {
case Right(value) => Future.successful(value)
case Left(error) => Future.failed(error)
}
} yield authenticator.embed(cookie, Ok(Json.toJson(updatedUser)))
}

def softDelete(id: UUID) =
Expand Down
16 changes: 12 additions & 4 deletions app/orchestrators/AccessesOrchestrator.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,12 @@ class AccessesOrchestrator(
emailedTo <- updateEmailToken.emailedTo.liftTo[Future](
ServerError(s"Email should be defined for access token $token")
)
_ <- user.userRole match {
case UserRole.DGAL | UserRole.DGCCRF =>
accessTokenRepository.validateEmail(updateEmailToken, user)
case UserRole.Admin | UserRole.Professionnel =>
accessTokenRepository.invalidateToken(updateEmailToken)
}
updatedUser <-
if (isSameUser) userOrchestrator.updateEmail(user, emailedTo)
else Future.failed(DifferentUserFromRequest(user.id, updateEmailToken.userId))
Expand All @@ -79,15 +85,17 @@ class AccessesOrchestrator(
_ <-
if (emailValidationFunction(newEmail.value)) Future.unit
else Future.failed(InvalidDGCCRFOrAdminEmail(List(newEmail)))
existingTokens <- accessTokenRepository.fetchPendingTokens(newEmail)
existingToken = existingTokens.find(_.kind == UpdateEmail)
existingTokens <- accessTokenRepository.fetchPendingTokens(user)
existingToken = existingTokens.headOption
token <-
existingToken match {
case Some(token) =>
logger.debug("reseting token validity")
logger.debug("reseting token validity and email")
accessTokenRepository.update(
token.id,
AccessToken.resetExpirationDate(token, tokenConfiguration.updateEmailAddress)
AccessToken
.resetExpirationDate(token, tokenConfiguration.updateEmailAddress)
.copy(emailedTo = Some(newEmail))
)
case None =>
logger.debug("creating token")
Expand Down
9 changes: 9 additions & 0 deletions app/repositories/accesstoken/AccessTokenRepository.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import models.token.TokenKind.CompanyFollowUp
import models.token.TokenKind.CompanyInit
import models.token.TokenKind.DGALAccount
import models.token.TokenKind.DGCCRFAccount
import models.token.TokenKind.UpdateEmail
import repositories.accesstoken.AccessTokenColumnType._
import repositories.company.CompanyTable
import repositories.companyaccess.CompanyAccessColumnType._
Expand Down Expand Up @@ -123,6 +124,14 @@ class AccessTokenRepository(
fetchCompanyValidTokens(company).delete
)

override def fetchPendingTokens(user: User): Future[List[AccessToken]] = db.run(
fetchValidTokens
.filter(_.userId === user.id)
.filter(_.kind === (UpdateEmail: TokenKind))
.to[List]
.result
)

override def fetchPendingTokens(emailedTo: EmailAddress): Future[List[AccessToken]] =
db.run(
table
Expand Down
2 changes: 2 additions & 0 deletions app/repositories/accesstoken/AccessTokenRepositoryInterface.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,8 @@ trait AccessTokenRepositoryInterface extends CRUDRepositoryInterface[AccessToken

def findValidToken(company: Company, token: String): Future[Option[AccessToken]]

def fetchPendingTokens(user: User): Future[List[AccessToken]]

def fetchPendingTokens(company: Company): Future[List[AccessToken]]

def removePendingTokens(company: Company): Future[Int]
Expand Down
2 changes: 1 addition & 1 deletion app/utils/FrontRoute.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ class FrontRoute(signalConsoConfiguration: SignalConsoConfiguration) {
def resetPassword(authToken: AuthToken) = url(s"/connexion/nouveau-mot-de-passe/${authToken.id}")
def activation = url("/activation")
def welcome = url("/")
def updateEmail(token: String) = url(s"/update-email/$token")
def updateEmail(token: String) = url(s"/parametres/update-email/$token")

object Admin {
def register(token: String) = url(s"/admin/rejoindre/?token=$token")
Expand Down
1 change: 1 addition & 0 deletions conf/common/app.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ app {
dgccrf-join-duration = "P60D"
dgccrf-delay-before-revalidation = "P90D"
dgccrf-revalidation-token-duration = "P7D"
update-email-address = "P2D"
}

mobile-app {
Expand Down
3 changes: 3 additions & 0 deletions conf/db/migration/default/V18__add_user_id_to_access_tokens.sql
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
ALTER TABLE access_tokens
ADD user_id UUID,
ADD CONSTRAINT fk_user_id FOREIGN KEY (user_id) REFERENCES users(id);

0 comments on commit 239827d

Please sign in to comment.