Display account connection link
This commit is contained in:
parent
77fa9fe048
commit
28ff44357d
7 changed files with 75 additions and 5 deletions
|
@ -11,6 +11,7 @@ class Staffs::People::AccountConnectionLinksController < ApplicationController
|
||||||
# POST /staff/people/:person_id/account_connection_link
|
# POST /staff/people/:person_id/account_connection_link
|
||||||
def create
|
def create
|
||||||
authorize [:staff, @person, AccountConnectionLink.new(@person)]
|
authorize [:staff, @person, AccountConnectionLink.new(@person)]
|
||||||
|
@person.update! account_connection_token: SecureRandom.alphanumeric(32)
|
||||||
end
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
|
@ -10,4 +10,8 @@ module PeopleHelper
|
||||||
person.full_name
|
person.full_name
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def person_account_connection_link(person)
|
||||||
|
new_account_connection_link_url token: person.account_connection_token
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -3,6 +3,8 @@
|
||||||
class Person < ApplicationRecord
|
class Person < ApplicationRecord
|
||||||
include Nameable
|
include Nameable
|
||||||
|
|
||||||
|
ACCOUNT_CONNECTION_TOKEN_RE = /\A\w+\z/.freeze
|
||||||
|
|
||||||
################
|
################
|
||||||
# Associations #
|
# Associations #
|
||||||
################
|
################
|
||||||
|
@ -35,6 +37,12 @@ class Person < ApplicationRecord
|
||||||
|
|
||||||
validates :photo, allow_nil: true, image: true
|
validates :photo, allow_nil: true, image: true
|
||||||
|
|
||||||
|
validates :account_connection_token,
|
||||||
|
allow_nil: true,
|
||||||
|
allow_blank: false,
|
||||||
|
length: { is: 32 },
|
||||||
|
format: { with: ACCOUNT_CONNECTION_TOKEN_RE }
|
||||||
|
|
||||||
###########
|
###########
|
||||||
# Methods #
|
# Methods #
|
||||||
###########
|
###########
|
||||||
|
|
|
@ -10,5 +10,12 @@
|
||||||
<p class="lead">
|
<p class="lead">
|
||||||
<%= translate '.description' %>
|
<%= translate '.description' %>
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
class="form-control"
|
||||||
|
readonly="readonly"
|
||||||
|
value="<%= person_account_connection_link @person %>"
|
||||||
|
>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -30,6 +30,8 @@ Rails.application.routes.draw do
|
||||||
# Account routes #
|
# Account routes #
|
||||||
##################
|
##################
|
||||||
|
|
||||||
|
resource :account_connection_link, only: :new
|
||||||
|
|
||||||
namespace :settings do
|
namespace :settings do
|
||||||
resource :profile, only: %i[edit update]
|
resource :profile, only: %i[edit update]
|
||||||
end
|
end
|
||||||
|
|
|
@ -12,7 +12,31 @@ RSpec.describe Person do
|
||||||
end
|
end
|
||||||
|
|
||||||
describe '#account_connection_token' do
|
describe '#account_connection_token' do
|
||||||
|
def allow_value(*)
|
||||||
|
super.for :account_connection_token
|
||||||
|
end
|
||||||
|
|
||||||
it { is_expected.not_to validate_presence_of :account_connection_token }
|
it { is_expected.not_to validate_presence_of :account_connection_token }
|
||||||
|
|
||||||
|
it do
|
||||||
|
is_expected.to \
|
||||||
|
validate_length_of(:account_connection_token).is_equal_to(32)
|
||||||
|
end
|
||||||
|
|
||||||
|
it { is_expected.to allow_value nil }
|
||||||
|
it { is_expected.to allow_value SecureRandom.alphanumeric(32) }
|
||||||
|
it { is_expected.to allow_value '_' * 32 }
|
||||||
|
|
||||||
|
it { is_expected.not_to allow_value '' }
|
||||||
|
it { is_expected.not_to allow_value 'q' }
|
||||||
|
it { is_expected.not_to allow_value SecureRandom.alphanumeric(31) }
|
||||||
|
it { is_expected.not_to allow_value SecureRandom.alphanumeric(33) }
|
||||||
|
|
||||||
|
%w[
|
||||||
|
~ ` ! @ # $ % ^ & * ( ) - = + [ { ] } \ | ; : ' " , < . > / ?
|
||||||
|
].each do |char|
|
||||||
|
it { is_expected.not_to allow_value char * 32 }
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe '#contact_list' do
|
describe '#contact_list' do
|
||||||
|
|
|
@ -7,29 +7,53 @@ RSpec.describe 'GET /staff/people/:person_id/account_connection_link' do
|
||||||
|
|
||||||
let(:current_account) { create :superuser_account }
|
let(:current_account) { create :superuser_account }
|
||||||
|
|
||||||
before do
|
def make_request
|
||||||
sign_in current_account.user if current_account&.user
|
|
||||||
|
|
||||||
post "/staff/people/#{person.to_param}/account_connection_link"
|
post "/staff/people/#{person.to_param}/account_connection_link"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
before do
|
||||||
|
sign_in current_account.user if current_account&.user
|
||||||
|
end
|
||||||
|
|
||||||
for_account_types nil, :usual do
|
for_account_types nil, :usual do
|
||||||
|
before { make_request }
|
||||||
|
|
||||||
specify do
|
specify do
|
||||||
expect(response).to have_http_status :forbidden
|
expect(response).to have_http_status :forbidden
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
for_account_types :superuser do
|
for_account_types :superuser do
|
||||||
|
specify do
|
||||||
|
expect { make_request }.to(
|
||||||
|
change { person.reload.account_connection_token },
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'after request' do
|
||||||
|
before { make_request }
|
||||||
|
|
||||||
specify do
|
specify do
|
||||||
expect(response).to have_http_status :ok
|
expect(response).to have_http_status :ok
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
end
|
||||||
|
|
||||||
context 'when person already has account' do
|
context 'when person already has account' do
|
||||||
let(:person) { create(:personal_account).person }
|
let(:person) { create(:personal_account).person }
|
||||||
|
|
||||||
|
specify do
|
||||||
|
expect { make_request }.not_to(
|
||||||
|
change { person.reload.account_connection_token },
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'after request' do
|
||||||
|
before { make_request }
|
||||||
|
|
||||||
specify do
|
specify do
|
||||||
expect(response).to have_http_status :forbidden
|
expect(response).to have_http_status :forbidden
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
end
|
||||||
|
|
Reference in a new issue