diff options
| author | Struan Donald <struan@exo.org.uk> | 2011-05-20 17:17:12 +0100 |
|---|---|---|
| committer | Struan Donald <struan@exo.org.uk> | 2011-05-20 17:17:12 +0100 |
| commit | fb2eae201d01d285ac2b21fd32c2ff35a6f7aae5 (patch) | |
| tree | cefb7e30efa1fe1752244b197cd5567b5eb25d40 | |
| parent | 285b42fd8e8a5f4099c8163ee4a7c89813111c80 (diff) | |
update confirmation from tokens
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report/Update.pm | 59 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Tokens.pm | 36 | ||||
| -rw-r--r-- | t/app/controller/report_updates.t | 7 |
3 files changed, 100 insertions, 2 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Report/Update.pm b/perllib/FixMyStreet/App/Controller/Report/Update.pm index 1100cf17b..91f05c32f 100644 --- a/perllib/FixMyStreet/App/Controller/Report/Update.pm +++ b/perllib/FixMyStreet/App/Controller/Report/Update.pm @@ -31,6 +31,59 @@ sub report_update : Path : Args(0) { && $c->forward('redirect_or_confirm_creation'); } +sub confirm : Private { + my ( $self, $c ) = @_; + + $c->stash->{update}->confirm; + $c->stash->{update}->update; + + $c->forward('update_problem'); + $c->forward('signup_for_alerts'); + + return 1; +} + +sub update_problem : Private { + my ( $self, $c ) = @_; + + my $update = $c->stash->{update}; + my $problem = $c->stash->{problem} || $update->problem; + + if ( $update->mark_fixed ) { + $problem->state( 'fixed' ); + + if ( $update->user->id == $problem->user->id ) { + $problem->send_questionnaire( 'f' ); + } else { + $c->forward( 'ask_questionnaire' ); + } + } + + $problem->lastupdate( \'ms_current_timestamp()' ); + $problem->update; + + $c->stash->{problem} = $problem; + + + return 1; +} + +sub ask_questionnaire : Private { + my ( $self, $c ) = @_; + + # FIXME send out questionnaire token here + + return 1; +} + +sub display_confirmation : Private { + my ( $self, $c ) = @_; + + $c->stash->{template} = 'tokens/confirm_update.html'; + + return 1; +} + =head2 setup_page Setup things we need for later. @@ -118,6 +171,7 @@ sub process_update : Private { ); $c->stash->{update} = $update; + $c->stash->{add_alert} = $c->req->param('add_alert'); return 1; } @@ -209,6 +263,7 @@ sub redirect_or_confirm_creation : Private { # If confirmed send the user straight there. if ( $update->confirmed ) { $c->forward( 'signup_for_alerts' ); + $c->forward( 'update_problem' ); my $report_uri = $c->uri_for( '/report', $update->problem_id ); $c->res->redirect($report_uri); $c->detach; @@ -247,9 +302,9 @@ happen before calling this. sub signup_for_alerts : Private { my ( $self, $c ) = @_; - if ( $c->req->param( 'add_alert' ) ) { + if ( $c->stash->{add_alert} ) { my $alert = $c->model( 'DB::Alert' )->find_or_create( - user => $c->stash->{update_user}, + user => $c->stash->{update}->user, alert_type => 'new_updates', parameter => $c->stash->{problem}->id ); diff --git a/perllib/FixMyStreet/App/Controller/Tokens.pm b/perllib/FixMyStreet/App/Controller/Tokens.pm index 8e45581a8..1c3d89b54 100644 --- a/perllib/FixMyStreet/App/Controller/Tokens.pm +++ b/perllib/FixMyStreet/App/Controller/Tokens.pm @@ -120,6 +120,42 @@ sub confirm_alert : Path('/A') { $c->forward('/alert/confirm'); } +=head2 confirm_update + + /C/([0-9A-Za-z]{16,18}).*$ + +Confirm an update - url appears in emails sent to users after they create the +update but are not logged in. + +=cut + +sub confirm_update : Path('/C') { + my ( $self, $c, $token_code ) = @_; + + my $auth_token = + $c->forward( 'load_auth_token', [ $token_code, 'comment' ] ); + + # Load the problem + my $comment_id = $auth_token->data->{id}; + $c->stash->{add_alert} = $auth_token->data->{add_alert}; + + my $comment = $c->model('DB::Comment')->find( { id => $comment_id } ) + || $c->detach('token_error'); + $c->stash->{update} = $comment; + + # check that this email or domain are not the cause of abuse. If so hide it. + if ( $comment->is_from_abuser ) { + $c->stash->{template} = 'tokens/abuse.html'; + return; + } + + $c->forward('/report/update/confirm'); + + $c->authenticate( { email => $comment->user->email }, 'no_password' ); + + return 1; +} + =head2 load_auth_token my $auth_token = diff --git a/t/app/controller/report_updates.t b/t/app/controller/report_updates.t index 3c07ac054..8c34541ed 100644 --- a/t/app/controller/report_updates.t +++ b/t/app/controller/report_updates.t @@ -265,6 +265,13 @@ subtest "submit an update for a non registered user" => sub { is $update->user->email, 'unregistered@example.com', 'update email'; is $update->text, 'Update from an unregistered user', 'update text'; is $add_alerts, 0, 'do not sign up for alerts'; + + $mech->get_ok( $url . $url_token ); + $mech->content_contains( "/report/$report_id#$update_id" ); + + $update->discard_changes; + + is $update->state, 'confirmed', 'update confirmed'; }; for my $test ( |