diff options
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report/Update.pm | 62 | ||||
| -rw-r--r-- | t/app/controller/report_updates.t | 65 | ||||
| -rw-r--r-- | templates/email/default/update-confirm.txt | 18 | ||||
| -rw-r--r-- | templates/web/default/report/display.html | 2 |
4 files changed, 134 insertions, 13 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Report/Update.pm b/perllib/FixMyStreet/App/Controller/Report/Update.pm index 629408401..bac3c5b17 100644 --- a/perllib/FixMyStreet/App/Controller/Report/Update.pm +++ b/perllib/FixMyStreet/App/Controller/Report/Update.pm @@ -72,9 +72,8 @@ sub report_update : Path : Args(0) { or $c->go( '/report/display', [ $c->req->param('id') ] ); $c->forward('save_update'); + $c->forward('redirect_or_confirm_creation'); - # just go back to the report page for now - $c->go( '/report/display', [ $c->req->param('id') ] ); return 1; } @@ -136,14 +135,18 @@ sub process_update : Private { my ( $self, $c ) = @_; my %params = # - map { $_ => scalar $c->req->param($_) } ( 'update', 'name' ); + map { $_ => scalar $c->req->param($_) } ( 'update', 'name', 'fixed' ); + use Data::Dumper; + $c->log->debug( 'params: ' . Dumper( %params ) ); my $update = $c->model('DB::Comment')->new( { text => $params{update}, name => _trim_text( $params{name} ), problem => $c->stash->{problem}, - user => $c->stash->{update_user} + user => $c->stash->{update_user}, + state => 'unconfirmed', + mark_fixed => $params{fixed} ? 't' : 'f', } ); @@ -179,7 +182,8 @@ sub check_for_errors : Private { %{ $c->stash->{update}->check_for_errors }, ); - $c->log->debug( join ', ', keys %field_errors ); + # we don't care if there are errors with this... + delete $field_errors{name}; # all good if no errors return 1 unless scalar keys %field_errors; @@ -198,19 +202,53 @@ Save the update and the user as appropriate. sub save_update : Private { my ( $self, $c ) = @_; - if ( $c->stash->{update_user}->in_storage ) { - $c->stash->{update_user}->update_user; - } else { - $c->stash->{update_user}->insert; + my $user = $c->stash->{update_user}; + my $update = $c->stash->{update}; + + if ( !$user->in_storage ) { + $user->insert; + } elsif ( $c->user && $c->user->id == $user->id ) { + $user->update; + $update->confirm; } - if ( $c->stash->{update}->in_storage ) { - $c->stash->{update}->update; + if ( $update->in_storage ) { + $update->update; } else { - $c->stash->{update}->insert; + $update->insert; } } +=head2 redirect_or_confirm_creation + +Now that the update has been created either redirect the user to problem page if it +has been confirmed or email them a token if it has not been. + +=cut + +sub redirect_or_confirm_creation : Private { + my ( $self, $c ) = @_; + my $update = $c->stash->{update}; + + # If confirmed send the user straight there. + if ( $update->confirmed ) { + my $report_uri = $c->uri_for( '/report', $update->problem_id ); + $c->res->redirect($report_uri); + $c->detach; + } + + # otherwise create a confirm token and email it to them. + my $token = + $c->model("DB::Token") + ->create( { scope => 'comment', data => $update->id } ); + $c->stash->{token_url} = $c->uri_for_email( '/C', $token->token ); + $c->send_email( 'update-confirm.txt', { to => $update->user->email } ); + + # tell user that they've been sent an email + $c->stash->{template} = 'email_sent.html'; + $c->stash->{email_type} = 'update'; +} + __PACKAGE__->meta->make_immutable; 1; diff --git a/t/app/controller/report_updates.t b/t/app/controller/report_updates.t index 1ecdef96d..83df55f30 100644 --- a/t/app/controller/report_updates.t +++ b/t/app/controller/report_updates.t @@ -216,6 +216,71 @@ for my $test ( }; } +subtest "submit an update for a non registered user" => sub { + $mech->clear_emails_ok(); + + $mech->get_ok("/report/$report_id"); + + $mech->submit_form_ok( + { + with_fields => { + rznvy => 'unregistered@example.com', + update => 'update from an unregistered user' + } + }, + 'submit update' + ); + + $mech->content_contains('Nearly Done! Now check your email'); + + my $email = $mech->get_email; + ok $email, "got an email"; + like $email->body, qr/confirm the update you/i, "Correct email text"; + + + my ( $url, $url_token ) = $email->body =~ m{(http://\S+/C/)(\S+)}; + ok $url, "extracted confirm url '$url'"; + + my $token = FixMyStreet::App->model('DB::Token')->find( + { + token => $url_token, + scope => 'comment' + } + ); + ok $token, 'Token found in database'; + + my $update_id = $token->data; + my $update = FixMyStreet::App->model( 'DB::Comment' )->find( + { id => $update_id } + ); + + ok $update, 'found update in database'; + is $update->state, 'unconfirmed', 'update unconfirmed'; + is $update->user->email, 'unregistered@example.com', 'update email'; + is $update->text, 'update from an unregistered user', 'update text'; +}; + +subtest "submit an update for a registered user" => sub { + $mech->clear_emails_ok(); + + $mech->log_in_ok( $user->email ); + $mech->get_ok("/report/$report_id"); + + $mech->submit_form_ok( + { + with_fields => { + rznvy => 'test@example.com', + update => 'update from a registered user' + } + }, + 'submit update' + ); + + is $mech->uri->path, "/report/" . $report_id, "redirected to report page"; + + $mech->email_count_is(0); +}; + ok $comment->delete, 'deleted comment'; $mech->delete_user('commenter@example.com'); $mech->delete_user('test@example.com'); diff --git a/templates/email/default/update-confirm.txt b/templates/email/default/update-confirm.txt new file mode 100644 index 000000000..9a0db3029 --- /dev/null +++ b/templates/email/default/update-confirm.txt @@ -0,0 +1,18 @@ +Subject: Confirm your update on FixMyStreet + +Hi [% update.user.name %], + +Please click on the link below to confirm the update you just +wrote: + +[% token_url %] + +If your email program does not let you click on this link, +copy and paste it into your web browser and press return. + +Your update reads: + +[% update.text %] + +Yours, +The FixMyStreet team diff --git a/templates/web/default/report/display.html b/templates/web/default/report/display.html index d57f1a105..e35dfcd75 100644 --- a/templates/web/default/report/display.html +++ b/templates/web/default/report/display.html @@ -86,7 +86,7 @@ [% END %] <div class="form-field"> <label for="form_rznvy">[% loc('Email' ) %]</label> - <input type="text" name="rznvy" id="form_rznvy" value="[% email | html %]" size="20"> + <input type="text" name="rznvy" id="form_rznvy" value="[% update_user.email | html %]" size="20"> </div> |