mirror of
https://github.com/discourse/discourse.git
synced 2024-11-25 17:57:24 +08:00
FEATURE: Add setting to always confirm old email (#18417)
By default, only staff members have to confirm their old email when changing it. This commit adds a site setting that when enabled will always ask the user to confirm old email.
This commit is contained in:
parent
cb922ca8c8
commit
f60e6837c6
|
@ -2044,6 +2044,7 @@ en:
|
|||
raw_email_max_length: "How many characters should be stored for incoming email."
|
||||
raw_rejected_email_max_length: "How many characters should be stored for rejected incoming email."
|
||||
delete_rejected_email_after_days: "Delete rejected emails older than (n) days."
|
||||
require_change_email_confirmation: "Require non-staff users to confirm their old email address before changing it. Does not apply to staff users, they always need to confirm their old email address."
|
||||
|
||||
manual_polling_enabled: "Push emails using the API for email replies."
|
||||
pop3_polling_enabled: "Poll via POP3 for email replies."
|
||||
|
|
|
@ -1291,6 +1291,7 @@ email:
|
|||
max_participant_names:
|
||||
default: 10
|
||||
hidden: true
|
||||
require_change_email_confirmation: false
|
||||
|
||||
files:
|
||||
max_image_size_kb:
|
||||
|
|
|
@ -58,8 +58,7 @@ class EmailUpdater
|
|||
end
|
||||
|
||||
if @change_req.change_state.blank? || @change_req.change_state == EmailChangeRequest.states[:complete]
|
||||
@change_req.change_state = if @user.staff?
|
||||
# Staff users must confirm their old email address first.
|
||||
@change_req.change_state = if SiteSetting.require_change_email_confirmation || @user.staff?
|
||||
EmailChangeRequest.states[:authorizing_old]
|
||||
else
|
||||
EmailChangeRequest.states[:authorizing_new]
|
||||
|
|
|
@ -43,6 +43,21 @@ RSpec.describe EmailUpdater do
|
|||
end
|
||||
end
|
||||
|
||||
it "sends an email to confirm old email first if require_change_email_confirmation is enabled" do
|
||||
SiteSetting.require_change_email_confirmation = true
|
||||
|
||||
expect_enqueued_with(job: :critical_user_email, args: { type: :confirm_old_email, to_address: old_email }) do
|
||||
updater.change_to(new_email)
|
||||
end
|
||||
|
||||
expect(updater.change_req).to be_present
|
||||
expect(updater.change_req.old_email).to eq(old_email)
|
||||
expect(updater.change_req.new_email).to eq(new_email)
|
||||
expect(updater.change_req.change_state).to eq(EmailChangeRequest.states[:authorizing_old])
|
||||
expect(updater.change_req.old_email_token.email).to eq(old_email)
|
||||
expect(updater.change_req.new_email_token).to be_blank
|
||||
end
|
||||
|
||||
it "logs the admin user as the requester" do
|
||||
updater.change_to(new_email)
|
||||
expect(updater.change_req.requested_by).to eq(admin)
|
||||
|
|
Loading…
Reference in New Issue
Block a user