Ability to add/update user email #921
Conversation
… email field then is updated in the database
… ember side, i think
…metimes undefined seems to be fixed
… in order to try to keep user emails private, update tests to pass
… stored in database specifically problematic if GitHub email were private and crates.io user had added an email, upon signing in the next time the user's email would go back to null as that is the value GitHub passes each time. This means that if users update their email, it must be updated through both GitHub and Crates.io
…to support test, for now
…rrently signed in user's email
…ata updated by crates.io user
src/tests/all.rs
Outdated
| @@ -189,6 +189,19 @@ fn new_user(login: &str) -> NewUser { | |||
| } | |||
| } | |||
|
|
|||
| // I want to be able to seed the github id for use in test | |||
There was a problem hiding this comment.
Since this is only used in one place, how about just having that place just do:
NewUser { gh_id: whatever, ..new_user(login) }There was a problem hiding this comment.
Cool, that makes more sense, thanks!
src/tests/user.rs
Outdated
| let user = ::mock_user(&mut req, ::user("foo")); | ||
|
|
||
| // with GET /me update gives 404 response | ||
| // let user = ::mock_user(&mut req, ::user("foo")); |
There was a problem hiding this comment.
How about ::sign_in(&mut req, &app)?
There was a problem hiding this comment.
I'm not sure I understand the difference, could you clarify? I forgot to delete these commented out lines, what I was getting at is that mock_user() seems to do the same thing as calling new_user() and sign_in_as(user) used below except below doesn't cause the 404.
There was a problem hiding this comment.
@sgrif sign_in doesn't let us pass in a user, nor does it return the user, and we need the user on line 84 for the last assertion in this test that checks that the user's email is correctly in the JSON.
| {{/if}} | ||
| {{#if emailIsNull }} | ||
| <p class='small-text'> Please add your email address. We need this in | ||
| order to contact you just in case anything goes wrong. We promise |
There was a problem hiding this comment.
Thinking about this phrasing a little bit more, especially since we just came up with a potential use case in ownership notifications that we might want to use email for, which isn't really something going wrong... how about something like "Please add your email address. We will only use it to contact you about your account. We promise we'll never share it!"?
app/components/email-input.js
Outdated
| editEmail() { | ||
| let email = this.get('value'); | ||
| let isEmailNull = function(email) { | ||
| if (email == null) { |
There was a problem hiding this comment.
I think we can shorten this by doing:
let isEmailNull = function(email) {
return email == null;
}
Does that work? My javascript is a bit rusty...
There was a problem hiding this comment.
OOH WAIT what's this empty function on line 9? could we do empty(email)? or is that special for models?
There was a problem hiding this comment.
I think this might be special for models? I'm not sure exactly how it works on line 9 but when I print out the result of empty it isn't just a boolean type.
|
|
||
| this.set('emailIsNull', isEmailNull(email)); | ||
| this.set('isEditing', true); | ||
| this.set('prevEmail', this.get('value')); |
There was a problem hiding this comment.
Since we've got this.get('value') in the email variable from line 16, could we use the email var here too?
src/tests/user.rs
Outdated
| let user = ::mock_user(&mut req, ::user("foo")); | ||
|
|
||
| // with GET /me update gives 404 response | ||
| // let user = ::mock_user(&mut req, ::user("foo")); |
There was a problem hiding this comment.
@sgrif sign_in doesn't let us pass in a user, nor does it return the user, and we need the user on line 84 for the last assertion in this test that checks that the user's email is correctly in the JSON.
src/user/mod.rs
Outdated
| let user_id = req.user()?.id; | ||
| let conn = req.db_conn()?; | ||
| let user = users.filter(id.eq(user_id)).first::<User>(&*conn)?; | ||
| println!("user id: {:?} user_id: {:?}", user.id, user_id); |
There was a problem hiding this comment.
Println snuck in there! :)
app/components/email-input.js
Outdated
| let user = this.get('user'); | ||
|
|
||
| let emailIsProperFormat = function(userEmail) { | ||
| let regExp = /\S+@\S+\.\S+/; |
There was a problem hiding this comment.
I'm remembering a thing.... where if you don't put "beginning of value" and "end of value" things in the regex, somehow people could put newlines in and the regex would match when it shouldn't have? I forget if javascript is vulnerable to this or not, and if it is, if the things we want at the beginning and end are \A and \z or if it's something different. Let's investigate tomorrow!
| <dt>Email</dt> | ||
| </div> | ||
| {{#if isEditing }} | ||
| {{#if isEditing }} |
There was a problem hiding this comment.
Good call on moving the check for editing out to be able to separate the markup between editing and not editing :) 💯
src/tests/user.rs
Outdated
| @@ -291,3 +297,76 @@ fn updating_existing_user_doesnt_change_api_token() { | |||
| assert_eq!("bar", user.gh_login); | |||
| assert_eq!("bar_token", user.gh_access_token); | |||
| } | |||
|
|
|||
| /* Email GitHub private overwrite bug | |||
| Please find a better description, that is not english | |||
| assert_eq!(r.user.email, None); | ||
| assert_eq!(r.user.login, "mango"); | ||
|
|
||
| let body = r#"{"user":{"email":"[email protected]","name":"Mango McMangoface","login":"mango","avatar":"https://avatars0.githubusercontent.com","url":"https://github.com/mango","kind":null}}"#; |
There was a problem hiding this comment.
lolololol @ "Mango McMangoface" :) :) :)
| // database | ||
| // This change is not preferable, we'd rather fix the request, | ||
| // perhaps adding `req.mut_extensions().insert(user)` to the | ||
| // update_user route, however this somehow does not seem to work |
There was a problem hiding this comment.
This is a great comment!! I'm so excited to find this later when I'm trying to remember why we had to do this this way and this will explain everything ❤️
…potentially add their email, then garbage on a newline, which would still evaluate as valid
|
hmmm bors: r+ |
921: Ability to add/update user email r=carols10cents This PR addresses issue #808, allow editing your own email address. This is the first step in a three part implementation, adding a field to edit an email address. Yet to be implemented before the issue is resolved is (1) the ability to verify emails with users and (2) figuring out how to get everyone to add their email to their account. This PR only implements the addition of a button to the email field such that a user's email can be added or updated, as well as hiding the email field from public view by separating `EncodableUser` into `EncodablePublicUser` and `EncodablePrivateUser`.
Build succeeded |
This PR addresses issue #808, allow editing your own email address. This is the first step in a three part implementation, adding a field to edit an email address. Yet to be implemented before the issue is resolved is (1) the ability to verify emails with users and (2) figuring out how to get everyone to add their email to their account. This PR only implements the addition of a button to the email field such that a user's email can be added or updated, as well as hiding the email field from public view by separating
EncodableUserintoEncodablePublicUserandEncodablePrivateUser.