Change confirmations controller to redirect to / for approved users (#16151)

Clicking the confirmation link multiple times currently leads to entering
account settings, which can be confusing. This commit changes that so that
it redirects to the root path, so it behaves the same way as clicking only
once in most cases.

diff --git a/app/controllers/auth/confirmations_controller.rb b/app/controllers/auth/confirmations_controller.rb
index 89852526998dbedcedbcee3ace41ef724f4eb7e5..1475bbcefa5cc680350a29a5ce0ffed5af07dded 100644 (file)
--- a/app/controllers/auth/confirmations_controller.rb
+++ b/app/controllers/auth/confirmations_controller.rb
@@ -17,7 +17,9 @@ class Auth::ConfirmationsController < Devise::ConfirmationsController
   private
 
   def require_unconfirmed!
-    redirect_to edit_user_registration_path if user_signed_in? && current_user.confirmed? && current_user.unconfirmed_email.blank?
+    if user_signed_in? && current_user.confirmed? && current_user.unconfirmed_email.blank?
+      redirect_to(current_user.approved? ? root_path : edit_user_registration_path)
+    end
   end
 
   def set_body_classes

diff --git a/spec/controllers/auth/confirmations_controller_spec.rb b/spec/controllers/auth/confirmations_controller_spec.rb
index 0b6b74ff902c9f45c7915c1803ee05bc65d06aa2..8469119d23f2768399380a2f4f6813ae1f9a3654 100644 (file)
--- a/spec/controllers/auth/confirmations_controller_spec.rb
+++ b/spec/controllers/auth/confirmations_controller_spec.rb
@@ -32,6 +32,52 @@ describe Auth::ConfirmationsController, type: :controller do
       end
     end
 
+    context 'when user is unconfirmed and unapproved' do
+      let!(:user) { Fabricate(:user, confirmation_token: 'foobar', confirmed_at: nil, approved: false) }
+
+      before do
+        allow(BootstrapTimelineWorker).to receive(:perform_async)
+        @request.env['devise.mapping'] = Devise.mappings[:user]
+        get :show, params: { confirmation_token: 'foobar' }
+      end
+
+      it 'redirects to login' do
+        expect(response).to redirect_to(new_user_session_path)
+      end
+    end
+
+    context 'when user is already confirmed' do
+      let!(:user) { Fabricate(:user) }
+
+      before do
+        allow(BootstrapTimelineWorker).to receive(:perform_async)
+        @request.env['devise.mapping'] = Devise.mappings[:user]
+        sign_in(user, scope: :user)
+        get :show, params: { confirmation_token: 'foobar' }
+      end
+
+      it 'redirects to root path' do
+        expect(response).to redirect_to(root_path)
+      end
+    end
+
+    context 'when user is already confirmed but unapproved' do
+      let!(:user) { Fabricate(:user, approved: false) }
+
+      before do
+        allow(BootstrapTimelineWorker).to receive(:perform_async)
+        @request.env['devise.mapping'] = Devise.mappings[:user]
+        user.approved = false
+        user.save!
+        sign_in(user, scope: :user)
+        get :show, params: { confirmation_token: 'foobar' }
+      end
+
+      it 'redirects to settings' do
+        expect(response).to redirect_to(edit_user_registration_path)
+      end
+    end
+
     context 'when user is updating email' do
       let!(:user) { Fabricate(:user, confirmation_token: 'foobar', unconfirmed_email: 'new-email@example.com') }