Merge pull request #246 from ThibautGery/notify-admin

Optional admin e-mail notification on user signups.

src/api-umbrella/web-app/app/controllers/api/v1/users_controller.rb

@@ -49,19 +49,27 @@ def create
 
     respond_to do |format|
       if(@api_user.save)
-        send_email = (params[:options] && params[:options][:send_welcome_email].to_s == "true")
+        send_welcome_email = (params[:options] && params[:options][:send_welcome_email].to_s == "true")
+        send_notify_email = (params[:options] && params[:options][:send_notify_email].to_s == "true")
 
         # For the admin tool, it's easier to have this attribute on the user
         # model, rather than options, so check there for whether we should send
         # e-mail. Also note that for backwards compatibility, we only check for
         # the presence of this attribute, and not it's actual value.
-        if(!send_email && params[:user] && params[:user][:send_welcome_email])
-          send_email = true
+        if(!send_welcome_email && params[:user] && params[:user][:send_welcome_email])
+          send_welcome_email = true
         end
 
-        if(send_email)
+        if(!send_notify_email && ApiUmbrellaConfig[:web][:send_notify_email].to_s == "true")
+          send_notify_email = true
+        end
+
+        if(send_welcome_email)
           ApiUserMailer.delay(:queue => "mailers").signup_email(@api_user, params[:options] || {})
         end
+        if(send_notify_email)
+          ApiUserMailer.delay(:queue => "mailers").notify_api_admin(@api_user)
+        end
 
         format.json { render("show", :status => :created, :location => api_v1_user_url(@api_user)) }
       else

src/api-umbrella/web-app/app/mailers/api_user_mailer.rb

@@ -23,4 +23,16 @@ def signup_email(user, options)
       :from => MailSanitizer.sanitize_address(from),
       :to => MailSanitizer.sanitize_address(user.email)
   end
+
+  def notify_api_admin(user)
+    @user = user
+
+    to = ApiUmbrellaConfig[:web][:admin_notify_email].presence || ApiUmbrellaConfig[:web][:contact_form_email]
+
+    full_name = "#{@user.first_name} #{@user.last_name}"
+    from = "noreply@#{ApiUmbrellaConfig[:web][:default_host]}"
+    mail :subject => "#{full_name} just subscribed",
+         :from => MailSanitizer.sanitize_address(from),
+         :to => MailSanitizer.sanitize_address(to)
+  end
 end

src/api-umbrella/web-app/app/views/api_user_mailer/notify_api_admin.erb

@@ -0,0 +1,39 @@
+<h1><%= @user.first_name %> <%= @user.last_name %> just subscribed</h1>
+<h2>Description</h2>
+
+<p>
+    <%= @user.use_description %>
+</p>
+
+<h2>Extra-informations</h2>
+
+<table>
+    <tr>
+        <td>Email</td>
+        <td><%= @user.email %></td>
+    </tr>
+    <% unless @user.registration_source.blank? -%>
+        <tr>
+            <td>Source</td>
+            <td><%= @user.registration_source %></td>
+        </tr>
+    <% end -%>
+    <% unless @user.website.blank? -%>
+        <tr>
+            <td>Website</td>
+            <td><%= @user.website %></td>
+        </tr>
+    <% end -%>
+    <tr>
+        <td>IP Adress</td>
+        <td><%= @user.registration_ip %></td>
+    </tr>
+    <tr>
+        <td>Referer</td>
+        <td><%= @user.registration_referer %></td>
+    </tr>
+    <tr>
+        <td>Origin</td>
+        <td><%= @user.registration_origin %></td>
+    </tr>
+</table>

src/api-umbrella/web-app/spec/controllers/api/v1/users_controller_spec.rb

@@ -980,6 +980,75 @@
         end
       end
     end
+
+    describe "notify e-mail" do
+      before(:each) do
+        Delayed::Worker.delay_jobs = false
+        ActionMailer::Base.deliveries.clear
+        ApiUmbrellaConfig[:web][:contact_form_email] = "[email protected]"
+      end
+
+      after(:each) do
+        Delayed::Worker.delay_jobs = true
+      end
+
+      it "sends a notify e-mail to be sent when requested in query" do
+        admin_token_auth(@admin)
+        expect do
+          p = params
+          p[:options] = { :send_notify_email => true }
+          post :create, p
+        end.to change { ActionMailer::Base.deliveries.count }.by(1)
+      end
+
+      it "sends a notify e-mail to be sent when requested in the config" do
+        admin_token_auth(@admin)
+        expect do
+          p = params
+          ApiUmbrellaConfig[:web][:send_notify_email] = true
+          post :create, p
+          ApiUmbrellaConfig[:web][:send_notify_email] = false
+
+        end.to change { ActionMailer::Base.deliveries.count }.by(1)
+      end
+
+      it "does not send notify e-mails when explicitly disabled" do
+        admin_token_auth(@admin)
+        expect do
+          p = params
+          p[:options] = { :send_notify_email => false }
+          post :create, p
+        end.to change { ActionMailer::Base.deliveries.count }.by(0)
+      end
+
+      it "does not send a notify e-mail when the option is an unknown value" do
+        admin_token_auth(@admin)
+        expect do
+          p = params
+          p[:options] = { :send_notify_email => 1 }
+          post :create, p
+        end.to change { ActionMailer::Base.deliveries.count }.by(0)
+      end
+
+      it "does not send notify e-mails by default" do
+        admin_token_auth(@admin)
+        expect do
+          post :create, params
+        end.to change { ActionMailer::Base.deliveries.count }.by(0)
+      end
+
+      it "queues a welcome e-mail to when delayed job is enabled" do
+        Delayed::Worker.delay_jobs = true
+        admin_token_auth(@admin)
+        expect do
+          expect do
+            p = params
+            p[:options] = { :send_notify_email => true }
+            post :create, p
+          end.to change { Delayed::Job.count }.by(1)
+        end.to change { ActionMailer::Base.deliveries.count }.by(0)
+      end
+    end
   end
 
   describe "PUT update" do

src/api-umbrella/web-app/spec/mailers/api_user_mailer_spec.rb

@@ -1,88 +1,138 @@
 require "spec_helper"
 
 describe ApiUserMailer do
-  describe "OSVDB-131677 security" do
-    it "accepts recipients without newlines" do
-      expect do
-        api_user = FactoryGirl.create(:api_user, :email => "[email protected]")
-        ApiUserMailer.signup_email(api_user, {}).deliver
-      end.to change { ActionMailer::Base.deliveries.count }.by(1)
-    end
-
-    it "rejects recipients with newlines" do
-      expect do
+  describe "signup_email" do
+    describe "OSVDB-131677 security" do
+      it "accepts recipients without newlines" do
         expect do
-          api_user = FactoryGirl.create(:api_user, :email => "[email protected]\nfoo")
+          api_user = FactoryGirl.create(:api_user, :email => "[email protected]")
           ApiUserMailer.signup_email(api_user, {}).deliver
-        end.to raise_error(MailSanitizer::InvalidAddress)
-      end.to change { ActionMailer::Base.deliveries.count }.by(0)
-    end
+        end.to change { ActionMailer::Base.deliveries.count }.by(1)
+      end
 
-    it "rejects recipients with carriage returns" do
-      expect do
+      it "rejects recipients with newlines" do
         expect do
-          api_user = FactoryGirl.create(:api_user, :email => "[email protected]\rfoo")
-          ApiUserMailer.signup_email(api_user, {}).deliver
-        end.to raise_error(MailSanitizer::InvalidAddress)
-      end.to change { ActionMailer::Base.deliveries.count }.by(0)
-    end
+          expect do
+            api_user = FactoryGirl.create(:api_user, :email => "[email protected]\nfoo")
+            ApiUserMailer.signup_email(api_user, {}).deliver
+          end.to raise_error(MailSanitizer::InvalidAddress)
+        end.to change { ActionMailer::Base.deliveries.count }.by(0)
+      end
 
-    it "accepts recipients 500 chars or less" do
-      expect do
-        api_user = FactoryGirl.create(:api_user, :email => "#{"o" * 488}@example.com")
-        ApiUserMailer.signup_email(api_user, {}).deliver
-      end.to change { ActionMailer::Base.deliveries.count }.by(1)
-    end
+      it "rejects recipients with carriage returns" do
+        expect do
+          expect do
+            api_user = FactoryGirl.create(:api_user, :email => "[email protected]\rfoo")
+            ApiUserMailer.signup_email(api_user, {}).deliver
+          end.to raise_error(MailSanitizer::InvalidAddress)
+        end.to change { ActionMailer::Base.deliveries.count }.by(0)
+      end
 
-    it "rejects recipients greater than 500 chars" do
-      expect do
+      it "accepts recipients 500 chars or less" do
         expect do
-          api_user = FactoryGirl.create(:api_user, :email => "#{"o" * 489}@example.com")
+          api_user = FactoryGirl.create(:api_user, :email => "#{"o" * 488}@example.com")
           ApiUserMailer.signup_email(api_user, {}).deliver
-        end.to raise_error(MailSanitizer::InvalidAddress)
-      end.to change { ActionMailer::Base.deliveries.count }.by(0)
-    end
+        end.to change { ActionMailer::Base.deliveries.count }.by(1)
+      end
 
-    it "accepts from addresses without newlines" do
-      expect do
-        api_user = FactoryGirl.create(:api_user)
-        ApiUserMailer.signup_email(api_user, { :email_from_address => "[email protected]" }).deliver
-      end.to change { ActionMailer::Base.deliveries.count }.by(1)
-    end
+      it "rejects recipients greater than 500 chars" do
+        expect do
+          expect do
+            api_user = FactoryGirl.create(:api_user, :email => "#{"o" * 489}@example.com")
+            ApiUserMailer.signup_email(api_user, {}).deliver
+          end.to raise_error(MailSanitizer::InvalidAddress)
+        end.to change { ActionMailer::Base.deliveries.count }.by(0)
+      end
 
-    it "rejects from addresses with newlines" do
-      expect do
+      it "accepts from addresses without newlines" do
         expect do
           api_user = FactoryGirl.create(:api_user)
-          ApiUserMailer.signup_email(api_user, { :email_from_address => "[email protected]\nfoo" }).deliver
-        end.to raise_error(MailSanitizer::InvalidAddress)
-      end.to change { ActionMailer::Base.deliveries.count }.by(0)
-    end
+          ApiUserMailer.signup_email(api_user, { :email_from_address => "[email protected]" }).deliver
+        end.to change { ActionMailer::Base.deliveries.count }.by(1)
+      end
+
+      it "rejects from addresses with newlines" do
+        expect do
+          expect do
+            api_user = FactoryGirl.create(:api_user)
+            ApiUserMailer.signup_email(api_user, { :email_from_address => "[email protected]\nfoo" }).deliver
+          end.to raise_error(MailSanitizer::InvalidAddress)
+        end.to change { ActionMailer::Base.deliveries.count }.by(0)
+      end
 
-    it "rejects from addresses with carriage returns" do
-      expect do
+      it "rejects from addresses with carriage returns" do
+        expect do
+          expect do
+            api_user = FactoryGirl.create(:api_user)
+            ApiUserMailer.signup_email(api_user, { :email_from_address => "[email protected]\rfoo" }).deliver
+          end.to raise_error(MailSanitizer::InvalidAddress)
+        end.to change { ActionMailer::Base.deliveries.count }.by(0)
+      end
+
+      it "accepts from addresses 500 chars or less" do
         expect do
           api_user = FactoryGirl.create(:api_user)
-          ApiUserMailer.signup_email(api_user, { :email_from_address => "[email protected]\rfoo" }).deliver
-        end.to raise_error(MailSanitizer::InvalidAddress)
-      end.to change { ActionMailer::Base.deliveries.count }.by(0)
+          ApiUserMailer.signup_email(api_user, { :email_from_address => "#{"o" * 488}@example.com" }).deliver
+        end.to change { ActionMailer::Base.deliveries.count }.by(1)
+      end
+
+      it "rejects from addresses greater than 500 chars" do
+        expect do
+          expect do
+            api_user = FactoryGirl.create(:api_user)
+            ApiUserMailer.signup_email(api_user, { :email_from_address => "#{"o" * 489}@example.com" }).deliver
+          end.to raise_error(MailSanitizer::InvalidAddress)
+        end.to change { ActionMailer::Base.deliveries.count }.by(0)
+      end
+
     end
+  end
 
-    it "accepts from addresses 500 chars or less" do
-      expect do
-        api_user = FactoryGirl.create(:api_user)
-        ApiUserMailer.signup_email(api_user, { :email_from_address => "#{"o" * 488}@example.com" }).deliver
-      end.to change { ActionMailer::Base.deliveries.count }.by(1)
+  describe "signup_email" do
+    before(:each) do
+      ApiUmbrellaConfig[:web][:contact_form_email] = "[email protected]"
+      ApiUmbrellaConfig[:web][:default_host] = "localhost.com"
     end
 
-    it "rejects from addresses greater than 500 chars" do
-      expect do
-        expect do
-          api_user = FactoryGirl.create(:api_user)
-          ApiUserMailer.signup_email(api_user, { :email_from_address => "#{"o" * 489}@example.com" }).deliver
-        end.to raise_error(MailSanitizer::InvalidAddress)
-      end.to change { ActionMailer::Base.deliveries.count }.by(0)
+    let(:api_user) do
+      FactoryGirl.create(
+          :api_user,
+          :first_name => "aaa",
+          :last_name => "bbb",
+          :use_description => "I WANNA DO EVERYTHING",
+          :email => "[email protected]")
+    end
+
+    subject { ApiUserMailer.notify_api_admin(api_user).deliver }
+
+    it "send an email " do
+      expect { subject }.to change { ActionMailer::Base.deliveries.count }.by(1)
+    end
+
+    it "send an email to the contact email" do
+      subject
+      expect(ActionMailer::Base.deliveries.first.to).to eq ["[email protected]"]
+    end
+
+    it "the receiver can be overwrited by the admin " do
+      ApiUmbrellaConfig[:web][:admin_notify_email] = "[email protected]"
+      subject
+      expect(ActionMailer::Base.deliveries.first.to).to eq ["[email protected]"]
+    end
+
+    it "send an email with the name of the person in the subject" do
+      subject
+      expect(ActionMailer::Base.deliveries.first.subject).to eq "aaa bbb just subscribed"
+    end
+
+    it "send an email from the server name" do
+      subject
+      expect(ActionMailer::Base.deliveries.first.from).to eq ["[email protected]"]
     end
 
+    it "send an email with usage in the body" do
+      subject
+      expect(ActionMailer::Base.deliveries.first.encoded).to include "I WANNA DO EVERYTHING"
+    end
   end
 end