From 9b94d8ae96b92a0a8e3a3501703c868265d350c1 Mon Sep 17 00:00:00 2001 From: Chris Lowis Date: Wed, 20 Sep 2023 15:43:49 +0100 Subject: [PATCH] Reject non-governmental email addresses on update We've now chased up all users who were using one of our identified "non-governmental" email domains, so we can enforce this validation rule for all User accounts, not just new ones. This strengthens the validation we introduced in 00e93e9570. --- app/models/batch_invitation_user.rb | 2 +- app/models/user.rb | 2 +- test/models/batch_invitation_user_test.rb | 4 ++-- test/models/user_test.rb | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/app/models/batch_invitation_user.rb b/app/models/batch_invitation_user.rb index 74a45f64b..32a312481 100644 --- a/app/models/batch_invitation_user.rb +++ b/app/models/batch_invitation_user.rb @@ -2,7 +2,7 @@ class BatchInvitationUser < ApplicationRecord belongs_to :batch_invitation validates :email, presence: true, format: { with: Devise.email_regexp } - validates :email, reject_non_governmental_email_addresses: true, on: :create + validates :email, reject_non_governmental_email_addresses: true validates :outcome, inclusion: { in: [nil, "success", "failed", "skipped"] } diff --git a/app/models/user.rb b/app/models/user.rb index e22fcf577..b5023dac9 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -48,7 +48,7 @@ class User < ApplicationRecord encrypts :otp_secret_key validates :name, presence: true - validates :email, reject_non_governmental_email_addresses: true, on: :create + validates :email, reject_non_governmental_email_addresses: true validates :reason_for_suspension, presence: true, if: proc { |u| u.suspended? } validate :user_can_be_exempted_from_2sv validate :organisation_admin_belongs_to_organisation diff --git a/test/models/batch_invitation_user_test.rb b/test/models/batch_invitation_user_test.rb index 4e30b8dda..b1e3476e9 100644 --- a/test/models/batch_invitation_user_test.rb +++ b/test/models/batch_invitation_user_test.rb @@ -25,12 +25,12 @@ class BatchInvitationUserTest < ActiveSupport::TestCase user.errors[:email] end - should "still allow user to be updated with a known non-government email address" do + should "not allow user to be updated with a known non-government email address" do user = create(:batch_invitation_user, email: "alexia.statham@department.gov.uk") user.email = "alexia.statham@yahoo.co.uk" - assert user.valid? + assert_not user.valid? end end diff --git a/test/models/user_test.rb b/test/models/user_test.rb index 710a53a75..e5d4de75b 100644 --- a/test/models/user_test.rb +++ b/test/models/user_test.rb @@ -284,12 +284,12 @@ def setup user.errors[:email] end - should "still allow user to be updated with a known non-government email address" do + should "not allow user to be updated with a known non-government email address" do user = create(:batch_invitation_user, email: "alexia.statham@department.gov.uk") user.email = "alexia.statham@yahoo.co.uk" - assert user.valid? + assert_not user.valid? end should "reject emails with invalid domain parts" do