GRN2-6: Notify admins when a approve/invite user signs up (#538)

* Notify admins when a approve/invite user signs up * Fix formating * Uses admins_url variable
4 years ago · f88d67f6fb
parent 83a9edf81d
commit f88d67f6fb
12 changed files with 270 additions and 0 deletions
--- a/app/controllers/concerns/emailer.rb
+++ b/app/controllers/concerns/emailer.rb
@ -49,6 +49,14 @@ module Emailer
    UserMailer.approve_user(user, root_url, logo_image, user_color).deliver_now
  end

+  def send_approval_user_signup_email(user)
+    UserMailer.approval_user_signup(user, admins_url, logo_image, user_color, admin_emails).deliver_now
+  end
+
+  def send_invite_user_signup_email(user)
+    UserMailer.invite_user_signup(user, admins_url, logo_image, user_color, admin_emails).deliver_now
+  end
+
  private

  # Returns the link the user needs to click to verify their account
@ -56,6 +64,17 @@ module Emailer
    edit_account_activation_url(token: @user.activation_token, email: @user.email)
  end

+  def admin_emails
+    admins = User.with_role(:admin)
+
+    if Rails.configuration.loadbalanced_configuration
+      admins = admins.without_role(:super_admin)
+                     .where(provider: user_settings_provider)
+    end
+
+    admins.collect(&:email).join(",")
+  end
+
  def reset_link
    edit_password_reset_url(@user.reset_token, email: @user.email)
  end
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -18,6 +18,7 @@

 class SessionsController < ApplicationController
  include Registrar
+  include Emailer

  skip_before_action :verify_authenticity_token, only: [:omniauth, :fail]

@ -58,9 +59,16 @@ class SessionsController < ApplicationController
      # Add pending role if approval method and is a new user
      if approval_registration && !@user_exists
        user.add_role :pending
+
+        # Inform admins that a user signed up if emails are turned on
+        send_approval_user_signup_email(user) if Rails.configuration.enable_email_verification
+
        return redirect_to root_path, flash: { success: I18n.t("registration.approval.signup") }
      end

+      send_invite_user_signup_email(user) if Rails.configuration.enable_email_verification &&
+                                             invite_registration && !@user_exists
+
      login(user)
    rescue => e
        logger.error "Error authenticating via omniauth: #{e}"
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -50,6 +50,8 @@ class UsersController < ApplicationController
        flash: { success: I18n.t("registration.approval.signup") } unless Rails.configuration.enable_email_verification
    end

+    send_registration_email if Rails.configuration.enable_email_verification
+
    # Sign in automatically if email verification is disabled or if user is already verified.
    login(@user) && return if !Rails.configuration.enable_email_verification || @user.email_verified

@ -193,6 +195,19 @@ class UsersController < ApplicationController
    end
  end

+  def send_registration_email
+    begin
+      if invite_registration
+        send_invite_user_signup_email(@user)
+      elsif approval_registration
+        send_approval_user_signup_email(@user)
+      end
+    rescue => e
+      logger.error "Error in email delivery: #{e}"
+      flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
+    end
+  end
+
  # Add validation errors to model if they exist
  def valid_user_or_captcha
    valid_user = @user.valid?
--- a/app/mailers/user_mailer.rb
+++ b/app/mailers/user_mailer.rb
@ -67,4 +67,22 @@ class UserMailer < ApplicationMailer
    @color = color
    mail to: user.email, subject: t('mailer.user.approve.subject')
  end
+
+  def approval_user_signup(user, url, image, color, admin_emails)
+    @user = user
+    @url = url
+    @image = image
+    @color = color
+
+    mail to: admin_emails, subject: t('mailer.user.approve.signup.subject')
+  end
+
+  def invite_user_signup(user, url, image, color, admin_emails)
+    @user = user
+    @url = url
+    @image = image
+    @color = color
+
+    mail to: admin_emails, subject: t('mailer.user.invite.signup.subject')
+  end
 end
--- a/app/views/user_mailer/approval_user_signup.html.erb
+++ b/app/views/user_mailer/approval_user_signup.html.erb
@ -0,0 +1,43 @@
+<%
+# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
+#
+# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
+#
+# This program is free software; you can redistribute it and/or modify it under the
+# terms of the GNU Lesser General Public License as published by the Free Software
+# Foundation; either version 3.0 of the License, or (at your option) any later
+# version.
+#
+# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License along
+# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
+%>
+
+<div style="text-align:center; font-family:'Source Sans Pro', -apple-system, BlinkMacSystemFont, 'Segoe UI', 'Helvetica Neue', Arial, sans-serif">
+    <div style="display:inline-block; background-color:#F5F7FB; border:1px solid #d3d3d3; padding: 25px 70px">
+        <%= image_tag(@image, height: '70') %>
+
+        <h1 style="margin-bottom:30px">
+        <%= t('mailer.user.approve.signup.subject') %>
+        </h1>
+
+        <p>
+        <%= t('mailer.user.approve.signup.info') %>
+        </p>
+
+        <p>
+        <%= t('mailer.user.approve.signup.username', name: @user.name, email: @user.email) %>
+        </p>
+
+        <p style="margin-bottom:35px;">
+        <%= t('mailer.user.approve.signup.more-info') %>
+        </p>
+
+        <a style="background: <%= @color %>;color: #ffffff; padding: 10px 15px; box-shadow: 0 2px 4px 0 rgba(0,0,0,.25);border: 1px solid transparent;text-decoration:none;" href="<%= @url %>">
+        <%= t('mailer.user.approve.signup.admins_link') %>
+        </a>
+    </div>
+</div>
--- a/app/views/user_mailer/approval_user_signup.text.erb
+++ b/app/views/user_mailer/approval_user_signup.text.erb
@ -0,0 +1,27 @@
+<%
+# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
+#
+# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
+#
+# This program is free software; you can redistribute it and/or modify it under the
+# terms of the GNU Lesser General Public License as published by the Free Software
+# Foundation; either version 3.0 of the License, or (at your option) any later
+# version.
+#
+# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License along
+# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
+%>
+
+<%= t('mailer.user.approve.signup.subject') %>
+
+<%= t('mailer.user.approve.signup.info') %>
+
+<%= t('mailer.user.approve.signup.username', name: @user.name, email: @user.email) %>
+
+<%= t('mailer.user.approve.signup.more-info') %>
+
+<%= @url %>
--- a/app/views/user_mailer/invite_user_signup.html.erb
+++ b/app/views/user_mailer/invite_user_signup.html.erb
@ -0,0 +1,39 @@
+<%
+# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
+#
+# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
+#
+# This program is free software; you can redistribute it and/or modify it under the
+# terms of the GNU Lesser General Public License as published by the Free Software
+# Foundation; either version 3.0 of the License, or (at your option) any later
+# version.
+#
+# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License along
+# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
+%>
+
+<div style="text-align:center; font-family:'Source Sans Pro', -apple-system, BlinkMacSystemFont, 'Segoe UI', 'Helvetica Neue', Arial, sans-serif">
+    <div style="display:inline-block; background-color:#F5F7FB; border:1px solid #d3d3d3; padding: 25px 70px">
+        <%= image_tag(@image, height: '70') %>
+
+        <h1 style="margin-bottom:30px">
+            <%= t('mailer.user.invite.signup.subject') %>
+        </h1>
+
+        <p>
+            <%= t('mailer.user.invite.signup.info') %>
+        </p>
+
+        <p style="margin-bottom:35px;">
+            <%= t('mailer.user.invite.signup.username', name: @user.name, email: @user.email) %>
+        </p>
+
+        <a style="background: <%= @color %>;color: #ffffff; padding: 10px 15px; box-shadow: 0 2px 4px 0 rgba(0,0,0,.25);border: 1px solid transparent;text-decoration:none;" href="<%= @url %>">
+            <%= t('mailer.user.invite.signup.admins_link') %>
+        </a>
+    </div>
+</div>
--- a/app/views/user_mailer/invite_user_signup.text.erb
+++ b/app/views/user_mailer/invite_user_signup.text.erb
@ -0,0 +1,25 @@
+<%
+# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
+#
+# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
+#
+# This program is free software; you can redistribute it and/or modify it under the
+# terms of the GNU Lesser General Public License as published by the Free Software
+# Foundation; either version 3.0 of the License, or (at your option) any later
+# version.
+#
+# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License along
+# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
+%>
+
+<%= t('mailer.user.invite.signup.subject') %>
+
+<%= t('mailer.user.invite.signup.info') %>
+
+<%= t('mailer.user.invite.signup.username', name: @user.name, email: @user.email) %>
+
+<%= @url %>
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -177,6 +177,12 @@ en:
        info: Your account has been approved.
        signin: To access your personal rooms, click the button below and sign in.
        signin_link: Sign In
+        signup:
+          info: A new user has signed up to use Greenlight.
+          more-info: To allow this user to access Greenlight you must approve their account in organization settings.
+          admins_link: Visit the Organization Page
+          subject: New Greenlight User Sign Up 
+          username: The user signed up with the name %{name} and the email %{email}.
        subject: Account Approved
        username: Your username is %{email}.
      demoted:
@ -188,6 +194,11 @@ en:
        info: You have been invited to your own personal space by %{name}
        signup: To signup using your email, click the button below and follow the steps.
        signup_link: Sign Up
+        signup:
+          info: A user that was invited has signed up to use Greenlight.
+          admins_link: Visit the Organization Page
+          subject: New Greenlight User Sign Up 
+          username: The user signed up with the name %{name} and the email %{email}.
        subject: Invitation to join BigBlueButton
        username: Your username is %{email}.
      password_reset:
--- a/spec/controllers/sessions_controller_spec.rb
+++ b/spec/controllers/sessions_controller_spec.rb
@ -223,6 +223,36 @@ describe SessionsController, type: :controller do

        expect(response).to redirect_to(root_path)
      end
+
+      context 'registration notification emails' do
+        before do
+          allow(Rails.configuration).to receive(:enable_email_verification).and_return(true)
+          @user = create(:user, provider: "greenlight")
+          @admin = create(:user, provider: "greenlight", email: "test@example.com")
+          @admin.add_role :admin
+        end
+
+        it "should notify admin on new user signup with approve/reject registration" do
+          allow_any_instance_of(Registrar).to receive(:approval_registration).and_return(true)
+
+          request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:bn_launcher]
+
+          expect { get :omniauth, params: { provider: 'bn_launcher' } }
+            .to change { ActionMailer::Base.deliveries.count }.by(1)
+        end
+
+        it "should notify admin on new user signup with invite registration" do
+          allow_any_instance_of(Registrar).to receive(:invite_registration).and_return(true)
+
+          invite = Invitation.create(email: "user@google.com", provider: "greenlight")
+          @request.session[:invite_token] = invite.invite_token
+
+          request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:bn_launcher]
+
+          expect { get :omniauth, params: { provider: 'bn_launcher' } }
+            .to change { ActionMailer::Base.deliveries.count }.by(1)
+        end
+      end
    end

    it "should not create session without omniauth env set for bn_launcher" do
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@ -186,6 +186,17 @@ describe UsersController, type: :controller do
        before do
          allow_any_instance_of(Registrar).to receive(:invite_registration).and_return(true)
          allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
+          @user = create(:user, provider: "greenlight")
+          @admin = create(:user, provider: "greenlight", email: "test@example.com")
+          @admin.add_role :admin
+        end
+
+        it "should notify admins that user signed up" do
+          params = random_valid_user_params
+          invite = Invitation.create(email: params[:user][:email], provider: "greenlight")
+          @request.session[:invite_token] = invite.invite_token
+
+          expect { post :create, params: params }.to change { ActionMailer::Base.deliveries.count }.by(1)
        end

        it "rejects the user if they are not invited" do
@ -240,6 +251,9 @@ describe UsersController, type: :controller do
        before do
          allow_any_instance_of(Registrar).to receive(:approval_registration).and_return(true)
          allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
+          @user = create(:user, provider: "greenlight")
+          @admin = create(:user, provider: "greenlight", email: "test@example.com")
+          @admin.add_role :admin
        end

        it "allows any user to sign up" do
@ -265,6 +279,14 @@ describe UsersController, type: :controller do

          expect(u.has_role?(:pending)).to eq(true)
        end
+
+        it "notifies admins that a user signed up" do
+          allow(Rails.configuration).to receive(:enable_email_verification).and_return(true)
+
+          params = random_valid_user_params
+
+          expect { post :create, params: params }.to change { ActionMailer::Base.deliveries.count }.by(2)
+        end
      end
    end

--- a/test/mailers/previews/user_mailer_preview.rb
+++ b/test/mailers/previews/user_mailer_preview.rb
@ -37,6 +37,19 @@ class UserMailerPreview < ActionMailer::Preview
  end

  # Preview this email at
+  # http://localhost:3000/rails/mailers/user_mailer/approval_user_signup
+  def approval_user_signup
+    user = User.first
+    UserMailer.approval_user_signup(user, "http://example.com/", @logo, @color, "test@example.com")
+  end
+
+  # Preview this email at
+  # http://localhost:3000/rails/mailers/user_mailer/invite_user_signup
+  def invite_user_signup
+    user = User.first
+    UserMailer.invite_user_signup(user, "http://example.com/", @logo, @color, "test@example.com")
+  end
+  
  # http://localhost:3000/rails/mailers/user_mailer/user_promoted
  def user_promoted
    user = User.first