-
Notifications
You must be signed in to change notification settings - Fork 112
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Use AccountReactivationSession object
**Why**: To avoid hardcoding keys in the user session across multiple controllers, and to present an interface for managing account reactivation session data Spec to test confirm_personal_key before_action **Why**: CC reported that branch of logic as untested
- Loading branch information
1 parent
c180d44
commit a626410
Showing
11 changed files
with
203 additions
and
34 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
class ReactivateAccountSession | ||
SESSION_KEY = :reactivate_account | ||
|
||
def initialize(user:, user_session:) | ||
@user = user | ||
@session = user_session | ||
|
||
session[SESSION_KEY] ||= generate_session | ||
end | ||
|
||
def clear | ||
session.delete(SESSION_KEY) | ||
end | ||
|
||
def start | ||
reactivate_account_session[:active] = true | ||
end | ||
|
||
def started? | ||
reactivate_account_session[:active] | ||
end | ||
|
||
def suspend | ||
session[SESSION_KEY] = generate_session | ||
end | ||
|
||
def store_decrypted_pii(pii) | ||
reactivate_account_session[:personal_key] = true | ||
reactivate_account_session[:pii] = pii | ||
end | ||
|
||
def personal_key? | ||
reactivate_account_session[:personal_key] | ||
end | ||
|
||
def decrypted_pii | ||
reactivate_account_session[:pii] | ||
end | ||
|
||
private | ||
|
||
attr_reader :session | ||
|
||
def generate_session | ||
{ | ||
active: false, | ||
personal_key: false, | ||
pii: nil, | ||
} | ||
end | ||
|
||
def reactivate_account_session | ||
session[SESSION_KEY] | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,94 @@ | ||
require 'rails_helper' | ||
|
||
describe ReactivateAccountSession do | ||
let(:user) { build(:user) } | ||
let(:user_session) { {} } | ||
|
||
before do | ||
@reactivate_account_session = ReactivateAccountSession.new( | ||
user: user, | ||
user_session: user_session | ||
) | ||
end | ||
|
||
describe '#clear' do | ||
it 'deletes the reactivate account session object from user_session' do | ||
expect(user_session).to have_key(:reactivate_account) | ||
|
||
@reactivate_account_session.clear | ||
|
||
expect(user_session).to be_empty | ||
end | ||
end | ||
|
||
describe '#start' do | ||
it 'sets the session object `active` flag to true' do | ||
@reactivate_account_session.start | ||
expect(user_session[:reactivate_account][:active]).to be(true) | ||
end | ||
end | ||
|
||
describe '#started?' do | ||
it 'initializes set to false' do | ||
expect(@reactivate_account_session.started?).to be(false) | ||
end | ||
|
||
it 'returns a boolean if the account reactivate flow has started or not' do | ||
@reactivate_account_session.start | ||
expect(@reactivate_account_session.started?).to be(true) | ||
end | ||
end | ||
|
||
describe '#suspend' do | ||
it 'sets the reactivate account object back to its defaults' do | ||
pii = {} | ||
|
||
@reactivate_account_session.start | ||
@reactivate_account_session.store_decrypted_pii(pii) | ||
|
||
expect(@reactivate_account_session.started?).to be(true) | ||
expect(@reactivate_account_session.personal_key?).to be(true) | ||
expect(@reactivate_account_session.decrypted_pii).to be(pii) | ||
|
||
@reactivate_account_session.suspend | ||
|
||
expect(@reactivate_account_session.started?).to be(false) | ||
expect(@reactivate_account_session.personal_key?).to be(false) | ||
expect(@reactivate_account_session.decrypted_pii).to eq(nil) | ||
end | ||
end | ||
|
||
describe '#store_decrypted_pii' do | ||
it 'stores the supplied object in the session and toggles `personal_key` flag' do | ||
pii = {} | ||
@reactivate_account_session.store_decrypted_pii(pii) | ||
account_reactivation_obj = user_session[:reactivate_account] | ||
expect(account_reactivation_obj[:personal_key]).to be(true) | ||
expect(account_reactivation_obj[:pii]).to eq(pii) | ||
end | ||
end | ||
|
||
describe '#personal_key?' do | ||
it 'defaults to false' do | ||
expect(@reactivate_account_session.personal_key?).to be(false) | ||
end | ||
|
||
it 'returns a boolean indicating if the user hsa validated their personal key' do | ||
@reactivate_account_session.store_decrypted_pii({}) | ||
expect(@reactivate_account_session.personal_key?).to be(true) | ||
end | ||
end | ||
|
||
describe '#decrypted_pii' do | ||
it 'returns nil as a default' do | ||
expect(@reactivate_account_session.decrypted_pii).to eq(nil) | ||
end | ||
|
||
it 'returns the pii stored in the session' do | ||
pii = {} | ||
@reactivate_account_session.store_decrypted_pii(pii) | ||
|
||
expect(@reactivate_account_session.decrypted_pii).to eq(pii) | ||
end | ||
end | ||
end |