add generic forgot password text (#2727)

Co-authored-by: Utkarsh Shukla <utkarsh7989@gmail.com>

app/controllers/users/passwords_controller.rb

@@ -1,23 +1,41 @@
 class Users::PasswordsController < Devise::PasswordsController
+  include ActionView::Helpers::TranslationHelper
+  include L10nHelper
+
   before_action :confirm_identity, only: [:create]
+
+  rescue_from 'Mongoid::Errors::DocumentNotFound', with: :user_not_found
+
   def create
     self.resource = resource_class.send_reset_password_instructions(resource_params)
     yield resource if block_given?
+
     if successfully_sent?(resource)
       resource.security_question_responses.destroy_all
+      show_generic_forgot_password_text
 
       respond_to do |format|
         format.html { respond_with({}, location: after_sending_reset_password_instructions_path_for(resource_name)) }
         format.js
       end
-
     else
       respond_with(resource)
     end
   end
 
+  def user_not_found
+    show_generic_forgot_password_text
+    redirect_to new_user_password_path
+  end
+
   private
 
+  def show_generic_forgot_password_text
+    return unless EnrollRegistry.feature_enabled?(:generic_forgot_password_text)
+
+    flash[:notice] = l10n('devise.passwords.new.generic_forgot_password_text')
+  end
+
   def user
     @user ||= User.find_by(email: params[:user][:email])
   end
@@ -38,4 +56,4 @@ def after_resetting_password_path_for(resource_name)
     root_url
     resource_name.last_portal_visited.present? ? resource_name.last_portal_visited : root_url
   end
-end
+end

db/seedfiles/translations/en/cca/devise.rb

@@ -11,5 +11,6 @@
   "en.devise.shared.links.create_account" => "Create account",
   "en.devise.shared.links.did_not_receive_confirmation_instructions" => "Didn't receive confirmation instructions",
   "en.devise.shared.links.sign_in_with_provider" => "Sign in with %{provider}",
+  "en.devise.passwords.new.generic_forgot_password_text" => "You will receive an email with instructions on how to reset your password in a few minutes if an account associated to this email exists.",
   "en.devise.sessions.signed_out_concurrent_session" => "New user login detected - you have been signed out of this session."
 }

db/seedfiles/translations/en/dc/devise.rb

@@ -11,5 +11,6 @@
   "en.devise.shared.links.create_account" => "Create account",
   "en.devise.shared.links.did_not_receive_confirmation_instructions" => "Didn't receive confirmation instructions",
   "en.devise.shared.links.sign_in_with_provider" => "Sign in with %{provider}",
+  "en.devise.passwords.new.generic_forgot_password_text" => "You will receive an email with instructions on how to reset your password in a few minutes if an account associated to this email exists.",
   "en.devise.sessions.signed_out_concurrent_session" => "New user login detected - you have been signed out of this session."
 }

spec/controllers/users/passwords_controller_spec.rb

@@ -2,22 +2,61 @@
 
 require 'rails_helper'
 
-RSpec.describe Users::PasswordsController do
-  let(:curam_user){ double("CuramUser") }
-  let(:email){ "test@example.com" }
-  let(:user) { FactoryBot.create :user}
+RSpec.describe Users::PasswordsController, dbclean: :after_each do
+  include L10nHelper
 
-  context "create" do
+  let(:curam_user) { double("CuramUser") }
+  let(:email) { "test@example.com" }
+  let(:user) { FactoryBot.create(:user, email: email) }
+  let(:incorrect_email) { "incorrect@email.com" }
 
+  context "create" do
     before(:each) do
+      allow(EnrollRegistry[:generic_forgot_password_text].feature).to receive(:is_enabled).and_return(false)
       @request.env["devise.mapping"] = Devise.mappings[:user]
       allow(CuramUser).to receive(:match_unique_login).with(email).and_return([curam_user])
       user.update_attributes!(email: email)
     end
 
-    it "should redirect to new_user_password_path" do
-      post :create, params: { user: { email: email} }
+    it "redirects to new_user_password_path" do
+      post :create, params: { user: { email: email } }
       expect(response).to have_http_status(302)
     end
+
+    context "generic forgot password text feature is disabled" do
+      let(:email2) {"test2@test.com"}
+      let(:user2) { FactoryBot.create :user, email: email2}
+
+      before do
+        allow(EnrollRegistry[:generic_forgot_password_text].feature).to receive(:is_enabled).and_return(false)
+      end
+
+      it "returns no flash notice when user is not found" do
+        post :create, params: { user: { email: incorrect_email } }
+        expect(flash[:notice]).to be_nil
+      end
+
+      it "returns the default flash notice when user is found" do
+        user2.save
+        post :create, params: { user: { email: email2} }
+        expect(flash[:notice]).to eq l10n('devise.passwords.send_instructions')
+      end
+    end
+
+    context "generic forgot password text feature is enabled" do
+      before do
+        allow(EnrollRegistry[:generic_forgot_password_text].feature).to receive(:is_enabled).and_return(true)
+      end
+
+      it "returns a generic flash notice when user is not found" do
+        post :create, params: { user: { email: incorrect_email} }
+        expect(flash[:notice]).to eq l10n('devise.passwords.new.generic_forgot_password_text')
+      end
+
+      it "returns a generic flash notice when user is found" do
+        post :create, params: { user: { email: email} }
+        expect(flash[:notice]).to eq l10n('devise.passwords.new.generic_forgot_password_text')
+      end
+    end
   end
 end

system/config/templates/features/enroll_app/enroll_app.yml

@@ -49,6 +49,9 @@ registry:
       - key: :upload_file_size_limit_in_mb
         item: <%= ENV['UPLOAD_FILE_SIZE_LIMIT_IN_MB'] || 10 %>
         is_enabled: true
+      - key: :generic_forgot_password_text
+        item: :generic_forgot_password_text
+        is_enabled: <%= ENV['GENERIC_FORGOT_PASSWORD_TEXT_IS_ENABLED'] || false %>
       - key: :prevent_concurrent_sessions
         item: :prevent_concurrent_sessions
         is_enabled: <%= ENV['PREVENT_CONCURRENT_SESSIONS_IS_ENABLED'] || false %>