diff --git a/app/controllers/verification/email_controller.rb b/app/controllers/verification/email_controller.rb
index 2fe232576..1c07b1457 100644
--- a/app/controllers/verification/email_controller.rb
+++ b/app/controllers/verification/email_controller.rb
@@ -1,6 +1,6 @@
class Verification::EmailController < ApplicationController
before_action :authenticate_user!
- before_action :set_verified_user
+ before_action :set_verified_user, only: :create
skip_authorization_check
def show
@@ -26,6 +26,10 @@ class Verification::EmailController < ApplicationController
private
def set_verified_user
- @verified_user = VerifiedUser.by_user(current_user).by_email(params[:recipient]).first
+ @verified_user = VerifiedUser.by_user(current_user).where(id: verified_user_params[:id]).first
+ end
+
+ def verified_user_params
+ params.require(:verified_user).permit(:id)
end
end
\ No newline at end of file
diff --git a/app/controllers/verification/sms_controller.rb b/app/controllers/verification/sms_controller.rb
index 9e18453ad..8b4d24b9f 100644
--- a/app/controllers/verification/sms_controller.rb
+++ b/app/controllers/verification/sms_controller.rb
@@ -2,6 +2,7 @@ class Verification::SmsController < ApplicationController
before_action :authenticate_user!
before_action :verify_resident!
before_action :verify_attemps_left!, only: [:new, :create]
+ before_action :set_phone, only: :create
skip_authorization_check
@@ -10,7 +11,7 @@ class Verification::SmsController < ApplicationController
end
def create
- @sms = Verification::Sms.new(sms_params.merge(user: current_user))
+ @sms = Verification::Sms.new(phone: @phone, user: current_user)
if @sms.save
redirect_to edit_sms_path, notice: t('verification.sms.create.flash.success')
else
@@ -44,6 +45,19 @@ class Verification::SmsController < ApplicationController
params.require(:sms).permit(:phone, :confirmation_code)
end
+ def set_phone
+ if verified_user
+ @phone = @verified_user.phone
+ else
+ @phone = sms_params[:phone]
+ end
+ end
+
+ def verified_user
+ return false unless params[:verified_user]
+ @verified_user = VerifiedUser.by_user(current_user).where(id: params[:verified_user][:id]).first
+ end
+
def redirect_to_next_path
current_user.reload
if current_user.level_three_verified?
diff --git a/app/helpers/verification_helper.rb b/app/helpers/verification_helper.rb
index a7615801e..7d300c5c9 100644
--- a/app/helpers/verification_helper.rb
+++ b/app/helpers/verification_helper.rb
@@ -6,4 +6,19 @@ module VerificationHelper
[t('verification.residence.new.document_type.residence_card'), 3]]
end
+ def mask_phone(number)
+ match = number.match /\d{3}$/
+ "******#{match}"
+ end
+
+ def mask_email(string)
+ match = string.match /^(\w{1,3})(.*)@(.*)/
+
+ data_to_display = match[1]
+ data_to_mask = match[2]
+ email_provider = match[3]
+
+ data_to_display + "*"*data_to_mask.size + "@" + email_provider
+ end
+
end
\ No newline at end of file
diff --git a/app/views/verification/email/_form.html.erb b/app/views/verification/email/_form.html.erb
deleted file mode 100644
index 7314e568c..000000000
--- a/app/views/verification/email/_form.html.erb
+++ /dev/null
@@ -1,4 +0,0 @@
-<%= form_for Verification::Email.new(verified_user), as: "email", url: email_path, method: :post do |f| %>
- <%= hidden_field_tag :recipient, verified_user.email %>
- <%= f.submit t('verification.email.form.submit_button') %>
-<% end %>
\ No newline at end of file
diff --git a/app/views/verification/sms/_form.html.erb b/app/views/verification/sms/_form.html.erb
deleted file mode 100644
index 9aaaa1495..000000000
--- a/app/views/verification/sms/_form.html.erb
+++ /dev/null
@@ -1,5 +0,0 @@
-<%= form_for sms, as: "sms", url: sms_path do |f| %>
- <%= render 'shared/errors', resource: sms %>
- <%= f.hidden_field :phone %>
- <%= f.submit t('verification.sms.form.submit_button') %>
-<% end %>
\ No newline at end of file
diff --git a/app/views/verification/verified_user/_form.html.erb b/app/views/verification/verified_user/_form.html.erb
new file mode 100644
index 000000000..286bb38ba
--- /dev/null
+++ b/app/views/verification/verified_user/_form.html.erb
@@ -0,0 +1,4 @@
+<%= form_for verified_user, url: url, method: :post do |f| %>
+ <%= f.hidden_field :id %>
+ <%= f.submit t('verification.verified_user.form.submit_button') %>
+<% end %>
\ No newline at end of file
diff --git a/app/views/verification/verified_user/show.html.erb b/app/views/verification/verified_user/show.html.erb
index 53f871c76..a5a3915f3 100644
--- a/app/views/verification/verified_user/show.html.erb
+++ b/app/views/verification/verified_user/show.html.erb
@@ -10,10 +10,10 @@
<% if verified_user.email.present? %>
- <%= verified_user.email %>
+ <%= mask_email(verified_user.email) %>
- <%= render '/verification/email/form', verified_user: verified_user %>
+ <%= render 'form', url: email_path, verified_user: verified_user %>
@@ -29,10 +29,10 @@
<% if verified_user.phone.present? %>
- <%= verified_user.phone %>
+ <%= mask_phone(verified_user.phone) %>
- <%= render '/verification/sms/form', sms: Verification::Sms.new(phone: verified_user.phone) %>
+ <%= render 'form', url: sms_path, verified_user: verified_user %>
diff --git a/config/locales/verification.en.yml b/config/locales/verification.en.yml
index 79e08f328..5c83612e2 100644
--- a/config/locales/verification.en.yml
+++ b/config/locales/verification.en.yml
@@ -36,8 +36,6 @@ en:
success: 'Correct code. You are now a verified user'
level_two:
success: 'Correct code'
- form:
- submit_button: Send
alert:
verify_attemps_left: 'You have reached the maximum number of sms verification tries'
email:
@@ -51,8 +49,6 @@ en:
success: "We have send you a confirmation email to your email account: %{email}"
alert:
failure: "There was a problem sending you an email to your account"
- form:
- submit_button: Send
letter:
new:
title: Final Verification
@@ -71,4 +67,5 @@ en:
email_title: Emails
phone_title: Phones
use_another_phone: Use another phone
-
+ form:
+ submit_button: Send
\ No newline at end of file
diff --git a/config/locales/verification.es.yml b/config/locales/verification.es.yml
index 39da1023d..169decc9b 100644
--- a/config/locales/verification.es.yml
+++ b/config/locales/verification.es.yml
@@ -36,8 +36,6 @@ es:
success: 'Código correcto. Ya eres un usuario verificado'
level_two:
success: 'Código incorrecto'
- form:
- submit_button: Enviar
alert:
verify_attemps_left: 'Has llegado al máximo número de intentos de verificar tu teléfono.'
email:
@@ -51,8 +49,6 @@ es:
success: "Te hemos enviado un email de confirmación a tu cuenta: %{email}"
alert:
failure: "Hubo un problema enviándote un email a tu cuenta"
- form:
- submit_button: Enviar
letter:
new:
title: Final Verification
@@ -71,3 +67,5 @@ es:
email_title: Emails
phone_title: Teléfonos
use_another_phone: Utilizar otro teléfono
+ form:
+ submit_button: Enviar
\ No newline at end of file
diff --git a/spec/features/verification/email_spec.rb b/spec/features/verification/email_spec.rb
index c886e4ff6..336f4946a 100644
--- a/spec/features/verification/email_spec.rb
+++ b/spec/features/verification/email_spec.rb
@@ -18,7 +18,7 @@ feature 'Verify email' do
visit verified_user_path
within("#verified_user_#{verified_user.id}_email") do
- expect(page).to have_content 'rock@example.com'
+ expect(page).to have_content 'roc*@example.com'
click_button "Send"
end
diff --git a/spec/features/verification/verified_user_spec.rb b/spec/features/verification/verified_user_spec.rb
index ce28ce80f..e68bb3ee1 100644
--- a/spec/features/verification/verified_user_spec.rb
+++ b/spec/features/verification/verified_user_spec.rb
@@ -26,8 +26,8 @@ feature 'Verified users' do
login_as(user)
visit verified_user_path
- expect(page).to have_content 'rock@example.com'
- expect(page).to have_content 'roll@example.com'
+ expect(page).to have_content 'roc*@example.com'
+ expect(page).to have_content 'rol*@example.com'
end
scenario "Verified phones" do
@@ -44,18 +44,18 @@ feature 'Verified users' do
create(:verified_user,
document_number: '12345678Z',
document_type: '2',
- email: '622222222')
+ phone: '622222222')
create(:verified_user,
document_number: '99999999R',
document_type: '2',
- email: '633333333')
+ phone: '633333333')
login_as(user)
visit verified_user_path
- expect(page).to have_content '611111111'
- expect(page).to have_content '622222222'
+ expect(page).to have_content '******111'
+ expect(page).to have_content '******222'
end
scenario "Select a verified email" do
diff --git a/spec/helpers/verification_helper_spec.rb b/spec/helpers/verification_helper_spec.rb
new file mode 100644
index 000000000..1673264f7
--- /dev/null
+++ b/spec/helpers/verification_helper_spec.rb
@@ -0,0 +1,24 @@
+require 'rails_helper'
+
+describe VerificationHelper do
+
+ describe "#mask_phone" do
+ it "should mask a phone" do
+ expect(mask_phone "612345678").to eq("******678")
+ end
+ end
+
+ describe "#mask_email" do
+ it "should mask a long email address" do
+ expect(mask_email "isabel@example.com").to eq("isa***@example.com")
+ expect(mask_email "antonio.perez@example.com").to eq("ant**********@example.com")
+ end
+
+ it "should mask a short email address" do
+ expect(mask_email "an@example.com").to eq("an@example.com")
+ expect(mask_email "ana@example.com").to eq("ana@example.com")
+ expect(mask_email "aina@example.com").to eq("ain*@example.com")
+ end
+ end
+
+end
\ No newline at end of file