read email_confirmation_required from the UI

app/assets/javascripts/app.js

@@ -17,7 +17,7 @@ Application.Directives = angular.module('application.directives', []);
 angular.module('application', ['ngCookies', 'ngResource', 'ngSanitize', 'ui.router', 'ui.bootstrap',
   'ngUpload', 'duScroll', 'application.filters', 'application.services', 'application.directives',
   'frapontillo.bootstrap-switch', 'application.constants', 'application.controllers', 'application.router',
-  'ui.select', 'ui.calendar', 'angularMoment', 'Devise', 'DeviseModal', 'angular-growl', 'xeditable',
+  'ui.select', 'ui.calendar', 'angularMoment', 'Devise', 'angular-growl', 'xeditable',
   'checklist-model', 'unsavedChanges', 'angular-loading-bar', 'ngTouch', 'angular-google-analytics',
   'angularUtils.directives.dirDisqus', 'summernote', 'elasticsearch', 'angular-medium-editor', 'naif.base64',
   'minicolors', 'pascalprecht.translate', 'ngFitText', 'ngAside', 'ngCapsLock', 'vcRecaptcha', 'ui.codemirror',
@@ -81,8 +81,6 @@ angular.module('application', ['ngCookies', 'ngResource', 'ngSanitize', 'ui.rout
         $state.prevParams = fromParams;
       });
 
-      // Global config: if true, user must confirm his email to sign in
-      $rootScope.userConfirmationNeededToSignIn = Fablab.userConfirmationNeededToSignIn;
       // Global config: if true, wallet will be disabled
       $rootScope.fablabWithoutWallet = Fablab.fablabWithoutWallet;
 

app/assets/javascripts/controllers/application.js.erb

@@ -92,7 +92,7 @@ Application.Controllers.controller('ApplicationController', ['$rootScope', '$sco
         templateUrl: '<%= asset_path "shared/signupModal.html" %>',
         size: 'md',
         resolve: {
-          settingsPromise: ['Setting', function (Setting) { return Setting.query({ names: "['phone_required', 'recaptcha_site_key']" }).$promise; }]
+          settingsPromise: ['Setting', function (Setting) { return Setting.query({ names: "['phone_required', 'recaptcha_site_key', 'confirmation_required']" }).$promise; }]
         },
         controller: ['$scope', '$uibModalInstance', 'Group', 'CustomAsset', 'settingsPromise', 'growl', '_t', function ($scope, $uibModalInstance, Group, CustomAsset, settingsPromise, growl, _t) {
           // default parameters for the date picker in the account creation modal
@@ -153,7 +153,7 @@ Application.Controllers.controller('ApplicationController', ['$rootScope', '$sco
             return Auth.register($scope.user).then(function (user) {
               if (user.id) {
                 // creation successful
-                $uibModalInstance.close(user);
+                $uibModalInstance.close({ user, settings: settingsPromise });
               } else {
                 // the user was not saved in database, something wrong occurred
                 growl.error(_t('app.public.common.unexpected_error_occurred'));
@@ -174,13 +174,13 @@ Application.Controllers.controller('ApplicationController', ['$rootScope', '$sco
             });
           };
         }]
-      }).result['finally'](null).then(function (user) {
+      }).result['finally'](null).then(function (res) {
         // when the account was created successfully, set the session to the newly created account
-        if(Fablab.userConfirmationNeededToSignIn) {
+        if(res.settings.confirmation_required) {
           Auth._currentUser = null;
           growl.info(_t('app.public.common.you_will_receive_confirmation_instructions_by_email_detailed'));
         } else {
-          $scope.setCurrentUser(user);
+          $scope.setCurrentUser(res.user);
         }
       });
       <% end %>
@@ -409,8 +409,15 @@ Application.Controllers.controller('ApplicationController', ['$rootScope', '$sco
       return $uibModal.open({
         templateUrl: '<%= asset_path "shared/deviseModal.html" %>',
         size: 'sm',
-        controller: ['$scope', '$uibModalInstance', '_t', function ($scope, $uibModalInstance, _t) {
+        resolve: {
+          settingsPromise: ['Setting', function (Setting) { return Setting.query({ names: "['confirmation_required']" }).$promise; }]
+        },
+        controller: ['$scope', '$uibModalInstance', '_t', 'settingsPromise', function ($scope, $uibModalInstance, _t, settingsPromise) {
           const user = ($scope.user = {});
+
+          // email confirmation required before user sign-in?
+          $scope.confirmationRequired = settingsPromise.confirmation_required;
+
           $scope.login = function () {
             Auth.login(user).then(function (user) {
               // Authentication succeeded ...
@@ -441,7 +448,7 @@ Application.Controllers.controller('ApplicationController', ['$rootScope', '$sco
             return $uibModalInstance.dismiss('confirmationNew');
           };
 
-          return $scope.openResetPassword = function (e) {
+          $scope.openResetPassword = function (e) {
             e.preventDefault();
             return $uibModalInstance.dismiss('resetPassword');
           };

app/assets/javascripts/router.js.erb

@@ -1032,7 +1032,7 @@ angular.module('application.router', ['ui.router'])
                        'space_explications_alert', 'booking_window_start', 'booking_window_end', 'events_in_calendar', \
                        'booking_move_enable', 'booking_move_delay', 'booking_cancel_enable', 'feature_tour_display', \
                        'booking_cancel_delay', 'main_color', 'secondary_color', 'spaces_module', 'twitter_analytics', \
-                       'fablab_name', 'name_genre', 'reminder_enable', 'plans_module', \
+                       'fablab_name', 'name_genre', 'reminder_enable', 'plans_module', 'confirmation_required', \
                        'reminder_delay', 'visibility_yearly', 'visibility_others', \
                        'display_name_enable', 'machines_sort_by', 'fab_analytics', \
                        'link_name', 'home_content', 'home_css', 'phone_required']` }).$promise;

app/assets/templates/admin/settings/general.html

@@ -422,6 +422,20 @@
         </text-setting>
       </div>
     </div>
+      <div class="row">
+          <h3 class="m-l" translate>{{ 'app.admin.settings.account_confirmation' }}</h3>
+          <p class="alert alert-warning m-h-md" translate>
+              {{ 'app.admin.settings.confirmation_required_info' }}
+          </p>
+          <div class="col-md-10 col-md-offset-1">
+              <boolean-setting name="confirmation_required"
+                               settings="allSettings"
+                               label="app.admin.settings.confirmation_is_required"
+                               yes-label="app.shared.buttons.yes"
+                               no-label="app.shared.buttons.no">
+              </boolean-setting>
+          </div>
+      </div>
   </div>
 </div>
 

app/assets/templates/shared/deviseModal.html.erb

@@ -42,7 +42,7 @@
                          ng-minlength="8"/>
                 </div>
                 <a href="#" ng-click="openResetPassword($event)" class="text-xs">{{ 'app.public.common.password_forgotten' | translate }}</a>
-                <span ng-if="userConfirmationNeededToSignIn">
+                <span ng-if="confirmationRequired">
                   <br><a href="#" ng-click="openConfirmationNewModal($event)" class="text-xs">{{ 'app.public.common.confirm_my_account' | translate }}</a>
                 </span>
                 <div class="alert alert-warning m-t-sm m-b-none text-xs p-sm" ng-show='isCapsLockOn' role="alert">

app/models/setting.rb

@@ -100,7 +100,8 @@ class Setting < ApplicationRecord
                              stripe_public_key
                              stripe_secret_key
                              stripe_currency
-                             invoice_prefix] }
+                             invoice_prefix
+                             confirmation_required] }
   # WARNING: when adding a new key, you may also want to add it in app/policies/setting_policy.rb#public_whitelist
 
   def value

app/models/user.rb

@@ -341,7 +341,7 @@ class User < ApplicationRecord
   end
 
   def confirmation_required?
-    Rails.application.secrets.user_confirmation_needed_to_sign_in ? super : false
+    Setting.get('confirmation_required') ? super : false
   end
 
   private

app/policies/setting_policy.rb

@@ -38,7 +38,7 @@ class SettingPolicy < ApplicationPolicy
        fablab_name name_genre event_explications_alert space_explications_alert link_name home_content phone_required
        tracking_id book_overlapping_slots slot_duration events_in_calendar spaces_module plans_module invoicing_module
        recaptcha_site_key feature_tour_display disqus_shortname allowed_cad_extensions openlab_app_id openlab_default
-       online_payment_module stripe_public_key]
+       online_payment_module stripe_public_key confirmation_required]
   end
 
   ##

app/views/application/index.html.erb

@@ -47,7 +47,6 @@
       Fablab.weekStartingDay = <%= Date.parse(Rails.application.secrets.week_starting_day).strftime('%w') %>;
       Fablab.d3DateFormat = "<%= Rails.application.secrets.d3_date_format %>";
       Fablab.uibDateFormat = "<%= Rails.application.secrets.uib_date_format %>";
-      Fablab.userConfirmationNeededToSignIn = ('<%= Rails.application.secrets.user_confirmation_needed_to_sign_in %>' === 'true');
 
       // feature tour (used when feature_tour_display = session)
       Fablab.sessionTours = [];

config/locales/app.admin.en.yml

@@ -1106,6 +1106,9 @@ en:
         openlab_default: "default gallery view"
         online_payment_module: "online payment module"
         stripe_currency: "Stripe currency"
+        account_confirmation: "Account confirmation"
+        confirmation_required_info: "Optionally, you can force the users to confirm their email address before being able to access Fab-manager."
+        confirmation_is_required: "Confirmation required"
         general:
           general: "General"
           title: "Title"

config/locales/app.admin.fr.yml

@@ -1106,6 +1106,9 @@ fr:
         openlab_default: "l'affichage par défaut de la galerie"
         online_payment_module: "module de paiement en ligne"
         stripe_currency: "la devise Stripe"
+        account_confirmation: "Confirmation de compte"
+        confirmation_required_info: "De manière optionnelle, vous pouvez forcer les utilisateurs à confirmer leur adresse électronique avant de pouvoir accéder à Fab-manager."
+        confirmation_is_required: "Confirmation requise"
         general:
           general: "Général"
           title: "Titre"

config/secrets.yml

@@ -13,7 +13,6 @@
 development:
   secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
   fablab_without_wallet: <%= ENV["FABLAB_WITHOUT_WALLET"] %>
-  user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %>
   default_host: <%= ENV["DEFAULT_HOST"] %>
   default_protocol: <%= ENV["DEFAULT_PROTOCOL"] %>
   time_zone: <%= ENV["TIME_ZONE"] %>
@@ -42,7 +41,6 @@ development:
 test:
   secret_key_base: 83daf5e7b80d990f037407bab78dff9904aaf3c195a50f84fa8695a22287e707dfbd9524b403b1dcf116ae1d8c06844c3d7ed942564e5b46be6ae3ead93a9d30
   fablab_without_wallet: false
-  user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %>
   default_host: <%= ENV["DEFAULT_HOST"] %>
   default_protocol: <%= ENV["DEFAULT_PROTOCOL"] %>
   time_zone: Paris
@@ -71,7 +69,6 @@ test:
 staging:
   secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
   fablab_without_wallet: <%= ENV["FABLAB_WITHOUT_WALLET"] %>
-  user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %>
   default_host: <%= ENV["DEFAULT_HOST"] %>
   default_protocol: <%= ENV["DEFAULT_PROTOCOL"] %>
   delivery_method: <%= ENV['DELIVERY_METHOD'] %>
@@ -111,7 +108,6 @@ staging:
 production:
   secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
   fablab_without_wallet: <%= ENV["FABLAB_WITHOUT_WALLET"] %>
-  user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %>
   default_host: <%= ENV["DEFAULT_HOST"] %>
   default_protocol: <%= ENV["DEFAULT_PROTOCOL"] %>
   delivery_method: <%= ENV['DELIVERY_METHOD'] %>

db/seeds.rb

@@ -884,6 +884,8 @@ Setting.set('stripe_currency', 'EUR') unless Setting.find_by(name: 'stripe_curre
 
 Setting.set('invoice_prefix', 'FabManager_invoice') unless Setting.find_by(name: 'invoice_prefix').try(:value)
 
+Setting.set('confirmation_required', false) unless Setting.find_by(name: 'confirmation_required').try(:value)
+
 if StatisticCustomAggregation.count.zero?
   # available reservations hours for machines
   machine_hours = StatisticType.find_by(key: 'hour', statistic_index_id: 2)

doc/environment.md

@@ -57,12 +57,6 @@ You can generate such a random key by running `rails secret`.
 
 If set to 'true', the wallet will be disabled.
 This is useful if you won't use wallet system.
-<a name="USER_CONFIRMATION_NEEDED_TO_SIGN_IN"></a>
-
-    USER_CONFIRMATION_NEEDED_TO_SIGN_IN
-
-If set to 'true' the users will need to confirm their email address to be able to sign in.
-Set to 'false' if you don't want this behaviour.
 <a name="DELIVERY_METHOD"></a>
 
     DELIVERY_METHOD

env.example

@@ -11,8 +11,6 @@ SECRET_KEY_BASE=83daf5e7b80d990f037407bab78dff9904aaf3c195a50f84fa8695a22287e707
 # FabLab optional modules=
 FABLAB_WITHOUT_WALLET=false
 
-USER_CONFIRMATION_NEEDED_TO_SIGN_IN=false
-
 # Configure carefully!
 DEFAULT_HOST=localhost:5000
 DEFAULT_PROTOCOL=http

lib/tasks/fablab/setup.rake

@@ -130,7 +130,8 @@ namespace :fablab do
         %w[_ STRIPE_PUBLISHABLE_KEY stripe_public_key],
         %w[_ STRIPE_API_KEY stripe_secret_key],
         %w[_ STRIPE_CURRENCY stripe_currency],
-        %w[_ INVOICE_PREFIX invoice_prefix FabManager_invoice]
+        %w[_ INVOICE_PREFIX invoice_prefix FabManager_invoice],
+        %w[_ USER_CONFIRMATION_NEEDED_TO_SIGN_IN confirmation_required false]
       ]
 
       mapping.each do |m|

setup/setup.sh

@@ -235,7 +235,7 @@ configure_env_file()
   local doc variables secret
   doc=$(\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/doc/environment.md)
   variables=(FABLAB_WITHOUT_WALLET \
-   USER_CONFIRMATION_NEEDED_TO_SIGN_IN DEFAULT_HOST DEFAULT_PROTOCOL DELIVERY_METHOD SMTP_ADDRESS SMTP_PORT SMTP_USER_NAME SMTP_PASSWORD SMTP_AUTHENTICATION \
+   DEFAULT_HOST DEFAULT_PROTOCOL DELIVERY_METHOD SMTP_ADDRESS SMTP_PORT SMTP_USER_NAME SMTP_PASSWORD SMTP_AUTHENTICATION \
    SMTP_ENABLE_STARTTLS_AUTO SMTP_OPENSSL_VERIFY_MODE SMTP_TLS \
    LOG_LEVEL MAX_IMAGE_SIZE MAX_CAO_SIZE MAX_IMPORT_SIZE DISK_SPACE_MB_ALERT \
    SUPERADMIN_EMAIL APP_LOCALE RAILS_LOCALE MOMENT_LOCALE SUMMERNOTE_LOCALE ANGULAR_LOCALE FULLCALENDAR_LOCALE ELASTICSEARCH_LANGUAGE_ANALYZER TIME_ZONE \

test/fixtures/history_values.yml

@@ -669,3 +669,11 @@ history_value_70:
   name: FabManager_invoice
   created_at: 2020-06-15 10:04:06.216541000 Z
   updated_at: 2020-06-15 10:04:06.216541000 Z
+
+history_value_71:
+  id: 71
+  setting_id: 71
+  value: 1
+  name: false
+  created_at: 2020-06-15 10:04:06.216541000 Z
+  updated_at: 2020-06-15 10:04:06.216541000 Z

test/fixtures/settings.yml

@@ -412,3 +412,10 @@ setting_70:
   name: invoice_prefix
   created_at: 2020-06-15 10:04:06.216541000 Z
   updated_at: 2020-06-15 10:04:06.216541000 Z
+
+setting_71:
+  id: 71
+  name: confirmation_required
+  created_at: 2020-06-15 10:04:06.216541000 Z
+  updated_at: 2020-06-15 10:04:06.216541000 Z
+

vendor/assets/javascripts/devise-modal.js

@@ -1,4 +1,5 @@
 'use strict';
+// TODO remove unused?
 (function (angular) {
   var deviseModal = angular.module('DeviseModal', [
       'Devise',