diff --git a/app/services/idv/usps_mail.rb b/app/services/idv/usps_mail.rb index 54b3c5a25dd..dadb08f4b73 100644 --- a/app/services/idv/usps_mail.rb +++ b/app/services/idv/usps_mail.rb @@ -8,6 +8,7 @@ def initialize(current_user) end def mail_spammed? + return false if user_mail_events.empty? max_events? && updated_within_last_month? end @@ -23,7 +24,7 @@ def user_mail_events end def max_events? - user_mail_events.count == MAX_MAIL_EVENTS + user_mail_events.size == MAX_MAIL_EVENTS end def updated_within_last_month? diff --git a/config/application.yml.example b/config/application.yml.example index cbf9646699d..ed77a790236 100644 --- a/config/application.yml.example +++ b/config/application.yml.example @@ -180,6 +180,7 @@ test: idp_sso_target_url: 'http://identityprovider.example.com/saml/auth' logins_per_ip_limit: '2' logins_per_ip_period: '60' + max_mail_events: '2' newrelic_license_key: 'xxx' otp_delivery_blocklist_bantime: '1' otp_delivery_blocklist_findtime: '1' diff --git a/config/initializers/figaro.rb b/config/initializers/figaro.rb index 77346d9a249..6764f8983e8 100644 --- a/config/initializers/figaro.rb +++ b/config/initializers/figaro.rb @@ -11,6 +11,8 @@ 'idp_sso_target_url', 'logins_per_ip_limit', 'logins_per_ip_period', + 'max_mail_events', + 'max_mail_events_window_in_days', 'min_password_score', 'otp_delivery_blocklist_bantime', 'otp_delivery_blocklist_findtime', diff --git a/spec/controllers/verify/review_controller_spec.rb b/spec/controllers/verify/review_controller_spec.rb index 389a80473f5..2443d8c6d01 100644 --- a/spec/controllers/verify/review_controller_spec.rb +++ b/spec/controllers/verify/review_controller_spec.rb @@ -188,23 +188,15 @@ def show context 'user has not requested too much mail' do before do idv_session.address_verification_mechanism = 'usps' - Event.create(event_type: :usps_mail_sent, user: user, updated_at: 2.months.ago) - Event.create(event_type: :usps_mail_sent, user: user, updated_at: 1.week.ago) - Event.create(event_type: :usps_mail_sent, user: user, updated_at: 1.day.ago) - Event.create(event_type: :usps_mail_sent, user: user, updated_at: 1.hour.ago) + usps_mail_service = instance_double(Idv::UspsMail) + allow(Idv::UspsMail).to receive(:new).with(user).and_return(usps_mail_service) + allow(usps_mail_service).to receive(:mail_spammed?).and_return(false) end - it 'does not display a success message' do - get :new - - expect(flash.now[:success]).to eq( - t('idv.messages.mail_sent') - ) - end - - it 'displays a helpful error message' do + it 'displays a success message' do get :new + expect(flash.now[:success]).to eq t('idv.messages.mail_sent') expect(flash.now[:error]).to be_nil end end @@ -212,24 +204,16 @@ def show context 'user has requested too much mail' do before do idv_session.address_verification_mechanism = 'usps' - Event.create(event_type: :usps_mail_sent, user: user, updated_at: 2.weeks.ago) - Event.create(event_type: :usps_mail_sent, user: user, updated_at: 1.week.ago) - Event.create(event_type: :usps_mail_sent, user: user, updated_at: 1.day.ago) - Event.create(event_type: :usps_mail_sent, user: user, updated_at: 1.hour.ago) - end - - it 'does not display a success message' do - get :new - - expect(flash.now[:success]).to be_nil + usps_mail_service = instance_double(Idv::UspsMail) + allow(Idv::UspsMail).to receive(:new).with(user).and_return(usps_mail_service) + allow(usps_mail_service).to receive(:mail_spammed?).and_return(true) end it 'displays a helpful error message' do get :new - expect(flash.now[:error]).to eq( - t('idv.errors.mail_limit_reached') - ) + expect(flash.now[:error]).to eq t('idv.errors.mail_limit_reached') + expect(flash.now[:success]).to be_nil end end end diff --git a/spec/services/idv/usps_mail_spec.rb b/spec/services/idv/usps_mail_spec.rb index 2c8fa738800..576a952ec1e 100644 --- a/spec/services/idv/usps_mail_spec.rb +++ b/spec/services/idv/usps_mail_spec.rb @@ -6,26 +6,39 @@ describe '#mail_spammed?' do context 'when no mail has been sent' do - it 'is never spammed' do + it 'returns false' do + expect(subject.mail_spammed?).to eq false + end + end + + context 'when the amount of sent mail is lower than the allowed maximum' do + it 'returns false' do + Event.create(event_type: :usps_mail_sent, user: user) + expect(subject.mail_spammed?).to eq false end end context 'when too much mail has been sent' do - it 'is spammed if all the updates have been within the last month' do + it 'returns true if the oldest event was within the last month' do Event.create(event_type: :usps_mail_sent, user: user, updated_at: 2.weeks.ago) Event.create(event_type: :usps_mail_sent, user: user, updated_at: 1.week.ago) - Event.create(event_type: :usps_mail_sent, user: user, updated_at: 1.day.ago) - Event.create(event_type: :usps_mail_sent, user: user, updated_at: 1.hour.ago) expect(subject.mail_spammed?).to eq true end - it 'is not spammed if the most distant update was more than a month ago' do + it 'returns false if the oldest event was more than a month ago' do + Event.create(event_type: :usps_mail_sent, user: user, updated_at: 2.weeks.ago) Event.create(event_type: :usps_mail_sent, user: user, updated_at: 2.months.ago) - Event.create(event_type: :usps_mail_sent, user: user, updated_at: 1.week.ago) - Event.create(event_type: :usps_mail_sent, user: user, updated_at: 1.day.ago) - Event.create(event_type: :usps_mail_sent, user: user, updated_at: 1.hour.ago) + + expect(subject.mail_spammed?).to eq false + end + end + + context 'when MAX_MAIL_EVENTS or MAIL_EVENTS_WINDOW_DAYS are zero' do + it 'returns false' do + stub_const 'Idv::UspsMail::MAX_MAIL_EVENTS', 0 + stub_const 'Idv::UspsMail::MAIL_EVENTS_WINDOW_DAYS', 0 expect(subject.mail_spammed?).to eq false end