Allow users to update their email address (#1745)

* Change email address

* Email confirmation

* Email change test

* Lint

* Schema reset

* Set test email sender

* Select specific user fixture

* Refactor/cleanup

* Remove unused email_confirmation_token

* Current user would never be true

* Fix translation test failures

app/controllers/email_confirmations_controller.rb

@@ -0,0 +1,18 @@
+class EmailConfirmationsController < ApplicationController
+  skip_before_action :set_request_details, only: :new
+  skip_authentication only: :new
+
+  def new
+    # Returns nil if the token is invalid OR expired
+    @user = User.find_by_token_for(:email_confirmation, params[:token])
+
+    if @user&.unconfirmed_email && @user&.update(
+      email: @user.unconfirmed_email,
+      unconfirmed_email: nil
+    )
+      redirect_to new_session_path, notice: t(".success_login")
+    else
+      redirect_to root_path, alert: t(".invalid_token")
+    end
+  end
+end

app/controllers/settings/hostings_controller.rb

@@ -22,6 +22,10 @@ class Settings::HostingsController < SettingsController
       Setting.require_invite_for_signup = hosting_params[:require_invite_for_signup]
     end
 
+    if hosting_params.key?(:require_email_confirmation)
+      Setting.require_email_confirmation = hosting_params[:require_email_confirmation]
+    end
+
     if hosting_params.key?(:synth_api_key)
       Setting.synth_api_key = hosting_params[:synth_api_key]
     end
@@ -34,7 +38,7 @@ class Settings::HostingsController < SettingsController
 
   private
     def hosting_params
-      params.require(:setting).permit(:render_deploy_hook, :upgrades_setting, :require_invite_for_signup, :synth_api_key)
+      params.require(:setting).permit(:render_deploy_hook, :upgrades_setting, :require_invite_for_signup, :require_email_confirmation, :synth_api_key)
     end
 
     def raise_if_not_self_hosted

app/controllers/users_controller.rb

@@ -4,10 +4,23 @@ class UsersController < ApplicationController
   def update
     @user = Current.user
 
-    @user.update!(user_params.except(:redirect_to, :delete_profile_image))
-    @user.profile_image.purge if should_purge_profile_image?
+    if email_changed?
+      if @user.initiate_email_change(user_params[:email])
+        if Rails.application.config.app_mode.self_hosted? && !Setting.require_email_confirmation
+          handle_redirect(t(".success"))
+        else
+          redirect_to settings_profile_path, notice: t(".email_change_initiated")
+        end
+      else
+        error_message = @user.errors.any? ? @user.errors.full_messages.to_sentence : t(".email_change_failed")
+        redirect_to settings_profile_path, alert: error_message
+      end
+    else
+      @user.update!(user_params.except(:redirect_to, :delete_profile_image))
+      @user.profile_image.purge if should_purge_profile_image?
 
-    handle_redirect(t(".success"))
+      handle_redirect(t(".success"))
+    end
   end
 
   def destroy
@@ -38,9 +51,13 @@ class UsersController < ApplicationController
         user_params[:profile_image].blank?
     end
 
+    def email_changed?
+      user_params[:email].present? && user_params[:email] != @user.email
+    end
+
     def user_params
       params.require(:user).permit(
-        :first_name, :last_name, :profile_image, :redirect_to, :delete_profile_image, :onboarded_at,
+        :first_name, :last_name, :email, :profile_image, :redirect_to, :delete_profile_image, :onboarded_at,
         family_attributes: [ :name, :currency, :country, :locale, :date_format, :timezone, :id, :data_enrichment_enabled ]
       )
     end