From 79ccf7723b05b79809db4710d4ca09a29048e339 Mon Sep 17 00:00:00 2001 From: CatalinVoineag <11318084+CatalinVoineag@users.noreply.github.com> Date: Tue, 21 Jan 2025 13:52:38 +0000 Subject: [PATCH 1/2] Introduce candidate to wrong email address page If a candidate tries to login with the candidate email address and they have a one login email address that is different from the candidate email address. We will not allow the user to login, with one login. We will redirect the user to the wrong_email_address page. Previously we would have redirected the user to 500 error page. This page is intended to have more content helping the candidate to unstuck themselves rather than contacting support --- .../candidate_interface/errors_controller.rb | 5 ++++ app/controllers/one_login_controller.rb | 2 +- ..._email_address_used_for_candidate.html.erb | 23 +++++++++++++++++++ config/locales/candidate_interface/errors.yml | 5 ++++ config/locales/en.yml | 1 + config/routes/candidate.rb | 1 + spec/requests/one_login_controller_spec.rb | 2 +- 7 files changed, 37 insertions(+), 2 deletions(-) create mode 100644 app/views/errors/wrong_email_address_used_for_candidate.html.erb create mode 100644 config/locales/candidate_interface/errors.yml diff --git a/app/controllers/candidate_interface/errors_controller.rb b/app/controllers/candidate_interface/errors_controller.rb index e532347ceb1..c12a2865da5 100644 --- a/app/controllers/candidate_interface/errors_controller.rb +++ b/app/controllers/candidate_interface/errors_controller.rb @@ -2,6 +2,7 @@ module CandidateInterface class ErrorsController < CandidateInterfaceController skip_before_action :verify_authenticity_token skip_before_action :authenticate_candidate! + allow_unauthenticated_access only: [:wrong_email_address] def account_locked render 'errors/account_locked', status: :forbidden, formats: :html @@ -10,5 +11,9 @@ def account_locked def not_found render 'errors/not_found', status: :not_found, formats: :html end + + def wrong_email_address + render 'errors/wrong_email_address_used_for_candidate', status: :forbidden, formats: :html + end end end diff --git a/app/controllers/one_login_controller.rb b/app/controllers/one_login_controller.rb index f704546f1de..6e903567f7f 100644 --- a/app/controllers/one_login_controller.rb +++ b/app/controllers/one_login_controller.rb @@ -74,7 +74,7 @@ def sign_out def sign_out_complete if session[:session_error_id].present? reset_session - redirect_to internal_server_error_path + redirect_to candidate_interface_wrong_email_address_path else redirect_to candidate_interface_create_account_or_sign_in_path end diff --git a/app/views/errors/wrong_email_address_used_for_candidate.html.erb b/app/views/errors/wrong_email_address_used_for_candidate.html.erb new file mode 100644 index 00000000000..f18840fd019 --- /dev/null +++ b/app/views/errors/wrong_email_address_used_for_candidate.html.erb @@ -0,0 +1,23 @@ +<%= content_for :title, t('page_titles.there_is_a_problem') %> + +
+
+

<%= t('page_titles.there_is_a_problem') %>

+
+ <%= t( + '.body_html', + button_link: render( + ButtonToAsLinkComponent.new( + name: t('.sign_in'), + path: OneLogin.bypass? ? '/auth/one-login-developer' : '/auth/one_login', + ), + ), + ) %> +
+ +

+ If you have any questions, please email us at + becomingateacher@digital.education.gov.uk +

+
+
diff --git a/config/locales/candidate_interface/errors.yml b/config/locales/candidate_interface/errors.yml new file mode 100644 index 00000000000..4525bfb973c --- /dev/null +++ b/config/locales/candidate_interface/errors.yml @@ -0,0 +1,5 @@ +en: + errors: + wrong_email_address_used_for_candidate: + body_html: You should use the email address you use for GOV.UK One Login to %{button_link}. + sign_in: sign in to Apply for teacher training diff --git a/config/locales/en.yml b/config/locales/en.yml index 30fdf91adf2..8c5729f1971 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -102,6 +102,7 @@ en: get_your_details_back: Get your details back dismiss: Dismiss page_titles: + there_is_a_problem: There is a problem account_recovery: Enter the code we sent to %{email} account_recovery_resend_email: Enter the new code we sent to %{email} account_recovery_request: Get your account details back diff --git a/config/routes/candidate.rb b/config/routes/candidate.rb index 6c5341ff726..32afc4e603f 100644 --- a/config/routes/candidate.rb +++ b/config/routes/candidate.rb @@ -608,6 +608,7 @@ end get '/account-locked', to: 'errors#account_locked' + get '/wrong-email-address', to: 'errors#wrong_email_address' get '/about-the-teacher-training-application-process', to: 'guidance#index', as: :guidance diff --git a/spec/requests/one_login_controller_spec.rb b/spec/requests/one_login_controller_spec.rb index 1c578387c55..b63ed16946c 100644 --- a/spec/requests/one_login_controller_spec.rb +++ b/spec/requests/one_login_controller_spec.rb @@ -199,7 +199,7 @@ "One login session error, check session_error record #{SessionError.last.id}", level: :error, ) - expect(response).to redirect_to(internal_server_error_path) + expect(response).to redirect_to(candidate_interface_wrong_email_address_path) end end From 05f8df48703f7bc90d09eb23d34ddba8ac3af845 Mon Sep 17 00:00:00 2001 From: CatalinVoineag <11318084+CatalinVoineag@users.noreply.github.com> Date: Tue, 21 Jan 2025 15:29:36 +0000 Subject: [PATCH 2/2] Use govuk_mail_to helper in wrong_email_address error view --- .../errors/wrong_email_address_used_for_candidate.html.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/errors/wrong_email_address_used_for_candidate.html.erb b/app/views/errors/wrong_email_address_used_for_candidate.html.erb index f18840fd019..7ea84edb915 100644 --- a/app/views/errors/wrong_email_address_used_for_candidate.html.erb +++ b/app/views/errors/wrong_email_address_used_for_candidate.html.erb @@ -17,7 +17,7 @@

If you have any questions, please email us at - becomingateacher@digital.education.gov.uk + <%= govuk_mail_to 'becomingateacher@digital.education.gov.uk' %>