-
-
Notifications
You must be signed in to change notification settings - Fork 927
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Mailer: Email to remind maintainers of gems with 180M+ downloads to enable MFA #3166
Mailer: Email to remind maintainers of gems with 180M+ downloads to enable MFA #3166
Conversation
1c81217
to
3bfe9c2
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Apart from test bug, LGTM.
users.each do |user| | ||
Mailer.delay.mfa_required_soon_announcement(user.id) if mx_exists?(user.email) | ||
i += 1 | ||
print format("\r%.2f%% (%d/%d) complete", i.to_f / total_users * 100.0, i, total_users) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we want to count and report failures?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point. It wouldn't hurt if we did. I think the value of counting and reporting failures is if we expect someone will do something with that information. I'd defer this to whoever will be running the task, if they'd want to action on that info.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Didn't tophat but the email copies looks good to me overall!
5b5f402
to
9d5901f
Compare
6d86cc9
to
dd0d59f
Compare
e972c08
to
19160d4
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Per Rails Guides (https://guides.rubyonrails.org/v6.1/testing.html\#the-basic-test-case), inheriting from ActionMailer::TestCase will automatically reset the ActionMailer::Base.deliveries array.
05cb8b1
to
6d263bb
Compare
@sonalkr132 The mailer is good to go for tomorrow 👍. |
Subject line and heading should be relevant to the user. For users who have MFA enabled, but simply need to stregnthen the mfa level, the copy of 'Enable MFA' is an inaccurate call to action. Therefore, the copy has been revised to better reflect an accurate CTA.
6d263bb
to
63072d5
Compare
🤷♀️ What problem are you solving?
Contributes to https://github.com/Shopify/ruby-conventions/issues/134
Closes #3164
We need to send out a reminder email on August 8, 2022 to remind maintainers of gems with 180M+ downloads to enable MFA. This mailer is crafted with a targeted approach. It's only being sent to those impacted maintainers who have yet to enable MFA (
disabled
), or have weak MFA enabled (ui_only
).📋 How will you solve this?
🔹 Create a mailer
mfa_required_soon_announcement
and a mailer view in bothHTML
andplain text
formatsdisabled
)ui_only
)🔹 Add rake task for delivering the email
rake mfa_policy:reminder_enable_mfa
🔹 Set up mailer preview
🎩 Tophat instructions
Below are the instructions for trying this out yourself:
📧 To preview the email:
rails s
) ...http://localhost:3000/rails/mailers
) to review the list of all mailers available for previewmfa_required_soon_announcement
http://localhost:3000/rails/mailers/mailer/mfa_required_soon_announcement
👤 To change the user:
MailerPreview#mfa_required_soon_announcement
.User.last.id
with a different user (e.g.User.first
)👀 Email versions
🚫 Email for users with MFA disabled
🤞 Email for users with MFA enabled (
ui_only
) -- weak MFA