From 3783d7c2cece94abc8622ed99422648697849c5f Mon Sep 17 00:00:00 2001
From: Tomas Bures <tbures@sathyasai.org>
Date: Sun, 30 Apr 2017 10:51:47 -0400
Subject: [PATCH 01/11] Halfway through extending subscriptions by selectable
 unsubscription process. Also contains changes towards better handling of
 scenarios when address is already subscribed.

---
 lib/models/forms.js                           |  28 +-
 lib/models/lists.js                           | 116 +++---
 lib/models/subscriptions.js                   | 337 ++++++++++-----
 lib/tools.js                                  |  10 +-
 routes/api.js                                 |   2 +
 routes/forms.js                               |  57 ++-
 routes/lists.js                               |  28 ++
 routes/subscription.js                        | 385 +++++++-----------
 setup/sql/upgrade-00028.sql                   |  24 ++
 views/lists/create.hbs                        |  26 +-
 views/lists/edit.hbs                          |  26 +-
 views/lists/forms/edit.hbs                    |   8 +-
 views/lists/forms/forms.hbs                   |   2 +-
 .../mail-already-subscribed-html.mjml.hbs     |  24 ++
 .../mail-already-subscribed-text.hbs          |  18 +
 .../mail-confirm-address-change-html.mjml.hbs |  17 +
 .../mail-confirm-address-change-text.hbs      |  10 +
 ...> mail-confirm-subscription-html.mjml.hbs} |   0
 ...hbs => mail-confirm-subscription-text.hbs} |   0
 .../mail-confirm-unsubscription-html.mjml.hbs |  17 +
 .../mail-confirm-unsubscription-text.hbs      |  10 +
 ...il-unsubscription-confirmed-html.mjml.hbs} |   0
 ...=> mail-unsubscription-confirmed-text.hbs} |   0
 ... web-confirm-subscription-notice.mjml.hbs} |   0
 ...web-confirm-unsubscription-notice.mjml.hbs |  13 +
 ...jml.hbs => web-subscribed-notice.mjml.hbs} |   0
 ...l.hbs => web-unsubscribed-notice.mjml.hbs} |   0
 27 files changed, 727 insertions(+), 431 deletions(-)
 create mode 100644 setup/sql/upgrade-00028.sql
 create mode 100644 views/subscription/mail-already-subscribed-html.mjml.hbs
 create mode 100644 views/subscription/mail-already-subscribed-text.hbs
 create mode 100644 views/subscription/mail-confirm-address-change-html.mjml.hbs
 create mode 100644 views/subscription/mail-confirm-address-change-text.hbs
 rename views/subscription/{mail-confirm-html.mjml.hbs => mail-confirm-subscription-html.mjml.hbs} (100%)
 rename views/subscription/{mail-confirm-text.hbs => mail-confirm-subscription-text.hbs} (100%)
 create mode 100644 views/subscription/mail-confirm-unsubscription-html.mjml.hbs
 create mode 100644 views/subscription/mail-confirm-unsubscription-text.hbs
 rename views/subscription/{mail-unsubscribe-confirmed-html.mjml.hbs => mail-unsubscription-confirmed-html.mjml.hbs} (100%)
 rename views/subscription/{mail-unsubscribe-confirmed-text.hbs => mail-unsubscription-confirmed-text.hbs} (100%)
 rename views/subscription/{web-confirm-notice.mjml.hbs => web-confirm-subscription-notice.mjml.hbs} (100%)
 create mode 100644 views/subscription/web-confirm-unsubscription-notice.mjml.hbs
 rename views/subscription/{web-subscribed.mjml.hbs => web-subscribed-notice.mjml.hbs} (100%)
 rename views/subscription/{web-unsubscribe-notice.mjml.hbs => web-unsubscribed-notice.mjml.hbs} (100%)

diff --git a/lib/models/forms.js b/lib/models/forms.js
index 940f5483..802e5706 100644
--- a/lib/models/forms.js
+++ b/lib/models/forms.js
@@ -14,22 +14,30 @@ let allowedKeys = [
     'fields_shown_on_manage',
     'layout',
     'form_input_style',
-    'mail_confirm_html',
-    'mail_confirm_text',
+    'web_subscribe',
+    'web_confirm_subscription_notice',
+    'mail_confirm_subscription_html',
+    'mail_confirm_subscription_text',
+    'mail_already_subscribed_html',
+    'mail_already_subscribed_text',
+    'web_subscribed_notice',
     'mail_subscription_confirmed_html',
     'mail_subscription_confirmed_text',
-    'mail_unsubscribe_confirmed_html',
-    'mail_unsubscribe_confirmed_text',
-    'web_confirm_notice',
-    'web_manage_address',
     'web_manage',
-    'web_subscribe',
-    'web_subscribed',
-    'web_unsubscribe_notice',
+    'web_manage_address',
+    'web_updated_notice',
     'web_unsubscribe',
-    'web_updated_notice'
+    'web_confirm_unsubscription_notice',
+    'mail_confirm_unsubscription_html',
+    'mail_confirm_unsubscription_text',
+    'mail_confirm_address_change_html',
+    'mail_confirm_address_change_text',
+    'web_unsubscribed_notice',
+    'mail_unsubscription_confirmed_html',
+    'mail_unsubscription_confirmed_text'
 ];
 
+
 module.exports.list = (listId, callback) => {
     listId = Number(listId) || 0;
 
diff --git a/lib/models/lists.js b/lib/models/lists.js
index 28304722..7ee7dcc6 100644
--- a/lib/models/lists.js
+++ b/lib/models/lists.js
@@ -7,7 +7,16 @@ let segments = require('./segments');
 let _ = require('../translate')._;
 let tableHelpers = require('../table-helpers');
 
-let allowedKeys = ['description', 'default_form', 'public_subscribe'];
+const UnsubscriptionMode = {
+    ONE_STEP: 0,
+    TWO_STEP: 1,
+    MANUAL: 2,
+    MAX: 3
+};
+
+module.exports.UnsubscriptionMode = UnsubscriptionMode;
+
+let allowedKeys = ['description', 'default_form', 'public_subscribe', 'unsubscription_mode'];
 
 module.exports.list = (start, limit, callback) => {
     tableHelpers.list('lists', ['*'], 'name', null, start, limit, callback);
@@ -99,6 +108,63 @@ module.exports.get = (id, callback) => {
     });
 };
 
+module.exports.update = (id, updates, callback) => {
+    updates = updates || {};
+    id = Number(id) || 0;
+
+    if (id < 1) {
+        return callback(new Error(_('Missing List ID')));
+    }
+
+    const data = tools.convertKeys(updates);
+
+    const keys = [];
+    const values = [];
+
+    // The update can be only partial when executed from forms/:list
+    if (!data.customFormChangeOnly) {
+        data.publicSubscribe = data.publicSubscribe ? 1 : 0;
+        data.unsubscriptionMode = Number(data.unsubscriptionMode);
+
+        let name = (data.name || '').toString().trim();
+
+        if (!name) {
+            return callback(new Error(_('List Name must be set')));
+        }
+
+        keys.push('name');
+        values.push(name);
+    }
+
+    Object.keys(data).forEach(key => {
+        let value = data[key].toString().trim();
+        key = tools.toDbKey(key);
+        if (key === 'description') {
+            value = tools.purifyHTML(value);
+        }
+        if (allowedKeys.indexOf(key) >= 0) {
+            keys.push(key);
+            values.push(value);
+        }
+    });
+
+    db.getConnection((err, connection) => {
+        if (err) {
+            return callback(err);
+        }
+
+        values.push(id);
+
+        connection.query('UPDATE lists SET ' + keys.map(key => key + '=?').join(', ') + ' WHERE id=? LIMIT 1', values, (err, result) => {
+            connection.release();
+            if (err) {
+                return callback(err);
+            }
+            return callback(null, result && result.affectedRows || false);
+        });
+    });
+};
+
 module.exports.create = (list, callback) => {
 
     let data = tools.convertKeys(list);
@@ -157,54 +223,6 @@ module.exports.create = (list, callback) => {
     });
 };
 
-module.exports.update = (id, updates, callback) => {
-    updates = updates || {};
-    id = Number(id) || 0;
-
-    let data = tools.convertKeys(updates);
-    data.publicSubscribe = data.publicSubscribe ? 1 : 0;
-
-    let name = (data.name || '').toString().trim();
-    let keys = ['name'];
-    let values = [name];
-
-    if (id < 1) {
-        return callback(new Error(_('Missing List ID')));
-    }
-
-    if (!name) {
-        return callback(new Error(_('List Name must be set')));
-    }
-
-    Object.keys(data).forEach(key => {
-        let value = data[key].toString().trim();
-        key = tools.toDbKey(key);
-        if (key === 'description') {
-            value = tools.purifyHTML(value);
-        }
-        if (allowedKeys.indexOf(key) >= 0) {
-            keys.push(key);
-            values.push(value);
-        }
-    });
-
-    db.getConnection((err, connection) => {
-        if (err) {
-            return callback(err);
-        }
-
-        values.push(id);
-
-        connection.query('UPDATE lists SET ' + keys.map(key => key + '=?').join(', ') + ' WHERE id=? LIMIT 1', values, (err, result) => {
-            connection.release();
-            if (err) {
-                return callback(err);
-            }
-            return callback(null, result && result.affectedRows || false);
-        });
-    });
-};
-
 module.exports.delete = (id, callback) => {
     id = Number(id) || 0;
 
diff --git a/lib/models/subscriptions.js b/lib/models/subscriptions.js
index 99d32be0..57169257 100644
--- a/lib/models/subscriptions.js
+++ b/lib/models/subscriptions.js
@@ -88,108 +88,109 @@ module.exports.filter = (listId, request, columns, segmentId, callback) => {
 
 };
 
-module.exports.addConfirmation = (list, email, optInIp, data, callback) => {
+module.exports.addConfirmation = (list, email, ip, data, callback) => {
     let cid = shortid.generate();
 
-    tools.validateEmail(email, false, err => {
+    db.getConnection((err, connection) => {
         if (err) {
             return callback(err);
         }
 
-        db.getConnection((err, connection) => {
+        let query = 'INSERT INTO confirmations (cid, list, email, ip, data) VALUES (?,?,?,?,?)';
+        connection.query(query, [cid, list.id, email, ip, JSON.stringify(data || {})], (err, result) => {
+            connection.release();
             if (err) {
                 return callback(err);
             }
 
-            let query = 'INSERT INTO confirmations (cid, list, email, opt_in_ip, data) VALUES (?,?,?,?,?)';
-            connection.query(query, [cid, list.id, email, optInIp, JSON.stringify(data || {})], (err, result) => {
-                connection.release();
+            if (!result || !result.affectedRows) {
+                return callback(null, false);
+            }
+
+            fields.list(list.id, (err, fieldList) => {
                 if (err) {
                     return callback(err);
                 }
 
-                if (!result || !result.affectedRows) {
-                    return callback(null, false);
-                }
+                let encryptionKeys = [];
+                fields.getRow(fieldList, data).forEach(field => {
+                    if (field.type === 'gpg' && field.value) {
+                        encryptionKeys.push(field.value.trim());
+                    }
+                });
 
-                fields.list(list.id, (err, fieldList) => {
+                settings.list(['defaultHomepage', 'defaultFrom', 'defaultAddress', 'defaultPostaddress', 'serviceUrl'], (err, configItems) => {
                     if (err) {
                         return callback(err);
                     }
 
-                    let encryptionKeys = [];
-                    fields.getRow(fieldList, data).forEach(field => {
-                        if (field.type === 'gpg' && field.value) {
-                            encryptionKeys.push(field.value.trim());
-                        }
-                    });
-
-                    settings.list(['defaultHomepage', 'defaultFrom', 'defaultAddress', 'defaultPostaddress', 'serviceUrl'], (err, configItems) => {
-                        if (err) {
-                            return callback(err);
+                    setImmediate(() => {
+                        if (data._skip) {
+                            log.info('Subscription', 'Confirmation message for %s marked to be skipped (%s)', email, JSON.stringify(data));
+                            return;
                         }
 
-                        setImmediate(() => {
-                            if (data._skip) {
-                                log.info('Subscription', 'Confirmation message for %s marked to be skipped (%s)', email, JSON.stringify(data));
-                                return;
+                        // FIXME - move to router
+                        const mailOpts = {
+                            subject: _('%s: Please Confirm Subscription'),
+                            confirmUrlRoute: '/subscription/confirm/',
+                            templateType: 'subscription'
+                        };
+
+                        let sendMail = (html, text) => {
+                            mailer.sendMail({
+                                from: {
+                                    name: configItems.defaultFrom,
+                                    address: configItems.defaultAddress
+                                },
+                                to: {
+                                    name: [].concat(data.firstName || []).concat(data.lastName || []).join(' '),
+                                    address: email
+                                },
+                                subject: util.format(mailOpts.subject, list.name),
+                                encryptionKeys
+                            }, {
+                                html,
+                                text,
+                                data: {
+                                    title: list.name,
+                                    contactAddress: configItems.defaultAddress,
+                                    defaultPostaddress: configItems.defaultPostaddress,
+                                    confirmUrl: urllib.resolve(configItems.serviceUrl, mailOpts.confirmUrlRoute + cid)
+                                }
+                            }, err => {
+                                if (err) {
+                                    log.error('Subscription', err);
+                                }
+                            });
+                        };
+
+                        let text = {
+                            template: 'subscription/mail-confirm-' + mailOpts.templateType + '-text.hbs'
+                        };
+
+                        let html = {
+                            template: 'subscription/mail-confirm-' + mailOpts.templateType + '-html.mjml.hbs',
+                            layout: 'subscription/layout.mjml.hbs',
+                            type: 'mjml'
+                        };
+
+                        helpers.injectCustomFormTemplates(list.defaultForm, { text, html }, (err, tmpl) => {
+                            if (err) {
+                                return sendMail(html, text);
                             }
 
-                            let sendMail = (html, text) => {
-                                mailer.sendMail({
-                                    from: {
-                                        name: configItems.defaultFrom,
-                                        address: configItems.defaultAddress
-                                    },
-                                    to: {
-                                        name: [].concat(data.firstName || []).concat(data.lastName || []).join(' '),
-                                        address: email
-                                    },
-                                    subject: util.format(_('%s: Please Confirm Subscription'), list.name),
-                                    encryptionKeys
-                                }, {
-                                    html,
-                                    text,
-                                    data: {
-                                        title: list.name,
-                                        contactAddress: configItems.defaultAddress,
-                                        defaultPostaddress: configItems.defaultPostaddress,
-                                        confirmUrl: urllib.resolve(configItems.serviceUrl, '/subscription/subscribe/' + cid)
-                                    }
-                                }, err => {
-                                    if (err) {
-                                        log.error('Subscription', err);
-                                    }
-                                });
-                            };
-
-                            let text = {
-                                template: 'subscription/mail-confirm-text.hbs'
-                            };
-
-                            let html = {
-                                template: 'subscription/mail-confirm-html.mjml.hbs',
-                                layout: 'subscription/layout.mjml.hbs',
-                                type: 'mjml'
-                            };
-
-                            helpers.injectCustomFormTemplates(list.defaultForm, { text, html }, (err, tmpl) => {
-                                if (err) {
-                                    return sendMail(html, text);
-                                }
-
-                                sendMail(tmpl.html, tmpl.text);
-                            });
+                            sendMail(tmpl.html, tmpl.text);
                         });
-                        return callback(null, cid);
                     });
+                    return callback(null, cid);
                 });
             });
         });
     });
 };
 
-module.exports.subscribe = (cid, optInIp, callback) => {
+module.exports.processConfirmation = (cid, ip, callback) => {
     db.getConnection((err, connection) => {
         if (err) {
             return callback(err);
@@ -215,7 +216,11 @@ module.exports.subscribe = (cid, optInIp, callback) => {
                 subscription = {};
             }
 
-            if (subscription.action === 'update' && subscription.subscriber) {
+            if (subscription._action === 'update') {
+                if (!subscription.subscriber) { // Something went terribly wrong and we don't have data that we have originally provided
+                    return callback(new Error(_('Subscriber info corrupted or missing')));
+                }
+
                 // update email address instead of adding new
                 db.getConnection((err, connection) => {
                     if (err) {
@@ -230,45 +235,57 @@ module.exports.subscribe = (cid, optInIp, callback) => {
                         }
                         connection.query('DELETE FROM confirmations WHERE `cid`=? LIMIT 1', [cid], () => {
                             connection.release();
-                            // reload full data from db in case it was an update, not insert
-                            return module.exports.getById(listId, subscription.subscriber, callback);
+                            return module.exports.getById(listId, subscription.subscriber, (err, subscriptionData) => {
+                                return callback(err, subscriptionData, subscription._action);
+                            });
                         });
                     });
                 });
                 return;
-            }
 
-            subscription.cid = cid;
-            subscription.list = listId;
-            subscription.email = email;
+            } else if (subscription._action === 'unsubscribe') {
+                // TODO
+                return;
 
-            let optInCountry = geoip.lookupCountry(optInIp) || null;
-            module.exports.insert(listId, {
-                email,
-                cid,
-                optInIp,
-                optInCountry,
-                status: 1
-            }, subscription, (err, result) => {
-                if (err) {
-                    return callback(err);
-                }
+            } else if (subscription._action === 'subscribe') {
+                subscription.cid = cid;
+                subscription.list = listId;
+                subscription.email = email;
 
-                if (!result.entryId) {
-                    return callback(new Error(_('Could not save subscription')));
-                }
-
-                db.getConnection((err, connection) => {
+                let optInCountry = geoip.lookupCountry(ip) || null;
+                module.exports.insert(listId, {
+                    email,
+                    cid,
+                    optInIp: ip,
+                    optInCountry,
+                    status: 1
+                }, subscription, (err, result) => {
                     if (err) {
                         return callback(err);
                     }
-                    connection.query('DELETE FROM confirmations WHERE `cid`=? LIMIT 1', [cid], () => {
-                        connection.release();
-                        // reload full data from db in case it was an update, not insert
-                        return module.exports.getById(listId, result.entryId, callback);
+
+                    if (!result.entryId) {
+                        return callback(new Error(_('Could not save subscription')));
+                    }
+
+                    db.getConnection((err, connection) => {
+                        if (err) {
+                            return callback(err);
+                        }
+                        connection.query('DELETE FROM confirmations WHERE `cid`=? LIMIT 1', [cid], () => {
+                            connection.release();
+                            // reload full data from db in case it was an update, not insert
+                            return module.exports.getById(listId, result.entryId, (err, subscriptionData) => {
+                                return callback(err, subscriptionData, subscription._action);
+                            });
+                        });
                     });
                 });
-            });
+
+            } else {
+                return callback(new Error(util.format(_('Subscription request corrupted - action: %s'), subscription._action)));
+            }
+
         });
     });
 };
@@ -307,6 +324,7 @@ module.exports.insert = (listId, meta, subscription, callback) => {
             }
         });
 
+        // FIXME - see issue #218
         fields.getValues(fields.getRow(fieldList, subscription, true, true, !!meta.partial), true).forEach(field => {
             keys.push(field.key);
             values.push(field.value);
@@ -377,6 +395,8 @@ module.exports.insert = (listId, meta, subscription, callback) => {
                         queryArgs = values.concat(existing.id);
                         query = 'UPDATE `subscription__' + listId + '` SET ' + keys.map(key => '`' + key + '`=?') + ' WHERE id=? LIMIT 1';
                     }
+                    console.log(query);
+                    console.log(queryArgs);
 
                     connection.query(query, queryArgs, (err, result) => {
                         if (err) {
@@ -1076,7 +1096,7 @@ module.exports.listImports = (listId, callback) => {
 };
 
 
-module.exports.updateAddress = (list, cid, updates, optInIp, callback) => {
+module.exports.updateAddress = (list, cid, updates, ip, callback) => {
     updates = tools.convertKeys(updates);
     cid = (cid || '').toString().trim();
 
@@ -1128,11 +1148,13 @@ module.exports.updateAddress = (list, cid, updates, optInIp, callback) => {
                     }
 
                     if (rows && rows[0] && rows[0].id) {
+
+
                         return callback(new Error(_('This address is already registered by someone else')));
                     }
 
-                    module.exports.addConfirmation(list, emailNew, optInIp, {
-                        action: 'update',
+                    module.exports.addConfirmation(list, emailNew, ip, {
+                        _action: 'update',
                         cid,
                         subscriber: old.id,
                         emailOld: old.email
@@ -1142,3 +1164,114 @@ module.exports.updateAddress = (list, cid, updates, optInIp, callback) => {
         });
     });
 };
+
+
+module.exports.sendMail = (listId, email, template, subject, mailOpts, subscription, callback) => {
+    db.getConnection((err, connection) => {
+        if (err) {
+            return callback(err);
+        }
+
+        lists.get(listId, (err, list) => {
+            if (!err && !list) {
+                err = new Error(_('Selected list not found'));
+                err.status = 404;
+            }
+
+            if (err) {
+                return next(err);
+            }
+
+            fields.list(list.id, (err, fieldList) => {
+                if (err) {
+                    return callback(err);
+                }
+
+                let encryptionKeys = [];
+                fields.getRow(fieldList, subscription).forEach(field => {
+                    if (field.type === 'gpg' && field.value) {
+                        encryptionKeys.push(field.value.trim());
+                    }
+                });
+
+                settings.list(['defaultHomepage', 'defaultFrom', 'defaultAddress', 'defaultPostaddress', 'serviceUrl'], (err, configItems) => {
+                    if (err) {
+                        return callback(err);
+                    }
+
+                    const data = {
+                        title: list.name,
+                        contactAddress: configItems.defaultAddress,
+                        defaultPostaddress: configItems.defaultPostaddress,
+                    };
+
+                    if (mailOpts.confirmUrlRoute) {
+                        data.confirmUrl = urllib.resolve(configItems.serviceUrl, mailOpts.confirmUrlRoute + cid)
+                    }
+
+                    function sendMail(html, text) {
+                        mailer.sendMail({
+                            from: {
+                                name: configItems.defaultFrom,
+                                address: configItems.defaultAddress
+                            },
+                            to: {
+                                name: [].concat(subscription.firstName || []).concat(subscription.lastName || []).join(' '),
+                                address: email
+                            },
+                            subject: util.format(subject, list.name),
+                            encryptionKeys
+                        }, {
+                            html,
+                            text,
+                            data
+                        }, err => {
+                            if (err) {
+                                log.error('Subscription', err);
+                            }
+                        });
+                    }
+
+                    let text = {
+                        template: 'subscription/mail-' + template + '-text.hbs'
+                    };
+
+                    let html = {
+                        template: 'subscription/mail-' + template + '-html.mjml.hbs',
+                        layout: 'subscription/layout.mjml.hbs',
+                        type: 'mjml'
+                    };
+
+                    helpers.injectCustomFormTemplates(list.defaultForm, { text, html }, (err, tmpl) => {
+                        if (err) {
+                            return sendMail(html, text);
+                        }
+
+                        sendMail(tmpl.html, tmpl.text);
+                    });
+
+                    return callback(null, cid);
+                });
+            });
+        });
+    });
+};
+
+
+/*
+FIXME
+function getUnsubscriptionMode = (listId, start, limit, callback) => {
+    listId = Number(listId) || 0;
+    if (!listId) {
+        return callback(new Error('Missing List ID'));
+    }
+
+    tableHelpers.list('subscription__' + listId, ['*'], 'email', null, start, limit, (err, rows, total) => {
+        if (!err) {
+            rows = rows.map(row => tools.convertKeys(row));
+        }
+        return callback(err, rows, total);
+    });
+};
+
+*/
\ No newline at end of file
diff --git a/lib/tools.js b/lib/tools.js
index 2c508917..49d17e44 100644
--- a/lib/tools.js
+++ b/lib/tools.js
@@ -43,7 +43,13 @@ function toDbKey(key) {
 }
 
 function fromDbKey(key) {
-    return key.replace(/[_\-]([a-z])/g, (m, c) => c.toUpperCase());
+    let prefix = '';
+    if (key.startsWith('_')) {
+        key = key.substring(1);
+        prefix = '_';
+
+    }
+    return prefix + key.replace(/[_\-]([a-z])/g, (m, c) => c.toUpperCase());
 }
 
 function convertKeys(obj, options) {
@@ -54,7 +60,7 @@ function convertKeys(obj, options) {
         if (options.skip && options.skip.indexOf(lKey) >= 0) {
             return;
         }
-        if (options.keep && options.skip.indexOf(lKey) < 0) {
+        if (options.keep && options.keep.indexOf(lKey) < 0) {
             return;
         }
         response[lKey] = obj[key];
diff --git a/routes/api.js b/routes/api.js
index ce71a7c1..671bac8f 100644
--- a/routes/api.js
+++ b/routes/api.js
@@ -93,6 +93,8 @@ router.post('/subscribe/:listId', (req, res) => {
                 subscription.tz = (input.TIMEZONE || '').toString().trim();
             }
 
+            subscription._action = 'subscribe';
+
             fields.list(list.id, (err, fieldList) => {
                 if (err && !fieldList) {
                     fieldList = [];
diff --git a/routes/forms.js b/routes/forms.js
index 17c5e896..6c3935ac 100644
--- a/routes/forms.js
+++ b/routes/forms.js
@@ -161,22 +161,32 @@ router.get('/:list/edit/:form', passport.csrfProtection, (req, res) => {
                             type: 'mjml',
                             help: helpMjmlGeneral
                         }, {
-                            name: 'web_confirm_notice',
-                            label: _('Web - Confirm Notice'),
+                            name: 'web_confirm_subscription_notice',
+                            label: _('Web - Confirm Subscription Notice'),
                             type: 'mjml',
                             help: helpMjmlGeneral
                         }, {
-                            name: 'mail_confirm_html',
+                            name: 'mail_confirm_subscription_html',
                             label: _('Mail - Confirm Subscription (MJML)'),
                             type: 'mjml',
                             help: helpMjmlGeneral
                         }, {
-                            name: 'mail_confirm_text',
+                            name: 'mail_confirm_subscription_text',
                             label: _('Mail - Confirm Subscription (Text)'),
                             type: 'text',
                             help: helpEmailText
                         }, {
-                            name: 'web_subscribed',
+                            name: 'mail_already_subscribed_html',
+                            label: _('Mail - Already Subscribed (MJML)'),
+                            type: 'mjml',
+                            help: helpMjmlGeneral
+                        }, {
+                            name: 'mail_already_subscribed_text',
+                            label: _('Mail - Already Subscribed (Text)'),
+                            type: 'text',
+                            help: helpEmailText
+                        }, {
+                            name: 'web_subscribed_notice',
                             label: _('Web - Subscribed Notice'),
                             type: 'mjml',
                             help: helpMjmlGeneral
@@ -217,18 +227,43 @@ router.get('/:list/edit/:form', passport.csrfProtection, (req, res) => {
                             type: 'mjml',
                             help: helpMjmlGeneral
                         }, {
-                            name: 'web_unsubscribe_notice',
-                            label: _('Web - Unsubscribe Notice'),
+                            name: 'web_confirm_unsubscription_notice',
+                            label: _('Web - Confirm Unsubscription Notice'),
                             type: 'mjml',
                             help: helpMjmlGeneral
                         }, {
-                            name: 'mail_unsubscribe_confirmed_html',
-                            label: _('Mail - Unsubscribe Confirmed (MJML)'),
+                            name: 'mail_confirm_unsubscription_html',
+                            label: _('Mail - Confirm Unsubscription (MJML)'),
                             type: 'mjml',
                             help: helpMjmlGeneral
                         }, {
-                            name: 'mail_unsubscribe_confirmed_text',
-                            label: _('Mail - Unsubscribe Confirmed (Text)'),
+                            name: 'mail_confirm_unsubscription_text',
+                            label: _('Mail - Confirm Unsubscription (Text)'),
+                            type: 'text',
+                            help: helpEmailText
+                        }, {
+                            name: 'mail_confirm_address_change_html',
+                            label: _('Mail - Confirm Address Change (MJML)'),
+                            type: 'mjml',
+                            help: helpMjmlGeneral
+                        }, {
+                            name: 'mail_confirm_address_change_text',
+                            label: _('Mail - Confirm Address Change (Text)'),
+                            type: 'text',
+                            help: helpEmailText
+                        }, {
+                            name: 'web_unsubscribed_notice',
+                            label: _('Web - Unsubscribed Notice'),
+                            type: 'mjml',
+                            help: helpMjmlGeneral
+                        }, {
+                            name: 'mail_unsubscription_confirmed_html',
+                            label: _('Mail - Unsubscription Confirmed (MJML)'),
+                            type: 'mjml',
+                            help: helpMjmlGeneral
+                        }, {
+                            name: 'mail_unsubscription_confirmed_text',
+                            label: _('Mail - Unsubscription Confirmed (Text)'),
                             type: 'text',
                             help: helpEmailText
                         }]
diff --git a/routes/lists.js b/routes/lists.js
index 64c1352f..4618c683 100644
--- a/routes/lists.js
+++ b/routes/lists.js
@@ -71,6 +71,8 @@ router.get('/create', passport.csrfProtection, (req, res) => {
         data.publicSubscribe = true;
     }
 
+    data.unsubscriptionModeOptions = getUnsubscriptionModeOptions(data.unsubscriptionMode || lists.UnsubscriptionMode.ONE_STEP);
+
     res.render('lists/create', data);
 });
 
@@ -103,6 +105,8 @@ router.get('/edit/:id', passport.csrfProtection, (req, res) => {
                 return row;
             });
 
+            list.unsubscriptionModeOptions = getUnsubscriptionModeOptions(list.unsubscriptionMode);
+
             list.csrfToken = req.csrfToken();
             res.render('lists/edit', list);
         });
@@ -771,4 +775,28 @@ router.post('/quicklist/ajax', (req, res) => {
     });
 });
 
+function getUnsubscriptionModeOptions(unsubscriptionMode) {
+    const options = [];
+
+    options[lists.UnsubscriptionMode.ONE_STEP] = {
+        value: lists.UnsubscriptionMode.ONE_STEP,
+        selected: unsubscriptionMode === lists.UnsubscriptionMode.ONE_STEP,
+        label: _('One-step (i.e. no email with confirmation link)')
+    };
+
+    options[lists.UnsubscriptionMode.TWO_STEP] = {
+        value: lists.UnsubscriptionMode.TWO_STEP,
+        selected: unsubscriptionMode === lists.UnsubscriptionMode.TWO_STEP,
+        label: _('Two-step (i.e. an email with confirmation link will be sent)')
+    };
+
+    options[lists.UnsubscriptionMode.MANUAL] = {
+        value: lists.UnsubscriptionMode.MANUAL,
+        selected: unsubscriptionMode === lists.UnsubscriptionMode.MANUAL,
+        label: _('Manual (i.e. unsubscription has to be performed by the list administrator)')
+    };
+
+    return options;
+}
+
 module.exports = router;
diff --git a/routes/subscription.js b/routes/subscription.js
index 0e91eb98..e8f2c5f4 100644
--- a/routes/subscription.js
+++ b/routes/subscription.js
@@ -44,8 +44,8 @@ let corsOrCsrfProtection = (req, res, next) => {
     }
 };
 
-router.get('/subscribe/:cid', (req, res, next) => {
-    subscriptions.subscribe(req.params.cid, req.ip, (err, subscription) => {
+router.get('/confirm/:cid', (req, res, next) => {
+    subscriptions.processConfirmation(req.params.cid, req.ip, (err, subscription, action) => {
         if (!err && !subscription) {
             err = new Error(_('Selected subscription not found'));
             err.status = 404;
@@ -70,40 +70,9 @@ router.get('/subscribe/:cid', (req, res, next) => {
                     return next(err);
                 }
 
-                let data = {
-                    title: list.name,
-                    homepage: configItems.defaultHomepage || configItems.serviceUrl,
-                    preferences: '/subscription/' + list.cid + '/manage/' + subscription.cid,
-                    hasPubkey: !!configItems.pgpPrivateKey,
-                    defaultAddress: configItems.defaultAddress,
-                    defaultPostaddress: configItems.defaultPostaddress,
-                    template: {
-                        template: 'subscription/web-subscribed.mjml.hbs',
-                        layout: 'subscription/layout.mjml.hbs'
-                    }
-                };
+                // FIXME - split decision based on action
 
-                helpers.injectCustomFormData(req.query.fid || list.defaultForm, 'subscription/web-subscribed', data, (err, data) => {
-                    if (err) {
-                        return next(err);
-                    }
-
-                    helpers.getMjmlTemplate(data.template, (err, htmlRenderer) => {
-                        if (err) {
-                            return next(err);
-                        }
-
-                        helpers.captureFlashMessages(req, res, (err, flash) => {
-                            if (err) {
-                                return next(err);
-                            }
-
-                            data.isWeb = true;
-                            data.flashMessages = flash;
-                            res.send(htmlRenderer(data));
-                        });
-                    });
-                });
+                res.redirect('/subscription/' + list.cid + '/subscribed-notice');
 
                 if (configItems.disableConfirmations) {
                     return;
@@ -318,164 +287,6 @@ router.get('/:cid/widget', cors(corsOptions), (req, res, next) => {
     });
 });
 
-router.get('/:cid/confirm-notice', (req, res, next) => {
-    lists.getByCid(req.params.cid, (err, list) => {
-        if (!err && !list) {
-            err = new Error(_('Selected list not found'));
-            err.status = 404;
-        }
-
-        if (err) {
-            return next(err);
-        }
-
-        settings.list(['defaultHomepage', 'serviceUrl', 'defaultAddress', 'defaultPostaddress'], (err, configItems) => {
-            if (err) {
-                return next(err);
-            }
-
-            let data = {
-                title: list.name,
-                homepage: configItems.defaultHomepage || configItems.serviceUrl,
-                defaultAddress: configItems.defaultAddress,
-                defaultPostaddress: configItems.defaultPostaddress,
-                template: {
-                    template: 'subscription/web-confirm-notice.mjml.hbs',
-                    layout: 'subscription/layout.mjml.hbs'
-                }
-            };
-
-            helpers.injectCustomFormData(req.query.fid || list.defaultForm, 'subscription/web-confirm-notice', data, (err, data) => {
-                if (err) {
-                    return next(err);
-                }
-
-                helpers.getMjmlTemplate(data.template, (err, htmlRenderer) => {
-                    if (err) {
-                        return next(err);
-                    }
-
-                    helpers.captureFlashMessages(req, res, (err, flash) => {
-                        if (err) {
-                            return next(err);
-                        }
-
-                        data.isWeb = true;
-                        data.isConfirmNotice = true;
-                        data.flashMessages = flash;
-                        res.send(htmlRenderer(data));
-                    });
-                });
-            });
-        });
-    });
-});
-
-router.get('/:cid/updated-notice', (req, res, next) => {
-    lists.getByCid(req.params.cid, (err, list) => {
-        if (!err && !list) {
-            err = new Error(_('Selected list not found'));
-            err.status = 404;
-        }
-
-        if (err) {
-            return next(err);
-        }
-
-        settings.list(['defaultHomepage', 'serviceUrl', 'defaultAddress', 'defaultPostaddress'], (err, configItems) => {
-            if (err) {
-                return next(err);
-            }
-
-            let data = {
-                title: list.name,
-                homepage: configItems.defaultHomepage || configItems.serviceUrl,
-                defaultAddress: configItems.defaultAddress,
-                defaultPostaddress: configItems.defaultPostaddress,
-                template: {
-                    template: 'subscription/web-updated-notice.mjml.hbs',
-                    layout: 'subscription/layout.mjml.hbs'
-                }
-            };
-
-            helpers.injectCustomFormData(req.query.fid || list.defaultForm, 'subscription/web-updated-notice', data, (err, data) => {
-                if (err) {
-                    return next(err);
-                }
-
-                helpers.getMjmlTemplate(data.template, (err, htmlRenderer) => {
-                    if (err) {
-                        return next(err);
-                    }
-
-                    helpers.captureFlashMessages(req, res, (err, flash) => {
-                        if (err) {
-                            return next(err);
-                        }
-
-                        data.isWeb = true;
-                        data.flashMessages = flash;
-                        res.send(htmlRenderer(data));
-                    });
-                });
-            });
-        });
-    });
-});
-
-router.get('/:cid/unsubscribe-notice', (req, res, next) => {
-    lists.getByCid(req.params.cid, (err, list) => {
-        if (!err && !list) {
-            err = new Error(_('Selected list not found'));
-            err.status = 404;
-        }
-
-        if (err) {
-            return next(err);
-        }
-
-        settings.list(['defaultHomepage', 'serviceUrl', 'defaultAddress', 'defaultPostaddress'], (err, configItems) => {
-            if (err) {
-                return next(err);
-            }
-
-            let data = {
-                title: list.name,
-                layout: 'subscription/layout',
-                homepage: configItems.defaultHomepage || configItems.serviceUrl,
-                defaultAddress: configItems.defaultAddress,
-                defaultPostaddress: configItems.defaultPostaddress,
-                template: {
-                    template: 'subscription/web-unsubscribe-notice.mjml.hbs',
-                    layout: 'subscription/layout.mjml.hbs'
-                }
-            };
-
-            helpers.injectCustomFormData(req.query.fid || list.defaultForm, 'subscription/web-unsubscribe-notice', data, (err, data) => {
-                if (err) {
-                    return next(err);
-                }
-
-                helpers.getMjmlTemplate(data.template, (err, htmlRenderer) => {
-                    if (err) {
-                        return next(err);
-                    }
-
-                    helpers.captureFlashMessages(req, res, (err, flash) => {
-                        if (err) {
-                            return next(err);
-                        }
-
-                        data.isWeb = true;
-                        data.flashMessages = flash;
-                        res.send(htmlRenderer(data));
-                    });
-                });
-            });
-        });
-    });
-});
-
 router.options('/:cid/subscribe', cors(corsOptions));
 
 router.post('/:cid/subscribe', passport.parseForm, corsOrCsrfProtection, (req, res, next) => {
@@ -496,62 +307,73 @@ router.post('/:cid/subscribe', passport.parseForm, corsOrCsrfProtection, (req, r
         return res.redirect('/subscription/' + encodeURIComponent(req.params.cid) + '?' + tools.queryParams(req.body));
     }
 
-    // Check if the subscriber seems legit. This is a really simple check, the only requirement is that
-    // the subsciber has JavaScript turned on and thats it. If Mailtrain gets more targeted then this
-    // simple check should be replaced with an actual captcha
-    let subTime = Number(req.body.sub) || 0;
-    // allow clock skew 24h in the past and 24h to the future
-    let subTimeTest = !!(subTime > Date.now() - 24 * 3600 * 1000 && subTime < Date.now() + 24 * 3600 * 1000);
-    let addressTest = !req.body.address;
-    let testsPass = subTimeTest && addressTest;
-
-    lists.getByCid(req.params.cid, (err, list) => {
-        if (!err) {
-            if (!list) {
-                err = new Error(_('Selected list not found'));
-                err.status = 404;
-            } else if (!list.publicSubscribe) {
-                err = new Error(_('The list does not allow public subscriptions.'));
-                err.status = 403;
-            }
-        }
-
+    tools.validateEmail(email, false, err => {
         if (err) {
-            return req.xhr ? sendJsonError(err) : next(err);
+            if (req.xhr) {
+                return sendJsonError(err.message, 400);
+            }
+            req.flash('danger', err.message);
+            return res.redirect('/subscription/' + encodeURIComponent(req.params.cid) + '?' + tools.queryParams(req.body));
         }
 
-        let data = {};
-        Object.keys(req.body).forEach(key => {
-            if (key !== 'email' && key.charAt(0) !== '_') {
-                data[key] = (req.body[key] || '').toString().trim();
-            }
-        });
+        // Check if the subscriber seems legit. This is a really simple check, the only requirement is that
+        // the subsciber has JavaScript turned on and thats it. If Mailtrain gets more targeted then this
+        // simple check should be replaced with an actual captcha
+        let subTime = Number(req.body.sub) || 0;
+        // allow clock skew 24h in the past and 24h to the future
+        let subTimeTest = !!(subTime > Date.now() - 24 * 3600 * 1000 && subTime < Date.now() + 24 * 3600 * 1000);
+        let addressTest = !req.body.address;
+        let testsPass = subTimeTest && addressTest;
 
-        data = tools.convertKeys(data);
-
-        data._address = req.body.address;
-        data._sub = req.body.sub;
-        data._skip = !testsPass;
-
-        subscriptions.addConfirmation(list, email, req.ip, data, (err, confirmCid) => {
-            if (!err && !confirmCid) {
-                err = new Error(_('Could not store confirmation data'));
+        lists.getByCid(req.params.cid, (err, list) => {
+            if (!err) {
+                if (!list) {
+                    err = new Error(_('Selected list not found'));
+                    err.status = 404;
+                } else if (!list.publicSubscribe) {
+                    err = new Error(_('The list does not allow public subscriptions.'));
+                    err.status = 403;
+                }
             }
 
             if (err) {
-                if (req.xhr) {
-                    return sendJsonError(err);
-                }
-                req.flash('danger', err.message || err);
-                return res.redirect('/subscription/' + encodeURIComponent(req.params.cid) + '?' + tools.queryParams(req.body));
+                return req.xhr ? sendJsonError(err) : next(err);
             }
 
-            if (req.xhr) {
-                return res.status(200).json({
-                    msg: _('Please Confirm Subscription')
-                });
-            }
-            res.redirect('/subscription/' + req.params.cid + '/confirm-notice');
+            let data = {};
+            Object.keys(req.body).forEach(key => {
+                if (key !== 'email' && key.charAt(0) !== '_') {
+                    data[key] = (req.body[key] || '').toString().trim();
+                }
+            });
+
+            data = tools.convertKeys(data);
+
+            data._address = req.body.address;
+            data._sub = req.body.sub;
+            data._skip = !testsPass;
+            data._action = 'subscribe';
+
+            subscriptions.addConfirmation(list, email, req.ip, data, (err, confirmCid) => {
+                if (!err && !confirmCid) {
+                    err = new Error(_('Could not store confirmation data'));
+                }
+
+                if (err) {
+                    if (req.xhr) {
+                        return sendJsonError(err);
+                    }
+                    req.flash('danger', err.message || err);
+                    return res.redirect('/subscription/' + encodeURIComponent(req.params.cid) + '?' + tools.queryParams(req.body));
+                }
+
+                if (req.xhr) {
+                    return res.status(200).json({
+                        msg: _('Please Confirm Subscription')
+                    });
+                }
+                res.redirect('/subscription/' + req.params.cid + '/confirm-subscription-notice');
+            });
         });
     });
 });
@@ -732,7 +554,7 @@ router.post('/:lcid/manage-address', passport.parseForm, passport.csrfProtection
                 return res.redirect('/subscription/' + encodeURIComponent(req.params.lcid) + '/manage-address/' + encodeURIComponent(req.body.cid) + '?' + tools.queryParams(req.body));
             }
 
-            req.flash('info', _('Email address updated, check your mailbox for verification instructions'));
+            req.flash('info', _('An email with further instructions has been sent to the provided address'));
             res.redirect('/subscription/' + req.params.lcid + '/manage/' + req.body.cid);
         });
     });
@@ -822,7 +644,7 @@ router.post('/:lcid/unsubscribe', passport.parseForm, passport.csrfProtection, (
                 log.error('Subscription', err);
                 return res.redirect('/subscription/' + encodeURIComponent(req.params.lcid) + '/unsubscribe/' + encodeURIComponent(req.body.cid) + '?' + tools.queryParams(req.body));
             }
-            res.redirect('/subscription/' + req.params.lcid + '/unsubscribe-notice');
+            res.redirect('/subscription/' + req.params.lcid + '/unsubscribed-notice');
 
             fields.list(list.id, (err, fieldList) => {
                 if (err) {
@@ -874,11 +696,11 @@ router.post('/:lcid/unsubscribe', passport.parseForm, passport.csrfProtection, (
                     };
 
                     let text = {
-                        template: 'subscription/mail-unsubscribe-confirmed-text.hbs'
+                        template: 'subscription/mail-unsubscription-confirmed-text.hbs'
                     };
 
                     let html = {
-                        template: 'subscription/mail-unsubscribe-confirmed-html.mjml.hbs',
+                        template: 'subscription/mail-unsubscription-confirmed-html.mjml.hbs',
                         layout: 'subscription/layout.mjml.hbs',
                         type: 'mjml'
                     };
@@ -896,6 +718,26 @@ router.post('/:lcid/unsubscribe', passport.parseForm, passport.csrfProtection, (
     });
 });
 
+router.get('/:cid/confirm-subscription-notice', (req, res, next) => {
+    notice('confirm-subscription', req, res, next);
+});
+
+router.get('/:cid/confirm-unsubscription-notice', (req, res, next) => {
+    notice('confirm-unsubscription', req, res, next);
+});
+
+router.get('/:cid/subscribed-notice', (req, res, next) => {
+    notice('subscribed', req, res, next);
+});
+
+router.get('/:cid/updated-notice', (req, res, next) => {
+    notice('updated', req, res, next);
+});
+
+router.get('/:cid/unsubscribed-notice', (req, res, next) => {
+    notice('unsubscribed', req, res, next);
+});
+
 router.post('/publickey', passport.parseForm, (req, res, next) => {
     settings.list(['pgpPassphrase', 'pgpPrivateKey'], (err, configItems) => {
         if (err) {
@@ -934,4 +776,59 @@ router.post('/publickey', passport.parseForm, (req, res, next) => {
     });
 });
 
+
+function notice(type, req, res, next) {
+    lists.getByCid(req.params.cid, (err, list) => {
+        if (!err && !list) {
+            err = new Error(_('Selected list not found'));
+            err.status = 404;
+        }
+
+        if (err) {
+            return next(err);
+        }
+
+        settings.list(['defaultHomepage', 'serviceUrl', 'defaultAddress', 'defaultPostaddress'], (err, configItems) => {
+            if (err) {
+                return next(err);
+            }
+
+            let data = {
+                title: list.name,
+                homepage: configItems.defaultHomepage || configItems.serviceUrl,
+                defaultAddress: configItems.defaultAddress,
+                defaultPostaddress: configItems.defaultPostaddress,
+                template: {
+                    template: 'subscription/web-' + type + '-notice.mjml.hbs',
+                    layout: 'subscription/layout.mjml.hbs'
+                }
+            };
+
+            helpers.injectCustomFormData(req.query.fid || list.defaultForm, 'subscription/web-' + type + '-notice', data, (err, data) => {
+                if (err) {
+                    return next(err);
+                }
+
+                helpers.getMjmlTemplate(data.template, (err, htmlRenderer) => {
+                    if (err) {
+                        return next(err);
+                    }
+
+                    helpers.captureFlashMessages(req, res, (err, flash) => {
+                        if (err) {
+                            return next(err);
+                        }
+
+                        data.isWeb = true;
+                        data.isConfirmNotice = true;
+                        data.flashMessages = flash;
+                        res.send(htmlRenderer(data));
+                    });
+                });
+            });
+        });
+    });
+}
+
+
 module.exports = router;
diff --git a/setup/sql/upgrade-00028.sql b/setup/sql/upgrade-00028.sql
new file mode 100644
index 00000000..8ea8bdbc
--- /dev/null
+++ b/setup/sql/upgrade-00028.sql
@@ -0,0 +1,24 @@
+# Header section
+# Define incrementing schema version number
+SET @schema_version = '28';
+
+# Add unsubscription mode field to lists
+ALTER TABLE `lists` ADD COLUMN `unsubscription_mode` int(11) unsigned DEFAULT 0 NOT NULL AFTER `public_subscribe`;
+
+# Change the name of the column to better reflect that confirmations are also used for unsubscription and email address update
+ALTER TABLE `confirmations` CHANGE `opt_in_ip` `ip` varchar(100) DEFAULT NULL;
+
+# Rename affected forms in custom_forms_data
+update custom_forms_data set data_key="mail_confirm_subscription_html" where data_key="mail_confirm_html";
+update custom_forms_data set data_key="mail_confirm_subscription_text" where data_key="mail_confirm_text";
+update custom_forms_data set data_key="mail_unsubscription_confirmed_html" where data_key="mail_unsubscribe_confirmed_html";
+update custom_forms_data set data_key="mail_unsubscription_confirmed_text" where data_key="mail_unsubscribe_confirmed_text";
+update custom_forms_data set data_key="web_confirm_subscription_notice" where data_key="web_confirm_notice";
+update custom_forms_data set data_key="web_subscribed_notice" where data_key="web_subscribed";
+update custom_forms_data set data_key="web_unsubscribed_notice" where data_key="web_unsubscribe_notice";
+
+
+# Footer section
+LOCK TABLES `settings` WRITE;
+INSERT INTO `settings` (`key`, `value`) VALUES('db_schema_version', @schema_version) ON DUPLICATE KEY UPDATE `value`=@schema_version;
+UNLOCK TABLES;
diff --git a/views/lists/create.hbs b/views/lists/create.hbs
index 6cfaa7b8..ba37f4e3 100644
--- a/views/lists/create.hbs
+++ b/views/lists/create.hbs
@@ -26,11 +26,27 @@
 
     <hr />
 
-    <div class="col-sm-offset-2">
-        <div class="checkbox">
-            <label>
-                <input type="checkbox" name="public_subscribe" value="1" {{#if publicSubscribe}} checked {{/if}}> {{#translate}}Allow public users to subscribe themselves{{/translate}}
-            </label>
+    <div class="form-group">
+        <label for="default_form" class="col-sm-2 control-label">{{#translate}}Subscription{{/translate}}</label>
+        <div class="col-sm-10">
+            <div class="checkbox">
+                <label>
+                    <input type="checkbox" name="public_subscribe" value="1" {{#if publicSubscribe}} checked {{/if}}> {{#translate}}Allow public users to subscribe themselves{{/translate}}
+                </label>
+            </div>
+        </div>
+    </div>
+
+
+    <div class="form-group">
+        <label for="default_form" class="col-sm-2 control-label">{{#translate}}Unsubscription{{/translate}}</label>
+        <div class="col-sm-10">
+            <select class="form-control" id="unsubscription_mode" name="unsubscription_mode">
+                {{#each unsubscriptionModeOptions}}
+                    <option value="{{value}}"{{#if selected}} selected{{/if}}>{{label}}</option>
+                {{/each}}
+            </select>
+            <span class="help-block">{{#translate}}Select how an unsuscription request by subscriber is handled.{{/translate}}</span>
         </div>
     </div>
 
diff --git a/views/lists/edit.hbs b/views/lists/edit.hbs
index 5d206b50..cbe0b6cc 100644
--- a/views/lists/edit.hbs
+++ b/views/lists/edit.hbs
@@ -56,11 +56,27 @@
 
     <hr />
 
-    <div class="col-sm-offset-2">
-        <div class="checkbox">
-            <label>
-                <input type="checkbox" name="public_subscribe" value="1" {{#if publicSubscribe}} checked {{/if}}> {{#translate}}Allow public users to subscribe themselves{{/translate}}
-            </label>
+    <div class="form-group">
+        <label for="default_form" class="col-sm-2 control-label">{{#translate}}Subscription{{/translate}}</label>
+        <div class="col-sm-10">
+            <div class="checkbox">
+                <label>
+                    <input type="checkbox" name="public_subscribe" value="1" {{#if publicSubscribe}} checked {{/if}}> {{#translate}}Allow public users to subscribe themselves{{/translate}}
+                </label>
+            </div>
+        </div>
+    </div>
+
+
+    <div class="form-group">
+        <label for="default_form" class="col-sm-2 control-label">{{#translate}}Unsubscription{{/translate}}</label>
+        <div class="col-sm-10">
+            <select class="form-control" id="unsubscription_mode" name="unsubscription_mode">
+                {{#each unsubscriptionModeOptions}}
+                    <option value="{{value}}"{{#if selected}} selected{{/if}}>{{label}}</option>
+                {{/each}}
+            </select>
+            <span class="help-block">{{#translate}}Select how an unsuscription request by subscriber is handled.{{/translate}}</span>
         </div>
     </div>
 
diff --git a/views/lists/forms/edit.hbs b/views/lists/forms/edit.hbs
index 0ee5acdf..5b91dcfb 100644
--- a/views/lists/forms/edit.hbs
+++ b/views/lists/forms/edit.hbs
@@ -46,11 +46,15 @@
             <p>
                 <a href="/subscription/{{list.cid}}?fid={{form.id}}" target="_blank">{{#translate}}Subscribe{{/translate}}</a>
                 |
-                <a href="/subscription/{{list.cid}}/confirm-notice?fid={{form.id}}" target="_blank">{{#translate}}Confirm Notice{{/translate}}</a>
+                <a href="/subscription/{{list.cid}}/confirm-subscription-notice?fid={{form.id}}" target="_blank">{{#translate}}Confirm Subscription Notice{{/translate}}</a>
+                |
+                <a href="/subscription/{{list.cid}}/confirm-unsubscription-notice?fid={{form.id}}" target="_blank">{{#translate}}Confirm Unsubscription Notice{{/translate}}</a>
+                |
+                <a href="/subscription/{{list.cid}}/subscribed-notice?fid={{form.id}}" target="_blank">{{#translate}}Subscribed Notice{{/translate}}</a>
                 |
                 <a href="/subscription/{{list.cid}}/updated-notice?fid={{form.id}}" target="_blank">{{#translate}}Updated Notice{{/translate}}</a>
                 |
-                <a href="/subscription/{{list.cid}}/unsubscribe-notice?fid={{form.id}}" target="_blank">{{#translate}}Unsubscribed Notice{{/translate}}</a>
+                <a href="/subscription/{{list.cid}}/unsubscribed-notice?fid={{form.id}}" target="_blank">{{#translate}}Unsubscribed Notice{{/translate}}</a>
                 {{#if testUsers}}
                     |
                     <a href="/subscription/{{list.cid}}/manage/{{testUsers.0.cid}}?fid={{form.id}}" target="_blank">{{#translate}}Manage{{/translate}}</a>
diff --git a/views/lists/forms/forms.hbs b/views/lists/forms/forms.hbs
index 9bc3ab92..367d0ebf 100644
--- a/views/lists/forms/forms.hbs
+++ b/views/lists/forms/forms.hbs
@@ -68,7 +68,7 @@
 <form class="form-inline" method="post" action="/lists/edit?next=%2Fforms%2F{{list.id}}">
     <input type="hidden" name="_csrf" value="{{csrfToken}}">
     <input type="hidden" name="id" value="{{list.id}}" />
-    <input type="hidden" name="name" value="{{list.name}}" />
+    <input type="hidden" name="customFormChangeOnly" value="1" />
 
     <div class="form-group">
         <label for="default_form" class="control-label" style="color: #666; font-weight: normal;">{{#translate}}The default form for this list is:{{/translate}}</label>
diff --git a/views/subscription/mail-already-subscribed-html.mjml.hbs b/views/subscription/mail-already-subscribed-html.mjml.hbs
new file mode 100644
index 00000000..d4a9b20e
--- /dev/null
+++ b/views/subscription/mail-already-subscribed-html.mjml.hbs
@@ -0,0 +1,24 @@
+<mj-section>
+    <mj-column>
+        <mj-text mj-class="h3">
+            {{#translate}}Email address already subscribed{{/translate}}
+        </mj-text>
+        <mj-text mj-class="p">
+            {{#translate}}We have received a subscription request. Your email address is however already registered.{{/translate}}.
+        </mj-text>
+        <mj-text mj-class="p">
+            {{#translate}}If you received this email by mistake, simply delete it. Your existing subscription won't be affected.{{/translate}}
+        </mj-text>
+        <mj-text mj-class="p">
+            {{#translate}}If you want to modify your subscription then you can {{/translate}}
+            <a href="{{preferencesUrl}}">{{#translate}}manage your preferences{{/translate}}</a> {{#translate}}or{{/translate}} <a href="{{unsubscribeUrl}}">{{#translate}}unsubscribe here{{/translate}}</a>.
+        </mj-text>
+        <mj-button mj-class="button" href="{{homepage}}">
+            {{#translate}}Return to our website{{/translate}}
+        </mj-button>
+        <mj-text mj-class="p">
+            {{#translate}}For questions about this list, please contact:{{/translate}}
+            <br/><a href="mailto:{{contactAddress}}">{{contactAddress}}</a>
+        </mj-text>
+    </mj-column>
+</mj-section>
diff --git a/views/subscription/mail-already-subscribed-text.hbs b/views/subscription/mail-already-subscribed-text.hbs
new file mode 100644
index 00000000..fe982896
--- /dev/null
+++ b/views/subscription/mail-already-subscribed-text.hbs
@@ -0,0 +1,18 @@
+{{{title}}}
+{{#translate}}Email address already subscribed{{/translate}}
+================================
+
+{{#translate}}We have received a subscription request. Your email address is however already registered.{{/translate}}
+
+{{#translate}}If you received this email by mistake, simply delete it. Your existing subscription won't be affected.{{/translate}}
+
+{{#translate}}If you want to modify your subscription then you can:{{/translate}}
+
+{{#translate}}manage your preferences{{/translate}}: {{preferencesUrl}}
+
+- {{#translate}}or{{/translate}} -
+
+{{#translate}}unsubscribe here{{/translate}}: {{unsubscribeUrl}}
+
+{{#translate}}For questions about this list, please contact:{{/translate}}
+{{{contactAddress}}}
diff --git a/views/subscription/mail-confirm-address-change-html.mjml.hbs b/views/subscription/mail-confirm-address-change-html.mjml.hbs
new file mode 100644
index 00000000..a144fe33
--- /dev/null
+++ b/views/subscription/mail-confirm-address-change-html.mjml.hbs
@@ -0,0 +1,17 @@
+<mj-section>
+    <mj-column>
+        <mj-text mj-class="h3">
+            {{#translate}}Please Confirm Subscription Address Change{{/translate}}
+        </mj-text>
+        <mj-button mj-class="button" href="{{confirmUrl}}">
+            {{#translate}}Yes, subscribe this email address to the list{{/translate}}
+        </mj-button>
+        <mj-text mj-class="p">
+            {{#translate}}If you received this email by mistake, simply delete it. You won't be subscribed if you don't click the confirmation link above.{{/translate}}
+        </mj-text>
+        <mj-text mj-class="p">
+            {{#translate}}For questions about this list, please contact:{{/translate}}
+            <br/><a href="mailto:{{contactAddress}}">{{contactAddress}}</a>
+        </mj-text>
+    </mj-column>
+</mj-section>
diff --git a/views/subscription/mail-confirm-address-change-text.hbs b/views/subscription/mail-confirm-address-change-text.hbs
new file mode 100644
index 00000000..baca9209
--- /dev/null
+++ b/views/subscription/mail-confirm-address-change-text.hbs
@@ -0,0 +1,10 @@
+{{{title}}}
+{{#translate}}Please Confirm Subscription Address Change{{/translate}}
+==========================================
+
+{{#translate}}Yes, subscribe this email address to the list{{/translate}}: {{{confirmUrl}}}
+
+{{#translate}}If you received this email by mistake, simply delete it. You won't be subscribed unless you click the confirmation link above.{{/translate}}
+
+{{#translate}}For questions about this list, please contact:{{/translate}}
+{{{contactAddress}}}
diff --git a/views/subscription/mail-confirm-html.mjml.hbs b/views/subscription/mail-confirm-subscription-html.mjml.hbs
similarity index 100%
rename from views/subscription/mail-confirm-html.mjml.hbs
rename to views/subscription/mail-confirm-subscription-html.mjml.hbs
diff --git a/views/subscription/mail-confirm-text.hbs b/views/subscription/mail-confirm-subscription-text.hbs
similarity index 100%
rename from views/subscription/mail-confirm-text.hbs
rename to views/subscription/mail-confirm-subscription-text.hbs
diff --git a/views/subscription/mail-confirm-unsubscription-html.mjml.hbs b/views/subscription/mail-confirm-unsubscription-html.mjml.hbs
new file mode 100644
index 00000000..89f6bbce
--- /dev/null
+++ b/views/subscription/mail-confirm-unsubscription-html.mjml.hbs
@@ -0,0 +1,17 @@
+<mj-section>
+    <mj-column>
+        <mj-text mj-class="h3">
+            {{#translate}}Please Confirm Unsubscription{{/translate}}
+        </mj-text>
+        <mj-button mj-class="button" href="{{confirmUrl}}">
+            {{#translate}}Yes, unsubscribe me from this list{{/translate}}
+        </mj-button>
+        <mj-text mj-class="p">
+            {{#translate}}If you received this email by mistake, simply delete it. You won't be unsubscribed if you don't click the confirmation link above.{{/translate}}
+        </mj-text>
+        <mj-text mj-class="p">
+            {{#translate}}For questions about this list, please contact:{{/translate}}
+            <br/><a href="mailto:{{contactAddress}}">{{contactAddress}}</a>
+        </mj-text>
+    </mj-column>
+</mj-section>
diff --git a/views/subscription/mail-confirm-unsubscription-text.hbs b/views/subscription/mail-confirm-unsubscription-text.hbs
new file mode 100644
index 00000000..2dd2dd4f
--- /dev/null
+++ b/views/subscription/mail-confirm-unsubscription-text.hbs
@@ -0,0 +1,10 @@
+{{{title}}}
+{{#translate}}Please Confirm Subscription{{/translate}}
+===========================
+
+{{#translate}}Yes, unsubscribe me from this list{{/translate}}: {{{confirmUrl}}}
+
+{{#translate}}If you received this email by mistake, simply delete it. You won't be unsubscribed unless you click the confirmation link above.{{/translate}}
+
+{{#translate}}For questions about this list, please contact:{{/translate}}
+{{{contactAddress}}}
diff --git a/views/subscription/mail-unsubscribe-confirmed-html.mjml.hbs b/views/subscription/mail-unsubscription-confirmed-html.mjml.hbs
similarity index 100%
rename from views/subscription/mail-unsubscribe-confirmed-html.mjml.hbs
rename to views/subscription/mail-unsubscription-confirmed-html.mjml.hbs
diff --git a/views/subscription/mail-unsubscribe-confirmed-text.hbs b/views/subscription/mail-unsubscription-confirmed-text.hbs
similarity index 100%
rename from views/subscription/mail-unsubscribe-confirmed-text.hbs
rename to views/subscription/mail-unsubscription-confirmed-text.hbs
diff --git a/views/subscription/web-confirm-notice.mjml.hbs b/views/subscription/web-confirm-subscription-notice.mjml.hbs
similarity index 100%
rename from views/subscription/web-confirm-notice.mjml.hbs
rename to views/subscription/web-confirm-subscription-notice.mjml.hbs
diff --git a/views/subscription/web-confirm-unsubscription-notice.mjml.hbs b/views/subscription/web-confirm-unsubscription-notice.mjml.hbs
new file mode 100644
index 00000000..5fc2537e
--- /dev/null
+++ b/views/subscription/web-confirm-unsubscription-notice.mjml.hbs
@@ -0,0 +1,13 @@
+<mj-section>
+    <mj-column>
+        <mj-text mj-class="h3">
+            {{#translate}}Almost Finished{{/translate}}
+        </mj-text>
+        <mj-text mj-class="p">
+            {{#translate}}We need to confirm your email address. To complete the unsubscription process, please click the link in the email we just sent you.{{/translate}}
+        </mj-text>
+        <mj-button mj-class="button" href="{{homepage}}">
+            {{#translate}}Return to our website{{/translate}}
+        </mj-button>
+    </mj-column>
+</mj-section>
diff --git a/views/subscription/web-subscribed.mjml.hbs b/views/subscription/web-subscribed-notice.mjml.hbs
similarity index 100%
rename from views/subscription/web-subscribed.mjml.hbs
rename to views/subscription/web-subscribed-notice.mjml.hbs
diff --git a/views/subscription/web-unsubscribe-notice.mjml.hbs b/views/subscription/web-unsubscribed-notice.mjml.hbs
similarity index 100%
rename from views/subscription/web-unsubscribe-notice.mjml.hbs
rename to views/subscription/web-unsubscribed-notice.mjml.hbs

From 32e2e61789128cecccafb84006dd794e6de05fca Mon Sep 17 00:00:00 2001
From: Tomas Bures <tbures@sathyasai.org>
Date: Sun, 30 Apr 2017 13:01:22 -0400
Subject: [PATCH 02/11] Unsubscription is identified by subscriber cid. This
 effectivelly allows only the recipient of the email to unsubscribe. This
 addresses issue #221. I also scraped the "auto" parameter which automatically
 submits the unsubscription form when the link is clicked in a campaign email.
 Instead, I introduced the unsubscription options ONE_STEP,
 ONE_STEP_WITH_FORM, TWO_STEP, TWO_STEP_WITH_FORM. The options without
 "_WITH_FORM" shall behave like when called with "auto". This functionality is
 to come. Currently it behaves as ONE_STEP_WITH_FORM.

---
 lib/models/lists.js                           |   8 +-
 lib/models/subscriptions.js                   | 227 ++++++------------
 lib/tools.js                                  |   2 +-
 routes/lists.js                               |  12 +
 routes/subscription.js                        | 168 +++----------
 services/sender.js                            |   2 +-
 .../subscription-unsubscribe-form.hbs         |  11 +-
 views/subscription/web-unsubscribe.mjml.hbs   |   3 -
 8 files changed, 126 insertions(+), 307 deletions(-)

diff --git a/lib/models/lists.js b/lib/models/lists.js
index 7ee7dcc6..839fefe1 100644
--- a/lib/models/lists.js
+++ b/lib/models/lists.js
@@ -9,9 +9,11 @@ let tableHelpers = require('../table-helpers');
 
 const UnsubscriptionMode = {
     ONE_STEP: 0,
-    TWO_STEP: 1,
-    MANUAL: 2,
-    MAX: 3
+    ONE_STEP_WITH_FORM: 1,
+    TWO_STEP: 2,
+    TWO_STEP_WITH_FORM: 3,
+    MANUAL: 4,
+    MAX: 5
 };
 
 module.exports.UnsubscriptionMode = UnsubscriptionMode;
diff --git a/lib/models/subscriptions.js b/lib/models/subscriptions.js
index 57169257..24158ffd 100644
--- a/lib/models/subscriptions.js
+++ b/lib/models/subscriptions.js
@@ -107,84 +107,20 @@ module.exports.addConfirmation = (list, email, ip, data, callback) => {
                 return callback(null, false);
             }
 
-            fields.list(list.id, (err, fieldList) => {
-                if (err) {
-                    return callback(err);
-                }
+            if (data._skip) {
+                log.info('Subscription', 'Confirmation message for %s marked to be skipped (%s)', email, JSON.stringify(data));
+                return callback(null, cid);
+            }
 
-                let encryptionKeys = [];
-                fields.getRow(fieldList, data).forEach(field => {
-                    if (field.type === 'gpg' && field.value) {
-                        encryptionKeys.push(field.value.trim());
-                    }
-                });
-
-                settings.list(['defaultHomepage', 'defaultFrom', 'defaultAddress', 'defaultPostaddress', 'serviceUrl'], (err, configItems) => {
-                    if (err) {
-                        return callback(err);
-                    }
-
-                    setImmediate(() => {
-                        if (data._skip) {
-                            log.info('Subscription', 'Confirmation message for %s marked to be skipped (%s)', email, JSON.stringify(data));
-                            return;
-                        }
-
-                        // FIXME - move to router
-                        const mailOpts = {
-                            subject: _('%s: Please Confirm Subscription'),
-                            confirmUrlRoute: '/subscription/confirm/',
-                            templateType: 'subscription'
-                        };
-
-                        let sendMail = (html, text) => {
-                            mailer.sendMail({
-                                from: {
-                                    name: configItems.defaultFrom,
-                                    address: configItems.defaultAddress
-                                },
-                                to: {
-                                    name: [].concat(data.firstName || []).concat(data.lastName || []).join(' '),
-                                    address: email
-                                },
-                                subject: util.format(mailOpts.subject, list.name),
-                                encryptionKeys
-                            }, {
-                                html,
-                                text,
-                                data: {
-                                    title: list.name,
-                                    contactAddress: configItems.defaultAddress,
-                                    defaultPostaddress: configItems.defaultPostaddress,
-                                    confirmUrl: urllib.resolve(configItems.serviceUrl, mailOpts.confirmUrlRoute + cid)
-                                }
-                            }, err => {
-                                if (err) {
-                                    log.error('Subscription', err);
-                                }
-                            });
-                        };
-
-                        let text = {
-                            template: 'subscription/mail-confirm-' + mailOpts.templateType + '-text.hbs'
-                        };
-
-                        let html = {
-                            template: 'subscription/mail-confirm-' + mailOpts.templateType + '-html.mjml.hbs',
-                            layout: 'subscription/layout.mjml.hbs',
-                            type: 'mjml'
-                        };
-
-                        helpers.injectCustomFormTemplates(list.defaultForm, { text, html }, (err, tmpl) => {
-                            if (err) {
-                                return sendMail(html, text);
-                            }
-
-                            sendMail(tmpl.html, tmpl.text);
-                        });
-                    });
-                    return callback(null, cid);
-                });
+            // FIXME - customize from the router
+            const mailOpts = {
+                ignoreDisableConfirmations: true
+            };
+            const relativeUrls = {
+                confirmUrl: '/subscription/confirm/' + cid
+            };
+            module.exports.sendMail(list, email, 'confirm-subscription', _('%s: Please Confirm Subscription'), relativeUrls, mailOpts, data, (err) => {
+                return callback(err, cid);
             });
         });
     });
@@ -395,8 +331,6 @@ module.exports.insert = (listId, meta, subscription, callback) => {
                         queryArgs = values.concat(existing.id);
                         query = 'UPDATE `subscription__' + listId + '` SET ' + keys.map(key => '`' + key + '`=?') + ' WHERE id=? LIMIT 1';
                     }
-                    console.log(query);
-                    console.log(queryArgs);
 
                     connection.query(query, queryArgs, (err, result) => {
                         if (err) {
@@ -647,9 +581,8 @@ module.exports.update = (listId, cid, updates, allowEmail, callback) => {
     });
 };
 
-module.exports.unsubscribe = (listId, email, campaignId, callback) => {
+module.exports.unsubscribe = (listId, subscriberCid, campaignId, callback) => {
     listId = Number(listId) || 0;
-    email = (email || '').toString().trim();
 
     campaignId = (campaignId || '').toString().trim() || false;
 
@@ -657,8 +590,8 @@ module.exports.unsubscribe = (listId, email, campaignId, callback) => {
         return callback(new Error(_('Missing List ID')));
     }
 
-    if (!email) {
-        return callback(new Error(_('Missing email address')));
+    if (!subscriberCid) {
+        return callback(new Error(_('Missing subscriber cid')));
     }
 
     db.getConnection((err, connection) => {
@@ -666,7 +599,7 @@ module.exports.unsubscribe = (listId, email, campaignId, callback) => {
             return callback(err);
         }
 
-        connection.query('SELECT * FROM `subscription__' + listId + '` WHERE `email`=?', [email], (err, rows) => {
+        connection.query('SELECT * FROM `subscription__' + listId + '` WHERE `cid`=?', [subscriberCid], (err, rows) => {
             connection.release();
             if (err) {
                 return callback(err);
@@ -1166,92 +1099,86 @@ module.exports.updateAddress = (list, cid, updates, ip, callback) => {
 };
 
 
-module.exports.sendMail = (listId, email, template, subject, mailOpts, subscription, callback) => {
+module.exports.sendMail = (list, email, template, subject, relativeUrls, mailOpts, subscription, callback) => {
     db.getConnection((err, connection) => {
         if (err) {
             return callback(err);
         }
 
-        lists.get(listId, (err, list) => {
-            if (!err && !list) {
-                err = new Error(_('Selected list not found'));
-                err.status = 404;
-            }
-
+        fields.list(list.id, (err, fieldList) => {
             if (err) {
-                return next(err);
+                return callback(err);
             }
 
-            fields.list(list.id, (err, fieldList) => {
+            let encryptionKeys = [];
+            fields.getRow(fieldList, subscription).forEach(field => {
+                if (field.type === 'gpg' && field.value) {
+                    encryptionKeys.push(field.value.trim());
+                }
+            });
+
+            settings.list(['defaultHomepage', 'defaultFrom', 'defaultAddress', 'defaultPostaddress', 'serviceUrl', 'disableConfirmations'], (err, configItems) => {
                 if (err) {
                     return callback(err);
                 }
 
-                let encryptionKeys = [];
-                fields.getRow(fieldList, subscription).forEach(field => {
-                    if (field.type === 'gpg' && field.value) {
-                        encryptionKeys.push(field.value.trim());
-                    }
-                });
+                if (!mailOpts.ignoreDisableConfirmations && configItems.disableConfirmations) {
+                    return;
+                }
 
-                settings.list(['defaultHomepage', 'defaultFrom', 'defaultAddress', 'defaultPostaddress', 'serviceUrl'], (err, configItems) => {
-                    if (err) {
-                        return callback(err);
-                    }
+                const data = {
+                    title: list.name,
+                    homepage: configItems.defaultHomepage || configItems.serviceUrl,
+                    contactAddress: configItems.defaultAddress,
+                    defaultPostaddress: configItems.defaultPostaddress,
+                };
 
-                    const data = {
-                        title: list.name,
-                        contactAddress: configItems.defaultAddress,
-                        defaultPostaddress: configItems.defaultPostaddress,
-                    };
+                for (let relativeUrlKey in relativeUrls) {
+                    data[relativeUrlKey] = urllib.resolve(configItems.serviceUrl, relativeUrls[relativeUrlKey]);
+                }
 
-                    if (mailOpts.confirmUrlRoute) {
-                        data.confirmUrl = urllib.resolve(configItems.serviceUrl, mailOpts.confirmUrlRoute + cid)
-                    }
-
-                    function sendMail(html, text) {
-                        mailer.sendMail({
-                            from: {
-                                name: configItems.defaultFrom,
-                                address: configItems.defaultAddress
-                            },
-                            to: {
-                                name: [].concat(subscription.firstName || []).concat(subscription.lastName || []).join(' '),
-                                address: email
-                            },
-                            subject: util.format(subject, list.name),
-                            encryptionKeys
-                        }, {
-                            html,
-                            text,
-                            data
-                        }, err => {
-                            if (err) {
-                                log.error('Subscription', err);
-                            }
-                        });
-                    }
-
-                    let text = {
-                        template: 'subscription/mail-' + template + '-text.hbs'
-                    };
-
-                    let html = {
-                        template: 'subscription/mail-' + template + '-html.mjml.hbs',
-                        layout: 'subscription/layout.mjml.hbs',
-                        type: 'mjml'
-                    };
-
-                    helpers.injectCustomFormTemplates(list.defaultForm, { text, html }, (err, tmpl) => {
+                function sendMail(html, text) {
+                    mailer.sendMail({
+                        from: {
+                            name: configItems.defaultFrom,
+                            address: configItems.defaultAddress
+                        },
+                        to: {
+                            name: [].concat(subscription.firstName || []).concat(subscription.lastName || []).join(' '),
+                            address: email
+                        },
+                        subject: util.format(subject, list.name),
+                        encryptionKeys
+                    }, {
+                        html,
+                        text,
+                        data
+                    }, err => {
                         if (err) {
-                            return sendMail(html, text);
+                            log.error('Subscription', err);
                         }
-
-                        sendMail(tmpl.html, tmpl.text);
                     });
+                }
 
-                    return callback(null, cid);
+                let text = {
+                    template: 'subscription/mail-' + template + '-text.hbs'
+                };
+
+                let html = {
+                    template: 'subscription/mail-' + template + '-html.mjml.hbs',
+                    layout: 'subscription/layout.mjml.hbs',
+                    type: 'mjml'
+                };
+
+                helpers.injectCustomFormTemplates(list.defaultForm, { text, html }, (err, tmpl) => {
+                    if (err) {
+                        return sendMail(html, text);
+                    }
+
+                    sendMail(tmpl.html, tmpl.text);
                 });
+
+                return callback();
             });
         });
     });
diff --git a/lib/tools.js b/lib/tools.js
index 49d17e44..901ad0df 100644
--- a/lib/tools.js
+++ b/lib/tools.js
@@ -181,7 +181,7 @@ function validateEmail(address, checkBlocked, callback) {
 
 function getMessageLinks(serviceUrl, campaign, list, subscription) {
     return {
-        LINK_UNSUBSCRIBE: urllib.resolve(serviceUrl, '/subscription/' + list.cid + '/unsubscribe/' + subscription.cid + '?auto=yes&c=' + campaign.cid),
+        LINK_UNSUBSCRIBE: urllib.resolve(serviceUrl, '/subscription/' + list.cid + '/unsubscribe/' + subscription.cid + '?c=' + campaign.cid),
         LINK_PREFERENCES: urllib.resolve(serviceUrl, '/subscription/' + list.cid + '/manage/' + subscription.cid),
         LINK_BROWSER: urllib.resolve(serviceUrl, '/archive/' + campaign.cid + '/' + list.cid + '/' + subscription.cid),
         CAMPAIGN_ID: campaign.cid,
diff --git a/routes/lists.js b/routes/lists.js
index 4618c683..402c9095 100644
--- a/routes/lists.js
+++ b/routes/lists.js
@@ -784,12 +784,24 @@ function getUnsubscriptionModeOptions(unsubscriptionMode) {
         label: _('One-step (i.e. no email with confirmation link)')
     };
 
+    options[lists.UnsubscriptionMode.ONE_STEP_WITH_FORM] = {
+        value: lists.UnsubscriptionMode.ONE_STEP_WITH_FORM,
+        selected: unsubscriptionMode === lists.UnsubscriptionMode.ONE_STEP_WITH_FORM,
+        label: _('One-step with unsubscription form (i.e. no email with confirmation link)')
+    };
+
     options[lists.UnsubscriptionMode.TWO_STEP] = {
         value: lists.UnsubscriptionMode.TWO_STEP,
         selected: unsubscriptionMode === lists.UnsubscriptionMode.TWO_STEP,
         label: _('Two-step (i.e. an email with confirmation link will be sent)')
     };
 
+    options[lists.UnsubscriptionMode.TWO_STEP_WITH_FORM] = {
+        value: lists.UnsubscriptionMode.TWO_STEP_WITH_FORM,
+        selected: unsubscriptionMode === lists.UnsubscriptionMode.TWO_STEP_WITH_FORM,
+        label: _('Two-step with unsubscription form (i.e. an email with confirmation link will be sent)')
+    };
+
     options[lists.UnsubscriptionMode.MANUAL] = {
         value: lists.UnsubscriptionMode.MANUAL,
         selected: unsubscriptionMode === lists.UnsubscriptionMode.MANUAL,
diff --git a/routes/subscription.js b/routes/subscription.js
index e8f2c5f4..193ff63f 100644
--- a/routes/subscription.js
+++ b/routes/subscription.js
@@ -65,80 +65,23 @@ router.get('/confirm/:cid', (req, res, next) => {
                 return next(err);
             }
 
-            settings.list(['defaultHomepage', 'serviceUrl', 'pgpPrivateKey', 'defaultAddress', 'defaultPostaddress', 'defaultFrom', 'disableConfirmations'], (err, configItems) => {
-                if (err) {
-                    return next(err);
-                }
+            // FIXME - differentiate email based on action
 
-                // FIXME - split decision based on action
+            const relativeUrls = {
+                preferencesUrl: '/subscription/' + list.cid + '/manage/' + subscription.cid,
+                unsubscribeUrl: '/subscription/' + list.cid + '/unsubscribe/' + subscription.cid
+            };
+
+            subscriptions.sendMail(list, subscription.email, 'subscription-confirmed', _('%s: Subscription Confirmed'), relativeUrls, {}, subscription, (err) => {
+                if (err) {
+                    req.flash('danger', err.message || err);
+                    log.error('Subscription', err);
+                    return res.redirect('/subscription/' + encodeURIComponent(req.params.lcid) + '/unsubscribe/' + encodeURIComponent(req.body.cid) + '?' + tools.queryParams(req.body));
+                }
 
                 res.redirect('/subscription/' + list.cid + '/subscribed-notice');
-
-                if (configItems.disableConfirmations) {
-                    return;
-                }
-
-                fields.list(list.id, (err, fieldList) => {
-                    if (err) {
-                        return log.error('Fields', err);
-                    }
-
-                    let encryptionKeys = [];
-                    fields.getRow(fieldList, subscription).forEach(field => {
-                        if (field.type === 'gpg' && field.value) {
-                            encryptionKeys.push(field.value.trim());
-                        }
-                    });
-
-                    let sendMail = (html, text) => {
-                        mailer.sendMail({
-                            from: {
-                                name: configItems.defaultFrom,
-                                address: configItems.defaultAddress
-                            },
-                            to: {
-                                name: [].concat(subscription.firstName || []).concat(subscription.lastName || []).join(' '),
-                                address: subscription.email
-                            },
-                            subject: util.format(_('%s: Subscription Confirmed'), list.name),
-                            encryptionKeys
-                        }, {
-                            html,
-                            text,
-                            data: {
-                                title: list.name,
-                                homepage: configItems.defaultHomepage || configItems.serviceUrl,
-                                contactAddress: configItems.defaultAddress,
-                                defaultPostaddress: configItems.defaultPostaddress,
-                                preferencesUrl: urllib.resolve(configItems.serviceUrl, '/subscription/' + list.cid + '/manage/' + subscription.cid),
-                                unsubscribeUrl: urllib.resolve(configItems.serviceUrl, '/subscription/' + list.cid + '/unsubscribe/' + subscription.cid)
-                            }
-                        }, err => {
-                            if (err) {
-                                log.error('Subscription', err);
-                            }
-                        });
-                    };
-
-                    let text = {
-                        template: 'subscription/mail-subscription-confirmed-text.hbs'
-                    };
-
-                    let html = {
-                        template: 'subscription/mail-subscription-confirmed-html.mjml.hbs',
-                        layout: 'subscription/layout.mjml.hbs',
-                        type: 'mjml'
-                    };
-
-                    helpers.injectCustomFormTemplates(req.query.fid || list.defaultForm, { text, html }, (err, tmpl) => {
-                        if (err) {
-                            return sendMail(html, text);
-                        }
-
-                        sendMail(tmpl.html, tmpl.text);
-                    });
-                });
             });
+
         });
     });
 });
@@ -159,6 +102,8 @@ router.get('/:cid', passport.csrfProtection, (req, res, next) => {
             return next(err);
         }
 
+        // FIXME: process subscriber cid param for resubscription requests
+
         let data = tools.convertKeys(req.query, {
             skip: ['layout']
         });
@@ -561,6 +506,8 @@ router.post('/:lcid/manage-address', passport.parseForm, passport.csrfProtection
 });
 
 router.get('/:lcid/unsubscribe/:ucid', passport.csrfProtection, (req, res, next) => {
+    // FIXME: handle different subscription options. The one below is currently "One-step with unsubscribe form"
+
     lists.getByCid(req.params.lcid, (err, list) => {
         if (!err && !list) {
             err = new Error(_('Selected list not found'));
@@ -587,9 +534,9 @@ router.get('/:lcid/unsubscribe/:ucid', passport.csrfProtection, (req, res, next)
                 }
 
                 subscription.lcid = req.params.lcid;
+                subscription.ucid = req.params.ucid;
                 subscription.title = list.name;
                 subscription.csrfToken = req.csrfToken();
-                subscription.autosubmit = !!req.query.auto;
                 subscription.campaign = req.query.c;
                 subscription.defaultAddress = configItems.defaultAddress;
                 subscription.defaultPostaddress = configItems.defaultPostaddress;
@@ -636,83 +583,24 @@ router.post('/:lcid/unsubscribe', passport.parseForm, passport.csrfProtection, (
             return next(err);
         }
 
-        let email = req.body.email;
-
-        subscriptions.unsubscribe(list.id, email, req.body.campaign, (err, subscription) => {
+        subscriptions.unsubscribe(list.id, req.body.ucid, req.body.campaign, (err, subscription) => {
             if (err) {
                 req.flash('danger', err.message || err);
                 log.error('Subscription', err);
-                return res.redirect('/subscription/' + encodeURIComponent(req.params.lcid) + '/unsubscribe/' + encodeURIComponent(req.body.cid) + '?' + tools.queryParams(req.body));
+                return res.redirect('/subscription/' + encodeURIComponent(req.params.lcid) + '/unsubscribe/' + encodeURIComponent(req.body.ucid) + '?' + tools.queryParams(req.body));
             }
-            res.redirect('/subscription/' + req.params.lcid + '/unsubscribed-notice');
 
-            fields.list(list.id, (err, fieldList) => {
+            const relativeUrls = {
+                subscribeUrl: '/subscription/' + list.cid + '?cid=' + subscription.cid
+            };
+            subscriptions.sendMail(list, subscription.email, 'unsubscription-confirmed', _('%s: Unsubscribe Confirmed'), relativeUrls, {}, subscription, (err) => {
                 if (err) {
-                    return log.error('Fields', err);
+                    req.flash('danger', err.message || err);
+                    log.error('Subscription', err);
+                    return res.redirect('/subscription/' + encodeURIComponent(list.cid) + '/unsubscribe/' + encodeURIComponent(subscription.cid) + '?' + tools.queryParams(req.body));
                 }
 
-                let encryptionKeys = [];
-                fields.getRow(fieldList, subscription).forEach(field => {
-                    if (field.type === 'gpg' && field.value) {
-                        encryptionKeys.push(field.value.trim());
-                    }
-                });
-
-                settings.list(['defaultHomepage', 'defaultFrom', 'defaultAddress', 'defaultPostaddress', 'serviceUrl', 'disableConfirmations'], (err, configItems) => {
-                    if (err) {
-                        return log.error('Settings', err);
-                    }
-
-                    if (configItems.disableConfirmations) {
-                        return;
-                    }
-
-                    let sendMail = (html, text) => {
-                        mailer.sendMail({
-                            from: {
-                                name: configItems.defaultFrom,
-                                address: configItems.defaultAddress
-                            },
-                            to: {
-                                name: [].concat(subscription.firstName || []).concat(subscription.lastName || []).join(' '),
-                                address: subscription.email
-                            },
-                            subject: util.format(_('%s: Unsubscribe Confirmed'), list.name),
-                            encryptionKeys
-                        }, {
-                            html,
-                            text,
-                            data: {
-                                title: list.name,
-                                contactAddress: configItems.defaultAddress,
-                                defaultPostaddress: configItems.defaultPostaddress,
-                                subscribeUrl: urllib.resolve(configItems.serviceUrl, '/subscription/' + list.cid + '?cid=' + subscription.cid)
-                            }
-                        }, err => {
-                            if (err) {
-                                log.error('Subscription', err);
-                            }
-                        });
-                    };
-
-                    let text = {
-                        template: 'subscription/mail-unsubscription-confirmed-text.hbs'
-                    };
-
-                    let html = {
-                        template: 'subscription/mail-unsubscription-confirmed-html.mjml.hbs',
-                        layout: 'subscription/layout.mjml.hbs',
-                        type: 'mjml'
-                    };
-
-                    helpers.injectCustomFormTemplates(req.query.fid || list.defaultForm, { text, html }, (err, tmpl) => {
-                        if (err) {
-                            return sendMail(html, text);
-                        }
-
-                        sendMail(tmpl.html, tmpl.text);
-                    });
-                });
+                res.redirect('/subscription/' + req.params.lcid + '/unsubscribed-notice');
             });
         });
     });
diff --git a/services/sender.js b/services/sender.js
index 0610a7bb..ea3e05de 100644
--- a/services/sender.js
+++ b/services/sender.js
@@ -418,7 +418,7 @@ function formatMessage(message, callback) {
                                         }
                                     },
                                     list: {
-                                        unsubscribe: url.resolve(configItems.serviceUrl, '/subscription/' + list.cid + '/unsubscribe/' + message.subscription.cid + '?auto=yes')
+                                        unsubscribe: url.resolve(configItems.serviceUrl, '/subscription/' + list.cid + '/unsubscribe/' + message.subscription.cid)
                                     },
                                     subject: tools.formatMessage(configItems.serviceUrl, campaign, list, message.subscription, campaign.subject),
                                     html: renderedHtml,
diff --git a/views/subscription/partials/subscription-unsubscribe-form.hbs b/views/subscription/partials/subscription-unsubscribe-form.hbs
index 8a11ebe2..4f40dcdc 100644
--- a/views/subscription/partials/subscription-unsubscribe-form.hbs
+++ b/views/subscription/partials/subscription-unsubscribe-form.hbs
@@ -1,20 +1,13 @@
 <form method="post" id="main-form" action="/subscription/{{lcid}}/unsubscribe">
     <input type="hidden" name="_csrf" value="{{csrfToken}}">
     <input type="hidden" name="campaign" value="{{campaign}}">
-    <input type="hidden" name="cid" value="{{cid}}">
+    <input type="hidden" name="ucid" value="{{ucid}}">
 
     <div class="form-group">
         <label for="email">{{#translate}}Email address{{/translate}}</label>
-        <input type="email" name="email" id="email" placeholder="" value="{{email}}" autofocus required>
+        <input type="email" name="email" id="email" placeholder="" value="{{email}}" readonly>
     </div>
 
     <button type="submit" style="position: absolute; top: -9999px; left: -9999px;">{{#translate}}Unsubscribe{{/translate}}</button>
 </form>
 
-{{#if email}}
-    {{#if autosubmit}}
-        <script>
-            document.getElementById('main-form').submit();
-        </script>
-    {{/if}}
-{{/if}}
diff --git a/views/subscription/web-unsubscribe.mjml.hbs b/views/subscription/web-unsubscribe.mjml.hbs
index a34892d4..4ea3c4fa 100644
--- a/views/subscription/web-unsubscribe.mjml.hbs
+++ b/views/subscription/web-unsubscribe.mjml.hbs
@@ -3,9 +3,6 @@
         <mj-text mj-class="h3">
             {{#translate}}Unsubscribe{{/translate}}
         </mj-text>
-        <mj-text mj-class="p">
-            {{#translate}}Enter your email address to unsubscribe from:{{/translate}} {{title}}
-        </mj-text>
         <mj-text>
             {{> subscription_unsubscribe_form}}
         </mj-text>

From bd4961366fa21b79b39cf3769579493c25836051 Mon Sep 17 00:00:00 2001
From: Tomas Bures <tbures@sathyasai.org>
Date: Wed, 3 May 2017 15:46:49 -0400
Subject: [PATCH 03/11] More or less all the functionality for selectable
 unsubscription process. Not tested yet!

Sending emails moved completely to controller. It felt strange to have some emails sent from the controller and some of them from the model.
Confirmations refactored to an independent model that can be potentially used also for other actions that need an email confirmation.
---
 lib/helpers.js                                |  10 +-
 lib/models/campaigns.js                       |   2 +-
 lib/models/confirmations.js                   |  90 ++++
 lib/models/forms.js                           |   3 +-
 lib/models/reports.js                         |   2 +-
 lib/models/subscriptions.js                   | 498 ++++--------------
 lib/subscription-mail-helpers.js              | 166 ++++++
 routes/forms.js                               |   5 +
 routes/subscription.js                        | 358 +++++++++----
 setup/sql/upgrade-00028.sql                   |   9 +
 .../mail-already-subscribed-html.mjml.hbs     |   2 +-
 .../mail-already-subscribed-text.hbs          |   2 +-
 .../web-manual-unsubscribe-notice.mjml.hbs    |  13 +
 13 files changed, 672 insertions(+), 488 deletions(-)
 create mode 100644 lib/models/confirmations.js
 create mode 100644 lib/subscription-mail-helpers.js
 create mode 100644 views/subscription/web-manual-unsubscribe-notice.mjml.hbs

diff --git a/lib/helpers.js b/lib/helpers.js
index 2cac3dbb..8324a811 100644
--- a/lib/helpers.js
+++ b/lib/helpers.js
@@ -21,7 +21,8 @@ module.exports = {
     injectCustomFormData,
     injectCustomFormTemplates,
     filterCustomFields,
-    getMjmlTemplate
+    getMjmlTemplate,
+    rollbackAndReleaseConnection
 };
 
 function getDefaultMergeTags(callback) {
@@ -258,3 +259,10 @@ function captureFlashMessages(req, res, callback) {
         callback(null, flash);
     });
 }
+
+function rollbackAndReleaseConnection(connection, callback) {
+    connection.rollback(() => {
+        connection.release();
+        return callback();
+    });
+}
diff --git a/lib/models/campaigns.js b/lib/models/campaigns.js
index 1291cd78..c25c57ee 100644
--- a/lib/models/campaigns.js
+++ b/lib/models/campaigns.js
@@ -1074,7 +1074,7 @@ module.exports.updateMessage = (message, status, updateSubscription, callback) =
                 }
 
                 if (updateSubscription) {
-                    subscriptions.changeStatus(message.subscription, message.list, statusCode === 2 ? message.campaign : false, statusCode, callback);
+                    subscriptions.changeStatus(message.list, message.subscription, statusCode === 2 ? message.campaign : false, statusCode, callback);
                 } else {
                     return callback(null, true);
                 }
diff --git a/lib/models/confirmations.js b/lib/models/confirmations.js
new file mode 100644
index 00000000..66025ed1
--- /dev/null
+++ b/lib/models/confirmations.js
@@ -0,0 +1,90 @@
+'use strict';
+
+let db = require('../db');
+let shortid = require('shortid');
+let helpers = require('../helpers');
+
+/*
+    Adds new entry to the confirmations tables. Generates confirmation cid, which it returns.
+ */
+module.exports.addConfirmation = (listId, action, ip, data, callback) => {
+    let cid = shortid.generate();
+
+    db.getConnection((err, connection) => {
+        if (err) {
+            return callback(err);
+        }
+
+        let query = 'INSERT INTO confirmations (cid, list, action, ip, data) VALUES (?,?,?,?,?)';
+        connection.query(query, [cid, list, action, ip, JSON.stringify(data || {})], (err, result) => {
+            connection.release();
+            if (err) {
+                return callback(err);
+            }
+
+            if (!result || !result.affectedRows) {
+                return callback(null, false);
+            }
+
+            return callback(null, cid);
+        });
+    });
+};
+
+/*
+    Atomically retrieves confirmation from the database, removes it from the database and returns it.
+ */
+module.exports.takeConfirmation = (cid, callback) => {
+    db.getConnection((err, connection) => {
+        if (err) {
+            return callback(err);
+        }
+
+        connection.beginTransaction(err => {
+            if (err) {
+                connection.release();
+                return callback(err);
+            }
+
+            let query = 'SELECT cid, list, action, ip, data FROM confirmations WHERE cid=? LIMIT 1';
+            connection.query(query, [cid], (err, rows) => {
+                if (err) {
+                    return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
+                }
+
+                if (!rows || !rows.length) {
+                    return helpers.rollbackAndReleaseConnection(connection, () => callback(null, false));
+                }
+
+                connection.query('DELETE FROM confirmations WHERE `cid`=? LIMIT 1', [cid], () => {
+                    if (err) {
+                        return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
+                    }
+
+                    connection.commit(err => {
+                        if (err) {
+                            return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
+                        }
+                        connection.release();
+
+                        let data;
+                        try {
+                            data = JSON.parse(rows[0].data);
+                        } catch (E) {
+                            data = {};
+                        }
+
+                        const result = {
+                            listId: rows[0].list,
+                            action: rows[0].action,
+                            ip: rows[0].ip,
+                            data
+                        };
+
+                        return callback(null, result);
+                    });
+                });
+            });
+        });
+    });
+};
diff --git a/lib/models/forms.js b/lib/models/forms.js
index 802e5706..9550077b 100644
--- a/lib/models/forms.js
+++ b/lib/models/forms.js
@@ -34,7 +34,8 @@ let allowedKeys = [
     'mail_confirm_address_change_text',
     'web_unsubscribed_notice',
     'mail_unsubscription_confirmed_html',
-    'mail_unsubscription_confirmed_text'
+    'mail_unsubscription_confirmed_text',
+    'web_manual_unsubscribe_notice'
 ];
 
 
diff --git a/lib/models/reports.js b/lib/models/reports.js
index 0c6a91f9..aac2d967 100644
--- a/lib/models/reports.js
+++ b/lib/models/reports.js
@@ -245,8 +245,8 @@ module.exports.getCampaignResults = (campaign, select, clause, callback) => {
             const query = 'SELECT ' + selFields.join(', ') + ' FROM `subscription__' + campaign.list + '` subscribers INNER JOIN `campaign__' + campaign.id + '` campaign on subscribers.id=campaign.subscription LEFT JOIN `campaign_tracker__' + campaign.id + '` tracker on subscribers.id=tracker.subscriber ' + clause;
 
             connection.query(query, (err, results) => {
+                connection.release();
                 if (err) {
-                    connection.release();
                     return callback(err);
                 }
 
diff --git a/lib/models/subscriptions.js b/lib/models/subscriptions.js
index 24158ffd..08f2cbac 100644
--- a/lib/models/subscriptions.js
+++ b/lib/models/subscriptions.js
@@ -5,12 +5,9 @@ let shortid = require('shortid');
 let tools = require('../tools');
 let helpers = require('../helpers');
 let fields = require('./fields');
-let geoip = require('geoip-ultralight');
 let segments = require('./segments');
 let settings = require('./settings');
 let mailer = require('../mailer');
-let urllib = require('url');
-let log = require('npmlog');
 let _ = require('../translate')._;
 let util = require('util');
 let tableHelpers = require('../table-helpers');
@@ -88,150 +85,17 @@ module.exports.filter = (listId, request, columns, segmentId, callback) => {
 
 };
 
-module.exports.addConfirmation = (list, email, ip, data, callback) => {
-    let cid = shortid.generate();
-
-    db.getConnection((err, connection) => {
-        if (err) {
-            return callback(err);
-        }
-
-        let query = 'INSERT INTO confirmations (cid, list, email, ip, data) VALUES (?,?,?,?,?)';
-        connection.query(query, [cid, list.id, email, ip, JSON.stringify(data || {})], (err, result) => {
-            connection.release();
-            if (err) {
-                return callback(err);
-            }
-
-            if (!result || !result.affectedRows) {
-                return callback(null, false);
-            }
-
-            if (data._skip) {
-                log.info('Subscription', 'Confirmation message for %s marked to be skipped (%s)', email, JSON.stringify(data));
-                return callback(null, cid);
-            }
-
-            // FIXME - customize from the router
-            const mailOpts = {
-                ignoreDisableConfirmations: true
-            };
-            const relativeUrls = {
-                confirmUrl: '/subscription/confirm/' + cid
-            };
-            module.exports.sendMail(list, email, 'confirm-subscription', _('%s: Please Confirm Subscription'), relativeUrls, mailOpts, data, (err) => {
-                return callback(err, cid);
-            });
-        });
-    });
-};
-
-module.exports.processConfirmation = (cid, ip, callback) => {
-    db.getConnection((err, connection) => {
-        if (err) {
-            return callback(err);
-        }
-
-        let query = 'SELECT * FROM confirmations WHERE cid=? LIMIT 1';
-        connection.query(query, [cid], (err, rows) => {
-            connection.release();
-            if (err) {
-                return callback(err);
-            }
-
-            if (!rows || !rows.length) {
-                return callback(null, false);
-            }
-
-            let subscription;
-            let listId = rows[0].list;
-            let email = rows[0].email;
-            try {
-                subscription = JSON.parse(rows[0].data);
-            } catch (E) {
-                subscription = {};
-            }
-
-            if (subscription._action === 'update') {
-                if (!subscription.subscriber) { // Something went terribly wrong and we don't have data that we have originally provided
-                    return callback(new Error(_('Subscriber info corrupted or missing')));
-                }
-
-                // update email address instead of adding new
-                db.getConnection((err, connection) => {
-                    if (err) {
-                        return callback(err);
-                    }
-                    let query = 'UPDATE `subscription__' + listId + '` SET `email`=? WHERE `id`=? LIMIT 1';
-                    let args = [email, subscription.subscriber];
-                    connection.query(query, args, err => {
-                        if (err) {
-                            connection.release();
-                            return callback(err);
-                        }
-                        connection.query('DELETE FROM confirmations WHERE `cid`=? LIMIT 1', [cid], () => {
-                            connection.release();
-                            return module.exports.getById(listId, subscription.subscriber, (err, subscriptionData) => {
-                                return callback(err, subscriptionData, subscription._action);
-                            });
-                        });
-                    });
-                });
-                return;
-
-            } else if (subscription._action === 'unsubscribe') {
-                // TODO
-                return;
-
-            } else if (subscription._action === 'subscribe') {
-                subscription.cid = cid;
-                subscription.list = listId;
-                subscription.email = email;
-
-                let optInCountry = geoip.lookupCountry(ip) || null;
-                module.exports.insert(listId, {
-                    email,
-                    cid,
-                    optInIp: ip,
-                    optInCountry,
-                    status: 1
-                }, subscription, (err, result) => {
-                    if (err) {
-                        return callback(err);
-                    }
-
-                    if (!result.entryId) {
-                        return callback(new Error(_('Could not save subscription')));
-                    }
-
-                    db.getConnection((err, connection) => {
-                        if (err) {
-                            return callback(err);
-                        }
-                        connection.query('DELETE FROM confirmations WHERE `cid`=? LIMIT 1', [cid], () => {
-                            connection.release();
-                            // reload full data from db in case it was an update, not insert
-                            return module.exports.getById(listId, result.entryId, (err, subscriptionData) => {
-                                return callback(err, subscriptionData, subscription._action);
-                            });
-                        });
-                    });
-                });
-
-            } else {
-                return callback(new Error(util.format(_('Subscription request corrupted - action: %s'), subscription._action)));
-            }
-
-        });
-    });
-};
-
-module.exports.insert = (listId, meta, subscription, callback) => {
 
+/*
+    Adds a new subscription. Returns error if a subscription with the same email address is already present and is not unsubscribed.
+    If it is unsubscribed, the existing subscription is changed based on the provided data.
+    If meta.partial is true, it updates even an active subscription.
+ */
+module.exports.insert = (listId, meta, subscriptionData, callback) => {
     meta = tools.convertKeys(meta);
-    subscription = tools.convertKeys(subscription);
+    subscriptionData = tools.convertKeys(subscriptionData);
 
-    meta.email = meta.email || subscription.email;
+    meta.email = meta.email || subscriptionData.email;
     meta.cid = meta.cid || shortid.generate();
 
     fields.list(listId, (err, fieldList) => {
@@ -245,8 +109,8 @@ module.exports.insert = (listId, meta, subscription, callback) => {
         let values = [];
 
         let allowedKeys = ['first_name', 'last_name', 'tz', 'is_test'];
-        Object.keys(subscription).forEach(key => {
-            let value = subscription[key];
+        Object.keys(subscriptionData).forEach(key => {
+            let value = subscriptionData[key];
             key = tools.toDbKey(key);
             if (key === 'tz') {
                 value = (value || '').toString().toLowerCase().trim();
@@ -260,8 +124,7 @@ module.exports.insert = (listId, meta, subscription, callback) => {
             }
         });
 
-        // FIXME - see issue #218
-        fields.getValues(fields.getRow(fieldList, subscription, true, true, !!meta.partial), true).forEach(field => {
+        fields.getValues(fields.getRow(fieldList, subscriptionData, true, true, !!meta.partial), true).forEach(field => {
             keys.push(field.key);
             values.push(field.value);
         });
@@ -280,10 +143,7 @@ module.exports.insert = (listId, meta, subscription, callback) => {
                 let query = 'SELECT `id`, `status`, `cid` FROM `subscription__' + listId + '` WHERE `email`=? OR `cid`=? LIMIT 1';
                 connection.query(query, [meta.email, meta.cid], (err, rows) => {
                     if (err) {
-                        return connection.rollback(() => {
-                            connection.release();
-                            return callback(err);
-                        });
+                        return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                     }
 
                     let query;
@@ -297,6 +157,10 @@ module.exports.insert = (listId, meta, subscription, callback) => {
                     let statusChange = !existing || existing.status !== meta.status;
                     let statusDirection;
 
+                    if (existing && !meta.partial) {
+                        return helpers.rollbackAndReleaseConnection(connection, new Error(_('Email address already registered')), callback);
+                    }
+
                     if (statusChange) {
                         keys.push('status', 'status_change');
                         values.push(meta.status, new Date());
@@ -307,10 +171,7 @@ module.exports.insert = (listId, meta, subscription, callback) => {
                         // nothing to update
                         return connection.commit(err => {
                             if (err) {
-                                return connection.rollback(() => {
-                                    connection.release();
-                                    return callback(err);
-                                });
+                                return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                             }
                             connection.release();
                             return callback(null, {
@@ -334,10 +195,7 @@ module.exports.insert = (listId, meta, subscription, callback) => {
 
                     connection.query(query, queryArgs, (err, result) => {
                         if (err) {
-                            return connection.rollback(() => {
-                                connection.release();
-                                return callback(err);
-                            });
+                            return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                         }
 
                         entryId = result.insertId || entryId;
@@ -345,17 +203,11 @@ module.exports.insert = (listId, meta, subscription, callback) => {
                         if (statusChange && statusDirection) {
                             connection.query('UPDATE lists SET `subscribers`=`subscribers`' + statusDirection + '1 WHERE id=?', [listId], err => {
                                 if (err) {
-                                    return connection.rollback(() => {
-                                        connection.release();
-                                        return callback(err);
-                                    });
+                                    return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                                 }
                                 connection.commit(err => {
                                     if (err) {
-                                        return connection.rollback(() => {
-                                            connection.release();
-                                            return callback(err);
-                                        });
+                                        return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                                     }
                                     connection.release();
                                     return callback(null, {
@@ -368,10 +220,7 @@ module.exports.insert = (listId, meta, subscription, callback) => {
                         } else {
                             connection.commit(err => {
                                 if (err) {
-                                    return connection.rollback(() => {
-                                        connection.release();
-                                        return callback(err);
-                                    });
+                                    return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                                 }
                                 connection.release();
                                 return callback(null, {
@@ -529,7 +378,7 @@ module.exports.update = (listId, cid, updates, allowEmail, callback) => {
     }
 
     if (!cid) {
-        return callback(new Error(_('Missing subscription ID')));
+        return callback(new Error(_('Missing Subscription ID')));
     }
 
     fields.list(listId, (err, fieldList) => {
@@ -581,45 +430,7 @@ module.exports.update = (listId, cid, updates, allowEmail, callback) => {
     });
 };
 
-module.exports.unsubscribe = (listId, subscriberCid, campaignId, callback) => {
-    listId = Number(listId) || 0;
-
-    campaignId = (campaignId || '').toString().trim() || false;
-
-    if (listId < 1) {
-        return callback(new Error(_('Missing List ID')));
-    }
-
-    if (!subscriberCid) {
-        return callback(new Error(_('Missing subscriber cid')));
-    }
-
-    db.getConnection((err, connection) => {
-        if (err) {
-            return callback(err);
-        }
-
-        connection.query('SELECT * FROM `subscription__' + listId + '` WHERE `cid`=?', [subscriberCid], (err, rows) => {
-            connection.release();
-            if (err) {
-                return callback(err);
-            }
-            if (!rows || !rows.length || rows[0].status !== 1) {
-                return callback(null, false);
-            }
-
-            let subscription = tools.convertKeys(rows[0]);
-            module.exports.changeStatus(subscription.id, listId, campaignId, 2, err => {
-                if (err) {
-                    return callback(err);
-                }
-                return callback(null, subscription);
-            });
-        });
-    });
-};
-
-module.exports.changeStatus = (id, listId, campaignId, status, callback) => {
+module.exports.changeStatus = (listId, id, campaignId, status, callback) => {
     db.getConnection((err, connection) => {
         if (err) {
             return callback(err);
@@ -632,17 +443,11 @@ module.exports.changeStatus = (id, listId, campaignId, status, callback) => {
 
             connection.query('SELECT `status` FROM `subscription__' + listId + '` WHERE id=? LIMIT 1', [id], (err, rows) => {
                 if (err) {
-                    return connection.rollback(() => {
-                        connection.release();
-                        return callback(err);
-                    });
+                    return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                 }
 
                 if (!rows || !rows.length) {
-                    return connection.rollback(() => {
-                        connection.release();
-                        return callback(null, false);
-                    });
+                    return helpers.rollbackAndReleaseConnection(connection, () => callback(null, false));
                 }
 
                 let oldStatus = rows[0].status;
@@ -650,10 +455,7 @@ module.exports.changeStatus = (id, listId, campaignId, status, callback) => {
                 let statusDirection;
 
                 if (!statusChange) {
-                    return connection.rollback(() => {
-                        connection.release();
-                        return callback(null, true);
-                    });
+                    return helpers.rollbackAndReleaseConnection(connection, () => callback(null, true));
                 }
 
                 if (statusChange && oldStatus === 1 || status === 1) {
@@ -662,19 +464,13 @@ module.exports.changeStatus = (id, listId, campaignId, status, callback) => {
 
                 connection.query('UPDATE `subscription__' + listId + '` SET `status`=?, `status_change`=NOW() WHERE id=? LIMIT 1', [status, id], err => {
                     if (err) {
-                        return connection.rollback(() => {
-                            connection.release();
-                            return callback(err);
-                        });
+                        return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                     }
 
                     if (!statusDirection) {
                         return connection.commit(err => {
                             if (err) {
-                                return connection.rollback(() => {
-                                    connection.release();
-                                    return callback(err);
-                                });
+                                return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                             }
                             connection.release();
                             return callback(null, true);
@@ -683,20 +479,14 @@ module.exports.changeStatus = (id, listId, campaignId, status, callback) => {
 
                     connection.query('UPDATE `lists` SET `subscribers`=`subscribers`' + statusDirection + '1 WHERE id=? LIMIT 1', [listId], err => {
                         if (err) {
-                            return connection.rollback(() => {
-                                connection.release();
-                                return callback(err);
-                            });
+                            return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                         }
 
                         // status change is not related to a campaign or it marks message as bounced etc.
                         if (!campaignId || status > 2) {
                             return connection.commit(err => {
                                 if (err) {
-                                    return connection.rollback(() => {
-                                        connection.release();
-                                        return callback(err);
-                                    });
+                                    return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                                 }
                                 connection.release();
                                 return callback(null, true);
@@ -705,10 +495,7 @@ module.exports.changeStatus = (id, listId, campaignId, status, callback) => {
 
                         connection.query('SELECT `id` FROM `campaigns` WHERE `cid`=? LIMIT 1', [campaignId], (err, rows) => {
                             if (err) {
-                                return connection.rollback(() => {
-                                    connection.release();
-                                    return callback(err);
-                                });
+                                return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                             }
 
                             let campaign = rows && rows[0] || false;
@@ -717,10 +504,7 @@ module.exports.changeStatus = (id, listId, campaignId, status, callback) => {
                                 // should not happend
                                 return connection.commit(err => {
                                     if (err) {
-                                        return connection.rollback(() => {
-                                            connection.release();
-                                            return callback(err);
-                                        });
+                                        return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                                     }
                                     connection.release();
                                     return callback(null, true);
@@ -730,10 +514,7 @@ module.exports.changeStatus = (id, listId, campaignId, status, callback) => {
                             // we should see only unsubscribe events here but you never know
                             connection.query('UPDATE `campaigns` SET `unsubscribed`=`unsubscribed`' + (status === 2 ? '+' : '-') + '1 WHERE `cid`=? LIMIT 1', [campaignId], err => {
                                 if (err) {
-                                    return connection.rollback(() => {
-                                        connection.release();
-                                        return callback(err);
-                                    });
+                                    return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                                 }
 
                                 let query = 'UPDATE `campaign__' + campaign.id + '` SET `status`=? WHERE `list`=? AND `subscription`=? LIMIT 1';
@@ -742,18 +523,12 @@ module.exports.changeStatus = (id, listId, campaignId, status, callback) => {
                                 // Updated tracker status
                                 connection.query(query, values, err => {
                                     if (err) {
-                                        return connection.rollback(() => {
-                                            connection.release();
-                                            return callback(err);
-                                        });
+                                        return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                                     }
 
                                     return connection.commit(err => {
                                         if (err) {
-                                            return connection.rollback(() => {
-                                                connection.release();
-                                                return callback(err);
-                                            });
+                                            return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                                         }
                                         connection.release();
                                         return callback(null, true);
@@ -805,19 +580,13 @@ module.exports.delete = (listId, cid, callback) => {
 
                 connection.query('DELETE FROM `subscription__' + listId + '` WHERE cid=? LIMIT 1', [cid], err => {
                     if (err) {
-                        return connection.rollback(() => {
-                            connection.release();
-                            return callback(err);
-                        });
+                        return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                     }
 
                     if (subscription.status !== 1) {
                         return connection.commit(err => {
                             if (err) {
-                                return connection.rollback(() => {
-                                    connection.release();
-                                    return callback(err);
-                                });
+                                return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                             }
                             connection.release();
                             return callback(null, subscription.email);
@@ -826,17 +595,11 @@ module.exports.delete = (listId, cid, callback) => {
 
                     connection.query('UPDATE lists SET subscribers=subscribers-1 WHERE id=? LIMIT 1', [listId], err => {
                         if (err) {
-                            return connection.rollback(() => {
-                                connection.release();
-                                return callback(err);
-                            });
+                            return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                         }
                         connection.commit(err => {
                             if (err) {
-                                return connection.rollback(() => {
-                                    connection.release();
-                                    return callback(err);
-                                });
+                                return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                             }
                             connection.release();
                             return callback(null, subscription.email);
@@ -1028,13 +791,13 @@ module.exports.listImports = (listId, callback) => {
     });
 };
 
-
-module.exports.updateAddress = (list, cid, updates, ip, callback) => {
-    updates = tools.convertKeys(updates);
+/*
+Performs checks before update of an address. This includes finding the existing subscriber, validating the new email
+and checking whether the new email does not conflict with other subscribers.
+ */
+module.exports.updateAddressCheck = (list, cid, emailNew, ip, callback) => {
     cid = (cid || '').toString().trim();
 
-    let emailNew = (updates.emailNew || '').toString().trim();
-
     if (!list || !list.id) {
         return callback(new Error(_('Missing List ID')));
     }
@@ -1053,7 +816,7 @@ module.exports.updateAddress = (list, cid, updates, ip, callback) => {
                 return callback(err);
             }
 
-            let query = 'SELECT `id`, `email` FROM `subscription__' + list.id + '` WHERE `cid`=? LIMIT 1';
+            let query = 'SELECT * FROM `subscription__' + list.id + '` WHERE `cid`=? LIMIT 1';
             let args = [cid];
             connection.query(query, args, (err, rows) => {
                 if (err) {
@@ -1072,7 +835,7 @@ module.exports.updateAddress = (list, cid, updates, ip, callback) => {
 
                 let old = rows[0];
 
-                let query = 'SELECT `id` FROM `subscription__' + list.id + '` WHERE `email`=? AND `cid`<>? LIMIT 1';
+                let query = 'SELECT `id` FROM `subscription__' + list.id + '` WHERE `email`=? AND `cid`<>? AND `status`=1 LIMIT 1';
                 let args = [emailNew, cid];
                 connection.query(query, args, (err, rows) => {
                     connection.release();
@@ -1080,18 +843,11 @@ module.exports.updateAddress = (list, cid, updates, ip, callback) => {
                         return callback(err);
                     }
 
-                    if (rows && rows[0] && rows[0].id) {
-
-
-                        return callback(new Error(_('This address is already registered by someone else')));
+                    if (rows && rows.length > 0) {
+                        return callback(null, old, false);
+                    } else {
+                        return callback(null, old, true);
                     }
-
-                    module.exports.addConfirmation(list, emailNew, ip, {
-                        _action: 'update',
-                        cid,
-                        subscriber: old.id,
-                        emailOld: old.email
-                    }, callback);
                 });
             });
         });
@@ -1099,106 +855,64 @@ module.exports.updateAddress = (list, cid, updates, ip, callback) => {
 };
 
 
-module.exports.sendMail = (list, email, template, subject, relativeUrls, mailOpts, subscription, callback) => {
-    db.getConnection((err, connection) => {
-        if (err) {
-            return callback(err);
-        }
-
-        fields.list(list.id, (err, fieldList) => {
-            if (err) {
-                return callback(err);
-            }
-
-            let encryptionKeys = [];
-            fields.getRow(fieldList, subscription).forEach(field => {
-                if (field.type === 'gpg' && field.value) {
-                    encryptionKeys.push(field.value.trim());
-                }
-            });
-
-            settings.list(['defaultHomepage', 'defaultFrom', 'defaultAddress', 'defaultPostaddress', 'serviceUrl', 'disableConfirmations'], (err, configItems) => {
-                if (err) {
-                    return callback(err);
-                }
-
-                if (!mailOpts.ignoreDisableConfirmations && configItems.disableConfirmations) {
-                    return;
-                }
-
-                const data = {
-                    title: list.name,
-                    homepage: configItems.defaultHomepage || configItems.serviceUrl,
-                    contactAddress: configItems.defaultAddress,
-                    defaultPostaddress: configItems.defaultPostaddress,
-                };
-
-                for (let relativeUrlKey in relativeUrls) {
-                    data[relativeUrlKey] = urllib.resolve(configItems.serviceUrl, relativeUrls[relativeUrlKey]);
-                }
-
-                function sendMail(html, text) {
-                    mailer.sendMail({
-                        from: {
-                            name: configItems.defaultFrom,
-                            address: configItems.defaultAddress
-                        },
-                        to: {
-                            name: [].concat(subscription.firstName || []).concat(subscription.lastName || []).join(' '),
-                            address: email
-                        },
-                        subject: util.format(subject, list.name),
-                        encryptionKeys
-                    }, {
-                        html,
-                        text,
-                        data
-                    }, err => {
-                        if (err) {
-                            log.error('Subscription', err);
-                        }
-                    });
-                }
-
-                let text = {
-                    template: 'subscription/mail-' + template + '-text.hbs'
-                };
-
-                let html = {
-                    template: 'subscription/mail-' + template + '-html.mjml.hbs',
-                    layout: 'subscription/layout.mjml.hbs',
-                    type: 'mjml'
-                };
-
-                helpers.injectCustomFormTemplates(list.defaultForm, { text, html }, (err, tmpl) => {
-                    if (err) {
-                        return sendMail(html, text);
-                    }
-
-                    sendMail(tmpl.html, tmpl.text);
-                });
-
-                return callback();
-            });
-        });
-    });
-};
-
-
 /*
-FIXME
-function getUnsubscriptionMode = (listId, start, limit, callback) => {
-    listId = Number(listId) || 0;
-    if (!listId) {
-        return callback(new Error('Missing List ID'));
-    }
-
-    tableHelpers.list('subscription__' + listId, ['*'], 'email', null, start, limit, (err, rows, total) => {
-        if (!err) {
-            rows = rows.map(row => tools.convertKeys(row));
+    Updates address in subscription__xxx
+ */
+module.exports.updateAddress = (listId, subscriptionId, emailNew, callback) => {
+    // update email address instead of adding new
+    db.getConnection((err, connection) => {
+        if (err) {
+            return callback(err);
         }
-        return callback(err, rows, total);
+        connection.beginTransaction(err => {
+            if (err) {
+                connection.release();
+                return callback(err);
+            }
+
+            let query = 'SELECT `id` FROM `subscription__' + listId + '` WHERE `email`=? AND `id`<>? AND `status`=1 LIMIT 1';
+            let args = [emailNew, subscriptionId];
+            connection.query(query, args, (err, rows) => {
+                if (err) {
+                    return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
+                }
+
+                if (rows && rows.length > 0) {
+                    return helpers.rollbackAndReleaseConnection(connection, new Error(_('Email address already registered')), callback);
+                }
+
+                let query = 'DELETE FROM `subscription__' + listId + '` WHERE `email`=? AND `id`<>?';
+                let args = [emailNew, subscriptionId];
+                connection.query(query, args, (err, rows) => {
+                    if (err) {
+                        return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
+                    }
+
+                    let query = 'UPDATE `subscription__' + listId + '` SET `email`=? WHERE `id`=? LIMIT 1';
+                    let args = [emailNew, subscriptionId];
+                    connection.query(query, args, err => {
+                        if (err) {
+                            return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
+                        }
+
+                        return connection.commit(err => {
+                            if (err) {
+                                return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
+                            }
+                            connection.release();
+
+                            return callback();
+                        });
+                    });
+                });
+            });
+        });
     });
+
+};
+
+module.exports.getUnsubscriptionMode = (list, subscriptionId) => {
+    // TODO: Once the unsubscription mode is customizable per segment, then this will be a good place to process it.
+    return list.unsubscriptionMode;
 };
 
-*/
\ No newline at end of file
diff --git a/lib/subscription-mail-helpers.js b/lib/subscription-mail-helpers.js
new file mode 100644
index 00000000..3211a6b9
--- /dev/null
+++ b/lib/subscription-mail-helpers.js
@@ -0,0 +1,166 @@
+'use strict';
+
+const log = require('npmlog');
+const config = require('config');
+let db = require('./db');
+let fields = require('./models/fields');
+let settings = require('./models/settings');
+let mailer = require('./mailer');
+let urllib = require('url');
+let helpers = require('./helpers');
+let tools = require('./tools');
+let _ = require('./translate')._;
+let util = require('util');
+
+
+module.exports = {
+    sendAlreadySubscribed,
+    sendConfirmAddressChange,
+    sendConfirmSubscription,
+    sendConfirmUnsubscription,
+    sendSubscriptionConfirmed,
+    sendUnsubscriptionConfirmed
+};
+
+function sendSubscriptionConfirmed(list, email, subscription, callback) {
+    const relativeUrls = {
+        preferencesUrl: '/subscription/' + list.cid + '/manage/' + subscription.cid,
+        unsubscribeUrl: '/subscription/' + list.cid + '/unsubscribe/' + subscription.cid
+    };
+
+    subscriptions.sendMail(list, email, 'subscription-confirmed', _('%s: Subscription Confirmed'), relativeUrls, {}, data.subscriptionData, callback);
+}
+
+function sendAlreadySubscribed(list, email, subscription, callback) {
+    const mailOpts = {
+        ignoreDisableConfirmations: true
+    };
+    const relativeUrls = {
+        preferencesUrl: '/subscription/' + list.cid + '/manage/' + subscription.cid,
+        unsubscribeUrl: '/subscription/' + list.cid + '/unsubscribe/' + subscription.cid
+    };
+    module.exports.sendMail(list, email, 'already-subscribed', _('%s: Email Address Already Registered'), relativeUrls, mailOpts, subscription, callback);
+}
+
+function sendConfirmAddressChange(list, email, cid, subscription, callback) {
+    const mailOpts = {
+        ignoreDisableConfirmations: true
+    };
+    const relativeUrls = {
+        confirmUrl: '/subscription/confirm/' + cid
+    };
+    module.exports.sendMail(list, email, 'confirm-address-change', _('%s: Please Confirm Email Change in Subscription'), relativeUrls, mailOpts, subscription, callback);
+}
+
+function sendConfirmSubscription(list, email, cid, subscription, callback) {
+    const mailOpts = {
+        ignoreDisableConfirmations: true
+    };
+    const relativeUrls = {
+        confirmUrl: '/subscription/confirm/' + cid
+    };
+    module.exports.sendMail(list, email, 'confirm-subscription', _('%s: Please Confirm Subscription'), relativeUrls, mailOpts, subscription, callback);
+}
+
+function sendConfirmUnsubscription(list, email, cid, subscription, callback) {
+    const mailOpts = {
+        ignoreDisableConfirmations: true
+    };
+    const relativeUrls = {
+        confirmUrl: '/subscription/confirm/' + cid
+    };
+    module.exports.sendMail(list, email, 'confirm-unsubscription', _('%s: Please Confirm Unsubscription'), relativeUrls, mailOpts, subscription, callback);
+}
+
+function sendUnsubscriptionConfirmed(list, email, subscription, callback) {
+    const relativeUrls = {
+        subscribeUrl: '/subscription/' + list.cid + '?cid=' + subscription.cid
+    };
+    subscriptions.sendMail(list, email, 'unsubscription-confirmed', _('%s: Unsubscribe Confirmed'), relativeUrls, {}, subscription, callback);
+}
+
+
+function sendMail(list, email, template, subject, relativeUrls, mailOpts, subscription, callback) {
+    db.getConnection((err, connection) => {
+        if (err) {
+            return callback(err);
+        }
+
+        fields.list(list.id, (err, fieldList) => {
+            if (err) {
+                return callback(err);
+            }
+
+            let encryptionKeys = [];
+            fields.getRow(fieldList, subscription).forEach(field => {
+                if (field.type === 'gpg' && field.value) {
+                    encryptionKeys.push(field.value.trim());
+                }
+            });
+
+            settings.list(['defaultHomepage', 'defaultFrom', 'defaultAddress', 'defaultPostaddress', 'serviceUrl', 'disableConfirmations'], (err, configItems) => {
+                if (err) {
+                    return callback(err);
+                }
+
+                if (!mailOpts.ignoreDisableConfirmations && configItems.disableConfirmations) {
+                    return;
+                }
+
+                const data = {
+                    title: list.name,
+                    homepage: configItems.defaultHomepage || configItems.serviceUrl,
+                    contactAddress: configItems.defaultAddress,
+                    defaultPostaddress: configItems.defaultPostaddress,
+                };
+
+                for (let relativeUrlKey in relativeUrls) {
+                    data[relativeUrlKey] = urllib.resolve(configItems.serviceUrl, relativeUrls[relativeUrlKey]);
+                }
+
+                function sendMail(html, text) {
+                    mailer.sendMail({
+                        from: {
+                            name: configItems.defaultFrom,
+                            address: configItems.defaultAddress
+                        },
+                        to: {
+                            name: [].concat(subscription.firstName || []).concat(subscription.lastName || []).join(' '),
+                            address: email
+                        },
+                        subject: util.format(subject, list.name),
+                        encryptionKeys
+                    }, {
+                        html,
+                        text,
+                        data
+                    }, err => {
+                        if (err) {
+                            log.error('Subscription', err);
+                        }
+                    });
+                }
+
+                let text = {
+                    template: 'subscription/mail-' + template + '-text.hbs'
+                };
+
+                let html = {
+                    template: 'subscription/mail-' + template + '-html.mjml.hbs',
+                    layout: 'subscription/layout.mjml.hbs',
+                    type: 'mjml'
+                };
+
+                helpers.injectCustomFormTemplates(list.defaultForm, { text, html }, (err, tmpl) => {
+                    if (err) {
+                        return sendMail(html, text);
+                    }
+
+                    sendMail(tmpl.html, tmpl.text);
+                });
+
+                return callback();
+            });
+        });
+    });
+}
diff --git a/routes/forms.js b/routes/forms.js
index 6c3935ac..ef10bd9a 100644
--- a/routes/forms.js
+++ b/routes/forms.js
@@ -266,6 +266,11 @@ router.get('/:list/edit/:form', passport.csrfProtection, (req, res) => {
                             label: _('Mail - Unsubscription Confirmed (Text)'),
                             type: 'text',
                             help: helpEmailText
+                        }, {
+                            name: 'web_manual_unsubscribe_notice',
+                            label: _('Web - Manual Unsubscribe Notice'),
+                            type: 'mjml',
+                            help: helpMjmlGeneral
                         }]
                     }
                 ];
diff --git a/routes/subscription.js b/routes/subscription.js
index 193ff63f..d3e712e9 100644
--- a/routes/subscription.js
+++ b/routes/subscription.js
@@ -4,10 +4,8 @@ let log = require('npmlog');
 let config = require('config');
 let tools = require('../lib/tools');
 let helpers = require('../lib/helpers');
-let mailer = require('../lib/mailer');
 let passport = require('../lib/passport');
 let express = require('express');
-let urllib = require('url');
 let router = new express.Router();
 let lists = require('../lib/models/lists');
 let fields = require('../lib/models/fields');
@@ -18,6 +16,9 @@ let _ = require('../lib/translate')._;
 let util = require('util');
 let cors = require('cors');
 let cache = require('memory-cache');
+let geoip = require('geoip-ultralight');
+let confirmations = require('../lib/models/confirmations');
+let mailHelpers = require('../lib/subscription-mail-helpers');
 
 let originWhitelist = config.cors && config.cors.origins || [];
 
@@ -45,7 +46,7 @@ let corsOrCsrfProtection = (req, res, next) => {
 };
 
 router.get('/confirm/:cid', (req, res, next) => {
-    subscriptions.processConfirmation(req.params.cid, req.ip, (err, subscription, action) => {
+    confirmations.takeConfirmation(req.params.cid, (err, confirmation) => {
         if (!err && !subscription) {
             err = new Error(_('Selected subscription not found'));
             err.status = 404;
@@ -55,7 +56,9 @@ router.get('/confirm/:cid', (req, res, next) => {
             return next(err);
         }
 
-        lists.get(subscription.list, (err, list) => {
+        const data = confirmation.data;
+
+        lists.get(confirmation.listId, (err, list) => {
             if (!err && !list) {
                 err = new Error(_('Selected list not found'));
                 err.status = 404;
@@ -65,23 +68,89 @@ router.get('/confirm/:cid', (req, res, next) => {
                 return next(err);
             }
 
-            // FIXME - differentiate email based on action
 
-            const relativeUrls = {
-                preferencesUrl: '/subscription/' + list.cid + '/manage/' + subscription.cid,
-                unsubscribeUrl: '/subscription/' + list.cid + '/unsubscribe/' + subscription.cid
-            };
-
-            subscriptions.sendMail(list, subscription.email, 'subscription-confirmed', _('%s: Subscription Confirmed'), relativeUrls, {}, subscription, (err) => {
-                if (err) {
-                    req.flash('danger', err.message || err);
-                    log.error('Subscription', err);
-                    return res.redirect('/subscription/' + encodeURIComponent(req.params.lcid) + '/unsubscribe/' + encodeURIComponent(req.body.cid) + '?' + tools.queryParams(req.body));
+            if (confirmation.action === 'change-address') {
+                if (!data.subscriptionId) { // Something went terribly wrong and we don't have data that we have originally provided
+                    return next(new Error(_('Subscriber info corrupted or missing')));
                 }
 
-                res.redirect('/subscription/' + list.cid + '/subscribed-notice');
-            });
+                subscriptions.updateAddress(list.id, data.subscriptionId, data.emailNew, err => {
+                    if (err) {
+                        return next(err);
+                    }
 
+                    subscriptions.getById(list.id, subscriptionId, (err, subscription) => {
+                        if (err) {
+                            return next(err);
+                        }
+
+                        mailHelpers.sendSubscriptionConfirmed(list, data.emailNew, subscription, err => {
+                            if (err) {
+                                return next(err);
+                            }
+
+                            res.redirect('/subscription/' + list.cid + '/manage-address/' + subscription.cid);
+                        });
+                    });
+                });
+
+            } else if (confirmation.action === 'subscribe') {
+                let optInCountry = geoip.lookupCountry(confirmation.ip) || null;
+
+                const meta = {
+                    email: data.email,
+                    optInIp: confirmation.ip,
+                    optInCountry,
+                    status: 1
+                };
+
+                subscriptions.insert(list.id, meta, data.subscriptionData, (err, result) => {
+                    if (err) {
+                        return next(err);
+                    }
+
+                    if (!result.entryId) {
+                        return next(new Error(_('Could not save subscription')));
+                    }
+
+                    subscriptions.getById(list.id, result.entryId, (err, subscription) => {
+                        if (err) {
+                            return next(err);
+                        }
+
+                        mailHelpers.sendSubscriptionConfirmed(list, data.email, subscription, err => {
+                            if (err) {
+                                return next(err);
+                            }
+
+                            res.redirect('/subscription/' + list.cid + '/subscribed-notice');
+                        });
+                    });
+                });
+
+            } else if (confirmation.action === 'unsubscribe') {
+                subscriptions.changeStatus(list.id, confirmation.data.subscriptionId, confirmation.data.campaignId, 2, (err, found) => {
+                    if (err) {
+                        return next(err);
+                    }
+
+                    // TODO: Shall we do anything with "found"?
+
+                    subscriptions.getById(list.id, confirmation.data.subscriptionId, (err, subscription) => {
+                        if (err) {
+                            return next(err);
+                        }
+
+                        mailHelpers.sendUnsubscriptionConfirmed(list, subscription.email, subscription, err => {
+                            if (err) {
+                                return next(err);
+                            }
+
+                            res.redirect('/subscription/' + req.params.lcid + '/unsubscribed-notice');
+                        });
+                    });
+                });
+            }
         });
     });
 });
@@ -262,7 +331,7 @@ router.post('/:cid/subscribe', passport.parseForm, corsOrCsrfProtection, (req, r
         }
 
         // Check if the subscriber seems legit. This is a really simple check, the only requirement is that
-        // the subsciber has JavaScript turned on and thats it. If Mailtrain gets more targeted then this
+        // the subscriber has JavaScript turned on and thats it. If Mailtrain gets more targeted then this
         // simple check should be replaced with an actual captcha
         let subTime = Number(req.body.sub) || 0;
         // allow clock skew 24h in the past and 24h to the future
@@ -285,39 +354,67 @@ router.post('/:cid/subscribe', passport.parseForm, corsOrCsrfProtection, (req, r
                 return req.xhr ? sendJsonError(err) : next(err);
             }
 
-            let data = {};
+            let subscriptionData = {};
             Object.keys(req.body).forEach(key => {
                 if (key !== 'email' && key.charAt(0) !== '_') {
-                    data[key] = (req.body[key] || '').toString().trim();
+                    subscriptionData[key] = (req.body[key] || '').toString().trim();
                 }
             });
+            subscriptionData = tools.convertKeys(data);
 
-            data = tools.convertKeys(data);
-
-            data._address = req.body.address;
-            data._sub = req.body.sub;
-            data._skip = !testsPass;
-            data._action = 'subscribe';
-
-            subscriptions.addConfirmation(list, email, req.ip, data, (err, confirmCid) => {
-                if (!err && !confirmCid) {
-                    err = new Error(_('Could not store confirmation data'));
-                }
-
+            subscriptions.getByEmail(list.id, email, (err, subscription) => {
                 if (err) {
-                    if (req.xhr) {
-                        return sendJsonError(err);
-                    }
-                    req.flash('danger', err.message || err);
-                    return res.redirect('/subscription/' + encodeURIComponent(req.params.cid) + '?' + tools.queryParams(req.body));
+                    return req.xhr ? sendJsonError(err) : next(err);
                 }
 
-                if (req.xhr) {
-                    return res.status(200).json({
-                        msg: _('Please Confirm Subscription')
+                if (subscription) {
+                    mailHelpers.sendAlreadySubscribed(list, email, subscription, (err) => {
+                        if (err) {
+                            return req.xhr ? sendJsonError(err) : next(err);
+                        }
+                        res.redirect('/subscription/' + req.params.cid + '/confirm-subscription-notice');
+                    });
+                } else {
+                    const data = {
+                        email,
+                        subscriptionData
+                    };
+
+                    confirmations.addConfirmation(list.id, 'subscribe', req.ip, data, (err, confirmCid) => {
+                        if (!err && !confirmCid) {
+                            err = new Error(_('Could not store confirmation data'));
+                        }
+
+                        if (err) {
+                            if (req.xhr) {
+                                return sendJsonError(err);
+                            }
+                            req.flash('danger', err.message || err);
+                            return res.redirect('/subscription/' + encodeURIComponent(req.params.cid) + '?' + tools.queryParams(req.body));
+                        }
+
+                        function sendWebResponse() {
+                            if (req.xhr) {
+                                return res.status(200).json({
+                                    msg: _('Please Confirm Subscription')
+                                });
+                            }
+                            res.redirect('/subscription/' + req.params.cid + '/confirm-subscription-notice');
+                        }
+
+                        if (!testsPass) {
+                            log.info('Subscription', 'Confirmation message for %s marked to be skipped (%s)', email, JSON.stringify(data));
+                            sendWebResponse();
+                        } else {
+                            sendConfirmSubscription(list, email, confirmCid, data, (err) => {
+                                if (err) {
+                                    return req.xhr ? sendJsonError(err) : sendWebResponse(err);
+                                }
+                                sendWebResponse();
+                            })
+                        }
                     });
                 }
-                res.redirect('/subscription/' + req.params.cid + '/confirm-subscription-notice');
             });
         });
     });
@@ -492,15 +589,41 @@ router.post('/:lcid/manage-address', passport.parseForm, passport.csrfProtection
             return next(err);
         }
 
-        subscriptions.updateAddress(list, req.body.cid, req.body, req.ip, err => {
+        const emailNew = (req.body.emailNew || '').toString().trim();
+
+        subscriptions.updateAddressCheck(list, req.body.cid, emailNew, req.ip, (err, subscription, newEmailAvailable) => {
             if (err) {
                 req.flash('danger', err.message || err);
                 log.error('Subscription', err);
                 return res.redirect('/subscription/' + encodeURIComponent(req.params.lcid) + '/manage-address/' + encodeURIComponent(req.body.cid) + '?' + tools.queryParams(req.body));
             }
 
-            req.flash('info', _('An email with further instructions has been sent to the provided address'));
-            res.redirect('/subscription/' + req.params.lcid + '/manage/' + req.body.cid);
+            function sendWebResponse(err) {
+                if (err) {
+                    return next(err);
+                }
+
+                req.flash('info', _('An email with further instructions has been sent to the provided address'));
+                res.redirect('/subscription/' + req.params.lcid + '/manage/' + req.body.cid);
+            }
+
+            if (newEmailAvailable) {
+                const data = {
+                    subscriptionId: subscription.id,
+                    emailNew
+                };
+
+                confirmations.addConfirmation(list.id, 'change-address', req.ip, data, err => {
+                    if (err) {
+                        return next(err);
+                    }
+
+                    mailHelpers.sendConfirmAddressChange(list, emailNew, subscription, sendWebResponse);
+                });
+
+            } else {
+                mailHelpers.sendAlreadySubscribed(list, emailNew, subscription, sendWebResponse);
+            }
         });
     });
 });
@@ -525,7 +648,7 @@ router.get('/:lcid/unsubscribe/:ucid', passport.csrfProtection, (req, res, next)
 
             subscriptions.get(list.id, req.params.ucid, (err, subscription) => {
                 if (!err && !subscription) {
-                    err = new Error(_('Subscription not found from this list'));
+                    err = new Error(_('Subscription not found in this list'));
                     err.status = 404;
                 }
 
@@ -533,40 +656,47 @@ router.get('/:lcid/unsubscribe/:ucid', passport.csrfProtection, (req, res, next)
                     return next(err);
                 }
 
-                subscription.lcid = req.params.lcid;
-                subscription.ucid = req.params.ucid;
-                subscription.title = list.name;
-                subscription.csrfToken = req.csrfToken();
-                subscription.campaign = req.query.c;
-                subscription.defaultAddress = configItems.defaultAddress;
-                subscription.defaultPostaddress = configItems.defaultPostaddress;
 
-                subscription.template = {
-                    template: 'subscription/web-unsubscribe.mjml.hbs',
-                    layout: 'subscription/layout.mjml.hbs'
-                };
+                if (list.unsubscriptionMode === lists.UnsubscriptionMode.ONE_STEP_WITH_FORM ||
+                    list.unsubscriptionMode === lists.UnsubscriptionMode.TWO_STEP_WITH_FORM) {
 
-                helpers.injectCustomFormData(req.query.fid || list.defaultForm, 'subscription/web-unsubscribe', subscription, (err, data) => {
-                    if (err) {
-                        return next(err);
-                    }
+                    subscription.lcid = req.params.lcid;
+                    subscription.ucid = req.params.ucid;
+                    subscription.title = list.name;
+                    subscription.csrfToken = req.csrfToken();
+                    subscription.campaign = req.query.c;
+                    subscription.defaultAddress = configItems.defaultAddress;
+                    subscription.defaultPostaddress = configItems.defaultPostaddress;
 
-                    helpers.getMjmlTemplate(data.template, (err, htmlRenderer) => {
+                    subscription.template = {
+                        template: 'subscription/web-unsubscribe.mjml.hbs',
+                        layout: 'subscription/layout.mjml.hbs'
+                    };
+
+                    helpers.injectCustomFormData(req.query.fid || list.defaultForm, 'subscription/web-unsubscribe', subscription, (err, data) => {
                         if (err) {
                             return next(err);
                         }
 
-                        helpers.captureFlashMessages(req, res, (err, flash) => {
+                        helpers.getMjmlTemplate(data.template, (err, htmlRenderer) => {
                             if (err) {
                                 return next(err);
                             }
 
-                            data.isWeb = true;
-                            data.flashMessages = flash;
-                            res.send(htmlRenderer(data));
+                            helpers.captureFlashMessages(req, res, (err, flash) => {
+                                if (err) {
+                                    return next(err);
+                                }
+
+                                data.isWeb = true;
+                                data.flashMessages = flash;
+                                res.send(htmlRenderer(data));
+                            });
                         });
                     });
-                });
+                } else { // UnsubscriptionMode.ONE_STEP || UnsubscriptionMode.TWO_STEP || UnsubscriptionMode.MANUAL
+                    handleUnsubscribe(list, subscription, res);
+                }
             });
         });
     });
@@ -583,47 +713,95 @@ router.post('/:lcid/unsubscribe', passport.parseForm, passport.csrfProtection, (
             return next(err);
         }
 
-        subscriptions.unsubscribe(list.id, req.body.ucid, req.body.campaign, (err, subscription) => {
-            if (err) {
-                req.flash('danger', err.message || err);
-                log.error('Subscription', err);
-                return res.redirect('/subscription/' + encodeURIComponent(req.params.lcid) + '/unsubscribe/' + encodeURIComponent(req.body.ucid) + '?' + tools.queryParams(req.body));
+        const campaignId = (req.body.campaign || '').toString().trim() || false;
+
+        subscriptions.get(list.id, req.body.ucid, (err, subscription) => {
+            if (!err && !subscription) {
+                err = new Error(_('Subscription not found in this list'));
+                err.status = 404;
             }
 
-            const relativeUrls = {
-                subscribeUrl: '/subscription/' + list.cid + '?cid=' + subscription.cid
-            };
-            subscriptions.sendMail(list, subscription.email, 'unsubscription-confirmed', _('%s: Unsubscribe Confirmed'), relativeUrls, {}, subscription, (err) => {
-                if (err) {
-                    req.flash('danger', err.message || err);
-                    log.error('Subscription', err);
-                    return res.redirect('/subscription/' + encodeURIComponent(list.cid) + '/unsubscribe/' + encodeURIComponent(subscription.cid) + '?' + tools.queryParams(req.body));
-                }
+            if (err) {
+                return next(err);
+            }
 
-                res.redirect('/subscription/' + req.params.lcid + '/unsubscribed-notice');
-            });
+            handleUnsubscribe(list, subscription, res);
         });
     });
 });
 
+function handleUnsubscribe(list, subscription, res) {
+    if (list.unsubscriptionMode === lists.UnsubscriptionMode.TWO_STEP ||
+        list.unsubscriptionMode === lists.UnsubscriptionMode.TWO_STEP_WITH_FORM) {
+
+        const data = {
+            subscriptionId: subscription.id,
+            campaignId
+        };
+
+        confirmations.addConfirmation(list.id, 'unsubscribe', req.ip, data, (err, confirmCid) => {
+            if (!err && !confirmCid) {
+                err = new Error(_('Could not store confirmation data'));
+            }
+
+            if (err) {
+                return next(err);
+            }
+
+            mailHelpers.sendConfirmUnsubscription(list, subscription.email, subscription, err => {
+                if (err) {
+                    return next(err);
+                }
+
+                res.redirect('/subscription/' + list.cid + '/unsubscribed-notice');
+            });
+        });
+
+    } else if (list.unsubscriptionMode === lists.UnsubscriptionMode.ONE_STEP ||
+        list.unsubscriptionMode === lists.UnsubscriptionMode.ONE_STEP_WITH_FORM) {
+
+        subscriptions.changeStatus(subscription.id, list.id, campaignId, 2, (err, found) => {
+            if (err) {
+                return next(err);
+            }
+
+            // TODO: Shall we do anything with "found"?
+
+            mailHelpers.sendUnsubscriptionConfirmed(list, subscription.email, subscription, err => {
+                if (err) {
+                    return next(err);
+                }
+
+                res.redirect('/subscription/' + list.cid + '/unsubscribed-notice');
+            });
+        });
+    } else { // UnsubscriptionMode.MANUAL
+        res.redirect('/subscription/' + list.cid + '/manual-unsubscribe-notice');
+    }
+}
+
 router.get('/:cid/confirm-subscription-notice', (req, res, next) => {
-    notice('confirm-subscription', req, res, next);
+    webNotice('confirm-subscription', req, res, next);
 });
 
 router.get('/:cid/confirm-unsubscription-notice', (req, res, next) => {
-    notice('confirm-unsubscription', req, res, next);
+    webNotice('confirm-unsubscription', req, res, next);
 });
 
 router.get('/:cid/subscribed-notice', (req, res, next) => {
-    notice('subscribed', req, res, next);
+    webNotice('subscribed', req, res, next);
 });
 
 router.get('/:cid/updated-notice', (req, res, next) => {
-    notice('updated', req, res, next);
+    webNotice('updated', req, res, next);
 });
 
 router.get('/:cid/unsubscribed-notice', (req, res, next) => {
-    notice('unsubscribed', req, res, next);
+    webNotice('unsubscribed', req, res, next);
+});
+
+router.get('/:cid/manual-unsubscribe-notice', (req, res, next) => {
+    webNotice('manual-unsubscribe', req, res, next);
 });
 
 router.post('/publickey', passport.parseForm, (req, res, next) => {
@@ -665,7 +843,7 @@ router.post('/publickey', passport.parseForm, (req, res, next) => {
 });
 
 
-function notice(type, req, res, next) {
+function webNotice(type, req, res, next) {
     lists.getByCid(req.params.cid, (err, list) => {
         if (!err && !list) {
             err = new Error(_('Selected list not found'));
@@ -676,7 +854,7 @@ function notice(type, req, res, next) {
             return next(err);
         }
 
-        settings.list(['defaultHomepage', 'serviceUrl', 'defaultAddress', 'defaultPostaddress'], (err, configItems) => {
+        settings.list(['defaultHomepage', 'serviceUrl', 'defaultAddress', 'defaultPostaddress', 'adminEmail'], (err, configItems) => {
             if (err) {
                 return next(err);
             }
@@ -686,6 +864,7 @@ function notice(type, req, res, next) {
                 homepage: configItems.defaultHomepage || configItems.serviceUrl,
                 defaultAddress: configItems.defaultAddress,
                 defaultPostaddress: configItems.defaultPostaddress,
+                contactAddress: configItems.defaultAddress,
                 template: {
                     template: 'subscription/web-' + type + '-notice.mjml.hbs',
                     layout: 'subscription/layout.mjml.hbs'
@@ -718,5 +897,4 @@ function notice(type, req, res, next) {
     });
 }
 
-
 module.exports = router;
diff --git a/setup/sql/upgrade-00028.sql b/setup/sql/upgrade-00028.sql
index 8ea8bdbc..82d38d21 100644
--- a/setup/sql/upgrade-00028.sql
+++ b/setup/sql/upgrade-00028.sql
@@ -5,8 +5,17 @@ SET @schema_version = '28';
 # Add unsubscription mode field to lists
 ALTER TABLE `lists` ADD COLUMN `unsubscription_mode` int(11) unsigned DEFAULT 0 NOT NULL AFTER `public_subscribe`;
 
+# Delete all confirmations as we use different structure in "data".
+DELETE FROM `confirmations`;
+
 # Change the name of the column to better reflect that confirmations are also used for unsubscription and email address update
+# Drop email field as this does not have a clear semantics in change address. Since email is not used to search in the table,
+# it can be stored in data
+# Create field action to distinguish between different confirmation types (subscribe, unsubscribe, change-address)
 ALTER TABLE `confirmations` CHANGE `opt_in_ip` `ip` varchar(100) DEFAULT NULL;
+ALTER TABLE `confirmations` DROP `email`;
+ALTER TABLE `confirmations` ADD COLUMN `action` varchar(100) NOT NULL AFTER `list`;
+
 
 # Rename affected forms in custom_forms_data
 update custom_forms_data set data_key="mail_confirm_subscription_html" where data_key="mail_confirm_html";
diff --git a/views/subscription/mail-already-subscribed-html.mjml.hbs b/views/subscription/mail-already-subscribed-html.mjml.hbs
index d4a9b20e..83e7eb1a 100644
--- a/views/subscription/mail-already-subscribed-html.mjml.hbs
+++ b/views/subscription/mail-already-subscribed-html.mjml.hbs
@@ -1,7 +1,7 @@
 <mj-section>
     <mj-column>
         <mj-text mj-class="h3">
-            {{#translate}}Email address already subscribed{{/translate}}
+            {{#translate}}Email address already registered{{/translate}}
         </mj-text>
         <mj-text mj-class="p">
             {{#translate}}We have received a subscription request. Your email address is however already registered.{{/translate}}.
diff --git a/views/subscription/mail-already-subscribed-text.hbs b/views/subscription/mail-already-subscribed-text.hbs
index fe982896..5c273dfe 100644
--- a/views/subscription/mail-already-subscribed-text.hbs
+++ b/views/subscription/mail-already-subscribed-text.hbs
@@ -1,5 +1,5 @@
 {{{title}}}
-{{#translate}}Email address already subscribed{{/translate}}
+{{#translate}}Email address already registered{{/translate}}
 ================================
 
 {{#translate}}We have received a subscription request. Your email address is however already registered.{{/translate}}
diff --git a/views/subscription/web-manual-unsubscribe-notice.mjml.hbs b/views/subscription/web-manual-unsubscribe-notice.mjml.hbs
new file mode 100644
index 00000000..7dfe1609
--- /dev/null
+++ b/views/subscription/web-manual-unsubscribe-notice.mjml.hbs
@@ -0,0 +1,13 @@
+<mj-section>
+    <mj-column>
+        <mj-text mj-class="h3">
+            {{#translate}}Online Unsubscription Is Not Possible{{/translate}}
+        </mj-text>
+        <mj-text mj-class="p">
+            {{#translate}}Please contact us at{{/translate}} <a href="mailto:{{contactAddress}}">{{contactAddress}}</a> {{#translate}}to get removed from the list{{/translate}}.
+        </mj-text>
+        <mj-button mj-class="button" href="{{homepage}}">
+            {{#translate}}Return to our website{{/translate}}
+        </mj-button>
+    </mj-column>
+</mj-section>

From a6d25e668b6d9a31b90b05bb9bfe7d65f1d619a1 Mon Sep 17 00:00:00 2001
From: Tomas Bures <tbures@sathyasai.org>
Date: Thu, 4 May 2017 17:42:46 -0400
Subject: [PATCH 04/11] Release candidate of the selectable unsubscription
 Implemented the resubscription process - i.e. pre-filling in the form when
 the subscription link is clicked in the unsubscription notice.

---
 languages/de_DE.po                            |   2 +-
 lib/helpers.js                                |   2 +-
 lib/models/campaigns.js                       |  16 +-
 lib/models/confirmations.js                   |   4 +-
 lib/models/reports.js                         |   3 +-
 lib/models/settings.js                        |   2 +
 lib/models/subscriptions.js                   |  51 +++--
 lib/subscription-mail-helpers.js              | 135 ++++++-----
 routes/subscription.js                        | 210 ++++++++++--------
 views/lists/forms/edit.hbs                    |   4 +
 .../partials/subscription-custom-fields.hbs   |   2 +-
 .../partials/subscription-subscribe-form.hbs  |   1 +
 12 files changed, 238 insertions(+), 194 deletions(-)

diff --git a/languages/de_DE.po b/languages/de_DE.po
index 69020cc7..73774df1 100644
--- a/languages/de_DE.po
+++ b/languages/de_DE.po
@@ -4030,7 +4030,7 @@ msgstr ""
 "Bestätigung"
 
 #: routes/subscription.js:730
-msgid "%s: Unsubscribe Confirmed"
+msgid "%s: Unsubscription Confirmed"
 msgstr "%s: Abmeldungen Bestätigt"
 
 #: routes/subscription.js:777 routes/subscription.js:793
diff --git a/lib/helpers.js b/lib/helpers.js
index 8324a811..70a9b232 100644
--- a/lib/helpers.js
+++ b/lib/helpers.js
@@ -98,7 +98,7 @@ function filterCustomFields(customFieldsIn = [], fieldIds = [], method = 'includ
         id: 'email',
         name: 'Email Address',
         type: 'Email',
-        typeSubsciptionEmail: true
+        typeSubscriptionEmail: true
     }, {
         id: 'firstname',
         name: 'First Name',
diff --git a/lib/models/campaigns.js b/lib/models/campaigns.js
index c25c57ee..bec512bb 100644
--- a/lib/models/campaigns.js
+++ b/lib/models/campaigns.js
@@ -1054,13 +1054,13 @@ module.exports.updateMessage = (message, status, updateSubscription, callback) =
 
         let statusCode;
         if (status === 'unsubscribed') {
-            statusCode = 2;
-        }
-        if (status === 'bounced') {
-            statusCode = 3;
-        }
-        if (status === 'complained') {
-            statusCode = 4;
+            statusCode = subscriptions.Status.UNSUBSCRIBED;
+        } else if (status === 'bounced') {
+            statusCode = subscriptions.Status.BOUNCED;
+        } else if (status === 'complained') {
+            statusCode = subscriptions.Status.COMPLAINED;
+        } else {
+            return callback(new Error(_('Unrecognized message status')));
         }
 
         let query = 'UPDATE `campaigns` SET `' + status + '`=`' + status + '`+1 WHERE id=? LIMIT 1';
@@ -1074,7 +1074,7 @@ module.exports.updateMessage = (message, status, updateSubscription, callback) =
                 }
 
                 if (updateSubscription) {
-                    subscriptions.changeStatus(message.list, message.subscription, statusCode === 2 ? message.campaign : false, statusCode, callback);
+                    subscriptions.changeStatus(message.list, message.subscription, statusCode === subscriptions.Status.UNSUBSCRIBED ? message.campaign : false, statusCode, callback);
                 } else {
                     return callback(null, true);
                 }
diff --git a/lib/models/confirmations.js b/lib/models/confirmations.js
index 66025ed1..dbac8497 100644
--- a/lib/models/confirmations.js
+++ b/lib/models/confirmations.js
@@ -16,14 +16,14 @@ module.exports.addConfirmation = (listId, action, ip, data, callback) => {
         }
 
         let query = 'INSERT INTO confirmations (cid, list, action, ip, data) VALUES (?,?,?,?,?)';
-        connection.query(query, [cid, list, action, ip, JSON.stringify(data || {})], (err, result) => {
+        connection.query(query, [cid, listId, action, ip, JSON.stringify(data || {})], (err, result) => {
             connection.release();
             if (err) {
                 return callback(err);
             }
 
             if (!result || !result.affectedRows) {
-                return callback(null, false);
+                return callback(new Error(_('Could not store confirmation data')));
             }
 
             return callback(null, cid);
diff --git a/lib/models/reports.js b/lib/models/reports.js
index aac2d967..edfe665f 100644
--- a/lib/models/reports.js
+++ b/lib/models/reports.js
@@ -13,7 +13,8 @@ const ReportState = {
     SCHEDULED: 0,
     PROCESSING: 1,
     FINISHED: 2,
-    FAILED: 3
+    FAILED: 3,
+    MAX: 4
 };
 
 module.exports.ReportState = ReportState;
diff --git a/lib/models/settings.js b/lib/models/settings.js
index 77b9f391..9655ebd7 100644
--- a/lib/models/settings.js
+++ b/lib/models/settings.js
@@ -15,6 +15,8 @@ function listValues(filter, callback) {
         filter = false;
     }
 
+    // TODO: It would be good to cache the settings. It feels awkward to always go to DB to retrieve something what is essentially a constant
+
     filter = [].concat(filter || []).map(key => tools.toDbKey(key));
 
     db.getConnection((err, connection) => {
diff --git a/lib/models/subscriptions.js b/lib/models/subscriptions.js
index 08f2cbac..34147901 100644
--- a/lib/models/subscriptions.js
+++ b/lib/models/subscriptions.js
@@ -12,6 +12,16 @@ let _ = require('../translate')._;
 let util = require('util');
 let tableHelpers = require('../table-helpers');
 
+const Status = {
+    SUBSCRIBED: 1,
+    UNSUBSCRIBED: 2,
+    BOUNCED: 3,
+    COMPLAINED: 4,
+    MAX: 5
+};
+
+module.exports.Status = Status;
+
 module.exports.list = (listId, start, limit, callback) => {
     listId = Number(listId) || 0;
     if (!listId) {
@@ -152,19 +162,19 @@ module.exports.insert = (listId, meta, subscriptionData, callback) => {
                     let entryId = existing ? existing.id : false;
 
                     meta.cid = existing ? rows[0].cid : meta.cid;
-                    meta.status = meta.status || (existing ? existing.status : 1);
+                    meta.status = meta.status || (existing ? existing.status : Status.SUBSCRIBED);
 
                     let statusChange = !existing || existing.status !== meta.status;
                     let statusDirection;
 
-                    if (existing && !meta.partial) {
-                        return helpers.rollbackAndReleaseConnection(connection, new Error(_('Email address already registered')), callback);
+                    if (existing && existing.status === Status.SUBSCRIBED && !meta.partial) {
+                        return helpers.rollbackAndReleaseConnection(connection, () => callback(new Error(_('Email address already registered'))));
                     }
 
                     if (statusChange) {
                         keys.push('status', 'status_change');
                         values.push(meta.status, new Date());
-                        statusDirection = !existing ? (meta.status === 1 ? '+' : false) : (existing.status === 1 ? '-' : '+');
+                        statusDirection = !existing ? (meta.status === Status.SUBSCRIBED ? '+' : false) : (existing.status === Status.SUBSCRIBED ? '-' : '+');
                     }
 
                     if (!keys.length) {
@@ -458,8 +468,8 @@ module.exports.changeStatus = (listId, id, campaignId, status, callback) => {
                     return helpers.rollbackAndReleaseConnection(connection, () => callback(null, true));
                 }
 
-                if (statusChange && oldStatus === 1 || status === 1) {
-                    statusDirection = status === 1 ? '+' : '-';
+                if (statusChange && oldStatus === Status.SUBSCRIBED || status === Status.SUBSCRIBED) {
+                    statusDirection = status === Status.SUBSCRIBED ? '+' : '-';
                 }
 
                 connection.query('UPDATE `subscription__' + listId + '` SET `status`=?, `status_change`=NOW() WHERE id=? LIMIT 1', [status, id], err => {
@@ -483,7 +493,7 @@ module.exports.changeStatus = (listId, id, campaignId, status, callback) => {
                         }
 
                         // status change is not related to a campaign or it marks message as bounced etc.
-                        if (!campaignId || status > 2) {
+                        if (!campaignId || status !== Status.SUBSCRIBED) {
                             return connection.commit(err => {
                                 if (err) {
                                     return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
@@ -512,7 +522,7 @@ module.exports.changeStatus = (listId, id, campaignId, status, callback) => {
                             }
 
                             // we should see only unsubscribe events here but you never know
-                            connection.query('UPDATE `campaigns` SET `unsubscribed`=`unsubscribed`' + (status === 2 ? '+' : '-') + '1 WHERE `cid`=? LIMIT 1', [campaignId], err => {
+                            connection.query('UPDATE `campaigns` SET `unsubscribed`=`unsubscribed`' + (status === Status.UNSUBSCRIBED ? '+' : '-') + '1 WHERE `cid`=? LIMIT 1', [campaignId], err => {
                                 if (err) {
                                     return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                                 }
@@ -583,7 +593,7 @@ module.exports.delete = (listId, cid, callback) => {
                         return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                     }
 
-                    if (subscription.status !== 1) {
+                    if (subscription.status !== Status.SUBSCRIBED) {
                         return connection.commit(err => {
                             if (err) {
                                 return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
@@ -679,11 +689,10 @@ module.exports.updateImport = (listId, importId, data, callback) => {
                     connection.release();
                     return callback(null, affected);
                 });
-                return;
+            } else {
+                connection.release();
+                return callback(null, affected);
             }
-
-            connection.release();
-            return callback(null, affected);
         });
     });
 };
@@ -816,7 +825,7 @@ module.exports.updateAddressCheck = (list, cid, emailNew, ip, callback) => {
                 return callback(err);
             }
 
-            let query = 'SELECT * FROM `subscription__' + list.id + '` WHERE `cid`=? LIMIT 1';
+            let query = 'SELECT * FROM `subscription__' + list.id + '` WHERE `cid`=? AND `status`=' + Status.SUBSCRIBED + ' LIMIT 1';
             let args = [cid];
             connection.query(query, args, (err, rows) => {
                 if (err) {
@@ -835,7 +844,7 @@ module.exports.updateAddressCheck = (list, cid, emailNew, ip, callback) => {
 
                 let old = rows[0];
 
-                let query = 'SELECT `id` FROM `subscription__' + list.id + '` WHERE `email`=? AND `cid`<>? AND `status`=1 LIMIT 1';
+                let query = 'SELECT `id` FROM `subscription__' + list.id + '` WHERE `email`=? AND `cid`<>? AND `status`=' + Status.SUBSCRIBED + ' LIMIT 1';
                 let args = [emailNew, cid];
                 connection.query(query, args, (err, rows) => {
                     connection.release();
@@ -870,7 +879,7 @@ module.exports.updateAddress = (listId, subscriptionId, emailNew, callback) => {
                 return callback(err);
             }
 
-            let query = 'SELECT `id` FROM `subscription__' + listId + '` WHERE `email`=? AND `id`<>? AND `status`=1 LIMIT 1';
+            let query = 'SELECT `id` FROM `subscription__' + listId + '` WHERE `email`=? AND `id`<>? AND `status`=' + Status.SUBSCRIBED + ' LIMIT 1';
             let args = [emailNew, subscriptionId];
             connection.query(query, args, (err, rows) => {
                 if (err) {
@@ -878,7 +887,7 @@ module.exports.updateAddress = (listId, subscriptionId, emailNew, callback) => {
                 }
 
                 if (rows && rows.length > 0) {
-                    return helpers.rollbackAndReleaseConnection(connection, new Error(_('Email address already registered')), callback);
+                    return helpers.rollbackAndReleaseConnection(connection, () => callback(new Error(_('Email address already registered'))));
                 }
 
                 let query = 'DELETE FROM `subscription__' + listId + '` WHERE `email`=? AND `id`<>?';
@@ -888,13 +897,17 @@ module.exports.updateAddress = (listId, subscriptionId, emailNew, callback) => {
                         return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                     }
 
-                    let query = 'UPDATE `subscription__' + listId + '` SET `email`=? WHERE `id`=? LIMIT 1';
+                    let query = 'UPDATE `subscription__' + listId + '` SET `email`=? WHERE `id`=? AND `status`=' + Status.SUBSCRIBED + ' LIMIT 1';
                     let args = [emailNew, subscriptionId];
-                    connection.query(query, args, err => {
+                    connection.query(query, args, (err, result) => {
                         if (err) {
                             return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                         }
 
+                        if (!result || !result.affectedRows) {
+                            return helpers.rollbackAndReleaseConnection(connection, () => callback(new Error(_('Subscription not found in this list'))));
+                        }
+
                         return connection.commit(err => {
                             if (err) {
                                 return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
diff --git a/lib/subscription-mail-helpers.js b/lib/subscription-mail-helpers.js
index 3211a6b9..96beb978 100644
--- a/lib/subscription-mail-helpers.js
+++ b/lib/subscription-mail-helpers.js
@@ -2,7 +2,6 @@
 
 const log = require('npmlog');
 const config = require('config');
-let db = require('./db');
 let fields = require('./models/fields');
 let settings = require('./models/settings');
 let mailer = require('./mailer');
@@ -28,7 +27,7 @@ function sendSubscriptionConfirmed(list, email, subscription, callback) {
         unsubscribeUrl: '/subscription/' + list.cid + '/unsubscribe/' + subscription.cid
     };
 
-    subscriptions.sendMail(list, email, 'subscription-confirmed', _('%s: Subscription Confirmed'), relativeUrls, {}, data.subscriptionData, callback);
+    sendMail(list, email, 'subscription-confirmed', _('%s: Subscription Confirmed'), relativeUrls, {}, subscription, callback);
 }
 
 function sendAlreadySubscribed(list, email, subscription, callback) {
@@ -39,7 +38,7 @@ function sendAlreadySubscribed(list, email, subscription, callback) {
         preferencesUrl: '/subscription/' + list.cid + '/manage/' + subscription.cid,
         unsubscribeUrl: '/subscription/' + list.cid + '/unsubscribe/' + subscription.cid
     };
-    module.exports.sendMail(list, email, 'already-subscribed', _('%s: Email Address Already Registered'), relativeUrls, mailOpts, subscription, callback);
+    sendMail(list, email, 'already-subscribed', _('%s: Email Address Already Registered'), relativeUrls, mailOpts, subscription, callback);
 }
 
 function sendConfirmAddressChange(list, email, cid, subscription, callback) {
@@ -49,7 +48,7 @@ function sendConfirmAddressChange(list, email, cid, subscription, callback) {
     const relativeUrls = {
         confirmUrl: '/subscription/confirm/' + cid
     };
-    module.exports.sendMail(list, email, 'confirm-address-change', _('%s: Please Confirm Email Change in Subscription'), relativeUrls, mailOpts, subscription, callback);
+    sendMail(list, email, 'confirm-address-change', _('%s: Please Confirm Email Change in Subscription'), relativeUrls, mailOpts, subscription, callback);
 }
 
 function sendConfirmSubscription(list, email, cid, subscription, callback) {
@@ -59,7 +58,7 @@ function sendConfirmSubscription(list, email, cid, subscription, callback) {
     const relativeUrls = {
         confirmUrl: '/subscription/confirm/' + cid
     };
-    module.exports.sendMail(list, email, 'confirm-subscription', _('%s: Please Confirm Subscription'), relativeUrls, mailOpts, subscription, callback);
+    sendMail(list, email, 'confirm-subscription', _('%s: Please Confirm Subscription'), relativeUrls, mailOpts, subscription, callback);
 }
 
 function sendConfirmUnsubscription(list, email, cid, subscription, callback) {
@@ -69,98 +68,92 @@ function sendConfirmUnsubscription(list, email, cid, subscription, callback) {
     const relativeUrls = {
         confirmUrl: '/subscription/confirm/' + cid
     };
-    module.exports.sendMail(list, email, 'confirm-unsubscription', _('%s: Please Confirm Unsubscription'), relativeUrls, mailOpts, subscription, callback);
+    sendMail(list, email, 'confirm-unsubscription', _('%s: Please Confirm Unsubscription'), relativeUrls, mailOpts, subscription, callback);
 }
 
 function sendUnsubscriptionConfirmed(list, email, subscription, callback) {
     const relativeUrls = {
         subscribeUrl: '/subscription/' + list.cid + '?cid=' + subscription.cid
     };
-    subscriptions.sendMail(list, email, 'unsubscription-confirmed', _('%s: Unsubscribe Confirmed'), relativeUrls, {}, subscription, callback);
+    sendMail(list, email, 'unsubscription-confirmed', _('%s: Unsubscription Confirmed'), relativeUrls, {}, subscription, callback);
 }
 
 
 function sendMail(list, email, template, subject, relativeUrls, mailOpts, subscription, callback) {
-    db.getConnection((err, connection) => {
+    fields.list(list.id, (err, fieldList) => {
         if (err) {
             return callback(err);
         }
 
-        fields.list(list.id, (err, fieldList) => {
+        let encryptionKeys = [];
+        fields.getRow(fieldList, subscription).forEach(field => {
+            if (field.type === 'gpg' && field.value) {
+                encryptionKeys.push(field.value.trim());
+            }
+        });
+
+        settings.list(['defaultHomepage', 'defaultFrom', 'defaultAddress', 'defaultPostaddress', 'serviceUrl', 'disableConfirmations'], (err, configItems) => {
             if (err) {
                 return callback(err);
             }
 
-            let encryptionKeys = [];
-            fields.getRow(fieldList, subscription).forEach(field => {
-                if (field.type === 'gpg' && field.value) {
-                    encryptionKeys.push(field.value.trim());
-                }
-            });
+            if (!mailOpts.ignoreDisableConfirmations && configItems.disableConfirmations) {
+                return;
+            }
 
-            settings.list(['defaultHomepage', 'defaultFrom', 'defaultAddress', 'defaultPostaddress', 'serviceUrl', 'disableConfirmations'], (err, configItems) => {
-                if (err) {
-                    return callback(err);
-                }
+            const data = {
+                title: list.name,
+                homepage: configItems.defaultHomepage || configItems.serviceUrl,
+                contactAddress: configItems.defaultAddress,
+                defaultPostaddress: configItems.defaultPostaddress,
+            };
 
-                if (!mailOpts.ignoreDisableConfirmations && configItems.disableConfirmations) {
-                    return;
-                }
+            for (let relativeUrlKey in relativeUrls) {
+                data[relativeUrlKey] = urllib.resolve(configItems.serviceUrl, relativeUrls[relativeUrlKey]);
+            }
 
-                const data = {
-                    title: list.name,
-                    homepage: configItems.defaultHomepage || configItems.serviceUrl,
-                    contactAddress: configItems.defaultAddress,
-                    defaultPostaddress: configItems.defaultPostaddress,
-                };
-
-                for (let relativeUrlKey in relativeUrls) {
-                    data[relativeUrlKey] = urllib.resolve(configItems.serviceUrl, relativeUrls[relativeUrlKey]);
-                }
-
-                function sendMail(html, text) {
-                    mailer.sendMail({
-                        from: {
-                            name: configItems.defaultFrom,
-                            address: configItems.defaultAddress
-                        },
-                        to: {
-                            name: [].concat(subscription.firstName || []).concat(subscription.lastName || []).join(' '),
-                            address: email
-                        },
-                        subject: util.format(subject, list.name),
-                        encryptionKeys
-                    }, {
-                        html,
-                        text,
-                        data
-                    }, err => {
-                        if (err) {
-                            log.error('Subscription', err);
-                        }
-                    });
-                }
-
-                let text = {
-                    template: 'subscription/mail-' + template + '-text.hbs'
-                };
-
-                let html = {
-                    template: 'subscription/mail-' + template + '-html.mjml.hbs',
-                    layout: 'subscription/layout.mjml.hbs',
-                    type: 'mjml'
-                };
-
-                helpers.injectCustomFormTemplates(list.defaultForm, { text, html }, (err, tmpl) => {
+            function sendMail(html, text) {
+                mailer.sendMail({
+                    from: {
+                        name: configItems.defaultFrom,
+                        address: configItems.defaultAddress
+                    },
+                    to: {
+                        name: [].concat(subscription.firstName || []).concat(subscription.lastName || []).join(' '),
+                        address: email
+                    },
+                    subject: util.format(subject, list.name),
+                    encryptionKeys
+                }, {
+                    html,
+                    text,
+                    data
+                }, err => {
                     if (err) {
-                        return sendMail(html, text);
+                        log.error('Subscription', err);
                     }
-
-                    sendMail(tmpl.html, tmpl.text);
                 });
+            }
 
-                return callback();
+            let text = {
+                template: 'subscription/mail-' + template + '-text.hbs'
+            };
+
+            let html = {
+                template: 'subscription/mail-' + template + '-html.mjml.hbs',
+                layout: 'subscription/layout.mjml.hbs',
+                type: 'mjml'
+            };
+
+            helpers.injectCustomFormTemplates(list.defaultForm, { text, html }, (err, tmpl) => {
+                if (err) {
+                    return sendMail(html, text);
+                }
+
+                sendMail(tmpl.html, tmpl.text);
             });
+
+            return callback();
         });
     });
 }
diff --git a/routes/subscription.js b/routes/subscription.js
index d3e712e9..9790eb72 100644
--- a/routes/subscription.js
+++ b/routes/subscription.js
@@ -47,7 +47,7 @@ let corsOrCsrfProtection = (req, res, next) => {
 
 router.get('/confirm/:cid', (req, res, next) => {
     confirmations.takeConfirmation(req.params.cid, (err, confirmation) => {
-        if (!err && !subscription) {
+        if (!err && !confirmation) {
             err = new Error(_('Selected subscription not found'));
             err.status = 404;
         }
@@ -79,7 +79,7 @@ router.get('/confirm/:cid', (req, res, next) => {
                         return next(err);
                     }
 
-                    subscriptions.getById(list.id, subscriptionId, (err, subscription) => {
+                    subscriptions.getById(list.id, data.subscriptionId, (err, subscription) => {
                         if (err) {
                             return next(err);
                         }
@@ -89,7 +89,8 @@ router.get('/confirm/:cid', (req, res, next) => {
                                 return next(err);
                             }
 
-                            res.redirect('/subscription/' + list.cid + '/manage-address/' + subscription.cid);
+                            req.flash('info', _('Email address changed'));
+                            res.redirect('/subscription/' + list.cid + '/manage/' + subscription.cid);
                         });
                     });
                 });
@@ -101,7 +102,7 @@ router.get('/confirm/:cid', (req, res, next) => {
                     email: data.email,
                     optInIp: confirmation.ip,
                     optInCountry,
-                    status: 1
+                    status: subscriptions.Status.SUBSCRIBED
                 };
 
                 subscriptions.insert(list.id, meta, data.subscriptionData, (err, result) => {
@@ -129,7 +130,7 @@ router.get('/confirm/:cid', (req, res, next) => {
                 });
 
             } else if (confirmation.action === 'unsubscribe') {
-                subscriptions.changeStatus(list.id, confirmation.data.subscriptionId, confirmation.data.campaignId, 2, (err, found) => {
+                subscriptions.changeStatus(list.id, confirmation.data.subscriptionId, confirmation.data.campaignId, subscriptions.Status.UNSUBSCRIBED, (err, found) => {
                     if (err) {
                         return next(err);
                     }
@@ -146,7 +147,7 @@ router.get('/confirm/:cid', (req, res, next) => {
                                 return next(err);
                             }
 
-                            res.redirect('/subscription/' + req.params.lcid + '/unsubscribed-notice');
+                            res.redirect('/subscription/' + list.cid + '/unsubscribed-notice');
                         });
                     });
                 });
@@ -171,7 +172,7 @@ router.get('/:cid', passport.csrfProtection, (req, res, next) => {
             return next(err);
         }
 
-        // FIXME: process subscriber cid param for resubscription requests
+        // TODO: process subscriber cid param for resubscription requests
 
         let data = tools.convertKeys(req.query, {
             skip: ['layout']
@@ -181,51 +182,74 @@ router.get('/:cid', passport.csrfProtection, (req, res, next) => {
         data.cid = list.cid;
         data.csrfToken = req.csrfToken();
 
-        fields.list(list.id, (err, fieldList) => {
-            if (err && !fieldList) {
-                fieldList = [];
-            }
 
-            data.customFields = fields.getRow(fieldList, data);
-            data.useEditor = true;
-
-            settings.list(['pgpPrivateKey', 'defaultAddress', 'defaultPostaddress'], (err, configItems) => {
-                if (err) {
-                    return next(err);
+        function nextStep() {
+            fields.list(list.id, (err, fieldList) => {
+                if (err && !fieldList) {
+                    fieldList = [];
                 }
-                data.hasPubkey = !!configItems.pgpPrivateKey;
-                data.defaultAddress = configItems.defaultAddress;
-                data.defaultPostaddress = configItems.defaultPostaddress;
 
-                data.template = {
-                    template: 'subscription/web-subscribe.mjml.hbs',
-                    layout: 'subscription/layout.mjml.hbs'
-                };
+                data.customFields = fields.getRow(fieldList, data);
+                data.useEditor = true;
 
-                helpers.injectCustomFormData(req.query.fid || list.defaultForm, 'subscription/web-subscribe', data, (err, data) => {
+                settings.list(['pgpPrivateKey', 'defaultAddress', 'defaultPostaddress'], (err, configItems) => {
                     if (err) {
                         return next(err);
                     }
+                    data.hasPubkey = !!configItems.pgpPrivateKey;
+                    data.defaultAddress = configItems.defaultAddress;
+                    data.defaultPostaddress = configItems.defaultPostaddress;
 
-                    helpers.getMjmlTemplate(data.template, (err, htmlRenderer) => {
+                    data.template = {
+                        template: 'subscription/web-subscribe.mjml.hbs',
+                        layout: 'subscription/layout.mjml.hbs'
+                    };
+
+                    helpers.injectCustomFormData(req.query.fid || list.defaultForm, 'subscription/web-subscribe', data, (err, data) => {
                         if (err) {
                             return next(err);
                         }
 
-                        helpers.captureFlashMessages(req, res, (err, flash) => {
+                        helpers.getMjmlTemplate(data.template, (err, htmlRenderer) => {
                             if (err) {
                                 return next(err);
                             }
 
-                            data.isWeb = true;
-                            data.needsJsWarning = true;
-                            data.flashMessages = flash;
-                            res.send(htmlRenderer(data));
+                            helpers.captureFlashMessages(req, res, (err, flash) => {
+                                if (err) {
+                                    return next(err);
+                                }
+
+                                data.isWeb = true;
+                                data.needsJsWarning = true;
+                                data.flashMessages = flash;
+                                res.send(htmlRenderer(data));
+                            });
                         });
                     });
                 });
             });
-        });
+        }
+
+
+        const ucid = req.query.cid;
+        if (ucid) {
+            subscriptions.get(list.id, ucid, (err, subscription) => {
+                if (err) {
+                    return next(err);
+                }
+
+                for (let key in subscription) {
+                    if (!(key in data)) {
+                        data[key] = subscription[key];
+                    }
+                }
+
+                nextStep();
+            });
+        } else {
+            nextStep();
+        }
     });
 });
 
@@ -360,14 +384,14 @@ router.post('/:cid/subscribe', passport.parseForm, corsOrCsrfProtection, (req, r
                     subscriptionData[key] = (req.body[key] || '').toString().trim();
                 }
             });
-            subscriptionData = tools.convertKeys(data);
+            subscriptionData = tools.convertKeys(subscriptionData);
 
             subscriptions.getByEmail(list.id, email, (err, subscription) => {
                 if (err) {
                     return req.xhr ? sendJsonError(err) : next(err);
                 }
 
-                if (subscription) {
+                if (subscription && subscription.status === subscriptions.Status.SUBSCRIBED) {
                     mailHelpers.sendAlreadySubscribed(list, email, subscription, (err) => {
                         if (err) {
                             return req.xhr ? sendJsonError(err) : next(err);
@@ -381,10 +405,6 @@ router.post('/:cid/subscribe', passport.parseForm, corsOrCsrfProtection, (req, r
                     };
 
                     confirmations.addConfirmation(list.id, 'subscribe', req.ip, data, (err, confirmCid) => {
-                        if (!err && !confirmCid) {
-                            err = new Error(_('Could not store confirmation data'));
-                        }
-
                         if (err) {
                             if (req.xhr) {
                                 return sendJsonError(err);
@@ -406,7 +426,7 @@ router.post('/:cid/subscribe', passport.parseForm, corsOrCsrfProtection, (req, r
                             log.info('Subscription', 'Confirmation message for %s marked to be skipped (%s)', email, JSON.stringify(data));
                             sendWebResponse();
                         } else {
-                            sendConfirmSubscription(list, email, confirmCid, data, (err) => {
+                            mailHelpers.sendConfirmSubscription(list, email, confirmCid, data, (err) => {
                                 if (err) {
                                     return req.xhr ? sendJsonError(err) : sendWebResponse(err);
                                 }
@@ -436,8 +456,8 @@ router.get('/:lcid/manage/:ucid', passport.csrfProtection, (req, res, next) => {
                 return next(err);
             }
             subscriptions.get(list.id, req.params.ucid, (err, subscription) => {
-                if (!err && !subscription) {
-                    err = new Error(_('Subscription not found from this list'));
+                if (!err && (!subscription || subscription.status !== subscriptions.Status.SUBSCRIBED)) {
+                    err = new Error(_('Subscription not found in this list'));
                     err.status = 404;
                 }
 
@@ -507,13 +527,22 @@ router.post('/:lcid/manage', passport.parseForm, passport.csrfProtection, (req,
             return next(err);
         }
 
-        subscriptions.update(list.id, req.body.cid, req.body, false, err => {
-            if (err) {
-                req.flash('danger', err.message || err);
-                log.error('Subscription', err);
-                return res.redirect('/subscription/' + encodeURIComponent(req.params.lcid) + '/manage/' + encodeURIComponent(req.body.cid) + '?' + tools.queryParams(req.body));
+        subscriptions.get(list.id, req.body.cid, (err, subscription) => {
+            if (!err && (!subscription || subscription.status !== subscriptions.Status.SUBSCRIBED)) {
+                err = new Error(_('Subscription not found in this list'));
+                err.status = 404;
             }
-            res.redirect('/subscription/' + req.params.lcid + '/updated-notice');
+
+            if (err) {
+                return next(err);
+            }
+
+            subscriptions.update(list.id, subscription.cid, req.body, false, err => {
+                if (err) {
+                    return next(err);
+                }
+                res.redirect('/subscription/' + req.params.lcid + '/updated-notice');
+            });
         });
     });
 });
@@ -535,8 +564,8 @@ router.get('/:lcid/manage-address/:ucid', passport.csrfProtection, (req, res, ne
             }
 
             subscriptions.get(list.id, req.params.ucid, (err, subscription) => {
-                if (!err && !subscription) {
-                    err = new Error(_('Subscription not found from this list'));
+                if (!err && (!subscription || subscription.status !== subscriptions.Status.SUBSCRIBED)) {
+                    err = new Error(_('Subscription not found in this list'));
                     err.status = 404;
                 }
 
@@ -589,48 +618,52 @@ router.post('/:lcid/manage-address', passport.parseForm, passport.csrfProtection
             return next(err);
         }
 
-        const emailNew = (req.body.emailNew || '').toString().trim();
+        let bodyData = tools.convertKeys(req.body); // This is here to convert "email-new" to "emailNew"
+        const emailOld = (bodyData.email || '').toString().trim();
+        const emailNew = (bodyData.emailNew || '').toString().trim();
 
-        subscriptions.updateAddressCheck(list, req.body.cid, emailNew, req.ip, (err, subscription, newEmailAvailable) => {
-            if (err) {
-                req.flash('danger', err.message || err);
-                log.error('Subscription', err);
-                return res.redirect('/subscription/' + encodeURIComponent(req.params.lcid) + '/manage-address/' + encodeURIComponent(req.body.cid) + '?' + tools.queryParams(req.body));
-            }
+        if (emailOld === emailNew) {
+            req.flash('info', _('Nothing seems to be changed'));
+            res.redirect('/subscription/' + req.params.lcid + '/manage/' + req.body.cid);
 
-            function sendWebResponse(err) {
+        } else {
+            subscriptions.updateAddressCheck(list, req.body.cid, emailNew, req.ip, (err, subscription, newEmailAvailable) => {
                 if (err) {
                     return next(err);
                 }
 
-                req.flash('info', _('An email with further instructions has been sent to the provided address'));
-                res.redirect('/subscription/' + req.params.lcid + '/manage/' + req.body.cid);
-            }
-
-            if (newEmailAvailable) {
-                const data = {
-                    subscriptionId: subscription.id,
-                    emailNew
-                };
-
-                confirmations.addConfirmation(list.id, 'change-address', req.ip, data, err => {
+                function sendWebResponse(err) {
                     if (err) {
                         return next(err);
                     }
 
-                    mailHelpers.sendConfirmAddressChange(list, emailNew, subscription, sendWebResponse);
-                });
+                    req.flash('info', _('An email with further instructions has been sent to the provided address'));
+                    res.redirect('/subscription/' + req.params.lcid + '/manage/' + req.body.cid);
+                }
 
-            } else {
-                mailHelpers.sendAlreadySubscribed(list, emailNew, subscription, sendWebResponse);
-            }
-        });
+                if (newEmailAvailable) {
+                    const data = {
+                        subscriptionId: subscription.id,
+                        emailNew
+                    };
+
+                    confirmations.addConfirmation(list.id, 'change-address', req.ip, data, (err, confirmCid) => {
+                        if (err) {
+                            return next(err);
+                        }
+
+                        mailHelpers.sendConfirmAddressChange(list, emailNew, confirmCid, subscription, sendWebResponse);
+                    });
+
+                } else {
+                    mailHelpers.sendAlreadySubscribed(list, emailNew, subscription, sendWebResponse);
+                }
+            });
+        }
     });
 });
 
 router.get('/:lcid/unsubscribe/:ucid', passport.csrfProtection, (req, res, next) => {
-    // FIXME: handle different subscription options. The one below is currently "One-step with unsubscribe form"
-
     lists.getByCid(req.params.lcid, (err, list) => {
         if (!err && !list) {
             err = new Error(_('Selected list not found'));
@@ -647,7 +680,7 @@ router.get('/:lcid/unsubscribe/:ucid', passport.csrfProtection, (req, res, next)
             }
 
             subscriptions.get(list.id, req.params.ucid, (err, subscription) => {
-                if (!err && !subscription) {
+                if (!err && (!subscription || subscription.status !== subscriptions.Status.SUBSCRIBED)) {
                     err = new Error(_('Subscription not found in this list'));
                     err.status = 404;
                 }
@@ -657,7 +690,8 @@ router.get('/:lcid/unsubscribe/:ucid', passport.csrfProtection, (req, res, next)
                 }
 
 
-                if (list.unsubscriptionMode === lists.UnsubscriptionMode.ONE_STEP_WITH_FORM ||
+                if (req.query.formTest ||
+                    list.unsubscriptionMode === lists.UnsubscriptionMode.ONE_STEP_WITH_FORM ||
                     list.unsubscriptionMode === lists.UnsubscriptionMode.TWO_STEP_WITH_FORM) {
 
                     subscription.lcid = req.params.lcid;
@@ -695,7 +729,7 @@ router.get('/:lcid/unsubscribe/:ucid', passport.csrfProtection, (req, res, next)
                         });
                     });
                 } else { // UnsubscriptionMode.ONE_STEP || UnsubscriptionMode.TWO_STEP || UnsubscriptionMode.MANUAL
-                    handleUnsubscribe(list, subscription, res);
+                    handleUnsubscribe(list, subscription, req.query.c, req.ip, res, next);
                 }
             });
         });
@@ -716,7 +750,7 @@ router.post('/:lcid/unsubscribe', passport.parseForm, passport.csrfProtection, (
         const campaignId = (req.body.campaign || '').toString().trim() || false;
 
         subscriptions.get(list.id, req.body.ucid, (err, subscription) => {
-            if (!err && !subscription) {
+            if (!err && (!subscription || subscription.status !== subscriptions.Status.SUBSCRIBED)) {
                 err = new Error(_('Subscription not found in this list'));
                 err.status = 404;
             }
@@ -725,12 +759,12 @@ router.post('/:lcid/unsubscribe', passport.parseForm, passport.csrfProtection, (
                 return next(err);
             }
 
-            handleUnsubscribe(list, subscription, res);
+            handleUnsubscribe(list, subscription, campaignId, req.ip, res, next);
         });
     });
 });
 
-function handleUnsubscribe(list, subscription, res) {
+function handleUnsubscribe(list, subscription, campaignId, ip, res, next) {
     if (list.unsubscriptionMode === lists.UnsubscriptionMode.TWO_STEP ||
         list.unsubscriptionMode === lists.UnsubscriptionMode.TWO_STEP_WITH_FORM) {
 
@@ -739,28 +773,24 @@ function handleUnsubscribe(list, subscription, res) {
             campaignId
         };
 
-        confirmations.addConfirmation(list.id, 'unsubscribe', req.ip, data, (err, confirmCid) => {
-            if (!err && !confirmCid) {
-                err = new Error(_('Could not store confirmation data'));
-            }
-
+        confirmations.addConfirmation(list.id, 'unsubscribe', ip, data, (err, confirmCid) => {
             if (err) {
                 return next(err);
             }
 
-            mailHelpers.sendConfirmUnsubscription(list, subscription.email, subscription, err => {
+            mailHelpers.sendConfirmUnsubscription(list, subscription.email, confirmCid, subscription, err => {
                 if (err) {
                     return next(err);
                 }
 
-                res.redirect('/subscription/' + list.cid + '/unsubscribed-notice');
+                res.redirect('/subscription/' + list.cid + '/confirm-unsubscription-notice');
             });
         });
 
     } else if (list.unsubscriptionMode === lists.UnsubscriptionMode.ONE_STEP ||
         list.unsubscriptionMode === lists.UnsubscriptionMode.ONE_STEP_WITH_FORM) {
 
-        subscriptions.changeStatus(subscription.id, list.id, campaignId, 2, (err, found) => {
+        subscriptions.changeStatus(list.id, subscription.id, campaignId, subscriptions.Status.UNSUBSCRIBED, (err, found) => {
             if (err) {
                 return next(err);
             }
diff --git a/views/lists/forms/edit.hbs b/views/lists/forms/edit.hbs
index 5b91dcfb..da199096 100644
--- a/views/lists/forms/edit.hbs
+++ b/views/lists/forms/edit.hbs
@@ -55,7 +55,11 @@
                 <a href="/subscription/{{list.cid}}/updated-notice?fid={{form.id}}" target="_blank">{{#translate}}Updated Notice{{/translate}}</a>
                 |
                 <a href="/subscription/{{list.cid}}/unsubscribed-notice?fid={{form.id}}" target="_blank">{{#translate}}Unsubscribed Notice{{/translate}}</a>
+                |
+                <a href="/subscription/{{list.cid}}/manual-unsubscribe-notice?fid={{form.id}}" target="_blank">{{#translate}}Manual Unsubscribe Notice{{/translate}}</a>
                 {{#if testUsers}}
+                    |
+                    <a href="/subscription/{{list.cid}}/unsubscribe/{{testUsers.0.cid}}?fid={{form.id}}&formTest=1" target="_blank">{{#translate}}Unsubscribe{{/translate}}</a>
                     |
                     <a href="/subscription/{{list.cid}}/manage/{{testUsers.0.cid}}?fid={{form.id}}" target="_blank">{{#translate}}Manage{{/translate}}</a>
                     |
diff --git a/views/subscription/partials/subscription-custom-fields.hbs b/views/subscription/partials/subscription-custom-fields.hbs
index 847a169e..9e679b03 100644
--- a/views/subscription/partials/subscription-custom-fields.hbs
+++ b/views/subscription/partials/subscription-custom-fields.hbs
@@ -1,6 +1,6 @@
 {{#each customFields}}
 
-    {{#if typeSubsciptionEmail}}
+    {{#if typeSubscriptionEmail}}
         <div class="form-group email">
             <label for="email">{{#translate}}Email Address{{/translate}}</label>
             {{#if ../isManagePreferences}}
diff --git a/views/subscription/partials/subscription-subscribe-form.hbs b/views/subscription/partials/subscription-subscribe-form.hbs
index 92b40c71..46bd7708 100644
--- a/views/subscription/partials/subscription-subscribe-form.hbs
+++ b/views/subscription/partials/subscription-subscribe-form.hbs
@@ -10,6 +10,7 @@
     <input type="hidden" class="tz-detect" name="tz" id="tz" value="{{tz}}">
     <input type="hidden" name="address" value="">
     <input type="hidden" name="sub" id="sub" value="">
+    <input type="hidden" name="ucid" value="{{ucid}}">
 
 {{> subscription_custom_fields}}
 

From 6b92e3911208511122b041bd4547e0a57237b86e Mon Sep 17 00:00:00 2001
From: Tomas Bures <tbures@sathyasai.org>
Date: Sat, 6 May 2017 06:35:32 -0400
Subject: [PATCH 05/11] Some fixes in lists and apis to reflect the changes in
 subscriptions. Confirmation URLs split per action type. This allows more
 specific error reporting.

---
 lib/models/confirmations.js      |   1 +
 lib/models/subscriptions.js      |  12 +-
 lib/subscription-mail-helpers.js | 316 +++++++++++++++----------------
 routes/api.js                    |  57 ++++--
 routes/lists.js                  |   2 +-
 routes/subscription.js           | 166 ++++++++--------
 6 files changed, 295 insertions(+), 259 deletions(-)

diff --git a/lib/models/confirmations.js b/lib/models/confirmations.js
index dbac8497..9cbceee6 100644
--- a/lib/models/confirmations.js
+++ b/lib/models/confirmations.js
@@ -3,6 +3,7 @@
 let db = require('../db');
 let shortid = require('shortid');
 let helpers = require('../helpers');
+let _ = require('../translate')._;
 
 /*
     Adds new entry to the confirmations tables. Generates confirmation cid, which it returns.
diff --git a/lib/models/subscriptions.js b/lib/models/subscriptions.js
index 34147901..080acb5e 100644
--- a/lib/models/subscriptions.js
+++ b/lib/models/subscriptions.js
@@ -6,10 +6,7 @@ let tools = require('../tools');
 let helpers = require('../helpers');
 let fields = require('./fields');
 let segments = require('./segments');
-let settings = require('./settings');
-let mailer = require('../mailer');
 let _ = require('../translate')._;
-let util = require('util');
 let tableHelpers = require('../table-helpers');
 
 const Status = {
@@ -892,7 +889,7 @@ module.exports.updateAddress = (listId, subscriptionId, emailNew, callback) => {
 
                 let query = 'DELETE FROM `subscription__' + listId + '` WHERE `email`=? AND `id`<>?';
                 let args = [emailNew, subscriptionId];
-                connection.query(query, args, (err, rows) => {
+                connection.query(query, args, err => {
                     if (err) {
                         return helpers.rollbackAndReleaseConnection(connection, () => callback(err));
                     }
@@ -924,8 +921,5 @@ module.exports.updateAddress = (listId, subscriptionId, emailNew, callback) => {
 
 };
 
-module.exports.getUnsubscriptionMode = (list, subscriptionId) => {
-    // TODO: Once the unsubscription mode is customizable per segment, then this will be a good place to process it.
-    return list.unsubscriptionMode;
-};
-
+module.exports.getUnsubscriptionMode = (list, subscriptionId) => list.unsubscriptionMode; // eslint-disable-line no-unused-vars
+// TODO: Once the unsubscription mode is customizable per segment, then this will be a good place to process it.
diff --git a/lib/subscription-mail-helpers.js b/lib/subscription-mail-helpers.js
index 96beb978..cfbac97e 100644
--- a/lib/subscription-mail-helpers.js
+++ b/lib/subscription-mail-helpers.js
@@ -1,159 +1,157 @@
-'use strict';
-
-const log = require('npmlog');
-const config = require('config');
-let fields = require('./models/fields');
-let settings = require('./models/settings');
-let mailer = require('./mailer');
-let urllib = require('url');
-let helpers = require('./helpers');
-let tools = require('./tools');
-let _ = require('./translate')._;
-let util = require('util');
-
-
-module.exports = {
-    sendAlreadySubscribed,
-    sendConfirmAddressChange,
-    sendConfirmSubscription,
-    sendConfirmUnsubscription,
-    sendSubscriptionConfirmed,
-    sendUnsubscriptionConfirmed
-};
-
-function sendSubscriptionConfirmed(list, email, subscription, callback) {
-    const relativeUrls = {
-        preferencesUrl: '/subscription/' + list.cid + '/manage/' + subscription.cid,
-        unsubscribeUrl: '/subscription/' + list.cid + '/unsubscribe/' + subscription.cid
-    };
-
-    sendMail(list, email, 'subscription-confirmed', _('%s: Subscription Confirmed'), relativeUrls, {}, subscription, callback);
-}
-
-function sendAlreadySubscribed(list, email, subscription, callback) {
-    const mailOpts = {
-        ignoreDisableConfirmations: true
-    };
-    const relativeUrls = {
-        preferencesUrl: '/subscription/' + list.cid + '/manage/' + subscription.cid,
-        unsubscribeUrl: '/subscription/' + list.cid + '/unsubscribe/' + subscription.cid
-    };
-    sendMail(list, email, 'already-subscribed', _('%s: Email Address Already Registered'), relativeUrls, mailOpts, subscription, callback);
-}
-
-function sendConfirmAddressChange(list, email, cid, subscription, callback) {
-    const mailOpts = {
-        ignoreDisableConfirmations: true
-    };
-    const relativeUrls = {
-        confirmUrl: '/subscription/confirm/' + cid
-    };
-    sendMail(list, email, 'confirm-address-change', _('%s: Please Confirm Email Change in Subscription'), relativeUrls, mailOpts, subscription, callback);
-}
-
-function sendConfirmSubscription(list, email, cid, subscription, callback) {
-    const mailOpts = {
-        ignoreDisableConfirmations: true
-    };
-    const relativeUrls = {
-        confirmUrl: '/subscription/confirm/' + cid
-    };
-    sendMail(list, email, 'confirm-subscription', _('%s: Please Confirm Subscription'), relativeUrls, mailOpts, subscription, callback);
-}
-
-function sendConfirmUnsubscription(list, email, cid, subscription, callback) {
-    const mailOpts = {
-        ignoreDisableConfirmations: true
-    };
-    const relativeUrls = {
-        confirmUrl: '/subscription/confirm/' + cid
-    };
-    sendMail(list, email, 'confirm-unsubscription', _('%s: Please Confirm Unsubscription'), relativeUrls, mailOpts, subscription, callback);
-}
-
-function sendUnsubscriptionConfirmed(list, email, subscription, callback) {
-    const relativeUrls = {
-        subscribeUrl: '/subscription/' + list.cid + '?cid=' + subscription.cid
-    };
-    sendMail(list, email, 'unsubscription-confirmed', _('%s: Unsubscription Confirmed'), relativeUrls, {}, subscription, callback);
-}
-
-
-function sendMail(list, email, template, subject, relativeUrls, mailOpts, subscription, callback) {
-    fields.list(list.id, (err, fieldList) => {
-        if (err) {
-            return callback(err);
-        }
-
-        let encryptionKeys = [];
-        fields.getRow(fieldList, subscription).forEach(field => {
-            if (field.type === 'gpg' && field.value) {
-                encryptionKeys.push(field.value.trim());
-            }
-        });
-
-        settings.list(['defaultHomepage', 'defaultFrom', 'defaultAddress', 'defaultPostaddress', 'serviceUrl', 'disableConfirmations'], (err, configItems) => {
-            if (err) {
-                return callback(err);
-            }
-
-            if (!mailOpts.ignoreDisableConfirmations && configItems.disableConfirmations) {
-                return;
-            }
-
-            const data = {
-                title: list.name,
-                homepage: configItems.defaultHomepage || configItems.serviceUrl,
-                contactAddress: configItems.defaultAddress,
-                defaultPostaddress: configItems.defaultPostaddress,
-            };
-
-            for (let relativeUrlKey in relativeUrls) {
-                data[relativeUrlKey] = urllib.resolve(configItems.serviceUrl, relativeUrls[relativeUrlKey]);
-            }
-
-            function sendMail(html, text) {
-                mailer.sendMail({
-                    from: {
-                        name: configItems.defaultFrom,
-                        address: configItems.defaultAddress
-                    },
-                    to: {
-                        name: [].concat(subscription.firstName || []).concat(subscription.lastName || []).join(' '),
-                        address: email
-                    },
-                    subject: util.format(subject, list.name),
-                    encryptionKeys
-                }, {
-                    html,
-                    text,
-                    data
-                }, err => {
-                    if (err) {
-                        log.error('Subscription', err);
-                    }
-                });
-            }
-
-            let text = {
-                template: 'subscription/mail-' + template + '-text.hbs'
-            };
-
-            let html = {
-                template: 'subscription/mail-' + template + '-html.mjml.hbs',
-                layout: 'subscription/layout.mjml.hbs',
-                type: 'mjml'
-            };
-
-            helpers.injectCustomFormTemplates(list.defaultForm, { text, html }, (err, tmpl) => {
-                if (err) {
-                    return sendMail(html, text);
-                }
-
-                sendMail(tmpl.html, tmpl.text);
-            });
-
-            return callback();
-        });
-    });
-}
+'use strict';
+
+const log = require('npmlog');
+let fields = require('./models/fields');
+let settings = require('./models/settings');
+let mailer = require('./mailer');
+let urllib = require('url');
+let helpers = require('./helpers');
+let _ = require('./translate')._;
+let util = require('util');
+
+
+module.exports = {
+    sendAlreadySubscribed,
+    sendConfirmAddressChange,
+    sendConfirmSubscription,
+    sendConfirmUnsubscription,
+    sendSubscriptionConfirmed,
+    sendUnsubscriptionConfirmed
+};
+
+function sendSubscriptionConfirmed(list, email, subscription, callback) {
+    const relativeUrls = {
+        preferencesUrl: '/subscription/' + list.cid + '/manage/' + subscription.cid,
+        unsubscribeUrl: '/subscription/' + list.cid + '/unsubscribe/' + subscription.cid
+    };
+
+    sendMail(list, email, 'subscription-confirmed', _('%s: Subscription Confirmed'), relativeUrls, {}, subscription, callback);
+}
+
+function sendAlreadySubscribed(list, email, subscription, callback) {
+    const mailOpts = {
+        ignoreDisableConfirmations: true
+    };
+    const relativeUrls = {
+        preferencesUrl: '/subscription/' + list.cid + '/manage/' + subscription.cid,
+        unsubscribeUrl: '/subscription/' + list.cid + '/unsubscribe/' + subscription.cid
+    };
+    sendMail(list, email, 'already-subscribed', _('%s: Email Address Already Registered'), relativeUrls, mailOpts, subscription, callback);
+}
+
+function sendConfirmAddressChange(list, email, cid, subscription, callback) {
+    const mailOpts = {
+        ignoreDisableConfirmations: true
+    };
+    const relativeUrls = {
+        confirmUrl: '/subscription/confirm/change-address/' + cid
+    };
+    sendMail(list, email, 'confirm-address-change', _('%s: Please Confirm Email Change in Subscription'), relativeUrls, mailOpts, subscription, callback);
+}
+
+function sendConfirmSubscription(list, email, cid, subscription, callback) {
+    const mailOpts = {
+        ignoreDisableConfirmations: true
+    };
+    const relativeUrls = {
+        confirmUrl: '/subscription/confirm/subscribe/' + cid
+    };
+    sendMail(list, email, 'confirm-subscription', _('%s: Please Confirm Subscription'), relativeUrls, mailOpts, subscription, callback);
+}
+
+function sendConfirmUnsubscription(list, email, cid, subscription, callback) {
+    const mailOpts = {
+        ignoreDisableConfirmations: true
+    };
+    const relativeUrls = {
+        confirmUrl: '/subscription/confirm/unsubscribe/' + cid
+    };
+    sendMail(list, email, 'confirm-unsubscription', _('%s: Please Confirm Unsubscription'), relativeUrls, mailOpts, subscription, callback);
+}
+
+function sendUnsubscriptionConfirmed(list, email, subscription, callback) {
+    const relativeUrls = {
+        subscribeUrl: '/subscription/' + list.cid + '?cid=' + subscription.cid
+    };
+    sendMail(list, email, 'unsubscription-confirmed', _('%s: Unsubscription Confirmed'), relativeUrls, {}, subscription, callback);
+}
+
+
+function sendMail(list, email, template, subject, relativeUrls, mailOpts, subscription, callback) {
+    fields.list(list.id, (err, fieldList) => {
+        if (err) {
+            return callback(err);
+        }
+
+        let encryptionKeys = [];
+        fields.getRow(fieldList, subscription).forEach(field => {
+            if (field.type === 'gpg' && field.value) {
+                encryptionKeys.push(field.value.trim());
+            }
+        });
+
+        settings.list(['defaultHomepage', 'defaultFrom', 'defaultAddress', 'defaultPostaddress', 'serviceUrl', 'disableConfirmations'], (err, configItems) => {
+            if (err) {
+                return callback(err);
+            }
+
+            if (!mailOpts.ignoreDisableConfirmations && configItems.disableConfirmations) {
+                return;
+            }
+
+            const data = {
+                title: list.name,
+                homepage: configItems.defaultHomepage || configItems.serviceUrl,
+                contactAddress: configItems.defaultAddress,
+                defaultPostaddress: configItems.defaultPostaddress
+            };
+
+            for (let relativeUrlKey in relativeUrls) {
+                data[relativeUrlKey] = urllib.resolve(configItems.serviceUrl, relativeUrls[relativeUrlKey]);
+            }
+
+            function sendMail(html, text) {
+                mailer.sendMail({
+                    from: {
+                        name: configItems.defaultFrom,
+                        address: configItems.defaultAddress
+                    },
+                    to: {
+                        name: [].concat(subscription.firstName || []).concat(subscription.lastName || []).join(' '),
+                        address: email
+                    },
+                    subject: util.format(subject, list.name),
+                    encryptionKeys
+                }, {
+                    html,
+                    text,
+                    data
+                }, err => {
+                    if (err) {
+                        log.error('Subscription', err);
+                    }
+                });
+            }
+
+            let text = {
+                template: 'subscription/mail-' + template + '-text.hbs'
+            };
+
+            let html = {
+                template: 'subscription/mail-' + template + '-html.mjml.hbs',
+                layout: 'subscription/layout.mjml.hbs',
+                type: 'mjml'
+            };
+
+            helpers.injectCustomFormTemplates(list.defaultForm, { text, html }, (err, tmpl) => {
+                if (err) {
+                    return sendMail(html, text);
+                }
+
+                sendMail(tmpl.html, tmpl.text);
+            });
+
+            return callback();
+        });
+    });
+}
diff --git a/routes/api.js b/routes/api.js
index 671bac8f..a44d6fec 100644
--- a/routes/api.js
+++ b/routes/api.js
@@ -5,10 +5,12 @@ let lists = require('../lib/models/lists');
 let fields = require('../lib/models/fields');
 let blacklist = require('../lib/models/blacklist');
 let subscriptions = require('../lib/models/subscriptions');
+let confirmations = require('../lib/models/confirmations');
 let tools = require('../lib/tools');
 let express = require('express');
 let log = require('npmlog');
 let router = new express.Router();
+let mailHelpers = require('../lib/subscription-mail-helpers');
 
 router.all('/*', (req, res, next) => {
     if (!req.query.access_token) {
@@ -93,8 +95,6 @@ router.post('/subscribe/:listId', (req, res) => {
                 subscription.tz = (input.TIMEZONE || '').toString().trim();
             }
 
-            subscription._action = 'subscribe';
-
             fields.list(list.id, (err, fieldList) => {
                 if (err && !fieldList) {
                     fieldList = [];
@@ -125,7 +125,7 @@ router.post('/subscribe/:listId', (req, res) => {
                 }
 
                 if (/^(yes|true|1)$/i.test(input.REQUIRE_CONFIRMATION)) {
-                    subscriptions.addConfirmation(list, input.EMAIL, req.ip, subscription, (err, cid) => {
+                    confirmations.addConfirmation(list.id, 'subscribe', req.ip, subscription, (err, confirmCid) => {
                         if (err) {
                             log.error('API', err);
                             res.status(500);
@@ -134,11 +134,23 @@ router.post('/subscribe/:listId', (req, res) => {
                                 data: []
                             });
                         }
-                        res.status(200);
-                        res.json({
-                            data: {
-                                id: cid
+
+                        mailHelpers.sendConfirmSubscription(list, input.EMAIL, confirmCid, subscription, (err) => {
+                            if (err) {
+                                log.error('API', err);
+                                res.status(500);
+                                return res.json({
+                                    error: err.message || err,
+                                    data: []
+                                });
                             }
+
+                            res.status(200);
+                            res.json({
+                                data: {
+                                    id: confirmCid
+                                }
+                            });
                         });
                     });
                 } else {
@@ -191,7 +203,8 @@ router.post('/unsubscribe/:listId', (req, res) => {
                 data: []
             });
         }
-        subscriptions.unsubscribe(list.id, input.EMAIL, false, (err, subscription) => {
+
+        subscriptions.getByEmail(list.id, input.EMAIL, (err, subscription) => {
             if (err) {
                 res.status(500);
                 return res.json({
@@ -199,12 +212,30 @@ router.post('/unsubscribe/:listId', (req, res) => {
                     data: []
                 });
             }
-            res.status(200);
-            res.json({
-                data: {
-                    id: subscription.id,
-                    unsubscribed: true
+
+            if (!subscription) {
+                res.status(404);
+                return res.json({
+                    error: 'Subscription with given email not found',
+                    data: []
+                });
+            }
+
+            subscriptions.changeStatus(list.id, subscription.id, false, subscriptions.Status.UNSUBSCRIBED, (err, found) => {
+                if (err) {
+                    res.status(500);
+                    return res.json({
+                        error: err.message || err,
+                        data: []
+                    });
                 }
+                res.status(200);
+                res.json({
+                    data: {
+                        id: subscription.id,
+                        unsubscribed: true
+                    }
+                });
             });
         });
     });
diff --git a/routes/lists.js b/routes/lists.js
index 402c9095..4c28bf32 100644
--- a/routes/lists.js
+++ b/routes/lists.js
@@ -451,7 +451,7 @@ router.post('/subscription/unsubscribe', passport.parseForm, passport.csrfProtec
                 return res.redirect('/lists/view/' + list.id);
             }
 
-            subscriptions.unsubscribe(list.id, subscription.email, false, err => {
+            subscriptions.changeStatus(list.id, subscription.id, false, subscriptions.Status.UNSUBSCRIBED, (err, found) => {
                 if (err) {
                     req.flash('danger', err && err.message || err || _('Could not unsubscribe user'));
                     return res.redirect('/lists/subscription/' + list.id + '/edit/' + subscription.cid);
diff --git a/routes/subscription.js b/routes/subscription.js
index 9790eb72..235a6a3b 100644
--- a/routes/subscription.js
+++ b/routes/subscription.js
@@ -45,10 +45,10 @@ let corsOrCsrfProtection = (req, res, next) => {
     }
 };
 
-router.get('/confirm/:cid', (req, res, next) => {
+function checkAndExecuteConfirmation(req, action, errorMsg, next, exec) {
     confirmations.takeConfirmation(req.params.cid, (err, confirmation) => {
-        if (!err && !confirmation) {
-            err = new Error(_('Selected subscription not found'));
+        if (!err && (!confirmation || confirmation.action !== action)) {
+            err = new Error(_(errorMsg));
             err.status = 404;
         }
 
@@ -56,8 +56,6 @@ router.get('/confirm/:cid', (req, res, next) => {
             return next(err);
         }
 
-        const data = confirmation.data;
-
         lists.get(confirmation.listId, (err, list) => {
             if (!err && !list) {
                 err = new Error(_('Selected list not found'));
@@ -68,90 +66,104 @@ router.get('/confirm/:cid', (req, res, next) => {
                 return next(err);
             }
 
+            exec(confirmation, list);
+        });
+    });
+}
 
-            if (confirmation.action === 'change-address') {
-                if (!data.subscriptionId) { // Something went terribly wrong and we don't have data that we have originally provided
-                    return next(new Error(_('Subscriber info corrupted or missing')));
+router.get('/confirm/subscribe/:cid', (req, res, next) => {
+    checkAndExecuteConfirmation(req, 'subscribe', 'Request invalid or already completed. If your subscription request is still pending, please subscribe again.', next, (confirmation, list) => {
+        const data = confirmation.data;
+        let optInCountry = geoip.lookupCountry(confirmation.ip) || null;
+
+        const meta = {
+            email: data.email,
+            optInIp: confirmation.ip,
+            optInCountry,
+            status: subscriptions.Status.SUBSCRIBED
+        };
+
+        subscriptions.insert(list.id, meta, data.subscriptionData, (err, result) => {
+            if (err) {
+                return next(err);
+            }
+
+            if (!result.entryId) {
+                return next(new Error(_('Could not save subscription')));
+            }
+
+            subscriptions.getById(list.id, result.entryId, (err, subscription) => {
+                if (err) {
+                    return next(err);
                 }
 
-                subscriptions.updateAddress(list.id, data.subscriptionId, data.emailNew, err => {
+                mailHelpers.sendSubscriptionConfirmed(list, data.email, subscription, err => {
                     if (err) {
                         return next(err);
                     }
 
-                    subscriptions.getById(list.id, data.subscriptionId, (err, subscription) => {
-                        if (err) {
-                            return next(err);
-                        }
-
-                        mailHelpers.sendSubscriptionConfirmed(list, data.emailNew, subscription, err => {
-                            if (err) {
-                                return next(err);
-                            }
-
-                            req.flash('info', _('Email address changed'));
-                            res.redirect('/subscription/' + list.cid + '/manage/' + subscription.cid);
-                        });
-                    });
+                    res.redirect('/subscription/' + list.cid + '/subscribed-notice');
                 });
+            });
+        });
+    });
+});
 
-            } else if (confirmation.action === 'subscribe') {
-                let optInCountry = geoip.lookupCountry(confirmation.ip) || null;
+router.get('/confirm/change-address/:cid', (req, res, next) => {
+    checkAndExecuteConfirmation(req, 'change-address', 'Request invalid or already completed. If your address change request is still pending, please change the address again.', next, (confirmation, list) => {
+        const data = confirmation.data;
 
-                const meta = {
-                    email: data.email,
-                    optInIp: confirmation.ip,
-                    optInCountry,
-                    status: subscriptions.Status.SUBSCRIBED
-                };
+        if (!data.subscriptionId) { // Something went terribly wrong and we don't have data that we have originally provided
+            return next(new Error(_('Subscriber info corrupted or missing')));
+        }
 
-                subscriptions.insert(list.id, meta, data.subscriptionData, (err, result) => {
-                    if (err) {
-                        return next(err);
-                    }
-
-                    if (!result.entryId) {
-                        return next(new Error(_('Could not save subscription')));
-                    }
-
-                    subscriptions.getById(list.id, result.entryId, (err, subscription) => {
-                        if (err) {
-                            return next(err);
-                        }
-
-                        mailHelpers.sendSubscriptionConfirmed(list, data.email, subscription, err => {
-                            if (err) {
-                                return next(err);
-                            }
-
-                            res.redirect('/subscription/' + list.cid + '/subscribed-notice');
-                        });
-                    });
-                });
-
-            } else if (confirmation.action === 'unsubscribe') {
-                subscriptions.changeStatus(list.id, confirmation.data.subscriptionId, confirmation.data.campaignId, subscriptions.Status.UNSUBSCRIBED, (err, found) => {
-                    if (err) {
-                        return next(err);
-                    }
-
-                    // TODO: Shall we do anything with "found"?
-
-                    subscriptions.getById(list.id, confirmation.data.subscriptionId, (err, subscription) => {
-                        if (err) {
-                            return next(err);
-                        }
-
-                        mailHelpers.sendUnsubscriptionConfirmed(list, subscription.email, subscription, err => {
-                            if (err) {
-                                return next(err);
-                            }
-
-                            res.redirect('/subscription/' + list.cid + '/unsubscribed-notice');
-                        });
-                    });
-                });
+        subscriptions.updateAddress(list.id, data.subscriptionId, data.emailNew, err => {
+            if (err) {
+                return next(err);
             }
+
+            subscriptions.getById(list.id, data.subscriptionId, (err, subscription) => {
+                if (err) {
+                    return next(err);
+                }
+
+                mailHelpers.sendSubscriptionConfirmed(list, data.emailNew, subscription, err => {
+                    if (err) {
+                        return next(err);
+                    }
+
+                    req.flash('info', _('Email address changed'));
+                    res.redirect('/subscription/' + list.cid + '/manage/' + subscription.cid);
+                });
+            });
+        });
+    });
+});
+
+router.get('/confirm/unsubscribe/:cid', (req, res, next) => {
+    checkAndExecuteConfirmation(req, 'unsubscribe', 'Request invalid or already completed. If your unsubscription request is still pending, please unsubscribe again.', next, (confirmation, list) => {
+        const data = confirmation.data;
+
+        subscriptions.changeStatus(list.id, confirmation.data.subscriptionId, confirmation.data.campaignId, subscriptions.Status.UNSUBSCRIBED, (err, found) => {
+            if (err) {
+                return next(err);
+            }
+
+            // TODO: Shall we do anything with "found"?
+
+            subscriptions.getById(list.id, confirmation.data.subscriptionId, (err, subscription) => {
+                if (err) {
+                    return next(err);
+                }
+
+                mailHelpers.sendUnsubscriptionConfirmed(list, subscription.email, subscription, err => {
+                    if (err) {
+                        return next(err);
+                    }
+
+                    res.redirect('/subscription/' + list.cid + '/unsubscribed-notice');
+                });
+            });
         });
     });
 });

From 432e6ffaebaa68ff7d740b96d0104bc696b439c0 Mon Sep 17 00:00:00 2001
From: Tomas Bures <tbures@sathyasai.org>
Date: Sat, 6 May 2017 06:41:15 -0400
Subject: [PATCH 06/11] Upgraded the DB schema number.

---
 meta.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta.json b/meta.json
index 22fe97fb..aa851e29 100644
--- a/meta.json
+++ b/meta.json
@@ -1,3 +1,3 @@
 {
-    "schemaVersion": 27
+    "schemaVersion": 28
 }

From 328034bae01c3b29fea323e2b479c72e2a72ecea Mon Sep 17 00:00:00 2001
From: Tomas Bures <tbures@sathyasai.org>
Date: Tue, 23 May 2017 04:15:32 +0200
Subject: [PATCH 07/11] Half way in improving e2e test infrastructure and
 refactoring tests to the enhanced (un)subscription process

---
 .gitignore                            |   1 +
 app.js                                |   5 +-
 package.json                          |   3 +-
 test/e2e/helpers/config.js            |   1 +
 test/e2e/helpers/mocha-e2e.js         | 145 ++++++++++++++++++++++
 test/e2e/index.js                     |  36 +++---
 test/e2e/page-objects/flash.js        |  21 ----
 test/e2e/page-objects/home.js         |   2 +-
 test/e2e/page-objects/mail.js         |  19 +++
 test/e2e/page-objects/page.js         |  78 ++++++++----
 test/e2e/page-objects/subscription.js | 168 ++++++++++++++------------
 test/e2e/page-objects/users.js        |   2 +-
 test/e2e/page-objects/web.js          |  44 +++++++
 test/e2e/tests/login.js               |   2 -
 test/e2e/tests/subscription-uc.js     | 106 ++++++++++++++++
 test/e2e/tests/subscription.js        |   2 +-
 16 files changed, 482 insertions(+), 153 deletions(-)
 create mode 100644 test/e2e/helpers/mocha-e2e.js
 delete mode 100644 test/e2e/page-objects/flash.js
 create mode 100644 test/e2e/page-objects/mail.js
 create mode 100644 test/e2e/page-objects/web.js
 create mode 100644 test/e2e/tests/subscription-uc.js

diff --git a/.gitignore b/.gitignore
index c7687df8..9bf5b37b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
+.idea
 node_modules
 npm-debug.log
 .DS_Store
diff --git a/app.js b/app.js
index 1143df71..c6578e60 100644
--- a/app.js
+++ b/app.js
@@ -184,8 +184,9 @@ app.use((req, res, next) => {
     res.locals.customScripts = config.customscripts || [];
 
     let bodyClasses = [];
-    app.get('env') === 'test' && bodyClasses.push('page--' + (req.path.substring(1).replace(/\//g, '--') || 'home'));
-    req.user && bodyClasses.push('logged-in user-' + req.user.username);
+    if (req.user) {
+        bodyClasses.push('logged-in user-' + req.user.username);
+    }
     res.locals.bodyClass = bodyClasses.join(' ');
 
     settingsModel.list(['ua_code', 'shoutout'], (err, configItems) => {
diff --git a/package.json b/package.json
index 29c98088..6a419adc 100644
--- a/package.json
+++ b/package.json
@@ -17,7 +17,7 @@
     "sqldumptest": "NODE_ENV=test DUMP_NAME_SUFFIX=-test npm run sqldump",
     "sqlresettest": "NODE_ENV=test npm run sqldrop && NODE_ENV=test npm run sqlinit",
     "starttest": "NODE_ENV=test node index.js",
-    "_e2e": "NODE_ENV=test mocha test/e2e/index.js",
+    "_e2e": "NODE_ENV=test node test/e2e/index.js",
     "e2e": "npm run sqlresettest && npm run _e2e"
   },
   "repository": {
@@ -70,6 +70,7 @@
     "faker": "^4.1.0",
     "feedparser": "^2.1.0",
     "file-type": "^4.1.0",
+    "fs-extra": "^3.0.1",
     "geoip-ultralight": "^0.1.5",
     "gettext-parser": "^1.2.2",
     "gm": "^1.23.0",
diff --git a/test/e2e/helpers/config.js b/test/e2e/helpers/config.js
index 71726ff7..a9d191be 100644
--- a/test/e2e/helpers/config.js
+++ b/test/e2e/helpers/config.js
@@ -5,6 +5,7 @@ const config = require('config');
 module.exports = {
     app: config,
     baseUrl: 'http://localhost:' + config.www.port,
+    mailUrl: 'http://localhost:' + config.testserver.mailboxserverport,
     users: {
         admin: {
             username: 'admin',
diff --git a/test/e2e/helpers/mocha-e2e.js b/test/e2e/helpers/mocha-e2e.js
new file mode 100644
index 00000000..37f96b68
--- /dev/null
+++ b/test/e2e/helpers/mocha-e2e.js
@@ -0,0 +1,145 @@
+'use strict';
+
+const Mocha = require('mocha');
+const color = Mocha.reporters.Base.color;
+
+function UseCaseReporter(runner) {
+    Mocha.reporters.Base.call(this, runner);
+
+    const self = this;
+    let indents = 0;
+
+    function indent () {
+        return Array(indents).join('  ');
+    }
+
+    runner.on('start', function () {
+        console.log();
+    });
+
+    runner.on('suite', suite => {
+        ++indents;
+        console.log(color('suite', '%s%s'), indent(), suite.title);
+    });
+
+    runner.on('suite end', () => {
+        --indents;
+        if (indents === 1) {
+            console.log();
+        }
+    });
+
+    runner.on('use-case', useCase => {
+        ++indents;
+        console.log();
+        console.log(color('suite', '%sUse case: %s'), indent(), useCase.title);
+    });
+
+    runner.on('use-case end', () => {
+        --indents;
+        if (indents === 1) {
+            console.log();
+        }
+    });
+
+    runner.on('step pass', step => {
+        console.log(indent() + color('checkmark', '  ' + Mocha.reporters.Base.symbols.ok) + color('pass', ' %s'), step.title);
+    });
+
+    runner.on('step fail', step => {
+        console.log(indent() + color('fail', '  %s'), step.title);
+    });
+
+    runner.on('pending', test => {
+        const fmt = indent() + color('pending', '  - %s');
+        console.log(fmt, test.title);
+    });
+
+    runner.on('pass', test => {
+        let fmt;
+        if (test.speed === 'fast') {
+            fmt = indent() +
+                color('checkmark', '  ' + Mocha.reporters.Base.symbols.ok) +
+                color('pass', ' %s');
+            console.log(fmt, test.title);
+        } else {
+            fmt = indent() +
+                color('checkmark', '  ' + Mocha.reporters.Base.symbols.ok) +
+                color('pass', ' %s') +
+                color(test.speed, ' (%dms)');
+            console.log(fmt, test.title, test.duration);
+        }
+    });
+
+    runner.on('fail', test => {
+        console.log(indent() + color('fail', '  %s'), test.title);
+    });
+
+    runner.on('end', () => {
+        const stats = self.stats;
+        let fmt;
+
+        console.log();
+
+        // passes
+        fmt = color('bright pass', ' ') + color('green', ' %d passing');
+        console.log(fmt, stats.passes);
+
+        // pending
+        if (stats.pending) {
+            fmt = color('pending', ' ') + color('pending', ' %d pending');
+            console.log(fmt, stats.pending);
+        }
+
+        // failures
+        if (stats.failures) {
+            fmt = color('fail', '  %d failing');
+            console.log(fmt, stats.failures);
+        }
+
+        console.log();
+    });
+}
+
+const mocha = new Mocha()
+    .timeout(120000)
+    .reporter(UseCaseReporter);
+
+mocha._originalRun = mocha.run;
+
+let runner;
+mocha.run = fn => {
+    runner = mocha._originalRun(fn);
+}
+
+async function useCase(name, asyncFn) {
+    it('Use case: ' + name, async () => {
+        runner.emit('use-case', {title: name});
+
+        try {
+            await asyncFn();
+            runner.emit('use-case end');
+        } catch (err) {
+            runner.emit('use-case end');
+            console.err(err);
+            throw err;
+        }
+    });
+}
+
+async function step(name, asyncFn) {
+    try {
+        await asyncFn();
+        runner.emit('step pass', {title: name});
+    } catch (err) {
+        runner.emit('step fail', {title: name});
+        console.err(err);
+        throw err;
+    }
+}
+
+module.exports = {
+    mocha,
+    useCase,
+    step
+};
\ No newline at end of file
diff --git a/test/e2e/index.js b/test/e2e/index.js
index d78f5819..8a655caf 100644
--- a/test/e2e/index.js
+++ b/test/e2e/index.js
@@ -1,36 +1,34 @@
 'use strict';
 
 require('./helpers/exit-unless-test');
+const mocha = require('./helpers/mocha-e2e').mocha;
+const path = require('path');
 
 global.USE_SHARED_DRIVER = true;
 
 const driver = require('./helpers/driver');
+
 const only = 'only';
 const skip = 'skip';
 
-
-
 let tests = [
-    ['tests/login'],
-    ['tests/subscription']
+    'login',
+    'subscription',
+    ['subscription-uc', only]
 ];
 
-
-
-tests = tests.filter(t => t[1] !== skip);
-
-if (tests.some(t => t[1] === only)) {
-    tests = tests.filter(t => t[1] === only);
+tests = tests.map(testSpec => (testSpec.constructor === Array ? testSpec : [testSpec]));
+tests = tests.filter(testSpec => testSpec[1] !== skip);
+if (tests.some(testSpec => testSpec[1] === only)) {
+    tests = tests.filter(testSpec => testSpec[1] === only);
 }
 
-describe('e2e', function() {
-    this.timeout(10000);
+for (const testSpec of tests) {
+    const testPath = path.join(__dirname, 'tests', testSpec[0] + '.js');
+    mocha.addFile(testPath);
+}
 
-    tests.forEach(t => {
-        describe(t[0], () => {
-            require('./' + t[0]); // eslint-disable-line global-require
-        });
-    });
-
-    after(() => driver.originalQuit());
+mocha.run(failures => {
+    driver.originalQuit();
+    process.exit(failures);  // exit with non-zero status if there were failures
 });
diff --git a/test/e2e/page-objects/flash.js b/test/e2e/page-objects/flash.js
deleted file mode 100644
index ee42f4bd..00000000
--- a/test/e2e/page-objects/flash.js
+++ /dev/null
@@ -1,21 +0,0 @@
-'use strict';
-
-const page = require('./page');
-
-module.exports = driver => Object.assign(page(driver), {
-    elementToWaitFor: 'alert',
-    elements: {
-        alert: 'div.alert:not(.js-warning)'
-    },
-    getText() {
-        return this.element('alert').getText();
-    },
-    clear() {
-        return this.driver.executeScript(`
-            var elements = document.getElementsByClassName('alert');
-            while(elements.length > 0){
-                elements[0].parentNode.removeChild(elements[0]);
-            }
-        `);
-    }
-});
diff --git a/test/e2e/page-objects/home.js b/test/e2e/page-objects/home.js
index 2fccae24..bf322fc8 100644
--- a/test/e2e/page-objects/home.js
+++ b/test/e2e/page-objects/home.js
@@ -1,6 +1,6 @@
 'use strict';
 
-const page = require('./page');
+const page = require('./web');
 
 module.exports = driver => Object.assign(page(driver), {
     url: '/',
diff --git a/test/e2e/page-objects/mail.js b/test/e2e/page-objects/mail.js
new file mode 100644
index 00000000..e01c7ef4
--- /dev/null
+++ b/test/e2e/page-objects/mail.js
@@ -0,0 +1,19 @@
+'use strict';
+
+const config = require('../helpers/config');
+
+const page = require('./page');
+
+module.exports = (driver, ...extras) => page(driver, {
+
+    async fetchMail(address) {
+        await this.driver.sleep(1000);
+        await this.driver.navigate().to(`${config.mailUrl}/${address}`);
+        await this.waitUntilVisible();
+    },
+
+    async ensureUrl(path) {
+        throw new Error('Unsupported method.');
+    },
+
+}, ...extras);
diff --git a/test/e2e/page-objects/page.js b/test/e2e/page-objects/page.js
index ece926ad..47d46a16 100644
--- a/test/e2e/page-objects/page.js
+++ b/test/e2e/page-objects/page.js
@@ -4,52 +4,78 @@ const config = require('../helpers/config');
 const webdriver = require('selenium-webdriver');
 const By = webdriver.By;
 const until = webdriver.until;
+const fs = require('fs-extra');
 
-module.exports = driver => ({
+module.exports = (driver, ...extras) => Object.assign({
     driver,
+
     elements: {},
 
-    element(key) {
-        return this.driver.findElement(By.css(this.elements[key] || key));
+    async element(key) {
+        return await this.driver.findElement(By.css(this.elements[key] || key));
     },
 
-    navigate(path) {
-        this.driver.navigate().to(config.baseUrl + (path || this.url));
-        return this.waitUntilVisible();
-    },
+    async waitUntilVisible(selector) {
+        // This is left here to ease debugging
+        // await this.sleep(2000);
+        // await this.takeScreenshot('image.png');
+        // console.log(await this.source());
 
-    waitUntilVisible() {
-        let selector = this.elements[this.elementToWaitFor];
-        if (!selector && this.url) {
-            selector = 'body.page--' + (this.url.substring(1).replace(/\//g, '--') || 'home');
+        const sel = selector || this.elements[this.elementToWaitFor] || 'body';
+        await this.driver.wait(until.elementLocated(By.css(sel)), 10000);
+
+        if (this.url) {
+            await this.ensureUrl();
         }
-        return selector ? this.driver.wait(until.elementLocated(By.css(selector))) : this.driver.sleep(1000);
     },
 
-    submit() {
-        return this.element('submitButton').click();
+    async link(key) {
+        const elem = await this.element(key);
+        return await elem.getAttribute('href');
     },
 
-    click(key) {
-        return this.element(key).click();
+    async submit() {
+        const submitButton = await this.element('submitButton');
+        await submitButton.click();
     },
 
-    getText(key) {
-        return this.element(key).getText();
+    async click(key) {
+        const elem = await this.element(key);
+        await elem.click();
     },
 
-    getValue(key) {
-        return this.element(key).getAttribute('value');
+    async getText(key) {
+        const elem = await this.element(key);
+        return await elem.getText();
     },
 
-    setValue(key, value) {
-        return this.element(key).sendKeys(value);
+    async getValue(key) {
+        const elem = await this.element(key);
+        return await elem.getAttribute('value');
     },
 
-    containsText(str) {
-        // let text = await driver.findElement({ css: 'body' }).getText();
-        return this.driver.executeScript(`
+    async setValue(key, value) {
+        const elem = await this.element(key);
+        await elem.sendKeys(value);
+    },
+
+    async containsText(str) {
+        return await this.driver.executeScript(`
             return (document.documentElement.textContent || document.documentElement.innerText).indexOf('${str}') > -1;
         `);
+    },
+
+    async source() {
+        return await this.driver.getPageSource();
+    },
+
+    async takeScreenshot(destPath) {
+        const pngData = await this.driver.takeScreenshot();
+        const buf = new Buffer(pngData, 'base64');
+        await fs.writeFile(destPath, buf);
+    },
+
+    async sleep(ms) {
+        await this.driver.sleep(ms);
     }
-});
+}, ...extras);
diff --git a/test/e2e/page-objects/subscription.js b/test/e2e/page-objects/subscription.js
index 20b56f6f..b80594f8 100644
--- a/test/e2e/page-objects/subscription.js
+++ b/test/e2e/page-objects/subscription.js
@@ -1,84 +1,94 @@
 'use strict';
 
 const config = require('../helpers/config');
-const page = require('./page');
+const webBase = require('./web');
+const mailBase = require('./mail');
 
-const web = {
-    enterEmail(value) {
-        this.element('emailInput').clear();
-        return this.element('emailInput').sendKeys(value);
-    }
+module.exports = (driver, list) => {
+
+    const web = params => webBase(driver, {
+        async enterEmail(value) {
+            const emailInput = await this.element('emailInput');
+            await emailInput.clear();
+            await emailInput.sendKeys(value);
+        },
+    }, params);
+
+    const mail = params => mailBase(driver, params);
+
+    return {
+        webSubscribe: web({
+            url: `/subscription/${list.cid}`,
+            elementToWaitFor: 'form',
+            elements: {
+                form: `form[action="/subscription/${list.cid}/subscribe"]`,
+                emailInput: '#main-form input[name="email"]',
+                submitButton: 'a[href="#submit"]'
+            }
+        }),
+
+        webConfirmSubscriptionNotice: web({
+            url: `/subscription/${list.cid}/confirm-subscription-notice`,
+            elementToWaitFor: 'homepageButton',
+            elements: {
+                homepageButton: `a[href="${config.settings['default-homepage']}"]`
+            }
+        }),
+
+        mailConfirmSubscription: mail({
+            elementToWaitFor: 'confirmLink',
+            elements: {
+                confirmLink: `a[href^="${config.settings['service-url']}subscription/confirm/subscribe/"]`
+            }
+        }),
+
+        webSubscribedNotice: web({
+            url: `/subscription/${list.cid}/subscribed-notice`,
+            elementToWaitFor: 'homepageButton',
+            elements: {
+                homepageButton: `a[href="${config.settings['default-homepage']}"]`
+            }
+        }),
+
+        mailSubscriptionConfirmed: mail({
+            elementToWaitFor: 'unsubscribeLink',
+            elements: {
+                unsubscribeLink: `a[href^="${config.settings['service-url']}subscription/${list.cid}/unsubscribe/"]`,
+                manageLink: `a[href^="${config.settings['service-url']}subscription/${list.cid}/manage/"]`
+            }
+        }),
+
+/*
+        webUnsubscribe: web({ // FIXME
+            elementToWaitFor: 'submitButton',
+            elements: {
+                submitButton: 'a[href="#submit"]'
+            }
+        }),
+*/
+
+        webUnsubscribedNotice: web({
+            url: `/subscription/${list.cid}/unsubscribed-notice`,
+            elementToWaitFor: 'homepageButton',
+            elements: {
+                homepageButton: `a[href="${config.settings['default-homepage']}"]`
+            }
+        }),
+
+        mailUnsubscriptionConfirmed: mail({
+            elementToWaitFor: 'resubscribeLink',
+            elements: {
+                resubscribeLink: `a[href^="${config.settings['service-url']}subscription/${list.cid}"]`
+            }
+        }),
+/* TODO
+        webManage: web({
+            url: `/subscription/${list.cid}/manage`,
+            elementToWaitFor: 'homepageButton',
+            elements: {
+                homepageButton: `a[href="${config.settings['default-homepage']}"]`
+            }
+        }),
+*/
+    };
 };
-
-const mail = {
-    navigate(address) {
-        this.driver.sleep(100);
-        this.driver.navigate().to(`http://localhost:${config.app.testserver.mailboxserverport}/${address}`);
-        return this.waitUntilVisible();
-    }
-};
-
-module.exports = (driver, list) => ({
-
-    webSubscribe: Object.assign(page(driver), web, {
-        url: `/subscription/${list.cid}`,
-        elementToWaitFor: 'form',
-        elements: {
-            form: `form[action="/subscription/${list.cid}/subscribe"]`,
-            emailInput: '#main-form input[name="email"]',
-            submitButton: 'a[href="#submit"]'
-        }
-    }),
-
-    webConfirmSubscriptionNotice: Object.assign(page(driver), web, {
-        url: `/subscription/${list.cid}/confirm-notice`,
-        elementToWaitFor: 'homepageButton',
-        elements: {
-            homepageButton: `a[href="${config.settings['default-homepage']}"]`
-        }
-    }),
-
-    mailConfirmSubscription: Object.assign(page(driver), mail, {
-        elementToWaitFor: 'confirmLink',
-        elements: {
-            confirmLink: `a[href^="${config.settings['service-url']}subscription/subscribe/"]`
-        }
-    }),
-
-    webSubscribedNotice: Object.assign(page(driver), web, {
-        elementToWaitFor: 'homepageButton',
-        elements: {
-            homepageButton: 'a[href^="https://mailtrain.org"]'
-        }
-    }),
-
-    mailSubscriptionConfirmed: Object.assign(page(driver), mail, {
-        elementToWaitFor: 'unsubscribeLink',
-        elements: {
-            unsubscribeLink: 'a[href*="/unsubscribe/"]',
-            manageLink: 'a[href*="/manage/"]'
-        }
-    }),
-
-    webUnsubscribe: Object.assign(page(driver), web, {
-        elementToWaitFor: 'submitButton',
-        elements: {
-            submitButton: 'a[href="#submit"]'
-        }
-    }),
-
-    webUnsubscribedNotice: Object.assign(page(driver), web, {
-        elementToWaitFor: 'homepageButton',
-        elements: {
-            homepageButton: 'a[href^="https://mailtrain.org"]'
-        }
-    }),
-
-    mailUnsubscriptionConfirmed: Object.assign(page(driver), mail, {
-        elementToWaitFor: 'resubscribeLink',
-        elements: {
-            resubscribeLink: `a[href^="${config.settings['service-url']}subscription/${list.cid}"]`
-        }
-    })
-
-});
diff --git a/test/e2e/page-objects/users.js b/test/e2e/page-objects/users.js
index 27f7d82b..b0b8fe63 100644
--- a/test/e2e/page-objects/users.js
+++ b/test/e2e/page-objects/users.js
@@ -1,6 +1,6 @@
 'use strict';
 
-const page = require('./page');
+const page = require('./web');
 
 module.exports = driver => ({
 
diff --git a/test/e2e/page-objects/web.js b/test/e2e/page-objects/web.js
new file mode 100644
index 00000000..a0281c28
--- /dev/null
+++ b/test/e2e/page-objects/web.js
@@ -0,0 +1,44 @@
+'use strict';
+
+const config = require('../helpers/config');
+const By = require('selenium-webdriver').By;
+const url = require('url');
+
+const page = require('./page');
+
+module.exports = (driver, ...extras) => page(driver, {
+
+    async navigate(path) {
+        await this.driver.navigate().to(config.baseUrl + (path || this.url));
+        await this.waitUntilVisible();
+    },
+
+    async ensureUrl(path) {
+        const desiredUrl = path || this.url;
+
+        if (desiredUrl) {
+            const currentUrl = url.parse(await this.driver.getCurrentUrl());
+            if (this.url !== currentUrl.pathname || config.baseUrl !== `${currentUrl.protocol}//${currentUrl.host}`) {
+                throw new Error(`Unexpected URL. Expecting ${config.baseUrl}${this.url} got ${currentUrl.protocol}//${currentUrl.host}/${currentUrl.pathname}`);
+            }
+        }
+    },
+
+    async waitForFlash() {
+        await this.waitUntilVisible('div.alert:not(.js-warning)');
+    },
+
+    async getFlash() {
+        const elem = await this.driver.findElement(By.css('div.alert:not(.js-warning)'));
+        return await elem.getText();
+    },
+
+    async clearFlash() {
+        await this.driver.executeScript(`
+            var elements = document.getElementsByClassName('alert');
+            while(elements.length > 0){
+                elements[0].parentNode.removeChild(elements[0]);
+            }
+        `);
+    }
+}, ...extras);
diff --git a/test/e2e/tests/login.js b/test/e2e/tests/login.js
index 238b5def..f06d8d23 100644
--- a/test/e2e/tests/login.js
+++ b/test/e2e/tests/login.js
@@ -11,8 +11,6 @@ const {
 } = require('../page-objects/users')(driver);
 
 describe('login', function() {
-    this.timeout(10000);
-
     before(() => driver.manage().deleteAllCookies());
 
     it('can access home page', async () => {
diff --git a/test/e2e/tests/subscription-uc.js b/test/e2e/tests/subscription-uc.js
new file mode 100644
index 00000000..953b5cf4
--- /dev/null
+++ b/test/e2e/tests/subscription-uc.js
@@ -0,0 +1,106 @@
+'use strict';
+
+const config = require('../helpers/config');
+const { useCase, step } = require('../helpers/mocha-e2e');
+const shortid = require('shortid');
+const expect = require('chai').expect;
+const driver = require('../helpers/driver');
+
+const page = require('../page-objects/subscription')(driver, config.lists.one);
+
+function generateEmail() {
+    return 'keep.' + shortid.generate() + '@mailtrain.org';
+}
+
+async function subscribe(testUserEmail) {
+    const subscription = {
+        email: testUserEmail
+    };
+
+    await step('User navigates to list subscription page', async () => {
+        await page.webSubscribe.navigate();
+    });
+
+    await step('User submits a valid email', async () => {
+        await page.webSubscribe.enterEmail(testUserEmail);
+        await page.webSubscribe.submit();
+    });
+
+    await step('System shows a notice that further instructions are in the email', async () => {
+        await page.webConfirmSubscriptionNotice.waitUntilVisible();
+    });
+
+    await step('System sends an email with a link to confirm the subscription', async () => {
+        await page.mailConfirmSubscription.fetchMail(testUserEmail);
+    });
+
+    await step('User clicks confirm subscription in the email', async () => {
+        await page.mailConfirmSubscription.click('confirmLink');
+    });
+
+    await step('System shows a notice that subscription has been confirmed', async () => {
+        await page.webSubscribedNotice.waitUntilVisible();
+    });
+
+    await step('System sends an email with subscription confirmation', async () => {
+        await page.mailSubscriptionConfirmed.fetchMail(testUserEmail);
+        subscription.unsubscribeLink = await page.mailSubscriptionConfirmed.link('unsubscribeLink');
+        subscription.manageLink = await page.mailSubscriptionConfirmed.link('manageLink');
+    });
+
+    return subscription;
+}
+
+describe('Subscription use-cases', function() {
+    before(() => driver.manage().deleteAllCookies());
+
+    useCase('Subscription to a public list (main scenario)', async () => {
+        await subscribe(generateEmail());
+    });
+
+    useCase('Subscription to a public list (invalid email)', async () => {
+        await step('User navigates to list subscribe page', async () => {
+            await page.webSubscribe.navigate();
+        });
+
+        await step('User submits an invalid email', async () => {
+            await page.webSubscribe.enterEmail('foo@bar.nope');
+            await page.webSubscribe.submit();
+        });
+
+        await step('System shows a flash notice that email is invalid', async () => {
+            await page.webSubscribe.waitForFlash();
+            expect(await page.webSubscribe.getFlash()).to.contain('Invalid email address');
+        });
+    });
+
+    useCase('Unsubscription from list #1 (one-step, no form)', async () => {
+        const subscription = await subscribe(generateEmail());
+
+        await step('User clicks the unsubscribe button', async () => {
+            await page.mailSubscriptionConfirmed.click('unsubscribeLink');
+        });
+
+        await step('System show a notice that confirms unsubscription', async () => {
+            await page.webUnsubscribedNotice.waitUntilVisible();
+        });
+
+        await step('System sends an email that confirms unsubscription', async () => {
+            await page.mailUnsubscriptionConfirmed.fetchMail(subscription.email);
+        });
+    });
+/*
+    useCase('Change email in list #1 (one-step, no form)', async () => {
+        const subscription = await subscribe(generateEmail());
+
+        await step('User clicks the manage subscription button', async () => {
+            await page.mailSubscriptionConfirmed.click('manageLink');
+        });
+
+        await step('System show a notice that confirms unsubscription', async () => {
+            await page.webManage.waitUntilVisible();
+        });
+    });
+*/
+    after(() => driver.quit());
+});
diff --git a/test/e2e/tests/subscription.js b/test/e2e/tests/subscription.js
index 2e694aa8..cee3cece 100644
--- a/test/e2e/tests/subscription.js
+++ b/test/e2e/tests/subscription.js
@@ -5,7 +5,7 @@ const shortid = require('shortid');
 const expect = require('chai').expect;
 const driver = require('../helpers/driver');
 
-const page = require('../page-objects/page')(driver);
+const page = require('../page-objects/web')(driver);
 const flash = require('../page-objects/flash')(driver);
 
 const {

From ccd37ac7923637318870bed93424eeaccc89d858 Mon Sep 17 00:00:00 2001
From: Tomas Bures <tbures@sathyasai.org>
Date: Tue, 23 May 2017 19:34:01 +0200
Subject: [PATCH 08/11] Polishing e2e test API. Added option to parse links and
 extract parameters from them. Added option to construct parameterizedlinks in
 "navigate".

---
 .gitignore                            |   4 +-
 lib/tools.js                          |   1 -
 package.json                          |   3 +-
 test/e2e/helpers/driver.js            |  15 ----
 test/e2e/helpers/mocha-e2e.js         |  88 ++++++++++++++-----
 test/e2e/helpers/semaphore.js         |  35 ++++++++
 test/e2e/index.js                     |   5 +-
 test/e2e/page-objects/mail.js         |   8 +-
 test/e2e/page-objects/page.js         |  75 +++++++++--------
 test/e2e/page-objects/subscription.js |  54 +++++++-----
 test/e2e/page-objects/web.js          |  51 +++++++++--
 test/e2e/tests/subscription-uc.js     | 116 ++++++++++++++++++--------
 12 files changed, 308 insertions(+), 147 deletions(-)
 delete mode 100644 test/e2e/helpers/driver.js
 create mode 100644 test/e2e/helpers/semaphore.js

diff --git a/.gitignore b/.gitignore
index 9bf5b37b..14c576b6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,6 @@
-.idea
+/.idea
+/last-failed-e2e-test.*
+
 node_modules
 npm-debug.log
 .DS_Store
diff --git a/lib/tools.js b/lib/tools.js
index 901ad0df..2e7a32e2 100644
--- a/lib/tools.js
+++ b/lib/tools.js
@@ -148,7 +148,6 @@ function updateMenu(res) {
 }
 
 function validateEmail(address, checkBlocked, callback) {
-
     let user = (address || '').toString().split('@').shift().toLowerCase().replace(/[^a-z0-9]/g, '');
     if (checkBlocked && blockedUsers.indexOf(user) >= 0) {
         return callback(new Error(util.format(_('Blocked email address "%s"'), address)));
diff --git a/package.json b/package.json
index 6a419adc..b7ffee19 100644
--- a/package.json
+++ b/package.json
@@ -42,7 +42,8 @@
     "mailparser": "^2.0.5",
     "mocha": "^3.3.0",
     "phantomjs": "^2.1.7",
-    "selenium-webdriver": "^3.4.0"
+    "selenium-webdriver": "^3.4.0",
+    "url-pattern": "^1.0.3"
   },
   "optionalDependencies": {
     "posix": "^4.1.1"
diff --git a/test/e2e/helpers/driver.js b/test/e2e/helpers/driver.js
deleted file mode 100644
index a9b8444b..00000000
--- a/test/e2e/helpers/driver.js
+++ /dev/null
@@ -1,15 +0,0 @@
-'use strict';
-
-const config = require('./config');
-const webdriver = require('selenium-webdriver');
-
-const driver = new webdriver.Builder()
-    .forBrowser(config.app.seleniumwebdriver.browser || 'phantomjs')
-    .build();
-
-if (global.USE_SHARED_DRIVER === true) {
-    driver.originalQuit = driver.quit;
-    driver.quit = () => {};
-}
-
-module.exports = driver;
diff --git a/test/e2e/helpers/mocha-e2e.js b/test/e2e/helpers/mocha-e2e.js
index 37f96b68..f781fc0d 100644
--- a/test/e2e/helpers/mocha-e2e.js
+++ b/test/e2e/helpers/mocha-e2e.js
@@ -2,6 +2,18 @@
 
 const Mocha = require('mocha');
 const color = Mocha.reporters.Base.color;
+const Semaphore = require('./semaphore');
+const fs = require('fs-extra');
+const config = require('./config');
+const webdriver = require('selenium-webdriver');
+
+const driver = new webdriver.Builder()
+    .forBrowser(config.app.seleniumwebdriver.browser || 'phantomjs')
+    .build();
+
+
+const failHandlerRunning = new Semaphore();
+
 
 function UseCaseReporter(runner) {
     Mocha.reporters.Base.call(this, runner);
@@ -37,9 +49,6 @@ function UseCaseReporter(runner) {
 
     runner.on('use-case end', () => {
         --indents;
-        if (indents === 1) {
-            console.log();
-        }
     });
 
     runner.on('step pass', step => {
@@ -71,8 +80,22 @@ function UseCaseReporter(runner) {
         }
     });
 
-    runner.on('fail', test => {
+    runner.on('fail', (test, err) => {
+        failHandlerRunning.enter();
+        (async () => {
+            const currentUrl = await driver.getCurrentUrl();
+            const info = `URL: ${currentUrl}`;
+            await fs.writeFile('last-failed-e2e-test.info', info);
+            await fs.writeFile('last-failed-e2e-test.html', await driver.getPageSource());
+            await fs.writeFile('last-failed-e2e-test.png', new Buffer(await driver.takeScreenshot(), 'base64'));
+            failHandlerRunning.exit();
+        })();
+
         console.log(indent() + color('fail', '  %s'), test.title);
+        console.log();
+        console.log(err);
+        console.log();
+        console.log(`Snaphot of and info about the current page are in last-failed-e2e-test.*`);
     });
 
     runner.on('end', () => {
@@ -101,39 +124,61 @@ function UseCaseReporter(runner) {
     });
 }
 
+
 const mocha = new Mocha()
     .timeout(120000)
-    .reporter(UseCaseReporter);
+    .reporter(UseCaseReporter)
+    .ui('tdd');
 
 mocha._originalRun = mocha.run;
 
+
 let runner;
 mocha.run = fn => {
-    runner = mocha._originalRun(fn);
-}
+    runner = mocha._originalRun(async () => {
+        await failHandlerRunning.waitForEmpty();
+        await driver.quit();
 
-async function useCase(name, asyncFn) {
-    it('Use case: ' + name, async () => {
-        runner.emit('use-case', {title: name});
-
-        try {
-            await asyncFn();
-            runner.emit('use-case end');
-        } catch (err) {
-            runner.emit('use-case end');
-            console.err(err);
-            throw err;
-        }
+        fn();
     });
+};
+
+
+async function useCaseExec(name, asyncFn) {
+    runner.emit('use-case', {title: name});
+
+    try {
+        await asyncFn();
+        runner.emit('use-case end');
+    } catch (err) {
+        runner.emit('use-case end');
+        throw err;
+    }
 }
 
+function useCase(name, asyncFn) {
+    if (asyncFn) {
+        return test('Use case: ' + name, () => useCaseExec(name, asyncFn));
+    } else {
+        // Pending test
+        return test('Use case: ' + name);
+    }
+}
+
+useCase.only = (name, asyncFn) => {
+    return test.only('Use case: ' + name, () => useCaseExec(name, asyncFn));
+};
+
+useCase.skip = (name, asyncFn) => {
+    return test.skip('Use case: ' + name, () => useCaseExec(name, asyncFn));
+};
+
 async function step(name, asyncFn) {
     try {
         await asyncFn();
         runner.emit('step pass', {title: name});
     } catch (err) {
         runner.emit('step fail', {title: name});
-        console.err(err);
         throw err;
     }
 }
@@ -141,5 +186,6 @@ async function step(name, asyncFn) {
 module.exports = {
     mocha,
     useCase,
-    step
+    step,
+    driver
 };
\ No newline at end of file
diff --git a/test/e2e/helpers/semaphore.js b/test/e2e/helpers/semaphore.js
new file mode 100644
index 00000000..7c30c900
--- /dev/null
+++ b/test/e2e/helpers/semaphore.js
@@ -0,0 +1,35 @@
+'use strict';
+
+const Promise = require('bluebird');
+
+class Semaphore {
+    constructor() {
+        this.counter = 0;
+    }
+
+    enter() {
+        this.counter++;
+    }
+
+    exit() {
+        this.counter--;
+    }
+
+    async waitForEmpty() {
+        const self = this;
+
+        function wait(resolve) {
+            if (self.counter == 0) {
+                resolve();
+            } else {
+                setTimeout(wait, 500, resolve);
+            }
+        }
+
+        return new Promise(resolve => {
+            setTimeout(wait, 500, resolve);
+        })
+    }
+}
+
+module.exports = Semaphore;
\ No newline at end of file
diff --git a/test/e2e/index.js b/test/e2e/index.js
index 8a655caf..b80bc97f 100644
--- a/test/e2e/index.js
+++ b/test/e2e/index.js
@@ -1,13 +1,11 @@
 'use strict';
 
 require('./helpers/exit-unless-test');
-const mocha = require('./helpers/mocha-e2e').mocha;
+const { mocha, driver } = require('./helpers/mocha-e2e');
 const path = require('path');
 
 global.USE_SHARED_DRIVER = true;
 
-const driver = require('./helpers/driver');
-
 const only = 'only';
 const skip = 'skip';
 
@@ -29,6 +27,5 @@ for (const testSpec of tests) {
 }
 
 mocha.run(failures => {
-    driver.originalQuit();
     process.exit(failures);  // exit with non-zero status if there were failures
 });
diff --git a/test/e2e/page-objects/mail.js b/test/e2e/page-objects/mail.js
index e01c7ef4..95450052 100644
--- a/test/e2e/page-objects/mail.js
+++ b/test/e2e/page-objects/mail.js
@@ -1,14 +1,14 @@
 'use strict';
 
 const config = require('../helpers/config');
-
+const driver = require('../helpers/mocha-e2e').driver;
 const page = require('./page');
 
-module.exports = (driver, ...extras) => page(driver, {
+module.exports = (...extras) => page({
 
     async fetchMail(address) {
-        await this.driver.sleep(1000);
-        await this.driver.navigate().to(`${config.mailUrl}/${address}`);
+        await driver.sleep(1000);
+        await driver.navigate().to(`${config.mailUrl}/${address}`);
         await this.waitUntilVisible();
     },
 
diff --git a/test/e2e/page-objects/page.js b/test/e2e/page-objects/page.js
index 47d46a16..738325d0 100644
--- a/test/e2e/page-objects/page.js
+++ b/test/e2e/page-objects/page.js
@@ -5,77 +5,84 @@ const webdriver = require('selenium-webdriver');
 const By = webdriver.By;
 const until = webdriver.until;
 const fs = require('fs-extra');
+const driver = require('../helpers/mocha-e2e').driver;
+const url = require('url');
+const UrlPattern = require('url-pattern');
 
-module.exports = (driver, ...extras) => Object.assign({
-    driver,
-
+module.exports = (...extras) => Object.assign({
     elements: {},
 
-    async element(key) {
-        return await this.driver.findElement(By.css(this.elements[key] || key));
+    async getElement(key) {
+        return await driver.findElement(By.css(this.elements[key]));
+    },
+
+    async getLinkParams(key) {
+        const elem = await driver.findElement(By.css(this.elements[key]));
+
+        const linkUrl = await elem.getAttribute('href');
+        const linkPath = url.parse(linkUrl).path;
+
+        const urlPattern = new UrlPattern(this.links[key]);
+
+        const params = urlPattern.match(linkPath);
+        if (!params) {
+            throw new Error(`Cannot match URL pattern ${this.links[key]}`);
+        }
+        return params;
     },
 
     async waitUntilVisible(selector) {
-        // This is left here to ease debugging
-        // await this.sleep(2000);
-        // await this.takeScreenshot('image.png');
-        // console.log(await this.source());
-
         const sel = selector || this.elements[this.elementToWaitFor] || 'body';
-        await this.driver.wait(until.elementLocated(By.css(sel)), 10000);
+
+        await driver.wait(until.elementLocated(By.css(sel)), 10000);
 
         if (this.url) {
             await this.ensureUrl();
         }
     },
 
-    async link(key) {
-        const elem = await this.element(key);
-        return await elem.getAttribute('href');
-    },
-
-    async submit() {
-        const submitButton = await this.element('submitButton');
-        await submitButton.click();
-    },
-
     async click(key) {
-        const elem = await this.element(key);
+        const elem = await this.getElement(key);
         await elem.click();
     },
 
+    async getHref(key) {
+        const elem = await this.getElement(key);
+        return await elem.getAttribute('href');
+    },
+
     async getText(key) {
-        const elem = await this.element(key);
+        const elem = await this.getElement(key);
         return await elem.getText();
     },
 
     async getValue(key) {
-        const elem = await this.element(key);
+        const elem = await this.getElement(key);
         return await elem.getAttribute('value');
     },
 
-    async setValue(key, value) {
-        const elem = await this.element(key);
-        await elem.sendKeys(value);
-    },
-
     async containsText(str) {
-        return await this.driver.executeScript(`
+        return await driver.executeScript(`
             return (document.documentElement.textContent || document.documentElement.innerText).indexOf('${str}') > -1;
         `);
     },
 
-    async source() {
-        return await this.driver.getPageSource();
+    async getSource() {
+        return await driver.getPageSource();
+    },
+
+    async saveSource(destPath) {
+        const src = await this.getSource();
+        await fs.writeFile(destPath, src);
     },
 
     async takeScreenshot(destPath) {
-        const pngData = await this.driver.takeScreenshot();
+        const pngData = await driver.takeScreenshot();
         const buf = new Buffer(pngData, 'base64');
         await fs.writeFile(destPath, buf);
     },
 
     async sleep(ms) {
-        await this.driver.sleep(ms);
+        await driver.sleep(ms);
     }
 }, ...extras);
diff --git a/test/e2e/page-objects/subscription.js b/test/e2e/page-objects/subscription.js
index b80594f8..8d3c0200 100644
--- a/test/e2e/page-objects/subscription.js
+++ b/test/e2e/page-objects/subscription.js
@@ -4,17 +4,10 @@ const config = require('../helpers/config');
 const webBase = require('./web');
 const mailBase = require('./mail');
 
-module.exports = (driver, list) => {
+module.exports = list => {
 
-    const web = params => webBase(driver, {
-        async enterEmail(value) {
-            const emailInput = await this.element('emailInput');
-            await emailInput.clear();
-            await emailInput.sendKeys(value);
-        },
-    }, params);
-
-    const mail = params => mailBase(driver, params);
+    const web = params => webBase(params);
+    const mail = params => mailBase(params);
 
     return {
         webSubscribe: web({
@@ -23,6 +16,8 @@ module.exports = (driver, list) => {
             elements: {
                 form: `form[action="/subscription/${list.cid}/subscribe"]`,
                 emailInput: '#main-form input[name="email"]',
+                firstNameInput: '#main-form input[name="first-name"]',
+                lastNameInput: '#main-form input[name="last-name"]',
                 submitButton: 'a[href="#submit"]'
             }
         }),
@@ -55,17 +50,40 @@ module.exports = (driver, list) => {
             elements: {
                 unsubscribeLink: `a[href^="${config.settings['service-url']}subscription/${list.cid}/unsubscribe/"]`,
                 manageLink: `a[href^="${config.settings['service-url']}subscription/${list.cid}/manage/"]`
+            },
+            links: {
+                unsubscribeLink: `/subscription/${list.cid}/unsubscribe/:ucid`,
+                manageLink: `/subscription/${list.cid}/manage/:ucid`
             }
         }),
 
-/*
+        webManage: web({
+            url: `/subscription/${list.cid}/manage/:ucid`,
+            elementToWaitFor: 'form',
+            elements: {
+                form: `form[action="/subscription/${list.cid}/manage"]`,
+                emailInput: '#main-form input[name="email"]',
+                firstNameInput: '#main-form input[name="first-name"]',
+                lastNameInput: '#main-form input[name="last-name"]',
+                submitButton: 'a[href="#submit"]'
+            }
+        }),
+
+        webUpdatedNotice: web({
+            url: `/subscription/${list.cid}/updated-notice`,
+            elementToWaitFor: 'homepageButton',
+            elements: {
+                homepageButton: `a[href="${config.settings['default-homepage']}"]`
+            }
+        }),
+
+        /*
         webUnsubscribe: web({ // FIXME
             elementToWaitFor: 'submitButton',
             elements: {
                 submitButton: 'a[href="#submit"]'
             }
         }),
-*/
 
         webUnsubscribedNotice: web({
             url: `/subscription/${list.cid}/unsubscribed-notice`,
@@ -81,14 +99,8 @@ module.exports = (driver, list) => {
                 resubscribeLink: `a[href^="${config.settings['service-url']}subscription/${list.cid}"]`
             }
         }),
-/* TODO
-        webManage: web({
-            url: `/subscription/${list.cid}/manage`,
-            elementToWaitFor: 'homepageButton',
-            elements: {
-                homepageButton: `a[href="${config.settings['default-homepage']}"]`
-            }
-        }),
-*/
+ */
+
+
     };
 };
diff --git a/test/e2e/page-objects/web.js b/test/e2e/page-objects/web.js
index a0281c28..2cead576 100644
--- a/test/e2e/page-objects/web.js
+++ b/test/e2e/page-objects/web.js
@@ -3,13 +3,30 @@
 const config = require('../helpers/config');
 const By = require('selenium-webdriver').By;
 const url = require('url');
-
+const UrlPattern = require('url-pattern');
+const driver = require('../helpers/mocha-e2e').driver;
 const page = require('./page');
 
-module.exports = (driver, ...extras) => page(driver, {
+module.exports = (...extras) => page({
 
-    async navigate(path) {
-        await this.driver.navigate().to(config.baseUrl + (path || this.url));
+    async navigate(pathOrParams) {
+        let path;
+        if (typeof pathOrParams === 'string') {
+            path = pathOrParams;
+        } else {
+            const urlPattern = new UrlPattern(this.url);
+            path = urlPattern.stringify(pathOrParams)
+        }
+
+        const parsedUrl = url.parse(path);
+        let absolutePath;
+        if (parsedUrl.host) {
+            absolutePath = path;
+        } else {
+            absolutePath = config.baseUrl + path;
+        }
+
+        await driver.navigate().to(absolutePath);
         await this.waitUntilVisible();
     },
 
@@ -17,28 +34,44 @@ module.exports = (driver, ...extras) => page(driver, {
         const desiredUrl = path || this.url;
 
         if (desiredUrl) {
-            const currentUrl = url.parse(await this.driver.getCurrentUrl());
-            if (this.url !== currentUrl.pathname || config.baseUrl !== `${currentUrl.protocol}//${currentUrl.host}`) {
+            const currentUrl = url.parse(await driver.getCurrentUrl());
+            const urlPattern = new UrlPattern(desiredUrl);
+            const params = urlPattern.match(currentUrl.pathname);
+            if (!params || config.baseUrl !== `${currentUrl.protocol}//${currentUrl.host}`) {
                 throw new Error(`Unexpected URL. Expecting ${config.baseUrl}${this.url} got ${currentUrl.protocol}//${currentUrl.host}/${currentUrl.pathname}`);
             }
+
+            this.params = params;
         }
     },
 
+    async submit() {
+        const submitButton = await this.getElement('submitButton');
+        await submitButton.click();
+    },
+
     async waitForFlash() {
         await this.waitUntilVisible('div.alert:not(.js-warning)');
     },
 
-    async getFlash() {
-        const elem = await this.driver.findElement(By.css('div.alert:not(.js-warning)'));
+    async flash() {
+        const elem = await driver.findElement(By.css('div.alert:not(.js-warning)'));
         return await elem.getText();
     },
 
     async clearFlash() {
-        await this.driver.executeScript(`
+        await driver.executeScript(`
             var elements = document.getElementsByClassName('alert');
             while(elements.length > 0){
                 elements[0].parentNode.removeChild(elements[0]);
             }
         `);
+    },
+
+    async setValue(key, value) {
+        const elem = await this.getElement(key);
+        await elem.clear();
+        await elem.sendKeys(value);
     }
+
 }, ...extras);
diff --git a/test/e2e/tests/subscription-uc.js b/test/e2e/tests/subscription-uc.js
index 953b5cf4..38913e05 100644
--- a/test/e2e/tests/subscription-uc.js
+++ b/test/e2e/tests/subscription-uc.js
@@ -1,61 +1,74 @@
 'use strict';
 
 const config = require('../helpers/config');
-const { useCase, step } = require('../helpers/mocha-e2e');
+const { useCase, step, driver } = require('../helpers/mocha-e2e');
 const shortid = require('shortid');
 const expect = require('chai').expect;
-const driver = require('../helpers/driver');
 
-const page = require('../page-objects/subscription')(driver, config.lists.one);
+const page = require('../page-objects/subscription')(config.lists.one);
 
 function generateEmail() {
     return 'keep.' + shortid.generate() + '@mailtrain.org';
 }
 
-async function subscribe(testUserEmail) {
-    const subscription = {
-        email: testUserEmail
-    };
-
-    await step('User navigates to list subscription page', async () => {
+async function subscribe(subscription) {
+    await step('User navigates to list subscription page.', async () => {
         await page.webSubscribe.navigate();
     });
 
-    await step('User submits a valid email', async () => {
-        await page.webSubscribe.enterEmail(testUserEmail);
+    await step('User submits a valid email and other subscription info.', async () => {
+        await page.webSubscribe.setValue('emailInput', subscription.email);
+
+        if (subscription.firstName) {
+            await page.webSubscribe.setValue('firstNameInput', subscription.firstName);
+        }
+
+        if (subscription.lastName) {
+            await page.webSubscribe.setValue('lastNameInput', subscription.lastName);
+        }
+
         await page.webSubscribe.submit();
     });
 
-    await step('System shows a notice that further instructions are in the email', async () => {
+    await step('System shows a notice that further instructions are in the email.', async () => {
         await page.webConfirmSubscriptionNotice.waitUntilVisible();
     });
 
-    await step('System sends an email with a link to confirm the subscription', async () => {
-        await page.mailConfirmSubscription.fetchMail(testUserEmail);
+    await step('System sends an email with a link to confirm the subscription.', async () => {
+        await page.mailConfirmSubscription.fetchMail(subscription.email);
     });
 
     await step('User clicks confirm subscription in the email', async () => {
         await page.mailConfirmSubscription.click('confirmLink');
     });
 
-    await step('System shows a notice that subscription has been confirmed', async () => {
+    await step('System shows a notice that subscription has been confirmed.', async () => {
         await page.webSubscribedNotice.waitUntilVisible();
     });
 
-    await step('System sends an email with subscription confirmation', async () => {
-        await page.mailSubscriptionConfirmed.fetchMail(testUserEmail);
-        subscription.unsubscribeLink = await page.mailSubscriptionConfirmed.link('unsubscribeLink');
-        subscription.manageLink = await page.mailSubscriptionConfirmed.link('manageLink');
+    await step('System sends an email with subscription confirmation.', async () => {
+        await page.mailSubscriptionConfirmed.fetchMail(subscription.email);
+        subscription.unsubscribeLink = await page.mailSubscriptionConfirmed.getHref('unsubscribeLink');
+        subscription.manageLink = await page.mailSubscriptionConfirmed.getHref('manageLink');
+
+        const unsubscribeParams = await page.mailSubscriptionConfirmed.getLinkParams('unsubscribeLink');
+        const manageParams = await page.mailSubscriptionConfirmed.getLinkParams('manageLink');
+        console.log(unsubscribeParams);
+        console.log(manageParams);
+        expect(unsubscribeParams.ucid).to.equal(manageParams.ucid);
+        subscription.ucid = unsubscribeParams.ucid;
     });
 
     return subscription;
 }
 
-describe('Subscription use-cases', function() {
+suite('Subscription use-cases', function() {
     before(() => driver.manage().deleteAllCookies());
 
     useCase('Subscription to a public list (main scenario)', async () => {
-        await subscribe(generateEmail());
+        await subscribe({
+            email: generateEmail()
+        });
     });
 
     useCase('Subscription to a public list (invalid email)', async () => {
@@ -63,44 +76,75 @@ describe('Subscription use-cases', function() {
             await page.webSubscribe.navigate();
         });
 
-        await step('User submits an invalid email', async () => {
-            await page.webSubscribe.enterEmail('foo@bar.nope');
+        await step('User submits an invalid email.', async () => {
+            await page.webSubscribe.setValue('emailInput', 'foo@bar.nope');
             await page.webSubscribe.submit();
         });
 
-        await step('System shows a flash notice that email is invalid', async () => {
+        await step('System shows a flash notice that email is invalid.', async () => {
             await page.webSubscribe.waitForFlash();
             expect(await page.webSubscribe.getFlash()).to.contain('Invalid email address');
         });
     });
 
-    useCase('Unsubscription from list #1 (one-step, no form)', async () => {
-        const subscription = await subscribe(generateEmail());
+    useCase('Unsubscription from list #1 (one-step, no form).', async () => {
+        const subscription = await subscribe({
+            email: generateEmail()
+        });
 
-        await step('User clicks the unsubscribe button', async () => {
+        await step('User clicks the unsubscribe button.', async () => {
             await page.mailSubscriptionConfirmed.click('unsubscribeLink');
         });
 
-        await step('System show a notice that confirms unsubscription', async () => {
+        await step('System show a notice that confirms unsubscription.', async () => {
             await page.webUnsubscribedNotice.waitUntilVisible();
         });
 
-        await step('System sends an email that confirms unsubscription', async () => {
+        await step('System sends an email that confirms unsubscription.', async () => {
             await page.mailUnsubscriptionConfirmed.fetchMail(subscription.email);
         });
     });
-/*
-    useCase('Change email in list #1 (one-step, no form)', async () => {
-        const subscription = await subscribe(generateEmail());
 
-        await step('User clicks the manage subscription button', async () => {
+    useCase.only('Change email in list #1 (one-step, no form)', async () => {
+        const subscription = await subscribe({
+            email: generateEmail(),
+            firstName: 'John',
+            lastName: 'Doe'
+        });
+
+        await step('User clicks the manage subscription button.', async () => {
             await page.mailSubscriptionConfirmed.click('manageLink');
         });
 
-        await step('System show a notice that confirms unsubscription', async () => {
+        await step('Systems shows a form to change subscription details. The form contains data entered during subscription.', async () => {
             await page.webManage.waitUntilVisible();
+            expect(await page.webManage.getValue('emailInput')).to.equal(subscription.email);
+            expect(await page.webManage.getValue('firstNameInput')).to.equal(subscription.firstName);
+            expect(await page.webManage.getValue('lastNameInput')).to.equal(subscription.lastName);
         });
+
+        await step('User enters another name and submits the form.', async () => {
+            subscription.firstName = 'Adam';
+            subscription.lastName = 'B';
+            await page.webManage.setValue('firstNameInput', subscription.firstName);
+            await page.webManage.setValue('lastNameInput', subscription.lastName);
+            await page.webManage.submit();
+        });
+
+        await step('Systems shows a notice that profile has been updated.', async () => {
+            await page.webUpdatedNotice.waitUntilVisible();
+        });
+
+        await step('User navigates to manage subscription again.', async () => {
+            await page.webManage.navigate(subscription.manageLink);
+            // await page.webManage.navigate({ ucid: subscription.ucid });
+        });
+
+        await step('Systems shows a form with the changes made previously.', async () => {
+            expect(await page.webManage.getValue('emailInput')).to.equal(subscription.email);
+            expect(await page.webManage.getValue('firstNameInput')).to.equal(subscription.firstName);
+            expect(await page.webManage.getValue('lastNameInput')).to.equal(subscription.lastName);
+        });
+
     });
-*/
-    after(() => driver.quit());
 });

From bb2b3da9dd740c0eb8b4f1c5853dc05292dc50b0 Mon Sep 17 00:00:00 2001
From: Tomas Bures <tbures@sathyasai.org>
Date: Fri, 26 May 2017 00:13:40 +0200
Subject: [PATCH 09/11] Added waitUntilVisibleAfterRefresh and textsToWaitFor -
 both discussed with @witzig.

Page objects refactored to exploit textsToWaitFor if relevant.

Login tests refactored for the newer API.

Some additional tests in subscription. The rest at least included as "pending".
---
 test/e2e/index.js                             |   7 +-
 test/e2e/{helpers => lib}/config.js           |   0
 test/e2e/{helpers => lib}/exit-unless-test.js |   0
 test/e2e/{page-objects => lib}/mail.js        |   4 +-
 test/e2e/{helpers => lib}/mocha-e2e.js        |   0
 test/e2e/{page-objects => lib}/page.js        |  46 ++-
 test/e2e/{helpers => lib}/semaphore.js        |   0
 test/e2e/{page-objects => lib}/web.js         |   8 +-
 test/e2e/page-objects/home.js                 |  10 +-
 test/e2e/page-objects/subscription.js         | 206 +++++++------
 test/e2e/page-objects/{users.js => user.js}   |  31 +-
 test/e2e/tests/login.js                       |  89 +++---
 test/e2e/tests/subscription-uc.js             | 150 ---------
 test/e2e/tests/subscription.js                | 288 +++++++++++++-----
 14 files changed, 446 insertions(+), 393 deletions(-)
 rename test/e2e/{helpers => lib}/config.js (100%)
 rename test/e2e/{helpers => lib}/exit-unless-test.js (100%)
 rename test/e2e/{page-objects => lib}/mail.js (78%)
 rename test/e2e/{helpers => lib}/mocha-e2e.js (100%)
 rename test/e2e/{page-objects => lib}/page.js (54%)
 rename test/e2e/{helpers => lib}/semaphore.js (100%)
 rename test/e2e/{page-objects => lib}/web.js (92%)
 rename test/e2e/page-objects/{users.js => user.js} (50%)
 delete mode 100644 test/e2e/tests/subscription-uc.js

diff --git a/test/e2e/index.js b/test/e2e/index.js
index b80bc97f..5dd54d00 100644
--- a/test/e2e/index.js
+++ b/test/e2e/index.js
@@ -1,7 +1,7 @@
 'use strict';
 
-require('./helpers/exit-unless-test');
-const { mocha, driver } = require('./helpers/mocha-e2e');
+require('./lib/exit-unless-test');
+const { mocha, driver } = require('./lib/mocha-e2e');
 const path = require('path');
 
 global.USE_SHARED_DRIVER = true;
@@ -11,8 +11,7 @@ const skip = 'skip';
 
 let tests = [
     'login',
-    'subscription',
-    ['subscription-uc', only]
+    'subscription'
 ];
 
 tests = tests.map(testSpec => (testSpec.constructor === Array ? testSpec : [testSpec]));
diff --git a/test/e2e/helpers/config.js b/test/e2e/lib/config.js
similarity index 100%
rename from test/e2e/helpers/config.js
rename to test/e2e/lib/config.js
diff --git a/test/e2e/helpers/exit-unless-test.js b/test/e2e/lib/exit-unless-test.js
similarity index 100%
rename from test/e2e/helpers/exit-unless-test.js
rename to test/e2e/lib/exit-unless-test.js
diff --git a/test/e2e/page-objects/mail.js b/test/e2e/lib/mail.js
similarity index 78%
rename from test/e2e/page-objects/mail.js
rename to test/e2e/lib/mail.js
index 95450052..b0f41872 100644
--- a/test/e2e/page-objects/mail.js
+++ b/test/e2e/lib/mail.js
@@ -1,7 +1,7 @@
 'use strict';
 
-const config = require('../helpers/config');
-const driver = require('../helpers/mocha-e2e').driver;
+const config = require('./config');
+const driver = require('./mocha-e2e').driver;
 const page = require('./page');
 
 module.exports = (...extras) => page({
diff --git a/test/e2e/helpers/mocha-e2e.js b/test/e2e/lib/mocha-e2e.js
similarity index 100%
rename from test/e2e/helpers/mocha-e2e.js
rename to test/e2e/lib/mocha-e2e.js
diff --git a/test/e2e/page-objects/page.js b/test/e2e/lib/page.js
similarity index 54%
rename from test/e2e/page-objects/page.js
rename to test/e2e/lib/page.js
index 738325d0..07064af7 100644
--- a/test/e2e/page-objects/page.js
+++ b/test/e2e/lib/page.js
@@ -1,14 +1,16 @@
 'use strict';
 
-const config = require('../helpers/config');
+const config = require('./config');
 const webdriver = require('selenium-webdriver');
 const By = webdriver.By;
 const until = webdriver.until;
 const fs = require('fs-extra');
-const driver = require('../helpers/mocha-e2e').driver;
+const driver = require('./mocha-e2e').driver;
 const url = require('url');
 const UrlPattern = require('url-pattern');
 
+const waitTimeout = 10000;
+
 module.exports = (...extras) => Object.assign({
     elements: {},
 
@@ -32,13 +34,36 @@ module.exports = (...extras) => Object.assign({
     },
 
     async waitUntilVisible(selector) {
-        const sel = selector || this.elements[this.elementToWaitFor] || 'body';
+        await driver.wait(until.elementLocated(By.css('body')), waitTimeout);
 
-        await driver.wait(until.elementLocated(By.css(sel)), 10000);
+        for (const elem of (this.elementsToWaitFor || [])) {
+            const sel = this.elements[elem];
+            if (!sel) {
+                throw new Error(`Element "${elem}" not found.`);
+            }
+            await driver.wait(until.elementLocated(By.css(sel)), waitTimeout);
+        }
+
+        for (const text of (this.textsToWaitFor || [])) {
+            await driver.wait(new webdriver.Condition(`for text "${text}"`, async (driver) => {
+                return await this.containsText(text);
+            }), waitTimeout);
+        }
 
         if (this.url) {
             await this.ensureUrl();
         }
+
+        await driver.executeScript('document.mailTrainRefreshAcknowledged = true;');
+    },
+
+    async waitUntilVisibleAfterRefresh(selector) {
+        await driver.wait(new webdriver.Condition('for refresh', async (driver) => {
+            const val = await driver.executeScript('return document.mailTrainRefreshAcknowledged;');
+            return !val;
+        }), waitTimeout);
+
+        await this.waitUntilVisible(selector);
     },
 
     async click(key) {
@@ -63,7 +88,7 @@ module.exports = (...extras) => Object.assign({
 
     async containsText(str) {
         return await driver.executeScript(`
-            return (document.documentElement.textContent || document.documentElement.innerText).indexOf('${str}') > -1;
+            return (document.documentElement.innerText || document.documentElement.textContent).indexOf('${str}') > -1;
         `);
     },
 
@@ -76,12 +101,21 @@ module.exports = (...extras) => Object.assign({
         await fs.writeFile(destPath, src);
     },
 
-    async takeScreenshot(destPath) {
+    async saveScreenshot(destPath) {
         const pngData = await driver.takeScreenshot();
         const buf = new Buffer(pngData, 'base64');
         await fs.writeFile(destPath, buf);
     },
 
+    async saveSnapshot(destPathBase) {
+        destPathBase = destPathBase || 'last-failed-e2e-test';
+        const currentUrl = await driver.getCurrentUrl();
+        const info = `URL: ${currentUrl}`;
+        await fs.writeFile(destPathBase + '.info', info);
+        await this.saveSource(destPathBase + '.html');
+        await this.saveScreenshot(destPathBase + '.png');
+    },
+
     async sleep(ms) {
         await driver.sleep(ms);
     }
diff --git a/test/e2e/helpers/semaphore.js b/test/e2e/lib/semaphore.js
similarity index 100%
rename from test/e2e/helpers/semaphore.js
rename to test/e2e/lib/semaphore.js
diff --git a/test/e2e/page-objects/web.js b/test/e2e/lib/web.js
similarity index 92%
rename from test/e2e/page-objects/web.js
rename to test/e2e/lib/web.js
index 2cead576..692c0214 100644
--- a/test/e2e/page-objects/web.js
+++ b/test/e2e/lib/web.js
@@ -1,10 +1,10 @@
 'use strict';
 
-const config = require('../helpers/config');
+const config = require('./config');
 const By = require('selenium-webdriver').By;
 const url = require('url');
 const UrlPattern = require('url-pattern');
-const driver = require('../helpers/mocha-e2e').driver;
+const driver = require('./mocha-e2e').driver;
 const page = require('./page');
 
 module.exports = (...extras) => page({
@@ -14,7 +14,7 @@ module.exports = (...extras) => page({
         if (typeof pathOrParams === 'string') {
             path = pathOrParams;
         } else {
-            const urlPattern = new UrlPattern(this.url);
+            const urlPattern = new UrlPattern(this.requestUrl || this.url);
             path = urlPattern.stringify(pathOrParams)
         }
 
@@ -54,7 +54,7 @@ module.exports = (...extras) => page({
         await this.waitUntilVisible('div.alert:not(.js-warning)');
     },
 
-    async flash() {
+    async getFlash() {
         const elem = await driver.findElement(By.css('div.alert:not(.js-warning)'));
         return await elem.getText();
     },
diff --git a/test/e2e/page-objects/home.js b/test/e2e/page-objects/home.js
index bf322fc8..3e33af24 100644
--- a/test/e2e/page-objects/home.js
+++ b/test/e2e/page-objects/home.js
@@ -1,11 +1,7 @@
 'use strict';
 
-const page = require('./web');
+const web = require('../lib/web');
 
-module.exports = driver => Object.assign(page(driver), {
-    url: '/',
-    elementToWaitFor: 'body',
-    elements: {
-        body: 'body.page--home'
-    }
+module.exports = web({
+    url: '/'
 });
diff --git a/test/e2e/page-objects/subscription.js b/test/e2e/page-objects/subscription.js
index 8d3c0200..1d431b49 100644
--- a/test/e2e/page-objects/subscription.js
+++ b/test/e2e/page-objects/subscription.js
@@ -1,106 +1,132 @@
 'use strict';
 
-const config = require('../helpers/config');
-const webBase = require('./web');
-const mailBase = require('./mail');
+const config = require('../lib/config');
+const web = require('../lib/web');
+const mail = require('../lib/mail');
 
-module.exports = list => {
+module.exports = list => ({
 
-    const web = params => webBase(params);
-    const mail = params => mailBase(params);
+    webSubscribe: web({
+        url: `/subscription/${list.cid}`,
+        elementsToWaitFor: ['form'],
+        textsToWaitFor: ['Subscribe to list'],
+        elements: {
+            form: `form[action="/subscription/${list.cid}/subscribe"]`,
+            emailInput: '#main-form input[name="email"]',
+            firstNameInput: '#main-form input[name="first-name"]',
+            lastNameInput: '#main-form input[name="last-name"]',
+            submitButton: 'a[href="#submit"]'
+        }
+    }),
 
-    return {
-        webSubscribe: web({
-            url: `/subscription/${list.cid}`,
-            elementToWaitFor: 'form',
-            elements: {
-                form: `form[action="/subscription/${list.cid}/subscribe"]`,
-                emailInput: '#main-form input[name="email"]',
-                firstNameInput: '#main-form input[name="first-name"]',
-                lastNameInput: '#main-form input[name="last-name"]',
-                submitButton: 'a[href="#submit"]'
-            }
-        }),
+    webConfirmSubscriptionNotice: web({
+        url: `/subscription/${list.cid}/confirm-subscription-notice`,
+        textsToWaitFor: ['We need to confirm your email address']
+    }),
 
-        webConfirmSubscriptionNotice: web({
-            url: `/subscription/${list.cid}/confirm-subscription-notice`,
-            elementToWaitFor: 'homepageButton',
-            elements: {
-                homepageButton: `a[href="${config.settings['default-homepage']}"]`
-            }
-        }),
+    mailConfirmSubscription: mail({
+        elementsToWaitFor: ['confirmLink'],
+        textsToWaitFor: ['Please Confirm Subscription'],
+        elements: {
+            confirmLink: `a[href^="${config.settings['service-url']}subscription/confirm/subscribe/"]`
+        }
+    }),
 
-        mailConfirmSubscription: mail({
-            elementToWaitFor: 'confirmLink',
-            elements: {
-                confirmLink: `a[href^="${config.settings['service-url']}subscription/confirm/subscribe/"]`
-            }
-        }),
+    mailAlreadySubscribed: mail({
+        elementsToWaitFor: ['unsubscribeLink'],
+        textsToWaitFor: ['Email address already registered'],
+        elements: {
+            unsubscribeLink: `a[href^="${config.settings['service-url']}subscription/${list.cid}/unsubscribe/"]`,
+            manageLink: `a[href^="${config.settings['service-url']}subscription/${list.cid}/manage/"]`
+        },
+        links: {
+            unsubscribeLink: `/subscription/${list.cid}/unsubscribe/:ucid`,
+            manageLink: `/subscription/${list.cid}/manage/:ucid`
+        }
+    }),
 
-        webSubscribedNotice: web({
-            url: `/subscription/${list.cid}/subscribed-notice`,
-            elementToWaitFor: 'homepageButton',
-            elements: {
-                homepageButton: `a[href="${config.settings['default-homepage']}"]`
-            }
-        }),
+    webSubscribedNotice: web({
+        url: `/subscription/${list.cid}/subscribed-notice`,
+        textsToWaitFor: ['Subscription Confirmed']
+    }),
 
-        mailSubscriptionConfirmed: mail({
-            elementToWaitFor: 'unsubscribeLink',
-            elements: {
-                unsubscribeLink: `a[href^="${config.settings['service-url']}subscription/${list.cid}/unsubscribe/"]`,
-                manageLink: `a[href^="${config.settings['service-url']}subscription/${list.cid}/manage/"]`
-            },
-            links: {
-                unsubscribeLink: `/subscription/${list.cid}/unsubscribe/:ucid`,
-                manageLink: `/subscription/${list.cid}/manage/:ucid`
-            }
-        }),
+    mailSubscriptionConfirmed: mail({
+        elementsToWaitFor: ['unsubscribeLink'],
+        textsToWaitFor: ['Subscription Confirmed'],
+        elements: {
+            unsubscribeLink: `a[href^="${config.settings['service-url']}subscription/${list.cid}/unsubscribe/"]`,
+            manageLink: `a[href^="${config.settings['service-url']}subscription/${list.cid}/manage/"]`
+        },
+        links: {
+            unsubscribeLink: `/subscription/${list.cid}/unsubscribe/:ucid`,
+            manageLink: `/subscription/${list.cid}/manage/:ucid`
+        }
+    }),
 
-        webManage: web({
-            url: `/subscription/${list.cid}/manage/:ucid`,
-            elementToWaitFor: 'form',
-            elements: {
-                form: `form[action="/subscription/${list.cid}/manage"]`,
-                emailInput: '#main-form input[name="email"]',
-                firstNameInput: '#main-form input[name="first-name"]',
-                lastNameInput: '#main-form input[name="last-name"]',
-                submitButton: 'a[href="#submit"]'
-            }
-        }),
+    webManage: web({
+        url: `/subscription/${list.cid}/manage/:ucid`,
+        elementsToWaitFor: ['form'],
+        textsToWaitFor: ['Update Your Preferences'],
+        elements: {
+            form: `form[action="/subscription/${list.cid}/manage"]`,
+            emailInput: '#main-form input[name="email"]',
+            firstNameInput: '#main-form input[name="first-name"]',
+            lastNameInput: '#main-form input[name="last-name"]',
+            submitButton: 'a[href="#submit"]',
+            manageAddressLink: `a[href^="/subscription/${list.cid}/manage-address/"]`
+        },
+        links: {
+            manageAddressLink: `/subscription/${list.cid}/manage-address/:ucid`
+        }
+    }),
 
-        webUpdatedNotice: web({
-            url: `/subscription/${list.cid}/updated-notice`,
-            elementToWaitFor: 'homepageButton',
-            elements: {
-                homepageButton: `a[href="${config.settings['default-homepage']}"]`
-            }
-        }),
+    webManageAddress: web({
+        url: `/subscription/${list.cid}/manage-address/:ucid`,
+        elementsToWaitFor: ['form'],
+        textsToWaitFor: ['Update Your Email Address'],
+        elements: {
+            form: `form[action="/subscription/${list.cid}/manage-address"]`,
+            emailInput: '#main-form input[name="email"]',
+            emailNewInput: '#main-form input[name="email-new"]',
+            submitButton: 'a[href="#submit"]',
+        }
+    }),
 
-        /*
-        webUnsubscribe: web({ // FIXME
-            elementToWaitFor: 'submitButton',
-            elements: {
-                submitButton: 'a[href="#submit"]'
-            }
-        }),
+    mailConfirmAddressChange: mail({
+        elementsToWaitFor: ['confirmLink'],
+        textsToWaitFor: ['Please Confirm Subscription Address Change'],
+        elements: {
+            confirmLink: `a[href^="${config.settings['service-url']}subscription/confirm/change-address/"]`
+        }
+    }),
 
-        webUnsubscribedNotice: web({
-            url: `/subscription/${list.cid}/unsubscribed-notice`,
-            elementToWaitFor: 'homepageButton',
-            elements: {
-                homepageButton: `a[href="${config.settings['default-homepage']}"]`
-            }
-        }),
+    webUpdatedNotice: web({
+        url: `/subscription/${list.cid}/updated-notice`,
+        textsToWaitFor: ['Profile Updated'],
+    }),
 
-        mailUnsubscriptionConfirmed: mail({
-            elementToWaitFor: 'resubscribeLink',
-            elements: {
-                resubscribeLink: `a[href^="${config.settings['service-url']}subscription/${list.cid}"]`
-            }
-        }),
- */
+    webUnsubscribedNotice: web({
+        url: `/subscription/${list.cid}/unsubscribed-notice`,
+        textsToWaitFor: ['Unsubscribe Successful'],
+    }),
 
+    mailUnsubscriptionConfirmed: mail({
+        elementsToWaitFor: ['resubscribeLink'],
+        textsToWaitFor: ['You Are Now Unsubscribed'],
+        elements: {
+            resubscribeLink: `a[href^="${config.settings['service-url']}subscription/${list.cid}"]`
+        }
+    }),
+
+    /*
+    webUnsubscribe: web({ // FIXME
+        elementsToWaitFor: ['submitButton'],
+        elements: {
+            submitButton: 'a[href="#submit"]'
+        }
+    }),
+
+*/
+
+});
 
-    };
-};
diff --git a/test/e2e/page-objects/users.js b/test/e2e/page-objects/user.js
similarity index 50%
rename from test/e2e/page-objects/users.js
rename to test/e2e/page-objects/user.js
index b0b8fe63..52f8377f 100644
--- a/test/e2e/page-objects/users.js
+++ b/test/e2e/page-objects/user.js
@@ -1,32 +1,29 @@
 'use strict';
 
-const page = require('./web');
+const web = require('../lib/web');
 
-module.exports = driver => ({
-
-    login: Object.assign(page(driver), {
+module.exports = {
+    login: web({
         url: '/users/login',
-        elementToWaitFor: 'submitButton',
+        elementsToWaitFor: ['submitButton'],
         elements: {
             usernameInput: 'form[action="/users/login"] input[name="username"]',
             passwordInput: 'form[action="/users/login"] input[name="password"]',
             submitButton: 'form[action="/users/login"] [type=submit]'
-        },
-        enterUsername(value) {
-            // this.element('usernameInput').clear();
-            return this.element('usernameInput').sendKeys(value);
-        },
-        enterPassword(value) {
-            return this.element('passwordInput').sendKeys(value);
         }
     }),
 
-    account: Object.assign(page(driver), {
+    logout: web({
+        requestUrl: '/users/logout',
+        url: '/'
+    }),
+
+    account: web({
         url: '/users/account',
-        elementToWaitFor: 'emailInput',
+        elementsToWaitFor: ['form'],
         elements: {
+            form: `form[action="/users/account"]`,
             emailInput: 'form[action="/users/account"] input[name="email"]'
         }
-    })
-
-});
+    }),
+};
diff --git a/test/e2e/tests/login.js b/test/e2e/tests/login.js
index f06d8d23..571389be 100644
--- a/test/e2e/tests/login.js
+++ b/test/e2e/tests/login.js
@@ -1,55 +1,68 @@
 'use strict';
 
-const config = require('../helpers/config');
+const config = require('../lib/config');
+const { useCase, step, driver } = require('../lib/mocha-e2e');
 const expect = require('chai').expect;
-const driver = require('../helpers/driver');
-const home = require('../page-objects/home')(driver);
-const flash = require('../page-objects/flash')(driver);
-const {
-    login,
-    account
-} = require('../page-objects/users')(driver);
 
-describe('login', function() {
+const page = require('../page-objects/user');
+const home = require('../page-objects/home');
+
+suite('Login use-cases', function() {
     before(() => driver.manage().deleteAllCookies());
 
-    it('can access home page', async () => {
+    test('User can access home page', async () => {
         await home.navigate();
     });
 
-    it('can not access restricted content', async () => {
-        driver.navigate().to(config.baseUrl + '/settings');
-        flash.waitUntilVisible();
-        expect(await flash.getText()).to.contain('Need to be logged in to access restricted content');
-        await flash.clear();
+    test('Anonymous user cannot access restricted content', async () => {
+        await driver.navigate().to(config.baseUrl + '/settings');
+        await page.login.waitUntilVisible();
+        await page.login.waitForFlash();
+        expect(await page.login.getFlash()).to.contain('Need to be logged in to access restricted content');
     });
 
-    it('can not login with false credentials', async () => {
-        login.enterUsername(config.users.admin.username);
-        login.enterPassword('invalid');
-        login.submit();
-        flash.waitUntilVisible();
-        expect(await flash.getText()).to.contain('Incorrect username or password');
-        await flash.clear();
+    useCase('Login (invalid credential)', async () => {
+        await step('User navigates to the login page.', async () => {
+            await page.login.navigate();
+        });
+
+        await step('User fills in the user name and incorrect password.', async () => {
+            await page.login.setValue('usernameInput', config.users.admin.username);
+            await page.login.setValue('passwordInput', 'invalid');
+            await page.login.submit();
+        });
+
+        await step('System shows a flash notice that credentials are invalid.', async () => {
+            await page.login.waitForFlash();
+            expect(await page.login.getFlash()).to.contain('Incorrect username or password');
+        });
     });
 
-    it('can login as admin', async () => {
-        login.enterUsername(config.users.admin.username);
-        login.enterPassword(config.users.admin.password);
-        login.submit();
-        flash.waitUntilVisible();
-        expect(await flash.getText()).to.contain('Logged in as admin');
-    });
+    useCase('Login and logout', async () => {
+        await step('User navigates to the login page.', async () => {
+            await page.login.navigate();
+        });
 
-    it('can access account page as admin', async () => {
-        await account.navigate();
-    });
+        await step('User fills in the user name and password.', async () => {
+            await page.login.setValue('usernameInput', config.users.admin.username);
+            await page.login.setValue('passwordInput', config.users.admin.password);
+            await page.login.submit();
+        });
 
-    it('can logout', async () => {
-        driver.navigate().to(config.baseUrl + '/users/logout');
-        flash.waitUntilVisible();
-        expect(await flash.getText()).to.contain('logged out');
-    });
+        await step('System shows the home page and a flash notice that user has been logged in.', async () => {
+            await home.waitUntilVisibleAfterRefresh();
+            await home.waitForFlash();
+            expect(await home.getFlash()).to.contain('Logged in as admin');
+        });
 
-    after(() => driver.quit());
+        await step('User navigates to its account.', async () => {
+            await page.account.navigate();
+        });
+
+        await step('User logs out.', async () => {
+            await page.logout.navigate();
+            await home.waitForFlash();
+            expect(await home.getFlash()).to.contain('logged out');
+        });
+    });
 });
diff --git a/test/e2e/tests/subscription-uc.js b/test/e2e/tests/subscription-uc.js
deleted file mode 100644
index 38913e05..00000000
--- a/test/e2e/tests/subscription-uc.js
+++ /dev/null
@@ -1,150 +0,0 @@
-'use strict';
-
-const config = require('../helpers/config');
-const { useCase, step, driver } = require('../helpers/mocha-e2e');
-const shortid = require('shortid');
-const expect = require('chai').expect;
-
-const page = require('../page-objects/subscription')(config.lists.one);
-
-function generateEmail() {
-    return 'keep.' + shortid.generate() + '@mailtrain.org';
-}
-
-async function subscribe(subscription) {
-    await step('User navigates to list subscription page.', async () => {
-        await page.webSubscribe.navigate();
-    });
-
-    await step('User submits a valid email and other subscription info.', async () => {
-        await page.webSubscribe.setValue('emailInput', subscription.email);
-
-        if (subscription.firstName) {
-            await page.webSubscribe.setValue('firstNameInput', subscription.firstName);
-        }
-
-        if (subscription.lastName) {
-            await page.webSubscribe.setValue('lastNameInput', subscription.lastName);
-        }
-
-        await page.webSubscribe.submit();
-    });
-
-    await step('System shows a notice that further instructions are in the email.', async () => {
-        await page.webConfirmSubscriptionNotice.waitUntilVisible();
-    });
-
-    await step('System sends an email with a link to confirm the subscription.', async () => {
-        await page.mailConfirmSubscription.fetchMail(subscription.email);
-    });
-
-    await step('User clicks confirm subscription in the email', async () => {
-        await page.mailConfirmSubscription.click('confirmLink');
-    });
-
-    await step('System shows a notice that subscription has been confirmed.', async () => {
-        await page.webSubscribedNotice.waitUntilVisible();
-    });
-
-    await step('System sends an email with subscription confirmation.', async () => {
-        await page.mailSubscriptionConfirmed.fetchMail(subscription.email);
-        subscription.unsubscribeLink = await page.mailSubscriptionConfirmed.getHref('unsubscribeLink');
-        subscription.manageLink = await page.mailSubscriptionConfirmed.getHref('manageLink');
-
-        const unsubscribeParams = await page.mailSubscriptionConfirmed.getLinkParams('unsubscribeLink');
-        const manageParams = await page.mailSubscriptionConfirmed.getLinkParams('manageLink');
-        console.log(unsubscribeParams);
-        console.log(manageParams);
-        expect(unsubscribeParams.ucid).to.equal(manageParams.ucid);
-        subscription.ucid = unsubscribeParams.ucid;
-    });
-
-    return subscription;
-}
-
-suite('Subscription use-cases', function() {
-    before(() => driver.manage().deleteAllCookies());
-
-    useCase('Subscription to a public list (main scenario)', async () => {
-        await subscribe({
-            email: generateEmail()
-        });
-    });
-
-    useCase('Subscription to a public list (invalid email)', async () => {
-        await step('User navigates to list subscribe page', async () => {
-            await page.webSubscribe.navigate();
-        });
-
-        await step('User submits an invalid email.', async () => {
-            await page.webSubscribe.setValue('emailInput', 'foo@bar.nope');
-            await page.webSubscribe.submit();
-        });
-
-        await step('System shows a flash notice that email is invalid.', async () => {
-            await page.webSubscribe.waitForFlash();
-            expect(await page.webSubscribe.getFlash()).to.contain('Invalid email address');
-        });
-    });
-
-    useCase('Unsubscription from list #1 (one-step, no form).', async () => {
-        const subscription = await subscribe({
-            email: generateEmail()
-        });
-
-        await step('User clicks the unsubscribe button.', async () => {
-            await page.mailSubscriptionConfirmed.click('unsubscribeLink');
-        });
-
-        await step('System show a notice that confirms unsubscription.', async () => {
-            await page.webUnsubscribedNotice.waitUntilVisible();
-        });
-
-        await step('System sends an email that confirms unsubscription.', async () => {
-            await page.mailUnsubscriptionConfirmed.fetchMail(subscription.email);
-        });
-    });
-
-    useCase.only('Change email in list #1 (one-step, no form)', async () => {
-        const subscription = await subscribe({
-            email: generateEmail(),
-            firstName: 'John',
-            lastName: 'Doe'
-        });
-
-        await step('User clicks the manage subscription button.', async () => {
-            await page.mailSubscriptionConfirmed.click('manageLink');
-        });
-
-        await step('Systems shows a form to change subscription details. The form contains data entered during subscription.', async () => {
-            await page.webManage.waitUntilVisible();
-            expect(await page.webManage.getValue('emailInput')).to.equal(subscription.email);
-            expect(await page.webManage.getValue('firstNameInput')).to.equal(subscription.firstName);
-            expect(await page.webManage.getValue('lastNameInput')).to.equal(subscription.lastName);
-        });
-
-        await step('User enters another name and submits the form.', async () => {
-            subscription.firstName = 'Adam';
-            subscription.lastName = 'B';
-            await page.webManage.setValue('firstNameInput', subscription.firstName);
-            await page.webManage.setValue('lastNameInput', subscription.lastName);
-            await page.webManage.submit();
-        });
-
-        await step('Systems shows a notice that profile has been updated.', async () => {
-            await page.webUpdatedNotice.waitUntilVisible();
-        });
-
-        await step('User navigates to manage subscription again.', async () => {
-            await page.webManage.navigate(subscription.manageLink);
-            // await page.webManage.navigate({ ucid: subscription.ucid });
-        });
-
-        await step('Systems shows a form with the changes made previously.', async () => {
-            expect(await page.webManage.getValue('emailInput')).to.equal(subscription.email);
-            expect(await page.webManage.getValue('firstNameInput')).to.equal(subscription.firstName);
-            expect(await page.webManage.getValue('lastNameInput')).to.equal(subscription.lastName);
-        });
-
-    });
-});
diff --git a/test/e2e/tests/subscription.js b/test/e2e/tests/subscription.js
index cee3cece..7b817f99 100644
--- a/test/e2e/tests/subscription.js
+++ b/test/e2e/tests/subscription.js
@@ -1,101 +1,239 @@
 'use strict';
 
-const config = require('../helpers/config');
+const config = require('../lib/config');
+const { useCase, step, driver } = require('../lib/mocha-e2e');
 const shortid = require('shortid');
 const expect = require('chai').expect;
-const driver = require('../helpers/driver');
 
-const page = require('../page-objects/web')(driver);
-const flash = require('../page-objects/flash')(driver);
+const page = require('../page-objects/subscription')(config.lists.one);
 
-const {
-    webSubscribe,
-    webConfirmSubscriptionNotice,
-    mailConfirmSubscription,
-    webSubscribedNotice,
-    mailSubscriptionConfirmed,
-    webUnsubscribe,
-    webUnsubscribedNotice,
-    mailUnsubscriptionConfirmed
-} = require('../page-objects/subscription')(driver, config.lists.one);
+function generateEmail() {
+    return 'keep.' + shortid.generate() + '@mailtrain.org';
+}
 
-const testuser = {
-    email: 'keep.' + shortid.generate() + '@mailtrain.org'
-};
+async function subscribe(subscription) {
+    await step('User navigates to list subscription page.', async () => {
+        await page.webSubscribe.navigate();
+    });
 
-// console.log(testuser.email);
+    await step('User submits a valid email and other subscription info.', async () => {
+        await page.webSubscribe.setValue('emailInput', subscription.email);
 
-describe('subscribe (list one)', function() {
-    this.timeout(10000);
+        if (subscription.firstName) {
+            await page.webSubscribe.setValue('firstNameInput', subscription.firstName);
+        }
 
+        if (subscription.lastName) {
+            await page.webSubscribe.setValue('lastNameInput', subscription.lastName);
+        }
+
+        await page.webSubscribe.submit();
+    });
+
+    await step('System shows a notice that further instructions are in the email.', async () => {
+        await page.webConfirmSubscriptionNotice.waitUntilVisibleAfterRefresh();
+    });
+
+    await step('System sends an email with a link to confirm the subscription.', async () => {
+        await page.mailConfirmSubscription.fetchMail(subscription.email);
+    });
+
+    await step('User clicks confirm subscription in the email', async () => {
+        await page.mailConfirmSubscription.click('confirmLink');
+    });
+
+    await step('System shows a notice that subscription has been confirmed.', async () => {
+        await page.webSubscribedNotice.waitUntilVisibleAfterRefresh();
+    });
+
+    await step('System sends an email with subscription confirmation.', async () => {
+        await page.mailSubscriptionConfirmed.fetchMail(subscription.email);
+        subscription.unsubscribeLink = await page.mailSubscriptionConfirmed.getHref('unsubscribeLink');
+        subscription.manageLink = await page.mailSubscriptionConfirmed.getHref('manageLink');
+
+        const unsubscribeParams = await page.mailSubscriptionConfirmed.getLinkParams('unsubscribeLink');
+        const manageParams = await page.mailSubscriptionConfirmed.getLinkParams('manageLink');
+        expect(unsubscribeParams.ucid).to.equal(manageParams.ucid);
+        subscription.ucid = unsubscribeParams.ucid;
+    });
+
+    return subscription;
+}
+
+suite('Subscription use-cases', function() {
     before(() => driver.manage().deleteAllCookies());
 
-    it('visits web-subscribe', async () => {
-        await webSubscribe.navigate();
+    useCase('Subscription to a public list (main scenario)', async () => {
+        await subscribe({
+            email: generateEmail()
+        });
     });
 
-    it('submits invalid email (error)', async () => {
-        webSubscribe.enterEmail('foo@bar.nope');
-        webSubscribe.submit();
-        flash.waitUntilVisible();
-        expect(await flash.getText()).to.contain('Invalid email address');
+    useCase('Subscription to a public list (invalid email)', async () => {
+        await step('User navigates to list subscribe page', async () => {
+            await page.webSubscribe.navigate();
+        });
+
+        await step('User submits an invalid email.', async () => {
+            await page.webSubscribe.setValue('emailInput', 'foo@bar.nope');
+            await page.webSubscribe.submit();
+        });
+
+        await step('System shows a flash notice that email is invalid.', async () => {
+            await page.webSubscribe.waitForFlash();
+            expect(await page.webSubscribe.getFlash()).to.contain('Invalid email address');
+        });
     });
 
-    it('submits valid email', async () => {
-        webSubscribe.enterEmail(testuser.email);
-        await webSubscribe.submit();
+    useCase('Subscription to a public list (email already registered)', async () => {
+        const subscription = await subscribe({
+            email: generateEmail()
+        });
+
+        await step('User navigates to list subscribe page', async () => {
+            await page.webSubscribe.navigate();
+        });
+
+        await step('User submits the email which has been already registered.', async () => {
+            await page.webSubscribe.setValue('emailInput', subscription.email);
+            await page.webSubscribe.submit();
+        });
+
+        await step('System shows a notice that further instructions are in the email.', async () => {
+            await page.webConfirmSubscriptionNotice.waitUntilVisibleAfterRefresh();
+        });
+
+        await step('System sends an email informing that the address has been already registered.', async () => {
+            await page.mailAlreadySubscribed.fetchMail(subscription.email);
+        });
+
     });
 
-    it('sees web-confirm-subscription-notice', async () => {
-        webConfirmSubscriptionNotice.waitUntilVisible();
-        expect(await page.containsText('Almost Finished')).to.be.true;
+    useCase('Subscription to a non-public list');
+
+    useCase('Change profile info', async () => {
+        const subscription = await subscribe({
+            email: generateEmail(),
+            firstName: 'John',
+            lastName: 'Doe'
+        });
+
+        await step('User clicks the manage subscription button.', async () => {
+            await page.mailSubscriptionConfirmed.click('manageLink');
+        });
+
+        await step('Systems shows a form to change subscription details. The form contains data entered during subscription.', async () => {
+            await page.webManage.waitUntilVisibleAfterRefresh();
+            expect(await page.webManage.getValue('emailInput')).to.equal(subscription.email);
+            expect(await page.webManage.getValue('firstNameInput')).to.equal(subscription.firstName);
+            expect(await page.webManage.getValue('lastNameInput')).to.equal(subscription.lastName);
+        });
+
+        await step('User enters another name and submits the form.', async () => {
+            subscription.firstName = 'Adam';
+            subscription.lastName = 'B';
+            await page.webManage.setValue('firstNameInput', subscription.firstName);
+            await page.webManage.setValue('lastNameInput', subscription.lastName);
+            await page.webManage.submit();
+        });
+
+        await step('Systems shows a notice that profile has been updated.', async () => {
+            await page.webUpdatedNotice.waitUntilVisibleAfterRefresh();
+        });
+
+        await step('User navigates to manage subscription again.', async () => {
+            // await page.webManage.navigate(subscription.manageLink);
+            await page.webManage.navigate({ ucid: subscription.ucid });
+        });
+
+        await step('Systems shows a form with the changes made previously.', async () => {
+            expect(await page.webManage.getValue('emailInput')).to.equal(subscription.email);
+            expect(await page.webManage.getValue('firstNameInput')).to.equal(subscription.firstName);
+            expect(await page.webManage.getValue('lastNameInput')).to.equal(subscription.lastName);
+        });
     });
 
-    it('receives mail-confirm-subscription', async () => {
-        mailConfirmSubscription.navigate(testuser.email);
-        expect(await page.containsText('Please Confirm Subscription')).to.be.true;
+    useCase('Change email', async () => {
+        const subscription = await subscribe({
+            email: generateEmail(),
+            firstName: 'John',
+            lastName: 'Doe'
+        });
+
+        await step('User clicks the manage subscription button.', async () => {
+            await page.mailSubscriptionConfirmed.click('manageLink');
+        });
+
+        await step('Systems shows a form to change subscription details. The form contains data entered during subscription.', async () => {
+            await page.webManage.waitUntilVisibleAfterRefresh();
+            expect(await page.webManage.getValue('emailInput')).to.equal(subscription.email);
+            expect(await page.webManage.getValue('firstNameInput')).to.equal(subscription.firstName);
+            expect(await page.webManage.getValue('lastNameInput')).to.equal(subscription.lastName);
+        });
+
+        await step('User clicks the change address button.', async () => {
+            await page.webManage.click('manageAddressLink');
+        });
+
+        await step('Systems shows a form to change email.', async () => {
+            await page.webManageAddress.waitUntilVisibleAfterRefresh();
+        });
+
+        await step('User fills in a new email address and submits the form.', async () => {
+            subscription.email = generateEmail();
+            await page.webManageAddress.setValue('emailNewInput', subscription.email);
+            await page.webManageAddress.submit();
+        });
+
+        await step('System goes back to the profile form and shows a flash notice that further instructions are in the email.', async () => {
+            await page.webManage.waitUntilVisibleAfterRefresh();
+            await page.webManage.waitForFlash();
+            expect(await page.webManage.getFlash()).to.contain('An email with further instructions has been sent to the provided address');
+        });
+
+        await step('System sends an email with a link to confirm the address change.', async () => {
+            await page.mailConfirmAddressChange.fetchMail(subscription.email);
+        });
+
+        await step('User clicks confirm subscription in the email', async () => {
+            await page.mailConfirmAddressChange.click('confirmLink');
+        });
+
+        await step('System shows the profile form with a flash notice that address has been changed.', async () => {
+            await page.webManage.waitUntilVisibleAfterRefresh();
+            await page.webManage.waitForFlash();
+            expect(await page.webManage.getFlash()).to.contain('Email address changed');
+            expect(await page.webManage.getValue('emailInput')).to.equal(subscription.email);
+        });
+
+        await step('System sends an email with subscription confirmation.', async () => {
+            await page.mailSubscriptionConfirmed.fetchMail(subscription.email);
+        });
     });
 
-    it('clicks confirm subscription', async () => {
-        await mailConfirmSubscription.click('confirmLink');
+    useCase('Unsubscription from list #1 (one-step, no form).', async () => {
+        const subscription = await subscribe({
+            email: generateEmail()
+        });
+
+        await step('User clicks the unsubscribe button.', async () => {
+            await page.mailSubscriptionConfirmed.click('unsubscribeLink');
+        });
+
+        await step('System shows a notice that confirms unsubscription.', async () => {
+            await page.webUnsubscribedNotice.waitUntilVisibleAfterRefresh();
+        });
+
+        await step('System sends an email that confirms unsubscription.', async () => {
+            await page.mailUnsubscriptionConfirmed.fetchMail(subscription.email);
+        });
     });
 
-    it('sees web-subscribed-notice', async () => {
-        webSubscribedNotice.waitUntilVisible();
-        expect(await page.containsText('Subscription Confirmed')).to.be.true;
-    });
+    useCase('Unsubscription from list #2 (one-step, with form).');
 
-    it('receives mail-subscription-confirmed', async () => {
-        mailSubscriptionConfirmed.navigate(testuser.email);
-        expect(await page.containsText('Subscription Confirmed')).to.be.true;
-    });
-});
-
-describe('unsubscribe (list one)', function() {
-    this.timeout(10000);
-
-    it('clicks unsubscribe', async () => {
-        await mailSubscriptionConfirmed.click('unsubscribeLink');
-    });
-
-    it('sees web-unsubscribe', async () => {
-        webUnsubscribe.waitUntilVisible();
-        expect(await page.containsText('Unsubscribe')).to.be.true;
-    });
-
-    it('clicks confirm unsubscription', async () => {
-        await webUnsubscribe.submit();
-    });
-
-    it('sees web-unsubscribed-notice', async () => {
-        webUnsubscribedNotice.waitUntilVisible();
-        expect(await page.containsText('Unsubscribe Successful')).to.be.true;
-    });
-
-    it('receives mail-unsubscription-confirmed', async () => {
-        mailUnsubscriptionConfirmed.navigate(testuser.email);
-        expect(await page.containsText('You Are Now Unsubscribed')).to.be.true;
-    });
-
-    after(() => driver.quit());
+    useCase('Unsubscription from list #3 (two-step, no form).');
+
+    useCase('Unsubscription from list #4 (two-step, with form).');
+
+    useCase('Unsubscription from list #5 (manual unsubscribe).');
 });

From 6c02db3331f9c1f5423df553be869a86de6f1db8 Mon Sep 17 00:00:00 2001
From: Tomas Bures <tbures@sathyasai.org>
Date: Sat, 27 May 2017 00:06:34 +0200
Subject: [PATCH 10/11] Added better support for preconditions in use-cases.

---
 test/e2e/lib/mocha-e2e.js      | 26 ++++++++++++++++++++++++++
 test/e2e/tests/subscription.js | 19 ++++++++++++++-----
 2 files changed, 40 insertions(+), 5 deletions(-)

diff --git a/test/e2e/lib/mocha-e2e.js b/test/e2e/lib/mocha-e2e.js
index f781fc0d..16aeba06 100644
--- a/test/e2e/lib/mocha-e2e.js
+++ b/test/e2e/lib/mocha-e2e.js
@@ -51,6 +51,15 @@ function UseCaseReporter(runner) {
         --indents;
     });
 
+    runner.on('steps', useCase => {
+        ++indents;
+        console.log(color('pass', '%s%s'), indent(), useCase.title);
+    });
+
+    runner.on('steps end', () => {
+        --indents;
+    });
+
     runner.on('step pass', step => {
         console.log(indent() + color('checkmark', '  ' + Mocha.reporters.Base.symbols.ok) + color('pass', ' %s'), step.title);
     });
@@ -183,9 +192,26 @@ async function step(name, asyncFn) {
     }
 }
 
+async function steps(name, asyncFn) {
+    try {
+        runner.emit('steps', {title: name});
+        await asyncFn();
+        runner.emit('steps end');
+    } catch (err) {
+        runner.emit('step end');
+        throw err;
+    }
+}
+
+async function precondition(preConditionName, useCaseName, asyncFn) {
+    await steps(`Including use case "${useCaseName}" to satisfy precondition "${preConditionName}"`, asyncFn);
+}
+
 module.exports = {
     mocha,
     useCase,
     step,
+    steps,
+    precondition,
     driver
 };
\ No newline at end of file
diff --git a/test/e2e/tests/subscription.js b/test/e2e/tests/subscription.js
index 7b817f99..fec05937 100644
--- a/test/e2e/tests/subscription.js
+++ b/test/e2e/tests/subscription.js
@@ -1,7 +1,7 @@
 'use strict';
 
 const config = require('../lib/config');
-const { useCase, step, driver } = require('../lib/mocha-e2e');
+const { useCase, step, precondition, driver } = require('../lib/mocha-e2e');
 const shortid = require('shortid');
 const expect = require('chai').expect;
 
@@ -60,6 +60,13 @@ async function subscribe(subscription) {
     return subscription;
 }
 
+async function subscriptionExistsPrecondition(subscription) {
+    await precondition('Subscription exists', 'Subscription to a public list (main scenario)', async () => {
+        await subscribe(subscription);
+    });
+    return subscription;
+}
+
 suite('Subscription use-cases', function() {
     before(() => driver.manage().deleteAllCookies());
 
@@ -86,7 +93,7 @@ suite('Subscription use-cases', function() {
     });
 
     useCase('Subscription to a public list (email already registered)', async () => {
-        const subscription = await subscribe({
+        const subscription = await subscriptionExistsPrecondition({
             email: generateEmail()
         });
 
@@ -112,7 +119,7 @@ suite('Subscription use-cases', function() {
     useCase('Subscription to a non-public list');
 
     useCase('Change profile info', async () => {
-        const subscription = await subscribe({
+        const subscription = await subscriptionExistsPrecondition({
             email: generateEmail(),
             firstName: 'John',
             lastName: 'Doe'
@@ -154,7 +161,7 @@ suite('Subscription use-cases', function() {
     });
 
     useCase('Change email', async () => {
-        const subscription = await subscribe({
+        const subscription = await subscriptionExistsPrecondition({
             email: generateEmail(),
             firstName: 'John',
             lastName: 'Doe'
@@ -212,7 +219,7 @@ suite('Subscription use-cases', function() {
     });
 
     useCase('Unsubscription from list #1 (one-step, no form).', async () => {
-        const subscription = await subscribe({
+        const subscription = await subscriptionExistsPrecondition({
             email: generateEmail()
         });
 
@@ -236,4 +243,6 @@ suite('Subscription use-cases', function() {
     useCase('Unsubscription from list #4 (two-step, with form).');
 
     useCase('Unsubscription from list #5 (manual unsubscribe).');
+
+    useCase('Resubscription.'); // This one is supposed to check that values pre-filled in resubscription (i.e. the re-subscribe link in unsubscription confirmation) are the same as the ones used before.
 });

From c11d1a1cbf1b43d2172353c0b0049830243401ca Mon Sep 17 00:00:00 2001
From: Tomas Bures <tbures@sathyasai.org>
Date: Sat, 27 May 2017 00:43:56 +0200
Subject: [PATCH 11/11] Added processing of the "auto" option in
 unsubscription. If auto=yes is specified, the two-step unsubscription works
 as one-step. No unsubscription form is presented.

---
 routes/subscription.js | 53 +++++++++++++++++++++++-------------------
 1 file changed, 29 insertions(+), 24 deletions(-)

diff --git a/routes/subscription.js b/routes/subscription.js
index 235a6a3b..6310bbf3 100644
--- a/routes/subscription.js
+++ b/routes/subscription.js
@@ -702,7 +702,12 @@ router.get('/:lcid/unsubscribe/:ucid', passport.csrfProtection, (req, res, next)
                 }
 
 
-                if (req.query.formTest ||
+                const autoUnsubscribe = req.query.auto === 'yes';
+
+                if (autoUnsubscribe) {
+                    handleUnsubscribe(list, subscription, autoUnsubscribe, req.query.c, req.ip, res, next);
+
+                } else if (req.query.formTest ||
                     list.unsubscriptionMode === lists.UnsubscriptionMode.ONE_STEP_WITH_FORM ||
                     list.unsubscriptionMode === lists.UnsubscriptionMode.TWO_STEP_WITH_FORM) {
 
@@ -741,7 +746,7 @@ router.get('/:lcid/unsubscribe/:ucid', passport.csrfProtection, (req, res, next)
                         });
                     });
                 } else { // UnsubscriptionMode.ONE_STEP || UnsubscriptionMode.TWO_STEP || UnsubscriptionMode.MANUAL
-                    handleUnsubscribe(list, subscription, req.query.c, req.ip, res, next);
+                    handleUnsubscribe(list, subscription, autoUnsubscribe, req.query.c, req.ip, res, next);
                 }
             });
         });
@@ -771,14 +776,32 @@ router.post('/:lcid/unsubscribe', passport.parseForm, passport.csrfProtection, (
                 return next(err);
             }
 
-            handleUnsubscribe(list, subscription, campaignId, req.ip, res, next);
+            handleUnsubscribe(list, subscription, false, campaignId, req.ip, res, next);
         });
     });
 });
 
-function handleUnsubscribe(list, subscription, campaignId, ip, res, next) {
-    if (list.unsubscriptionMode === lists.UnsubscriptionMode.TWO_STEP ||
-        list.unsubscriptionMode === lists.UnsubscriptionMode.TWO_STEP_WITH_FORM) {
+function handleUnsubscribe(list, subscription, autoUnsubscribe, campaignId, ip, res, next) {
+    if ((list.unsubscriptionMode === lists.UnsubscriptionMode.ONE_STEP || list.unsubscriptionMode === lists.UnsubscriptionMode.ONE_STEP_WITH_FORM) ||
+        (autoUnsubscribe && (list.unsubscriptionMode === lists.UnsubscriptionMode.TWO_STEP || list.unsubscriptionMode === lists.UnsubscriptionMode.TWO_STEP_WITH_FORM)) ) {
+
+        subscriptions.changeStatus(list.id, subscription.id, campaignId, subscriptions.Status.UNSUBSCRIBED, (err, found) => {
+            if (err) {
+                return next(err);
+            }
+    
+            // TODO: Shall we do anything with "found"?
+
+            mailHelpers.sendUnsubscriptionConfirmed(list, subscription.email, subscription, err => {
+                if (err) {
+                    return next(err);
+                }
+
+                res.redirect('/subscription/' + list.cid + '/unsubscribed-notice');
+            });
+        });
+
+    } else if (list.unsubscriptionMode === lists.UnsubscriptionMode.TWO_STEP || list.unsubscriptionMode === lists.UnsubscriptionMode.TWO_STEP_WITH_FORM) {
 
         const data = {
             subscriptionId: subscription.id,
@@ -799,24 +822,6 @@ function handleUnsubscribe(list, subscription, campaignId, ip, res, next) {
             });
         });
 
-    } else if (list.unsubscriptionMode === lists.UnsubscriptionMode.ONE_STEP ||
-        list.unsubscriptionMode === lists.UnsubscriptionMode.ONE_STEP_WITH_FORM) {
-
-        subscriptions.changeStatus(list.id, subscription.id, campaignId, subscriptions.Status.UNSUBSCRIBED, (err, found) => {
-            if (err) {
-                return next(err);
-            }
-
-            // TODO: Shall we do anything with "found"?
-
-            mailHelpers.sendUnsubscriptionConfirmed(list, subscription.email, subscription, err => {
-                if (err) {
-                    return next(err);
-                }
-
-                res.redirect('/subscription/' + list.cid + '/unsubscribed-notice');
-            });
-        });
     } else { // UnsubscriptionMode.MANUAL
         res.redirect('/subscription/' + list.cid + '/manual-unsubscribe-notice');
     }