diff --git a/app/controllers/settings/users_controller.rb b/app/controllers/settings/users_controller.rb
index 9fd29c07..529785db 100644
--- a/app/controllers/settings/users_controller.rb
+++ b/app/controllers/settings/users_controller.rb
@@ -25,13 +25,12 @@ class Settings::UsersController < ApplicationController
def create
@user = User.new(
email: user_params[:email],
- password: 'password',
- password_confirmation: 'password'
+ password: user_params[:password],
+ password_confirmation: user_params[:password]
)
if @user.save
- redirect_to settings_users_url,
- notice: "User was successfully created, email is #{@user.email}, password is \"password\"."
+ redirect_to settings_users_url, notice: 'User was successfully created'
else
redirect_to settings_users_url, notice: 'User could not be created.', status: :unprocessable_entity
end
@@ -50,6 +49,6 @@ class Settings::UsersController < ApplicationController
private
def user_params
- params.require(:user).permit(:email)
+ params.require(:user).permit(:email, :password)
end
end
diff --git a/app/views/settings/users/edit.html.erb b/app/views/settings/users/edit.html.erb
index 417def68..a80f93f7 100644
--- a/app/views/settings/users/edit.html.erb
+++ b/app/views/settings/users/edit.html.erb
@@ -13,6 +13,12 @@
<% end %>
<%= f.email_field :email, value: @user.email, class: "input input-bordered" %>
+
+ <%= f.label :password do %>
+ Password
+ <% end %>
+ <%= f.password_field :password, autofocus: true, autocomplete: "new-password", class: "input input-bordered" %>
+
<%= f.submit "Update", class: "btn btn-primary" %>
diff --git a/app/views/settings/users/index.html.erb b/app/views/settings/users/index.html.erb
index 9e43bb3c..087d0e23 100644
--- a/app/views/settings/users/index.html.erb
+++ b/app/views/settings/users/index.html.erb
@@ -46,6 +46,12 @@
<% end %>
<%= f.email_field :email, value: '', class: "input input-bordered" %>
+
+ <%= f.label :password do %>
+ Password
+ <% end %>
+ <%= f.password_field :password, autofocus: true, autocomplete: "new-password", class: "input input-bordered" %>
+
<%= f.submit "Create", class: "btn btn-primary" %>
diff --git a/spec/requests/settings/users_spec.rb b/spec/requests/settings/users_spec.rb
index 443a3ad1..d2cc7806 100644
--- a/spec/requests/settings/users_spec.rb
+++ b/spec/requests/settings/users_spec.rb
@@ -3,7 +3,8 @@
require 'rails_helper'
RSpec.describe '/settings/users', type: :request do
- let(:valid_attributes) { { email: 'user@domain.com' } }
+ let(:valid_attributes) { { email: 'user@domain.com', password: '4815162342' } }
+ let!(:admin) { create(:user, :admin) }
context 'when user is not authenticated' do
it 'redirects to sign in page' do
@@ -25,8 +26,6 @@ RSpec.describe '/settings/users', type: :request do
end
context 'when user is an admin' do
- let!(:admin) { create(:user, :admin) }
-
describe 'POST /create' do
before { sign_in admin }
@@ -35,13 +34,16 @@ RSpec.describe '/settings/users', type: :request do
expect do
post settings_users_url, params: { user: valid_attributes }
end.to change(User, :count).by(1)
+
+ expect(User.last.email).to eq(valid_attributes[:email])
+ expect(User.last.valid_password?(valid_attributes[:password])).to be_truthy
end
it 'redirects to the created settings_user' do
post settings_users_url, params: { user: valid_attributes }
expect(response).to redirect_to(settings_users_url)
- expect(flash[:notice]).to eq("User was successfully created, email is #{valid_attributes[:email]}, password is \"password\".")
+ expect(flash[:notice]).to eq('User was successfully created')
end
end
@@ -61,6 +63,24 @@ RSpec.describe '/settings/users', type: :request do
end
end
end
+
+ describe 'PATCH /update' do
+ let(:user) { create(:user) }
+
+ before { sign_in admin }
+
+ context 'with valid parameters' do
+ let(:new_attributes) { { email: FFaker::Internet.email, password: '4815162342' } }
+
+ it 'updates the requested user' do
+ patch settings_user_url(user), params: { user: new_attributes }
+
+ user.reload
+ expect(user.email).to eq(new_attributes[:email])
+ expect(user.valid_password?(new_attributes[:password])).to be_truthy
+ end
+ end
+ end
end
end
end