Permalink
Browse files

Removed custom change password code and offloaded to Devise. Also rem…

…oved custom tests for same.

Note: Devise requires attr_accessible for password & password_confirmation.
  • Loading branch information...
1 parent a2f1af1 commit 03ac28a156eacb7ad1a729e2c00500dc7f8f2bae Mark Steckel committed Aug 28, 2013
@@ -15,7 +15,6 @@ def show
def update
@user = User.find(params[:id])
- @user.skip_validation = true
if @user.update_attributes(params[:user],{:as => :admin})
redirect_to admin_users_url, notice: 'User was successfully updated.'
else
@@ -18,7 +18,7 @@ def create
def update
@user = current_user
- if @user.update_attributes(params[:user])
+ if @user.update_with_password(params[:user])
flash.notice = "Password was successfully updated."
sign_in @user, :bypass => true
redirect_to root_url
View
@@ -5,36 +5,14 @@ class User < ActiveRecord::Base
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable, :lockable
- attr_accessor :current_password
- attr_accessor :skip_validation
-
# Setup accessible (or protected) attributes for your model
- attr_accessible :email, :password, :password_confirmation, :current_password, :remember_me
+ attr_accessible :email, :password, :password_confirmation, :remember_me
attr_accessible :is_super_user, :is_admin, :as => :admin
- validates_presence_of :password, :unless => :skip_validation
- validates_presence_of :password_confirmation, :unless => :skip_validation
- validate :check_current_password, :on => :update, :if => :encrypted_password_changed?
-
after_validation :remove_encrypted_password_errors
def remove_encrypted_password_errors
errors.delete :encrypted_password if errors.include? :password
end
- private
-
- def check_current_password
- # old_user = User.find(self.id)
- if self.current_password.blank?
- self.errors[:current_password] << " current password can not be blank"
- else
- u = User.find(self.id)
- if ! u.valid_password? current_password
- self.errors[:current_password] << " is not your previous password"
- end
- end
- end
-
-
end
@@ -19,7 +19,7 @@
let(:user){ create(:user) }
describe "with valid params" do
before :each do
- User.any_instance.stub(:update_attributes).and_return(true)
+ User.any_instance.stub(:update_with_password).and_return(true)
end
it "redirect to the root page" do
put :update, {:id => user.to_param, :user => {'these' => 'params'}}, valid_session
@@ -28,7 +28,7 @@
end
describe "with invalid params" do
before :each do
- User.any_instance.stub(:update_attributes).and_return(false)
+ User.any_instance.stub(:update_with_password).and_return(false)
put :update, {id: user.to_param, user: {bad: "params"}}, valid_session
end
it "should render the edit page" do
View
@@ -2,9 +2,6 @@
subject { build :user }
it { should validate_presence_of :email }
- it { should validate_presence_of :password}
- it { should validate_presence_of :password_confirmation}
- it { should_not validate_presence_of :current_password}
it_behaves_like 'email validator'
it 'should not allow mass assignment of user roles by default' do
@@ -24,35 +21,6 @@
end
end
- describe 'change password' do
- let(:old_pass) { subject.password }
-
- before do
- subject.save # feel sad about it
- User.stub(:find).and_return subject
- end
-
- it 'should validate presence of password and confirmation if neither are set on update' do
- subject.password = nil
- subject.password_confirmation = nil
- subject.should_not be_valid
- end
-
- it 'should validate the old password if the user is changing her password' do
- subject.password = 'banana123'
- subject.password_confirmation = 'banana123'
- subject.current_password = old_pass + 'cupcake'
- subject.should_not be_valid(:update)
- end
-
- it 'should let the user change her password if she correctly gives the old password' do
- subject.password = 'banana123'
- subject.password_confirmation = 'banana123'
- subject.current_password = old_pass
- subject.should be_valid(:update)
- end
- end
-
describe '#remove_password_digest_errors' do
context 'when there is a password error' do

0 comments on commit 03ac28a

Please sign in to comment.