Hack in registration prevention (#37)
All checks were successful
Deploy / deploy (push) Successful in 4m1s
All checks were successful
Deploy / deploy (push) Successful in 4m1s
Reviewed-on: #37
This commit is contained in:
parent
eaa1846d42
commit
543a9599e0
4 changed files with 32 additions and 14 deletions
|
@ -26,7 +26,10 @@ class UsersController < ApplicationController
|
||||||
@user = User.new(user_params)
|
@user = User.new(user_params)
|
||||||
|
|
||||||
respond_to do |format|
|
respond_to do |format|
|
||||||
if @user.save
|
if ENV["REGISTRATION_ALLOWED"].blank?
|
||||||
|
format.html { redirect_to new_session_url, alert: "Registration disabled." }
|
||||||
|
format.json { render json: @user.errors, status: :unprocessable_entity }
|
||||||
|
elsif @user.save
|
||||||
@session = Session.new(session_params).save
|
@session = Session.new(session_params).save
|
||||||
session[:current_user_id] = @session.user_id
|
session[:current_user_id] = @session.user_id
|
||||||
|
|
||||||
|
|
|
@ -17,15 +17,17 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
|
||||||
end
|
end
|
||||||
|
|
||||||
test "should create user" do
|
test "should create user" do
|
||||||
assert_difference("User.count") do
|
stub_environment(REGISTRATION_ALLOWED: "true") do
|
||||||
params = {
|
assert_difference("User.count") do
|
||||||
user: {
|
params = {
|
||||||
email: "userthree@example.local",
|
user: {
|
||||||
password: "secret",
|
email: "userthree@example.local",
|
||||||
password_confirmation: "secret"
|
password: "secret",
|
||||||
|
password_confirmation: "secret"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
post users_url, params: params
|
||||||
post users_url, params: params
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
assert_redirected_to user_url(User.last)
|
assert_redirected_to user_url(User.last)
|
||||||
|
|
|
@ -15,12 +15,14 @@ class UsersTest < ApplicationSystemTestCase
|
||||||
visit users_url
|
visit users_url
|
||||||
click_on "Sign up"
|
click_on "Sign up"
|
||||||
|
|
||||||
fill_in "Email", with: "userthree@example.local"
|
stub_environment(REGISTRATION_ALLOWED: "true") do
|
||||||
fill_in "Password", with: "secret"
|
fill_in "Email", with: "userthree@example.local"
|
||||||
fill_in "Password confirmation", with: "secret"
|
fill_in "Password", with: "secret"
|
||||||
click_on "Create User"
|
fill_in "Password confirmation", with: "secret"
|
||||||
|
click_on "Create User"
|
||||||
|
|
||||||
assert_text "User was successfully created"
|
assert_text "User was successfully created"
|
||||||
|
end
|
||||||
click_on "Back"
|
click_on "Back"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -14,4 +14,15 @@ class ActiveSupport::TestCase
|
||||||
post sessions_url, params: { session: { email: email, password: password } }
|
post sessions_url, params: { session: { email: email, password: password } }
|
||||||
assert session[:current_user_id].present?
|
assert session[:current_user_id].present?
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def stub_environment(env)
|
||||||
|
old_env = ENV.to_hash
|
||||||
|
ENV.update(env.stringify_keys)
|
||||||
|
|
||||||
|
begin
|
||||||
|
yield
|
||||||
|
ensure
|
||||||
|
ENV.replace(old_env)
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue