Hack in registration prevention #37

Merged
atomaka merged 2 commits from prevent-registration into main 2024-09-08 22:18:56 -04:00
4 changed files with 32 additions and 14 deletions

View file

@ -26,7 +26,10 @@ class UsersController < ApplicationController
@user = User.new(user_params) @user = User.new(user_params)
respond_to do |format| respond_to do |format|
if @user.save if ENV["REGISTRATION_ALLOWED"].blank?
format.html { redirect_to new_session_url, alert: "Registration disabled." }
format.json { render json: @user.errors, status: :unprocessable_entity }
elsif @user.save
@session = Session.new(session_params).save @session = Session.new(session_params).save
session[:current_user_id] = @session.user_id session[:current_user_id] = @session.user_id

View file

@ -17,6 +17,7 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
end end
test "should create user" do test "should create user" do
stub_environment(REGISTRATION_ALLOWED: "true") do
assert_difference("User.count") do assert_difference("User.count") do
params = { params = {
user: { user: {
@ -27,6 +28,7 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
} }
post users_url, params: params post users_url, params: params
end end
end
assert_redirected_to user_url(User.last) assert_redirected_to user_url(User.last)
end end

View file

@ -15,12 +15,14 @@ class UsersTest < ApplicationSystemTestCase
visit users_url visit users_url
click_on "Sign up" click_on "Sign up"
stub_environment(REGISTRATION_ALLOWED: "true") do
fill_in "Email", with: "userthree@example.local" fill_in "Email", with: "userthree@example.local"
fill_in "Password", with: "secret" fill_in "Password", with: "secret"
fill_in "Password confirmation", with: "secret" fill_in "Password confirmation", with: "secret"
click_on "Create User" click_on "Create User"
assert_text "User was successfully created" assert_text "User was successfully created"
end
click_on "Back" click_on "Back"
end end

View file

@ -14,4 +14,15 @@ class ActiveSupport::TestCase
post sessions_url, params: { session: { email: email, password: password } } post sessions_url, params: { session: { email: email, password: password } }
assert session[:current_user_id].present? assert session[:current_user_id].present?
end end
def stub_environment(env)
old_env = ENV.to_hash
ENV.update(env.stringify_keys)
begin
yield
ensure
ENV.replace(old_env)
end
end
end end