@ -44,6 +44,25 @@ RSpec.describe UsersController, type: :request do
get " /users/password/edit?reset_password_token= #{ enc } "
expect ( page ) . to have_css ( " h1 " , class : " govuk-heading-l " , text : " Reset your password " )
end
context " update password " do
let ( :params ) do
{
id : user . id , user : { password : new_value , password_confirmation : " something_else " }
}
end
before do
sign_in user
put " /users/ #{ user . id } " , headers : headers , params : params
end
it " shows an error if passwords don't match " do
expect ( response ) . to have_http_status ( :unprocessable_entity )
expect ( page ) . to have_selector ( " # error-summary-title " )
expect ( page ) . to have_content ( " Password confirmation doesn't match Password " )
end
end
end
end
@ -132,6 +151,18 @@ RSpec.describe UsersController, type: :request do
end
end
context " update fails to persist " do
before do
allow_any_instance_of ( User ) . to receive ( :update ) . and_return ( false )
sign_in user
patch " /users/ #{ user . id } " , headers : headers , params : params
end
it " show an error " do
expect ( response ) . to have_http_status ( :unprocessable_entity )
end
end
context " current user is another user " do
let ( :params ) { { id : unauthorised_user . id , user : { name : new_value } } }
@ -144,5 +175,23 @@ RSpec.describe UsersController, type: :request do
expect ( response ) . to have_http_status ( :not_found )
end
end
context " update password " do
let ( :params ) do
{
id : user . id , user : { password : new_value , password_confirmation : " something_else " }
}
end
before do
sign_in user
patch " /users/ #{ user . id } " , headers : headers , params : params
end
it " shows an error if passwords don't match " do
expect ( response ) . to have_http_status ( :unprocessable_entity )
expect ( page ) . to have_selector ( " # error-summary-title " )
end
end
end
end