From 5ec5e8fc985444c8b52504448f7f6f25d71b9abd Mon Sep 17 00:00:00 2001
From: baarkerlounger <db@slothlife.xyz>
Date: Thu, 2 Dec 2021 10:15:46 +0000
Subject: [PATCH] Add email validation

---
 app/controllers/users_controller.rb | 17 ++++++++++++++---
 spec/features/user_spec.rb          | 19 +++++++++++++++++++
 2 files changed, 33 insertions(+), 3 deletions(-)

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index caab232b3..2f6da5342 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -1,5 +1,6 @@
 class UsersController < ApplicationController
   include Devise::Controllers::SignInOut
+  include Helpers::Email
   before_action :authenticate_user!
 
   def update
@@ -14,9 +15,19 @@ class UsersController < ApplicationController
   end
 
   def create
-    @user = User.create!(user_params.merge(org_params).merge(password_params))
-    @user.send_reset_password_instructions
-    redirect_to users_organisation_path(current_user.organisation)
+    @resource = User.new
+    if user_params["email"].empty?
+      @resource.errors.add :email, "Enter an email address"
+    elsif !email_valid?(user_params["email"])
+      @resource.errors.add :email, "Enter an email address in the correct format, like name@example.com"
+    end
+    if @resource.errors.present?
+      render :new, status: :unprocessable_entity
+    else
+      @user = User.create!(user_params.merge(org_params).merge(password_params))
+      @user.send_reset_password_instructions
+      redirect_to users_organisation_path(current_user.organisation)
+    end
   end
 
   def edit_password
diff --git a/spec/features/user_spec.rb b/spec/features/user_spec.rb
index 935116b48..d8d2d1e9b 100644
--- a/spec/features/user_spec.rb
+++ b/spec/features/user_spec.rb
@@ -164,4 +164,23 @@ RSpec.describe "User Features" do
       expect(page).to have_content("Test New")
     end
   end
+
+  context "Adding a new user" do
+    before(:each) do
+      visit("/case-logs")
+      fill_in("user[email]", with: user.email)
+      fill_in("user[password]", with: "pAssword1")
+      click_button("Sign in")
+    end
+
+    it "validates email" do
+      visit("users/new")
+      fill_in("user[name]", with: "New User")
+      fill_in("user[email]", with: "thisis'tanemail")
+      click_button("Continue")
+      expect(page).to have_selector("#error-summary-title")
+      expect(page).to have_selector("#user-email-field-error")
+      expect(page).to have_content(/Enter an email address in the correct format, like name@example.com/)
+    end
+  end
 end