diff --git a/app/controllers/case_logs_controller.rb b/app/controllers/case_logs_controller.rb index 26d84dd28..6bc6c0fb4 100644 --- a/app/controllers/case_logs_controller.rb +++ b/app/controllers/case_logs_controller.rb @@ -1,7 +1,6 @@ class CaseLogsController < ApplicationController skip_before_action :verify_authenticity_token, if: :json_api_request? before_action :authenticate, if: :json_api_request? - # TODO: determine if it's worth splitting out an API controller before_action :authenticate_user!, unless: :json_api_request? def index diff --git a/app/controllers/users/passwords_controller.rb b/app/controllers/users/passwords_controller.rb index a77e5e1f3..da3b39158 100644 --- a/app/controllers/users/passwords_controller.rb +++ b/app/controllers/users/passwords_controller.rb @@ -1,6 +1,7 @@ class Users::PasswordsController < Devise::PasswordsController def reset_confirmation @email = params["email"] + flash[:notice] = "Reset password instructions have been sent to #{@email}" render "devise/confirmations/reset" end @@ -14,6 +15,6 @@ class Users::PasswordsController < Devise::PasswordsController protected def after_sending_reset_password_instructions_path_for(_resource) - confirmations_reset_path(email: params.dig("user", "email")) if is_navigational_format? + confirmations_reset_path(email: params.dig("user", "email")) end end diff --git a/config/environments/test.rb b/config/environments/test.rb index 22de4a7bf..a9b68bb26 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -43,6 +43,7 @@ Rails.application.configure do # The :test delivery method accumulates sent emails in the # ActionMailer::Base.deliveries array. config.action_mailer.delivery_method = :test + config.action_mailer.default_options = { from: "test@gmail.com" } # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr diff --git a/lib/tasks/form_definition.rake b/lib/tasks/form_definition.rake index cbbf924bc..9e357f931 100644 --- a/lib/tasks/form_definition.rake +++ b/lib/tasks/form_definition.rake @@ -1,6 +1,6 @@ require "json" require "json-schema" -# rubocop:disable Lint/ShadowingOuterLocalVariable + def get_all_form_paths(directories) form_paths = [] directories.each do |directory| diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb index 6364434e8..e948ebd4c 100644 --- a/spec/rails_helper.rb +++ b/spec/rails_helper.rb @@ -114,9 +114,6 @@ RSpec.configure do |config| # spec Capybara.server = :puma, { Silent: true } - # For Devise > 4.1.1 config.include Devise::Test::ControllerHelpers, type: :controller config.include Devise::Test::IntegrationHelpers, type: :request - # Use the following instead if you are on Devise <= 4.1.1 - # config.include Devise::TestHelpers, :type => :controller end diff --git a/spec/requests/users/passwords_controller_spec.rb b/spec/requests/users/passwords_controller_spec.rb new file mode 100644 index 000000000..7a30622dd --- /dev/null +++ b/spec/requests/users/passwords_controller_spec.rb @@ -0,0 +1,39 @@ +require "rails_helper" +require_relative "../../support/devise" + +RSpec.describe Users::PasswordsController, type: :request do + let(:params) { { user: { email: email } } } + + context "when a password reset is requested for a valid email" do + let(:user) { FactoryBot.create(:user) } + let(:email) { user.email } + + it "redirects to the email sent page anyway" do + post "/users/password", params: params + expect(response).to have_http_status(:redirect) + follow_redirect! + expect(response.body).to match(/Check your email/) + end + end + + context "when a password reset is requested with an email that doesn't exist in the system" do + before do + allow_any_instance_of(Users::PasswordsController).to receive(:is_navigational_format?).and_return(false) + end + + let(:email) { "madeup_email@test.com" } + + it "redirects to the email sent page anyway" do + post "/users/password", params: params + expect(response).to have_http_status(:redirect) + follow_redirect! + expect(response.body).to match(/Check your email/) + end + + it "shows a flash banner" do + post "/users/password", params: params + follow_redirect! + expect(flash[:notice]).to be_present + end + end +end diff --git a/spec/support/devise.rb b/spec/support/devise.rb index 448d13799..b26991f0b 100644 --- a/spec/support/devise.rb +++ b/spec/support/devise.rb @@ -1,9 +1,6 @@ require_relative "./controller_macros" RSpec.configure do |config| - # For Devise > 4.1.1 config.include Devise::Test::ControllerHelpers, type: :controller - # Use the following instead if you are on Devise <= 4.1.1 - # config.include Devise::TestHelpers, :type => :controller config.extend ControllerMacros, type: :controller end