From ecd9740ccea03fd8dc4cbfa91d6dfd3bc08c9624 Mon Sep 17 00:00:00 2001 From: baarkerlounger Date: Tue, 5 Apr 2022 15:19:43 +0100 Subject: [PATCH] Actually work --- app/views/users/show.html.erb | 2 +- config/routes.rb | 9 +++++---- spec/requests/users_controller_spec.rb | 15 ++++++++------- 3 files changed, 14 insertions(+), 12 deletions(-) diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb index bcb96b581..d5c3657d4 100644 --- a/app/views/users/show.html.erb +++ b/app/views/users/show.html.erb @@ -35,7 +35,7 @@ row.key { 'Password' } row.value { '••••••••' } if current_user == @user - row.action(visually_hidden_text: 'password', href: password_edit_account_path, html_attributes: { 'data-qa': 'change-password' }) + row.action(visually_hidden_text: 'password', href: edit_password_account_path, html_attributes: { 'data-qa': 'change-password' }) else row.action() end diff --git a/config/routes.rb b/config/routes.rb index 55385299f..591f9cad5 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -22,10 +22,6 @@ Rails.application.routes.draw do get "admin/two-factor-authentication/resend", to: "auth/two_factor_authentication#show_resend" end - resource :account, only: %i[show edit], controller: "users" do - get "password/edit", to: "users#edit_password" - end - devise_for :users, { path: :account, controllers: { @@ -40,6 +36,7 @@ Rails.application.routes.draw do devise_scope :user do get "account/password/reset-confirmation", to: "auth/passwords#reset_confirmation" + put "account", to: "users#update" end get "/health", to: ->(_) { [204, {}, [nil]] } @@ -52,6 +49,10 @@ Rails.application.routes.draw do get "/privacy-notice", to: "content#privacy_notice" get "/data-sharing-agreement", to: "content#data_sharing_agreement" + resource :account, only: %i[show edit], controller: "users" do + get "edit/password", to: "users#edit_password" + end + resources :users resources :organisations do diff --git a/spec/requests/users_controller_spec.rb b/spec/requests/users_controller_spec.rb index 68ddc139d..26ada9557 100644 --- a/spec/requests/users_controller_spec.rb +++ b/spec/requests/users_controller_spec.rb @@ -34,7 +34,7 @@ RSpec.describe UsersController, type: :request do describe "#password" do it "does not let you edit user passwords" do - get "/users/#{user.id}/password/edit", headers: headers, params: {} + get "/account/edit/password", headers: headers, params: {} expect(response).to redirect_to("/account/sign-in") end end @@ -63,7 +63,7 @@ RSpec.describe UsersController, type: :request do before do sign_in user - put "/users/#{user.id}", headers: headers, params: params + put "/account", headers: headers, params: params end it "shows an error if passwords don't match" do @@ -204,7 +204,7 @@ RSpec.describe UsersController, type: :request do context "when the current user matches the user ID" do before do sign_in user - get "/users/#{user.id}/password/edit", headers: headers, params: {} + get "/account/edit/password", headers: headers, params: {} end it "shows the edit password page" do @@ -453,7 +453,7 @@ RSpec.describe UsersController, type: :request do context "when the current user matches the user ID" do before do sign_in user - get "/users/#{user.id}/password/edit", headers: headers, params: {} + get "/account/edit/password", headers: headers, params: {} end it "shows the edit password page" do @@ -468,11 +468,12 @@ RSpec.describe UsersController, type: :request do context "when the current user does not matches the user ID" do before do sign_in user - get "/users/#{other_user.id}/password/edit", headers: headers, params: {} end - it "returns not found 404" do - expect(response).to have_http_status(:not_found) + it "there is no route" do + expect { + get "/users/#{other_user.id}/password/edit", headers: headers, params: {} + }.to raise_error(ActionController::RoutingError) end end end