Fix change email address

Not sure how this error creeped in 😕 probably a new gem version or other conflicting code The problem was we were getting an `unpermitted param email` when updating a user’s email address This stackoverflow solution seems to work nicely 😌 https://stackoverflow.com/questions/17384289/unpermitted-parameters-addi ng-new-fields-to-devise-in-rails-4-0#answer-19036427
2018-03-02 17:00:56 +01:00
parent 0e61d49800
commit 5a041e89c4
2 changed files with 39 additions and 0 deletions
--- a/app/controllers/users/registrations_controller.rb
+++ b/app/controllers/users/registrations_controller.rb
@@ -1,5 +1,6 @@
 class Users::RegistrationsController < Devise::RegistrationsController
  prepend_before_action :authenticate_scope!, only: [:edit, :update, :destroy, :finish_signup, :do_finish_signup]
+  before_filter :configure_permitted_parameters

  invisible_captcha only: [:create], honeypot: :family_name, scope: :user

@@ -64,6 +65,10 @@ class Users::RegistrationsController < Devise::RegistrationsController
                                   :redeemable_code)
    end

+    def configure_permitted_parameters
+      devise_parameter_sanitizer.for(:account_update).push(:email)
+    end
+
    def erase_params
      params.require(:user).permit(:erase_reason)
    end
--- a/spec/features/account_spec.rb
+++ b/spec/features/account_spec.rb
@@ -50,6 +50,40 @@ feature 'Account' do
    expect(find("#account_email_on_direct_message")).not_to be_checked
  end

+  scenario 'Edit email address' do
+    visit account_path
+
+    click_link "Change my credentials"
+    fill_in "user_email", with: "new_user_email@example.com"
+    fill_in "user_password", with: "new_password"
+    fill_in "user_password_confirmation", with: "new_password"
+    fill_in "user_current_password", with: "judgmentday"
+
+    click_button "Update"
+
+    notice = 'Your account has been updated successfully;'\
+             ' however, we need to verify your new email address.'\
+             ' Please check your email and click on the link to'\
+             ' complete the confirmation of your new email address.'
+    expect(page).to have_content notice
+
+    email = open_last_email
+    visit_in_email("Confirm my account")
+
+    logout
+    visit root_path
+    click_link "Sign in"
+    fill_in "user_login", with: "new_user_email@example.com"
+    fill_in "user_password", with: "new_password"
+    click_button "Enter"
+
+    expect(page).to have_content "You have been signed in successfully."
+
+    visit account_path
+    click_link "Change my credentials"
+    expect(page).to have_selector("input[value='new_user_email@example.com']")
+  end
+
  scenario 'Edit Organization' do
    create(:organization, user: @user, name: "Manuela Corp")
    visit account_path