Extract updating the user role from params
This commit is contained in:
@ -32,6 +32,7 @@ class InternalUsersController < ApplicationController
|
|||||||
|
|
||||||
def create
|
def create
|
||||||
@user = InternalUser.new(internal_user_params)
|
@user = InternalUser.new(internal_user_params)
|
||||||
|
@user.role = role_param if current_user.admin?
|
||||||
authorize!
|
authorize!
|
||||||
@user.send(:setup_activation)
|
@user.send(:setup_activation)
|
||||||
create_and_respond(object: @user) do
|
create_and_respond(object: @user) do
|
||||||
@ -72,10 +73,15 @@ class InternalUsersController < ApplicationController
|
|||||||
end
|
end
|
||||||
|
|
||||||
def internal_user_params
|
def internal_user_params
|
||||||
params[:internal_user].permit(:consumer_id, :email, :name, :role) if params[:internal_user].present?
|
params.require(:internal_user).permit(:consumer_id, :email, :name)
|
||||||
end
|
end
|
||||||
private :internal_user_params
|
private :internal_user_params
|
||||||
|
|
||||||
|
def role_param
|
||||||
|
params.require(:internal_user).permit(:role)[:role]
|
||||||
|
end
|
||||||
|
private :role_param
|
||||||
|
|
||||||
def new
|
def new
|
||||||
@user = InternalUser.new
|
@user = InternalUser.new
|
||||||
authorize!
|
authorize!
|
||||||
@ -133,6 +139,7 @@ class InternalUsersController < ApplicationController
|
|||||||
# the form by another user. Otherwise, the update might fail if an
|
# the form by another user. Otherwise, the update might fail if an
|
||||||
# activation_token or password_reset_token is present
|
# activation_token or password_reset_token is present
|
||||||
@user.validate_password = current_user == @user
|
@user.validate_password = current_user == @user
|
||||||
|
@user.role = role_param if current_user.admin?
|
||||||
|
|
||||||
update_and_respond(object: @user, params: internal_user_params)
|
update_and_respond(object: @user, params: internal_user_params)
|
||||||
end
|
end
|
||||||
|
@ -135,7 +135,7 @@ describe InternalUsersController do
|
|||||||
end
|
end
|
||||||
|
|
||||||
context 'with an invalid internal user' do
|
context 'with an invalid internal user' do
|
||||||
before { post :create, params: {internal_user: {}} }
|
before { post :create, params: {internal_user: {invalid_attribute: 'a string'}} }
|
||||||
|
|
||||||
expect_assigns(user: InternalUser)
|
expect_assigns(user: InternalUser)
|
||||||
expect_http_status(:ok)
|
expect_http_status(:ok)
|
||||||
|
Reference in New Issue
Block a user