Extract updating the user role from params
This commit is contained in:
@ -32,6 +32,7 @@ class InternalUsersController < ApplicationController
|
||||
|
||||
def create
|
||||
@user = InternalUser.new(internal_user_params)
|
||||
@user.role = role_param if current_user.admin?
|
||||
authorize!
|
||||
@user.send(:setup_activation)
|
||||
create_and_respond(object: @user) do
|
||||
@ -72,10 +73,15 @@ class InternalUsersController < ApplicationController
|
||||
end
|
||||
|
||||
def internal_user_params
|
||||
params[:internal_user].permit(:consumer_id, :email, :name, :role) if params[:internal_user].present?
|
||||
params.require(:internal_user).permit(:consumer_id, :email, :name)
|
||||
end
|
||||
private :internal_user_params
|
||||
|
||||
def role_param
|
||||
params.require(:internal_user).permit(:role)[:role]
|
||||
end
|
||||
private :role_param
|
||||
|
||||
def new
|
||||
@user = InternalUser.new
|
||||
authorize!
|
||||
@ -133,6 +139,7 @@ class InternalUsersController < ApplicationController
|
||||
# the form by another user. Otherwise, the update might fail if an
|
||||
# activation_token or password_reset_token is present
|
||||
@user.validate_password = current_user == @user
|
||||
@user.role = role_param if current_user.admin?
|
||||
|
||||
update_and_respond(object: @user, params: internal_user_params)
|
||||
end
|
||||
|
@ -135,7 +135,7 @@ describe InternalUsersController do
|
||||
end
|
||||
|
||||
context 'with an invalid internal user' do
|
||||
before { post :create, params: {internal_user: {}} }
|
||||
before { post :create, params: {internal_user: {invalid_attribute: 'a string'}} }
|
||||
|
||||
expect_assigns(user: InternalUser)
|
||||
expect_http_status(:ok)
|
||||
|
Reference in New Issue
Block a user