Commit 3ffc9384 authored by Alex Buijs's avatar Alex Buijs

Require signed in user when updating registration

To prevent errors from happening
parent 28207308
......@@ -58,6 +58,8 @@ class RegistrationsController < Devise::RegistrationsController
end
def update_registration
return redirect_to new_user_registration_path unless current_user
user_params = params.require(:user).permit(:role, :setup_for_company)
result = ::Users::SignupService.new(current_user, user_params).execute
......
---
title: Redirect when no user is signed in when updating registration
merge_request: 45276
author:
type: fixed
......@@ -59,12 +59,17 @@ RSpec.describe RegistrationsController do
end
describe '#update_registration' do
subject(:update_registration) { patch :update_registration, params: { user: { role: 'software_developer', setup_for_company: 'false' } } }
context 'without a signed in user' do
it { is_expected.to redirect_to new_user_registration_path }
end
context 'with a signed in user' do
before do
sign_in(user)
end
subject(:update_registration) { patch :update_registration, params: { user: { role: 'software_developer', setup_for_company: 'false' } } }
describe 'redirection' do
it { is_expected.to redirect_to dashboard_projects_path }
......@@ -100,6 +105,7 @@ RSpec.describe RegistrationsController do
end
end
end
end
describe 'recording the user and tracking events for the onboarding issues experiment' do
using RSpec::Parameterized::TableSyntax
......@@ -113,6 +119,7 @@ RSpec.describe RegistrationsController do
let(:in_trial_flow) { false }
before do
sign_in(user)
allow(::Gitlab).to receive(:com?).and_return(on_gitlab_com)
stub_experiment(onboarding_issues: experiment_enabled)
stub_experiment_for_user(onboarding_issues: experiment_enabled_for_user)
......
......@@ -477,10 +477,16 @@ RSpec.describe RegistrationsController do
patch :update_registration, params: { user: { role: 'software_developer', setup_for_company: 'false' } }
end
context 'without a signed in user' do
it { is_expected.to redirect_to new_user_registration_path }
end
context 'with a signed in user' do
before do
sign_in(create(:user))
end
it { is_expected.to redirect_to(dashboard_projects_path)}
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment