Fix the bug that password is changed unexpectedly when confirm is wrong

model spec is broken, so i fix it.
2026-05-05 19:06:12 +02:00 · 2015-04-08 15:50:17 +09:00 · 2015-04-08 15:50:17 +09:00 · 2e2f4f66e8
commit 2e2f4f66e8
parent b94d362125
2 changed files with 42 additions and 1 deletions
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -57,7 +57,9 @@ class User
  end

  def valid_password_confirmation
-    password == password_confirmation
+    unless password == password_confirmation
+      errors.add(:current_password, :wrong_password)
+    end
  end

  def stretching_cost
--- a/spec/features/users_spec.rb
+++ b/spec/features/users_spec.rb
@ -7,5 +7,44 @@ describe "users" do
  end

  describe "edit" do
+    let!(:user) { build(:user) }
+
+    before do
+      login_with user
+    end
+
+    after do
+      # reset password to the default
+      FileUtils.rm_rf(User::ENCRYPTED_PASSWORD_FILE)
+    end
+
+    describe 'to change password' do
+      let(:password) { 'new_password' }
+
+      before do
+        visit user_path
+        fill_in 'user[current_password]', with: user.password
+
+        fill_in 'user[password]', with: password
+        fill_in 'user[password_confirmation]', with: password_confirmation
+        find('input[type="submit"]').click
+      end
+
+      context 'when valid new password/confirmation is input' do
+        let(:password_confirmation) { password }
+
+        it 'should update users password with new password' do
+          expect(page).to have_css('.alert-success')
+        end
+      end
+
+      context 'when invalid new password/confirmation is input' do
+        let(:password_confirmation) { 'invalid_password' }
+
+        it 'should not update users password with new password' do
+          expect(page).to have_css('.alert-danger')
+        end
+      end
+    end
  end
 end