Commit 3faa7653 authored by Bob Van Landuyt's avatar Bob Van Landuyt

Handle invalid params when trying update_username

Using strong params to require the presence of a username when calling
`update_username`. Otherwise we'd raise a `NoMethodError` validating
the paths on disk.
parent be1523c1
...@@ -51,7 +51,7 @@ class ProfilesController < Profiles::ApplicationController ...@@ -51,7 +51,7 @@ class ProfilesController < Profiles::ApplicationController
end end
def update_username def update_username
result = Users::UpdateService.new(current_user, user: @user, username: user_params[:username]).execute result = Users::UpdateService.new(current_user, user: @user, username: username_param).execute
options = if result[:status] == :success options = if result[:status] == :success
{ notice: "Username successfully changed" } { notice: "Username successfully changed" }
...@@ -72,6 +72,10 @@ class ProfilesController < Profiles::ApplicationController ...@@ -72,6 +72,10 @@ class ProfilesController < Profiles::ApplicationController
return render_404 unless @user.can_change_username? return render_404 unless @user.can_change_username?
end end
def username_param
@username_param ||= user_params.require(:username)
end
def user_params def user_params
@user_params ||= params.require(:user).permit( @user_params ||= params.require(:user).permit(
:avatar, :avatar,
......
...@@ -84,6 +84,13 @@ describe ProfilesController, :request_store do ...@@ -84,6 +84,13 @@ describe ProfilesController, :request_store do
expect(user.username).to eq(new_username) expect(user.username).to eq(new_username)
end end
it 'raises a correct error when the username is missing' do
sign_in(user)
expect { put :update_username, user: { gandalf: 'you shall not pass' } }
.to raise_error(ActionController::ParameterMissing)
end
context 'with legacy storage' do context 'with legacy storage' do
it 'moves dependent projects to new namespace' do it 'moves dependent projects to new namespace' do
project = create(:project_empty_repo, :legacy_storage, namespace: namespace) project = create(:project_empty_repo, :legacy_storage, namespace: namespace)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment