diff options
author | Douwe Maan <douwe@gitlab.com> | 2018-04-04 08:33:35 +0000 |
---|---|---|
committer | Douwe Maan <douwe@gitlab.com> | 2018-04-04 08:33:35 +0000 |
commit | 57b0636c57468b403fb1a78b87c9a642266c3c56 (patch) | |
tree | c04fc5d589ac2c335ac8a8e1b4813507a3e095c2 | |
parent | 611abb3e9a54ae5b3580822b7c7344655aa38d06 (diff) | |
parent | 3faa7653d0efc76c42d5b5cb6dcb93b3a69718a9 (diff) | |
download | gitlab-ce-57b0636c57468b403fb1a78b87c9a642266c3c56.tar.gz |
Merge branch 'bvl-handle-missing-attribute-when-updating-username' into 'master'
Handle invalid params when trying update_username
Closes #44925
See merge request gitlab-org/gitlab-ce!18167
-rw-r--r-- | app/controllers/profiles_controller.rb | 6 | ||||
-rw-r--r-- | spec/controllers/profiles_controller_spec.rb | 7 |
2 files changed, 12 insertions, 1 deletions
diff --git a/app/controllers/profiles_controller.rb b/app/controllers/profiles_controller.rb index dbf61a17724..3d27ae18b17 100644 --- a/app/controllers/profiles_controller.rb +++ b/app/controllers/profiles_controller.rb @@ -51,7 +51,7 @@ class ProfilesController < Profiles::ApplicationController end def update_username - result = Users::UpdateService.new(current_user, user: @user, username: user_params[:username]).execute + result = Users::UpdateService.new(current_user, user: @user, username: username_param).execute options = if result[:status] == :success { notice: "Username successfully changed" } @@ -72,6 +72,10 @@ class ProfilesController < Profiles::ApplicationController return render_404 unless @user.can_change_username? end + def username_param + @username_param ||= user_params.require(:username) + end + def user_params @user_params ||= params.require(:user).permit( :avatar, diff --git a/spec/controllers/profiles_controller_spec.rb b/spec/controllers/profiles_controller_spec.rb index 03cbbb21e62..891485406c6 100644 --- a/spec/controllers/profiles_controller_spec.rb +++ b/spec/controllers/profiles_controller_spec.rb @@ -84,6 +84,13 @@ describe ProfilesController, :request_store do expect(user.username).to eq(new_username) end + it 'raises a correct error when the username is missing' do + sign_in(user) + + expect { put :update_username, user: { gandalf: 'you shall not pass' } } + .to raise_error(ActionController::ParameterMissing) + end + context 'with legacy storage' do it 'moves dependent projects to new namespace' do project = create(:project_empty_repo, :legacy_storage, namespace: namespace) |