add missing allowed attributes

2018-09-26 17:25:31 +02:00 · 2018-09-26 17:25:31 +02:00 · f38aa2bf30
commit f38aa2bf30
parent 921c96ab0c
2 changed files with 45 additions and 1 deletions
--- a/app/services/users/build_service.rb
+++ b/app/services/users/build_service.rb
@ -68,7 +68,9 @@ module Users
        :twitter,
        :username,
        :website_url,
-        :private_profile
+        :private_profile,
+        :organization,
+        :location
      ]
    end

--- a/spec/services/users/build_service_spec.rb
+++ b/spec/services/users/build_service_spec.rb
@ -14,6 +14,48 @@ describe Users::BuildService do
        expect(service.execute).to be_valid
      end

+      context 'allowed params' do
+        let(:params) do
+          {
+            access_level: 1,
+            admin: 1,
+            avatar: anything,
+            bio: 1,
+            can_create_group: 1,
+            color_scheme_id: 1,
+            email: 1,
+            external: 1,
+            force_random_password: 1,
+            hide_no_password: 1,
+            hide_no_ssh_key: 1,
+            linkedin: 1,
+            name: 1,
+            password: 1,
+            password_automatically_set: 1,
+            password_expires_at: 1,
+            projects_limit: 1,
+            remember_me: 1,
+            skip_confirmation: 1,
+            skype: 1,
+            theme_id: 1,
+            twitter: 1,
+            username: 1,
+            website_url: 1,
+            private_profile: 1,
+            organization: 1,
+            location: 1
+          }
+        end
+
+        it 'sets all allowed attributes' do
+          admin_user # call first so the admin gets created before setting `expect`
+
+          expect(User).to receive(:new).with(hash_including(params)).and_call_original
+
+          service.execute
+        end
+      end
+
      context 'with "user_default_external" application setting' do
        using RSpec::Parameterized::TableSyntax