Remove Clearance from UsersController.

- it is not used, since it is overridden
rubygems · Nov 12, 2023 · edde9f6 · edde9f6
1 parent 6ee3a7c
commit edde9f6
Show file tree

Hide file tree

Showing 5 changed files with 25 additions and 21 deletions.
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -1,6 +1,5 @@
 class ApplicationController < ActionController::Base
   include Clearance::Authentication
-  include Clearance::Authorization
   include ApplicationMultifactorMethods
   include TraceTagger
 

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
@@ -82,7 +82,7 @@ def do_login
       if status.success?
         StatsD.increment "login.success"
         set_login_flash
-        redirect_back_or(url_after_create)
+        redirect_to(url_after_create)
       else
         login_failure(status.failure_message)
       end

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
@@ -1,14 +1,16 @@
-class UsersController < Clearance::UsersController
+class UsersController < ApplicationController
+  before_action :redirect_signed_in_users
+
   def new
-    @user = user_from_params
+    @user = User.new
   end
 
   def create
-    @user = user_from_params
+    @user = User.new(user_params)
     if @user.save
       Mailer.email_confirmation(@user).deliver_later
       flash[:notice] = t(".email_sent")
-      redirect_back_or url_after_create
+      redirect_back_or_to root_path
     else
       render template: "users/new"
     end
@@ -17,6 +19,21 @@ def create
   private
 
   def user_params
-    params.permit(user: Array(User::PERMITTED_ATTRS)).fetch(:user, {})
+    params.require(:user).permit(
+      :bio,
+      :email,
+      :handle,
+      :public_email,
+      :location,
+      :password,
+      :website,
+      :twitter_username,
+      :full_name
+    )
+  end
+
+  def redirect_signed_in_users
+    return unless signed_in?
+    redirect_to root_path
   end
 end
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -4,18 +4,6 @@ class User < ApplicationRecord
   include Gravtastic
   is_gravtastic default: "retro"
 
-  PERMITTED_ATTRS = %i[
-    bio
-    email
-    handle
-    public_email
-    location
-    password
-    website
-    twitter_username
-    full_name
-  ].freeze
-
   before_save :_generate_confirmation_token_no_reset_unconfirmed_email, if: :will_save_change_to_unconfirmed_email?
   before_create :_generate_confirmation_token_no_reset_unconfirmed_email
   before_destroy :yank_gems

diff --git a/test/functional/users_controller_test.rb b/test/functional/users_controller_test.rb
@@ -26,9 +26,9 @@ class UsersControllerTest < ActionController::TestCase
     end
 
     context "when missing a parameter" do
-      should "raises parameter missing" do
+      should "reports validation error" do
         assert_no_changes -> { User.count } do
-          post :create
+          post :create, params: { user: { password: PasswordHelpers::SECURE_TEST_PASSWORD } }
         end
         assert_response :ok
         assert page.has_content?("Email address is not a valid email")