diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index fbb091a6d..76e4a1143 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -73,12 +73,6 @@ class UsersController < ApplicationController # if it's a signup, add user to customer role if !current_user - if !params[:signup] - render json: { error_human: 'Only signup is possible!' }, status: :unprocessable_entity - return - end - user.updated_by_id = 1 - user.created_by_id = 1 # check if feature is enabled if !Setting.get('user_create_account') @@ -86,6 +80,13 @@ class UsersController < ApplicationController return end + if !params[:signup] + render json: { error_human: 'Only signup is possible!' }, status: :unprocessable_entity + return + end + user.updated_by_id = 1 + user.created_by_id = 1 + # add first user as admin/agent and to all groups group_ids = [] role_ids = [] diff --git a/test/controllers/user_organization_controller_test.rb b/test/controllers/user_organization_controller_test.rb index 86ec39fab..f32444f59 100644 --- a/test/controllers/user_organization_controller_test.rb +++ b/test/controllers/user_organization_controller_test.rb @@ -77,15 +77,25 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest # create user with disabled feature Setting.set('user_create_account', false) - post '/api/v1/users', {}, @headers + params = { email: 'some_new_customer@example.com' } + post '/api/v1/users', params.to_json, @headers assert_response(422) result = JSON.parse(@response.body) assert(result['error_human']) assert_equal('Feature not enabled!', result['error_human']) - # already existing user with enabled feature Setting.set('user_create_account', true) - params = { email: 'rest-customer1@example.com' } + + # no signup param with enabled feature + params = { email: 'some_new_customer@example.com' } + post '/api/v1/users', params.to_json, @headers + assert_response(422) + result = JSON.parse(@response.body) + assert(result['error_human']) + assert_equal('Only signup is possible!', result['error_human']) + + # already existing user with enabled feature + params = { email: 'rest-customer1@example.com', signup: true } post '/api/v1/users', params.to_json, @headers assert_response(422) result = JSON.parse(@response.body) @@ -93,7 +103,7 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest assert_equal('User already exists!', result['error_human']) # create user with enabled feature - params = { firstname: 'Me First', lastname: 'Me Last', email: 'new_here@example.com' } + params = { firstname: 'Me First', lastname: 'Me Last', email: 'new_here@example.com', signup: true } post '/api/v1/users', params.to_json, @headers assert_response(201) result = JSON.parse(@response.body) @@ -106,7 +116,7 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest # create user with admin role role = Role.lookup(name: 'Admin') - params = { firstname: 'Admin First', lastname: 'Admin Last', email: 'new_admin@example.com', role_ids: [ role.id ] } + params = { firstname: 'Admin First', lastname: 'Admin Last', email: 'new_admin@example.com', role_ids: [ role.id ], signup: true } post '/api/v1/users', params.to_json, @headers assert_response(201) result = JSON.parse(@response.body) @@ -118,7 +128,7 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest # create user with agent role role = Role.lookup(name: 'Agent') - params = { firstname: 'Agent First', lastname: 'Agent Last', email: 'new_agent@example.com', role_ids: [ role.id ] } + params = { firstname: 'Agent First', lastname: 'Agent Last', email: 'new_agent@example.com', role_ids: [ role.id ], signup: true } post '/api/v1/users', params.to_json, @headers assert_response(201) result = JSON.parse(@response.body)