I am trying to write a sign up spec for Devise 2.2.2 using RSpec. I prepared the User model as usual.
# app/models/user.rb
class User < ActiveRecord::Base
attr_accessible :role_ids, :as => :admin
attr_accessible :name, :email, :password, :password_confirmation, :remember_me
rolify
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable,
:token_authenticatable
after_create :add_default_role
def add_default_role
add_role :user
end
end
In the spec I need to sign up the user using the password and password_confirmation as show below.
# spec/requests/users/sign_up_spec.rb
describe 'Sign up' do
before(:each) do
sign_out
end
it 'signs up a visitor with valid data' do
user = build(:user)
click_link I18n.t('layouts.navigation.sign_up')
fill_in I18n.t('devise.registrations.new.name'), with: user.name
fill_in I18n.t('devise.registrations.new.email'), with: user.email
find('.js-password').set user.password
find('.js-password-confirmation').set user.password_confirmation
click_button I18n.t('devise.registrations.new.submit')
expect(page).to have_content I18n.t('layouts.navigation.sign_out')
expect(page).not_to have_content I18n.t('layouts.navigation.sign_up')
expect(page).not_to have_content I18n.t('layouts.navigation.sign_in')
end
end
Here is the Devise view template that is used to render the page:
<!-- app/views/devise/registrations/new.html.erb -->
<h2><%= t('.title', :default => "Sign up") %></h2>
<%= form_for(resource, :as => resource_name, :url => registration_path(resource_name)) do |f| %>
<%= devise_error_messages! %>
<div><%= f.label :name, t('.name', :default => "Name" ) %><br />
<%= f.email_field :name %></div>
<div><%= f.label :email, t('.email', :default => "Email" ) %><br />
<%= f.email_field :email %></div>
<div><%= f.label :user_password, t('.user_password', :default => "Password" ) %><br />
<%= f.password_field :user_password, class: 'js-password' %></div>
<div><%= f.label :user_password_confirmation, t('.user_password_confirmation', :default => "Password confirmation" ) %><br />
<%= f.password_field :user_password_confirmation, class: 'js-password-confirmation' %></div>
<div><%= f.submit t('.submit', :default => "Submit") %></div>
<% end %>
Although I added both attributes to attr_accessible this error message is thrown at me:
Sign up signs up a visitor with valid data
Failure/Error: click_button I18n.t('devise.registrations.new.submit')
ActiveModel::MassAssignmentSecurity::Error:
Can't mass-assign protected attributes: user_password, user_password_confirmation
# ./spec/requests/users/sign_up_spec.rb:20:in `block (2 levels) in <top (required)>'
The name of the inputs in your form are wrong, should be something like user[password] & user[password_confirmation], yet the error is saying that you have user_password & user_password_confirmation
The relevant changes in the view template can be seen here:
<div><%= f.label :password, t('.password', :default => "Password" ) %><br />
<%= f.password_field :password, class: 'js-password' %></div>
<div><%= f.label :password_confirmation, t('.password_confirmation', :default => "Password confirmation" ) %><br />
<%= f.password_field :password_confirmation, class: 'js-password-confirmation' %></div>