WIP password change: routes and view. Not working yet.

app/controllers/partners/passwords_controller.rb

@@ -2,33 +2,33 @@
 
 class Partners::PasswordsController < Devise::PasswordsController
   # GET /resource/password/new
-  # def new
-  #   super
-  # end
+  def new
+    super
+  end
 
   # POST /resource/password
-  # def create
-  #   super
-  # end
+  def create
+    super
+  end
 
   # GET /resource/password/edit?reset_password_token=abcdef
-  # def edit
-  #   super
-  # end
+  def edit
+    super
+  end
 
   # PUT /resource/password
-  # def update
-  #   super
-  # end
+  def update
+    super
+  end
 
   # protected
 
-  # def after_resetting_password_path_for(resource)
-  #   super(resource)
-  # end
+  def after_resetting_password_path_for(resource)
+    super(resource)
+  end
 
   # The path used after sending reset password instructions
-  # def after_sending_reset_password_instructions_path_for(resource_name)
-  #   super(resource_name)
-  # end
+  def after_sending_reset_password_instructions_path_for(resource_name)
+    super(resource_name)
+  end
 end

app/controllers/partners/registrations_controller.rb

@@ -1,62 +1,64 @@
 # frozen_string_literal: true
 
 class Partners::RegistrationsController < Devise::RegistrationsController
-  # before_action :configure_sign_up_params, only: [:create]
-  # before_action :configure_account_update_params, only: [:update]
+  before_action :configure_sign_up_params, only: [:create]
+  before_action :configure_account_update_params, only: [:update]
+  layout "new_registration", only: [:new, :create]
+  layout "edit_registration", only: [:edit, :update]
 
   # GET /resource/sign_up
-  # def new
-  #   super
-  # end
+  def new
+    super
+  end
 
   # POST /resource
-  # def create
-  #   super
-  # end
+  def create
+    super
+  end
 
   # GET /resource/edit
-  # def edit
-  #   super
-  # end
+  def edit
+    super
+  end
 
   # PUT /resource
-  # def update
-  #   super
-  # end
+  def update
+    super
+  end
 
   # DELETE /resource
-  # def destroy
-  #   super
-  # end
+  def destroy
+    super
+  end
 
   # GET /resource/cancel
   # Forces the session data which is usually expired after sign
   # in to be expired now. This is useful if the user wants to
   # cancel oauth signing in/up in the middle of the process,
   # removing all OAuth session data.
-  # def cancel
-  #   super
-  # end
+  def cancel
+    super
+  end
 
   # protected
 
   # If you have extra params to permit, append them to the sanitizer.
-  # def configure_sign_up_params
-  #   devise_parameter_sanitizer.permit(:sign_up, keys: [:attribute])
-  # end
+  def configure_sign_up_params
+    devise_parameter_sanitizer.permit(:sign_up, keys: [:attribute])
+  end
 
   # If you have extra params to permit, append them to the sanitizer.
-  # def configure_account_update_params
-  #   devise_parameter_sanitizer.permit(:account_update, keys: [:attribute])
-  # end
+  def configure_account_update_params
+    devise_parameter_sanitizer.permit(:account_update, keys: [:attribute])
+  end
 
   # The path used after sign up.
-  # def after_sign_up_path_for(resource)
-  #   super(resource)
-  # end
+  def after_sign_up_path_for(resource)
+    super(resource)
+  end
 
   # The path used after sign up for inactive accounts.
-  # def after_inactive_sign_up_path_for(resource)
-  #   super(resource)
-  # end
+  def after_inactive_sign_up_path_for(resource)
+    super(resource)
+  end
 end

app/models/partner.rb

@@ -2,7 +2,7 @@ class Partner < ApplicationRecord
   # Include default devise modules. Others available are:
   # :confirmable, :lockable, :timeoutable and :omniauthable
   devise :invitable, :database_authenticatable,
-         :recoverable, :rememberable, :trackable, :validatable
+         :recoverable, :rememberable, :trackable, :validatable, :registerable
 
   include DiaperBankClient
 

app/views/devise/passwords/edit.html.erb

@@ -9,7 +9,7 @@
     <% if @minimum_password_length %>
       <em>(<%= @minimum_password_length %> characters minimum)</em><br />
     <% end %>
-    <%= f.password_field :password, autofocus: true, autocomplete: "off" %>
+    <%= f.password_field :password, autofocus: true, autocomplete: "new-password" %>
   </div>
 
   <div class="field">

app/views/devise/passwords/new.html.erb

@@ -1,18 +1,16 @@
-<div class="row justify-content-center mt-5">
-  <div class="card thick-grey-border mx-auto px-5">
-    <h2 class="mt-4">Forgot your password?</h2>
-    <%= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :post }) do |f| %>
-      <div class="form-group mt-3">
-        <%= f.label :email %><br />
-        <%= f.email_field :email, autofocus: true, autocomplete: "email", class: 'form-control' %>
-      </div>
+<h2>Forgot your password?</h2>
 
-      <div class="form-group form-check">
-        <%= f.submit "Send me reset password instructions", class: 'btn btn-primary btn-block' %>
-      </div>
-    <% end %>
+<%= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :post }) do |f| %>
+  <%= devise_error_messages! %>
 
-    <%= render "devise/shared/links" %>
+  <div class="field">
+    <%= f.label :email %><br />
+    <%= f.email_field :email, autofocus: true, autocomplete: "email" %>
+  </div>
 
+  <div class="actions">
+    <%= f.submit "Send me reset password instructions" %>
   </div>
-</div>
+<% end %>
+
+<%= render "devise/shared/links" %>

app/views/devise/registrations/edit.html.erb

@@ -1,6 +1,6 @@
 <h2>Edit <%= resource_name.to_s.humanize %></h2>
 
-<%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f| %>
+<%= form_for(resource, :as => resource_name, :url => partner_registration_path, :method => :put) do |f| %>
   <%= devise_error_messages! %>
 
   <div class="field">
@@ -32,12 +32,16 @@
   </div>
 
   <div class="actions">
-    <%= f.submit "Update" %>
+  <%= link_to "Change your password", edit_partner_registration_path=%>
   </div>
-<% end %>
 
+  <div class="actions">
+    <%= f.submit "Update" %>
+  </div>
+  <% end %>
+
 <h3>Cancel my account</h3>
 
-<p>Unhappy? <%= button_to "Cancel my account", registration_path(resource_name), data: { confirm: "Are you sure?" }, method: :delete %></p>
+<p>Unhappy? <%= button_to "Cancel my account", partner_registration_path, data: { confirm: "Are you sure?" }, method: :delete %></p>
 
 <%= link_to "Back", :back %>

app/views/devise/registrations/new.html.erb

@@ -1,6 +1,6 @@
 <h2>Sign up</h2>
 
-<%= form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %>
+<%= form_for(resource, :as => resource_name, :url => partner_registration_path) do |f| %>
   <%= devise_error_messages! %>
 
   <div class="field">

app/views/devise/shared/_links.html.erb

@@ -1,5 +1,5 @@
 <%- if controller_name != 'sessions' %>
-  <%= link_to "Sign in", new_session_path(resource_name) %><br />
+  <%= link_to "Log in", new_session_path(resource_name) %><br />
 <% end -%>
 
 <%- if devise_mapping.registerable? && controller_name != 'registrations' %>

app/views/partners/_form.html.erb

@@ -613,6 +613,9 @@
             <div class="form-group col-md-6">
               <%= link_to "Cancel Update", partner_requests_path, class: "btn btn-danger float-right" %>
             </div>
+            <div class="form-group col-md-6">
+              <%= link_to "Change your password", edit_partner_registration_path %>
+             </div>
           </div>
         </div>
       </div>

config/routes.rb

@@ -1,7 +1,9 @@
 Rails.application.routes.draw do
-  devise_for :partners, controllers: { sessions: "partners/sessions" }
-  devise_scope :partner do
+  devise_for :partners, controllers: { sessions: "partners/sessions", registrations: "partners/registrations" }, skip: [:registrations]
+  devise_scope :partner do # ,  :skip => [:registrations] # do we need this?
     get "/partners/sign_out" => "devise/sessions#destroy"
+    get "partners/edit" => "devise/registrations#edit", :as => "edit_partner_registration"
+    put "partners" => "devise/registrations#update", :as => "partner_registration"
   end
 
   resources :partners do
@@ -20,3 +22,4 @@
   get "pages/:name", to: "static#page"
   root "static#index"
 end
+

spec/features/password_change_test.rb

@@ -0,0 +1,55 @@
+require "rails_helper"
+
+RSpec.feature "Changing Password To Existing Partner", type: :feature do
+  let(:parner_email) { "[email protected]" }
+  let(:old_password) { "Abc123$!#" }
+  let(:new_password) { "Xyz%@#321" }
+
+  before(:each) do
+    let(:partner) do
+      create(:partner,
+             email: partner_email,
+             password: old_password)
+    end
+    visit "/partners/sign_in"
+    within("form") do
+      fill_in "EMAIL", with: partner_email
+      fill_in "PASSWORD", with: old_password
+    end
+    click_button "Login"
+  end
+
+  context "Update Partner" do
+    scenario "should be successful" do
+      visit "/partners/1/edit"
+      click_link "Change your password"
+      within("form") do
+        fill_in "Email", with: partner_email
+        fill_in "Password", with: new_password
+        fill_in "Password confirmation", with: new_password
+        fill_in "Current password", with: old_password
+      end
+      click_button "Update"
+
+      expect(page).to have_content "Your account has been successfully updated"
+
+      visit "/partners/sign_in"
+      within("form") do
+        fill_in "EMAIL", with: partner_email
+        fill_in "PASSWORD", with: new_password
+      end
+      click_button "Login"
+
+      expect(page).to have_content "Signed in successful"
+
+      visit "/partners/sign_in"
+      within("form") do
+        fill_in "EMAIL", with: partner_email
+        fill_in "PASSWORD", with: old_password
+      end
+      click_button "Login"
+
+      expect(page).to have_content "SIGN IN"
+    end
+  end
+end