diff --git a/app/controllers/admin/auth_controller.rb b/app/controllers/admin/auth_controller.rb index 70a02a3..cb097fc 100644 --- a/app/controllers/admin/auth_controller.rb +++ b/app/controllers/admin/auth_controller.rb @@ -47,7 +47,7 @@ module Admin if user.update(reset_params) redirect_to admin_login_path, success: "Password has been reset. Please log in." else - redirect_to(admin_reset_request_path) + redirect_to admin_reset_request_path, flash: { error: "Password was not updated." } end end diff --git a/test/controllers/admin/auth_controller_test.rb b/test/controllers/admin/auth_controller_test.rb index d338bd5..f83e7ff 100644 --- a/test/controllers/admin/auth_controller_test.rb +++ b/test/controllers/admin/auth_controller_test.rb @@ -74,5 +74,16 @@ module Admin assert_redirected_to admin_auth_path assert_match(/reset.*log/i, flash[:success]) end + + test "should fail to reset with mistyped password" do + user = users(:admin) + user.setup_reset + + post admin_reset_password_url, params: { auth: + { reset_token: user.reset_token, password: '12345', password_confirmation: 'abcde' } } + + assert :success + assert flash[:error] + end end end diff --git a/test/controllers/admin/profile_controller_test.rb b/test/controllers/admin/profile_controller_test.rb index aaf048f..7f11332 100644 --- a/test/controllers/admin/profile_controller_test.rb +++ b/test/controllers/admin/profile_controller_test.rb @@ -22,5 +22,11 @@ module Admin assert_redirected_to admin_profile_url assert flash[:success] end + + test "should FAIL update" do + post admin_profile_url, params: { user: { name: '' } } + assert :success + assert flash[:error] + end end end