From 6218a2535a757adb69432f3f4d2751c4f38a3cd4 Mon Sep 17 00:00:00 2001
From: Julien Portalier <julien@portalier.com>
Date: Thu, 13 Oct 2016 18:26:08 +0200
Subject: [PATCH] Sign associated user/gestionnaire in after password change

---
 .../gestionnaires/passwords_controller.rb     |  9 ++++++
 app/controllers/users/passwords_controller.rb |  9 ++++++
 .../passwords_controller_spec.rb              | 29 +++++++++++++++++++
 .../users/passwords_controller_spec.rb        | 29 +++++++++++++++++++
 4 files changed, 76 insertions(+)
 create mode 100644 spec/controllers/gestionnaires/passwords_controller_spec.rb
 create mode 100644 spec/controllers/users/passwords_controller_spec.rb

diff --git a/app/controllers/gestionnaires/passwords_controller.rb b/app/controllers/gestionnaires/passwords_controller.rb
index a7a1d1734..39e2d72ee 100644
--- a/app/controllers/gestionnaires/passwords_controller.rb
+++ b/app/controllers/gestionnaires/passwords_controller.rb
@@ -1,4 +1,6 @@
 class Gestionnaires::PasswordsController < Devise::PasswordsController
+  after_action :try_to_authenticate_user, only: %i(update)
+
   # GET /resource/password/new
   # def new
   #   super
@@ -29,4 +31,11 @@ class Gestionnaires::PasswordsController < Devise::PasswordsController
   # def after_sending_reset_password_instructions_path_for(resource_name)
   #   super(resource_name)
   # end
+
+  def try_to_authenticate_user
+    if gestionnaire_signed_in?
+      user = User.find_by(email: current_gestionnaire.email)
+      sign_in user if user
+    end
+  end
 end
diff --git a/app/controllers/users/passwords_controller.rb b/app/controllers/users/passwords_controller.rb
index 53cc34e39..c85d0cb70 100644
--- a/app/controllers/users/passwords_controller.rb
+++ b/app/controllers/users/passwords_controller.rb
@@ -1,4 +1,6 @@
 class Users::PasswordsController < Devise::PasswordsController
+  after_action :try_to_authenticate_gestionnaire, only: %i(update)
+
   # GET /resource/password/new
   # def new
   #   super
@@ -29,4 +31,11 @@ class Users::PasswordsController < Devise::PasswordsController
   # def after_sending_reset_password_instructions_path_for(resource_name)
   #   super(resource_name)
   # end
+
+  def try_to_authenticate_gestionnaire
+    if user_signed_in?
+      gestionnaire = Gestionnaire.find_by(email: current_user.email)
+      sign_in gestionnaire if gestionnaire
+    end
+  end
 end
diff --git a/spec/controllers/gestionnaires/passwords_controller_spec.rb b/spec/controllers/gestionnaires/passwords_controller_spec.rb
new file mode 100644
index 000000000..004beabb7
--- /dev/null
+++ b/spec/controllers/gestionnaires/passwords_controller_spec.rb
@@ -0,0 +1,29 @@
+require "spec_helper"
+
+describe Gestionnaires::PasswordsController, type: :controller do
+  before do
+    @request.env["devise.mapping"] = Devise.mappings[:gestionnaire]
+  end
+
+  describe "update" do
+    context "when associated gestionnaire" do
+      let(:gestionnaire) { create(:gestionnaire, email: 'unique@plop.com', password: 'password') }
+      let(:user) { create(:user, email: 'unique@plop.com', password: 'password') }
+
+      before do
+        @token = gestionnaire.send(:set_reset_password_token)
+        user # make sure it's created
+      end
+
+      it "also signs user in" do
+        put :update, gestionnaire: {
+          reset_password_token: @token,
+          password: "supersecret",
+          password_confirmation: "supersecret",
+        }
+        expect(subject.current_gestionnaire).to eq(gestionnaire)
+        expect(subject.current_user).to eq(user)
+      end
+    end
+  end
+end
diff --git a/spec/controllers/users/passwords_controller_spec.rb b/spec/controllers/users/passwords_controller_spec.rb
new file mode 100644
index 000000000..72e38aa73
--- /dev/null
+++ b/spec/controllers/users/passwords_controller_spec.rb
@@ -0,0 +1,29 @@
+require "spec_helper"
+
+describe Users::PasswordsController, type: :controller do
+  before do
+    @request.env["devise.mapping"] = Devise.mappings[:user]
+  end
+
+  describe "update" do
+    context "when associated gestionnaire" do
+      let(:user) { create(:user, email: 'unique@plop.com', password: 'password') }
+      let(:gestionnaire) { create(:gestionnaire, email: 'unique@plop.com', password: 'password') }
+
+      before do
+        @token = user.send(:set_reset_password_token)
+        gestionnaire # make sure it's created
+      end
+
+      it "also signs gestionnaire in" do
+        put :update, user: {
+          reset_password_token: @token,
+          password: "supersecret",
+          password_confirmation: "supersecret",
+        }
+        expect(subject.current_user).to eq(user)
+        expect(subject.current_gestionnaire).to eq(gestionnaire)
+      end
+    end
+  end
+end