Merge pull request #60 from issh1989/patch-1

Fix: Prevent Override User Password if the Field is Empty
5 years ago · ece413e0d3
2 changed files with 27 additions and 2 deletions
--- a/app/Http/Requests/Users/UpdateRequest.php
+++ b/app/Http/Requests/Users/UpdateRequest.php
@ -68,6 +68,8 @@ class UpdateRequest extends FormRequest
        if ($formData['password']) {
            $formData['password'] = bcrypt($formData['password']);
        } else {
            unset($formData['password']);
        }
        return $formData;
--- a/tests/Feature/UsersProfileTest.php
+++ b/tests/Feature/UsersProfileTest.php
@ -2,10 +2,10 @@
 namespace Tests\Feature;
 use Storage;
 use App\User;
 use Tests\TestCase;
 use Illuminate\Foundation\Testing\RefreshDatabase;
 use Storage;
 use Tests\TestCase;
 class UsersProfileTest extends TestCase
 {
@ -96,6 +96,29 @@ class UsersProfileTest extends TestCase
    }
    /** @test */
    public function empty_password_does_not_replace_existing()
    {
        $manager = $this->loginAsUser();
        $user = factory(User::class)->create([
            'manager_id' => $manager->id,
            'password'   => 'some random string password',
        ]);
        $this->visit(route('users.edit', $user->id));
        $this->seePageIs(route('users.edit', $user->id));
        $this->submitForm(trans('app.update'), [
            'email'    => 'user@mail.com',
            'password' => '',
        ]);
        $this->seeInDatabase('users', [
            'id'         => $user->id,
            'manager_id' => $manager->id,
            'password'   => 'some random string password',
        ]);
    }
    /** @test */
    public function user_can_upload_their_own_photo()
    {
        Storage::fake(config('filesystems.default'));