fix MR comments

.env.sample

@@ -27,3 +27,6 @@ MUX_TOKEN_ID=
 MUX_TOKEN_SECRET=
 MUX_BROADCAST_SERVER_URL=rtmp://global-live.mux.com:5222/app
 MUX_TEST_MODE_DISABLED=
+
+# Required for creating user through API
+CUSTOM_API_TOKEN=

app/controllers/api/users_controller.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+class Api::UsersController < Api::ApiController
+  skip_before_action :authenticate_user
+  before_action :verify_custom_token, only: :create
+
+  def create
+    if user_params[:email].nil? || user_params[:password].nil?
+      raise ActionController::ParameterMissing.new 'Missing email or password'
+    end
+
+    user = Oath::Services::SignUp.new(user_params).perform
+    render json: user.slice(:email, :created_at, :first_name, :last_name)
+  end
+
+  private
+
+  def user_params
+    params.require(:user).permit(%i[
+                                   email
+                                   password
+                                   first_name
+                                   last_name
+                                 ])
+  end
+
+  def verify_custom_token
+    if token.blank? || token != ENV['CUSTOM_API_TOKEN']
+      unauthorized_entity(:user)
+    end
+  end
+
+end

app/views/public/amendments/new.html.erb

@@ -8,10 +8,6 @@
   <div class="card-body">
     <%= errors_summary_for @release %>
     <%= bootstrap_form_with model: @release, method: :post, url: public_send("account_project_contract_template_#{@contract_template.release_type}_release_amendments_path"), local: true do |form| %>
-      <%= card_field_set_tag t('.signed_contract_preview') do %>
-        <embed class="embeded-contract-preview" type="application/pdf" src="<%= url_for([@release, :contracts, format: "pdf"]) %>" width="80%" height="1200" />
-      <% end %>
-
       <%= card_field_set_tag t(".amendment.heading") do %>
         <p><%= @contract_template.amendment_clause %></p>
       <% end %>

config/locales/en.yml

@@ -1138,7 +1138,6 @@ en:
         copy_url: Copy sign amendment URL
         signature:
           heading: Signature
-        signed_contract_preview: Signed Contract Preview
     appearance_releases:
       create: 
         notice: Your release has been signed. Thank you!

config/locales/es.yml

@@ -504,7 +504,6 @@ es:
         copy_url: Copy sign amendment URL (ES)
         signature:
           heading: Signature (ES)
-        signed_contract_preview: Signed Contract Preview (ES)
     appearance_releases:
       create:
         notice: La autorización está firmada. ¡Gracias!

config/routes.rb

@@ -158,6 +158,7 @@ Rails.application.routes.draw do
       scope 'v1' do
         get 'sync' => 'sync#index'
         post 'user_token' => 'user_token#create'
+        post 'users' => 'users#create'
         resource :profiles, only: [:show]
         resources :projects, only: [:index] do
           resources :broadcasts, only: [:index, :show, :update]

spec/controllers/api/users_controller_spec.rb

@@ -0,0 +1,78 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe Api::UsersController, type: :controller do
+  before do
+    ENV['CUSTOM_API_TOKEN'] = "custom_token"
+  end
+  describe '#create' do
+    context 'Invalid token' do
+      it 'Returns 401 (Unauthorized) status if token is not valid' do
+
+        post :create
+
+        expect(response).not_to be_successful
+        expect(response).to have_http_status(401)
+      end
+    end
+
+    context 'Valid token' do
+      before :each do
+        controller.request.env['HTTP_AUTHORIZATION'] = 'Bearer custom_token'
+      end
+
+      it 'Returns Server error if user param is missing' do
+        user_count = User.all.count
+
+        expect do
+          post :create
+        end.to raise_exception ActionController::ParameterMissing
+
+        expect(User.all.count).to eq user_count
+      end
+
+      it 'Returns Server Error if email or password is missing' do
+        user_count = User.all.count
+
+        expect do
+          post :create, params: { user: { email: "a@b.com" } }
+        end.to raise_exception ActionController::ParameterMissing
+
+        expect do
+          post :create, params: { user: { password: "123" } }
+        end.to raise_exception ActionController::ParameterMissing
+
+        expect(User.all.count).to eq user_count
+      end
+
+      it 'Returns Server Error if body contains not permitted params' do
+        user_count = User.all.count
+
+        expect do
+          post :create, params: { user: { email: "a@b.com", password: "123", admin: true } }
+        end.to raise_exception ActionController::UnpermittedParameters
+
+        expect(User.all.count).to eq user_count
+      end
+
+      it 'Creates user if body contains correct params' do
+        expect do
+          post :create, params: { user: { email: "a@b.com", password: "123" } }
+        end.to change(User, :count).by(1)
+
+        expect(response).to be_successful
+      end
+
+      it 'Nothing changes if existing email is used' do
+        create(:user, email: "a@b.com")
+
+        expect do
+          post :create, params: { user: { email: "a@b.com", password: "123" } }
+        end.not_to change(User, :count)
+
+        expect(response).to be_successful
+      end
+    end
+  end
+end

spec/features/user_managing_location_releases_spec.rb

@@ -251,9 +251,6 @@ feature "User managing location releases" do
       new_window = window_opened_by { click_link sign_amendment_link }
       within_window new_window do
         expect(page).to have_content amendments_heading
-        expect(page).to have_content signed_contract_preview.upcase
-
-        expect(page).to have_selector 'embed'
 
         fill_in amendment_signer_name_field, with: 'Big Signer'
         draw_signature file_fixture("signature.png"), amendment_signature_field
@@ -693,10 +690,6 @@ feature "User managing location releases" do
     t 'public.amendments.new.amendment.heading'
   end
 
-  def signed_contract_preview
-    t 'public.amendments.new.signed_contract_preview'
-  end
-
   def amendment_signer_name_field
     'location_release[amendment_signer_name]'
   end