fix MR comments

.env.sample

@@ -27,3 +27,6 @@ MUX_TOKEN_ID=
 MUX_TOKEN_SECRET=
 MUX_BROADCAST_SERVER_URL=rtmp://global-live.mux.com:5222/app
 MUX_TEST_MODE_DISABLED=
+
+# Required for creating user through API
+CUSTOM_API_TOKEN=

app/controllers/api/users_controller.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+class Api::UsersController < Api::ApiController
+  skip_before_action :authenticate_user
+  before_action :verify_custom_token, only: :create
+
+  def create
+    if user_params[:email].nil? || user_params[:password].nil?
+      raise ActionController::ParameterMissing.new 'Missing email or password'
+    end
+
+    user = Oath::Services::SignUp.new(user_params).perform
+    render json: user.slice(:email, :created_at, :first_name, :last_name)
+  end
+
+  private
+
+  def user_params
+    params.require(:user).permit(%i[
+                                   email
+                                   password
+                                   first_name
+                                   last_name
+                                 ])
+  end
+
+  def verify_custom_token
+    if token.blank? || token != ENV['CUSTOM_API_TOKEN']
+      unauthorized_entity(:user)
+    end
+  end
+
+end

config/locales/en.yml

@@ -511,8 +511,6 @@ en:
         person_last_name: Last name
         person_name: Name
         person_phone: Phone number
-      contract_template:
-        amendment_clause: Additional Contract Clause
       location_release:
         address_city: City
         address_country: Country
@@ -844,7 +842,7 @@ en:
       empty: Location Releases will appear here
       table_headers:
         address: Address
-        amendment_signed: Additional Clause
+        amendment_signed: Amendment
         approved: Approved
         name: Location Name
         notes: Notes
@@ -854,7 +852,7 @@ en:
       actions:
         manage: Manage
         review: Review
-        sign_amendment: Sign Additional Clause
+        sign_amendment: Sign Amendment
       messages:
         amendment_not_signed_tooltip: Amendment not yet signed
         amendment_signed_tooltip: Amendment Signed
@@ -1136,7 +1134,7 @@ en:
         amendment_signed_message: Release amendment signed successfully! Thank you
       new:
         amendment:
-          heading: Additional Clause
+          heading: Amendment
         copy_url: Copy sign amendment URL
         signature:
           heading: Signature

config/locales/es.yml

@@ -285,8 +285,6 @@ es:
         person_email: Dirección de correo electrónico
         person_name: Nómbre
         person_phone: Número de teléfono
-      contract_template:
-        amendment_clause: Additional Contract Clause (ES)
       material_release:
         guardian_2_address_city: Guardian 2 city (ES)
         guardian_2_address_country: Guardian 2 country (ES)
@@ -410,13 +408,13 @@ es:
     index:
       table_headers:
         address: Address (ES)
-        amendment_signed: Additional Clause (ES)
+        amendment_signed: Amendment (ES)
         notes: Notes (ES)
         signed_at: Date Signed (ES)
         tags: Tags (ES)
     location_release:
       actions:
-        sign_amendment: Sign Additional Clause (ES)
+        sign_amendment: Sign Amendment (ES)
       messages:
         amendment_not_signed_tooltip: Amendment not yet signed (ES)
         amendment_signed_tooltip: Amendment Signed (ES)
@@ -502,7 +500,7 @@ es:
         amendment_signed_message: Release amendment signed successfully! Thank you (ES)
       new:
         amendment:
-          heading: Additional Clause (ES)
+          heading: Amendment
         copy_url: Copy sign amendment URL (ES)
         signature:
           heading: Signature (ES)

config/routes.rb

@@ -158,6 +158,7 @@ Rails.application.routes.draw do
       scope 'v1' do
         get 'sync' => 'sync#index'
         post 'user_token' => 'user_token#create'
+        post 'users' => 'users#create'
         resource :profiles, only: [:show]
         resources :projects, only: [:index] do
           resources :broadcasts, only: [:index, :show, :update]

spec/controllers/api/users_controller_spec.rb

@@ -0,0 +1,78 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe Api::UsersController, type: :controller do
+  before do
+    ENV['CUSTOM_API_TOKEN'] = "custom_token"
+  end
+  describe '#create' do
+    context 'Invalid token' do
+      it 'Returns 401 (Unauthorized) status if token is not valid' do
+
+        post :create
+
+        expect(response).not_to be_successful
+        expect(response).to have_http_status(401)
+      end
+    end
+
+    context 'Valid token' do
+      before :each do
+        controller.request.env['HTTP_AUTHORIZATION'] = 'Bearer custom_token'
+      end
+
+      it 'Returns Server error if user param is missing' do
+        user_count = User.all.count
+
+        expect do
+          post :create
+        end.to raise_exception ActionController::ParameterMissing
+
+        expect(User.all.count).to eq user_count
+      end
+
+      it 'Returns Server Error if email or password is missing' do
+        user_count = User.all.count
+
+        expect do
+          post :create, params: { user: { email: "a@b.com" } }
+        end.to raise_exception ActionController::ParameterMissing
+
+        expect do
+          post :create, params: { user: { password: "123" } }
+        end.to raise_exception ActionController::ParameterMissing
+
+        expect(User.all.count).to eq user_count
+      end
+
+      it 'Returns Server Error if body contains not permitted params' do
+        user_count = User.all.count
+
+        expect do
+          post :create, params: { user: { email: "a@b.com", password: "123", admin: true } }
+        end.to raise_exception ActionController::UnpermittedParameters
+
+        expect(User.all.count).to eq user_count
+      end
+
+      it 'Creates user if body contains correct params' do
+        expect do
+          post :create, params: { user: { email: "a@b.com", password: "123" } }
+        end.to change(User, :count).by(1)
+
+        expect(response).to be_successful
+      end
+
+      it 'Nothing changes if existing email is used' do
+        create(:user, email: "a@b.com")
+
+        expect do
+          post :create, params: { user: { email: "a@b.com", password: "123" } }
+        end.not_to change(User, :count)
+
+        expect(response).to be_successful
+      end
+    end
+  end
+end

spec/features/user_managing_location_releases_spec.rb

@@ -87,7 +87,7 @@ feature "User managing location releases" do
 
       visit new_account_project_contract_template_location_release_amendment_path(project.account, project, contract_template, release)
 
-      expect(page).to have_content amendments_heading.upcase
+      expect(page).to have_content amendments_heading
 
       fill_in amendment_signer_name_field, with: 'Big Signer'
       draw_signature file_fixture("signature.png"), amendment_signature_field
@@ -250,7 +250,7 @@ feature "User managing location releases" do
 
       new_window = window_opened_by { click_link sign_amendment_link }
       within_window new_window do
-        expect(page).to have_content amendments_heading.upcase
+        expect(page).to have_content amendments_heading
 
         fill_in amendment_signer_name_field, with: 'Big Signer'
         draw_signature file_fixture("signature.png"), amendment_signature_field