diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 2c12f40d47b..ae253dd5ba5 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -97,13 +97,13 @@ class UsersController < ApplicationController def update user = fetch_user_from_params guardian.ensure_can_edit!(user) - attributes = user_params.merge!(custom_fields: params[:custom_fields]) + attributes = user_params # We can't update the username via this route. Use the username route attributes.delete(:username) if params[:user_fields].present? - attributes[:custom_fields] = {} unless params[:custom_fields].present? + attributes[:custom_fields] = {} fields = UserField.all fields = fields.where(editable: true) unless current_user.staff? diff --git a/spec/requests/users_controller_spec.rb b/spec/requests/users_controller_spec.rb index 396957bd2fc..df71cb77ef5 100644 --- a/spec/requests/users_controller_spec.rb +++ b/spec/requests/users_controller_spec.rb @@ -1423,7 +1423,6 @@ describe UsersController do put "/u/#{user.username}.json", params: { name: 'Jim Tom', - custom_fields: { test: :it }, muted_usernames: "#{user2.username},#{user3.username}", watched_tags: "#{tags[0].name},#{tags[1].name}" } @@ -1433,7 +1432,7 @@ describe UsersController do user.reload expect(user.name).to eq 'Jim Tom' - expect(user.custom_fields['test']).to eq 'it' + expect(user.muted_users.pluck(:username).sort).to eq [user2.username, user3.username].sort expect(TagUser.where( user: user, @@ -1516,6 +1515,15 @@ describe UsersController do expect(user.user_fields[user_field.id.to_s]).to be_blank end end + + context "custom_field" do + it "does not update the custom field" do + put "/u/#{user.username}.json", params: { custom_fields: { test: :it } } + + expect(response.status).to eq(200) + expect(user.custom_fields["test"]).to be_blank + end + end end it 'returns user JSON' do