DFE-Digital · martikat · Dec 20, 2023 · Dec 5, 2023 · Dec 7, 2023 · Dec 11, 2023
diff --git a/config/application.rb b/config/application.rb
@@ -59,6 +59,8 @@ class Application < Rails::Application
     config.user_timeout_warning_minutes = ENV.fetch('TIMEOUT_WARNING_MINUTES', '20').to_i
     config.user_timeout_modal_visible = ENV.fetch('TIMEOUT_MODAL_VISIBLE', '5').to_i
 
+    config.user_password = ENV.fetch('USER_PASSWORD', 'Str0ngPa$$w0rd12')
+
     # Contentful
     config.contentful_space                   = ENV.fetch('CONTENTFUL_SPACE', credentials.dig(:contentful, :space))
     config.contentful_delivery_access_token   = ENV.fetch('CONTENTFUL_DELIVERY_TOKEN', credentials.dig(:contentful, :delivery_access_token))

diff --git a/db/seeds/users.yml b/db/seeds/users.yml
@@ -1,15 +1,15 @@
 ---
 [email protected]:
-  password: <%= ENV.fetch('USER_PASSWORD', 'Str0ngPa$$word') %>
+  password: <%= Rails.configuration.user_password %>
   terms_and_conditions_agreed_at: <%= 1.minute.ago %>
 
 [email protected]:
-  password: <%= ENV.fetch('USER_PASSWORD', 'Str0ngPa$$w0rd12') %>
+  password: <%= Rails.configuration.user_password %>
   terms_and_conditions_agreed_at: <%= 1.minute.ago %>
   confirmed_at: <%= 1.minute.ago %>
 
 [email protected]:
-  password: <%= ENV.fetch('USER_PASSWORD', 'Str0ngPa$$w0rd') %>
+  password: <%= Rails.configuration.user_password %>
   terms_and_conditions_agreed_at: <%= 1.minute.ago %>
   confirmed_at: <%= 1.minute.ago %>
   first_name: Demo

diff --git a/lib/tasks/eyfs.rake b/lib/tasks/eyfs.rake
@@ -9,7 +9,7 @@ namespace :eyfs do
     unless User.find_by(email: "#{bot_token}@example.com")
       User.create!(
         email: "#{bot_token}@example.com",
-        password: ENV.fetch('USER_PASSWORD', 'Str0ngPa$$w0rd'),
+        password: Rails.configuration.user_password,
         confirmed_at: Time.zone.now,
         terms_and_conditions_agreed_at: Time.zone.now,
         first_name: 'Bot',

diff --git a/spec/config_spec.rb b/spec/config_spec.rb
@@ -31,10 +31,24 @@
     expect(config.internal_mailbox).to eq '[email protected]'
   end
 
+  it 'sets password for seeds' do
+    expect(config.user_password).to eq 'Str0ngPa$$w0rd12'
+  end
+
   it 'exports dashboard statistics daily at midnight' do
     expect(config.dashboard_update_interval).to eq '0 0 * * *'
   end
 
+  describe 'seeded users' do
+    before do
+      Dibber::Seeder.seed(:user, name_method: :email)
+    end
+
+    specify do
+      expect(User.count).to eq 3
+    end
+  end
+
   describe 'time out' do
     it 'sets interval in minutes' do
       expect(config.user_timeout_minutes).to eq 25

diff --git a/spec/controllers/user_controller_spec.rb b/spec/controllers/user_controller_spec.rb
@@ -54,7 +54,7 @@
         {
           password: 'NewPassword12!@',
           confirm_password: 'NewPassword12!@',
-          current_password: 'Str0ngPa$$w0rd',
+          current_password: 'Str0ngPa$$w0rd12',
         }
       end
 
@@ -90,7 +90,7 @@
         {
           password: '',
           confirm_password: '',
-          current_password: 'Str0ngPa$$w0rd',
+          current_password: 'Str0ngPa$$w0rd12',
         }
       end
 

diff --git a/spec/factories/users.rb b/spec/factories/users.rb
@@ -1,7 +1,7 @@
 FactoryBot.define do
   factory :user do
     email { Faker::Internet.email }
-    password { 'Str0ngPa$$w0rd' }
+    password { Rails.configuration.user_password }
     terms_and_conditions_agreed_at { Date.new(2000, 0o1, 0o1) }
 
     trait :confirmed do

diff --git a/spec/system/registered_user/changing_password_spec.rb b/spec/system/registered_user/changing_password_spec.rb
@@ -3,13 +3,13 @@
 RSpec.describe 'Registered user changing password', type: :system do
   subject(:user) { create :user, :registered, created_at: 1.month.ago }
 
-  let(:password) { 'Str0ngPa$$w0rd' }
+  let(:password) { 'Str0ngPa$$w0rd13' }
 
   include_context 'with user'
 
   before do
     visit '/my-account/edit-password'
-    fill_in 'Enter your current password', with: 'Str0ngPa$$w0rd'
+    fill_in 'Enter your current password', with: 'Str0ngPa$$w0rd12'
     fill_in 'Create a new password', with: password
     fill_in 'Confirm password', with: password
   end

diff --git a/spec/system/sign_in_spec.rb b/spec/system/sign_in_spec.rb
@@ -2,7 +2,7 @@
 
 RSpec.describe 'Sign in' do
   let(:email_address) { user.email }
-  let(:password) { 'Str0ngPa$$w0rd' }
+  let(:password) { Rails.configuration.user_password }
 
   before do
     visit '/users/sign-in'

diff --git a/ui/pages/sign_in.rb b/ui/pages/sign_in.rb
@@ -11,12 +11,12 @@ class SignIn < Base
     # Authenticate using email and password
     #
     # @param email [String] login email address (default: [email protected])
-    # @param password [String] login password (default: Str0ngPa$$w0rd)
+    # @param password [String] login password (default: Str0ngPa$$w0rd12)
     def with_email_and_password(email = nil, password = nil)
       wait_until_header_visible
 
       email ||= '[email protected]'
-      password ||= ENV.fetch('USER_PASSWORD', 'Str0ngPa$$w0rd')
+      password ||= Rails.configuration.user_password
 
       email_field.set(email)
       password_field.set(password)