superusers should not be able to change a users password (#3694)

* superusers should not be able to change a users password

* remove ability to change password for new users

app/views/admin/users/_user_form_fields.html.erb

@@ -6,15 +6,4 @@
  <span class="input-group-text"><%= fa_icon "envelope" %></span>
  <%= f.input_field :email, class: "form-control" %>
 <% end %>
-<!-- Only display password fields when not nested within organization form -->
-<% if @organization.nil? %>
- <%= f.input :password, label: "Password", wrapper: :input_group, required: true, hint: ("#{@minimum_password_length} characters minimum" if @minimum_password_length) do %>
- <span class="input-group-text"><%= fa_icon "lock" %></span>
- <%= f.input_field :password, class: "form-control" %>
- <% end %>
- <%= f.input :password_confirmation, label: "Confirm Password", wrapper: :input_group, required: true do %>
- <span class="input-group-text"><%= fa_icon "check" %></span>
- <%= f.input_field :password_confirmation, class: "form-control" %>
- <% end %>
-<% end %>
 

spec/system/admin/users_system_spec.rb

@@ -10,8 +10,6 @@
  find('#user_organization_id option:last-of-type').select_option
  fill_in "user_name", with: "TestUser"
  fill_in "user_email", with: "testuser@example.com"
- fill_in "user_password", with: "password!"
- fill_in "user_password_confirmation", with: "password!"
  click_on "Save"
 
  expect(page.find(".alert")).to have_content "Created a new user!"
@@ -22,8 +20,6 @@
  click_link "Edit", match: :first
  expect(page).to have_content("Update #{@organization_admin.name}")
  fill_in "user_name", with: "TestUser"
- fill_in "user_password", with: "123password!"
- fill_in "user_password_confirmation", with: "123password!"
  click_on "Save"
 
  expect(page.find(".alert")).to have_content "TestUser updated"