Fixed: Openid registration form should not require user to enter password (#11331).

author Jean-Philippe Lang <jp_lang@yahoo.fr>

Sat, 7 Jul 2012 06:22:35 +0000 (06:22 +0000)

committer Jean-Philippe Lang <jp_lang@yahoo.fr>

Sat, 7 Jul 2012 06:22:35 +0000 (06:22 +0000)
author Jean-Philippe Lang <jp_lang@yahoo.fr>
Sat, 7 Jul 2012 06:22:35 +0000 (06:22 +0000)
committer Jean-Philippe Lang <jp_lang@yahoo.fr>
Sat, 7 Jul 2012 06:22:35 +0000 (06:22 +0000)
diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb

index fa530087eebfbb8a3e013597f5dda3ffc42f5941..5c4ecaf40b55f73543559c5cff1e06b5c5511de3 100644 (file)
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -84,8 +84,9 @@ class AccountController < ApplicationController
        session[:auth_source_registration] = nil
        @user = User.new(:language => Setting.default_language)
      else
+      user_params = params[:user] || {}
        @user = User.new
-      @user.safe_attributes = params[:user]
+      @user.safe_attributes = user_params
        @user.admin = false
        @user.register
        if session[:auth_source_registration]
@@ -100,7 +101,9 @@ class AccountController < ApplicationController
          end
        else
          @user.login = params[:user][:login]
-        @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
+        unless user_params[:identity_url].present? && user_params[:password].blank? && user_params[:password_confirmation].blank?
+          @user.password, @user.password_confirmation = user_params[:password], user_params[:password_confirmation]
+        end
  
          case Setting.self_registration
          when '1'
diff --git a/test/functional/account_controller_openid_test.rb b/test/functional/account_controller_openid_test.rb

index ccee3d256e02aebb2e2271636a0da42e9d8f9089..12e15c52ecc62f6e6c88ee08655303b08b3fc9dd 100644 (file)
--- a/test/functional/account_controller_openid_test.rb
+++ b/test/functional/account_controller_openid_test.rb
@@ -116,6 +116,42 @@ class AccountControllerTest < ActionController::TestCase
        assert_equal 'http://openid.example.com/good_user', assigns(:user)[:identity_url]
      end
    
+    def test_login_with_openid_with_new_user_with_missing_information_should_register
+      Setting.self_registration = '3'
+  
+      post :login, :openid_url => 'http://openid.example.com/good_blank_user'
+      assert_response :success
+      assert_template 'register'
+      assert assigns(:user)
+      assert_equal 'http://openid.example.com/good_blank_user', assigns(:user)[:identity_url]
+
+      assert_select 'input[name=?]', 'user[login]'
+      assert_select 'input[name=?]', 'user[password]'
+      assert_select 'input[name=?]', 'user[password_confirmation]'
+      assert_select 'input[name=?][value=?]', 'user[identity_url]', 'http://openid.example.com/good_blank_user'
+    end
+
+    def test_register_after_login_failure_should_not_require_user_to_enter_a_password
+      Setting.self_registration = '3'
+
+      assert_difference 'User.count' do
+        post :register, :user => {
+          :login => 'good_blank_user',
+          :password => '',
+          :password_confirmation => '',
+          :firstname => 'Cool',
+          :lastname => 'User',
+          :mail => 'user@somedomain.com',
+          :identity_url => 'http://openid.example.com/good_blank_user'
+        }
+        assert_response 302
+      end
+
+      user = User.first(:order => 'id DESC')
+      assert_equal 'http://openid.example.com/good_blank_user', user.identity_url
+      assert user.hashed_password.blank?, "Hashed password was #{user.hashed_password}"
+    end
+
      def test_setting_openid_should_return_true_when_set_to_true
        assert_equal true, Setting.openid?
      end
diff --git a/test/mocks/open_id_authentication_mock.rb b/test/mocks/open_id_authentication_mock.rb

index 10d195e071bd6c995ded0461ccb509af9709f97e..a7376e4baa111424d1e6026a82f590c2c80472e8 100644 (file)
--- a/test/mocks/open_id_authentication_mock.rb
+++ b/test/mocks/open_id_authentication_mock.rb
@@ -16,9 +16,10 @@ module OpenIdAuthentication
  
      def authenticate_with_open_id(identity_url = params[:openid_url], options = {}) #:doc:
        if User.find_by_identity_url(identity_url) || identity_url.include?('good')
+        extension_response_fields = {}
+
          # Don't process registration fields unless it is requested.
          unless identity_url.include?('blank') || (options[:required].nil? && options[:optional].nil?)
-          extension_response_fields = {}
  
            options[:required].each do |field|
              extension_response_fields[field.to_s] = EXTENSION_FIELDS[field.to_s]
author	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Sat, 7 Jul 2012 06:22:35 +0000 (06:22 +0000)
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Sat, 7 Jul 2012 06:22:35 +0000 (06:22 +0000)
app/controllers/account_controller.rb		patch \| blob \| history
test/functional/account_controller_openid_test.rb		patch \| blob \| history
test/mocks/open_id_authentication_mock.rb		patch \| blob \| history