end
def update
- if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
+ is_updating_password = params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
+ if is_updating_password
@user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
end
@user.safe_attributes = params[:user]
if @user.save
@user.pref.save
+ Mailer.deliver_password_updated(@user, User.current) if is_updating_password
if was_activated
Mailer.deliver_account_activated(@user)
elsif @user.active? && params[:send_information] && @user != User.current
assert_mail_body_match 'newpass123', mail
end
+ def test_update_with_password_change_by_admin_should_send_a_security_notification
+ with_settings :bcc_recipients => '0' do
+ ActionMailer::Base.deliveries.clear
+ user = User.find_by(login: 'jsmith')
+
+ put :update, :params => {
+ :id => user.id,
+ :user => {:password => 'newpass123', :password_confirmation => 'newpass123'}
+ }
+
+ assert_equal 1, ActionMailer::Base.deliveries.size
+ mail = ActionMailer::Base.deliveries.last
+ assert_equal [user.mail], mail.to
+ assert_match 'Security notification', mail.subject
+ assert_mail_body_match 'Your password has been changed.', mail
+ end
+ end
+
def test_update_with_generate_password_should_email_the_password
ActionMailer::Base.deliveries.clear
with_settings :bcc_recipients => '1' do