From: Eric Davis <edavis@littlestreamsoftware.com>
Date: Mon, 6 Sep 2010 01:02:52 +0000 (+0000)
Subject: Allow user password changes when changing to Internal authentication. #6267
X-Git-Tag: 1.1.0~392
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=9da4ee5fcce2d20e125acc64377564a2797d1cbb;p=redmine.git

Allow user password changes when changing to Internal authentication. #6267

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4066 e93f8b46-1217-0410-a6f0-8f06a7374b81
---

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 0354d165d..b854850a3 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -95,7 +95,9 @@ class UsersController < ApplicationController
     if request.post?
       @user.admin = params[:user][:admin] if params[:user][:admin]
       @user.login = params[:user][:login] if params[:user][:login]
-      @user.password, @user.password_confirmation = params[:password], params[:password_confirmation] unless params[:password].nil? or params[:password].empty? or @user.auth_source_id
+      if params[:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
+        @user.password, @user.password_confirmation = params[:password], params[:password_confirmation]
+      end
       @user.group_ids = params[:user][:group_ids] if params[:user][:group_ids]
       @user.attributes = params[:user]
       # Was the account actived ? (do it before User#save clears the change)
diff --git a/test/functional/users_controller_test.rb b/test/functional/users_controller_test.rb
index 640ce8685..0e4c14c79 100644
--- a/test/functional/users_controller_test.rb
+++ b/test/functional/users_controller_test.rb
@@ -143,6 +143,18 @@ class UsersControllerTest < ActionController::TestCase
     assert_equal [u.mail], mail.bcc
     assert mail.body.include?('newpass')
   end
+
+  test "POST :edit with a password change to an AuthSource user switching to Internal authentication" do
+    # Configure as auth source
+    u = User.find(2)
+    u.auth_source = AuthSource.find(1)
+    u.save!
+
+    post :edit, :id => u.id, :user => {:auth_source_id => ''}, :password => 'newpass', :password_confirmation => 'newpass'
+
+    assert_equal nil, u.reload.auth_source
+    assert_equal User.hash_password('newpass'), u.reload.hashed_password
+  end
   
   def test_edit_membership
     post :edit_membership, :id => 2, :membership_id => 1,