summaryrefslogtreecommitdiffstats
path: root/routers
diff options
context:
space:
mode:
Diffstat (limited to 'routers')
-rw-r--r--routers/user/setting.go4
-rw-r--r--routers/user/setting_test.go68
2 files changed, 71 insertions, 1 deletions
diff --git a/routers/user/setting.go b/routers/user/setting.go
index bd2c923b70..a2f32e3e19 100644
--- a/routers/user/setting.go
+++ b/routers/user/setting.go
@@ -222,7 +222,9 @@ func SettingsSecurityPost(ctx *context.Context, form auth.ChangePasswordForm) {
return
}
- if ctx.User.IsPasswordSet() && !ctx.User.ValidatePassword(form.OldPassword) {
+ if len(form.Password) < setting.MinPasswordLength {
+ ctx.Flash.Error(ctx.Tr("auth.password_too_short", setting.MinPasswordLength))
+ } else if ctx.User.IsPasswordSet() && !ctx.User.ValidatePassword(form.OldPassword) {
ctx.Flash.Error(ctx.Tr("settings.password_incorrect"))
} else if form.Password != form.Retype {
ctx.Flash.Error(ctx.Tr("form.password_not_match"))
diff --git a/routers/user/setting_test.go b/routers/user/setting_test.go
new file mode 100644
index 0000000000..72b1b83143
--- /dev/null
+++ b/routers/user/setting_test.go
@@ -0,0 +1,68 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package user
+
+import (
+ "net/http"
+ "testing"
+
+ "code.gitea.io/gitea/models"
+ "code.gitea.io/gitea/modules/auth"
+ "code.gitea.io/gitea/modules/setting"
+ "code.gitea.io/gitea/modules/test"
+
+ "github.com/stretchr/testify/assert"
+)
+
+func TestChangePassword(t *testing.T) {
+ oldPassword := "password"
+ setting.MinPasswordLength = 6
+
+ for _, req := range []struct {
+ OldPassword string
+ NewPassword string
+ Retype string
+ Message string
+ }{
+ {
+ OldPassword: oldPassword,
+ NewPassword: "123456",
+ Retype: "123456",
+ Message: "",
+ },
+ {
+ OldPassword: oldPassword,
+ NewPassword: "12345",
+ Retype: "12345",
+ Message: "auth.password_too_short",
+ },
+ {
+ OldPassword: "12334",
+ NewPassword: "123456",
+ Retype: "123456",
+ Message: "settings.password_incorrect",
+ },
+ {
+ OldPassword: oldPassword,
+ NewPassword: "123456",
+ Retype: "12345",
+ Message: "form.password_not_match",
+ },
+ } {
+ models.PrepareTestEnv(t)
+ ctx := test.MockContext(t, "user/settings/security")
+ test.LoadUser(t, ctx, 2)
+ test.LoadRepo(t, ctx, 1)
+
+ SettingsSecurityPost(ctx, auth.ChangePasswordForm{
+ OldPassword: req.OldPassword,
+ Password: req.NewPassword,
+ Retype: req.Retype,
+ })
+
+ assert.EqualValues(t, req.Message, ctx.Flash.ErrorMsg)
+ assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+ }
+}