Patch by Yuichi HARADA. git-svn-id: http://svn.redmine.org/redmine/trunk@21006 e93f8b46-1217-0410-a6f0-8f06a7374b81tags/5.0.0
@@ -153,7 +153,8 @@ class UsersController < ApplicationController | |||
end | |||
def update | |||
if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?) | |||
is_updating_password = params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?) | |||
if is_updating_password | |||
@user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] | |||
end | |||
@user.safe_attributes = params[:user] | |||
@@ -165,6 +166,7 @@ class UsersController < ApplicationController | |||
if @user.save | |||
@user.pref.save | |||
Mailer.deliver_password_updated(@user, User.current) if is_updating_password | |||
if was_activated | |||
Mailer.deliver_account_activated(@user) | |||
elsif @user.active? && params[:send_information] && @user != User.current |
@@ -590,6 +590,24 @@ class UsersControllerTest < Redmine::ControllerTest | |||
assert_mail_body_match 'newpass123', mail | |||
end | |||
def test_update_with_password_change_by_admin_should_send_a_security_notification | |||
with_settings :bcc_recipients => '0' do | |||
ActionMailer::Base.deliveries.clear | |||
user = User.find_by(login: 'jsmith') | |||
put :update, :params => { | |||
:id => user.id, | |||
:user => {:password => 'newpass123', :password_confirmation => 'newpass123'} | |||
} | |||
assert_equal 1, ActionMailer::Base.deliveries.size | |||
mail = ActionMailer::Base.deliveries.last | |||
assert_equal [user.mail], mail.to | |||
assert_match 'Security notification', mail.subject | |||
assert_mail_body_match 'Your password has been changed.', mail | |||
end | |||
end | |||
def test_update_with_generate_password_should_email_the_password | |||
ActionMailer::Base.deliveries.clear | |||
with_settings :bcc_recipients => '1' do |