diff options
author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2010-12-12 13:39:55 +0000 |
---|---|---|
committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2010-12-12 13:39:55 +0000 |
commit | cde02954c84591c66c575f0d76d44c18ab6edf95 (patch) | |
tree | edd7847b9c329720c914575c884a1c1904fc6fd7 | |
parent | a4d7a99c22d9aac89a38c1cb411158777b72bb9d (diff) | |
download | redmine-cde02954c84591c66c575f0d76d44c18ab6edf95.tar.gz redmine-cde02954c84591c66c575f0d76d44c18ab6edf95.zip |
Moves password param to user hash param so that it can be set using the User API.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4493 e93f8b46-1217-0410-a6f0-8f06a7374b81
-rw-r--r-- | app/controllers/users_controller.rb | 14 | ||||
-rw-r--r-- | app/views/users/_form.rhtml | 6 | ||||
-rw-r--r-- | test/functional/users_controller_test.rb | 15 | ||||
-rw-r--r-- | test/integration/api_test/users_test.rb | 5 |
4 files changed, 24 insertions, 16 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 07c807ce4..9c7f2a17d 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -101,7 +101,7 @@ class UsersController < ApplicationController @user.safe_attributes = params[:user] @user.admin = params[:user][:admin] || false @user.login = params[:user][:login] - @user.password, @user.password_confirmation = params[:password], params[:password_confirmation] unless @user.auth_source_id + @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] unless @user.auth_source_id # TODO: Similar to My#account @user.mail_notification = params[:notification_option] || 'only_my_events' @@ -127,6 +127,8 @@ class UsersController < ApplicationController else @auth_sources = AuthSource.find(:all) @notification_option = @user.mail_notification + # Clear password input + @user.password = @user.password_confirmation = nil respond_to do |format| format.html { render :action => 'new' } @@ -152,8 +154,8 @@ class UsersController < ApplicationController @user.admin = params[:user][:admin] if params[:user][:admin] @user.login = params[:user][:login] if params[:user][:login] - if params[:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?) - @user.password, @user.password_confirmation = params[:password], params[:password_confirmation] + if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?) + @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] end @user.group_ids = params[:user][:group_ids] if params[:user][:group_ids] @user.safe_attributes = params[:user] @@ -170,8 +172,8 @@ class UsersController < ApplicationController if was_activated Mailer.deliver_account_activated(@user) - elsif @user.active? && params[:send_information] && !params[:password].blank? && @user.auth_source_id.nil? - Mailer.deliver_account_information(@user, params[:password]) + elsif @user.active? && params[:send_information] && !params[:user][:password].blank? && @user.auth_source_id.nil? + Mailer.deliver_account_information(@user, params[:user][:password]) end respond_to do |format| @@ -184,6 +186,8 @@ class UsersController < ApplicationController else @auth_sources = AuthSource.find(:all) @membership ||= Member.new + # Clear password input + @user.password = @user.password_confirmation = nil respond_to do |format| format.html { render :action => :edit } diff --git a/app/views/users/_form.rhtml b/app/views/users/_form.rhtml index 7e50fcdc3..4e788f6ca 100644 --- a/app/views/users/_form.rhtml +++ b/app/views/users/_form.rhtml @@ -25,11 +25,9 @@ <p><%= f.select :auth_source_id, ([[l(:label_internal), ""]] + @auth_sources.collect { |a| [a.name, a.id] }), {}, :onchange => "if (this.value=='') {Element.show('password_fields');} else {Element.hide('password_fields');}" %></p> <% end %> <div id="password_fields" style="<%= 'display:none;' if @user.auth_source %>"> -<p><label for="password"><%=l(:field_password)%><span class="required"> *</span></label> -<%= password_field_tag 'password', nil, :size => 25 %><br /> +<p><%= f.password_field :password, :required => true, :size => 25 %><br /> <em><%= l(:text_caracters_minimum, :count => Setting.password_min_length) %></em></p> -<p><label for="password_confirmation"><%=l(:field_password_confirmation)%><span class="required"> *</span></label> -<%= password_field_tag 'password_confirmation', nil, :size => 25 %></p> +<p><%= f.password_field :password_confirmation, :required => true, :size => 25 %></p> </div> </div> diff --git a/test/functional/users_controller_test.rb b/test/functional/users_controller_test.rb index 100ec8ded..8b879cc30 100644 --- a/test/functional/users_controller_test.rb +++ b/test/functional/users_controller_test.rb @@ -152,6 +152,11 @@ class UsersControllerTest < ActionController::TestCase user = User.last assert_equal 'none', user.mail_notification end + + should 'set the password' do + user = User.first(:order => 'id DESC') + assert user.check_password?('test') + end end context "when unsuccessful" do @@ -194,13 +199,13 @@ class UsersControllerTest < ActionController::TestCase assert mail.body.include?(ll('fr', :notice_account_activated)) end - def test_updat_with_password_change_should_send_a_notification + def test_update_with_password_change_should_send_a_notification ActionMailer::Base.deliveries.clear Setting.bcc_recipients = '1' + put :update, :id => 2, :user => {:password => 'newpass', :password_confirmation => 'newpass'}, :send_information => '1' u = User.find(2) - put :update, :id => u.id, :user => {}, :password => 'newpass', :password_confirmation => 'newpass', :send_information => '1' - assert_equal User.hash_password('newpass'), u.reload.hashed_password + assert u.check_password?('newpass') mail = ActionMailer::Base.deliveries.last assert_not_nil mail @@ -214,10 +219,10 @@ class UsersControllerTest < ActionController::TestCase u.auth_source = AuthSource.find(1) u.save! - put :update, :id => u.id, :user => {:auth_source_id => ''}, :password => 'newpass', :password_confirmation => 'newpass' + put :update, :id => u.id, :user => {:auth_source_id => '', :password => 'newpass'}, :password_confirmation => 'newpass' assert_equal nil, u.reload.auth_source - assert_equal User.hash_password('newpass'), u.reload.hashed_password + assert u.check_password?('newpass') end def test_edit_membership diff --git a/test/integration/api_test/users_test.rb b/test/integration/api_test/users_test.rb index 1fc4b2032..83be388a7 100644 --- a/test/integration/api_test/users_test.rb +++ b/test/integration/api_test/users_test.rb @@ -54,13 +54,13 @@ class ApiTest::UsersTest < ActionController::IntegrationTest context "POST /users" do context "with valid parameters" do setup do - @parameters = {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net'}} + @parameters = {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net', :password => 'secret'}} end context ".xml" do should_allow_api_authentication(:post, '/users.xml', - {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net'}}, + {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net', :password => 'secret'}}, {:success_code => :created}) should "create a user with the attributes" do @@ -74,6 +74,7 @@ class ApiTest::UsersTest < ActionController::IntegrationTest assert_equal 'Lastname', user.lastname assert_equal 'foo@example.net', user.mail assert !user.admin? + assert user.check_password?('secret') assert_response :created assert_equal 'application/xml', @response.content_type |