summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJean-Philippe Lang <jp_lang@yahoo.fr>2010-12-12 13:39:55 +0000
committerJean-Philippe Lang <jp_lang@yahoo.fr>2010-12-12 13:39:55 +0000
commitcde02954c84591c66c575f0d76d44c18ab6edf95 (patch)
treeedd7847b9c329720c914575c884a1c1904fc6fd7
parenta4d7a99c22d9aac89a38c1cb411158777b72bb9d (diff)
downloadredmine-cde02954c84591c66c575f0d76d44c18ab6edf95.tar.gz
redmine-cde02954c84591c66c575f0d76d44c18ab6edf95.zip
Moves password param to user hash param so that it can be set using the User API.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4493 e93f8b46-1217-0410-a6f0-8f06a7374b81
-rw-r--r--app/controllers/users_controller.rb14
-rw-r--r--app/views/users/_form.rhtml6
-rw-r--r--test/functional/users_controller_test.rb15
-rw-r--r--test/integration/api_test/users_test.rb5
4 files changed, 24 insertions, 16 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 07c807ce4..9c7f2a17d 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -101,7 +101,7 @@ class UsersController < ApplicationController
@user.safe_attributes = params[:user]
@user.admin = params[:user][:admin] || false
@user.login = params[:user][:login]
- @user.password, @user.password_confirmation = params[:password], params[:password_confirmation] unless @user.auth_source_id
+ @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] unless @user.auth_source_id
# TODO: Similar to My#account
@user.mail_notification = params[:notification_option] || 'only_my_events'
@@ -127,6 +127,8 @@ class UsersController < ApplicationController
else
@auth_sources = AuthSource.find(:all)
@notification_option = @user.mail_notification
+ # Clear password input
+ @user.password = @user.password_confirmation = nil
respond_to do |format|
format.html { render :action => 'new' }
@@ -152,8 +154,8 @@ class UsersController < ApplicationController
@user.admin = params[:user][:admin] if params[:user][:admin]
@user.login = params[:user][:login] if params[:user][:login]
- if params[:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
- @user.password, @user.password_confirmation = params[:password], params[:password_confirmation]
+ if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
+ @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
end
@user.group_ids = params[:user][:group_ids] if params[:user][:group_ids]
@user.safe_attributes = params[:user]
@@ -170,8 +172,8 @@ class UsersController < ApplicationController
if was_activated
Mailer.deliver_account_activated(@user)
- elsif @user.active? && params[:send_information] && !params[:password].blank? && @user.auth_source_id.nil?
- Mailer.deliver_account_information(@user, params[:password])
+ elsif @user.active? && params[:send_information] && !params[:user][:password].blank? && @user.auth_source_id.nil?
+ Mailer.deliver_account_information(@user, params[:user][:password])
end
respond_to do |format|
@@ -184,6 +186,8 @@ class UsersController < ApplicationController
else
@auth_sources = AuthSource.find(:all)
@membership ||= Member.new
+ # Clear password input
+ @user.password = @user.password_confirmation = nil
respond_to do |format|
format.html { render :action => :edit }
diff --git a/app/views/users/_form.rhtml b/app/views/users/_form.rhtml
index 7e50fcdc3..4e788f6ca 100644
--- a/app/views/users/_form.rhtml
+++ b/app/views/users/_form.rhtml
@@ -25,11 +25,9 @@
<p><%= f.select :auth_source_id, ([[l(:label_internal), ""]] + @auth_sources.collect { |a| [a.name, a.id] }), {}, :onchange => "if (this.value=='') {Element.show('password_fields');} else {Element.hide('password_fields');}" %></p>
<% end %>
<div id="password_fields" style="<%= 'display:none;' if @user.auth_source %>">
-<p><label for="password"><%=l(:field_password)%><span class="required"> *</span></label>
-<%= password_field_tag 'password', nil, :size => 25 %><br />
+<p><%= f.password_field :password, :required => true, :size => 25 %><br />
<em><%= l(:text_caracters_minimum, :count => Setting.password_min_length) %></em></p>
-<p><label for="password_confirmation"><%=l(:field_password_confirmation)%><span class="required"> *</span></label>
-<%= password_field_tag 'password_confirmation', nil, :size => 25 %></p>
+<p><%= f.password_field :password_confirmation, :required => true, :size => 25 %></p>
</div>
</div>
diff --git a/test/functional/users_controller_test.rb b/test/functional/users_controller_test.rb
index 100ec8ded..8b879cc30 100644
--- a/test/functional/users_controller_test.rb
+++ b/test/functional/users_controller_test.rb
@@ -152,6 +152,11 @@ class UsersControllerTest < ActionController::TestCase
user = User.last
assert_equal 'none', user.mail_notification
end
+
+ should 'set the password' do
+ user = User.first(:order => 'id DESC')
+ assert user.check_password?('test')
+ end
end
context "when unsuccessful" do
@@ -194,13 +199,13 @@ class UsersControllerTest < ActionController::TestCase
assert mail.body.include?(ll('fr', :notice_account_activated))
end
- def test_updat_with_password_change_should_send_a_notification
+ def test_update_with_password_change_should_send_a_notification
ActionMailer::Base.deliveries.clear
Setting.bcc_recipients = '1'
+ put :update, :id => 2, :user => {:password => 'newpass', :password_confirmation => 'newpass'}, :send_information => '1'
u = User.find(2)
- put :update, :id => u.id, :user => {}, :password => 'newpass', :password_confirmation => 'newpass', :send_information => '1'
- assert_equal User.hash_password('newpass'), u.reload.hashed_password
+ assert u.check_password?('newpass')
mail = ActionMailer::Base.deliveries.last
assert_not_nil mail
@@ -214,10 +219,10 @@ class UsersControllerTest < ActionController::TestCase
u.auth_source = AuthSource.find(1)
u.save!
- put :update, :id => u.id, :user => {:auth_source_id => ''}, :password => 'newpass', :password_confirmation => 'newpass'
+ put :update, :id => u.id, :user => {:auth_source_id => '', :password => 'newpass'}, :password_confirmation => 'newpass'
assert_equal nil, u.reload.auth_source
- assert_equal User.hash_password('newpass'), u.reload.hashed_password
+ assert u.check_password?('newpass')
end
def test_edit_membership
diff --git a/test/integration/api_test/users_test.rb b/test/integration/api_test/users_test.rb
index 1fc4b2032..83be388a7 100644
--- a/test/integration/api_test/users_test.rb
+++ b/test/integration/api_test/users_test.rb
@@ -54,13 +54,13 @@ class ApiTest::UsersTest < ActionController::IntegrationTest
context "POST /users" do
context "with valid parameters" do
setup do
- @parameters = {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net'}}
+ @parameters = {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net', :password => 'secret'}}
end
context ".xml" do
should_allow_api_authentication(:post,
'/users.xml',
- {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net'}},
+ {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net', :password => 'secret'}},
{:success_code => :created})
should "create a user with the attributes" do
@@ -74,6 +74,7 @@ class ApiTest::UsersTest < ActionController::IntegrationTest
assert_equal 'Lastname', user.lastname
assert_equal 'foo@example.net', user.mail
assert !user.admin?
+ assert user.check_password?('secret')
assert_response :created
assert_equal 'application/xml', @response.content_type