Commit cde02954 authored by Jean-Philippe Lang's avatar Jean-Philippe Lang

Moves password param to user hash param so that it can be set using the User API.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4493 e93f8b46-1217-0410-a6f0-8f06a7374b81
parent a4d7a99c
......@@ -101,7 +101,7 @@ class UsersController < ApplicationController
@user.safe_attributes = params[:user]
@user.admin = params[:user][:admin] || false
@user.login = params[:user][:login]
@user.password, @user.password_confirmation = params[:password], params[:password_confirmation] unless @user.auth_source_id
@user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] unless @user.auth_source_id
# TODO: Similar to My#account
@user.mail_notification = params[:notification_option] || 'only_my_events'
......@@ -127,6 +127,8 @@ class UsersController < ApplicationController
else
@auth_sources = AuthSource.find(:all)
@notification_option = @user.mail_notification
# Clear password input
@user.password = @user.password_confirmation = nil
respond_to do |format|
format.html { render :action => 'new' }
......@@ -152,8 +154,8 @@ class UsersController < ApplicationController
@user.admin = params[:user][:admin] if params[:user][:admin]
@user.login = params[:user][:login] if params[:user][:login]
if params[:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
@user.password, @user.password_confirmation = params[:password], params[:password_confirmation]
if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
@user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
end
@user.group_ids = params[:user][:group_ids] if params[:user][:group_ids]
@user.safe_attributes = params[:user]
......@@ -170,8 +172,8 @@ class UsersController < ApplicationController
if was_activated
Mailer.deliver_account_activated(@user)
elsif @user.active? && params[:send_information] && !params[:password].blank? && @user.auth_source_id.nil?
Mailer.deliver_account_information(@user, params[:password])
elsif @user.active? && params[:send_information] && !params[:user][:password].blank? && @user.auth_source_id.nil?
Mailer.deliver_account_information(@user, params[:user][:password])
end
respond_to do |format|
......@@ -184,6 +186,8 @@ class UsersController < ApplicationController
else
@auth_sources = AuthSource.find(:all)
@membership ||= Member.new
# Clear password input
@user.password = @user.password_confirmation = nil
respond_to do |format|
format.html { render :action => :edit }
......
......@@ -25,11 +25,9 @@
<p><%= f.select :auth_source_id, ([[l(:label_internal), ""]] + @auth_sources.collect { |a| [a.name, a.id] }), {}, :onchange => "if (this.value=='') {Element.show('password_fields');} else {Element.hide('password_fields');}" %></p>
<% end %>
<div id="password_fields" style="<%= 'display:none;' if @user.auth_source %>">
<p><label for="password"><%=l(:field_password)%><span class="required"> *</span></label>
<%= password_field_tag 'password', nil, :size => 25 %><br />
<p><%= f.password_field :password, :required => true, :size => 25 %><br />
<em><%= l(:text_caracters_minimum, :count => Setting.password_min_length) %></em></p>
<p><label for="password_confirmation"><%=l(:field_password_confirmation)%><span class="required"> *</span></label>
<%= password_field_tag 'password_confirmation', nil, :size => 25 %></p>
<p><%= f.password_field :password_confirmation, :required => true, :size => 25 %></p>
</div>
</div>
......
......@@ -152,6 +152,11 @@ class UsersControllerTest < ActionController::TestCase
user = User.last
assert_equal 'none', user.mail_notification
end
should 'set the password' do
user = User.first(:order => 'id DESC')
assert user.check_password?('test')
end
end
context "when unsuccessful" do
......@@ -194,13 +199,13 @@ class UsersControllerTest < ActionController::TestCase
assert mail.body.include?(ll('fr', :notice_account_activated))
end
def test_updat_with_password_change_should_send_a_notification
def test_update_with_password_change_should_send_a_notification
ActionMailer::Base.deliveries.clear
Setting.bcc_recipients = '1'
put :update, :id => 2, :user => {:password => 'newpass', :password_confirmation => 'newpass'}, :send_information => '1'
u = User.find(2)
put :update, :id => u.id, :user => {}, :password => 'newpass', :password_confirmation => 'newpass', :send_information => '1'
assert_equal User.hash_password('newpass'), u.reload.hashed_password
assert u.check_password?('newpass')
mail = ActionMailer::Base.deliveries.last
assert_not_nil mail
......@@ -214,10 +219,10 @@ class UsersControllerTest < ActionController::TestCase
u.auth_source = AuthSource.find(1)
u.save!
put :update, :id => u.id, :user => {:auth_source_id => ''}, :password => 'newpass', :password_confirmation => 'newpass'
put :update, :id => u.id, :user => {:auth_source_id => '', :password => 'newpass'}, :password_confirmation => 'newpass'
assert_equal nil, u.reload.auth_source
assert_equal User.hash_password('newpass'), u.reload.hashed_password
assert u.check_password?('newpass')
end
def test_edit_membership
......
......@@ -54,13 +54,13 @@ class ApiTest::UsersTest < ActionController::IntegrationTest
context "POST /users" do
context "with valid parameters" do
setup do
@parameters = {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net'}}
@parameters = {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net', :password => 'secret'}}
end
context ".xml" do
should_allow_api_authentication(:post,
'/users.xml',
{:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net'}},
{:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net', :password => 'secret'}},
{:success_code => :created})
should "create a user with the attributes" do
......@@ -74,6 +74,7 @@ class ApiTest::UsersTest < ActionController::IntegrationTest
assert_equal 'Lastname', user.lastname
assert_equal 'foo@example.net', user.mail
assert !user.admin?
assert user.check_password?('secret')
assert_response :created
assert_equal 'application/xml', @response.content_type
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment