Download as
Browse Code »

Commit 075773a677cb28e3db808b0326aca392719e377e

Authored by Leandro Santos
2 parents b2165f89 464f8ef6
Exists in staging and in 32 other branches all_pending_tasks_api, api-articles-period, api_roles, comments_permissions, elasticsearch, elasticsearch_api, elasticsearch_categories, elasticsearch_filter, elasticsearch_sort, elasticsearch_to_merge, elasticsearch_view, environment-exposes-api, export-comment-api, export_data, external_followers, federation-webfinger, federation_followers, federation_followers_backend, federation_oauth_provider, federation_webfinger, fix_notification_email, follower_permition, master, master_profile_followers, oauth_external_login, oauth_login, private-scraps, private-scraps-rebase, production, profile_api_improvements, user_mention, webfinger_server

Merge branch 'fix_api_login' into 'master' 

api: fix validation of inactive users in login



See merge request !866
Showing 2 changed files with 8 additions and 1 deletions   Show diff stats
lib/noosfero/api/session.rb
  Diff comments   View file @075773a
@@ -15,7 +15,7 @@ module Noosfero @@ -15,7 +15,7 @@ module Noosfero
15 post "/login" do 15 post "/login" do
16 begin 16 begin
17 user ||= User.authenticate(params[:login], params[:password], environment) 17 user ||= User.authenticate(params[:login], params[:password], environment)
18 - rescue NoosferoExceptions::UserNotActivated => e 18 + rescue User::UserNotActivated => e
19 render_api_error!(e.message, 401) 19 render_api_error!(e.message, 401)
20 end 20 end
21 21
test/api/session_test.rb
  Diff comments   View file @075773a
@@ -20,6 +20,13 @@ class SessionTest < ActiveSupport::TestCase @@ -20,6 +20,13 @@ class SessionTest < ActiveSupport::TestCase
20 assert_equal 401, last_response.status 20 assert_equal 401, last_response.status
21 end 21 end
22 22
  23 + should 'return 401 when login with an user that was not activated' do
  24 + user.deactivate
  25 + params = {:login => "testapi", :password => "testapi"}
  26 + post "/api/v1/login?#{params.to_query}"
  27 + assert_equal 401, last_response.status
  28 + end
  29 +
23 should 'register a user' do 30 should 'register a user' do
24 Environment.default.enable('skip_new_user_email_confirmation') 31 Environment.default.enable('skip_new_user_email_confirmation')
25 params = {:login => "newuserapi", :password => "newuserapi", :password_confirmation => "newuserapi", :email => "newuserapi@email.com" } 32 params = {:login => "newuserapi", :password => "newuserapi", :password_confirmation => "newuserapi", :email => "newuserapi@email.com" }