Don't show users password change page if ldap users

Izaak Alpert
1 parent 16b6040c
Showing 4 changed files with 40 additions and 1 deletions Show diff stats
app/controllers/application_controller.rb
features/profile/profile.feature
features/steps/profile/profile.rb
spec/controllers/application_controller_spec.rb
@@ -151,7 +151,7 @@ class ApplicationController &lt; ActionController::Base
   end
  
   def check_password_expiration
-    if current_user && current_user.password_expires_at && current_user.password_expires_at < Time.now
+    if current_user && current_user.password_expires_at && current_user.password_expires_at < Time.now  && !current_user.ldap_user?
       redirect_to new_profile_password_path and return
     end
   end
@@ -18,6 +18,7 @@ Feature: Profile
  
   Scenario: My password is expired
     Given my password is expired
+    And I am not an ldap user
     And I visit profile account page
     Then I redirected to expired password page
     And I submit new password
@@ -91,6 +91,11 @@ class Profile &lt; Spinach::FeatureSteps
     current_user.update_attributes(password_expires_at: Time.now - 1.hour)
   end
  
+  step "I am not an ldap user" do
+    current_user.update_attributes(extern_uid: nil,  provider: '')
+    current_user.ldap_user?.should be_false
+  end
+
   step 'I redirected to expired password page' do
     current_path.should == new_profile_password_path
   end
@@ -0,0 +1,33 @@
+require 'spec_helper'
+
+describe ApplicationController do
+  describe '#check_password_expiration' do
+    let(:user) { create(:user) }
+    let(:controller) { ApplicationController.new }
+
+    it 'should redirect if the user is over their password expiry' do
+      user.password_expires_at = Time.new(2002)
+      user.ldap_user?.should be_false
+      controller.stub!(:current_user).and_return(user)
+      controller.should_receive(:redirect_to)
+      controller.should_receive(:new_profile_password_path)
+      controller.send(:check_password_expiration)
+    end
+
+    it 'should not redirect if the user is under their password expiry' do
+      user.password_expires_at = Time.now + 20010101
+      user.ldap_user?.should be_false
+      controller.stub!(:current_user).and_return(user)
+      controller.should_not_receive(:redirect_to)
+      controller.send(:check_password_expiration)
+    end
+
+    it 'should not redirect if the user is over their password expiry but they are an ldap user' do
+      user.password_expires_at = Time.new(2002)
+      user.stub!(:ldap_user?).and_return(true)
+      controller.stub!(:current_user).and_return(user)
+      controller.should_not_receive(:redirect_to)
+      controller.send(:check_password_expiration)
+    end
+  end
+end
 \ No newline at end of file
...	...	@@ -151,7 +151,7 @@ class ApplicationController < ActionController::Base
151	151	end
152	152
153	153	def check_password_expiration
154		- if current_user && current_user.password_expires_at && current_user.password_expires_at < Time.now
	154	+ if current_user && current_user.password_expires_at && current_user.password_expires_at < Time.now && !current_user.ldap_user?
155	155	redirect_to new_profile_password_path and return
156	156	end
157	157	end
...	...
...	...	@@ -18,6 +18,7 @@ Feature: Profile
18	18
19	19	Scenario: My password is expired
20	20	Given my password is expired
	21	+ And I am not an ldap user
21	22	And I visit profile account page
22	23	Then I redirected to expired password page
23	24	And I submit new password
...	...
...	...	@@ -91,6 +91,11 @@ class Profile < Spinach::FeatureSteps
91	91	current_user.update_attributes(password_expires_at: Time.now - 1.hour)
92	92	end
93	93
	94	+ step "I am not an ldap user" do
	95	+ current_user.update_attributes(extern_uid: nil, provider: '')
	96	+ current_user.ldap_user?.should be_false
	97	+ end
	98	+
94	99	step 'I redirected to expired password page' do
95	100	current_path.should == new_profile_password_path
96	101	end
...	...
...	...	@@ -0,0 +1,33 @@
	1	+require 'spec_helper'
	2	+
	3	+describe ApplicationController do
	4	+ describe '#check_password_expiration' do
	5	+ let(:user) { create(:user) }
	6	+ let(:controller) { ApplicationController.new }
	7	+
	8	+ it 'should redirect if the user is over their password expiry' do
	9	+ user.password_expires_at = Time.new(2002)
	10	+ user.ldap_user?.should be_false
	11	+ controller.stub!(:current_user).and_return(user)
	12	+ controller.should_receive(:redirect_to)
	13	+ controller.should_receive(:new_profile_password_path)
	14	+ controller.send(:check_password_expiration)
	15	+ end
	16	+
	17	+ it 'should not redirect if the user is under their password expiry' do
	18	+ user.password_expires_at = Time.now + 20010101
	19	+ user.ldap_user?.should be_false
	20	+ controller.stub!(:current_user).and_return(user)
	21	+ controller.should_not_receive(:redirect_to)
	22	+ controller.send(:check_password_expiration)
	23	+ end
	24	+
	25	+ it 'should not redirect if the user is over their password expiry but they are an ldap user' do
	26	+ user.password_expires_at = Time.new(2002)
	27	+ user.stub!(:ldap_user?).and_return(true)
	28	+ controller.stub!(:current_user).and_return(user)
	29	+ controller.should_not_receive(:redirect_to)
	30	+ controller.send(:check_password_expiration)
	31	+ end
	32	+ end
	33	+end
0	34	\ No newline at end of file
...	...