Commit abd673e1b2a218ea17963d5c6bf4043e2f8c7eaa
1 parent
b1a80523
Exists in
master
and in
29 other branches
ActionItem78: validating password confirmation
git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@639 3f533792-8f58-4932-b0fe-aaf55b0a4547
Showing
2 changed files
with
23 additions
and
3 deletions
Show diff stats
app/models/change_password.rb
... | ... | @@ -38,6 +38,8 @@ class ChangePassword < Task |
38 | 38 | |
39 | 39 | # only require the new password when actually changing it. |
40 | 40 | validates_presence_of :password, :on => :update |
41 | + validates_presence_of :password_confirmation, :on => :update | |
42 | + validates_confirmation_of :password | |
41 | 43 | |
42 | 44 | def initialize(*args) |
43 | 45 | super(*args) |
... | ... | @@ -61,10 +63,10 @@ class ChangePassword < Task |
61 | 63 | |
62 | 64 | def create_message |
63 | 65 | hostname = self.requestor.environment.default_hostname |
64 | - hash = self.id | |
66 | + code = self.code | |
65 | 67 | |
66 | 68 | lambda do |
67 | - _("In order to change your password, please visit the following address:\n\n%s") % url_for(:host => hostname, :controller => 'account', :action => 'change_password', :hash => hash) | |
69 | + _("In order to change your password, please visit the following address:\n\n%s") % url_for(:host => hostname, :controller => 'account', :action => 'new_password', :code => code) | |
68 | 70 | end |
69 | 71 | end |
70 | 72 | ... | ... |
test/unit/change_password_test.rb
... | ... | @@ -54,6 +54,24 @@ class ChangePasswordTest < Test::Unit::TestCase |
54 | 54 | assert !data.errors.invalid?(:email) |
55 | 55 | end |
56 | 56 | |
57 | + should 'require correct passsword confirmation' do | |
58 | + User.create!(:login => 'testuser', :password => 'test', :password_confirmation => 'test', :email => 'test@example.com') | |
59 | + | |
60 | + change = ChangePassword.new | |
61 | + change.login = 'testuser' | |
62 | + change.email = 'test@example.com' | |
63 | + change.save! | |
64 | + | |
65 | + change.password = 'right' | |
66 | + change.password_confirmation = 'wrong' | |
67 | + assert !change.valid? | |
68 | + assert change.errors.invalid?(:password) | |
69 | + | |
70 | + | |
71 | + change.password_confirmation = 'right' | |
72 | + assert change.valid? | |
73 | + end | |
74 | + | |
57 | 75 | should 'actually change password' do |
58 | 76 | User.destroy_all |
59 | 77 | User.create!(:login => 'testuser', :password => 'test', :password_confirmation => 'test', :email => 'test@example.com') |
... | ... | @@ -64,8 +82,8 @@ class ChangePasswordTest < Test::Unit::TestCase |
64 | 82 | change.save! |
65 | 83 | |
66 | 84 | user = User.new |
67 | - user.expects(:force_change_password!).with('newpass', 'newpass') | |
68 | 85 | User.expects(:find_by_login).with('testuser').returns(user) |
86 | + user.expects(:force_change_password!).with('newpass', 'newpass') | |
69 | 87 | |
70 | 88 | change.password = 'newpass' |
71 | 89 | change.password_confirmation = 'newpass' | ... | ... |