Commit abd673e1b2a218ea17963d5c6bf4043e2f8c7eaa
1 parent
b1a80523
Exists in
master
and in
29 other branches
ActionItem78: validating password confirmation
git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@639 3f533792-8f58-4932-b0fe-aaf55b0a4547
Showing
2 changed files
with
23 additions
and
3 deletions
Show diff stats
app/models/change_password.rb
| @@ -38,6 +38,8 @@ class ChangePassword < Task | @@ -38,6 +38,8 @@ class ChangePassword < Task | ||
| 38 | 38 | ||
| 39 | # only require the new password when actually changing it. | 39 | # only require the new password when actually changing it. |
| 40 | validates_presence_of :password, :on => :update | 40 | validates_presence_of :password, :on => :update |
| 41 | + validates_presence_of :password_confirmation, :on => :update | ||
| 42 | + validates_confirmation_of :password | ||
| 41 | 43 | ||
| 42 | def initialize(*args) | 44 | def initialize(*args) |
| 43 | super(*args) | 45 | super(*args) |
| @@ -61,10 +63,10 @@ class ChangePassword < Task | @@ -61,10 +63,10 @@ class ChangePassword < Task | ||
| 61 | 63 | ||
| 62 | def create_message | 64 | def create_message |
| 63 | hostname = self.requestor.environment.default_hostname | 65 | hostname = self.requestor.environment.default_hostname |
| 64 | - hash = self.id | 66 | + code = self.code |
| 65 | 67 | ||
| 66 | lambda do | 68 | lambda do |
| 67 | - _("In order to change your password, please visit the following address:\n\n%s") % url_for(:host => hostname, :controller => 'account', :action => 'change_password', :hash => hash) | 69 | + _("In order to change your password, please visit the following address:\n\n%s") % url_for(:host => hostname, :controller => 'account', :action => 'new_password', :code => code) |
| 68 | end | 70 | end |
| 69 | end | 71 | end |
| 70 | 72 |
test/unit/change_password_test.rb
| @@ -54,6 +54,24 @@ class ChangePasswordTest < Test::Unit::TestCase | @@ -54,6 +54,24 @@ class ChangePasswordTest < Test::Unit::TestCase | ||
| 54 | assert !data.errors.invalid?(:email) | 54 | assert !data.errors.invalid?(:email) |
| 55 | end | 55 | end |
| 56 | 56 | ||
| 57 | + should 'require correct passsword confirmation' do | ||
| 58 | + User.create!(:login => 'testuser', :password => 'test', :password_confirmation => 'test', :email => 'test@example.com') | ||
| 59 | + | ||
| 60 | + change = ChangePassword.new | ||
| 61 | + change.login = 'testuser' | ||
| 62 | + change.email = 'test@example.com' | ||
| 63 | + change.save! | ||
| 64 | + | ||
| 65 | + change.password = 'right' | ||
| 66 | + change.password_confirmation = 'wrong' | ||
| 67 | + assert !change.valid? | ||
| 68 | + assert change.errors.invalid?(:password) | ||
| 69 | + | ||
| 70 | + | ||
| 71 | + change.password_confirmation = 'right' | ||
| 72 | + assert change.valid? | ||
| 73 | + end | ||
| 74 | + | ||
| 57 | should 'actually change password' do | 75 | should 'actually change password' do |
| 58 | User.destroy_all | 76 | User.destroy_all |
| 59 | User.create!(:login => 'testuser', :password => 'test', :password_confirmation => 'test', :email => 'test@example.com') | 77 | User.create!(:login => 'testuser', :password => 'test', :password_confirmation => 'test', :email => 'test@example.com') |
| @@ -64,8 +82,8 @@ class ChangePasswordTest < Test::Unit::TestCase | @@ -64,8 +82,8 @@ class ChangePasswordTest < Test::Unit::TestCase | ||
| 64 | change.save! | 82 | change.save! |
| 65 | 83 | ||
| 66 | user = User.new | 84 | user = User.new |
| 67 | - user.expects(:force_change_password!).with('newpass', 'newpass') | ||
| 68 | User.expects(:find_by_login).with('testuser').returns(user) | 85 | User.expects(:find_by_login).with('testuser').returns(user) |
| 86 | + user.expects(:force_change_password!).with('newpass', 'newpass') | ||
| 69 | 87 | ||
| 70 | change.password = 'newpass' | 88 | change.password = 'newpass' |
| 71 | change.password_confirmation = 'newpass' | 89 | change.password_confirmation = 'newpass' |