diff --git a/app/models/change_password.rb b/app/models/change_password.rb index db5e809..76836a5 100644 --- a/app/models/change_password.rb +++ b/app/models/change_password.rb @@ -5,7 +5,7 @@ class ChangePassword < Task self[:data] ||= {} end - attr_accessor :login, :email, :password, :password_confirmation + attr_accessor :login, :email, :password, :password_confirmation, :environment_id def self.human_attribute_name(attrib) case attrib.to_sym @@ -25,15 +25,15 @@ class ChangePassword < Task ################################################### # validations for creating a ChangePassword task - validates_presence_of :login, :email, :on => :create + validates_presence_of :login, :email, :environment_id, :on => :create validates_presence_of :requestor_id validates_format_of :email, :on => :create, :with => Noosfero::Constants::EMAIL_FORMAT, :if => (lambda { |obj| !obj.email.blank? }) validates_each :login, :on => :create do |data,attr,value| - unless data.login.blank? - user = User.find_by_login(data.login) + unless data.login.blank? || data.email.blank? + user = User.find_by_login_and_environment_id(data.login, data.environment_id) if user.nil? data.errors.add(:login, _('%{fn} is not a valid username.')) else diff --git a/app/views/account/forgot_password.rhtml b/app/views/account/forgot_password.rhtml index 61486ba..a95e464 100644 --- a/app/views/account/forgot_password.rhtml +++ b/app/views/account/forgot_password.rhtml @@ -9,6 +9,8 @@ <%= f.text_field :email %> + <%= f.hidden_field :environment_id, :value => environment.id %> +
<% button_bar do %> <%= submit_button('send', _('Send instructions')) %> diff --git a/test/functional/account_controller_test.rb b/test/functional/account_controller_test.rb index fe2ad18..e6241fe 100644 --- a/test/functional/account_controller_test.rb +++ b/test/functional/account_controller_test.rb @@ -265,7 +265,7 @@ class AccountControllerTest < Test::Unit::TestCase should 'require password confirmation correctly to enter new pasword' do user = create_user('testuser', :email => 'testuser@example.com', :password => 'test', :password_confirmation => 'test') - change = ChangePassword.create!(:login => 'testuser', :email => 'testuser@example.com') + change = ChangePassword.create!(:login => 'testuser', :email => 'testuser@example.com', :environment_id => Environment.default.id) post :new_password, :code => change.code, :change_password => { :password => 'onepass', :password_confirmation => 'another_pass' } assert_response :success diff --git a/test/integration/forgot_password_test.rb b/test/integration/forgot_password_test.rb index 40504eb..c227c6f 100644 --- a/test/integration/forgot_password_test.rb +++ b/test/integration/forgot_password_test.rb @@ -19,7 +19,7 @@ class ForgotPasswordTest < ActionController::IntegrationTest assert_response :success assert_tag :tag => 'form', :attributes => { :action => '/account/forgot_password', :method => 'post' } - post '/account/forgot_password', :change_password => { :login => 'forgotten', :email => 'forgotten@localhost.localdomain' } + post '/account/forgot_password', :change_password => { :login => 'forgotten', :email => 'forgotten@localhost.localdomain', :environment_id => Environment.default.id } assert_response :success assert_template 'password_recovery_sent' diff --git a/test/unit/change_password_test.rb b/test/unit/change_password_test.rb index 86896fc..e858ea2 100644 --- a/test/unit/change_password_test.rb +++ b/test/unit/change_password_test.rb @@ -14,6 +14,8 @@ class ChangePasswordTest < Test::Unit::TestCase data = ChangePassword.new data.login = 'unexisting' + data.email = 'example@example.com' + data.environment_id = Environment.default.id data.valid? assert data.errors.invalid?(:login) end @@ -35,6 +37,7 @@ class ChangePasswordTest < Test::Unit::TestCase data = ChangePassword.new data.login = 'testuser' data.email = 'wrong@example.com' + data.environment_id = Environment.default.id data.valid? assert !data.errors.invalid?(:login) @@ -48,6 +51,7 @@ class ChangePasswordTest < Test::Unit::TestCase data = ChangePassword.new data.login = 'testuser' data.email = 'test@example.com' + data.environment_id = Environment.default.id data.valid? assert !data.errors.invalid?(:login) @@ -60,6 +64,7 @@ class ChangePasswordTest < Test::Unit::TestCase change = ChangePassword.new change.login = 'testuser' change.email = 'test@example.com' + change.environment_id = Environment.default.id change.save! change.status = Task::Status::FINISHED @@ -80,6 +85,7 @@ class ChangePasswordTest < Test::Unit::TestCase change = ChangePassword.new change.login = 'testuser' change.email = 'test@example.com' + change.environment_id = Environment.default.id change.save! change.expects(:requestor).returns(person).at_least_once @@ -98,6 +104,7 @@ class ChangePasswordTest < Test::Unit::TestCase change = ChangePassword.new change.login = 'testuser' change.email = 'test@example.com' + change.environment_id = Environment.default.id change.save! assert_nothing_raised do @@ -111,4 +118,18 @@ class ChangePasswordTest < Test::Unit::TestCase assert_equal t1.permission, t2.permission end + should 'search for user in the correct environment' do + e1 = Environment.create!(:id => 1, :name => "environment1") + e2 = Environment.create!(:id => 2, :name => "environment2") + p1 = create_user('sample-user', :password => 'test', :password_confirmation => 'test', :email => 'sample-user@e1.com', :environment => e1).person + p2 = create_user('sample-user', :password => 'test', :password_confirmation => 'test', :email => 'sample-user@e2.com', :environment => e2).person + + change = ChangePassword.new + change.login = 'sample-user' + change.email = 'sample-user@e2.com' + change.environment_id = e2.id + + assert change.valid? + end + end -- libgit2 0.21.2