forgot_password: allow password recovery with email OR login

Also provides infra to any other field in the future. (ActionItem2857)

forgot_password: allow password recovery with email OR login
Also provides infra to any other field in the future. (ActionItem2857)
Rodrigo Souto
1 parent 63ca9209
Showing 4 changed files with 58 additions and 10 deletions Show diff stats
app/models/change_password.rb
app/views/account/forgot_password.rhtml
test/functional/account_controller_test.rb
test/integration/forgot_password_test.rb
@@ -18,6 +18,13 @@ class ChangePassword &lt; Task
     end
   end
+  def self.fields_choice
+    [
+      [_('Username'), 'login'],
+      [_('Email'), 'email'],
+    ]
+  end
+
   ###################################################
   # validations for creating a ChangePassword task 
@@ -4,10 +4,9 @@
 <% labelled_form_for :change_password, @change_password, :url => { :action => 'forgot_password' } do |f| %>
-  <%= f.text_field :login,
-                   :onchange => 'this.value = convToValidUsername( this.value )' %>
+  <%= labelled_form_field(_('Field'), f.select(:field, ChangePassword.fields_choice)) %>
-  <%= f.text_field :email %>
+  <%= f.text_field :value %>
   <%= f.hidden_field :environment_id, :value => environment.id %>
@@ -215,12 +215,21 @@ class AccountControllerTest &lt; ActionController::TestCase
     assert_response :success
   end
-  should 'respond to forgotten password change request' do
+  should 'respond to forgotten password change request with login' do
     change = ChangePassword.new
-    ChangePassword.expects(:new).with('login' => 'test', 'email' => 'test@localhost.localdomain').returns(change)
+    ChangePassword.expects(:new).with('field' => 'login', 'value' => 'test').returns(change)
     change.expects(:save!).returns(true)
-    post :forgot_password, :change_password => { :login => 'test', :email => 'test@localhost.localdomain' }
+    post :forgot_password, :change_password => { :field => 'login', :value => 'test' }
+    assert_template 'password_recovery_sent'
+  end
+
+  should 'respond to forgotten password change request with email' do
+    change = ChangePassword.new
+    ChangePassword.expects(:new).with('field' => 'email', 'value' => 'test@localhost.localdomain').returns(change)
+    change.expects(:save!).returns(true)
+
+    post :forgot_password, :change_password => { :field => 'email', :value => 'test@localhost.localdomain' }
     assert_template 'password_recovery_sent'
   end
@@ -267,7 +276,7 @@ class AccountControllerTest &lt; ActionController::TestCase
   should 'require password confirmation correctly to enter new pasword' do
     user = create_user('testuser', :email => 'testuser@example.com', :password => 'test', :password_confirmation => 'test')
-    change = ChangePassword.create!(:login => 'testuser', :email => 'testuser@example.com', :environment_id => Environment.default.id)
+    change = ChangePassword.create!(:field => 'login', :value => 'testuser', :environment_id => Environment.default.id)
     post :new_password, :code => change.code, :change_password => { :password => 'onepass', :password_confirmation => 'another_pass' }
     assert_response :success
@@ -853,7 +862,7 @@ class AccountControllerTest &lt; ActionController::TestCase
     assert_response :redirect
     #Redirect on post action
-    post :forgot_password, :change_password => { :login => 'test', :email => 'test@localhost.localdomain' }
+    post :forgot_password, :change_password => { :field => 'login', :value => 'test' }
     assert_response :redirect
   end
@@ -6,7 +6,7 @@ class ForgotPasswordTest &lt; ActionController::IntegrationTest
     ActionController::Integration::Session.any_instance.stubs(:https?).returns(true)
   end
-  def test_forgot_password
+  def test_forgot_password_with_login
     User.destroy_all
     Profile.destroy_all
@@ -19,7 +19,40 @@ class ForgotPasswordTest &lt; ActionController::IntegrationTest
     assert_response :success
     assert_tag :tag => 'form', :attributes => { :action => '/account/forgot_password', :method => 'post' }
-    post '/account/forgot_password', :change_password => { :login => 'forgotten', :email => 'forgotten@localhost.localdomain', :environment_id => Environment.default.id }
+    post '/account/forgot_password', :change_password => { :field => 'login', :value => 'forgotten', :environment_id => Environment.default.id }
+
+    assert_response :success
+    assert_template 'password_recovery_sent'
+
+    assert_equal 1, ChangePassword.count
+    code = ChangePassword.find(:first).code
+
+    get "/account/new_password/#{code}"
+    assert_response :success
+    assert_tag :tag => 'form', :attributes => { :action => "/account/new_password/#{code}" }
+
+    post "/account/new_password/#{code}", :change_password => { :password => 'newpass', :password_confirmation => 'newpass'}
+    assert_response :success
+    assert_template 'new_password_ok'
+    assert_tag :tag => 'a', :attributes => { :href => "/account/login" }
+
+    login('forgotten', 'newpass')
+  end
+
+  def test_forgot_password_with_email
+
+    User.destroy_all
+    Profile.destroy_all
+    ChangePassword.destroy_all
+
+    create_user('forgotten', :password => 'test', :password_confirmation => 'test', :email => 'forgotten@localhost.localdomain').activate
+
+    get '/account/forgot_password'
+
+    assert_response :success
+    assert_tag :tag => 'form', :attributes => { :action => '/account/forgot_password', :method => 'post' }
+
+    post '/account/forgot_password', :change_password => { :field => 'email', :value => 'forgotten@localhost.localdomain', :environment_id => Environment.default.id }
     assert_response :success
     assert_template 'password_recovery_sent'
	@@ -18,6 +18,13 @@ class ChangePassword < Task		@@ -18,6 +18,13 @@ class ChangePassword < Task
18	end	18	end
19	end	19	end
20		20
		21	+ def self.fields_choice
		22	+ [
		23	+ [_('Username'), 'login'],
		24	+ [_('Email'), 'email'],
		25	+ ]
		26	+ end
		27	+
21	###################################################	28	###################################################
22	# validations for creating a ChangePassword task	29	# validations for creating a ChangePassword task
23		30
	@@ -4,10 +4,9 @@		@@ -4,10 +4,9 @@
4		4
5	<% labelled_form_for :change_password, @change_password, :url => { :action => 'forgot_password' } do \|f\| %>	5	<% labelled_form_for :change_password, @change_password, :url => { :action => 'forgot_password' } do \|f\| %>
6		6
7	- <%= f.text_field :login,
8	- :onchange => 'this.value = convToValidUsername( this.value )' %>	7	+ <%= labelled_form_field(_('Field'), f.select(:field, ChangePassword.fields_choice)) %>
9		8
10	- <%= f.text_field :email %>	9	+ <%= f.text_field :value %>
11		10
12	<%= f.hidden_field :environment_id, :value => environment.id %>	11	<%= f.hidden_field :environment_id, :value => environment.id %>
13		12
	@@ -6,7 +6,7 @@ class ForgotPasswordTest < ActionController::IntegrationTest		@@ -6,7 +6,7 @@ class ForgotPasswordTest < ActionController::IntegrationTest
6	ActionController::Integration::Session.any_instance.stubs(:https?).returns(true)	6	ActionController::Integration::Session.any_instance.stubs(:https?).returns(true)
7	end	7	end
8		8
9	- def test_forgot_password	9	+ def test_forgot_password_with_login
10		10
11	User.destroy_all	11	User.destroy_all
12	Profile.destroy_all	12	Profile.destroy_all
	@@ -19,7 +19,40 @@ class ForgotPasswordTest < ActionController::IntegrationTest		@@ -19,7 +19,40 @@ class ForgotPasswordTest < ActionController::IntegrationTest
19	assert_response :success	19	assert_response :success
20	assert_tag :tag => 'form', :attributes => { :action => '/account/forgot_password', :method => 'post' }	20	assert_tag :tag => 'form', :attributes => { :action => '/account/forgot_password', :method => 'post' }
21		21
22	- post '/account/forgot_password', :change_password => { :login => 'forgotten', :email => 'forgotten@localhost.localdomain', :environment_id => Environment.default.id }	22	+ post '/account/forgot_password', :change_password => { :field => 'login', :value => 'forgotten', :environment_id => Environment.default.id }
		23	+
		24	+ assert_response :success
		25	+ assert_template 'password_recovery_sent'
		26	+
		27	+ assert_equal 1, ChangePassword.count
		28	+ code = ChangePassword.find(:first).code
		29	+
		30	+ get "/account/new_password/#{code}"
		31	+ assert_response :success
		32	+ assert_tag :tag => 'form', :attributes => { :action => "/account/new_password/#{code}" }
		33	+
		34	+ post "/account/new_password/#{code}", :change_password => { :password => 'newpass', :password_confirmation => 'newpass'}
		35	+ assert_response :success
		36	+ assert_template 'new_password_ok'
		37	+ assert_tag :tag => 'a', :attributes => { :href => "/account/login" }
		38	+
		39	+ login('forgotten', 'newpass')
		40	+ end
		41	+
		42	+ def test_forgot_password_with_email
		43	+
		44	+ User.destroy_all
		45	+ Profile.destroy_all
		46	+ ChangePassword.destroy_all
		47	+
		48	+ create_user('forgotten', :password => 'test', :password_confirmation => 'test', :email => 'forgotten@localhost.localdomain').activate
		49	+
		50	+ get '/account/forgot_password'
		51	+
		52	+ assert_response :success
		53	+ assert_tag :tag => 'form', :attributes => { :action => '/account/forgot_password', :method => 'post' }
		54	+
		55	+ post '/account/forgot_password', :change_password => { :field => 'email', :value => 'forgotten@localhost.localdomain', :environment_id => Environment.default.id }
23		56
24	assert_response :success	57	assert_response :success
25	assert_template 'password_recovery_sent'	58	assert_template 'password_recovery_sent'