Commit d0c92dcf9b7f4bbc698e3eaf6ed5ddfd768ee27b
1 parent
bacd2c10
Exists in
master
and in
29 other branches
ActionItem9: implementing changing password
git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@156 3f533792-8f58-4932-b0fe-aaf55b0a4547
Showing
5 changed files
with
79 additions
and
2 deletions
Show diff stats
app/controllers/account_controller.rb
@@ -47,4 +47,22 @@ class AccountController < ApplicationController | @@ -47,4 +47,22 @@ class AccountController < ApplicationController | ||
47 | flash[:notice] = "You have been logged out." | 47 | flash[:notice] = "You have been logged out." |
48 | redirect_back_or_default(:controller => '/account', :action => 'index') | 48 | redirect_back_or_default(:controller => '/account', :action => 'index') |
49 | end | 49 | end |
50 | + | ||
51 | + def change_password | ||
52 | + if request.post? | ||
53 | + @user = current_user | ||
54 | + begin | ||
55 | + @user.change_password!(params[:current_password], | ||
56 | + params[:new_password], | ||
57 | + params[:new_password_confirmation]) | ||
58 | + flash[:notice] = _('Your password has been changed successfully!') | ||
59 | + redirect_to :action => 'index' | ||
60 | + rescue User::IncorrectPassword => e | ||
61 | + render :action => 'change_password' | ||
62 | + end | ||
63 | + else | ||
64 | + render :action => 'change_password' | ||
65 | + end | ||
66 | + end | ||
67 | + | ||
50 | end | 68 | end |
app/models/profile.rb
@@ -6,7 +6,7 @@ class Profile < ActiveRecord::Base | @@ -6,7 +6,7 @@ class Profile < ActiveRecord::Base | ||
6 | act_as_flexible_template | 6 | act_as_flexible_template |
7 | 7 | ||
8 | # Valid identifiers must match this format. | 8 | # Valid identifiers must match this format. |
9 | - IDENTIFIER_FORMAT = /^[a-z][a-z0-9_]+[a-z0-9]$/ | 9 | + IDENTIFIER_FORMAT = /^[a-z][a-z0-9_]*[a-z0-9]$/ |
10 | 10 | ||
11 | # These names cannot be used as identifiers for Profiles | 11 | # These names cannot be used as identifiers for Profiles |
12 | RESERVED_IDENTIFIERS = %w[ | 12 | RESERVED_IDENTIFIERS = %w[ |
app/models/user.rb
@@ -18,7 +18,7 @@ class User < ActiveRecord::Base | @@ -18,7 +18,7 @@ class User < ActiveRecord::Base | ||
18 | validates_presence_of :password_confirmation, :if => :password_required? | 18 | validates_presence_of :password_confirmation, :if => :password_required? |
19 | validates_length_of :password, :within => 4..40, :if => :password_required? | 19 | validates_length_of :password, :within => 4..40, :if => :password_required? |
20 | validates_confirmation_of :password, :if => :password_required? | 20 | validates_confirmation_of :password, :if => :password_required? |
21 | - validates_length_of :login, :within => 3..40 | 21 | + validates_length_of :login, :within => 2..40 |
22 | validates_length_of :email, :within => 3..100 | 22 | validates_length_of :email, :within => 3..100 |
23 | validates_uniqueness_of :login, :email, :case_sensitive => false | 23 | validates_uniqueness_of :login, :email, :case_sensitive => false |
24 | before_save :encrypt_password | 24 | before_save :encrypt_password |
@@ -60,6 +60,20 @@ class User < ActiveRecord::Base | @@ -60,6 +60,20 @@ class User < ActiveRecord::Base | ||
60 | save(false) | 60 | save(false) |
61 | end | 61 | end |
62 | 62 | ||
63 | + # Exception thrown when #change_password! is called with a wrong current | ||
64 | + # password | ||
65 | + class IncorrectPassword < Exception; end | ||
66 | + | ||
67 | + # Changes the password of a user. | ||
68 | + def change_password!(current, new, confirmation) | ||
69 | + raise IncorrectPassword unless self.authenticated?(current) | ||
70 | + self.password = new | ||
71 | + self.password_confirmation = confirmation | ||
72 | + unless new_record? | ||
73 | + save! | ||
74 | + end | ||
75 | + end | ||
76 | + | ||
63 | protected | 77 | protected |
64 | # before filter | 78 | # before filter |
65 | def encrypt_password | 79 | def encrypt_password |
test/functional/account_controller_test.rb
@@ -124,6 +124,33 @@ class AccountControllerTest < Test::Unit::TestCase | @@ -124,6 +124,33 @@ class AccountControllerTest < Test::Unit::TestCase | ||
124 | assert_template 'index' | 124 | assert_template 'index' |
125 | end | 125 | end |
126 | 126 | ||
127 | + def test_should_display_change_password_screen | ||
128 | + get :change_password | ||
129 | + assert_response :success | ||
130 | + assert_template 'change_password' | ||
131 | + assert_tag :tag => 'input', :attributes => { :name => 'current_password' } | ||
132 | + assert_tag :tag => 'input', :attributes => { :name => 'new_password' } | ||
133 | + assert_tag :tag => 'input', :attributes => { :name => 'new_password_confirmation' } | ||
134 | + end | ||
135 | + | ||
136 | + def test_should_be_able_to_change_password | ||
137 | + login_as 'ze' | ||
138 | + post :change_password, :current_password => 'test', :new_password => 'blabla', :new_password_confirmation => 'blabla' | ||
139 | + assert_response :redirect | ||
140 | + assert_redirected_to :action => 'index' | ||
141 | + assert User.find_by_login('ze').authenticated?('blabla') | ||
142 | + assert_equal users(:ze), @controller.send(:current_user) | ||
143 | + end | ||
144 | + | ||
145 | + def test_should_input_current_password_correctly_to_change_password | ||
146 | + login_as 'ze' | ||
147 | + post :change_password, :current_password => 'wrong', :new_password => 'blabla', :new_password_confirmation => 'blabla' | ||
148 | + assert_response :success | ||
149 | + assert_template 'change_password' | ||
150 | + assert ! User.find_by_login('ze').authenticated?('blabla') | ||
151 | + assert_equal users(:ze), @controller.send(:current_user) | ||
152 | + end | ||
153 | + | ||
127 | protected | 154 | protected |
128 | def create_user(options = {}) | 155 | def create_user(options = {}) |
129 | post :signup, :user => { :login => 'quire', :email => 'quire@example.com', | 156 | post :signup, :user => { :login => 'quire', :email => 'quire@example.com', |
test/unit/user_test.rb
@@ -106,6 +106,24 @@ class UserTest < Test::Unit::TestCase | @@ -106,6 +106,24 @@ class UserTest < Test::Unit::TestCase | ||
106 | assert ! u.errors.invalid?(:login) | 106 | assert ! u.errors.invalid?(:login) |
107 | end | 107 | end |
108 | 108 | ||
109 | + def test_should_change_password | ||
110 | + user = User.create!(:login => 'changetest', :password => 'test', :password_confirmation => 'test', :email => 'changetest@example.com') | ||
111 | + assert_nothing_raised do | ||
112 | + user.change_password!('test', 'newpass', 'newpass') | ||
113 | + end | ||
114 | + assert !user.authenticated?('test') | ||
115 | + assert user.authenticated?('newpass') | ||
116 | + end | ||
117 | + | ||
118 | + def test_should_give_correct_current_password_for_changing_password | ||
119 | + user = User.create!(:login => 'changetest', :password => 'test', :password_confirmation => 'test', :email => 'changetest@example.com') | ||
120 | + assert_raise User::IncorrectPassword do | ||
121 | + user.change_password!('wrong', 'newpass', 'newpass') | ||
122 | + end | ||
123 | + assert !user.authenticated?('newpass') | ||
124 | + assert user.authenticated?('test') | ||
125 | + end | ||
126 | + | ||
109 | protected | 127 | protected |
110 | def create_user(options = {}) | 128 | def create_user(options = {}) |
111 | User.create({ :login => 'quire', :email => 'quire@example.com', :password => 'quire', :password_confirmation => 'quire' }.merge(options)) | 129 | User.create({ :login => 'quire', :email => 'quire@example.com', :password => 'quire', :password_confirmation => 'quire' }.merge(options)) |