ActionItem78: implementing forgot my password feature.

git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@625 3f533792-8f58-4932-b0fe-aaf55b0a4547

ActionItem78: implementing forgot my password feature.
git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@625 3f533792-8f58-4932-b0fe-aaf55b0a4547
AntonioTerceiro
1 parent ac4035d7
Showing 7 changed files with 140 additions and 0 deletions Show diff stats
app/controllers/public/account_controller.rb
app/models/change_password_data.rb
app/models/validator.rb
app/views/account/forgot_password.rhtml
app/views/account/login.rhtml
test/functional/account_controller_test.rb
test/unit/change_password_data_test.rb
@@ -70,6 +70,19 @@ class AccountController &lt; PublicController
     end
   end
+  # posts back
+  def forgot_password
+    @change_password = ChangePasswordData.new(params[:change_password])
+    if request.post?
+      begin
+        @change_password.confirm!
+        render :action => 'password_recovery_sent'
+      rescue Exception => e
+        nil # just pass and render at the end of the action
+      end
+    end
+  end
+
   protected
   before_filter :load_profile_for_user
@@ -0,0 +1,34 @@
+class ChangePasswordData < Validator
+
+  attr_accessor :login, :email
+
+  validates_presence_of :login, :email
+  validates_format_of :email, :with => Noosfero::Constants::EMAIL_FORMAT, :if => (lambda { |obj| !obj.email.blank? })
+
+  # 
+  validates_each :login do |data,attr,value|
+    unless data.login.blank?
+      user = User.find_by_login(data.login)
+      if user.nil? 
+        data.errors.add(:login, _('%{fn} is not a valid username.'))
+      else
+        if user.email != data.email
+          data.errors.add(:email, _('%{fn} is invalid.'))
+        end
+      end
+    end
+  end
+
+  def initialize(hash = nil)
+    hash ||= {}
+    self.login = hash[:login] || hash['login']
+    self.email = hash[:email] || hash['email']
+  end
+
+  def confirm!
+    raise ActiveRecord::RecordInvalid unless self.valid?
+    user = User.find_by_login(self.login)
+    #ChangePassword.create!(:user_id => user.id)
+  end
+
+end
@@ -0,0 +1,6 @@
+class Validator
+  include ActiveRecord::Validations
+  def new_record?
+    true
+  end
+end
@@ -0,0 +1,15 @@
+<h1><%= _('Password recovery') %></h1>
+
+<%= error_messages_for :change_password %>
+
+<%= help(_('To change your password, please fill the form on this screen using yout username and your e-mail. You will receive a message at that e-mail address with a web address you can access to create a new password.')) %>
+
+<% form_for :change_password, @change_password, :url => { :action => 'forgot_password' } do |f| %>
+  <%= labelled_form_field(_('Username'), (f.text_field :login)) %>
+  <%= labelled_form_field(_('E-mail'), (f.text_field :email)) %>
+<div>
+  <%= submit_tag _('Send change password procedure by e-mail') %>
+</div>
+
+<% end %>
+
@@ -14,3 +14,8 @@
 <p><%= submit_tag 'Log in' %></p>
 <% end -%>
+
+
+<p>
+<%= link_to _("I forgot my password"), :action => 'forgot_password' %>
+</p>
@@ -170,6 +170,18 @@ class AccountControllerTest &lt; Test::Unit::TestCase
     assert_equal users(:ze), @controller.send(:current_user)
   end
+  should 'provide a "I forget my password" link at the login page' do
+    get :login
+    assert_tag :tag => 'a', :attributes => {
+      :href => '/account/forgot_password'
+    }
+  end
+
+  should 'provide a "forgot my password" form' do
+    get :forgot_password
+    assert_response :success
+  end
+
   protected
     def create_user(options = {})
       post :signup, :user => { :login => 'quire', :email => 'quire@example.com', 
@@ -0,0 +1,55 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class ChangePasswordDataTest < Test::Unit::TestCase
+
+  should 'validate' do
+    data = ChangePasswordData.new
+    assert !data.valid?
+  end
+  
+  should 'refuse invalid username' do
+    User.destroy_all
+
+    data = ChangePasswordData.new
+    data.login = 'unexisting'
+    data.valid?
+    assert data.errors.invalid?(:login)
+  end
+
+  should 'require a valid username' do
+    User.destroy_all
+    User.create!(:login => 'testuser', :password => 'test', :password_confirmation => 'test', :email => 'test@example.com')
+
+    data = ChangePasswordData.new
+    data.login = 'testuser'
+    data.valid?
+    assert !data.errors.invalid?(:login)
+  end
+
+  should 'refuse incorrect e-mail address' do
+    User.destroy_all
+    User.create!(:login => 'testuser', :password => 'test', :password_confirmation => 'test', :email => 'test@example.com')
+
+    data = ChangePasswordData.new
+    data.login = 'testuser'
+    data.email = 'wrong@example.com'
+
+    data.valid?
+    assert !data.errors.invalid?(:login)
+    assert data.errors.invalid?(:email)
+  end
+
+  should 'require the correct e-mail address' do
+    User.destroy_all
+    User.create!(:login => 'testuser', :password => 'test', :password_confirmation => 'test', :email => 'test@example.com')
+
+    data = ChangePasswordData.new
+    data.login = 'testuser'
+    data.email = 'test@example.com'
+
+    data.valid?
+    assert !data.errors.invalid?(:login)
+    assert !data.errors.invalid?(:email)
+  end
+
+end
	@@ -70,6 +70,19 @@ class AccountController < PublicController		@@ -70,6 +70,19 @@ class AccountController < PublicController
70	end	70	end
71	end	71	end
72		72
		73	+ # posts back
		74	+ def forgot_password
		75	+ @change_password = ChangePasswordData.new(params[:change_password])
		76	+ if request.post?
		77	+ begin
		78	+ @change_password.confirm!
		79	+ render :action => 'password_recovery_sent'
		80	+ rescue Exception => e
		81	+ nil # just pass and render at the end of the action
		82	+ end
		83	+ end
		84	+ end
		85	+
73	protected	86	protected
74		87
75	before_filter :load_profile_for_user	88	before_filter :load_profile_for_user
@@ -0,0 +1,34 @@		@@ -0,0 +1,34 @@
	1	+class ChangePasswordData < Validator
	2	+
	3	+ attr_accessor :login, :email
	4	+
	5	+ validates_presence_of :login, :email
	6	+ validates_format_of :email, :with => Noosfero::Constants::EMAIL_FORMAT, :if => (lambda { \|obj\| !obj.email.blank? })
	7	+
	8	+ #
	9	+ validates_each :login do \|data,attr,value\|
	10	+ unless data.login.blank?
	11	+ user = User.find_by_login(data.login)
	12	+ if user.nil?
	13	+ data.errors.add(:login, _('%{fn} is not a valid username.'))
	14	+ else
	15	+ if user.email != data.email
	16	+ data.errors.add(:email, _('%{fn} is invalid.'))
	17	+ end
	18	+ end
	19	+ end
	20	+ end
	21	+
	22	+ def initialize(hash = nil)
	23	+ hash \|\|= {}
	24	+ self.login = hash[:login] \|\| hash['login']
	25	+ self.email = hash[:email] \|\| hash['email']
	26	+ end
	27	+
	28	+ def confirm!
	29	+ raise ActiveRecord::RecordInvalid unless self.valid?
	30	+ user = User.find_by_login(self.login)
	31	+ #ChangePassword.create!(:user_id => user.id)
	32	+ end
	33	+
	34	+end
@@ -0,0 +1,6 @@		@@ -0,0 +1,6 @@
	1	+class Validator
	2	+ include ActiveRecord::Validations
	3	+ def new_record?
	4	+ true
	5	+ end
	6	+end
@@ -0,0 +1,15 @@		@@ -0,0 +1,15 @@
	1	+<h1><%= _('Password recovery') %></h1>
	2	+
	3	+<%= error_messages_for :change_password %>
	4	+
	5	+<%= help(_('To change your password, please fill the form on this screen using yout username and your e-mail. You will receive a message at that e-mail address with a web address you can access to create a new password.')) %>
	6	+
	7	+<% form_for :change_password, @change_password, :url => { :action => 'forgot_password' } do \|f\| %>
	8	+ <%= labelled_form_field(_('Username'), (f.text_field :login)) %>
	9	+ <%= labelled_form_field(_('E-mail'), (f.text_field :email)) %>
	10	+<div>
	11	+ <%= submit_tag _('Send change password procedure by e-mail') %>
	12	+</div>
	13	+
	14	+<% end %>
	15	+
	@@ -14,3 +14,8 @@		@@ -14,3 +14,8 @@
14		14
15	<p><%= submit_tag 'Log in' %></p>	15	<p><%= submit_tag 'Log in' %></p>
16	<% end -%>	16	<% end -%>
		17	+
		18	+
		19	+<p>
		20	+<%= link_to _("I forgot my password"), :action => 'forgot_password' %>
		21	+</p>
	@@ -170,6 +170,18 @@ class AccountControllerTest < Test::Unit::TestCase		@@ -170,6 +170,18 @@ class AccountControllerTest < Test::Unit::TestCase
170	assert_equal users(:ze), @controller.send(:current_user)	170	assert_equal users(:ze), @controller.send(:current_user)
171	end	171	end
172		172
		173	+ should 'provide a "I forget my password" link at the login page' do
		174	+ get :login
		175	+ assert_tag :tag => 'a', :attributes => {
		176	+ :href => '/account/forgot_password'
		177	+ }
		178	+ end
		179	+
		180	+ should 'provide a "forgot my password" form' do
		181	+ get :forgot_password
		182	+ assert_response :success
		183	+ end
		184	+
173	protected	185	protected
174	def create_user(options = {})	186	def create_user(options = {})
175	post :signup, :user => { :login => 'quire', :email => 'quire@example.com',	187	post :signup, :user => { :login => 'quire', :email => 'quire@example.com',
@@ -0,0 +1,55 @@		@@ -0,0 +1,55 @@
	1	+require File.dirname(__FILE__) + '/../test_helper'
	2	+
	3	+class ChangePasswordDataTest < Test::Unit::TestCase
	4	+
	5	+ should 'validate' do
	6	+ data = ChangePasswordData.new
	7	+ assert !data.valid?
	8	+ end
	9	+
	10	+ should 'refuse invalid username' do
	11	+ User.destroy_all
	12	+
	13	+ data = ChangePasswordData.new
	14	+ data.login = 'unexisting'
	15	+ data.valid?
	16	+ assert data.errors.invalid?(:login)
	17	+ end
	18	+
	19	+ should 'require a valid username' do
	20	+ User.destroy_all
	21	+ User.create!(:login => 'testuser', :password => 'test', :password_confirmation => 'test', :email => 'test@example.com')
	22	+
	23	+ data = ChangePasswordData.new
	24	+ data.login = 'testuser'
	25	+ data.valid?
	26	+ assert !data.errors.invalid?(:login)
	27	+ end
	28	+
	29	+ should 'refuse incorrect e-mail address' do
	30	+ User.destroy_all
	31	+ User.create!(:login => 'testuser', :password => 'test', :password_confirmation => 'test', :email => 'test@example.com')
	32	+
	33	+ data = ChangePasswordData.new
	34	+ data.login = 'testuser'
	35	+ data.email = 'wrong@example.com'
	36	+
	37	+ data.valid?
	38	+ assert !data.errors.invalid?(:login)
	39	+ assert data.errors.invalid?(:email)
	40	+ end
	41	+
	42	+ should 'require the correct e-mail address' do
	43	+ User.destroy_all
	44	+ User.create!(:login => 'testuser', :password => 'test', :password_confirmation => 'test', :email => 'test@example.com')
	45	+
	46	+ data = ChangePasswordData.new
	47	+ data.login = 'testuser'
	48	+ data.email = 'test@example.com'
	49	+
	50	+ data.valid?
	51	+ assert !data.errors.invalid?(:login)
	52	+ assert !data.errors.invalid?(:email)
	53	+ end
	54	+
	55	+end