Commit d0c92dcf9b7f4bbc698e3eaf6ed5ddfd768ee27b
1 parent
bacd2c10
Exists in
master
and in
28 other branches
ActionItem9: implementing changing password
git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@156 3f533792-8f58-4932-b0fe-aaf55b0a4547
Showing
5 changed files
with
79 additions
and
2 deletions
Show diff stats
app/controllers/account_controller.rb
... | ... | @@ -47,4 +47,22 @@ class AccountController < ApplicationController |
47 | 47 | flash[:notice] = "You have been logged out." |
48 | 48 | redirect_back_or_default(:controller => '/account', :action => 'index') |
49 | 49 | end |
50 | + | |
51 | + def change_password | |
52 | + if request.post? | |
53 | + @user = current_user | |
54 | + begin | |
55 | + @user.change_password!(params[:current_password], | |
56 | + params[:new_password], | |
57 | + params[:new_password_confirmation]) | |
58 | + flash[:notice] = _('Your password has been changed successfully!') | |
59 | + redirect_to :action => 'index' | |
60 | + rescue User::IncorrectPassword => e | |
61 | + render :action => 'change_password' | |
62 | + end | |
63 | + else | |
64 | + render :action => 'change_password' | |
65 | + end | |
66 | + end | |
67 | + | |
50 | 68 | end | ... | ... |
app/models/profile.rb
... | ... | @@ -6,7 +6,7 @@ class Profile < ActiveRecord::Base |
6 | 6 | act_as_flexible_template |
7 | 7 | |
8 | 8 | # Valid identifiers must match this format. |
9 | - IDENTIFIER_FORMAT = /^[a-z][a-z0-9_]+[a-z0-9]$/ | |
9 | + IDENTIFIER_FORMAT = /^[a-z][a-z0-9_]*[a-z0-9]$/ | |
10 | 10 | |
11 | 11 | # These names cannot be used as identifiers for Profiles |
12 | 12 | RESERVED_IDENTIFIERS = %w[ | ... | ... |
app/models/user.rb
... | ... | @@ -18,7 +18,7 @@ class User < ActiveRecord::Base |
18 | 18 | validates_presence_of :password_confirmation, :if => :password_required? |
19 | 19 | validates_length_of :password, :within => 4..40, :if => :password_required? |
20 | 20 | validates_confirmation_of :password, :if => :password_required? |
21 | - validates_length_of :login, :within => 3..40 | |
21 | + validates_length_of :login, :within => 2..40 | |
22 | 22 | validates_length_of :email, :within => 3..100 |
23 | 23 | validates_uniqueness_of :login, :email, :case_sensitive => false |
24 | 24 | before_save :encrypt_password |
... | ... | @@ -60,6 +60,20 @@ class User < ActiveRecord::Base |
60 | 60 | save(false) |
61 | 61 | end |
62 | 62 | |
63 | + # Exception thrown when #change_password! is called with a wrong current | |
64 | + # password | |
65 | + class IncorrectPassword < Exception; end | |
66 | + | |
67 | + # Changes the password of a user. | |
68 | + def change_password!(current, new, confirmation) | |
69 | + raise IncorrectPassword unless self.authenticated?(current) | |
70 | + self.password = new | |
71 | + self.password_confirmation = confirmation | |
72 | + unless new_record? | |
73 | + save! | |
74 | + end | |
75 | + end | |
76 | + | |
63 | 77 | protected |
64 | 78 | # before filter |
65 | 79 | def encrypt_password | ... | ... |
test/functional/account_controller_test.rb
... | ... | @@ -124,6 +124,33 @@ class AccountControllerTest < Test::Unit::TestCase |
124 | 124 | assert_template 'index' |
125 | 125 | end |
126 | 126 | |
127 | + def test_should_display_change_password_screen | |
128 | + get :change_password | |
129 | + assert_response :success | |
130 | + assert_template 'change_password' | |
131 | + assert_tag :tag => 'input', :attributes => { :name => 'current_password' } | |
132 | + assert_tag :tag => 'input', :attributes => { :name => 'new_password' } | |
133 | + assert_tag :tag => 'input', :attributes => { :name => 'new_password_confirmation' } | |
134 | + end | |
135 | + | |
136 | + def test_should_be_able_to_change_password | |
137 | + login_as 'ze' | |
138 | + post :change_password, :current_password => 'test', :new_password => 'blabla', :new_password_confirmation => 'blabla' | |
139 | + assert_response :redirect | |
140 | + assert_redirected_to :action => 'index' | |
141 | + assert User.find_by_login('ze').authenticated?('blabla') | |
142 | + assert_equal users(:ze), @controller.send(:current_user) | |
143 | + end | |
144 | + | |
145 | + def test_should_input_current_password_correctly_to_change_password | |
146 | + login_as 'ze' | |
147 | + post :change_password, :current_password => 'wrong', :new_password => 'blabla', :new_password_confirmation => 'blabla' | |
148 | + assert_response :success | |
149 | + assert_template 'change_password' | |
150 | + assert ! User.find_by_login('ze').authenticated?('blabla') | |
151 | + assert_equal users(:ze), @controller.send(:current_user) | |
152 | + end | |
153 | + | |
127 | 154 | protected |
128 | 155 | def create_user(options = {}) |
129 | 156 | post :signup, :user => { :login => 'quire', :email => 'quire@example.com', | ... | ... |
test/unit/user_test.rb
... | ... | @@ -106,6 +106,24 @@ class UserTest < Test::Unit::TestCase |
106 | 106 | assert ! u.errors.invalid?(:login) |
107 | 107 | end |
108 | 108 | |
109 | + def test_should_change_password | |
110 | + user = User.create!(:login => 'changetest', :password => 'test', :password_confirmation => 'test', :email => 'changetest@example.com') | |
111 | + assert_nothing_raised do | |
112 | + user.change_password!('test', 'newpass', 'newpass') | |
113 | + end | |
114 | + assert !user.authenticated?('test') | |
115 | + assert user.authenticated?('newpass') | |
116 | + end | |
117 | + | |
118 | + def test_should_give_correct_current_password_for_changing_password | |
119 | + user = User.create!(:login => 'changetest', :password => 'test', :password_confirmation => 'test', :email => 'changetest@example.com') | |
120 | + assert_raise User::IncorrectPassword do | |
121 | + user.change_password!('wrong', 'newpass', 'newpass') | |
122 | + end | |
123 | + assert !user.authenticated?('newpass') | |
124 | + assert user.authenticated?('test') | |
125 | + end | |
126 | + | |
109 | 127 | protected |
110 | 128 | def create_user(options = {}) |
111 | 129 | User.create({ :login => 'quire', :email => 'quire@example.com', :password => 'quire', :password_confirmation => 'quire' }.merge(options)) | ... | ... |