FIX: regression, forgot password broken
also... mocks were invented by the devil
This commit is contained in:
Sam
parent
58ada6f847
commit
5a0aed2bfa
|
|
@ -200,7 +200,15 @@ class UsersController < ApplicationController
|
||||||
expires_now()
|
expires_now()
|
||||||
|
|
||||||
@user = EmailToken.confirm(params[:token])
|
@user = EmailToken.confirm(params[:token])
|
||||||
if @user.blank?
|
|
||||||
|
if @user
|
||||||
|
session[params[:token]] = @user.id
|
||||||
|
else
|
||||||
|
user_id = session[params[:token]]
|
||||||
|
@user = User.find(user_id) if user_id
|
||||||
|
end
|
||||||
|
|
||||||
|
if !@user
|
||||||
flash[:error] = I18n.t('password_reset.no_token')
|
flash[:error] = I18n.t('password_reset.no_token')
|
||||||
elsif request.put?
|
elsif request.put?
|
||||||
raise Discourse::InvalidParameters.new(:password) unless params[:password].present?
|
raise Discourse::InvalidParameters.new(:password) unless params[:password].present?
|
||||||
|
|
|
||||||
|
|
@ -214,46 +214,34 @@ describe UsersController do
|
||||||
let(:user) { Fabricate(:user) }
|
let(:user) { Fabricate(:user) }
|
||||||
|
|
||||||
context "you can view it even if login is required" do
|
context "you can view it even if login is required" do
|
||||||
before do
|
|
||||||
SiteSetting.stubs(:login_required).returns(true)
|
|
||||||
get :password_reset, token: 'asdfasdf'
|
|
||||||
end
|
|
||||||
|
|
||||||
it "returns success" do
|
it "returns success" do
|
||||||
|
SiteSetting.login_required = true
|
||||||
|
get :password_reset, token: 'asdfasdf'
|
||||||
response.should be_success
|
response.should be_success
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'invalid token' do
|
context 'invalid token' do
|
||||||
before do
|
before do
|
||||||
EmailToken.expects(:confirm).with('asdfasdf').returns(nil)
|
get :password_reset, token: SecureRandom.hex
|
||||||
get :password_reset, token: 'asdfasdf'
|
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'return success' do
|
it 'disallows login' do
|
||||||
|
flash[:error].should be_present
|
||||||
|
session[:current_user_id].should be_blank
|
||||||
response.should be_success
|
response.should be_success
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'sets a flash error' do
|
|
||||||
flash[:error].should be_present
|
|
||||||
end
|
|
||||||
|
|
||||||
it "doesn't log in the user" do
|
|
||||||
session[:current_user_id].should be_blank
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'valid token' do
|
context 'valid token' do
|
||||||
before do
|
|
||||||
EmailToken.expects(:confirm).with('asdfasdf').returns(user)
|
|
||||||
put :password_reset, token: 'asdfasdf', password: 'newpassword'
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'returns success' do
|
it 'returns success' do
|
||||||
response.should be_success
|
user = Fabricate(:user)
|
||||||
end
|
token = user.email_tokens.create(email: user.email).token
|
||||||
|
|
||||||
it "doesn't set an error" do
|
get :password_reset, token: token
|
||||||
|
put :password_reset, token: token, password: 'newpassword'
|
||||||
|
response.should be_success
|
||||||
flash[:error].should be_blank
|
flash[:error].should be_blank
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue