DEV: Avoid unique validation in `UserPasswordExpirer.expire_user_password` (#27343)

This commit updates the `UserPasswordExpirer.expire_user_password`
method to update `UserPassword#password_expired_at` when an existing
`UserPassword` record exists with the same `password_salt`,
`password_hash` and `password_algorithm`. This is to prevent the unique
validation error on `UserPassword#user_id` and
`UserPassword#password_hash` from being raised when the method is called
twice for a user that has not changed its password.
This commit is contained in:
Alan Guo Xiang Tan 2024-06-05 15:22:40 +08:00 committed by GitHub
parent 748240ce3b
commit 82383ea776
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 32 additions and 7 deletions

View File

@ -2,12 +2,14 @@
class UserPasswordExpirer class UserPasswordExpirer
def self.expire_user_password(user) def self.expire_user_password(user)
UserPassword.create!( UserPassword
.where(
user:, user:,
password_hash: user.password_hash, password_hash: user.password_hash,
password_salt: user.salt, password_salt: user.salt,
password_algorithm: user.password_algorithm, password_algorithm: user.password_algorithm,
password_expired_at: Time.zone.now,
) )
.first_or_initialize
.update!(password_expired_at: Time.zone.now)
end end
end end

View File

@ -19,5 +19,28 @@ RSpec.describe UserPasswordExpirer do
expect(user_password.password_algorithm).to eq(user.password_algorithm) expect(user_password.password_algorithm).to eq(user.password_algorithm)
expect(user_password.password_expired_at).to eq_time(Time.zone.now) expect(user_password.password_expired_at).to eq_time(Time.zone.now)
end end
it "should update `UserPassword#password_expired_at` if the user already has an existing UserPassword record with the same password hash, salt and algorithm" do
freeze_time(1.hour.ago) do
described_class.expire_user_password(user)
user_password = user.passwords.first
expect(user_password.password_expired_at).to eq_time(Time.zone.now)
end
freeze_time do
described_class.expire_user_password(user)
expect(user.passwords.count).to eq(1)
user_password = user.passwords.first
expect(user_password.password_hash).to eq(user.password_hash)
expect(user_password.password_salt).to eq(user.salt)
expect(user_password.password_algorithm).to eq(user.password_algorithm)
expect(user_password.password_expired_at).to eq_time(Time.zone.now)
end
end
end end
end end