Feature #21421 » 0008-Allow-overriding-of-originator-and-remote_ip-causing-a-s.patch
| app/controllers/account_controller.rb | ||
|---|---|---|
| 77 | 77 |
message: :mail_body_security_notification_change, |
| 78 | 78 |
field: :field_password, |
| 79 | 79 |
title: :button_change_password, |
| 80 |
remote_ip: request.remote_ip, |
|
| 81 |
originator: @user, |
|
| 80 | 82 |
url: {controller: 'my', action: 'password'}
|
| 81 | 83 |
).deliver |
| 82 | 84 |
flash[:notice] = l(:notice_account_password_updated) |
| app/models/mailer.rb | ||
|---|---|---|
| 319 | 319 |
end |
| 320 | 320 | |
| 321 | 321 |
def security_notification(recipients, options={})
|
| 322 |
redmine_headers 'Sender' => User.current.login |
|
| 323 | 322 |
@user = Array(recipients).detect{|r| r.is_a? User }
|
| 324 | 323 |
set_language_if_valid(@user.try :language) |
| 325 | 324 |
@message = l(options[:message], |
| ... | ... | |
| 327 | 326 |
value: options[:value] |
| 328 | 327 |
) |
| 329 | 328 |
@title = options[:title] && l(options[:title]) |
| 329 |
@originator = options[:originator] || User.current |
|
| 330 |
@remote_ip = options[:remote_ip] || @originator.remote_ip |
|
| 330 | 331 |
@url = options[:url] && (options[:url].is_a?(Hash) ? url_for(options[:url]) : options[:url]) |
| 332 |
redmine_headers 'Sender' => @originator.login |
|
| 331 | 333 |
mail :to => recipients, |
| 332 | 334 |
:subject => l(:mail_subject_security_notification) |
| 333 | 335 |
end |
| app/views/mailer/security_notification.html.erb | ||
|---|---|---|
| 7 | 7 |
<%= content_tag :h1, @title -%> |
| 8 | 8 |
<% end %></p> |
| 9 | 9 | |
| 10 |
<p><%= l(:field_user) %>: <strong><%= User.current.login %></strong><br/>
|
|
| 11 |
<%= l(:field_remote_ip) %>: <strong><%= User.current.remote_ip %></strong><br/>
|
|
| 10 |
<p><%= l(:field_user) %>: <strong><%= @originator.login %></strong><br/>
|
|
| 11 |
<%= l(:field_remote_ip) %>: <strong><%= @remote_ip %></strong><br/>
|
|
| 12 | 12 |
<%= l(:label_date) %>: <strong><%= format_time Time.now, true, @user %></strong></p> |
| 13 | 13 | |
| app/views/mailer/security_notification.text.erb | ||
|---|---|---|
| 2 | 2 | |
| 3 | 3 |
<%= @url || @title %> |
| 4 | 4 | |
| 5 |
<%= l(:field_user) %>: <%= User.current.login %>
|
|
| 6 |
<%= l(:field_remote_ip) %>: <%= User.current.remote_ip %>
|
|
| 5 |
<%= l(:field_user) %>: <%= @originator.login %>
|
|
| 6 |
<%= l(:field_remote_ip) %>: <%= @remote_ip %>
|
|
| 7 | 7 |
<%= l(:label_date) %>: <%= format_time Time.now, true, @user %> |
| 8 | 8 | |
| test/unit/mailer_test.rb | ||
|---|---|---|
| 683 | 683 |
end |
| 684 | 684 |
end |
| 685 | 685 | |
| 686 |
def test_security_notification_with_overridden_originator_and_remote_ip |
|
| 687 |
set_language_if_valid User.find(1).language |
|
| 688 |
with_settings :emails_footer => "footer without link" do |
|
| 689 |
User.current.remote_ip = '192.168.1.1' |
|
| 690 |
assert Mailer.security_notification(User.find(1), message: :notice_account_password_updated, originator: User.find(2), remote_ip: '10.0.0.42').deliver |
|
| 691 |
mail = last_email |
|
| 692 |
assert_not_nil mail |
|
| 693 |
assert_mail_body_match User.find(2).login, mail |
|
| 694 |
assert_mail_body_match '10.0.0.42', mail |
|
| 695 |
assert_mail_body_match I18n.t(:notice_account_password_updated), mail |
|
| 696 |
assert_select_email do |
|
| 697 |
assert_select "h1", false |
|
| 698 |
assert_select "a", false |
|
| 699 |
end |
|
| 700 |
end |
|
| 701 |
end |
|
| 702 | ||
| 686 | 703 |
def test_security_notification_should_include_title |
| 687 | 704 |
set_language_if_valid User.find(2).language |
| 688 | 705 |
with_settings :emails_footer => "footer without link" do |
- « Previous
- 1
- …
- 7
- 8
- 9
- Next »