Project

General

Profile

Download (2.63 KB)

Defect #32199 » 32199_change_password_by_admin-v2.patch

Yuichi HARADA, 2020-09-01 10:29

View differences:

app/controllers/users_controller.rb
145 145 
  end
146 146 

  		




  147
  147
  
    
  def update

  		




  148
  
  
    
    if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)

  		




  
  148
  
    
    update_password = params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)

  		




  
  149
  
    
    if update_password

  		




  149
  150
  
    
      @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]

  		




  150
  151
  
    
    end

  		




  151
  152
  
    
    @user.safe_attributes = params[:user]

  		




  ......




  157
  158
  
    
    if @user.save

  		




  158
  159
  
    
      @user.pref.save

  		




  159
  160
  
    

  		




  
  161
  
    
      Mailer.deliver_password_updated(@user, User.current) if update_password

  		




  160
  162
  
    
      if was_activated

  		




  161
  163
  
    
        Mailer.deliver_account_activated(@user)

  		




  162
  164
  
    
      elsif @user.active? && params[:send_information] && @user != User.current

  		












  

    
      test/functional/users_controller_test.rb
    
  





  22
  22
  
    
class UsersControllerTest < Redmine::ControllerTest

  		




  23
  23
  
    
  include Redmine::I18n

  		




  24
  24
  
    

  		




  25
  
  
    
  fixtures :users, :user_preferences, :email_addresses, :projects, :members, :member_roles, :roles,

  		




  
  25
  
    
  fixtures :users, :email_addresses, :projects, :members, :member_roles, :roles,

  		




  26
  26
  
    
           :custom_fields, :custom_values, :groups_users,

  		




  27
  27
  
    
           :auth_sources,

  		




  28
  28
  
    
           :enabled_modules,

  		




  ......




  570
  570
  
    
    assert_mail_body_match 'newpass123', mail

  		




  571
  571
  
    
  end

  		




  572
  572
  
    

  		




  
  573
  
    
  def test_update_with_password_change_by_admin_should_send_a_security_notification

  		




  
  574
  
    
    with_settings :bcc_recipients => '0' do

  		




  
  575
  
    
      ActionMailer::Base.deliveries.clear

  		




  
  576
  
    
      user = User.find_by_login('jsmith')

  		




  
  577
  
    

  		




  
  578
  
    
      put :update, :params => {

  		




  
  579
  
    
        :id => user.id,

  		




  
  580
  
    
        :user => {:password => 'newpass123', :password_confirmation => 'newpass123'}

  		




  
  581
  
    
      }

  		




  
  582
  
    

  		




  
  583
  
    
      assert_equal 1, ActionMailer::Base.deliveries.size

  		




  
  584
  
    
      mail = ActionMailer::Base.deliveries.last

  		




  
  585
  
    
      assert_equal [user.mail], mail.to

  		




  
  586
  
    
      assert_match 'Security notification', mail.subject

  		




  
  587
  
    
      assert_mail_body_match 'Your password has been changed.', mail

  		




  
  588
  
    
    end

  		




  
  589
  
    
  end

  		




  
  590
  
    

  		




  573
  591
  
    
  def test_update_with_generate_password_should_email_the_password

  		




  574
  592
  
    
    ActionMailer::Base.deliveries.clear

  		




  575
  593
  
    
    Setting.bcc_recipients = '1'

  		















  (2-2/2)