Activate sudo mode after password based login
|Assignee:||Jean-Philippe Lang||% Done:|
|Category:||Accounts / authentication|
We found that users get confused / annoyed when they just logged in and sudo mode requires their password again if they wanted to perform some administrative action.
Therefore this patch activates the sudo mode for the configured time span if the user logged in using username/password.
#3 Updated by Jean-Philippe Lang over 5 years ago
- Subject changed from activate sudo mode after password based login to Activate sudo mode after password based login
Agreed, but the patch doesn't work for me. I guess that's because #successful_authentication resets the session just after. The call to #update_sudo_timestamp! should be moved just after, right?
This also breaks pretty much all the tests from SudoModeTest and we can not reset the session sudo timestamp from within integration tests, any solution?
#4 Updated by Jens Krämer over 5 years ago
You're right, it belongs after that.
Sorry for the sloppy patch. I attached a new one that also fixes the tests (by advancing the time using Rails'
travel_to test helper) and adds a new test to check wether sudo mode is active after log in.