Merge pull request #5117 from karlhungus/feature-password-update-skipped-when-ldap-user

Don't show users password change page if ldap users

Merge pull request #5117 from karlhungus/feature-password-update-skipped-when-ldap-user
Don't show users password change page if ldap users
9fabd703 · Dmitriy Zaporozhets · 16b6040c · ca1b67ce · 9fabd703 · 9fabd703
Commit 9fabd703 authored Sep 17, 2013 by Dmitriy Zaporozhets
4 changed files
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -151,7 +151,7 @@ class ApplicationController < ActionController::Base
  end

  def check_password_expiration
-    if current_user && current_user.password_expires_at && current_user.password_expires_at < Time.now
+    if current_user && current_user.password_expires_at && current_user.password_expires_at < Time.now  && !current_user.ldap_user?
      redirect_to new_profile_password_path and return
    end
  end

--- a/features/profile/profile.feature
+++ b/features/profile/profile.feature
@@ -18,6 +18,7 @@ Feature: Profile

  Scenario: My password is expired
    Given my password is expired
+    And I am not an ldap user
    And I visit profile account page
    Then I redirected to expired password page
    And I submit new password

--- a/features/steps/profile/profile.rb
+++ b/features/steps/profile/profile.rb
@@ -91,6 +91,11 @@ class Profile < Spinach::FeatureSteps
    current_user.update_attributes(password_expires_at: Time.now - 1.hour)
  end

+  step "I am not an ldap user" do
+    current_user.update_attributes(extern_uid: nil,  provider: '')
+    current_user.ldap_user?.should be_false
+  end
+
  step 'I redirected to expired password page' do
    current_path.should == new_profile_password_path
  end

--- a/spec/controllers/application_controller_spec.rb
+++ b/spec/controllers/application_controller_spec.rb
+require 'spec_helper'
+
+describe ApplicationController do
+  describe '#check_password_expiration' do
+    let(:user) { create(:user) }
+    let(:controller) { ApplicationController.new }
+
+    it 'should redirect if the user is over their password expiry' do
+      user.password_expires_at = Time.new(2002)
+      user.ldap_user?.should be_false
+      controller.stub!(:current_user).and_return(user)
+      controller.should_receive(:redirect_to)
+      controller.should_receive(:new_profile_password_path)
+      controller.send(:check_password_expiration)
+    end
+
+    it 'should not redirect if the user is under their password expiry' do
+      user.password_expires_at = Time.now + 20010101
+      user.ldap_user?.should be_false
+      controller.stub!(:current_user).and_return(user)
+      controller.should_not_receive(:redirect_to)
+      controller.send(:check_password_expiration)
+    end
+
+    it 'should not redirect if the user is over their password expiry but they are an ldap user' do
+      user.password_expires_at = Time.new(2002)
+      user.stub!(:ldap_user?).and_return(true)
+      controller.stub!(:current_user).and_return(user)
+      controller.should_not_receive(:redirect_to)
+      controller.send(:check_password_expiration)
+    end
+  end
+end
\ No newline at end of file