Commit 014e6d0f authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Require current password even if password was expired

Signed-off-by: default avatarDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
parent 535feb08
...@@ -11,6 +11,11 @@ class Profiles::PasswordsController < ApplicationController ...@@ -11,6 +11,11 @@ class Profiles::PasswordsController < ApplicationController
end end
def create def create
unless @user.valid_password?(user_params[:current_password])
redirect_to new_profile_password_path, alert: 'You must provide a valid current password'
return
end
new_password = user_params[:password] new_password = user_params[:password]
new_password_confirmation = user_params[:password_confirmation] new_password_confirmation = user_params[:password_confirmation]
......
...@@ -11,6 +11,9 @@ ...@@ -11,6 +11,9 @@
- @user.errors.full_messages.each do |msg| - @user.errors.full_messages.each do |msg|
%li= msg %li= msg
.form-group
= f.label :current_password, class: 'control-label'
.col-sm-10= f.password_field :current_password, required: true, class: 'form-control'
.form-group .form-group
= f.label :password, class: 'control-label' = f.label :password, class: 'control-label'
.col-sm-10= f.password_field :password, required: true, class: 'form-control' .col-sm-10= f.password_field :password, required: true, class: 'form-control'
......
...@@ -145,6 +145,7 @@ class Profile < Spinach::FeatureSteps ...@@ -145,6 +145,7 @@ class Profile < Spinach::FeatureSteps
end end
step 'I submit new password' do step 'I submit new password' do
fill_in :user_current_password, with: '12345678'
fill_in :user_password, with: '12345678' fill_in :user_password, with: '12345678'
fill_in :user_password_confirmation, with: '12345678' fill_in :user_password_confirmation, with: '12345678'
click_button "Set new password" click_button "Set new password"
...@@ -179,7 +180,7 @@ class Profile < Spinach::FeatureSteps ...@@ -179,7 +180,7 @@ class Profile < Spinach::FeatureSteps
@group.add_owner(current_user) @group.add_owner(current_user)
@project = create(:project, namespace: @group) @project = create(:project, namespace: @group)
@event = create(:closed_issue_event, project: @project) @event = create(:closed_issue_event, project: @project)
@project.team << [current_user, :master] @project.team << [current_user, :master]
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment