Defect #32199 » 32199_change_password_by_admin.patch
| app/controllers/users_controller.rb | ||
|---|---|---|
| 145 | 145 |
end |
| 146 | 146 | |
| 147 | 147 |
def update |
| 148 |
if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?) |
|
| 148 |
update_password = params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?) |
|
| 149 |
if update_password |
|
| 149 | 150 |
@user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] |
| 150 | 151 |
end |
| 151 | 152 |
@user.safe_attributes = params[:user] |
| ... | ... | |
| 159 | 160 | |
| 160 | 161 |
if was_activated |
| 161 | 162 |
Mailer.deliver_account_activated(@user) |
| 162 |
elsif @user.active? && params[:send_information] && @user != User.current |
|
| 163 |
Mailer.deliver_account_information(@user, @user.password) |
|
| 163 |
elsif @user.active? && @user != User.current |
|
| 164 |
if params[:send_information] |
|
| 165 |
Mailer.deliver_account_information(@user, @user.password) |
|
| 166 |
elsif update_password |
|
| 167 |
Mailer.deliver_password_updated(@user, User.current) |
|
| 168 |
end |
|
| 164 | 169 |
end |
| 165 | 170 | |
| 166 | 171 |
respond_to do |format| |
| test/functional/users_controller_test.rb | ||
|---|---|---|
| 22 | 22 |
class UsersControllerTest < Redmine::ControllerTest |
| 23 | 23 |
include Redmine::I18n |
| 24 | 24 | |
| 25 |
fixtures :users, :email_addresses, :projects, :members, :member_roles, :roles, |
|
| 25 |
fixtures :users, :user_preferences, :email_addresses, :projects, :members, :member_roles, :roles,
|
|
| 26 | 26 |
:custom_fields, :custom_values, :groups_users, |
| 27 | 27 |
:auth_sources, |
| 28 | 28 |
:enabled_modules, |
| ... | ... | |
| 516 | 516 |
assert_mail_body_match 'newpass123', mail |
| 517 | 517 |
end |
| 518 | 518 | |
| 519 |
def test_update_with_password_change_by_admin_should_send_a_security_notification |
|
| 520 |
with_settings :bcc_recipients => '0' do |
|
| 521 |
ActionMailer::Base.deliveries.clear |
|
| 522 |
user = User.find_by_login('jsmith')
|
|
| 523 | ||
| 524 |
put :update, :params => {
|
|
| 525 |
:id => user.id, |
|
| 526 |
:user => {:password => 'newpass123', :password_confirmation => 'newpass123'}
|
|
| 527 |
} |
|
| 528 | ||
| 529 |
assert_equal 1, ActionMailer::Base.deliveries.size |
|
| 530 |
mail = ActionMailer::Base.deliveries.last |
|
| 531 |
assert_equal [user.mail], mail.to |
|
| 532 |
assert_match 'Security notification', mail.subject |
|
| 533 |
assert_mail_body_match 'Your password has been changed.', mail |
|
| 534 |
end |
|
| 535 |
end |
|
| 536 | ||
| 519 | 537 |
def test_update_with_generate_password_should_email_the_password |
| 520 | 538 |
ActionMailer::Base.deliveries.clear |
| 521 | 539 |
Setting.bcc_recipients = '1' |