1
0
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2022-11-09 12:18:31 -05:00

make User#send_reset_password_instructions to require all authentication_keys

Signed-off-by: José Valim <jose.valim@gmail.com>
This commit is contained in:
RStankov 2010-07-25 20:53:42 +03:00 committed by José Valim
parent fb86f772e7
commit 850afec96e
4 changed files with 44 additions and 3 deletions

View file

@ -120,6 +120,30 @@ module Devise
record record
end end
def find_or_initialize_with_errors(required_attributes, attributes, error=:invalid) #:nodoc:
attributes = attributes.slice(*required_attributes)
attributes.delete_if { |key, value| value.blank? }
if attributes.size == required_attributes.size
record = find(:first, :conditions => attributes)
end
unless record
record = new
record.send(:attributes=, attributes, false)
if attributes.size == required_attributes.size
record.errors.add(:base, error)
else
required_attributes.reject { |k| attributes[k].present? }.each do |attribute|
record.errors.add(attribute, :blank)
end
end
end
record
end
# Generate a token by looping and ensuring does not already exist. # Generate a token by looping and ensuring does not already exist.
def generate_token(column) def generate_token(column)
loop do loop do

View file

@ -57,7 +57,7 @@ module Devise
# with an email not found error. # with an email not found error.
# Attributes must contain the user email # Attributes must contain the user email
def send_reset_password_instructions(attributes={}) def send_reset_password_instructions(attributes={})
recoverable = find_or_initialize_with_error_by(:email, attributes[:email], :not_found) recoverable = find_or_initialize_with_errors(authentication_keys, attributes, :not_found)
recoverable.send_reset_password_instructions if recoverable.persisted? recoverable.send_reset_password_instructions if recoverable.persisted?
recoverable recoverable
end end

View file

@ -58,7 +58,7 @@ class PasswordTest < ActionController::IntegrationTest
assert_response :success assert_response :success
assert_template 'passwords/new' assert_template 'passwords/new'
assert_have_selector 'input[type=text][value=\'invalid.test@test.com\']' assert_have_selector 'input[type=text][value=\'invalid.test@test.com\']'
assert_contain 'Email not found' assert_contain 'not found'
end end
test 'authenticated user should not be able to visit edit password page' do test 'authenticated user should not be able to visit edit password page' do

View file

@ -83,7 +83,24 @@ class RecoverableTest < ActiveSupport::TestCase
test 'should return a new record with errors if user was not found by e-mail' do test 'should return a new record with errors if user was not found by e-mail' do
reset_password_user = User.send_reset_password_instructions(:email => "invalid@email.com") reset_password_user = User.send_reset_password_instructions(:email => "invalid@email.com")
assert_not reset_password_user.persisted? assert_not reset_password_user.persisted?
assert_equal "not found", reset_password_user.errors[:email].join assert_equal "not found", reset_password_user.errors[:base].join
end
test 'should find a user to send instructions by authentication_keys' do
swap Devise, :authentication_keys => [:username, :email] do
user = create_user
reset_password_user = User.send_reset_password_instructions(:email => user.email, :username => user.username)
assert_equal reset_password_user, user
end
end
test 'should require all authentication_keys' do
swap Devise, :authentication_keys => [:username, :email] do
user = create_user
reset_password_user = User.send_reset_password_instructions(:email => user.email)
assert_not reset_password_user.persisted?
assert_equal "can't be blank", reset_password_user.errors[:username].join
end
end end
test 'should reset reset_password_token before send the reset instructions email' do test 'should reset reset_password_token before send the reset instructions email' do