allow user to reset his private token

2011-11-15 17:08:20 +04:00 · 2011-11-15 17:08:20 +04:00 · ed5e19a518
commit ed5e19a518
parent 32ca0b8cae
5 changed files with 33 additions and 1 deletions
--- a/app/controllers/profile_controller.rb
+++ b/app/controllers/profile_controller.rb
@ -25,4 +25,9 @@ class ProfileController < ApplicationController
      render :action => "password"
    end
  end
+
+  def reset_private_token
+    current_user.reset_authentication_token!
+    redirect_to profile_password_path
+  end
 end
--- a/app/views/layouts/profile.html.haml
+++ b/app/views/layouts/profile.html.haml
@ -18,7 +18,7 @@
          .fixed
            %aside
              = link_to "Profile", profile_path, :class => current_page?(:controller => "profile", :action => :show) ? "current" : nil
-              = link_to "Password", profile_password_path,  :class => current_page?(:controller => "profile", :action => :password) ? "current" : nil
+              = link_to "Password & token", profile_password_path,  :class => current_page?(:controller => "profile", :action => :password) ? "current" : nil
              = link_to keys_path,  :class => controller.controller_name == "keys" ? "current" : nil do
                Keys
                - unless current_user.keys.empty?
--- a/app/views/profile/password.html.haml
+++ b/app/views/profile/password.html.haml
@ -18,3 +18,16 @@
  .actions
    = f.submit 'Save', :class => "lbutton vm"

+%br
+%br
+%br
+
+= form_for @user, :url => profile_reset_private_token_path, :method => :put do |f|
+  %p
+    Current private token:
+    %strong
+      = current_user.private_token
+    %em.cred
+      keep it in secret!
+  .actions
+    = f.submit 'Reset', :confirm => "Are you sure?", :class => "lbutton vm"
--- a/config/routes.rb
+++ b/config/routes.rb
@ -17,6 +17,7 @@ Gitlab::Application.routes.draw do
  get "errors/gitosis"
  get "profile/password", :to => "profile#password"
  put "profile/password", :to => "profile#password_update"
+  put "profile/reset_private_token", :to => "profile#reset_private_token"
  put "profile/edit", :to => "profile#social_update"
  get "profile", :to => "profile#show"
  get "dashboard", :to => "dashboard#index"
--- a/spec/requests/profile_spec.rb
+++ b/spec/requests/profile_spec.rb
@ -29,6 +29,19 @@ describe "Profile" do
    it { @user.twitter.should == 'testtwitter' }
  end

+  describe "Reset private token" do
+    before do
+      visit profile_password_path
+    end
+
+    it "should reset private token" do
+      user_first_token = @user.private_token
+      click_button "Reset"
+      @user.reload
+      @user.private_token.should_not == user_first_token
+    end
+  end
+
  describe "Password update" do
    before do
      visit profile_password_path