diff options
author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-10-15 09:21:26 +0000 |
---|---|---|
committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-10-15 09:21:26 +0000 |
commit | 9f9be175e0cd39c36f1c195f4334ce7491b09c32 (patch) | |
tree | 4d51b87e1520b5b1317f88299b8f9c85317691ea | |
parent | db7d15497082656bb60e43821529d07c38111a1b (diff) | |
parent | f4d68f398f2ed176df97a9870f5d634bd5c06e0c (diff) | |
download | gitlab-ce-9f9be175e0cd39c36f1c195f4334ce7491b09c32.tar.gz |
Merge branch 'feature/confirmable' of /home/git/repositories/gitlab/gitlabhq
-rw-r--r-- | CHANGELOG | 2 | ||||
-rw-r--r-- | app/controllers/admin/users_controller.rb | 2 | ||||
-rw-r--r-- | app/models/user.rb | 4 | ||||
-rw-r--r-- | app/views/profiles/show.html.haml | 7 | ||||
-rw-r--r-- | config/initializers/devise.rb | 2 | ||||
-rw-r--r-- | db/migrate/20131009115346_add_confirmable_to_users.rb | 15 | ||||
-rw-r--r-- | db/schema.rb | 7 | ||||
-rw-r--r-- | lib/gitlab/oauth/user.rb | 1 | ||||
-rw-r--r-- | spec/factories.rb | 4 | ||||
-rw-r--r-- | spec/models/project_spec.rb | 10 |
10 files changed, 48 insertions, 6 deletions
diff --git a/CHANGELOG b/CHANGELOG index 58d2bfa63e8..75141fe914f 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -17,6 +17,8 @@ v 6.2.0 - Avatar upload on profile page with a maximum of 200KB (Steven Thonus) - Store the sessions in Redis instead of the cookie store - Fixed relative links in markdown + - User must confirm his email if signup enabled + - User must confirm changed email v 6.1.0 - Project specific IDs for issues, mr, milestones diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb index 70bbe306562..dccbfa2f709 100644 --- a/app/controllers/admin/users_controller.rb +++ b/app/controllers/admin/users_controller.rb @@ -47,6 +47,7 @@ class Admin::UsersController < Admin::ApplicationController @user = User.build_user(params[:user].merge(opts), as: :admin) @user.admin = (admin && admin.to_i > 0) @user.created_by_id = current_user.id + @user.confirm! respond_to do |format| if @user.save @@ -71,6 +72,7 @@ class Admin::UsersController < Admin::ApplicationController respond_to do |format| if user.update_attributes(params[:user], as: :admin) + user.confirm! format.html { redirect_to [:admin, user], notice: 'User was successfully updated.' } format.json { head :ok } else diff --git a/app/models/user.rb b/app/models/user.rb index 29c53b88331..22292de40a6 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -43,7 +43,7 @@ require 'file_size_validator' class User < ActiveRecord::Base devise :database_authenticatable, :token_authenticatable, :lockable, :async, - :recoverable, :rememberable, :trackable, :validatable, :omniauthable, :registerable + :recoverable, :rememberable, :trackable, :validatable, :omniauthable, :confirmable, :registerable attr_accessible :email, :password, :password_confirmation, :remember_me, :bio, :name, :username, :skype, :linkedin, :twitter, :color_scheme_id, :theme_id, :force_random_password, @@ -398,4 +398,4 @@ class User < ActiveRecord::Base self end -end
\ No newline at end of file +end diff --git a/app/views/profiles/show.html.haml b/app/views/profiles/show.html.haml index ada2892c6ba..2dce690c8dd 100644 --- a/app/views/profiles/show.html.haml +++ b/app/views/profiles/show.html.haml @@ -25,7 +25,12 @@ = f.label :email, class: "control-label" .controls = f.text_field :email, class: "input-xlarge", required: true - %span.help-block We also use email for avatar detection if no avatar is uploaded. + - if @user.unconfirmed_email.present? + %span.help-block + We sent confirmation email to + %strong #{@user.unconfirmed_email} + - else + %span.help-block We also use email for avatar detection if no avatar is uploaded. .control-group = f.label :skype, class: "control-label" .controls= f.text_field :skype, class: "input-xlarge" diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 39c1b7c235b..b7cb808d2e5 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -54,6 +54,8 @@ Devise.setup do |config| # The realm used in Http Basic Authentication. "Application" by default. # config.http_authentication_realm = "Application" + config.reconfirmable = true + # It will change confirmation, password recovery and other workflows # to behave the same regardless if the e-mail provided was right or wrong. # Does not affect registerable. diff --git a/db/migrate/20131009115346_add_confirmable_to_users.rb b/db/migrate/20131009115346_add_confirmable_to_users.rb new file mode 100644 index 00000000000..249cbe704ed --- /dev/null +++ b/db/migrate/20131009115346_add_confirmable_to_users.rb @@ -0,0 +1,15 @@ +class AddConfirmableToUsers < ActiveRecord::Migration + def self.up + add_column :users, :confirmation_token, :string + add_column :users, :confirmed_at, :datetime + add_column :users, :confirmation_sent_at, :datetime + add_column :users, :unconfirmed_email, :string + add_index :users, :confirmation_token, unique: true + User.update_all(confirmed_at: Time.now) + end + + def self.down + remove_column :users, :confirmation_token, :confirmed_at, :confirmation_sent_at + remove_column :users, :unconfirmed_email + end +end diff --git a/db/schema.rb b/db/schema.rb index b3bc31c76dd..d6acb2f90e9 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended to check this file into your version control system. -ActiveRecord::Schema.define(:version => 20131005191208) do +ActiveRecord::Schema.define(:version => 20131009115346) do create_table "deploy_keys_projects", :force => true do |t| t.integer "deploy_key_id", :null => false @@ -284,10 +284,15 @@ ActiveRecord::Schema.define(:version => 20131005191208) do t.datetime "password_expires_at" t.integer "created_by_id" t.string "avatar" + t.string "confirmation_token" + t.datetime "confirmed_at" + t.datetime "confirmation_sent_at" + t.string "unconfirmed_email" end add_index "users", ["admin"], :name => "index_users_on_admin" add_index "users", ["authentication_token"], :name => "index_users_on_authentication_token", :unique => true + add_index "users", ["confirmation_token"], :name => "index_users_on_confirmation_token", :unique => true add_index "users", ["email"], :name => "index_users_on_email", :unique => true add_index "users", ["extern_uid", "provider"], :name => "index_users_on_extern_uid_and_provider", :unique => true add_index "users", ["name"], :name => "index_users_on_name" diff --git a/lib/gitlab/oauth/user.rb b/lib/gitlab/oauth/user.rb index 1b32b99f4ba..ea9badba2c3 100644 --- a/lib/gitlab/oauth/user.rb +++ b/lib/gitlab/oauth/user.rb @@ -29,6 +29,7 @@ module Gitlab user = model.build_user(opts, as: :admin) user.save! + user.confirm! log.info "(OAuth) Creating user #{email} from login with extern_uid => #{uid}" if Gitlab.config.omniauth['block_auto_created_users'] && !ldap? diff --git a/spec/factories.rb b/spec/factories.rb index 56561fe4595..91ef5086a9e 100644 --- a/spec/factories.rb +++ b/spec/factories.rb @@ -23,6 +23,10 @@ FactoryGirl.define do end factory :admin, traits: [:admin] + + after :create do |u| + u.confirm! + end end factory :project do diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb index dcaee39fa68..c7266007999 100644 --- a/spec/models/project_spec.rb +++ b/spec/models/project_spec.rb @@ -27,8 +27,14 @@ require 'spec_helper' describe Project do - before(:each) { enable_observers } - after(:each) { disable_observers } + let(:user) { create(:user) } + + before do + enable_observers + Thread.current[:current_user] = user + end + + after { disable_observers } describe "Associations" do it { should belong_to(:group) } |