diff options
author | Vinnie Okada <vokada@mrvinn.com> | 2015-04-26 22:04:33 -0600 |
---|---|---|
committer | Vinnie Okada <vokada@mrvinn.com> | 2015-05-16 14:03:07 -0600 |
commit | 0bfab084a811d7dad1f1929ee7b5c2bc59015173 (patch) | |
tree | da3c6e696e22b3d9e377f956c1adbec4380a3e97 | |
parent | 35729671fb3a123ddeb7b2b1cda446fd661bd4e6 (diff) | |
download | gitlab-ce-0bfab084a811d7dad1f1929ee7b5c2bc59015173.tar.gz |
Explain reset token expiration in emails
Tell new users when their password reset token expires and provide a
link to get a new one.
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | app/helpers/emails_helper.rb | 19 | ||||
-rw-r--r-- | app/views/notify/new_user_email.html.haml | 2 | ||||
-rw-r--r-- | app/views/notify/new_user_email.text.erb | 2 | ||||
-rw-r--r-- | spec/helpers/emails_helper_spec.rb | 46 | ||||
-rw-r--r-- | spec/mailers/notify_spec.rb | 5 |
6 files changed, 75 insertions, 0 deletions
diff --git a/CHANGELOG b/CHANGELOG index ade877feb9a..15bfe570f1a 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -32,6 +32,7 @@ v 7.11.0 (unreleased) - Show Atom feed buttons everywhere where applicable. - Add project activity atom feed. - Don't crash when an MR from a fork has a cross-reference comment from the target project on one of its commits. + - Explain how to get a new password reset token in welcome emails - Include commit comments in MR from a forked project. - Fix adding new group members from admin area - Group milestones by title in the dashboard and all other issue views. diff --git a/app/helpers/emails_helper.rb b/app/helpers/emails_helper.rb index 0df3ecc90b7..12aa561a14e 100644 --- a/app/helpers/emails_helper.rb +++ b/app/helpers/emails_helper.rb @@ -35,4 +35,23 @@ module EmailsHelper lexer = Rugments::Lexers::Diff.new raw formatter.format(lexer.lex(diffcontent)) end + + def password_reset_token_valid_time + valid_hours = Devise.reset_password_within / 60 / 60 + if valid_hours >= 24 + unit = 'day' + valid_length = (valid_hours / 24).floor + else + unit = 'hour' + valid_length = valid_hours.floor + end + + pluralize(valid_length, unit) + end + + def reset_token_expire_message + link_tag = link_to('request a new one', new_user_password_url) + msg = "This link is valid for #{password_reset_token_valid_time}. " + msg << "After it expires, you can #{link_tag}." + end end diff --git a/app/views/notify/new_user_email.html.haml b/app/views/notify/new_user_email.html.haml index ebbe98dd472..39cb01d4d29 100644 --- a/app/views/notify/new_user_email.html.haml +++ b/app/views/notify/new_user_email.html.haml @@ -12,3 +12,5 @@ - if @user.created_by_id %p = link_to "Click here to set your password", edit_password_url(@user, :reset_password_token => @token) + %p + = reset_token_expire_message diff --git a/app/views/notify/new_user_email.text.erb b/app/views/notify/new_user_email.text.erb index 96b26879a77..dd9b71e3b84 100644 --- a/app/views/notify/new_user_email.text.erb +++ b/app/views/notify/new_user_email.text.erb @@ -5,4 +5,6 @@ The Administrator created an account for you. Now you are a member of the compan login.................. <%= @user.email %> <% if @user.created_by_id %> <%= link_to "Click here to set your password", edit_password_url(@user, :reset_password_token => @token) %> + + <%= reset_token_expire_message %> <% end %> diff --git a/spec/helpers/emails_helper_spec.rb b/spec/helpers/emails_helper_spec.rb new file mode 100644 index 00000000000..7a3e38d7e63 --- /dev/null +++ b/spec/helpers/emails_helper_spec.rb @@ -0,0 +1,46 @@ +require 'spec_helper' + +describe EmailsHelper do + describe 'password_reset_token_valid_time' do + def validate_time_string(time_limit, expected_string) + Devise.reset_password_within = time_limit + expect(password_reset_token_valid_time).to eq(expected_string) + end + + context 'when time limit is less than 2 hours' do + it 'should display the time in hours using a singular unit' do + validate_time_string(1.hour, '1 hour') + end + end + + context 'when time limit is 2 or more hours' do + it 'should display the time in hours using a plural unit' do + validate_time_string(2.hours, '2 hours') + end + end + + context 'when time limit contains fractions of an hour' do + it 'should round down to the nearest hour' do + validate_time_string(96.minutes, '1 hour') + end + end + + context 'when time limit is 24 or more hours' do + it 'should display the time in days using a singular unit' do + validate_time_string(24.hours, '1 day') + end + end + + context 'when time limit is 2 or more days' do + it 'should display the time in days using a plural unit' do + validate_time_string(2.days, '2 days') + end + end + + context 'when time limit contains fractions of a day' do + it 'should round down to the nearest day' do + validate_time_string(57.hours, '2 days') + end + end + end +end diff --git a/spec/mailers/notify_spec.rb b/spec/mailers/notify_spec.rb index dbcf7286e45..4da91eea98c 100644 --- a/spec/mailers/notify_spec.rb +++ b/spec/mailers/notify_spec.rb @@ -91,6 +91,11 @@ describe Notify do it 'includes a link to the site' do is_expected.to have_body_text /#{example_site_path}/ end + + it 'explains the reset link expiration' do + is_expected.to have_body_text(/This link is valid for \d+ (hours?|days?)/) + is_expected.to have_body_text(new_user_password_url) + end end |