diff options
| author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-07-29 15:28:20 +0300 |
|---|---|---|
| committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-07-29 15:28:20 +0300 |
| commit | 014e6d0f875a1fb1b97aaad1153f92b85e88354d (patch) | |
| tree | 64953113c9f229c3fb33e4e9ab43975396f38404 | |
| parent | 535feb08ce90352c89799df5e3e70a10e53ee10d (diff) | |
| download | gitlab-ce-014e6d0f875a1fb1b97aaad1153f92b85e88354d.tar.gz | |
Require current password even if password was expired
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
| -rw-r--r-- | app/controllers/profiles/passwords_controller.rb | 5 | ||||
| -rw-r--r-- | app/views/profiles/passwords/new.html.haml | 3 | ||||
| -rw-r--r-- | features/steps/profile/profile.rb | 3 |
3 files changed, 10 insertions, 1 deletions
diff --git a/app/controllers/profiles/passwords_controller.rb b/app/controllers/profiles/passwords_controller.rb index 0d93f5cbfdf..1191ce47eba 100644 --- a/app/controllers/profiles/passwords_controller.rb +++ b/app/controllers/profiles/passwords_controller.rb @@ -11,6 +11,11 @@ class Profiles::PasswordsController < ApplicationController end def create + unless @user.valid_password?(user_params[:current_password]) + redirect_to new_profile_password_path, alert: 'You must provide a valid current password' + return + end + new_password = user_params[:password] new_password_confirmation = user_params[:password_confirmation] diff --git a/app/views/profiles/passwords/new.html.haml b/app/views/profiles/passwords/new.html.haml index b72232ee36b..aef7348fd20 100644 --- a/app/views/profiles/passwords/new.html.haml +++ b/app/views/profiles/passwords/new.html.haml @@ -12,6 +12,9 @@ %li= msg .form-group + = f.label :current_password, class: 'control-label' + .col-sm-10= f.password_field :current_password, required: true, class: 'form-control' + .form-group = f.label :password, class: 'control-label' .col-sm-10= f.password_field :password, required: true, class: 'form-control' .form-group diff --git a/features/steps/profile/profile.rb b/features/steps/profile/profile.rb index 879bcf41b40..5a7ac207314 100644 --- a/features/steps/profile/profile.rb +++ b/features/steps/profile/profile.rb @@ -145,6 +145,7 @@ class Profile < Spinach::FeatureSteps end step 'I submit new password' do + fill_in :user_current_password, with: '12345678' fill_in :user_password, with: '12345678' fill_in :user_password_confirmation, with: '12345678' click_button "Set new password" @@ -179,7 +180,7 @@ class Profile < Spinach::FeatureSteps @group.add_owner(current_user) @project = create(:project, namespace: @group) @event = create(:closed_issue_event, project: @project) - + @project.team << [current_user, :master] end |