diff options
author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-10-09 16:17:40 +0300 |
---|---|---|
committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-10-09 16:43:11 +0300 |
commit | c41e66db520c43fdcfc0e1e49208a23bb02835a7 (patch) | |
tree | 20c76785c0cf37d54b53100382d2125a1cc321aa /app/controllers/profiles/passwords_controller.rb | |
parent | 7af1bc3b88e3a32cb07d7aee7962af22c2339c02 (diff) | |
download | gitlab-ce-c41e66db520c43fdcfc0e1e49208a23bb02835a7.tar.gz |
Separate page for password change
Diffstat (limited to 'app/controllers/profiles/passwords_controller.rb')
-rw-r--r-- | app/controllers/profiles/passwords_controller.rb | 41 |
1 files changed, 40 insertions, 1 deletions
diff --git a/app/controllers/profiles/passwords_controller.rb b/app/controllers/profiles/passwords_controller.rb index 432899f857d..b8d8395a7c4 100644 --- a/app/controllers/profiles/passwords_controller.rb +++ b/app/controllers/profiles/passwords_controller.rb @@ -1,10 +1,11 @@ class Profiles::PasswordsController < ApplicationController - layout 'navless' + layout :determine_layout skip_before_filter :check_password_expiration before_filter :set_user before_filter :set_title + before_filter :authorize_change_password! def new end @@ -26,6 +27,32 @@ class Profiles::PasswordsController < ApplicationController end end + def edit + end + + def update + password_attributes = params[:user].select do |key, value| + %w(password password_confirmation).include?(key.to_s) + end + + unless @user.valid_password?(params[:user][:current_password]) + redirect_to edit_profile_password_path, alert: 'You must provide a valid current password' + return + end + + if @user.update_attributes(password_attributes) + flash[:notice] = "Password was successfully updated. Please login with it" + redirect_to new_user_session_path + else + render 'account' + end + end + + def reset + current_user.send_reset_password_instructions + redirect_to edit_profile_password_path, notice: 'We sent you an email with reset password instructions' + end + private def set_user @@ -35,4 +62,16 @@ class Profiles::PasswordsController < ApplicationController def set_title @title = "New password" end + + def determine_layout + if [:new, :create].include?(action_name.to_sym) + 'navless' + else + 'profile' + end + end + + def authorize_change_password! + return render_404 if @user.ldap_user? + end end |