diff options
| -rw-r--r-- | doc/api/users.md | 1 | ||||
| -rw-r--r-- | spec/requests/api/users_spec.rb | 5 |
2 files changed, 4 insertions, 2 deletions
diff --git a/doc/api/users.md b/doc/api/users.md index 28b6c7bd491..fea9bdf9639 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -271,6 +271,7 @@ Parameters: - `can_create_group` (optional) - User can create groups - true or false - `external` (optional) - Flags the user as external - true or false(default) +On password update, user will be forced to change it upon next login. Note, at the moment this method does only return a `404` error, even in cases where a `409` (Conflict) would be more appropriate, e.g. when renaming the email address to some existing one. diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb index f9127096953..8692f9da976 100644 --- a/spec/requests/api/users_spec.rb +++ b/spec/requests/api/users_spec.rb @@ -306,9 +306,10 @@ describe API::Users, api: true do end it "updates user with new password and forces reset on next login" do - put api("/users/#{user.id}", admin), { password: '12345678' } + put api("/users/#{user.id}", admin), password: '12345678' + expect(response).to have_http_status(200) - expect(user.reload.password_expires_at).to be < Time.now + expect(user.reload.password_expires_at).to be <= Time.now end it "updates user with organization" do |