jro_apps/redmine Commit - r9746:76a4b81cf3a9

Fixed: Openid registration form should not require user to enter password (#11331)....

Jean-Philippe Lang -

r9746:76a4b81cf3a9

parent child

Context file:

r9746:76a4b81cf3a9

Collapse all files

app/controllers/account_controller.rb +5 -2

                   session[:auth_source_registration] = nil
                   @user = User.new(:language => Setting.default_language)
                 else
+                  user_params = params[:user] || {}
                   @user = User.new
-                  @user.safe_attributes = params[:user]
+                  @user.safe_attributes = user_params
                   @user.admin = false
                   @user.register
                   if session[:auth_source_registration]
                     end
                   else
                     @user.login = params[:user][:login]
-                    @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
+                    unless user_params[:identity_url].present? && user_params[:password].blank? && user_params[:password_confirmation].blank?
+                      @user.password, @user.password_confirmation = user_params[:password], user_params[:password_confirmation]
+                    end
                     case Setting.self_registration
                     when '1'

test/functional/account_controller_openid_test.rb +36 0

@@ -116,6 +116,42 class AccountControllerTest < ActionController::TestCase
116	assert_equal 'http://openid.example.com/good_user', assigns(:user)[:identity_url]	116	assert_equal 'http://openid.example.com/good_user', assigns(:user)[:identity_url]
117	end	117	end
118		118
		119	def test_login_with_openid_with_new_user_with_missing_information_should_register
		120	Setting.self_registration = '3'
		121
		122	post :login, :openid_url => 'http://openid.example.com/good_blank_user'
		123	assert_response :success
		124	assert_template 'register'
		125	assert assigns(:user)
		126	assert_equal 'http://openid.example.com/good_blank_user', assigns(:user)[:identity_url]
		127
		128	assert_select 'input[name=?]', 'user[login]'
		129	assert_select 'input[name=?]', 'user[password]'
		130	assert_select 'input[name=?]', 'user[password_confirmation]'
		131	assert_select 'input[name=?][value=?]', 'user[identity_url]', 'http://openid.example.com/good_blank_user'
		132	end
		133
		134	def test_register_after_login_failure_should_not_require_user_to_enter_a_password
		135	Setting.self_registration = '3'
		136
		137	assert_difference 'User.count' do
		138	post :register, :user => {
		139	:login => 'good_blank_user',
		140	:password => '',
		141	:password_confirmation => '',
		142	:firstname => 'Cool',
		143	:lastname => 'User',
		144	:mail => 'user@somedomain.com',
		145	:identity_url => 'http://openid.example.com/good_blank_user'
		146	}
		147	assert_response 302
		148	end
		149
		150	user = User.first(:order => 'id DESC')
		151	assert_equal 'http://openid.example.com/good_blank_user', user.identity_url
		152	assert user.hashed_password.blank?, "Hashed password was #{user.hashed_password}"
		153	end
		154
119	def test_setting_openid_should_return_true_when_set_to_true	155	def test_setting_openid_should_return_true_when_set_to_true
120	assert_equal true, Setting.openid?	156	assert_equal true, Setting.openid?
121	end	157	end

test/mocks/open_id_authentication_mock.rb +2 -1

                 def authenticate_with_open_id(identity_url = params[:openid_url], options = {}) #:doc:
                   if User.find_by_identity_url(identity_url) || identity_url.include?('good')
+                    extension_response_fields = {}
                     # Don't process registration fields unless it is requested.
                     unless identity_url.include?('blank') || (options[:required].nil? && options[:optional].nil?)
-                      extension_response_fields = {}
                       options[:required].each do |field|
                         extension_response_fields[field.to_s] = EXTENSION_FIELDS[field.to_s]

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages