jro_apps/redmine Commit - r9746:76a4b81cf3a9

Fixed: Openid registration form should not require user to enter password (#11331)....

Jean-Philippe Lang -

r9746:76a4b81cf3a9

parent child

Context file:

r9746:76a4b81cf3a9

Collapse all files

app/controllers/account_controller.rb +5 -2

                    session[:auth_source_registration] = nil
                    @user = User.new(:language => Setting.default_language)
                  else
+                   user_params = params[:user] || {}
                    @user = User.new
-                   @user.safe_attributes = params[:user]
+                   @user.safe_attributes = user_params
                    @user.admin = false
                    @user.register
                    if session[:auth_source_registration]
                      end
                    else
                      @user.login = params[:user][:login]
-                     @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
+                     unless user_params[:identity_url].present? && user_params[:password].blank? && user_params[:password_confirmation].blank?
+                       @user.password, @user.password_confirmation = user_params[:password], user_params[:password_confirmation]
+                     end
                      case Setting.self_registration
                      when '1'

test/functional/account_controller_openid_test.rb +36 0

		@@ -116,6 +116,42 class AccountControllerTest < ActionController::TestCase
116	116	assert_equal 'http://openid.example.com/good_user', assigns(:user)[:identity_url]
117	117	end
118	118
	119	def test_login_with_openid_with_new_user_with_missing_information_should_register
	120	Setting.self_registration = '3'
	121
	122	post :login, :openid_url => 'http://openid.example.com/good_blank_user'
	123	assert_response :success
	124	assert_template 'register'
	125	assert assigns(:user)
	126	assert_equal 'http://openid.example.com/good_blank_user', assigns(:user)[:identity_url]
	127
	128	assert_select 'input[name=?]', 'user[login]'
	129	assert_select 'input[name=?]', 'user[password]'
	130	assert_select 'input[name=?]', 'user[password_confirmation]'
	131	assert_select 'input[name=?][value=?]', 'user[identity_url]', 'http://openid.example.com/good_blank_user'
	132	end
	133
	134	def test_register_after_login_failure_should_not_require_user_to_enter_a_password
	135	Setting.self_registration = '3'
	136
	137	assert_difference 'User.count' do
	138	post :register, :user => {
	139	:login => 'good_blank_user',
	140	:password => '',
	141	:password_confirmation => '',
	142	:firstname => 'Cool',
	143	:lastname => 'User',
	144	:mail => 'user@somedomain.com',
	145	:identity_url => 'http://openid.example.com/good_blank_user'
	146	}
	147	assert_response 302
	148	end
	149
	150	user = User.first(:order => 'id DESC')
	151	assert_equal 'http://openid.example.com/good_blank_user', user.identity_url
	152	assert user.hashed_password.blank?, "Hashed password was #{user.hashed_password}"
	153	end
	154
119	155	def test_setting_openid_should_return_true_when_set_to_true
120	156	assert_equal true, Setting.openid?
121	157	end

test/mocks/open_id_authentication_mock.rb +2 -1

                  def authenticate_with_open_id(identity_url = params[:openid_url], options = {}) #:doc:
                    if User.find_by_identity_url(identity_url) || identity_url.include?('good')
+                     extension_response_fields = {}
                      # Don't process registration fields unless it is requested.
                      unless identity_url.include?('blank') || (options[:required].nil? && options[:optional].nil?)
-                       extension_response_fields = {}
                        options[:required].each do |field|
                          extension_response_fields[field.to_s] = EXTENSION_FIELDS[field.to_s]

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages