##// END OF EJS Templates
jro_apps » redmine
RSS
Send password reset email to the email used in lost password form (#4244)....
Jean-Philippe Lang -
r13506:a3a8fee8adf8
parent child
Show More
Side by Side Unified
Context file:
r13506:a3a8fee8adf8 Loading diff...:
Show file before | Show file after | Hide comments
@@ -82,7 +82,8 class AccountController < ApplicationController
82 return
82 return
83 else
83 else
84 if request.post?
84 if request.post?
85 user = User.find_by_mail(params[:mail].to_s)
85 email = params[:mail].to_s
86 user = User.find_by_mail(email)
86 # user not found
87 # user not found
87 unless user
88 unless user
88 flash.now[:error] = l(:notice_account_unknown_email)
89 flash.now[:error] = l(:notice_account_unknown_email)
@@ -100,7 +101,9 class AccountController < ApplicationController
100 # create a new token for password recovery
101 # create a new token for password recovery
101 token = Token.new(:user => user, :action => "recovery")
102 token = Token.new(:user => user, :action => "recovery")
102 if token.save
103 if token.save
103 Mailer.lost_password(token).deliver
104 # Don't use the param to send the email
105 recipent = user.mails.detect {|e| e.downcase == email.downcase} || user.mail
106 Mailer.lost_password(token, recipent).deliver
104 flash[:notice] = l(:notice_account_lost_email_sent)
107 flash[:notice] = l(:notice_account_lost_email_sent)
105 redirect_to signin_path
108 redirect_to signin_path
106 return
109 return
Show file before | Show file after | Hide comments
@@ -289,11 +289,12 class Mailer < ActionMailer::Base
289 :subject => l(:mail_subject_register, Setting.app_title)
289 :subject => l(:mail_subject_register, Setting.app_title)
290 end
290 end
291
291
292 def lost_password(token)
292 def lost_password(token, recipient=nil)
293 set_language_if_valid(token.user.language)
293 set_language_if_valid(token.user.language)
294 recipient ||= token.user.mail
294 @token = token
295 @token = token
295 @url = url_for(:controller => 'account', :action => 'lost_password', :token => token.value)
296 @url = url_for(:controller => 'account', :action => 'lost_password', :token => token.value)
296 mail :to => token.user.mail,
297 mail :to => recipient,
297 :subject => l(:mail_subject_lost_password, Setting.app_title)
298 :subject => l(:mail_subject_lost_password, Setting.app_title)
298 end
299 end
299
300
Show file before | Show file after | Hide comments
@@ -304,6 +304,20 class AccountControllerTest < ActionController::TestCase
304 end
304 end
305 end
305 end
306
306
307 def test_lost_password_using_additional_email_address_should_send_email_to_the_address
308 EmailAddress.create!(:user_id => 2, :address => 'anotherAddress@foo.bar')
309 Token.delete_all
310
311 assert_difference 'ActionMailer::Base.deliveries.size' do
312 assert_difference 'Token.count' do
313 post :lost_password, :mail => 'ANOTHERaddress@foo.bar'
314 assert_redirected_to '/login'
315 end
316 end
317 mail = ActionMailer::Base.deliveries.last
318 assert_equal ['anotherAddress@foo.bar'], mail.bcc
319 end
320
307 def test_lost_password_for_unknown_user_should_fail
321 def test_lost_password_for_unknown_user_should_fail
308 Token.delete_all
322 Token.delete_all
309 assert_no_difference 'Token.count' do
323 assert_no_difference 'Token.count' do
General Comments 0
You need to be logged in to leave comments. Login now