| @@ -170,6 +170,13 default: | |||
|
|
170 | 170 | # same secret token on each machine. |
|
|
171 | 171 | #secret_token: 'change it to a long random string' |
|
|
172 | 172 | |
|
|
173 | # Requires users to re-enter their password for sensitive actions (editing | |
|
|
174 | # of account data, project memberships, application settings, user, group, | |
|
|
175 | # role, auth source management and project deletion). | |
|
|
176 | # Disabled by default. | |
|
|
177 | # | |
|
|
178 | #sudo_mode: true | |
|
|
179 | ||
|
|
173 | 180 | # Absolute path (e.g. /usr/bin/convert, c:/im/convert.exe) to |
|
|
174 | 181 | # the ImageMagick's `convert` binary. Used to generate attachment thumbnails. |
|
|
175 | 182 | #imagemagick_convert_command: |
| @@ -202,7 +202,7 module Redmine | |||
|
|
202 | 202 | end |
|
|
203 | 203 | |
|
|
204 | 204 | def self.possible? |
|
|
205 |
|
|
|
|
205 | enabled? && User.current.logged? | |
|
|
206 | 206 | end |
|
|
207 | 207 | |
|
|
208 | 208 | # Turn off sudo mode (never require password entry). |
| @@ -215,10 +215,9 module Redmine | |||
|
|
215 | 215 | RequestStore.store[:sudo_mode_disabled] = nil |
|
|
216 | 216 | end |
|
|
217 | 217 | |
|
|
218 |
def self. |
|
|
|
219 |
|
|
|
|
218 | def self.enabled? | |
|
|
219 | Redmine::Configuration['sudo_mode'] && !RequestStore.store[:sudo_mode_disabled] | |
|
|
220 | 220 | end |
|
|
221 | ||
|
|
222 | 221 | end |
|
|
223 | 222 | end |
|
|
224 | 223 | |
| @@ -22,7 +22,6 class AuthSourcesControllerTest < ActionController::TestCase | |||
|
|
22 | 22 | |
|
|
23 | 23 | def setup |
|
|
24 | 24 | @request.session[:user_id] = 1 |
|
|
25 | Redmine::SudoMode.disable! | |
|
|
26 | 25 | end |
|
|
27 | 26 | |
|
|
28 | 27 | def test_index |
| @@ -22,7 +22,6 class EmailAddressesControllerTest < ActionController::TestCase | |||
|
|
22 | 22 | |
|
|
23 | 23 | def setup |
|
|
24 | 24 | User.current = nil |
|
|
25 | Redmine::SudoMode.disable! | |
|
|
26 | 25 | end |
|
|
27 | 26 | |
|
|
28 | 27 | def test_index_with_no_additional_emails |
| @@ -22,7 +22,6 class GroupsControllerTest < ActionController::TestCase | |||
|
|
22 | 22 | |
|
|
23 | 23 | def setup |
|
|
24 | 24 | @request.session[:user_id] = 1 |
|
|
25 | Redmine::SudoMode.disable! | |
|
|
26 | 25 | end |
|
|
27 | 26 | |
|
|
28 | 27 | def test_index |
| @@ -23,7 +23,6 class MembersControllerTest < ActionController::TestCase | |||
|
|
23 | 23 | def setup |
|
|
24 | 24 | User.current = nil |
|
|
25 | 25 | @request.session[:user_id] = 2 |
|
|
26 | Redmine::SudoMode.disable! | |
|
|
27 | 26 | end |
|
|
28 | 27 | |
|
|
29 | 28 | def test_new |
| @@ -23,7 +23,6 class MyControllerTest < ActionController::TestCase | |||
|
|
23 | 23 | |
|
|
24 | 24 | def setup |
|
|
25 | 25 | @request.session[:user_id] = 2 |
|
|
26 | Redmine::SudoMode.disable! | |
|
|
27 | 26 | end |
|
|
28 | 27 | |
|
|
29 | 28 | def test_index |
| @@ -28,7 +28,6 class ProjectsControllerTest < ActionController::TestCase | |||
|
|
28 | 28 | def setup |
|
|
29 | 29 | @request.session[:user_id] = nil |
|
|
30 | 30 | Setting.default_language = 'en' |
|
|
31 | Redmine::SudoMode.disable! | |
|
|
32 | 31 | end |
|
|
33 | 32 | |
|
|
34 | 33 | def test_index_by_anonymous_should_not_show_private_projects |
| @@ -23,7 +23,6 class RolesControllerTest < ActionController::TestCase | |||
|
|
23 | 23 | def setup |
|
|
24 | 24 | User.current = nil |
|
|
25 | 25 | @request.session[:user_id] = 1 # admin |
|
|
26 | Redmine::SudoMode.disable! | |
|
|
27 | 26 | end |
|
|
28 | 27 | |
|
|
29 | 28 | def test_index |
| @@ -24,7 +24,6 class SettingsControllerTest < ActionController::TestCase | |||
|
|
24 | 24 | def setup |
|
|
25 | 25 | User.current = nil |
|
|
26 | 26 | @request.session[:user_id] = 1 # admin |
|
|
27 | Redmine::SudoMode.disable! | |
|
|
28 | 27 | end |
|
|
29 | 28 | |
|
|
30 | 29 | def test_index |
| @@ -30,7 +30,6 class UsersControllerTest < ActionController::TestCase | |||
|
|
30 | 30 | def setup |
|
|
31 | 31 | User.current = nil |
|
|
32 | 32 | @request.session[:user_id] = 1 # admin |
|
|
33 | Redmine::SudoMode.disable! | |
|
|
34 | 33 | end |
|
|
35 | 34 | |
|
|
36 | 35 | def test_index |
| @@ -26,14 +26,6 class AdminTest < Redmine::IntegrationTest | |||
|
|
26 | 26 | :members, |
|
|
27 | 27 | :enabled_modules |
|
|
28 | 28 | |
|
|
29 | def setup | |
|
|
30 | Redmine::SudoMode.enable! | |
|
|
31 | end | |
|
|
32 | ||
|
|
33 | def teardown | |
|
|
34 | Redmine::SudoMode.disable! | |
|
|
35 | end | |
|
|
36 | ||
|
|
37 | 29 | def test_add_user |
|
|
38 | 30 | log_user("admin", "admin") |
|
|
39 | 31 | get "/users/new" |
| @@ -44,15 +36,6 class AdminTest < Redmine::IntegrationTest | |||
|
|
44 | 36 | :lastname => "Smith", :mail => "psmith@somenet.foo", |
|
|
45 | 37 | :language => "en", :password => "psmith09", |
|
|
46 | 38 | :password_confirmation => "psmith09" } |
|
|
47 | assert_response :success | |
|
|
48 | assert_nil User.find_by_login("psmith") | |
|
|
49 | ||
|
|
50 | post "/users", | |
|
|
51 | :user => { :login => "psmith", :firstname => "Paul", | |
|
|
52 | :lastname => "Smith", :mail => "psmith@somenet.foo", | |
|
|
53 | :language => "en", :password => "psmith09", | |
|
|
54 | :password_confirmation => "psmith09" }, | |
|
|
55 | :sudo_password => 'admin' | |
|
|
56 | 39 | |
|
|
57 | 40 | user = User.find_by_login("psmith") |
|
|
58 | 41 | assert_kind_of User, user |
| @@ -4,11 +4,31 class SudoTest < Redmine::IntegrationTest | |||
|
|
4 | 4 | fixtures :projects, :members, :member_roles, :roles, :users |
|
|
5 | 5 | |
|
|
6 | 6 | def setup |
|
|
7 |
Redmine::SudoMode.enable |
|
|
|
7 | Redmine::SudoMode.stubs(:enabled?).returns(true) | |
|
|
8 | 8 | end |
|
|
9 | 9 | |
|
|
10 |
def tear |
|
|
|
11 | Redmine::SudoMode.disable! | |
|
|
10 | def test_add_user | |
|
|
11 | log_user("admin", "admin") | |
|
|
12 | get "/users/new" | |
|
|
13 | assert_response :success | |
|
|
14 | post "/users", | |
|
|
15 | :user => { :login => "psmith", :firstname => "Paul", | |
|
|
16 | :lastname => "Smith", :mail => "psmith@somenet.foo", | |
|
|
17 | :language => "en", :password => "psmith09", | |
|
|
18 | :password_confirmation => "psmith09" } | |
|
|
19 | assert_response :success | |
|
|
20 | assert_nil User.find_by_login("psmith") | |
|
|
21 | ||
|
|
22 | post "/users", | |
|
|
23 | :user => { :login => "psmith", :firstname => "Paul", | |
|
|
24 | :lastname => "Smith", :mail => "psmith@somenet.foo", | |
|
|
25 | :language => "en", :password => "psmith09", | |
|
|
26 | :password_confirmation => "psmith09" }, | |
|
|
27 | :sudo_password => 'admin' | |
|
|
28 | assert_response 302 | |
|
|
29 | ||
|
|
30 | user = User.find_by_login("psmith") | |
|
|
31 | assert_kind_of User, user | |
|
|
12 | 32 | end |
|
|
13 | 33 | |
|
|
14 | 34 | def test_create_member_xhr |
General Comments 0
You need to be logged in to leave comments.
Login now