diff options
| author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-07-29 15:28:20 +0300 |
|---|---|---|
| committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-07-29 15:28:20 +0300 |
| commit | 014e6d0f875a1fb1b97aaad1153f92b85e88354d (patch) | |
| tree | 64953113c9f229c3fb33e4e9ab43975396f38404 /app/controllers/profiles | |
| parent | 535feb08ce90352c89799df5e3e70a10e53ee10d (diff) | |
| download | gitlab-ce-014e6d0f875a1fb1b97aaad1153f92b85e88354d.tar.gz | |
Require current password even if password was expired
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Diffstat (limited to 'app/controllers/profiles')
| -rw-r--r-- | app/controllers/profiles/passwords_controller.rb | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/app/controllers/profiles/passwords_controller.rb b/app/controllers/profiles/passwords_controller.rb index 0d93f5cbfdf..1191ce47eba 100644 --- a/app/controllers/profiles/passwords_controller.rb +++ b/app/controllers/profiles/passwords_controller.rb @@ -11,6 +11,11 @@ class Profiles::PasswordsController < ApplicationController end def create + unless @user.valid_password?(user_params[:current_password]) + redirect_to new_profile_password_path, alert: 'You must provide a valid current password' + return + end + new_password = user_params[:password] new_password_confirmation = user_params[:password_confirmation] |