summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/controllers/application_controller.rb2
-rw-r--r--features/profile/profile.feature1
-rw-r--r--features/steps/profile/profile.rb5
-rw-r--r--spec/controllers/application_controller_spec.rb33
4 files changed, 40 insertions, 1 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index b93bf0f98eb..d974600dcc1 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -151,7 +151,7 @@ class ApplicationController < ActionController::Base
end
def check_password_expiration
- if current_user && current_user.password_expires_at && current_user.password_expires_at < Time.now
+ if current_user && current_user.password_expires_at && current_user.password_expires_at < Time.now && !current_user.ldap_user?
redirect_to new_profile_password_path and return
end
end
diff --git a/features/profile/profile.feature b/features/profile/profile.feature
index 53a93b0f908..3b61552a73d 100644
--- a/features/profile/profile.feature
+++ b/features/profile/profile.feature
@@ -18,6 +18,7 @@ Feature: Profile
Scenario: My password is expired
Given my password is expired
+ And I am not an ldap user
And I visit profile account page
Then I redirected to expired password page
And I submit new password
diff --git a/features/steps/profile/profile.rb b/features/steps/profile/profile.rb
index 23eeac447b0..6944977c3ff 100644
--- a/features/steps/profile/profile.rb
+++ b/features/steps/profile/profile.rb
@@ -91,6 +91,11 @@ class Profile < Spinach::FeatureSteps
current_user.update_attributes(password_expires_at: Time.now - 1.hour)
end
+ step "I am not an ldap user" do
+ current_user.update_attributes(extern_uid: nil, provider: '')
+ current_user.ldap_user?.should be_false
+ end
+
step 'I redirected to expired password page' do
current_path.should == new_profile_password_path
end
diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb
new file mode 100644
index 00000000000..d528d12c66c
--- /dev/null
+++ b/spec/controllers/application_controller_spec.rb
@@ -0,0 +1,33 @@
+require 'spec_helper'
+
+describe ApplicationController do
+ describe '#check_password_expiration' do
+ let(:user) { create(:user) }
+ let(:controller) { ApplicationController.new }
+
+ it 'should redirect if the user is over their password expiry' do
+ user.password_expires_at = Time.new(2002)
+ user.ldap_user?.should be_false
+ controller.stub!(:current_user).and_return(user)
+ controller.should_receive(:redirect_to)
+ controller.should_receive(:new_profile_password_path)
+ controller.send(:check_password_expiration)
+ end
+
+ it 'should not redirect if the user is under their password expiry' do
+ user.password_expires_at = Time.now + 20010101
+ user.ldap_user?.should be_false
+ controller.stub!(:current_user).and_return(user)
+ controller.should_not_receive(:redirect_to)
+ controller.send(:check_password_expiration)
+ end
+
+ it 'should not redirect if the user is over their password expiry but they are an ldap user' do
+ user.password_expires_at = Time.new(2002)
+ user.stub!(:ldap_user?).and_return(true)
+ controller.stub!(:current_user).and_return(user)
+ controller.should_not_receive(:redirect_to)
+ controller.send(:check_password_expiration)
+ end
+ end
+end \ No newline at end of file