expired password last

2016-10-06 14:19:48 +02:00
parent 1f72c5cc74
commit 680c0636ed
4 changed files with 9 additions and 19 deletions
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1,4 +1,4 @@
-  class User < ActiveRecord::Base
+class User < ActiveRecord::Base

  include Verification

@@ -57,8 +57,6 @@

  before_validation :clean_document_number

-  before_create :set_password_changed_at
-
  # Get the existing user by email if the provider gives us a verified email.
  def self.first_or_initialize_for_oauth(auth)
    oauth_email           = auth.info.email
@@ -242,10 +240,6 @@
    true
  end

-  def set_password_changed_at
-    set_password_changed_at = created_at
-  end 
-
  def ability
    @ability ||= Ability.new(self)
  end
--- a/config/initializers/devise_security_extension.rb
+++ b/config/initializers/devise_security_extension.rb
@@ -41,14 +41,6 @@ module Devise
  module Models
    module PasswordExpirable
      def need_change_password?
-        if password_change? 
-          password_expired?
-        else 
-          false 
-        end 
-      end 
-        
-      def password_change? 
        self.administrator? && password_expired?
      end 

--- a/lib/tasks/users.rake
+++ b/lib/tasks/users.rake
@@ -80,7 +80,7 @@ namespace :users do
  desc "Update password changed at for existing users"
  task update_password_changed_at: :environment do
    User.all.each do |user|
-      user.update(password_changed_at:user.created_at)
+      user.update(password_changed_at: user.created_at)
    end
  end 

--- a/spec/features/users_auth_spec.rb
+++ b/spec/features/users_auth_spec.rb
@@ -319,21 +319,25 @@ feature 'Users' do
    
    login_as(user)
    visit root_path
+
    expect(page).to_not have_content "Your password is expired"
  end

  scenario 'Admin with password expired trying to use same password' do 
    user = create(:user, password_changed_at: Time.now - 1.year, password: '123456789')
    admin = create(:administrator, user: user)  
+    
    login_as(admin.user)  
    visit root_path
+
    expect(page).to have_content "Your password is expired" 
+    
    fill_in 'user_current_password', with: 'judgmentday'
    fill_in 'user_password', with: '123456789' 
    fill_in 'user_password_confirmation', with: '123456789'
    click_button 'Change your password'  
+    
    expect(page).to have_content "must be different than the current password."
  end              

-
 end