diff options
author | Rubén Dávila <ruben@gitlab.com> | 2017-12-31 08:08:15 +0300 |
---|---|---|
committer | Rubén Dávila <ruben@gitlab.com> | 2018-01-01 03:59:07 +0300 |
commit | 6304fe44ec9b034917201db2e1bacb83d82cdeae (patch) | |
tree | 6b6423fbdbbb9779dd6afee7ca91b161fa56c2ed /app/controllers/passwords_controller.rb | |
parent | ff077cf7dc5cfd7c6c6206d801ea3f326f7af1aa (diff) |
Allow logged in user to change his password
Users were unable to change their password through the "Reset password"
link that was sent to their email if they were logged in. This is due to
a default controller filter from Devise that requires the user to not be
logged in in order to use this link.
Diffstat (limited to 'app/controllers/passwords_controller.rb')
-rw-r--r-- | app/controllers/passwords_controller.rb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb index 68a52f40342..57761bfbe26 100644 --- a/app/controllers/passwords_controller.rb +++ b/app/controllers/passwords_controller.rb @@ -1,6 +1,8 @@ class PasswordsController < Devise::PasswordsController include Gitlab::CurrentSettings + skip_before_action :require_no_authentication, only: [:edit, :update] + before_action :resource_from_email, only: [:create] before_action :check_password_authentication_available, only: [:create] before_action :throttle_reset, only: [:create] |