diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-10-20 11:43:02 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-10-20 11:43:02 +0300 |
| commit | d9ab72d6080f594d0b3cae15f14b3ef2c6c638cb (patch) | |
| tree | 2341ef426af70ad1e289c38036737e04b0aa5007 /app/controllers/profiles | |
| parent | d6e514dd13db8947884cd58fe2a9c2a063400a9b (diff) | |
Add latest changes from gitlab-org/gitlab@14-4-stable-eev14.4.0-rc42
Diffstat (limited to 'app/controllers/profiles')
| -rw-r--r-- | app/controllers/profiles/passwords_controller.rb | 25 | ||||
| -rw-r--r-- | app/controllers/profiles/two_factor_auths_controller.rb | 2 |
2 files changed, 11 insertions, 16 deletions
diff --git a/app/controllers/profiles/passwords_controller.rb b/app/controllers/profiles/passwords_controller.rb index c8c2dd1c7d6..5eb0f80ddc9 100644 --- a/app/controllers/profiles/passwords_controller.rb +++ b/app/controllers/profiles/passwords_controller.rb @@ -15,17 +15,11 @@ class Profiles::PasswordsController < Profiles::ApplicationController end def create - unless @user.password_automatically_set || @user.valid_password?(user_params[:current_password]) + unless @user.password_automatically_set || @user.valid_password?(user_params[:password]) redirect_to new_profile_password_path, alert: _('You must provide a valid current password') return end - password_attributes = { - password: user_params[:password], - password_confirmation: user_params[:password_confirmation], - password_automatically_set: false - } - result = Users::UpdateService.new(current_user, password_attributes.merge(user: @user)).execute if result[:status] == :success @@ -41,12 +35,7 @@ class Profiles::PasswordsController < Profiles::ApplicationController end def update - password_attributes = user_params.select do |key, value| - %w(password password_confirmation).include?(key.to_s) - end - password_attributes[:password_automatically_set] = false - - unless @user.password_automatically_set || @user.valid_password?(user_params[:current_password]) + unless @user.password_automatically_set || @user.valid_password?(user_params[:password]) handle_invalid_current_password_attempt! redirect_to edit_profile_password_path, alert: _('You must provide a valid current password') @@ -94,6 +83,14 @@ class Profiles::PasswordsController < Profiles::ApplicationController end def user_params - params.require(:user).permit(:current_password, :password, :password_confirmation) + params.require(:user).permit(:password, :new_password, :password_confirmation) + end + + def password_attributes + { + password: user_params[:new_password], + password_confirmation: user_params[:password_confirmation], + password_automatically_set: false + } end end diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index de22a0e47d5..e0b5d6be155 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -237,8 +237,6 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController end def ensure_verified_primary_email - return unless Feature.enabled?(:ensure_verified_primary_email_for_2fa, default_enabled: :yaml) - unless current_user.two_factor_enabled? || current_user.primary_email_verified? redirect_to profile_emails_path, notice: s_('You need to verify your primary email first before enabling Two-Factor Authentication.') end |