diff options
| author | Robin Bobbitt <ryehle@us.ibm.com> | 2017-06-27 21:02:09 +0300 |
|---|---|---|
| committer | Robin Bobbitt <ryehle@us.ibm.com> | 2017-07-13 17:08:27 +0300 |
| commit | 672a68d3724bcae676d18244c85566e7d664a169 (patch) | |
| tree | 0a80378a3d96290bda93db53bb231798f2a7ecdd /spec/controllers/passwords_controller_spec.rb | |
| parent | 31ada792621f17ab7f4f7475405ddd1ec9e9673a (diff) | |
Fixes needed when GitLab sign-in is not enabled
When sign-in is disabled:
- skip password expiration checks
- prevent password reset requests
- don’t show Password tab in User Settings
- don’t allow login with username/password for Git over HTTP requests
- render 404 on requests to Profiles::PasswordsController
Diffstat (limited to 'spec/controllers/passwords_controller_spec.rb')
| -rw-r--r-- | spec/controllers/passwords_controller_spec.rb | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/spec/controllers/passwords_controller_spec.rb b/spec/controllers/passwords_controller_spec.rb new file mode 100644 index 00000000000..2955d01fad0 --- /dev/null +++ b/spec/controllers/passwords_controller_spec.rb @@ -0,0 +1,29 @@ +require 'spec_helper' + +describe PasswordsController do + describe '#check_password_authentication_available' do + before do + @request.env["devise.mapping"] = Devise.mappings[:user] + end + + context 'when password authentication is disabled' do + it 'prevents a password reset' do + stub_application_setting(password_authentication_enabled: false) + + post :create + + expect(flash[:alert]).to eq 'Password authentication is unavailable.' + end + end + + context 'when reset email belongs to an ldap user' do + let(:user) { create(:omniauth_user, provider: 'ldapmain', email: 'ldapuser@gitlab.com') } + + it 'prevents a password reset' do + post :create, user: { email: user.email } + + expect(flash[:alert]).to eq 'Password authentication is unavailable.' + end + end + end +end |