diff options
author | Markus Koller <markus-koller@gmx.ch> | 2017-11-23 16:16:14 +0300 |
---|---|---|
committer | Douwe Maan <douwe@gitlab.com> | 2017-11-23 16:16:14 +0300 |
commit | 257fd5713485a05460a9170190100643199a7e48 (patch) | |
tree | afaaddcdc16ac407d72b7b4c0e96d951a141c268 /spec/controllers | |
parent | a6cafbcbe8d6802a81055c3469312f889cd73c9a (diff) |
Allow password authentication to be disabled entirely
Diffstat (limited to 'spec/controllers')
-rw-r--r-- | spec/controllers/application_controller_spec.rb | 9 | ||||
-rw-r--r-- | spec/controllers/passwords_controller_spec.rb | 12 | ||||
-rw-r--r-- | spec/controllers/registrations_controller_spec.rb | 3 |
3 files changed, 13 insertions, 11 deletions
diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb index 768c7e99c96..fe95d1ef9cd 100644 --- a/spec/controllers/application_controller_spec.rb +++ b/spec/controllers/application_controller_spec.rb @@ -41,14 +41,13 @@ describe ApplicationController do controller.send(:check_password_expiration) end - it 'redirects if the user is over their password expiry and sign-in is disabled' do - stub_application_setting(password_authentication_enabled: false) + it 'does not redirect if the user is over their password expiry but password authentication is disabled for the web interface' do + stub_application_setting(password_authentication_enabled_for_web: false) + stub_application_setting(password_authentication_enabled_for_git: false) user.password_expires_at = Time.new(2002) - expect(user.ldap_user?).to be_falsey allow(controller).to receive(:current_user).and_return(user) - expect(controller).to receive(:redirect_to) - expect(controller).to receive(:new_profile_password_path) + expect(controller).not_to receive(:redirect_to) controller.send(:check_password_expiration) end diff --git a/spec/controllers/passwords_controller_spec.rb b/spec/controllers/passwords_controller_spec.rb index 8778bff1190..4d31cfedbd2 100644 --- a/spec/controllers/passwords_controller_spec.rb +++ b/spec/controllers/passwords_controller_spec.rb @@ -1,18 +1,20 @@ require 'spec_helper' describe PasswordsController do - describe '#prevent_ldap_reset' do + describe '#check_password_authentication_available' do before do @request.env["devise.mapping"] = Devise.mappings[:user] end - context 'when password authentication is disabled' do - it 'allows password reset' do - stub_application_setting(password_authentication_enabled: false) + context 'when password authentication is disabled for the web interface and Git' do + it 'prevents a password reset' do + stub_application_setting(password_authentication_enabled_for_web: false) + stub_application_setting(password_authentication_enabled_for_git: false) post :create expect(response).to have_gitlab_http_status(302) + expect(flash[:alert]).to eq 'Password authentication is unavailable.' end end @@ -22,7 +24,7 @@ describe PasswordsController do it 'prevents a password reset' do post :create, user: { email: user.email } - expect(flash[:alert]).to eq('Cannot reset password for LDAP user.') + expect(flash[:alert]).to eq 'Password authentication is unavailable.' end end end diff --git a/spec/controllers/registrations_controller_spec.rb b/spec/controllers/registrations_controller_spec.rb index 1d3ddfbd220..346944fd5b0 100644 --- a/spec/controllers/registrations_controller_spec.rb +++ b/spec/controllers/registrations_controller_spec.rb @@ -118,7 +118,8 @@ describe RegistrationsController do context 'user does not require password confirmation' do before do - stub_application_setting(password_authentication_enabled: false) + stub_application_setting(password_authentication_enabled_for_web: false) + stub_application_setting(password_authentication_enabled_for_git: false) end it 'fails if username confirmation is not provided' do |