Fixed: Openid registration form should not require user to enter password (#11331).

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@9929 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang 2012-07-07 06:22:35 +00:00
parent 6086aa1be4
commit 76a4b81cf3
3 changed files with 43 additions and 3 deletions

View File

@ -84,8 +84,9 @@ class AccountController < ApplicationController
session[:auth_source_registration] = nil session[:auth_source_registration] = nil
@user = User.new(:language => Setting.default_language) @user = User.new(:language => Setting.default_language)
else else
user_params = params[:user] || {}
@user = User.new @user = User.new
@user.safe_attributes = params[:user] @user.safe_attributes = user_params
@user.admin = false @user.admin = false
@user.register @user.register
if session[:auth_source_registration] if session[:auth_source_registration]
@ -100,7 +101,9 @@ class AccountController < ApplicationController
end end
else else
@user.login = params[:user][:login] @user.login = params[:user][:login]
@user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] unless user_params[:identity_url].present? && user_params[:password].blank? && user_params[:password_confirmation].blank?
@user.password, @user.password_confirmation = user_params[:password], user_params[:password_confirmation]
end
case Setting.self_registration case Setting.self_registration
when '1' when '1'

View File

@ -116,6 +116,42 @@ class AccountControllerTest < ActionController::TestCase
assert_equal 'http://openid.example.com/good_user', assigns(:user)[:identity_url] assert_equal 'http://openid.example.com/good_user', assigns(:user)[:identity_url]
end end
def test_login_with_openid_with_new_user_with_missing_information_should_register
Setting.self_registration = '3'
post :login, :openid_url => 'http://openid.example.com/good_blank_user'
assert_response :success
assert_template 'register'
assert assigns(:user)
assert_equal 'http://openid.example.com/good_blank_user', assigns(:user)[:identity_url]
assert_select 'input[name=?]', 'user[login]'
assert_select 'input[name=?]', 'user[password]'
assert_select 'input[name=?]', 'user[password_confirmation]'
assert_select 'input[name=?][value=?]', 'user[identity_url]', 'http://openid.example.com/good_blank_user'
end
def test_register_after_login_failure_should_not_require_user_to_enter_a_password
Setting.self_registration = '3'
assert_difference 'User.count' do
post :register, :user => {
:login => 'good_blank_user',
:password => '',
:password_confirmation => '',
:firstname => 'Cool',
:lastname => 'User',
:mail => 'user@somedomain.com',
:identity_url => 'http://openid.example.com/good_blank_user'
}
assert_response 302
end
user = User.first(:order => 'id DESC')
assert_equal 'http://openid.example.com/good_blank_user', user.identity_url
assert user.hashed_password.blank?, "Hashed password was #{user.hashed_password}"
end
def test_setting_openid_should_return_true_when_set_to_true def test_setting_openid_should_return_true_when_set_to_true
assert_equal true, Setting.openid? assert_equal true, Setting.openid?
end end

View File

@ -16,9 +16,10 @@ module OpenIdAuthentication
def authenticate_with_open_id(identity_url = params[:openid_url], options = {}) #:doc: def authenticate_with_open_id(identity_url = params[:openid_url], options = {}) #:doc:
if User.find_by_identity_url(identity_url) || identity_url.include?('good') if User.find_by_identity_url(identity_url) || identity_url.include?('good')
extension_response_fields = {}
# Don't process registration fields unless it is requested. # Don't process registration fields unless it is requested.
unless identity_url.include?('blank') || (options[:required].nil? && options[:optional].nil?) unless identity_url.include?('blank') || (options[:required].nil? && options[:optional].nil?)
extension_response_fields = {}
options[:required].each do |field| options[:required].each do |field|
extension_response_fields[field.to_s] = EXTENSION_FIELDS[field.to_s] extension_response_fields[field.to_s] = EXTENSION_FIELDS[field.to_s]