disable sending email or show presence when forgot system user password

This commit is contained in:
Erick Guan 2014-12-10 14:17:49 +08:00
parent 953ac7de8f
commit 9937af7ac4
2 changed files with 16 additions and 3 deletions

View file

@ -120,14 +120,15 @@ class SessionController < ApplicationController
RateLimiter.new(nil, "forgot-password-min-#{request.remote_ip}", 3, 1.minute).performed!
user = User.find_by_username_or_email(params[:login])
if user.present?
user_presence = user.present? && user.id != -1
if user_presence
email_token = user.email_tokens.create(email: user.email)
Jobs.enqueue(:user_email, type: :forgot_password, user_id: user.id, email_token: email_token.token)
end
json = { result: "ok" }
unless SiteSetting.forgot_password_strict
json[:user_found] = user.present?
json[:user_found] = user_presence
end
render json: json

View file

@ -134,7 +134,7 @@ describe SessionController do
@sso.name = @reversed_name
@suggested_username = UserNameSuggester.suggest(@sso.username || @sso.name || @sso.email)
@suggested_name = User.suggest_name(@sso.name || @sso.username || @sso.email)
@suggested_name = User.suggest_name(@sso.name || @sso.username || @sso.email)
@user.create_single_sign_on_record(external_id: '997', last_payload: '')
end
@ -431,6 +431,18 @@ describe SessionController do
end
end
context 'do nothing to system username' do
let(:user) { User.find(-1) }
it 'generates no token for system username' do
lambda { xhr :post, :forgot_password, login: user.username}.should_not change(EmailToken, :count)
end
it 'enqueues no email' do
Jobs.expects(:enqueue).never
xhr :post, :forgot_password, login: user.username
end
end
end
describe '.current' do