devise: use password_strength component in SuperAdmin::PasswordsController
This commit is contained in:
parent
62e4f7ee32
commit
80f9d4adc0
6 changed files with 38 additions and 34 deletions
|
@ -1,19 +1,8 @@
|
|||
class SuperAdmins::PasswordsController < Devise::PasswordsController
|
||||
include DevisePopulatedResource
|
||||
|
||||
def update
|
||||
super
|
||||
self.resource.disable_otp!
|
||||
end
|
||||
|
||||
def test_strength
|
||||
@score, @words, @length = ZxcvbnService.new(password_params[:password]).complexity
|
||||
@min_length = PASSWORD_MIN_LENGTH
|
||||
@min_complexity = PASSWORD_COMPLEXITY_FOR_ADMIN
|
||||
render 'shared/password/test_strength'
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def password_params
|
||||
params.require(:super_admin).permit(:password)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -14,8 +14,6 @@
|
|||
= f.hidden_field :reset_password_token
|
||||
|
||||
= f.label 'Nouveau mot de passe'
|
||||
|
||||
= render partial: 'shared/password/edit_password', locals: { form: f, controller: 'super_admins/passwords' }
|
||||
|
||||
= render 'password_complexity/field', { form: f, test_complexity: populated_resource.validate_password_complexity? }
|
||||
|
||||
= f.submit 'Changer le mot de passe', class: 'button large primary expand', id: "submit-password", data: { disable_with: "Envoi..." }
|
||||
|
|
|
@ -88,10 +88,6 @@ Rails.application.routes.draw do
|
|||
passwords: 'super_admins/passwords'
|
||||
}
|
||||
|
||||
devise_scope :super_admin do
|
||||
get '/super_admins/password/test_strength' => 'super_admins/passwords#test_strength'
|
||||
end
|
||||
|
||||
get 'super_admins/edit_otp', to: 'super_admins#edit_otp', as: 'edit_super_admin_otp'
|
||||
put 'super_admins/enable_otp', to: 'super_admins#enable_otp', as: 'enable_super_admin_otp'
|
||||
|
||||
|
|
|
@ -1,12 +0,0 @@
|
|||
describe SuperAdmins::PasswordsController, type: :controller do
|
||||
describe '#test_strength' do
|
||||
it 'calculate score' do
|
||||
password = "bonjour"
|
||||
@request.env["devise.mapping"] = Devise.mappings[:super_admin]
|
||||
|
||||
get 'test_strength', xhr: true, params: { super_admin: { password: password } }
|
||||
|
||||
expect(assigns(:score)).to be_present
|
||||
end
|
||||
end
|
||||
end
|
|
@ -63,4 +63,37 @@ feature 'Managing password:' do
|
|||
expect(page).to have_content('Votre mot de passe a bien été modifié.')
|
||||
end
|
||||
end
|
||||
|
||||
context 'for super-admins' do
|
||||
let(:super_admin) { create(:super_admin) }
|
||||
let(:weak_password) { '12345678' }
|
||||
let(:strong_password) { 'a new, long, and complicated password!' }
|
||||
|
||||
scenario 'a super-admin can reset their password', js: true do
|
||||
visit manager_root_path
|
||||
click_on 'Mot de passe oublié'
|
||||
expect(page).to have_current_path(new_super_admin_password_path)
|
||||
|
||||
fill_in 'Email', with: super_admin.email
|
||||
perform_enqueued_jobs do
|
||||
click_on 'Demander un nouveau mot de passe'
|
||||
end
|
||||
expect(page).to have_text 'vous recevrez un lien vous permettant de récupérer votre mot de passe'
|
||||
|
||||
click_reset_password_link_for super_admin.email
|
||||
|
||||
expect(page).to have_content 'Changement de mot de passe'
|
||||
|
||||
fill_in 'super_admin_password', with: weak_password
|
||||
expect(page).to have_text('Mot de passe très vulnérable')
|
||||
expect(page).to have_button('Changer le mot de passe', disabled: true)
|
||||
|
||||
fill_in 'super_admin_password', with: strong_password
|
||||
expect(page).to have_text('Mot de passe suffisamment fort et sécurisé')
|
||||
expect(page).to have_button('Changer le mot de passe', disabled: false)
|
||||
|
||||
click_on 'Changer le mot de passe'
|
||||
expect(page).to have_content('Votre mot de passe a bien été modifié.')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -64,9 +64,9 @@ module FeatureHelpers
|
|||
|
||||
def click_reset_password_link_for(email)
|
||||
reset_password_email = open_email(email)
|
||||
token_params = reset_password_email.body.match(/reset_password_token=[^"]+/)
|
||||
reset_password_url = reset_password_email.body.match(/http[s]?:\/\/[^\/]+(\/[^\s]+reset_password_token=[^\s"]+)/)[1]
|
||||
|
||||
visit "/users/password/edit?#{token_params}"
|
||||
visit reset_password_url
|
||||
end
|
||||
|
||||
# Add a new type de champ in the procedure editor
|
||||
|
|
Loading…
Reference in a new issue