devise: use password_strength component in SuperAdmin::PasswordsController
This commit is contained in:
parent
62e4f7ee32
commit
80f9d4adc0
6 changed files with 38 additions and 34 deletions
|
@ -1,19 +1,8 @@
|
||||||
class SuperAdmins::PasswordsController < Devise::PasswordsController
|
class SuperAdmins::PasswordsController < Devise::PasswordsController
|
||||||
|
include DevisePopulatedResource
|
||||||
|
|
||||||
def update
|
def update
|
||||||
super
|
super
|
||||||
self.resource.disable_otp!
|
self.resource.disable_otp!
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_strength
|
|
||||||
@score, @words, @length = ZxcvbnService.new(password_params[:password]).complexity
|
|
||||||
@min_length = PASSWORD_MIN_LENGTH
|
|
||||||
@min_complexity = PASSWORD_COMPLEXITY_FOR_ADMIN
|
|
||||||
render 'shared/password/test_strength'
|
|
||||||
end
|
|
||||||
|
|
||||||
private
|
|
||||||
|
|
||||||
def password_params
|
|
||||||
params.require(:super_admin).permit(:password)
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -14,8 +14,6 @@
|
||||||
= f.hidden_field :reset_password_token
|
= f.hidden_field :reset_password_token
|
||||||
|
|
||||||
= f.label 'Nouveau mot de passe'
|
= f.label 'Nouveau mot de passe'
|
||||||
|
= render 'password_complexity/field', { form: f, test_complexity: populated_resource.validate_password_complexity? }
|
||||||
= render partial: 'shared/password/edit_password', locals: { form: f, controller: 'super_admins/passwords' }
|
|
||||||
|
|
||||||
|
|
||||||
= f.submit 'Changer le mot de passe', class: 'button large primary expand', id: "submit-password", data: { disable_with: "Envoi..." }
|
= f.submit 'Changer le mot de passe', class: 'button large primary expand', id: "submit-password", data: { disable_with: "Envoi..." }
|
||||||
|
|
|
@ -88,10 +88,6 @@ Rails.application.routes.draw do
|
||||||
passwords: 'super_admins/passwords'
|
passwords: 'super_admins/passwords'
|
||||||
}
|
}
|
||||||
|
|
||||||
devise_scope :super_admin do
|
|
||||||
get '/super_admins/password/test_strength' => 'super_admins/passwords#test_strength'
|
|
||||||
end
|
|
||||||
|
|
||||||
get 'super_admins/edit_otp', to: 'super_admins#edit_otp', as: 'edit_super_admin_otp'
|
get 'super_admins/edit_otp', to: 'super_admins#edit_otp', as: 'edit_super_admin_otp'
|
||||||
put 'super_admins/enable_otp', to: 'super_admins#enable_otp', as: 'enable_super_admin_otp'
|
put 'super_admins/enable_otp', to: 'super_admins#enable_otp', as: 'enable_super_admin_otp'
|
||||||
|
|
||||||
|
|
|
@ -1,12 +0,0 @@
|
||||||
describe SuperAdmins::PasswordsController, type: :controller do
|
|
||||||
describe '#test_strength' do
|
|
||||||
it 'calculate score' do
|
|
||||||
password = "bonjour"
|
|
||||||
@request.env["devise.mapping"] = Devise.mappings[:super_admin]
|
|
||||||
|
|
||||||
get 'test_strength', xhr: true, params: { super_admin: { password: password } }
|
|
||||||
|
|
||||||
expect(assigns(:score)).to be_present
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
|
|
@ -63,4 +63,37 @@ feature 'Managing password:' do
|
||||||
expect(page).to have_content('Votre mot de passe a bien été modifié.')
|
expect(page).to have_content('Votre mot de passe a bien été modifié.')
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context 'for super-admins' do
|
||||||
|
let(:super_admin) { create(:super_admin) }
|
||||||
|
let(:weak_password) { '12345678' }
|
||||||
|
let(:strong_password) { 'a new, long, and complicated password!' }
|
||||||
|
|
||||||
|
scenario 'a super-admin can reset their password', js: true do
|
||||||
|
visit manager_root_path
|
||||||
|
click_on 'Mot de passe oublié'
|
||||||
|
expect(page).to have_current_path(new_super_admin_password_path)
|
||||||
|
|
||||||
|
fill_in 'Email', with: super_admin.email
|
||||||
|
perform_enqueued_jobs do
|
||||||
|
click_on 'Demander un nouveau mot de passe'
|
||||||
|
end
|
||||||
|
expect(page).to have_text 'vous recevrez un lien vous permettant de récupérer votre mot de passe'
|
||||||
|
|
||||||
|
click_reset_password_link_for super_admin.email
|
||||||
|
|
||||||
|
expect(page).to have_content 'Changement de mot de passe'
|
||||||
|
|
||||||
|
fill_in 'super_admin_password', with: weak_password
|
||||||
|
expect(page).to have_text('Mot de passe très vulnérable')
|
||||||
|
expect(page).to have_button('Changer le mot de passe', disabled: true)
|
||||||
|
|
||||||
|
fill_in 'super_admin_password', with: strong_password
|
||||||
|
expect(page).to have_text('Mot de passe suffisamment fort et sécurisé')
|
||||||
|
expect(page).to have_button('Changer le mot de passe', disabled: false)
|
||||||
|
|
||||||
|
click_on 'Changer le mot de passe'
|
||||||
|
expect(page).to have_content('Votre mot de passe a bien été modifié.')
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -64,9 +64,9 @@ module FeatureHelpers
|
||||||
|
|
||||||
def click_reset_password_link_for(email)
|
def click_reset_password_link_for(email)
|
||||||
reset_password_email = open_email(email)
|
reset_password_email = open_email(email)
|
||||||
token_params = reset_password_email.body.match(/reset_password_token=[^"]+/)
|
reset_password_url = reset_password_email.body.match(/http[s]?:\/\/[^\/]+(\/[^\s]+reset_password_token=[^\s"]+)/)[1]
|
||||||
|
|
||||||
visit "/users/password/edit?#{token_params}"
|
visit reset_password_url
|
||||||
end
|
end
|
||||||
|
|
||||||
# Add a new type de champ in the procedure editor
|
# Add a new type de champ in the procedure editor
|
||||||
|
|
Loading…
Reference in a new issue