authpwn_rails 0.15.2 → 0.15.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 2fbda7d8809e12cfb311d5538e09f4e82ada94ee
4
- data.tar.gz: b901e46b029479f4d20c5426b378d4ccf5867c3f
3
+ metadata.gz: c6719080b86f274594a57d3736066da719c014a2
4
+ data.tar.gz: a29c73989fafec440e2a5f0ff7136fffa0c61ddd
5
5
  SHA512:
6
- metadata.gz: 6853c521836ea31383f6a326ed6ab938d76bbc2cc4d98152e0901c303627961115edee8a85cee1da05d0bf618451e5f11e9de86301fca6127208278de1c7bcb4
7
- data.tar.gz: 3b3b0d57b2ff140f9b194a2f21635e60e05154d85e66fe48b0a2225002637cd342d3b2234f6e13662186380ae8b2d3e6f48fc17c2f2feb175013a00ccad7b1fb
6
+ metadata.gz: f39686f3fe9d96375aacf85f10192d0e0bb3a76bad5059a820229c40dc76f3d9cd34e61a8cbac4689f3808423e0266906ca5884e1363eedc82ac69ce0f80e561
7
+ data.tar.gz: f781ce4ed9fc990e028818c140efc71fd5ae1f7ee7655e4819c55803793e63a06e68bac7dd66ebf67a2a9cd014a535f7a095b963ce6e911585e085214ec7466e
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.15.2
1
+ 0.15.3
@@ -5,7 +5,7 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = "authpwn_rails"
8
- s.version = "0.15.2"
8
+ s.version = "0.15.3"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Victor Costan"]
@@ -195,15 +195,13 @@ module SessionController
195
195
  if @credential
196
196
  # An old password is set, must verify it.
197
197
  if @credential.check_password params[:old_password]
198
- success = @credential.update_attributes(
199
- change_password_params[:credential])
198
+ success = @credential.update_attributes change_password_params
200
199
  else
201
200
  success = false
202
201
  flash[:alert] = 'Incorrect old password. Please try again.'
203
202
  end
204
203
  else
205
- @credential = Credentials::Password.new(
206
- change_password_params[:credential])
204
+ @credential = Credentials::Password.new change_password_params
207
205
  @credential.user = current_user
208
206
  success = @credential.save
209
207
  end
@@ -225,13 +223,12 @@ module SessionController
225
223
 
226
224
  # Parameters used to change the user's password.
227
225
  def change_password_params
228
- params.permit :format, :old_password,
229
- credential: [ :password, :password_confirmation ]
226
+ params.require(:credential).permit :password, :password_confirmation
230
227
  end
231
228
  else
232
229
  # Rails 3.
233
230
  def change_password_params
234
- params
231
+ params[:credential]
235
232
  end
236
233
  end
237
234
 
@@ -381,6 +381,17 @@ class SessionControllerApiTest < ActionController::TestCase
381
381
  'hacks'), 'password not changed'
382
382
  end
383
383
 
384
+ test "change_password works with correct input and extra form input" do
385
+ set_session_current_user @user
386
+ post :change_password, old_password: 'password',
387
+ credential: { password: 'hacks', password_confirmation: 'hacks'},
388
+ utf8: "\u2713", commit: 'Change password'
389
+ assert_redirected_to session_url
390
+ assert_equal @password_credential, assigns(:credential)
391
+ assert_equal @user, User.authenticate_signin(@email_credential.email,
392
+ 'hacks'), 'password not changed'
393
+ end
394
+
384
395
  test "change_password rejects bad old password" do
385
396
  set_session_current_user @user
386
397
  post :change_password, old_password: '_password',
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authpwn_rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.15.2
4
+ version: 0.15.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Victor Costan