Added User.uses_deprecated_password? method

2026-01-01 14:58:50 +01:00 · 2011-09-05 01:10:47 +02:00 · 2011-09-05 01:10:47 +02:00 · 8e23d11054
commit 8e23d11054
parent 34e0573fc4
2 changed files with 18 additions and 0 deletions
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -211,6 +211,11 @@ class User < ActiveRecord::Base
    save(false)
  end

+  # Returns true if the user has a password hashed using SHA-1.
+  def uses_deprecated_password?
+    crypted_password =~ /^[a-f0-9]{40}$/i
+  end
+
 protected

  def self.salted(s)
--- a/test/unit/user_test.rb
+++ b/test/unit/user_test.rb
@ -330,6 +330,19 @@ class UserTest < ActiveSupport::TestCase
       assert_equal u.id, User.find_by_open_id_url(raw_open_id_url).id
     end
  end
+
+  def test_should_discover_using_depracted_password
+    assert_nil @admin_user.uses_deprecated_password?
+    assert_nil @other_user.uses_deprecated_password?
+    assert users(:user_with_sha1_password).uses_deprecated_password?
+  end
+
+  def test_should_not_have_deprecated_password_after_update
+    u = users(:user_with_sha1_password)
+    assert u.uses_deprecated_password?
+    u.change_password("foobar", "foobar")
+    assert_nil u.uses_deprecated_password?
+  end
  
  
  protected