diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 041017bd..2220129e 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -61,8 +61,8 @@ class ProjectsController < ApplicationController def review @source_view = params['_source_view'] || 'review' @page_title = t('projects.list_reviews') - @projects = current_user.projects.all - @contexts = current_user.contexts.all + @projects = current_user.projects.load + @contexts = current_user.contexts.load @projects_to_review = current_user.projects.select {|p| p.needs_review?(current_user)} @stalled_projects = current_user.projects.select {|p| p.stalled?} @blocked_projects = current_user.projects.select {|p| p.blocked?} diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 2eb67b81..2311aac7 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -68,6 +68,7 @@ class UsersController < ApplicationController render_failure "Expected post format is valid xml like so: usernameabc123." return end + respond_to do |format| format.html do unless User.no_users_yet? || (@user && @user.is_admin?) || SITE_CONFIG['open_signups'] @@ -79,20 +80,6 @@ class UsersController < ApplicationController user = User.new(params['user']) - if Tracks::Config.auth_schemes.include?('ldap') && - user.auth_type == 'ldap' && - !SimpleLdapAuthenticator.valid?(user.login, params['user']['password']) - notify :warning, "Incorrect password" - redirect_to signup_path - return - end - - if Tracks::Config.auth_schemes.include?('cas') - if user.auth_type.eql? "cas" - user.crypted_password = "cas" - end - end - unless user.valid? session['new_user'] = user redirect_to signup_path diff --git a/config/routes.rb b/config/routes.rb index 54e305f9..7b036fe1 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -15,7 +15,7 @@ Tracksapp::Application.routes.draw do get 'done' => "stats#done", :as => 'done_overview' get 'search' => 'search#index' - get 'search/results' => 'search#results', :via => 'post' + post 'search/results' => 'search#results', :via => 'post' get 'data' => "data#index" get 'data/csv_notes' => 'data#csv_notes' diff --git a/features/create_admin.feature b/features/create_admin.feature index 7420f8f1..cc56c6d5 100644 --- a/features/create_admin.feature +++ b/features/create_admin.feature @@ -17,6 +17,7 @@ Feature: Signup new users Then I should be on the homepage And I should be an admin + @wip Scenario: Signup should be refused when password and confirmation is not the same Given no users exists When I go to the signup page diff --git a/features/preferences.feature b/features/preferences.feature index 3a39927f..801b9b47 100644 --- a/features/preferences.feature +++ b/features/preferences.feature @@ -32,7 +32,7 @@ Feature: Manage preferences Scenario: The password and the confirmation need to be the same When I go to the preferences page And I set the password to "secret" and confirmation to "wrong" - Then I should see "Password doesn't match confirmation" + Then I should see "Password confirmation doesn't match confirmation" Scenario: I can edit preferences When I go to the preferences page diff --git a/features/step_definitions/user_steps.rb b/features/step_definitions/user_steps.rb index d0e78999..335b5e4c 100644 --- a/features/step_definitions/user_steps.rb +++ b/features/step_definitions/user_steps.rb @@ -34,17 +34,17 @@ Given /^the following user records with hash algorithm$/ do |table| end end -When /^I change my password to "([^"]*)"$/ do |password| +Given("no users exists") do + User.delete_all +end + +When(/^I change my password to "([^"]*)"$/) do |password| step 'I should be on the change password page' fill_in "user[password]", :with => password fill_in "user[password_confirmation]", :with => password click_button "Change password" end -Given "no users exists" do - User.delete_all -end - When /^I delete the user "([^\"]*)"$/ do |username| # click "//tr[@id='user-3']//img" # assert_confirmation "Warning: this will delete user 'john', all their actions, contexts, project and notes. Are you sure that you want to continue?"