Commit 1f269e8f authored by Tiago Botelho's avatar Tiago Botelho

Impersonation no longer gets stuck on password change.

parent fd326fc3
...@@ -210,7 +210,11 @@ class ApplicationController < ActionController::Base ...@@ -210,7 +210,11 @@ class ApplicationController < ActionController::Base
end end
def check_password_expiration def check_password_expiration
if current_user && current_user.password_expires_at && current_user.password_expires_at < Time.now && !current_user.ldap_user? return if session[:impersonator_id] || current_user&.ldap_user?
password_expires_at = current_user&.password_expires_at
if password_expires_at && password_expires_at < Time.now
return redirect_to new_profile_password_path return redirect_to new_profile_password_path
end end
end end
......
---
title: Impersonation no longer gets stuck on password change.
merge_request: 2904
author:
type: fixed
...@@ -6,6 +6,10 @@ describe ApplicationController do ...@@ -6,6 +6,10 @@ describe ApplicationController do
describe '#check_password_expiration' do describe '#check_password_expiration' do
let(:controller) { described_class.new } let(:controller) { described_class.new }
before do
allow(controller).to receive(:session).and_return({})
end
it 'redirects if the user is over their password expiry' do it 'redirects if the user is over their password expiry' do
user.password_expires_at = Time.new(2002) user.password_expires_at = Time.new(2002)
......
...@@ -167,19 +167,36 @@ describe "Admin::Users" do ...@@ -167,19 +167,36 @@ describe "Admin::Users" do
it 'sees impersonation log out icon' do it 'sees impersonation log out icon' do
icon = first('.fa.fa-user-secret') icon = first('.fa.fa-user-secret')
expect(icon).not_to eql nil expect(icon).not_to be nil
end end
it 'logs out of impersonated user back to original user' do it 'logs out of impersonated user back to original user' do
find(:css, 'li.impersonation a').click find(:css, 'li.impersonation a').click
expect(page.find(:css, '.header-user .profile-link')['data-user']).to eql(current_user.username) expect(page.find(:css, '.header-user .profile-link')['data-user']).to eq(current_user.username)
end end
it 'is redirected back to the impersonated users page in the admin after stopping' do it 'is redirected back to the impersonated users page in the admin after stopping' do
find(:css, 'li.impersonation a').click find(:css, 'li.impersonation a').click
expect(current_path).to eql "/admin/users/#{another_user.username}" expect(current_path).to eq("/admin/users/#{another_user.username}")
end
end
context 'when impersonating a user with an expired password' do
before do
another_user.update(password_expires_at: Time.now - 5.minutes)
click_link 'Impersonate'
end
it 'does not redirect to password change page' do
expect(current_path).to eq('/')
end
it 'is redirected back to the impersonated users page in the admin after stopping' do
find(:css, 'li.impersonation a').click
expect(current_path).to eq("/admin/users/#{another_user.username}")
end end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment