Do not allow reset password with valid sessions.

This commit is contained in:
Martin Edenhofer 2014-12-31 10:27:25 +01:00
parent 0d9adc0d64
commit 761fd162bf
2 changed files with 43 additions and 3 deletions

View file

@ -12,6 +12,11 @@ class Index extends App.ControllerContent
@navigate '#' @navigate '#'
return return
# if we are logged in, no passwort reset is wanted, redirect to app
if @authenticate(true)
@navigate '#'
return
@navHide() @navHide()
# set title # set title
@ -80,6 +85,11 @@ class Verify extends App.ControllerContent
constructor: -> constructor: ->
super super
# if we are logged in, no passwort reset is wanted, redirect to app
if @authenticate(true)
@navigate '#'
return
@navHide() @navHide()
# set title # set title

View file

@ -204,7 +204,7 @@ class SignupPasswordChangeAndResetTest < TestCase
], ],
}, },
{ {
:name => 'reset password', :name => 'reset password (not possible)',
:action => [ :action => [
# got to wrong url # got to wrong url
{ {
@ -216,8 +216,38 @@ class SignupPasswordChangeAndResetTest < TestCase
:area => 'body', :area => 'body',
:value => 'Token is invalid', :value => 'Token is invalid',
}, },
# with valid session
# correct way {
:execute => 'navigate',
:to => browser_url + '/#',
},
{
:execute => 'login',
:username => signup_user_email,
:password => 'some-pass-new2',
},
{
:execute => 'navigate',
:to => browser_url + '/#reset_password',
},
{
:execute => 'wait',
:value => 1,
},
{
:execute => 'match',
:css => 'body',
:value => 'password',
:match_result => false,
},
{
:execute => 'logout',
},
],
},
{
:name => 'reset password (correct way)',
:action => [
{ {
:execute => 'click', :execute => 'click',
:css => 'a[href="#reset_password"]', :css => 'a[href="#reset_password"]',