Do not allow reset password with valid sessions.

This commit is contained in:
Martin Edenhofer 2014-12-31 10:27:25 +01:00
parent 0d9adc0d64
commit 761fd162bf
2 changed files with 43 additions and 3 deletions

View file

@ -12,6 +12,11 @@ class Index extends App.ControllerContent
@navigate '#'
return
# if we are logged in, no passwort reset is wanted, redirect to app
if @authenticate(true)
@navigate '#'
return
@navHide()
# set title
@ -80,6 +85,11 @@ class Verify extends App.ControllerContent
constructor: ->
super
# if we are logged in, no passwort reset is wanted, redirect to app
if @authenticate(true)
@navigate '#'
return
@navHide()
# set title

View file

@ -204,7 +204,7 @@ class SignupPasswordChangeAndResetTest < TestCase
],
},
{
:name => 'reset password',
:name => 'reset password (not possible)',
:action => [
# got to wrong url
{
@ -216,8 +216,38 @@ class SignupPasswordChangeAndResetTest < TestCase
:area => 'body',
:value => 'Token is invalid',
},
# correct way
# with valid session
{
:execute => 'navigate',
:to => browser_url + '/#',
},
{
:execute => 'login',
:username => signup_user_email,
:password => 'some-pass-new2',
},
{
:execute => 'navigate',
:to => browser_url + '/#reset_password',
},
{
:execute => 'wait',
:value => 1,
},
{
:execute => 'match',
:css => 'body',
:value => 'password',
:match_result => false,
},
{
:execute => 'logout',
},
],
},
{
:name => 'reset password (correct way)',
:action => [
{
:execute => 'click',
:css => 'a[href="#reset_password"]',