Commit 56398ea1 authored by Marin Jankovski's avatar Marin Jankovski
Browse files

Do not sent a generated password via email for admin created user.

parent 275a5281
......@@ -45,6 +45,7 @@ def create
@user = User.new(user_params.merge(opts))
@user.created_by_id = current_user.id
@user.generate_password
@user.generate_reset_token
@user.skip_confirmation!
respond_to do |format|
......
module Emails
module Profile
def new_user_email(user_id, password)
def new_user_email(user_id, password, token)
@user = User.find(user_id)
@password = password
@target_url = user_url(@user)
@token = token
mail(to: @user.email, subject: subject("Account was created for you"))
end
......
......@@ -240,6 +240,15 @@ def generate_password
end
end
def generate_reset_token
@token, enc = Devise.token_generator.generate(self.class, :reset_password_token)
self.reset_password_token = enc
self.reset_password_sent_at = Time.now.utc
@token
end
def namespace_uniq
namespace_name = self.username
if Namespace.find_by(path: namespace_name)
......@@ -488,7 +497,7 @@ def ensure_namespace_correct
def post_create_hook
log_info("User \"#{self.name}\" (#{self.email}) was created")
notification_service.new_user(self)
notification_service.new_user(self, @token)
system_hook_service.execute_hooks_for(self, :create)
end
......
......@@ -105,9 +105,9 @@ def reopen_mr(merge_request, current_user)
end
# Notify new user with email after creation
def new_user(user)
def new_user(user, token = nil)
# Don't email omniauth created users
mailer.new_user_email(user.id, user.password) unless user.extern_uid?
mailer.new_user_email(user.id, user.password, token) unless user.extern_uid?
end
# Notify users on new note in system
......
......@@ -11,11 +11,4 @@
- if @user.created_by_id
%p
password..................................
%code= @password
%p
You will be forced to change this password immediately after login.
%p
= link_to "Click here to login", root_url
= link_to "Click here to set your password", edit_password_url(@user, :reset_password_token => @token)
......@@ -4,10 +4,5 @@ The Administrator created an account for you. Now you are a member of the compan
login.................. <%= @user.email %>
<% if @user.created_by_id %>
password............... <%= @password %>
You will be forced to change this password immediately after login.
<%= link_to "Click here to set your password", edit_password_url(@user, :reset_password_token => @token) %>
<% end %>
Click here to login: <%= url_for(root_url) %>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment