Commit 6838304a authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets
Browse files

Force user password change for users created by admin

parent 00882b3c
......@@ -55,8 +55,14 @@ def unblock
def create
admin = params[:user].delete("admin")
@admin_user = User.new(params[:user], as: :admin)
opts = {
force_random_password: true,
password_expires_at: Time.now
}
@admin_user = User.new(params[:user].merge(opts), as: :admin)
@admin_user.admin = (admin && admin.to_i > 0)
@admin_user.created_by_id = current_user.id
respond_to do |format|
if @admin_user.save
......
......@@ -367,4 +367,8 @@ def ldap_user?
def accessible_deploy_keys
DeployKey.in_projects(self.master_projects).uniq
end
def created_by
User.find_by_id(created_by_id) if created_by_id
end
end
......@@ -24,19 +24,25 @@
= f.text_field :email, required: true, autocomplete: "off"
%span.help-inline * required
%fieldset
%legend Password
.clearfix
= f.label :password
.input= f.password_field :password, disabled: f.object.force_random_password
.clearfix
= f.label :password_confirmation
.input= f.password_field :password_confirmation, disabled: f.object.force_random_password
-if f.object.new_record?
- if @admin_user.new_record?
%fieldset
%legend Password
.clearfix
= f.label :password
.input
%strong
A temporary password will be generated and sent to user.
%br
User will be forced to change it after first sign in
- else
%fieldset
%legend Password
.clearfix
= f.label :password
.input= f.password_field :password, disabled: f.object.force_random_password
.clearfix
= f.label :force_random_password do
%span Generate random password
.input= f.check_box :force_random_password, {}, true, nil
= f.label :password_confirmation
.input= f.password_field :password_confirmation, disabled: f.object.force_random_password
%fieldset
%legend Access
......
%h3.page_title
User:
= @admin_user.name
- if @admin_user.blocked?
%span.cred (Blocked)
- if @admin_user.admin
%span.cred (Admin)
.pull-right
= link_to edit_admin_user_path(@admin_user), class: "btn grouped btn-small" do
%i.icon-edit
Edit
- unless @admin_user == current_user
- if @admin_user.blocked?
= link_to 'Unblock', unblock_admin_user_path(@admin_user), method: :put, class: "btn grouped btn-small success"
- else
= link_to 'Block', block_admin_user_path(@admin_user), confirm: 'USER WILL BE BLOCKED! Are you sure?', method: :put, class: "btn grouped btn-small btn-remove"
= link_to 'Destroy', [:admin, @admin_user], confirm: "USER #{@admin_user.name} WILL BE REMOVED! Are you sure?", method: :delete, class: "btn grouped btn-small btn-remove"
%hr
.row
.span6
%h3.page_title
= image_tag gravatar_icon(@admin_user.email, 90), class: "avatar s90"
= @admin_user.name
- if @admin_user.blocked?
%span.cred (Blocked)
- if @admin_user.admin
%span.cred (Admin)
.pull-right
= link_to edit_admin_user_path(@admin_user), class: "btn pull-right" do
%i.icon-edit
Edit
%br
%small @#{@admin_user.username}
%br
%small member since #{@admin_user.created_at.stamp("Nov 12, 2031")}
.clearfix
%hr
%p
%span.btn.btn-small
%i.icon-envelope
= mail_to @admin_user.email
- unless @admin_user == current_user
- if @admin_user.blocked?
= link_to 'Unblock', unblock_admin_user_path(@admin_user), method: :put, class: "btn btn-small success"
- else
= link_to 'Block', block_admin_user_path(@admin_user), confirm: 'USER WILL BE BLOCKED! Are you sure?', method: :put, class: "btn btn-small btn-remove"
= link_to 'Destroy', [:admin, @admin_user], confirm: "USER #{@admin_user.name} WILL BE REMOVED! Are you sure?", method: :delete, class: "btn btn-small btn-remove"
.ui-box
%h5.title
Account:
.pull-right
= image_tag gravatar_icon(@admin_user.email, 32), class: "avatar s32"
%ul.well-list
%li
%span.light Name:
%strong= @admin_user.name
%li
%span.light Username:
%strong
= @admin_user.username
%li
%span.light Email:
%strong
= mail_to @admin_user.email
%li
%span.light Member since:
%strong
= @admin_user.created_at.stamp("Nov 12, 2031")
%li
%span.light Last sign-in at:
%strong
= @admin_user.last_sign_in_at.stamp("Nov 12, 2031")
- if @admin_user.ldap_user?
%li
%span.light LDAP uid:
%strong
= @admin_user.extern_uid
- if @admin_user.created_by
%li
%span.light Created by:
%strong
= link_to @admin_user.created_by.name, [:admin, @admin_user.created_by]
%hr
%h5
Add User to Projects
......@@ -67,11 +100,11 @@
.span6
= render 'users/profile', user: @admin_user
.ui-box
%h5.title Projects (#{@projects.count})
%ul.well-list
- @projects.sort_by(&:name_with_namespace).each do |project|
- tm = project.team.get_tm(@admin_user.id)
%li
= link_to admin_project_path(project), class: dom_class(project) do
- if project.namespace
......@@ -79,16 +112,17 @@
\/
%strong.well-title
= truncate(project.name, length: 45)
%span.pull-right.light
- if project.owner == @admin_user
%i.icon-wrench
- tm = project.team.get_tm(@admin_user.id)
- if tm
= tm.project_access_human
= link_to edit_admin_project_member_path(project, tm.user), class: "btn btn-small" do
- if project.owner == @admin_user
%span.label.label-info owner
- if tm
.pull-right
= link_to edit_admin_project_member_path(project, tm.user), class: "btn grouped btn-small" do
%i.icon-edit
= link_to admin_project_member_path(project, tm.user), confirm: remove_from_project_team_message(project, @admin_user), method: :delete, class: "btn btn-small btn-remove" do
= link_to admin_project_member_path(project, tm.user), confirm: remove_from_project_team_message(project, @admin_user), method: :delete, class: "btn grouped btn-small btn-remove" do
%i.icon-remove
%p.light
%i.icon-wrench
– user is a project owner
.pull-right.light
= tm.project_access_human
 
......@@ -8,13 +8,14 @@
%p
login..........................................
%code= @user['email']
%p
- unless Gitlab.config.gitlab.signup_enabled
- if @user.created_by_id
%p
password..................................
%code= @password
%p
Please change your password immediately after login.
%p
You will be forced to change this password immediately after login.
%p
= link_to "Click here to login", root_url
......@@ -3,10 +3,11 @@ Hi <%= @user.name %>!
The Administrator created an account for you. Now you are a member of company GitLab application.
login.................. <%= @user.email %>
<% unless Gitlab.config.gitlab.signup_enabled %>
<% if @user.created_by_id %>
password............... <%= @password %>
You will be forced to change this password immediately after login.
<% end %>
Please change your password immediately after login.
Click here to login: <%= url_for(root_url) %>
class AddCreatedByIdToUser < ActiveRecord::Migration
def change
add_column :users, :created_by_id, :integer
end
end
......@@ -11,7 +11,7 @@
#
# It's strongly recommended to check this file into your version control system.
ActiveRecord::Schema.define(:version => 20130613165816) do
ActiveRecord::Schema.define(:version => 20130613173246) do
create_table "deploy_keys_projects", :force => true do |t|
t.integer "deploy_key_id", :null => false
......@@ -293,6 +293,7 @@
t.integer "color_scheme_id", :default => 1, :null => false
t.integer "notification_level", :default => 1, :null => false
t.datetime "password_expires_at"
t.integer "created_by_id"
end
add_index "users", ["admin"], :name => "index_users_on_admin"
......
......@@ -20,13 +20,10 @@
describe "GET /admin/users/new" do
before do
@password = "123ABC"
visit new_admin_user_path
fill_in "user_name", with: "Big Bang"
fill_in "user_username", with: "bang"
fill_in "user_email", with: "bigbang@mail.com"
fill_in "user_password", with: @password
fill_in "user_password_confirmation", with: @password
end
it "should create new user" do
......@@ -57,26 +54,13 @@
end
it "should send valid email to user with email & password" do
Gitlab.config.gitlab.stub(:signup_enabled).and_return(false)
User.observers.enable :user_observer do
click_button "Create user"
user = User.last
email = ActionMailer::Base.deliveries.last
email.subject.should have_content("Account was created")
email.text_part.body.should have_content(user.email)
email.text_part.body.should have_content(@password)
end
end
it "should send valid email to user with email without password when signup is enabled" do
Gitlab.config.gitlab.stub(:signup_enabled).and_return(true)
User.observers.enable :user_observer do
click_button "Create user"
user = User.last
email = ActionMailer::Base.deliveries.last
email.subject.should have_content("Account was created")
email.text_part.body.should have_content(user.email)
email.text_part.body.should_not have_content(@password)
email.text_part.body.should have_content('password')
end
end
end
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment