TheDude
/
openproject
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
OpenProject is the leading open source project management software.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32671 Commits
139 Branches
203 Tags
1.2 GiB
Tag: Branch: Tree: f7f17c8d4e
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f7f17c8d4e'
${ noResults }
openproject/spec/controllers/my_controller_spec.rb

232 lines
6.3 KiB
Raw Normal View History Unescape

Add option to prevent former passwords from being reused Squashed from single commits: * Add checks to prevent former passwords from being reused * Make number of banned former passwords configurable Also group settings into fieldsets on the authentication settings page. * Update TestUnit fixtures with UserPasswords * Add migration for creating user passwords * Fix new user password not being immediately used * Add cuke for ban of former passwords * Fix admin info showing whether admin password was changed * Fix password check for user without password and fix tests * Fix password complexity feature after translation changes * Adapt my_controller_spec to UserPasswords * Order UserPasswords by id created_at is not unique within one second, this breaks MySQL tests. id is guaranteed to be unique and monotonically increasing on MySQL and on Postgres(at least as long cache is not set for the sequence). * Rename secure_compare to secure_equals? * Immediately use reduced number of banned former passwords Only check number of former passwords as defined in settings. The number of stored passwords per user is only reduced when a user updates the password. * Add missing copyright notices * Update changelog
12 years ago
#-- copyright
# OpenProject is a project management system.
Update copyright notice
8 years ago
# Copyright (C) 2012-2017 the OpenProject Foundation (OPF)
Add option to prevent former passwords from being reused Squashed from single commits: * Add checks to prevent former passwords from being reused * Make number of banned former passwords configurable Also group settings into fieldsets on the authentication settings page. * Update TestUnit fixtures with UserPasswords * Add migration for creating user passwords * Fix new user password not being immediately used * Add cuke for ban of former passwords * Fix admin info showing whether admin password was changed * Fix password check for user without password and fix tests * Fix password complexity feature after translation changes * Adapt my_controller_spec to UserPasswords * Order UserPasswords by id created_at is not unique within one second, this breaks MySQL tests. id is guaranteed to be unique and monotonically increasing on MySQL and on Postgres(at least as long cache is not set for the sequence). * Rename secure_compare to secure_equals? * Immediately use reduced number of banned former passwords Only check number of former passwords as defined in settings. The number of stored passwords per user is only reduced when a user updates the password. * Add missing copyright notices * Update changelog
12 years ago
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
new copyright header #1903
11 years ago
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
Update copyright notice
8 years ago
# Copyright (C) 2006-2017 Jean-Philippe Lang
new copyright header #1903
11 years ago
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
Add option to prevent former passwords from being reused Squashed from single commits: * Add checks to prevent former passwords from being reused * Make number of banned former passwords configurable Also group settings into fieldsets on the authentication settings page. * Update TestUnit fixtures with UserPasswords * Add migration for creating user passwords * Fix new user password not being immediately used * Add cuke for ban of former passwords * Fix admin info showing whether admin password was changed * Fix password check for user without password and fix tests * Fix password complexity feature after translation changes * Adapt my_controller_spec to UserPasswords * Order UserPasswords by id created_at is not unique within one second, this breaks MySQL tests. id is guaranteed to be unique and monotonically increasing on MySQL and on Postgres(at least as long cache is not set for the sequence). * Rename secure_compare to secure_equals? * Immediately use reduced number of banned former passwords Only check number of former passwords as defined in settings. The number of stored passwords per user is only reduced when a user updates the password. * Add missing copyright notices * Update changelog
12 years ago
# See doc/COPYRIGHT.rdoc for more details.
#++
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
require 'spec_helper'
Use 1.9+ Hash syntax in specs Signed-off-by: Alex Coles <alex@alexbcoles.com>
10 years ago
describe MyController, type: :controller do
Rewrote a test to a spec so it can be disabled by the profile_surveys plugin
11 years ago
let(:user) { FactoryGirl.create(:user) }
before(:each) do
Use login_as helper method throughout all specs
9 years ago
login_as(user)
Rewrote a test to a spec so it can be disabled by the profile_surveys plugin
11 years ago
end
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
describe 'password change' do
Use #describe, #context with String arg not symbol The semantics of `describe` have changed in RSpec 3: passing a symbol rather than a string will change the value of the described object. See discussion here: https://github.com/rspec/rspec-core/issues/1114 Signed-off-by: Alex Coles <alex@alexbcoles.com>
10 years ago
describe '#password' do
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
before do
get :password
end
it 'should render the password template' do
assert_template 'password'
assert_response :success
end
end
spec: don't show "change password" menu entry
10 years ago
describe 'with disabled password login' do
before do
Convert specs to RSpec 2.99.0 syntax with Transpec This conversion is done by Transpec 2.3.6 with the following command: transpec -f * 66 conversions from: it { should ... } to: it { is_expected.to ... } * 53 conversions from: obj.stub(:message) to: allow(obj).to receive(:message) * 20 conversions from: == expected to: eq(expected) * 19 conversions from: obj.should to: expect(obj).to * 7 conversions from: describe 'some request' { } to: describe 'some request', :type => :request { } * 7 conversions from: describe 'some routing' { } to: describe 'some routing', :type => :routing { } * 7 conversions from: its(:attr) { } to: describe '#attr' do subject { super().attr }; it { } end * 5 conversions from: obj.should_not to: expect(obj).not_to * 4 conversions from: describe 'some view' { } to: describe 'some view', :type => :view { } * 3 conversions from: be_true to: be_truthy * 2 conversions from: describe 'some model' { } to: describe 'some model', :type => :model { } * 2 conversions from: its([:key]) { } to: describe '[:key]' do subject { super()[:key] }; it { } end * 2 conversions from: obj.should_receive(:message) to: expect(obj).to receive(:message) * 1 conversion from: be_false to: be_falsey * 1 conversion from: describe 'some controller' { } to: describe 'some controller', :type => :controller { } * 1 conversion from: describe 'some feature' { } to: describe 'some feature', :type => :feature { } * 1 conversion from: it { should_not ... } to: it { is_expected.not_to ... } For more details: https://github.com/yujinakayama/transpec#supported-conversions
10 years ago
allow(OpenProject::Configuration).to receive(:disable_password_login?).and_return(true)
spec: don't show "change password" menu entry
10 years ago
post :change_password
end
it 'is not found' do
expect(response.status).to eq 404
end
end
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
describe 'with wrong confirmation' do
before do
Fix params deprecation Fixes in spec/controllers: ``` DEPRECATION WARNING: ActionController::TestCase HTTP request methods will accept only keyword arguments in future Rails versions. ```
8 years ago
post :change_password,
params: {
password: 'adminADMIN!',
new_password: 'adminADMIN!New',
new_password_confirmation: 'adminADMIN!Other'
}
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
end
it 'should show an error message' do
assert_response :success
assert_template 'password'
adapt spec to changed validation
10 years ago
expect(user.errors.keys).to eq([:password_confirmation])
Fix MyController spec broken in 0a0f6c7b Signed-off-by: Alex Coles <alex@alexbcoles.com>
10 years ago
expect(user.errors.values.flatten.join('')).to include("doesn't match")
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
end
end
describe 'with wrong password' do
render_views
before do
Add option to prevent former passwords from being reused Squashed from single commits: * Add checks to prevent former passwords from being reused * Make number of banned former passwords configurable Also group settings into fieldsets on the authentication settings page. * Update TestUnit fixtures with UserPasswords * Add migration for creating user passwords * Fix new user password not being immediately used * Add cuke for ban of former passwords * Fix admin info showing whether admin password was changed * Fix password check for user without password and fix tests * Fix password complexity feature after translation changes * Adapt my_controller_spec to UserPasswords * Order UserPasswords by id created_at is not unique within one second, this breaks MySQL tests. id is guaranteed to be unique and monotonically increasing on MySQL and on Postgres(at least as long cache is not set for the sequence). * Rename secure_compare to secure_equals? * Immediately use reduced number of banned former passwords Only check number of former passwords as defined in settings. The number of stored passwords per user is only reduced when a user updates the password. * Add missing copyright notices * Update changelog
12 years ago
@current_password = user.current_password.id
Fix params deprecation Fixes in spec/controllers: ``` DEPRECATION WARNING: ActionController::TestCase HTTP request methods will accept only keyword arguments in future Rails versions. ```
8 years ago
post :change_password,
params: {
password: 'wrongpassword',
new_password: 'adminADMIN!New',
new_password_confirmation: 'adminADMIN!New'
}
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
end
it 'should show an error message' do
assert_response :success
assert_template 'password'
Convert specs to RSpec 2.14.8 syntax with Transpec This conversion is done by Transpec 1.10.4 with the following command: transpec * 1414 conversions from: obj.should to: expect(obj).to * 646 conversions from: == expected to: eq(expected) * 376 conversions from: obj.stub(:message) to: allow(obj).to receive(:message) * 107 conversions from: obj.should_not to: expect(obj).not_to * 70 conversions from: obj.should_receive(:message) to: expect(obj).to receive(:message) * 45 conversions from: =~ [1, 2] to: match_array([1, 2]) * 27 conversions from: lambda { }.should to: expect { }.to * 13 conversions from: Klass.any_instance.stub(:message) to: allow_any_instance_of(Klass).to receive(:message) * 8 conversions from: === expected to: be === expected * 7 conversions from: expect { }.not_to raise_error(SpecificErrorClass) to: expect { }.not_to raise_error * 6 conversions from: =~ /pattern/ to: match(/pattern/) * 2 conversions from: obj.should_not_receive(:message) to: expect(obj).not_to receive(:message) * 1 conversion from: < expected to: be < expected * 1 conversion from: obj.stub!(:message) to: allow(obj).to receive(:message) * 1 conversion from: stub('something') to: double('something')
11 years ago
expect(flash[:error]).to eq('Wrong password')
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
end
it 'should not change the password' do
Convert specs to RSpec 2.14.8 syntax with Transpec This conversion is done by Transpec 1.10.4 with the following command: transpec * 1414 conversions from: obj.should to: expect(obj).to * 646 conversions from: == expected to: eq(expected) * 376 conversions from: obj.stub(:message) to: allow(obj).to receive(:message) * 107 conversions from: obj.should_not to: expect(obj).not_to * 70 conversions from: obj.should_receive(:message) to: expect(obj).to receive(:message) * 45 conversions from: =~ [1, 2] to: match_array([1, 2]) * 27 conversions from: lambda { }.should to: expect { }.to * 13 conversions from: Klass.any_instance.stub(:message) to: allow_any_instance_of(Klass).to receive(:message) * 8 conversions from: === expected to: be === expected * 7 conversions from: expect { }.not_to raise_error(SpecificErrorClass) to: expect { }.not_to raise_error * 6 conversions from: =~ /pattern/ to: match(/pattern/) * 2 conversions from: obj.should_not_receive(:message) to: expect(obj).not_to receive(:message) * 1 conversion from: < expected to: be < expected * 1 conversion from: obj.stub!(:message) to: allow(obj).to receive(:message) * 1 conversion from: stub('something') to: double('something')
11 years ago
expect(user.current_password.id).to eq(@current_password)
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
end
end
describe 'with good password and good confirmation' do
before do
Fix params deprecation Fixes in spec/controllers: ``` DEPRECATION WARNING: ActionController::TestCase HTTP request methods will accept only keyword arguments in future Rails versions. ```
8 years ago
post :change_password,
params: {
password: 'adminADMIN!',
new_password: 'adminADMIN!New',
new_password_confirmation: 'adminADMIN!New'
}
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
end
Adjust spec to new menu structure
9 years ago
it 'should redirect to the my password page' do
expect(response).to redirect_to('/my/password')
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
end
it 'should allow the user to login with the new password' do
assert User.try_to_login(user.login, 'adminADMIN!New')
end
end
end
Rewrote a test to a spec so it can be disabled by the profile_surveys plugin
11 years ago
Fix syntax (w/Rubocop) in specs Signed-off-by: Alex Coles <alex@alexbcoles.com>
10 years ago
describe 'account' do
Rewrote a test to a spec so it can be disabled by the profile_surveys plugin
11 years ago
let(:custom_field) { FactoryGirl.create :text_user_custom_field }
before do
custom_field
as_logged_in_user user do
get :account
end
end
Fix syntax (w/Rubocop) in specs Signed-off-by: Alex Coles <alex@alexbcoles.com>
10 years ago
it 'responds with success' do
Rewrote a test to a spec so it can be disabled by the profile_surveys plugin
11 years ago
expect(response).to be_success
end
Fix syntax (w/Rubocop) in specs Signed-off-by: Alex Coles <alex@alexbcoles.com>
10 years ago
it 'renders the account template' do
Rewrote a test to a spec so it can be disabled by the profile_surveys plugin
11 years ago
expect(response).to render_template 'account'
end
Fix syntax (w/Rubocop) in specs Signed-off-by: Alex Coles <alex@alexbcoles.com>
10 years ago
it 'assigns @user' do
Rewrote a test to a spec so it can be disabled by the profile_surveys plugin
11 years ago
expect(assigns(:user)).to eq(user)
end
Fix syntax (w/Rubocop) in specs Signed-off-by: Alex Coles <alex@alexbcoles.com>
10 years ago
context 'with render_views' do
Rewrote a test to a spec so it can be disabled by the profile_surveys plugin
11 years ago
render_views
Fix syntax (w/Rubocop) in specs Signed-off-by: Alex Coles <alex@alexbcoles.com>
10 years ago
it 'renders editable custom fields' do
Fixed direct use of custom field name
11 years ago
expect(response.body).to have_content(custom_field.name)
Rewrote a test to a spec so it can be disabled by the profile_surveys plugin
11 years ago
end
spec: don't show "change password" menu entry
10 years ago
it "renders the 'Change password' menu entry" do
expect(response.body).to have_selector('#menu-sidebar li a', text: 'Change password')
end
end
end
reremove line accidentally readded by merge dc3337a
9 years ago
describe 'settings' do
context 'PATCH' do
before do
as_logged_in_user user do
user.pref.self_notified = false
Fix params deprecation Fixes in spec/controllers: ``` DEPRECATION WARNING: ActionController::TestCase HTTP request methods will accept only keyword arguments in future Rails versions. ```
8 years ago
patch :settings, params: { user: { language: 'en' } }
reremove line accidentally readded by merge dc3337a
9 years ago
end
end
it 'does not alter the email preferences' do
expect(assigns(:user).pref.self_notified?).to be_falsey
end
it 'redirects to settings' do
expect(response).to redirect_to my_settings_path
end
it 'has a successful flash' do
expect(flash[:notice]).to eql I18n.t(:notice_account_updated)
end
end
end
Auto hide popups. https://community.openproject.com/work_packages/24152
8 years ago
describe 'settings:auto_hide_popups' do
context 'with render_views' do
before do
as_logged_in_user user do
get :settings
end
end
render_views
it 'renders auto hide popups checkbox' do
expect(response.body).to have_selector('#my_account_form #pref_auto_hide_popups')
end
end
context 'PATCH' do
before do
as_logged_in_user user do
user.pref.auto_hide_popups = false
patch :settings, params: { user: { language: 'en' } }
end
end
end
end
spec: don't show "change password" menu entry
10 years ago
describe 'account with disabled password login' do
before do
Convert specs to RSpec 2.99.0 syntax with Transpec This conversion is done by Transpec 2.3.6 with the following command: transpec -f * 66 conversions from: it { should ... } to: it { is_expected.to ... } * 53 conversions from: obj.stub(:message) to: allow(obj).to receive(:message) * 20 conversions from: == expected to: eq(expected) * 19 conversions from: obj.should to: expect(obj).to * 7 conversions from: describe 'some request' { } to: describe 'some request', :type => :request { } * 7 conversions from: describe 'some routing' { } to: describe 'some routing', :type => :routing { } * 7 conversions from: its(:attr) { } to: describe '#attr' do subject { super().attr }; it { } end * 5 conversions from: obj.should_not to: expect(obj).not_to * 4 conversions from: describe 'some view' { } to: describe 'some view', :type => :view { } * 3 conversions from: be_true to: be_truthy * 2 conversions from: describe 'some model' { } to: describe 'some model', :type => :model { } * 2 conversions from: its([:key]) { } to: describe '[:key]' do subject { super()[:key] }; it { } end * 2 conversions from: obj.should_receive(:message) to: expect(obj).to receive(:message) * 1 conversion from: be_false to: be_falsey * 1 conversion from: describe 'some controller' { } to: describe 'some controller', :type => :controller { } * 1 conversion from: describe 'some feature' { } to: describe 'some feature', :type => :feature { } * 1 conversion from: it { should_not ... } to: it { is_expected.not_to ... } For more details: https://github.com/yujinakayama/transpec#supported-conversions
10 years ago
allow(OpenProject::Configuration).to receive(:disable_password_login?).and_return(true)
spec: don't show "change password" menu entry
10 years ago
as_logged_in_user user do
get :account
end
end
render_views
it "does not render 'Change password' menu entry" do
expect(response.body).not_to have_selector('#menu-sidebar li a', text: 'Change password')
Rewrote a test to a spec so it can be disabled by the profile_surveys plugin
11 years ago
end
end
spec display of number of reported work packages
11 years ago
Fix syntax (w/Rubocop) in specs Signed-off-by: Alex Coles <alex@alexbcoles.com>
10 years ago
describe 'index' do
spec display of number of reported work packages
11 years ago
render_views
before do
don't use deprecated should syntax
11 years ago
allow_any_instance_of(User).to receive(:reported_work_package_count).and_return(42)
adds specs for the bug
11 years ago
get :index
end
spec display of number of reported work packages
11 years ago
Fix syntax (w/Rubocop) in specs Signed-off-by: Alex Coles <alex@alexbcoles.com>
10 years ago
it 'should show the number of reported packages' do
use translated label for reported work packages
11 years ago
label = Regexp.escape(I18n.t(:label_reported_work_packages))
Fix syntax (w/Rubocop) in specs Signed-off-by: Alex Coles <alex@alexbcoles.com>
10 years ago
expect(response.body).to have_selector('h3', text: /#{label}.*42/)
spec display of number of reported work packages
11 years ago
end
adds specs for the bug
11 years ago
end
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
end