diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb index 63de23259c..49f6c7616b 100644 --- a/app/controllers/admin_controller.rb +++ b/app/controllers/admin_controller.rb @@ -87,8 +87,7 @@ class AdminController < ApplicationController def info @db_adapter_name = ActiveRecord::Base.connection.adapter_name @checklist = [ - [:text_default_administrator_account_changed, - !User.find_by_login('admin').current_password.same_as_plain_password?('admin')], + [:text_default_administrator_account_changed, User.default_admin_account_changed?], [:text_file_repository_writable, File.writable?(Attachment.storage_path)], [:text_rmagick_available, Object.const_defined?(:Magick)] ] diff --git a/app/models/user.rb b/app/models/user.rb index fe0ad00532..ed7b824677 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -864,6 +864,10 @@ class User < Principal def log_failed_login_timestamp self.last_failed_login_on = Time.now end + + def self.default_admin_account_changed? + !User.active.find_by_login('admin').try(:current_password).try(:same_as_plain_password?, 'admin') + end end class AnonymousUser < User diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index b4c56837cd..c82400ef62 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -216,4 +216,47 @@ describe User do end end end + + describe ".default_admin_account_deleted_or_changed?" do + let(:default_admin) { FactoryGirl.build(:user, :login => 'admin', :password => 'admin', :password_confirmation => 'admin', :admin => true) } + + before do + Setting.password_min_length = 5 + end + + context "default admin account exists with default password" do + before do + default_admin.save + end + it { User.default_admin_account_changed?.should be_false } + end + + context "default admin account exists with changed password" do + before do + default_admin.update_attribute :password, 'dafaultAdminPwd' + default_admin.update_attribute :password_confirmation, 'dafaultAdminPwd' + default_admin.save + end + + it { User.default_admin_account_changed?.should be_true } + end + + context "default admin account was deleted" do + before do + default_admin.save + default_admin.delete + end + + it { User.default_admin_account_changed?.should be_true } + end + + context "default admin account was disabled" do + before do + default_admin.status = User::STATUSES[:locked] + default_admin.save + end + + it { User.default_admin_account_changed?.should be_true } + end + end end