Test for forcing password change on EUMAPI creation

6 years ago · 062a80e7b4
parent fe113cb47c
commit 062a80e7b4
3 changed files with 35 additions and 4 deletions
--- a/lib/sql
+++ b/lib/sql
@ -1 +1 @@
-Subproject commit aeec2bbe067942e577df78f1b9348503a2b48c04
+Subproject commit 51a669f93c5fd6cd0dea7131e41887be13d00daf
--- a/lib/user_account_creator.rb
+++ b/lib/user_account_creator.rb
@ -162,6 +162,10 @@ module CartoDB
        end
      end

+      if @force_password_change && @user.password_expiration_in_d.nil?
+        @custom_errors[:force_password_change] = ['Cannot be set if password expiration is not configured']
+      end
+
      @custom_errors[:oauth] = 'Invalid oauth' if @oauth_api && !@oauth_api.valid?(@user)

      @user.created_via = @created_via
@ -239,8 +243,7 @@ module CartoDB
      @user.viewer = @user_params[PARAM_VIEWER] if @user_params[PARAM_VIEWER]
      @user.org_admin = @user_params[PARAM_ORG_ADMIN] if @user_params[PARAM_ORG_ADMIN]

-      if @force_password_change
-        raise 'Password expiration is not configured' unless @user.password_expiration_in_d
+      if @force_password_change && @user.password_expiration_in_d.present?
        @user.last_password_change_date = Date.today - @user.password_expiration_in_d - 1
      end

--- a/spec/requests/carto/api/organization_users_controller_spec.rb
+++ b/spec/requests/carto/api/organization_users_controller_spec.rb
@ -54,7 +54,8 @@ describe Carto::Api::OrganizationUsersController do
                  soft_obs_general_limit: nil,
                  viewer: nil,
                  org_admin: nil,
-                  email: "#{username}@carto.com")
+                  email: "#{username}@carto.com",
+                  force_password_change: false)

    params = {
      password: '2{Patrañas}',
@ -71,6 +72,7 @@ describe Carto::Api::OrganizationUsersController do
    params[:soft_obs_general_limit] = soft_obs_general_limit unless soft_obs_general_limit.nil?
    params[:viewer] = viewer if viewer
    params[:org_admin] = org_admin if org_admin
+    params[:force_password_change] = force_password_change

    params.except!(:password) unless with_password
    params
@ -349,6 +351,32 @@ describe Carto::Api::OrganizationUsersController do
      @organization.reload
      @organization.users.find { |u| u.username == username }.should be_nil
    end
+
+    describe 'with password expiration' do
+      before(:all) do
+        @organization.password_expiration_in_d = 10
+        @organization.save
+      end
+
+      after(:all) do
+        @organization.password_expiration_in_d = nil
+        @organization.save
+      end
+
+      it 'can create users with expired passwords' do
+        login(@organization.owner)
+        username = unique_name('user')
+        params = user_params(username, org_admin: true, with_password: true, force_password_change: true)
+        post api_v2_organization_users_create_url(id_or_name: @organization.name), params
+
+        last_response.status.should eq 200
+
+        @organization.reload
+        last_user_created = @organization.users.find { |u| u.username == username }
+        expect(last_user_created.password_expired?).to(be(true))
+        last_user_created.destroy
+      end
+    end
  end

  describe 'user update' do