github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-30 07:11:34 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

SECURITY: Confirm new administrator accounts via email

Browse Source
This commit is contained in:
Robin Ward
2017-04-04 13:59:22 -04:00
parent a649014adf
commit 17f2974d0a
13 changed files with 293 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
spec/controllers/admin/users_controller_spec.rb
View File

@ -166,9 +166,9 @@ describe Admin::UsersController do
end
it 'updates the admin flag' do
expect(AdminConfirmation.exists_for?(@another_user.id)).to eq(false)
xhr :put, :grant_admin, user_id: @another_user.id
@another_user.reload
expect(@another_user).to be_admin
expect(AdminConfirmation.exists_for?(@another_user.id)).to eq(true)
end
end
@ -491,7 +491,14 @@ describe Admin::UsersController do
end
context ".invite_admin" do
it "doesn't work when not via API" do
controller.stubs(:is_api?).returns(false)
xhr :post, :invite_admin, name: 'Bill', username: 'bill22', email: 'bill@bill.com'
expect(response).not_to be_success
end
it 'should invite admin' do
controller.stubs(:is_api?).returns(true)
Jobs.expects(:enqueue).with(:critical_user_email, anything).returns(true)
xhr :post, :invite_admin, name: 'Bill', username: 'bill22', email: 'bill@bill.com'
expect(response).to be_success
@ -503,6 +510,7 @@ describe Admin::UsersController do
end
it "doesn't send the email with send_email falsy" do
controller.stubs(:is_api?).returns(true)
Jobs.expects(:enqueue).with(:user_email, anything).never
xhr :post, :invite_admin, name: 'Bill', username: 'bill22', email: 'bill@bill.com', send_email: '0'
expect(response).to be_success