github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-29 01:31:35 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

SECURITY: always allow staff to resend activation mails

Browse Source
This commit is contained in:
Sam
2017-03-13 10:32:24 -04:00
parent 1a745ca16a
commit a690121805
2 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
spec/controllers/users_controller_spec.rb
View File

@ -1423,9 +1423,15 @@ describe UsersController do
it 'should not be valid' do
user = Fabricate(:user)
xhr :post, :send_activation_email, username: user.username
expect(response.status).to eq(403)
end
it 'should allow staff regardless' do
log_in :admin
user = Fabricate(:user, active: false)
xhr :post, :send_activation_email, username: user.username
expect(response.status).to eq(200)
end
end
context 'with a valid email_token' do