Skip to content

Commit

Permalink
Add fix for admin users with a pending password change
Browse files Browse the repository at this point in the history
Issue fixed with later versions of Decidim but applying the fix
to the module 0.27 version for now as well, see:
decidim/decidim#13354
  • Loading branch information
ahukkanen committed Nov 5, 2024
1 parent 575262b commit 73e6baa
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,19 @@ def first_login_and_not_authorized?(_user)

private

# Fixes an issue with the login if the user has a pending change password.
#
# For further details, see:
# https://github.com/decidim/decidim/pull/13354
#
# This can be removed after the above mentioned PR is merged to the core
# and the fix is shipped in a release.
#
# Issue has been fixed in versions 0.27.6 and 0.28.1.
def change_password_path
decidim.change_password_path
end

def authorize_user(user)
authenticator.authorize_user!(user)
rescue Decidim::HelsinkiProfile::Authentication::AuthorizationBoundToOtherUserError
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -135,6 +135,18 @@
expect(user.email).to eq(email)
expect(user.unconfirmed_email).to be_nil
end

context "when the user is an admin with a pending password change request" do
let!(:user) { create(:user, :admin, organization: organization, email: email, sign_in_count: 1, password_updated_at: 1.year.ago) }

it "redirects to the password change path" do
get(
"/users/auth/helsinki/callback?code=#{code}&state=#{omniauth_state}"
)

expect(response).to redirect_to("/change_password")
end
end
end

context "when email is unverified according to the authenticator" do
Expand Down

0 comments on commit 73e6baa

Please sign in to comment.