references/openproject
1
0
Fork 0
mirror of https://github.com/opf/openproject.git synced 2026-06-14 03:30:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
dev
openproject/spec/factories/user_factory.rb
T
Jan Sandbrink e400fd7e4c Allow changing password if it exists 
Previously we'd be hiding the "change password" dialog on the
basis of an external authentication method existing. However, that's
not enough, because (at least with user remapping enabled) it's possible
that a user that logged in via password once, gained the ability to login
through SSO afterwards. Such a user then can use both mean to authenticate,
thus they also need to be able to change a potentially compromised password.

Much more work is needed here: Users need to be aware that their password still
works, they need to be able to delete a password if they only want to use SSO and
maybe there's also a use case for deleting an SSO association and going back to
password-based logins. However, all of these things require more UI changes and
some proper product development first.

This change is a first step to improve the situation.
2025-11-10 14:00:02 +01:00

131 lines
4.2 KiB
Ruby
Raw Permalink Blame History

# frozen_string_literal: true
#-- copyright
# OpenProject is an open source project management software.
# Copyright (C) the OpenProject GmbH
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2013 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See COPYRIGHT and LICENSE files for more details.
#++
FactoryBot.define do
factory :user, parent: :principal, class: "User" do
firstname { "Bob" }
sequence(:lastname) { |n| "Bobbit#{n}" }
sequence(:login) { |n| "bob#{n}" }
sequence(:mail) { |n| "bobmail#{n}.bobbit@bob.com" }
password { "adminADMIN!" }
password_confirmation { "adminADMIN!" }
transient do
preferences { {} }
authentication_provider { nil }
external_id { SecureRandom.uuid }
end
language { "en" }
status { User.statuses[:active] }
admin { false }
first_login { false if User.table_exists? and User.columns.map(&:name).include? "first_login" }
callback(:after_build) do |user, evaluator|
evaluator.preferences&.each do |key, val|
user.pref[key] = val
end
end
callback(:after_create) do |user, factory|
user.pref.save if factory.preferences.present?
if user.notification_settings.empty?
user.notification_settings = [
create(:notification_setting, user:)
]
end
if factory.authentication_provider.present?
user.user_auth_provider_links.create!(auth_provider: factory.authentication_provider,
external_id: factory.external_id)
end
end
callback(:after_stub) do |user, evaluator|
if evaluator.preferences.present?
# The assign_attributes workaround is required, because assigning user.preference will trigger
# creating a new database record, which raises an error in the build_stubbed context
user.pref.assign_attributes(
build_stubbed(:user_preference, user:, settings: evaluator.preferences).attributes
)
end
end
trait :passwordless do
password { nil }
password_confirmation { nil }
end
factory :admin, parent: :user, class: "User" do
firstname { "OpenProject" }
sequence(:lastname) { |n| "Admin#{n}" }
sequence(:login) { |n| "admin#{n}" }
sequence(:mail) { |n| "admin#{n}@example.com" }
admin { true }
first_login { false if User.table_exists? and User.columns.map(&:name).include? "first_login" }
end
factory :deleted_user, class: "DeletedUser"
factory :locked_user do
firstname { "Locked" }
lastname { "User" }
sequence(:login) { |n| "locked#{n}" }
sequence(:mail) { |n| "locked#{n}@bob.com" }
password { "adminADMIN!" }
password_confirmation { "adminADMIN!" }
status { User.statuses[:locked] }
end
factory :user_marked_for_deletion do
firstname { "Deleted" }
lastname { "User" }
sequence(:login) { |n| "deleted#{n}" }
sequence(:mail) { |n| "deleted#{n}@bob.com" }
password { "adminADMIN!" }
password_confirmation { "adminADMIN!" }
status { User.statuses[:deleted] }
end
factory :invited_user do
status { User.statuses[:invited] }
end
end
factory :anonymous, class: "AnonymousUser" do
initialize_with { User.anonymous }
end
factory :system, class: "SystemUser" do
initialize_with { User.system }
end
end
Reference in New Issue View Git Blame Copy Permalink