You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by br...@apache.org on 2014/10/10 20:23:41 UTC

git commit: [#7756] upon expired password, send user directly to pwd expiration form

Repository: allura
Updated Branches:
  refs/heads/db/7756 [created] d5f6d7b4e


[#7756] upon expired password, send user directly to pwd expiration form


Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/d5f6d7b4
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/d5f6d7b4
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/d5f6d7b4

Branch: refs/heads/db/7756
Commit: d5f6d7b4e414aeff37fad20f8cc90642397d6294
Parents: 0c4699a
Author: Dave Brondsema <db...@slashdotmedia.com>
Authored: Fri Oct 10 18:23:18 2014 +0000
Committer: Dave Brondsema <db...@slashdotmedia.com>
Committed: Fri Oct 10 18:23:18 2014 +0000

----------------------------------------------------------------------
 Allura/allura/controllers/auth.py           |  3 +--
 Allura/allura/tests/functional/test_auth.py | 10 +++++++---
 2 files changed, 8 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/allura/blob/d5f6d7b4/Allura/allura/controllers/auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/controllers/auth.py b/Allura/allura/controllers/auth.py
index fca553c..da3c808 100644
--- a/Allura/allura/controllers/auth.py
+++ b/Allura/allura/controllers/auth.py
@@ -287,8 +287,7 @@ class AuthController(BaseController):
                 location = tg.url(plugin.AuthenticationProvider.pwd_expired_allowed_urls[0], dict(return_to=return_to))
             else:
                 location = tg.url(plugin.AuthenticationProvider.pwd_expired_allowed_urls[0])
-
-        if return_to and return_to != request.url:
+        elif return_to and return_to != request.url:
             rt_host = urlparse(urljoin(config['base_url'], return_to)).netloc
             base_host = urlparse(config['base_url']).netloc
             if rt_host == base_host:

http://git-wip-us.apache.org/repos/asf/allura/blob/d5f6d7b4/Allura/allura/tests/functional/test_auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_auth.py b/Allura/allura/tests/functional/test_auth.py
index a775e45..cc6ce56 100644
--- a/Allura/allura/tests/functional/test_auth.py
+++ b/Allura/allura/tests/functional/test_auth.py
@@ -1329,8 +1329,8 @@ class TestDisableAccount(TestController):
 
 class TestPasswordExpire(TestController):
 
-    def login(self, username='test-user', pwd='foo'):
-        r = self.app.get('/auth/', extra_environ={'username': '*anonymous'})
+    def login(self, username='test-user', pwd='foo', query_string=''):
+        r = self.app.get('/auth/' + query_string, extra_environ={'username': '*anonymous'})
         f = r.forms[0]
         f['username'] = username
         f['password'] = pwd
@@ -1473,7 +1473,11 @@ class TestPasswordExpire(TestController):
         return_to = '/p/test/tickets/?milestone=1.0&page=2'
         self.set_expire_for_user()
         with h.push_config(config, **{'auth.pwdexpire.days': 90}):
-            r = self.login()
+            r = self.login(query_string='?' + urlencode({'return_to': return_to}))
+            # don't go to the return_to yet
+            assert_equal(r.location, 'http://localhost/auth/pwd_expired?' + urlencode({'return_to': return_to}))
+
+            # but if user tries to go directly there anyway, intercept and redirect back
             self.assert_redirects(where=return_to)
 
             r = self.app.get('/auth/pwd_expired', extra_environ={'username': 'test-user'})