adds error for invalid original password

fixes issue #137 from the github tickets. test plan go to change password as user should show error if original password is wrong Change-Id: Ib7fe4472d16f9e95272f9a33190c10c5fd9fa212 Reviewed-on: https://gerrit.instructure.com/11821 Reviewed-by: Jake Sorce <jake@instructure.com> Tested-by: Jenkins <jenkins@instructure.com>
2012-06-28 14:50:03 -06:00 · 2012-06-28 14:50:03 -06:00 · 0f62f020c6
parent fcffb54244
commit 0f62f020c6
2 changed files with 22 additions and 2 deletions
--- a/app/controllers/profile_controller.rb
+++ b/app/controllers/profile_controller.rb
@ -253,10 +253,11 @@ class ProfileController < ApplicationController
          old_password = params[:pseudonym].delete :old_password
          pseudonym_to_update = @user.pseudonyms.find(params[:pseudonym][:password_id]) if params[:pseudonym][:password_id] && change_password
          if change_password == '1' && pseudonym_to_update && !pseudonym_to_update.valid_arbitrary_credentials?(old_password)
+            error_msg = t('errors.invalid_old_passowrd', "Invalid old password for the login %{pseudonym}", :pseudonym => pseudonym_to_update.unique_id)
            pseudonymed = true
-            flash[:error] = t('errors.invalid_old_password', "Invalid old password for the login %{pseudonym}", :pseudonym => pseudonym_to_update.unique_id)
+            flash[:error] = error_msg
            format.html { redirect_to user_profile_url(@current_user) }
-            format.json { render :json => pseudonym_to_update.errors.to_json, :status => :bad_request }
+            format.json { render :json => {:errors => {:old_password => error_msg}}.to_json, :status => :bad_request }
          end
          if change_password != '1' || !pseudonym_to_update || !pseudonym_to_update.valid_arbitrary_credentials?(old_password)
            params[:pseudonym].delete :password
--- a/spec/selenium/profile_spec.rb
+++ b/spec/selenium/profile_spec.rb
@ -34,6 +34,25 @@ describe "profile" do
    end
  end

+  it "should give error - wrong old password" do
+    user_with_pseudonym({:active_user => true})
+    login_as
+    get '/profile/edit'
+    old_password = 'oldpassword'
+    wrong_old_password = 'wrongoldpassword'
+    new_password = 'newpassword'
+    edit_form = click_edit
+    edit_form.find_element(:id, 'change_password_checkbox').click
+    edit_form.find_element(:id, 'old_password').send_keys(wrong_old_password)
+    edit_form.find_element(:id, 'pseudonym_password').send_keys(new_password)
+    edit_form.find_element(:id, 'pseudonym_password_confirmation').send_keys(new_password)
+    submit_form(edit_form)
+    # check to see if error box popped up
+    errorboxes = ff('.error_text')
+    errorboxes.length.should > 1
+    errorboxes.any? {|errorbox| errorbox.text =~ /Invalid old password for the login/}.should be_true
+  end
+
  it "should change the password" do
    user_with_pseudonym({:active_user => true})
    login_as