skip password validation when resetting internally

newleaders · Jun 1, 2013 · d926beb · d926beb
1 parent 7de7bfa
commit d926beb
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 8 deletions.
diff --git a/app/models/thincloud/authentication/identity.rb b/app/models/thincloud/authentication/identity.rb
@@ -13,6 +13,7 @@ class Identity < ::OmniAuth::Identity::Models::ActiveRecord
     # Ensure that a `verification_token` exists for new records.
     after_initialize do
       self.verification_token = SecureRandom.urlsafe_base64 if new_record?
+      self.resetting_identity_password = false
     end
 
     # Only validate password if the 'provider' is 'identity'.
@@ -89,7 +90,7 @@ def apply_omniauth(omniauth)
     def generate_password_reset!
       self.password_reset_token = SecureRandom.urlsafe_base64
       self.password_reset_sent_at = Time.zone.now
-      save!
+      save_with_identity_password_reset!
     end
 
     # Public: Clear password reset fields, reset password_required? requirement
@@ -114,7 +115,9 @@ def identity_provider?
     #
     # Returns: true or false
     def password_required?
-      identity_provider? && (new_record? || password_reset_token.present?)
+      (identity_provider? && check_identity_password?) && (
+        new_record? || password_reset_token.present?
+      )
     end
 
     # Public: Determine if the password confirmation must be provided
@@ -125,5 +128,21 @@ def password_confirmation_required?
         password.present? || password_confirmation.present?
       )
     end
+
+    private
+
+    attr_accessor :resetting_identity_password
+
+    def check_identity_password?
+      !resetting_identity_password
+    end
+
+    def save_with_identity_password_reset!
+      self.resetting_identity_password = true
+      save!
+    ensure
+      self.resetting_identity_password = false
+    end
+
   end
 end
diff --git a/test/models/identity_test.rb b/test/models/identity_test.rb
@@ -107,15 +107,21 @@ module Thincloud::Authentication
 
     describe "#generate_password_reset!" do
       before do
-        Identity.any_instance.stubs(:save!)
+        @identity = Identity.create(
+          user_id: 286,
+          name: "Name",
+          password: "password",
+          password_confirmation: "password",
+          email: "name@gmail.com"
+        )
       end
 
       it "generates a token and records the time" do
-        identity.password_reset_token.must_be_nil
-        identity.password_reset_sent_at.must_be_nil
-        identity.generate_password_reset!
-        identity.password_reset_token.wont_be_nil
-        identity.password_reset_sent_at.wont_be_nil
+        @identity.password_reset_token.must_be_nil
+        @identity.password_reset_sent_at.must_be_nil
+        @identity.generate_password_reset!
+        @identity.password_reset_token.wont_be_nil
+        @identity.password_reset_sent_at.wont_be_nil
       end
     end