Revision d1ff68b5
Added by Stephen Benjamin about 10 years ago
| app/models/user.rb | ||
|---|---|---|
|
# update with returned attrs, maybe some info changed in LDAP
|
||
|
old_hash = user.avatar_hash
|
||
|
User.as :admin do
|
||
|
user.update_attributes(attrs.slice(:firstname, :lastname, :mail, :avatar_hash))
|
||
|
user.update_attributes(attrs.slice(:firstname, :lastname, :mail, :avatar_hash).delete_if { |k, v| v.blank? })
|
||
|
end if attrs.is_a? Hash
|
||
|
|
||
|
# clean up old avatar if it exists and the image isn't in use by anyone else
|
||
| test/unit/user_test.rb | ||
|---|---|---|
|
assert_not_equal last_login, User.find(user.id).last_login_on
|
||
|
end
|
||
|
|
||
|
test "ldap user attribute should be updated when not blank" do
|
||
|
AuthSourceLdap.any_instance.stubs(:authenticate).returns({ :firstname => "Foo" })
|
||
|
u = User.try_to_login("foo", "password")
|
||
|
assert_equal u.firstname, "Foo"
|
||
|
end
|
||
|
|
||
|
test "ldap user attribute should not be updated when blank" do
|
||
|
AuthSourceLdap.any_instance.stubs(:authenticate).returns({ :mail => "" })
|
||
|
u = User.try_to_login("foo", "password")
|
||
|
assert_equal u.mail, "foo@bar.com"
|
||
|
end
|
||
|
|
||
|
test "should not be able to delete the admin account" do
|
||
|
assert !User.find_by_login("admin").destroy
|
||
|
end
|
||
Also available in: Unified diff
fixes #5224 - Don't update a user with blank LDAP attribute values
(cherry picked from commit 2fe12e2c5f011d68cb4afbf3cd5e070e1af36155)