From c3d5cb2e75cf2179eca3c4aea75fc6b4f1addb59 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Tue, 21 May 2013 10:26:36 -0700 Subject: [PATCH 01/41] added password resets controller and ,migrations --- app/controllers/password_resets_controller.rb | 5 +++++ app/helpers/password_resets_helper.rb | 2 ++ app/mailers/password_mailer.rb | 14 ++++++++++++++ app/services/active_directory.rb | 3 +++ .../password_mailer/password_reset.text.erb | 3 +++ app/views/password_resets/new.html.erb | 2 ++ config/routes.rb | 2 ++ .../20130521171512_add_auth_token_to_users.rb | 9 +++++++++ ...130521171705_add_password_reset_to_users.rb | 11 +++++++++++ db/schema.rb | 3 ++- .../password_resets_controller_spec.rb | 12 ++++++++++++ spec/fixtures/password_mailer/password_reset | 3 +++ spec/helpers/password_resets_helper_spec.rb | 15 +++++++++++++++ spec/mailers/password_mailer_spec.rb | 18 ++++++++++++++++++ .../views/password_resets/new.html.erb_spec.rb | 5 +++++ 15 files changed, 106 insertions(+), 1 deletion(-) create mode 100644 app/controllers/password_resets_controller.rb create mode 100644 app/helpers/password_resets_helper.rb create mode 100644 app/mailers/password_mailer.rb create mode 100644 app/views/password_mailer/password_reset.text.erb create mode 100644 app/views/password_resets/new.html.erb create mode 100644 db/migrate/20130521171512_add_auth_token_to_users.rb create mode 100644 db/migrate/20130521171705_add_password_reset_to_users.rb create mode 100644 spec/controllers/password_resets_controller_spec.rb create mode 100644 spec/fixtures/password_mailer/password_reset create mode 100644 spec/helpers/password_resets_helper_spec.rb create mode 100644 spec/mailers/password_mailer_spec.rb create mode 100644 spec/views/password_resets/new.html.erb_spec.rb diff --git a/app/controllers/password_resets_controller.rb b/app/controllers/password_resets_controller.rb new file mode 100644 index 000000000..37f6e2183 --- /dev/null +++ b/app/controllers/password_resets_controller.rb @@ -0,0 +1,5 @@ +class PasswordResetsController < ApplicationController + def new + end + +end diff --git a/app/helpers/password_resets_helper.rb b/app/helpers/password_resets_helper.rb new file mode 100644 index 000000000..0c9d96ecf --- /dev/null +++ b/app/helpers/password_resets_helper.rb @@ -0,0 +1,2 @@ +module PasswordResetsHelper +end diff --git a/app/mailers/password_mailer.rb b/app/mailers/password_mailer.rb new file mode 100644 index 000000000..51c11ca67 --- /dev/null +++ b/app/mailers/password_mailer.rb @@ -0,0 +1,14 @@ +class PasswordMailer < ActionMailer::Base + default :from => "from@example.com" + + # Subject can be set in your I18n file at config/locales/en.yml + # with the following lookup: + # + # en.password_mailer.password_reset.subject + # + def password_reset + @greeting = "Hi" + + mail :to => "to@example.org" + end +end diff --git a/app/services/active_directory.rb b/app/services/active_directory.rb index daf24cdac..af52f8026 100644 --- a/app/services/active_directory.rb +++ b/app/services/active_directory.rb @@ -58,4 +58,7 @@ def password_encode(password) password.length.times{|i| result+= "#{password[i..i]}\000" } result end + + # Reset user password + end diff --git a/app/views/password_mailer/password_reset.text.erb b/app/views/password_mailer/password_reset.text.erb new file mode 100644 index 000000000..9181ef564 --- /dev/null +++ b/app/views/password_mailer/password_reset.text.erb @@ -0,0 +1,3 @@ +PasswordMailer#password_reset + +<%= @greeting %>, find me in app/views/app/views/password_mailer/password_reset.text.erb diff --git a/app/views/password_resets/new.html.erb b/app/views/password_resets/new.html.erb new file mode 100644 index 000000000..b39009f52 --- /dev/null +++ b/app/views/password_resets/new.html.erb @@ -0,0 +1,2 @@ +

PasswordResets#new

+

Find me in app/views/password_resets/new.html.erb

diff --git a/config/routes.rb b/config/routes.rb index 12bce69df..b34915323 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -1,5 +1,7 @@ CMUEducation::Application.routes.draw do + get "password_resets/new" + #temporary for Mel match 'courses/:course_id/team_deliverables' => 'deliverables#team_index_for_course', :as => :individual_deliverables match 'courses/:course_id/individual_deliverables' => 'deliverables#individual_index_for_course', :as => :team_deliverables diff --git a/db/migrate/20130521171512_add_auth_token_to_users.rb b/db/migrate/20130521171512_add_auth_token_to_users.rb new file mode 100644 index 000000000..a5f994fa8 --- /dev/null +++ b/db/migrate/20130521171512_add_auth_token_to_users.rb @@ -0,0 +1,9 @@ +class AddAuthTokenToUsers < ActiveRecord::Migration + def self.up + add_column :users, :auth_token, :string + end + + def self.down + remove_column :users, :auth_token + end +end diff --git a/db/migrate/20130521171705_add_password_reset_to_users.rb b/db/migrate/20130521171705_add_password_reset_to_users.rb new file mode 100644 index 000000000..c058bb784 --- /dev/null +++ b/db/migrate/20130521171705_add_password_reset_to_users.rb @@ -0,0 +1,11 @@ +class AddPasswordResetToUsers < ActiveRecord::Migration + def self.up + add_column :users, :password_reset_token, :string + add_column :users, :password_reset_sent_at, :datetime + end + + def self.down + remove_column :users, :password_reset_sent_at + remove_column :users, :password_reset_token + end +end diff --git a/db/schema.rb b/db/schema.rb index 894a0d460..421ac3ba2 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended to check this file into your version control system. -ActiveRecord::Schema.define(:version => 20130516223145) do +ActiveRecord::Schema.define(:version => 20130521171512) do create_table "assignments", :force => true do |t| t.string "name" @@ -705,6 +705,7 @@ t.datetime "people_search_first_accessed_at" t.boolean "is_profile_valid" t.datetime "active_directory_account_created" + t.string "auth_token" end add_index "users", ["email"], :name => "index_users_on_email" diff --git a/spec/controllers/password_resets_controller_spec.rb b/spec/controllers/password_resets_controller_spec.rb new file mode 100644 index 000000000..41ab48528 --- /dev/null +++ b/spec/controllers/password_resets_controller_spec.rb @@ -0,0 +1,12 @@ +require 'spec_helper' + +describe PasswordResetsController do + + describe "GET 'new'" do + it "returns http success" do + get 'new' + response.should be_success + end + end + +end diff --git a/spec/fixtures/password_mailer/password_reset b/spec/fixtures/password_mailer/password_reset new file mode 100644 index 000000000..c8a9afe7f --- /dev/null +++ b/spec/fixtures/password_mailer/password_reset @@ -0,0 +1,3 @@ +PasswordMailer#password_reset + +Hi, find me in app/views/password_mailer/password_reset diff --git a/spec/helpers/password_resets_helper_spec.rb b/spec/helpers/password_resets_helper_spec.rb new file mode 100644 index 000000000..02d5babc3 --- /dev/null +++ b/spec/helpers/password_resets_helper_spec.rb @@ -0,0 +1,15 @@ +require 'spec_helper' + +# Specs in this file have access to a helper object that includes +# the PasswordResetsHelper. For example: +# +# describe PasswordResetsHelper do +# describe "string concat" do +# it "concats two strings with spaces" do +# helper.concat_strings("this","that").should == "this that" +# end +# end +# end +describe PasswordResetsHelper do + pending "add some examples to (or delete) #{__FILE__}" +end diff --git a/spec/mailers/password_mailer_spec.rb b/spec/mailers/password_mailer_spec.rb new file mode 100644 index 000000000..06d40d3e8 --- /dev/null +++ b/spec/mailers/password_mailer_spec.rb @@ -0,0 +1,18 @@ +require "spec_helper" + +describe PasswordMailer do + describe "password_reset" do + let(:mail) { PasswordMailer.password_reset } + + it "renders the headers" do + mail.subject.should eq("Password reset") + mail.to.should eq(["to@example.org"]) + mail.from.should eq(["from@example.com"]) + end + + it "renders the body" do + mail.body.encoded.should match("Hi") + end + end + +end diff --git a/spec/views/password_resets/new.html.erb_spec.rb b/spec/views/password_resets/new.html.erb_spec.rb new file mode 100644 index 000000000..38c685343 --- /dev/null +++ b/spec/views/password_resets/new.html.erb_spec.rb @@ -0,0 +1,5 @@ +require 'spec_helper' + +describe "password_resets/new.html.erb" do + pending "add some examples to (or delete) #{__FILE__}" +end From b67edf33b7f82ff3ae5e22dea20311faf5259e57 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Tue, 21 May 2013 12:03:07 -0700 Subject: [PATCH 02/41] added password reset services to active_directory services --- app/controllers/password_resets_controller.rb | 53 ++++++++++++++++++- app/models/user.rb | 9 ++++ app/services/active_directory.rb | 14 ++++- config/routes.rb | 3 +- db/schema.rb | 4 +- 5 files changed, 79 insertions(+), 4 deletions(-) diff --git a/app/controllers/password_resets_controller.rb b/app/controllers/password_resets_controller.rb index 37f6e2183..e6612b08a 100644 --- a/app/controllers/password_resets_controller.rb +++ b/app/controllers/password_resets_controller.rb @@ -1,5 +1,56 @@ + class PasswordResetsController < ApplicationController - def new + layout 'cmu_sv' + + def index + redirect_to new_password_reset_path + end + + # Create new reset request + def create + @user = User.find_by_email(params[:primaryEmail]) + @active_directory_service = ActiveDirectory.new + + if verify_recaptcha(:model=>@user, :attribute=>"verification code") + if @user && @user.personal_email == params[:personalEmail] + @active_directory_service.send_password_reset_token(@user) + else + flash[:error] = "Your entries do not match records" + redirect_to new_password_reset_path and return + end + redirect_to root_url, :notice => "Instructions have been sent to your secondary email account." + else + flash[:error] = "Verification code is wrong" + redirect_to new_password_reset_path + end + end + + # Display edit form with password reset token link + def edit + @user = User.find_by_password_reset_token!(params[:id]) + rescue ActiveRecord::RecordNotFound + redirect_to new_password_reset_path, :flash => { :error => "Password reset link has expired." } end + # Do actual password reset + def update + @user = User.find_by_password_reset_token!(params[:id]) + @active_directory_service = ActiveDirectory.new + respond_to do |format| + if @user.password_reset_sent_at>2.hours.ago + if params[:newPassword] + if @active_directory_service.reset_password(@user, params[:newPassword]) == "Success" + flash[:notice] = "Password has been reset!" + format.html {redirect_to root_url} + else + flash[:error]="Operation was unsuccessful." + redirect_to edit_password_reset_path and return + end + end + else + flash[:error] = "Password reset link has expired." + format.html {redirect_to new_password_reset_path} + end + end + end end diff --git a/app/models/user.rb b/app/models/user.rb index 50b87b765..730b864f0 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -45,6 +45,8 @@ class User < ActiveRecord::Base before_save :person_before_save, :update_is_profile_valid + before_create { generate_token(:auth_token) } + validates_uniqueness_of :webiso_account, :case_sensitive => false validates_uniqueness_of :email, :case_sensitive => false @@ -425,6 +427,13 @@ def self.notify_it_about_expired_accounts end end + # Generate password reset token + def generate_token(column) + begin + self[column] = SecureRandom.urlsafe_base64 + end while User.exists?(column => self[column]) + end + protected def person_before_save # We populate some reasonable defaults, but this can be overridden in the database diff --git a/app/services/active_directory.rb b/app/services/active_directory.rb index af52f8026..d94d18b50 100644 --- a/app/services/active_directory.rb +++ b/app/services/active_directory.rb @@ -59,6 +59,18 @@ def password_encode(password) result end - # Reset user password + # Send active directory password reset token + def send_password_reset_token(user) + user.generate_token(:password_reset_token) + user.password_reset_sent_at = Time.zone.now + user.save! + PasswordMailer.password_reset(user).deliver + end + # Reset active directory password + def reset_password(user, new_pass) + distinguished_name = ldap_distinguished_name(user) + @connection.replace_attribute distinguished_name, :unicodePwd, password_encode(new_pass) + return @connection.get_operation_result.message + end end diff --git a/config/routes.rb b/config/routes.rb index b34915323..3da372cf4 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -1,6 +1,5 @@ CMUEducation::Application.routes.draw do - get "password_resets/new" #temporary for Mel match 'courses/:course_id/team_deliverables' => 'deliverables#team_index_for_course', :as => :individual_deliverables @@ -18,6 +17,8 @@ resources :search, :only => [:index] #get "/deliverables/get_assignments_for_student(.:format)" => "deliverables#get_assignments_for_student" + resources :password_resets + match '/deliverables/get_assignments_for_student(.:format)'=> 'deliverables#get_assignments_for_student' ,:as=> :get_assignments_for_student resources :deliverables diff --git a/db/schema.rb b/db/schema.rb index 421ac3ba2..e641723bd 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended to check this file into your version control system. -ActiveRecord::Schema.define(:version => 20130521171512) do +ActiveRecord::Schema.define(:version => 20130521171705) do create_table "assignments", :force => true do |t| t.string "name" @@ -706,6 +706,8 @@ t.boolean "is_profile_valid" t.datetime "active_directory_account_created" t.string "auth_token" + t.string "password_reset_token" + t.datetime "password_reset_sent_at" end add_index "users", ["email"], :name => "index_users_on_email" From 554ce490055c1138b710ed43a3122627867f352f Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Tue, 21 May 2013 12:07:40 -0700 Subject: [PATCH 03/41] added password reset views --- app/views/password_resets/edit.html.erb | 21 ++++++++++++++++ app/views/password_resets/new.html.erb | 33 +++++++++++++++++++++++-- 2 files changed, 52 insertions(+), 2 deletions(-) create mode 100644 app/views/password_resets/edit.html.erb diff --git a/app/views/password_resets/edit.html.erb b/app/views/password_resets/edit.html.erb new file mode 100644 index 000000000..57c5423e6 --- /dev/null +++ b/app/views/password_resets/edit.html.erb @@ -0,0 +1,21 @@ +<%= javascript_include_tag 'password_reset' %> + +<%= form_for @user, { :url => password_reset_path(params[:id]) } do |f| %> +

+

<%=@user.human_name %>

+

+

+ Instructions +
Your new password must have a digit character, a capital letter, and a minimum of eight characters. +

+

+
+ +

+

+
+ +

+

+
<%= f.submit "Update Password", :onclick=>"return validateEditForm()" %>
+<% end %> diff --git a/app/views/password_resets/new.html.erb b/app/views/password_resets/new.html.erb index b39009f52..15d4464c3 100644 --- a/app/views/password_resets/new.html.erb +++ b/app/views/password_resets/new.html.erb @@ -1,2 +1,31 @@ -

PasswordResets#new

-

Find me in app/views/password_resets/new.html.erb

+ + + +<% content_for :title, 'Whiteboard LMS for CMU-SV' %> + +<%= javascript_include_tag 'password_reset' %> + +

Reset account

+ +
+ +
+
+

+
+

+

+ <%= recaptcha_tags :ssl => true %> +
+ +
+
+ +
+ + + From c10b23ca394786e45d9f52902fcc790c9bf565fe Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Tue, 21 May 2013 12:24:58 -0700 Subject: [PATCH 04/41] added gem recaptcha --- Gemfile | 2 ++ Gemfile.lock | 10 ++-------- config/initializers/recaptcha.rb | 4 ++++ 3 files changed, 8 insertions(+), 8 deletions(-) create mode 100644 config/initializers/recaptcha.rb diff --git a/Gemfile b/Gemfile index 5930b4e5b..029efb535 100644 --- a/Gemfile +++ b/Gemfile @@ -42,6 +42,8 @@ gem 'pg' gem 'net-ldap' +gem "recaptcha", :require => "recaptcha/rails" + gem 'cancan' # gem 'smtp_tls' # Used for sending mail to gmail diff --git a/Gemfile.lock b/Gemfile.lock index cd54fe20e..47ed7f06b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -73,14 +73,7 @@ GEM mime-types (~> 1.16) orm_adapter (~> 0.0.5) cocaine (0.2.0) - columnize (0.3.6) daemons (1.1.9) - debugger (1.5.0) - columnize (>= 0.3.1) - debugger-linecache (~> 1.2.0) - debugger-ruby_core_source (~> 1.2.0) - debugger-linecache (1.2.0) - debugger-ruby_core_source (1.2.0) delayed_job (2.1.4) activesupport (~> 3.0) daemons @@ -194,6 +187,7 @@ GEM rake (0.8.7) rdoc (3.12.2) json (~> 1.4) + recaptcha (0.3.5) rest-client (1.6.7) mime-types (>= 1.16) rmagick (2.13.2) @@ -274,7 +268,6 @@ DEPENDENCIES capybara (= 1.1.1) ckeditor (= 3.6.3) daemons (~> 1.1.4) - debugger delayed_job (= 2.1.4) devise exception_notification @@ -295,6 +288,7 @@ DEPENDENCIES rails (= 3.0.20) rake (= 0.8.7) rdoc + recaptcha rmagick rspec-rails seedbank diff --git a/config/initializers/recaptcha.rb b/config/initializers/recaptcha.rb new file mode 100644 index 000000000..6232d90db --- /dev/null +++ b/config/initializers/recaptcha.rb @@ -0,0 +1,4 @@ +Recaptcha.configure do |config| + config.public_key = '6LfhP98SAAAAAMnnvCdL3ENLN5gZ1X7CkhW3G90N' + config.private_key = '6LfhP98SAAAAAOtg1NcHbREldoWIQdt2WdsVpkVT' +end \ No newline at end of file From d6bbb7e138bb130a466a4fa46ff47e0c1155a684 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Tue, 21 May 2013 12:38:08 -0700 Subject: [PATCH 05/41] added password reset js --- public/javascripts/password_reset.js | 39 ++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 public/javascripts/password_reset.js diff --git a/public/javascripts/password_reset.js b/public/javascripts/password_reset.js new file mode 100644 index 000000000..a6f4dcd71 --- /dev/null +++ b/public/javascripts/password_reset.js @@ -0,0 +1,39 @@ +/* + *This page contains all relevant JS for the password reset pages + */ + + +// Helper function to validate reset form +function validateResetForm(){ + if ( ($("#primaryEmail").val()=="") || ($("#personalEmail").val()=="") ){ + return warn_blank_fields() + } else{ + return true + } +} + +// Helper function to validate edit form +function validateEditForm(){ + var newPass = $("#newPassword").val() + var oldPass = $("#confirmPassword").val() + if ((newPass==oldPass) && newPass!="") { + return true + }else{ + return warn_password_mismatch() + + } +} + +// Warn if password mismatches +function warn_password_mismatch(){ + $("#password_mismatch_warning").empty() + $("#password_mismatch_warning").append($('
').css('color', 'red').text('Password mismatch')); + return false +} + +// Warn if email fields are blank +function warn_blank_fields(){ + $("#blank_email_warning").empty() + $("#blank_email_warning").append($('
').css('color', 'red').text('Blank fields are not allowed')); + return false +} \ No newline at end of file From 232bdce072b1efb4ad72fb1f6300a82ed25fa5e8 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Tue, 21 May 2013 12:54:01 -0700 Subject: [PATCH 06/41] added person mailer --- Gemfile.lock | 8 ++++++++ app/mailers/password_mailer.rb | 11 ----------- db/schema.rb | 5 ++++- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 47ed7f06b..5e35d3cda 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -73,7 +73,14 @@ GEM mime-types (~> 1.16) orm_adapter (~> 0.0.5) cocaine (0.2.0) + columnize (0.3.6) daemons (1.1.9) + debugger (1.5.0) + columnize (>= 0.3.1) + debugger-linecache (~> 1.2.0) + debugger-ruby_core_source (~> 1.2.0) + debugger-linecache (1.2.0) + debugger-ruby_core_source (1.2.0) delayed_job (2.1.4) activesupport (~> 3.0) daemons @@ -268,6 +275,7 @@ DEPENDENCIES capybara (= 1.1.1) ckeditor (= 3.6.3) daemons (~> 1.1.4) + debugger delayed_job (= 2.1.4) devise exception_notification diff --git a/app/mailers/password_mailer.rb b/app/mailers/password_mailer.rb index 51c11ca67..40322fe59 100644 --- a/app/mailers/password_mailer.rb +++ b/app/mailers/password_mailer.rb @@ -1,14 +1,3 @@ class PasswordMailer < ActionMailer::Base - default :from => "from@example.com" - # Subject can be set in your I18n file at config/locales/en.yml - # with the following lookup: - # - # en.password_mailer.password_reset.subject - # - def password_reset - @greeting = "Hi" - - mail :to => "to@example.org" - end end diff --git a/db/schema.rb b/db/schema.rb index e641723bd..05165352e 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended to check this file into your version control system. -ActiveRecord::Schema.define(:version => 20130521171705) do +ActiveRecord::Schema.define(:version => 20130521194045) do create_table "assignments", :force => true do |t| t.string "name" @@ -626,6 +626,9 @@ t.datetime "people_search_first_accessed_at" t.boolean "is_profile_valid" t.datetime "active_directory_account_created" + t.string "auth_token" + t.string "password_reset_token" + t.datetime "password_reset_sent_at" end create_table "users", :force => true do |t| From e013d645e4dc799660efea1e0ebf565f67a30bcb Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Tue, 21 May 2013 13:44:28 -0700 Subject: [PATCH 07/41] added crud methods for password reset controller --- app/controllers/password_resets_controller.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/controllers/password_resets_controller.rb b/app/controllers/password_resets_controller.rb index e6612b08a..00b3e8e3e 100644 --- a/app/controllers/password_resets_controller.rb +++ b/app/controllers/password_resets_controller.rb @@ -1,12 +1,12 @@ - class PasswordResetsController < ApplicationController layout 'cmu_sv' + # Display new password reset page def index redirect_to new_password_reset_path end - # Create new reset request + # Create new password reset request def create @user = User.find_by_email(params[:primaryEmail]) @active_directory_service = ActiveDirectory.new From 147ba53045fd5e525e6ed24cedbde87c329a4930 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Tue, 21 May 2013 13:45:23 -0700 Subject: [PATCH 08/41] added text for password mailer --- app/mailers/password_mailer.rb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/app/mailers/password_mailer.rb b/app/mailers/password_mailer.rb index 40322fe59..a0aa9b8a2 100644 --- a/app/mailers/password_mailer.rb +++ b/app/mailers/password_mailer.rb @@ -1,3 +1,8 @@ class PasswordMailer < ActionMailer::Base + default :from => "whiteboard-noreply@#{GOOGLE_DOMAIN}" + def password_reset(user) + @user = user + mail :to => user.personal_email, :subject => "Whiteboard Password Reset" + end end From e125d923f5ab3c7017901f0eeaf891b4c57e464f Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Tue, 21 May 2013 13:46:05 -0700 Subject: [PATCH 09/41] modified active directory service methods --- app/services/active_directory.rb | 32 ++++++++++++++++++++++++++------ 1 file changed, 26 insertions(+), 6 deletions(-) diff --git a/app/services/active_directory.rb b/app/services/active_directory.rb index d94d18b50..99fdf8cb3 100644 --- a/app/services/active_directory.rb +++ b/app/services/active_directory.rb @@ -10,11 +10,27 @@ def self.initialize @connection.auth LDAPConfig.username, LDAPConfig.password unless LDAPConfig.username.nil? || LDAPConfig.password.nil? end + # Attempt to bind to active directory, time out after N seconds, return true or false + def bind + return false unless !@connection.nil? + begin + Timeout::timeout(10) do + return (@connection.bind) ? true : false + end + rescue Timeout::Error + return false + end + end + # Create a user account in active directory # Return message as "Success", "Unwilling to perform", "Entity exists" or "No such object" def create_account(user) - @connection.add(:dn=>user.ldap_distinguished_name(user), :attributes=>ldap_attributes(user)) - return @connection.get_operation_result.message + if self.bind + @connection.add(:dn=>user.ldap_distinguished_name(user), :attributes=>ldap_attributes(user)) + return @connection.get_operation_result.message + else + return false + end end # Build attributes for active directory account @@ -56,7 +72,7 @@ def password_encode(password) result = "" password = "\"" + password + "\"" password.length.times{|i| result+= "#{password[i..i]}\000" } - result + return result end # Send active directory password reset token @@ -69,8 +85,12 @@ def send_password_reset_token(user) # Reset active directory password def reset_password(user, new_pass) - distinguished_name = ldap_distinguished_name(user) - @connection.replace_attribute distinguished_name, :unicodePwd, password_encode(new_pass) - return @connection.get_operation_result.message + if self.bind + distinguished_name = ldap_distinguished_name(user) + @connection.replace_attribute distinguished_name, :unicodePwd, password_encode(new_pass) + return @connection.get_operation_result.message + else + return false + end end end From 1b02284f414871c5477382bfb58045beda5d34d0 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Tue, 21 May 2013 13:46:45 -0700 Subject: [PATCH 10/41] added forgot passwor link in the cmu_sv layout view --- app/views/layouts/cmu_sv.html.erb | 1 + 1 file changed, 1 insertion(+) diff --git a/app/views/layouts/cmu_sv.html.erb b/app/views/layouts/cmu_sv.html.erb index 4e59bca7d..c80b9f133 100644 --- a/app/views/layouts/cmu_sv.html.erb +++ b/app/views/layouts/cmu_sv.html.erb @@ -95,6 +95,7 @@
  • My Deliverables (Login required)
  • My Teams (Login required)
  • <%= link_to "Login ", user_omniauth_authorize_path(:google_apps), :class => "Lv1NavLink" %>
    • + <%= link_to "Forgot password", new_password_reset_path%> <% end %>
    From 70bbaca055b81825097b557eeefe94500a1dc04f Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Tue, 21 May 2013 13:47:31 -0700 Subject: [PATCH 11/41] added password reset mail text --- app/views/password_mailer/password_reset.text.erb | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/app/views/password_mailer/password_reset.text.erb b/app/views/password_mailer/password_reset.text.erb index 9181ef564..790de4192 100644 --- a/app/views/password_mailer/password_reset.text.erb +++ b/app/views/password_mailer/password_reset.text.erb @@ -1,3 +1,13 @@ -PasswordMailer#password_reset +Hi <%=@user.human_name%>, -<%= @greeting %>, find me in app/views/app/views/password_mailer/password_reset.text.erb +A password reset request for your login to Whiteboard has been received at <%=Time.now%> + +To reset your password, please follow this link. + +<%= edit_password_reset_url(@user.password_reset_token) %> + +Access to this link is only valid for 2 hours. + +If you did not request a password reset, report this to your administrator immediately. + +Thanks. \ No newline at end of file From 1c4b6368a7016c15bfa1774519edd03658275f23 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Tue, 21 May 2013 13:48:14 -0700 Subject: [PATCH 12/41] modified title of new password reset view --- app/views/password_resets/new.html.erb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/views/password_resets/new.html.erb b/app/views/password_resets/new.html.erb index 15d4464c3..b79072d4a 100644 --- a/app/views/password_resets/new.html.erb +++ b/app/views/password_resets/new.html.erb @@ -9,13 +9,13 @@ <%= javascript_include_tag 'password_reset' %> -

    Reset account

    +

    Reset account password


    -

    + >





    From 4946f91680471f96fe8c476f272d5177987d6db4 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Tue, 21 May 2013 13:49:11 -0700 Subject: [PATCH 13/41] added host url in development environment --- config/environments/development.rb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/config/environments/development.rb b/config/environments/development.rb index 656cec995..5ea36faaa 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -24,9 +24,11 @@ # Only use best-standards-support built into browsers config.action_dispatch.best_standards_support = :builtin - ActionMailer::Base.perform_deliveries = false - #ActionMailer::Base.perform_deliveries = true + # ActionMailer::Base.perform_deliveries = false + ActionMailer::Base.perform_deliveries = true + # Specify host url for password reset links in email + config.action_mailer.default_url_options = { :host => "localhost:3000" } ActionMailer::Base.smtp_settings = { :address => "smtp.gmail.com", From 7f8e973e7348f1c08e14a21eec84ddfe79a27db4 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Tue, 21 May 2013 14:30:51 -0700 Subject: [PATCH 14/41] modified flash message for successful password reset --- app/controllers/password_resets_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/password_resets_controller.rb b/app/controllers/password_resets_controller.rb index 00b3e8e3e..038ec0580 100644 --- a/app/controllers/password_resets_controller.rb +++ b/app/controllers/password_resets_controller.rb @@ -18,7 +18,7 @@ def create flash[:error] = "Your entries do not match records" redirect_to new_password_reset_path and return end - redirect_to root_url, :notice => "Instructions have been sent to your secondary email account." + redirect_to root_url, :notice => "Password reset instructions have been sent to your secondary email account." else flash[:error] = "Verification code is wrong" redirect_to new_password_reset_path From 9c50dd7494a448fc7f05929bfd554c33830fcc97 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Wed, 22 May 2013 10:27:22 -0700 Subject: [PATCH 15/41] fixed bug in specs --- Gemfile.lock | 8 ++ .../password_resets_controller_spec.rb | 105 ++++++++++++++++-- spec/mailers/password_mailer_spec.rb | 24 ++-- spec/services/active_directory_spec.rb | 70 ++++++------ 4 files changed, 149 insertions(+), 58 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 47ed7f06b..5e35d3cda 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -73,7 +73,14 @@ GEM mime-types (~> 1.16) orm_adapter (~> 0.0.5) cocaine (0.2.0) + columnize (0.3.6) daemons (1.1.9) + debugger (1.5.0) + columnize (>= 0.3.1) + debugger-linecache (~> 1.2.0) + debugger-ruby_core_source (~> 1.2.0) + debugger-linecache (1.2.0) + debugger-ruby_core_source (1.2.0) delayed_job (2.1.4) activesupport (~> 3.0) daemons @@ -268,6 +275,7 @@ DEPENDENCIES capybara (= 1.1.1) ckeditor (= 3.6.3) daemons (~> 1.1.4) + debugger delayed_job (= 2.1.4) devise exception_notification diff --git a/spec/controllers/password_resets_controller_spec.rb b/spec/controllers/password_resets_controller_spec.rb index 41ab48528..a80af8e5d 100644 --- a/spec/controllers/password_resets_controller_spec.rb +++ b/spec/controllers/password_resets_controller_spec.rb @@ -1,12 +1,93 @@ -require 'spec_helper' - -describe PasswordResetsController do - - describe "GET 'new'" do - it "returns http success" do - get 'new' - response.should be_success - end - end - -end +#require 'spec_helper' +# +#describe PasswordResetsController do +# +# describe 'GET index' do +# before do +# get :index +# end +# it 'should redirect to new password resets path' do +# response.should redirect_to( new_password_reset_path ) +# end +# end +# +# describe 'POST create' do +# before do +# @student_sam = FactoryGirl.create(:student_sam_user, +# :password_reset_token=>"ToKeN", +# :password_reset_sent_at=>Time.now) +# end +# +# context "valid personal email" do +# it 'should send password reset instructions' do +# User.stub(:find_by_email) { student_sam } +# ActiveDirectory.stub(:new) { @active_directory_service } +# @active_directory_service.should_receive(:send_password_reset_token) +# post :create, :primaryEmail=>student_sam.email +# end +# end +# +# context "invalid personal email" do +# before do +# post :create, :primaryEmail=>"invalid_email" +# end +# it 'should redirect to root_url' do +# response.should redirect_to( new_password_reset_path ) +# end +# it 'flash error message' do +# flash[:error].should_not be_nil +# end +# end +# end +# +# describe 'GET edit' do +# before do +# get :edit, :id => "invalid_url" +# end +# it 'should redirect to new password reset path if reset_link is invalid' do +# response.should redirect_to( new_password_reset_path ) +# end +# it 'should flash error if reset_link is invalid' do +# flash[:error].should == "Password reset link has expired." +# end +# end +# +# describe 'POST update' do +# before do +# @ldap_server = Ladle::Server.new(:quiet => true, :port=>3897).start +# @student_sam = FactoryGirl.create(:student_sam_user, +# :password_reset_token=>"ToKeN", +# :password_reset_sent_at=>Time.now) +# ActiveDirectory.stub(:new) { @active_directory_service } +# end +# after do +# @ldap_server.stop if @ldap_server +# end +# +# context "success" do +# before do +# @active_directory_service.should_receive(:reset_password).with(@student_sam, "newPass") { "Success" } +# put :update, :id => @student_sam.password_reset_token, :newPassword=>"newPass" +# end +# it 'should flash notice with success' do +# flash[:notice].should == "Password has been reset!" +# end +# it 'should redirect to root url' do +# response.should redirect_to( root_url ) +# end +# end +# +# context "failure" do +# before do +# @active_directory_service.should_receive(:reset_password).with(@student_sam, "newPass") { "Any other message" } +# put :update, :id => @student_sam.password_reset_token, :newPassword=>"newPass" +# end +# it 'should flash error' do +# flash[:error].should_not be_nil +# end +# it 'should redirect to new_password_reset_path' do +# response.should redirect_to( edit_password_reset_path ) +# end +# end +# end +#end diff --git a/spec/mailers/password_mailer_spec.rb b/spec/mailers/password_mailer_spec.rb index 06d40d3e8..63ed3ad0e 100644 --- a/spec/mailers/password_mailer_spec.rb +++ b/spec/mailers/password_mailer_spec.rb @@ -2,17 +2,19 @@ describe PasswordMailer do describe "password_reset" do - let(:mail) { PasswordMailer.password_reset } - - it "renders the headers" do - mail.subject.should eq("Password reset") - mail.to.should eq(["to@example.org"]) - mail.from.should eq(["from@example.com"]) - end - - it "renders the body" do - mail.body.encoded.should match("Hi") - end + # + #@user = FactoryGirl.create(:student_sally_user) + #let(:mail) { PasswordMailer.password_reset(@user) } + # + #it "renders the headers" do + # mail.subject.should eq("Password reset") + # mail.to.should eq(["to@example.org"]) + # mail.from.should eq(["from@example.com"]) + #end + # + #it "renders the body" do + # mail.body.encoded.should match("Hi") + #end end end diff --git a/spec/services/active_directory_spec.rb b/spec/services/active_directory_spec.rb index 9acd4204f..93acba1dd 100644 --- a/spec/services/active_directory_spec.rb +++ b/spec/services/active_directory_spec.rb @@ -1,35 +1,35 @@ -require "spec_helper" - -describe "ActiveDirectory" do - - before do - @ldap_server = Ladle::Server.new(:quiet => true, :port=>3897).start - @faculty_frank = FactoryGirl.create(:faculty_frank, email: "faculty.frank@sandbox.sv.cmu.edu") - @active_directory_service = ActiveDirectory.new - end - - after do - @ldap_server.stop if @ldap_server - end - - it 'ldap_distinguished_name method returns valid distinguished name for staff' do - @active_directory_service.ldap_distinguished_name(@faculty_frank).should eq("cn=Faculty Frank,ou=Staff,ou=Sync,dc=cmusv,dc=sv,dc=cmu,dc=local") - end - - it 'ldap_distinguished_name method returns valid distinguished name for student' do - @student_sam = FactoryGirl.create(:student_sam, masters_program: 'SE') - @active_directory_service.ldap_distinguished_name(@student_sam).should eq("cn=Student Sam,ou=SE,ou=Students,ou=Sync,dc=cmusv,dc=sv,dc=cmu,dc=local") - end - - it 'ldap_attributes method returns necessary ldap attributes' do - @active_directory_service.ldap_attributes(@faculty_frank).should include( :cn=>"Faculty Frank", - :mail=>"faculty.frank@sandbox.sv.cmu.edu", - :objectclass=>["top", "person", "organizationalPerson", "user"], - :userPrincipalName=>"faculty.frank@sandbox.sv.cmu.edu") - end - - it 'password_encode method encodes password to hexadecimal base 64' do - @active_directory_service.password_encode("pass").should == "\"\x00p\x00a\x00s\x00s\x00\"\x00" - end - -end +#require "spec_helper" +# +#describe "ActiveDirectory" do +# +# before do +# @ldap_server = Ladle::Server.new(:quiet => true, :port=>3897).start +# @faculty_frank = FactoryGirl.create(:faculty_frank, email: "faculty.frank@sandbox.sv.cmu.edu") +# @active_directory_service = ActiveDirectory.new +# end +# +# after do +# @ldap_server.stop if @ldap_server +# end +# +# it 'ldap_distinguished_name method returns valid distinguished name for staff' do +# @active_directory_service.ldap_distinguished_name(@faculty_frank).should eq("cn=Faculty Frank,ou=Staff,ou=Sync,dc=cmusv,dc=sv,dc=cmu,dc=local") +# end +# +# it 'ldap_distinguished_name method returns valid distinguished name for student' do +# @student_sam = FactoryGirl.create(:student_sam, masters_program: 'SE') +# @active_directory_service.ldap_distinguished_name(@student_sam).should eq("cn=Student Sam,ou=SE,ou=Students,ou=Sync,dc=cmusv,dc=sv,dc=cmu,dc=local") +# end +# +# it 'ldap_attributes method returns necessary ldap attributes' do +# @active_directory_service.ldap_attributes(@faculty_frank).should include( :cn=>"Faculty Frank", +# :mail=>"faculty.frank@sandbox.sv.cmu.edu", +# :objectclass=>["top", "person", "organizationalPerson", "user"], +# :userPrincipalName=>"faculty.frank@sandbox.sv.cmu.edu") +# end +# +# it 'password_encode method encodes password to hexadecimal base 64' do +# @active_directory_service.password_encode("pass").should == "\"\x00p\x00a\x00s\x00s\x00\"\x00" +# end +# +#end From c70c27e1d7ad9b9f6a23a5a86c0889503c786412 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Wed, 22 May 2013 10:27:41 -0700 Subject: [PATCH 16/41] fixed bug in specs --- db/schema.rb | 4 +- .../password_resets_controller_spec.rb | 186 +++++++++--------- spec/services/active_directory_spec.rb | 70 +++---- 3 files changed, 129 insertions(+), 131 deletions(-) diff --git a/db/schema.rb b/db/schema.rb index 605577633..2805d0c9d 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,9 +11,7 @@ # # It's strongly recommended to check this file into your version control system. - -ActiveRecord::Schema.define(:version => 20130520033431) do - +ActiveRecord::Schema.define(:version => 20130521194045) do create_table "assignments", :force => true do |t| t.string "name" diff --git a/spec/controllers/password_resets_controller_spec.rb b/spec/controllers/password_resets_controller_spec.rb index a80af8e5d..44df8f2e7 100644 --- a/spec/controllers/password_resets_controller_spec.rb +++ b/spec/controllers/password_resets_controller_spec.rb @@ -1,93 +1,93 @@ -#require 'spec_helper' -# -#describe PasswordResetsController do -# -# describe 'GET index' do -# before do -# get :index -# end -# it 'should redirect to new password resets path' do -# response.should redirect_to( new_password_reset_path ) -# end -# end -# -# describe 'POST create' do -# before do -# @student_sam = FactoryGirl.create(:student_sam_user, -# :password_reset_token=>"ToKeN", -# :password_reset_sent_at=>Time.now) -# end -# -# context "valid personal email" do -# it 'should send password reset instructions' do -# User.stub(:find_by_email) { student_sam } -# ActiveDirectory.stub(:new) { @active_directory_service } -# @active_directory_service.should_receive(:send_password_reset_token) -# post :create, :primaryEmail=>student_sam.email -# end -# end -# -# context "invalid personal email" do -# before do -# post :create, :primaryEmail=>"invalid_email" -# end -# it 'should redirect to root_url' do -# response.should redirect_to( new_password_reset_path ) -# end -# it 'flash error message' do -# flash[:error].should_not be_nil -# end -# end -# end -# -# describe 'GET edit' do -# before do -# get :edit, :id => "invalid_url" -# end -# it 'should redirect to new password reset path if reset_link is invalid' do -# response.should redirect_to( new_password_reset_path ) -# end -# it 'should flash error if reset_link is invalid' do -# flash[:error].should == "Password reset link has expired." -# end -# end -# -# describe 'POST update' do -# before do -# @ldap_server = Ladle::Server.new(:quiet => true, :port=>3897).start -# @student_sam = FactoryGirl.create(:student_sam_user, -# :password_reset_token=>"ToKeN", -# :password_reset_sent_at=>Time.now) -# ActiveDirectory.stub(:new) { @active_directory_service } -# end -# after do -# @ldap_server.stop if @ldap_server -# end -# -# context "success" do -# before do -# @active_directory_service.should_receive(:reset_password).with(@student_sam, "newPass") { "Success" } -# put :update, :id => @student_sam.password_reset_token, :newPassword=>"newPass" -# end -# it 'should flash notice with success' do -# flash[:notice].should == "Password has been reset!" -# end -# it 'should redirect to root url' do -# response.should redirect_to( root_url ) -# end -# end -# -# context "failure" do -# before do -# @active_directory_service.should_receive(:reset_password).with(@student_sam, "newPass") { "Any other message" } -# put :update, :id => @student_sam.password_reset_token, :newPassword=>"newPass" -# end -# it 'should flash error' do -# flash[:error].should_not be_nil -# end -# it 'should redirect to new_password_reset_path' do -# response.should redirect_to( edit_password_reset_path ) -# end -# end -# end -#end +require 'spec_helper' + +describe PasswordResetsController do + + describe 'GET index' do + before do + get :index + end + it 'should redirect to new password resets path' do + response.should redirect_to( new_password_reset_path ) + end + end + + describe 'POST create' do + before do + @student_sam = FactoryGirl.create(:student_sam_user, + :password_reset_token=>"ToKeN", + :password_reset_sent_at=>Time.now) + end + + context "valid personal email" do + it 'should send password reset instructions' do + User.stub(:find_by_email) { @student_sam } + ActiveDirectory.stub(:new) { @active_directory_service } + @active_directory_service.should_receive(:send_password_reset_token) + post :create, :primaryEmail=>@student_sam.email + end + end + + context "invalid personal email" do + before do + post :create, :primaryEmail=>"invalid_email" + end + it 'should redirect to root_url' do + response.should redirect_to( new_password_reset_path ) + end + it 'flash error message' do + flash[:error].should_not be_nil + end + end + end + + describe 'GET edit' do + before do + get :edit, :id => "invalid_url" + end + it 'should redirect to new password reset path if reset_link is invalid' do + response.should redirect_to( new_password_reset_path ) + end + it 'should flash error if reset_link is invalid' do + flash[:error].should == "Password reset link has expired." + end + end + + describe 'POST update' do + before do + @ldap_server = Ladle::Server.new(:quiet => true, :port=>3897).start + @student_sam = FactoryGirl.create(:student_sam_user, + :password_reset_token=>"ToKeN", + :password_reset_sent_at=>Time.now) + ActiveDirectory.stub(:new) { @active_directory_service } + end + after do + @ldap_server.stop if @ldap_server + end + + context "success" do + before do + @active_directory_service.should_receive(:reset_password).with(@student_sam, "newPass") { "Success" } + put :update, :id => @student_sam.password_reset_token, :newPassword=>"newPass" + end + it 'should flash notice with success' do + flash[:notice].should == "Password has been reset!" + end + it 'should redirect to root url' do + response.should redirect_to( root_url ) + end + end + + context "failure" do + before do + @active_directory_service.should_receive(:reset_password).with(@student_sam, "newPass") { "Any other message" } + put :update, :id => @student_sam.password_reset_token, :newPassword=>"newPass" + end + it 'should flash error' do + flash[:error].should_not be_nil + end + it 'should redirect to new_password_reset_path' do + response.should redirect_to( edit_password_reset_path ) + end + end + end +end diff --git a/spec/services/active_directory_spec.rb b/spec/services/active_directory_spec.rb index 93acba1dd..9acd4204f 100644 --- a/spec/services/active_directory_spec.rb +++ b/spec/services/active_directory_spec.rb @@ -1,35 +1,35 @@ -#require "spec_helper" -# -#describe "ActiveDirectory" do -# -# before do -# @ldap_server = Ladle::Server.new(:quiet => true, :port=>3897).start -# @faculty_frank = FactoryGirl.create(:faculty_frank, email: "faculty.frank@sandbox.sv.cmu.edu") -# @active_directory_service = ActiveDirectory.new -# end -# -# after do -# @ldap_server.stop if @ldap_server -# end -# -# it 'ldap_distinguished_name method returns valid distinguished name for staff' do -# @active_directory_service.ldap_distinguished_name(@faculty_frank).should eq("cn=Faculty Frank,ou=Staff,ou=Sync,dc=cmusv,dc=sv,dc=cmu,dc=local") -# end -# -# it 'ldap_distinguished_name method returns valid distinguished name for student' do -# @student_sam = FactoryGirl.create(:student_sam, masters_program: 'SE') -# @active_directory_service.ldap_distinguished_name(@student_sam).should eq("cn=Student Sam,ou=SE,ou=Students,ou=Sync,dc=cmusv,dc=sv,dc=cmu,dc=local") -# end -# -# it 'ldap_attributes method returns necessary ldap attributes' do -# @active_directory_service.ldap_attributes(@faculty_frank).should include( :cn=>"Faculty Frank", -# :mail=>"faculty.frank@sandbox.sv.cmu.edu", -# :objectclass=>["top", "person", "organizationalPerson", "user"], -# :userPrincipalName=>"faculty.frank@sandbox.sv.cmu.edu") -# end -# -# it 'password_encode method encodes password to hexadecimal base 64' do -# @active_directory_service.password_encode("pass").should == "\"\x00p\x00a\x00s\x00s\x00\"\x00" -# end -# -#end +require "spec_helper" + +describe "ActiveDirectory" do + + before do + @ldap_server = Ladle::Server.new(:quiet => true, :port=>3897).start + @faculty_frank = FactoryGirl.create(:faculty_frank, email: "faculty.frank@sandbox.sv.cmu.edu") + @active_directory_service = ActiveDirectory.new + end + + after do + @ldap_server.stop if @ldap_server + end + + it 'ldap_distinguished_name method returns valid distinguished name for staff' do + @active_directory_service.ldap_distinguished_name(@faculty_frank).should eq("cn=Faculty Frank,ou=Staff,ou=Sync,dc=cmusv,dc=sv,dc=cmu,dc=local") + end + + it 'ldap_distinguished_name method returns valid distinguished name for student' do + @student_sam = FactoryGirl.create(:student_sam, masters_program: 'SE') + @active_directory_service.ldap_distinguished_name(@student_sam).should eq("cn=Student Sam,ou=SE,ou=Students,ou=Sync,dc=cmusv,dc=sv,dc=cmu,dc=local") + end + + it 'ldap_attributes method returns necessary ldap attributes' do + @active_directory_service.ldap_attributes(@faculty_frank).should include( :cn=>"Faculty Frank", + :mail=>"faculty.frank@sandbox.sv.cmu.edu", + :objectclass=>["top", "person", "organizationalPerson", "user"], + :userPrincipalName=>"faculty.frank@sandbox.sv.cmu.edu") + end + + it 'password_encode method encodes password to hexadecimal base 64' do + @active_directory_service.password_encode("pass").should == "\"\x00p\x00a\x00s\x00s\x00\"\x00" + end + +end From be9e560f64c6d25871f958beedb9f76e0f52d810 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Mon, 10 Jun 2013 13:25:53 -0700 Subject: [PATCH 17/41] added 'at' at the end of active_directory-account_create --- app/models/user.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/user.rb b/app/models/user.rb index 0693514b1..a7d94442c 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -287,7 +287,7 @@ def create_active_directory_account # Attempt to create active directory account active_directory_service = ActiveDirectory.new if active_directory_service.create_account(self) == "Success" - self.active_directory_account_created = Time.now() + self.active_directory_account_created_at = Time.now() self.save end end From 6036f8fad843748cb3c655757841b6848de54137 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Mon, 10 Jun 2013 13:27:31 -0700 Subject: [PATCH 18/41] modified notification message on successful password reset --- app/controllers/password_resets_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/password_resets_controller.rb b/app/controllers/password_resets_controller.rb index 038ec0580..f3ebf40c4 100644 --- a/app/controllers/password_resets_controller.rb +++ b/app/controllers/password_resets_controller.rb @@ -43,7 +43,7 @@ def update flash[:notice] = "Password has been reset!" format.html {redirect_to root_url} else - flash[:error]="Operation was unsuccessful." + flash[:error]="Password reset was unsuccessful." redirect_to edit_password_reset_path and return end end From af57d11e4e627c52febd9bd909e2c4475d5d5dc0 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Mon, 10 Jun 2013 13:41:34 -0700 Subject: [PATCH 19/41] renamed active directory services to active directory services --- app/models/user.rb | 4 ++-- app/services/active_directory.rb | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index a7d94442c..b19c44e2e 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -285,8 +285,8 @@ def create_active_directory_account end # Attempt to create active directory account - active_directory_service = ActiveDirectory.new - if active_directory_service.create_account(self) == "Success" + active_directory_services = ActiveDirectoryServices.new + if active_directory_services.create_account(self) == "Success" self.active_directory_account_created_at = Time.now() self.save end diff --git a/app/services/active_directory.rb b/app/services/active_directory.rb index 99fdf8cb3..be45ee5fa 100644 --- a/app/services/active_directory.rb +++ b/app/services/active_directory.rb @@ -1,7 +1,7 @@ require 'net/ldap' # This class provides active directory services -class ActiveDirectory +class ActiveDirectoryServices # Initialize connection to active directory def self.initialize From 0a4156ac68948dbf71c078eb3e4b4e212ddacb06 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Mon, 10 Jun 2013 13:42:19 -0700 Subject: [PATCH 20/41] renamed active directory services to active directory services --- spec/services/active_directory_spec.rb | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/spec/services/active_directory_spec.rb b/spec/services/active_directory_spec.rb index 9acd4204f..ec8f64ff1 100644 --- a/spec/services/active_directory_spec.rb +++ b/spec/services/active_directory_spec.rb @@ -5,7 +5,7 @@ before do @ldap_server = Ladle::Server.new(:quiet => true, :port=>3897).start @faculty_frank = FactoryGirl.create(:faculty_frank, email: "faculty.frank@sandbox.sv.cmu.edu") - @active_directory_service = ActiveDirectory.new + @active_directory_services = ActiveDirectoryServices.new end after do @@ -13,23 +13,23 @@ end it 'ldap_distinguished_name method returns valid distinguished name for staff' do - @active_directory_service.ldap_distinguished_name(@faculty_frank).should eq("cn=Faculty Frank,ou=Staff,ou=Sync,dc=cmusv,dc=sv,dc=cmu,dc=local") + @active_directory_services.ldap_distinguished_name(@faculty_frank).should eq("cn=Faculty Frank,ou=Staff,ou=Sync,dc=cmusv,dc=sv,dc=cmu,dc=local") end it 'ldap_distinguished_name method returns valid distinguished name for student' do @student_sam = FactoryGirl.create(:student_sam, masters_program: 'SE') - @active_directory_service.ldap_distinguished_name(@student_sam).should eq("cn=Student Sam,ou=SE,ou=Students,ou=Sync,dc=cmusv,dc=sv,dc=cmu,dc=local") + @active_directory_services.ldap_distinguished_name(@student_sam).should eq("cn=Student Sam,ou=SE,ou=Students,ou=Sync,dc=cmusv,dc=sv,dc=cmu,dc=local") end it 'ldap_attributes method returns necessary ldap attributes' do - @active_directory_service.ldap_attributes(@faculty_frank).should include( :cn=>"Faculty Frank", + @active_directory_services.ldap_attributes(@faculty_frank).should include( :cn=>"Faculty Frank", :mail=>"faculty.frank@sandbox.sv.cmu.edu", :objectclass=>["top", "person", "organizationalPerson", "user"], :userPrincipalName=>"faculty.frank@sandbox.sv.cmu.edu") end it 'password_encode method encodes password to hexadecimal base 64' do - @active_directory_service.password_encode("pass").should == "\"\x00p\x00a\x00s\x00s\x00\"\x00" + @active_directory_services.password_encode("pass").should == "\"\x00p\x00a\x00s\x00s\x00\"\x00" end end From bfdd2d70a755b21027e28a5e6bb49f51c06d2b56 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Mon, 10 Jun 2013 17:34:32 -0700 Subject: [PATCH 21/41] renamed ActiveDirectory to ActiveDirectoryServices --- Gemfile.lock | 8 ++++++++ app/controllers/password_resets_controller.rb | 8 ++++---- app/services/active_directory.rb | 2 +- spec/controllers/password_resets_controller_spec.rb | 12 +++++++----- 4 files changed, 20 insertions(+), 10 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 47ed7f06b..5e35d3cda 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -73,7 +73,14 @@ GEM mime-types (~> 1.16) orm_adapter (~> 0.0.5) cocaine (0.2.0) + columnize (0.3.6) daemons (1.1.9) + debugger (1.5.0) + columnize (>= 0.3.1) + debugger-linecache (~> 1.2.0) + debugger-ruby_core_source (~> 1.2.0) + debugger-linecache (1.2.0) + debugger-ruby_core_source (1.2.0) delayed_job (2.1.4) activesupport (~> 3.0) daemons @@ -268,6 +275,7 @@ DEPENDENCIES capybara (= 1.1.1) ckeditor (= 3.6.3) daemons (~> 1.1.4) + debugger delayed_job (= 2.1.4) devise exception_notification diff --git a/app/controllers/password_resets_controller.rb b/app/controllers/password_resets_controller.rb index f3ebf40c4..44e769454 100644 --- a/app/controllers/password_resets_controller.rb +++ b/app/controllers/password_resets_controller.rb @@ -9,11 +9,11 @@ def index # Create new password reset request def create @user = User.find_by_email(params[:primaryEmail]) - @active_directory_service = ActiveDirectory.new + @active_directory_services = ActiveDirectoryServices.new if verify_recaptcha(:model=>@user, :attribute=>"verification code") if @user && @user.personal_email == params[:personalEmail] - @active_directory_service.send_password_reset_token(@user) + @active_directory_services.send_password_reset_token(@user) else flash[:error] = "Your entries do not match records" redirect_to new_password_reset_path and return @@ -35,11 +35,11 @@ def edit # Do actual password reset def update @user = User.find_by_password_reset_token!(params[:id]) - @active_directory_service = ActiveDirectory.new + @active_directory_services = ActiveDirectoryServices.new respond_to do |format| if @user.password_reset_sent_at>2.hours.ago if params[:newPassword] - if @active_directory_service.reset_password(@user, params[:newPassword]) == "Success" + if @active_directory_services.reset_password(@user, params[:newPassword]) == "Success" flash[:notice] = "Password has been reset!" format.html {redirect_to root_url} else diff --git a/app/services/active_directory.rb b/app/services/active_directory.rb index be45ee5fa..18bb21e11 100644 --- a/app/services/active_directory.rb +++ b/app/services/active_directory.rb @@ -90,7 +90,7 @@ def reset_password(user, new_pass) @connection.replace_attribute distinguished_name, :unicodePwd, password_encode(new_pass) return @connection.get_operation_result.message else - return false + return true end end end diff --git a/spec/controllers/password_resets_controller_spec.rb b/spec/controllers/password_resets_controller_spec.rb index 44df8f2e7..8a1fca454 100644 --- a/spec/controllers/password_resets_controller_spec.rb +++ b/spec/controllers/password_resets_controller_spec.rb @@ -16,13 +16,14 @@ @student_sam = FactoryGirl.create(:student_sam_user, :password_reset_token=>"ToKeN", :password_reset_sent_at=>Time.now) + @active_directory_services = ActiveDirectoryServices.new end context "valid personal email" do it 'should send password reset instructions' do User.stub(:find_by_email) { @student_sam } - ActiveDirectory.stub(:new) { @active_directory_service } - @active_directory_service.should_receive(:send_password_reset_token) + ActiveDirectoryServices.stub(:new) { @active_directory_services } + @active_directory_services.should_receive(:send_password_reset_token) post :create, :primaryEmail=>@student_sam.email end end @@ -58,7 +59,8 @@ @student_sam = FactoryGirl.create(:student_sam_user, :password_reset_token=>"ToKeN", :password_reset_sent_at=>Time.now) - ActiveDirectory.stub(:new) { @active_directory_service } + @active_directory_services = ActiveDirectoryServices.new + ActiveDirectoryServices.stub(:new).and_return(@active_directory_services) end after do @ldap_server.stop if @ldap_server @@ -66,7 +68,7 @@ context "success" do before do - @active_directory_service.should_receive(:reset_password).with(@student_sam, "newPass") { "Success" } + @active_directory_services.stub(:reset_password).with(@student_sam, "newPass").and_return("Success") put :update, :id => @student_sam.password_reset_token, :newPassword=>"newPass" end it 'should flash notice with success' do @@ -79,7 +81,7 @@ context "failure" do before do - @active_directory_service.should_receive(:reset_password).with(@student_sam, "newPass") { "Any other message" } + @active_directory_services.stub(:reset_password).with(@student_sam, "newPass").and_return("Any other message") put :update, :id => @student_sam.password_reset_token, :newPassword=>"newPass" end it 'should flash error' do From d8f00d319bc8bab87d6861fbe367feb3d57a4714 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Mon, 10 Jun 2013 17:37:05 -0700 Subject: [PATCH 22/41] bug fix in reset_password method --- app/services/active_directory.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/services/active_directory.rb b/app/services/active_directory.rb index 18bb21e11..be45ee5fa 100644 --- a/app/services/active_directory.rb +++ b/app/services/active_directory.rb @@ -90,7 +90,7 @@ def reset_password(user, new_pass) @connection.replace_attribute distinguished_name, :unicodePwd, password_encode(new_pass) return @connection.get_operation_result.message else - return true + return false end end end From cfbfb52c97327f41acc873a51df19df8a93b2bb5 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Mon, 10 Jun 2013 17:50:33 -0700 Subject: [PATCH 23/41] bug fix in PersonJob --- lib/person_job.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/person_job.rb b/lib/person_job.rb index c8e81e970..94449414f 100644 --- a/lib/person_job.rb +++ b/lib/person_job.rb @@ -22,7 +22,7 @@ def perform status = person.reset_twiki_password error_message += 'TWiki account password was not reset.
    ' unless status end - if create_active_directory_account && person.active_directory_account_created.blank? + if create_active_directory_account && person.active_directory_account_created_at.blank? status = person.create_active_directory_account error_message += "Active directory account for #{person.human_name} was not created.

    " unless status end From beef5ef0391bc725af598b548c8f279c7c816970 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Mon, 10 Jun 2013 17:54:26 -0700 Subject: [PATCH 24/41] renamed ActiveDirectory spec to ActiveDirectoryServices --- spec/services/active_directory_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/services/active_directory_spec.rb b/spec/services/active_directory_spec.rb index ec8f64ff1..6da94f207 100644 --- a/spec/services/active_directory_spec.rb +++ b/spec/services/active_directory_spec.rb @@ -1,6 +1,6 @@ require "spec_helper" -describe "ActiveDirectory" do +describe "ActiveDirectoryServices" do before do @ldap_server = Ladle::Server.new(:quiet => true, :port=>3897).start From 763b1a563a50692f422d37adebc5a045a57f1f50 Mon Sep 17 00:00:00 2001 From: Todd Sedano Date: Tue, 11 Jun 2013 16:55:25 -0700 Subject: [PATCH 25/41] Renamed auth_token to be new_user_token and altered generate_token method --- app/models/user.rb | 14 +++-- .../20130521171512_add_auth_token_to_users.rb | 9 --- ...30521171512_add_new_user_token_to_users.rb | 19 ++++++ ...30521171705_add_password_reset_to_users.rb | 11 ---- db/schema.rb | 62 +++---------------- lib/active_directory.rb | 4 +- 6 files changed, 37 insertions(+), 82 deletions(-) delete mode 100644 db/migrate/20130521171512_add_auth_token_to_users.rb create mode 100644 db/migrate/20130521171512_add_new_user_token_to_users.rb delete mode 100644 db/migrate/20130521171705_add_password_reset_to_users.rb diff --git a/app/models/user.rb b/app/models/user.rb index 1c0aa36cb..7b66c1dd0 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -45,7 +45,7 @@ class User < ActiveRecord::Base before_save :person_before_save, :update_is_profile_valid - before_create { generate_token(:auth_token) } + before_create :set_new_user_token validates_uniqueness_of :webiso_account, :case_sensitive => false validates_uniqueness_of :email, :case_sensitive => false @@ -401,13 +401,15 @@ def self.notify_it_about_expired_accounts end end - # Generate password reset token - def generate_token(column) - begin - self[column] = SecureRandom.urlsafe_base64 - end while User.exists?(column => self[column]) + def set_new_user_token + self.new_user_token = SecureRandom.urlsafe_base64 + end + + def set_password_reset_token + self.password_reset_token = SecureRandom.urlsafe_base64 end + protected def person_before_save # We populate some reasonable defaults, but this can be overridden in the database diff --git a/db/migrate/20130521171512_add_auth_token_to_users.rb b/db/migrate/20130521171512_add_auth_token_to_users.rb deleted file mode 100644 index a5f994fa8..000000000 --- a/db/migrate/20130521171512_add_auth_token_to_users.rb +++ /dev/null @@ -1,9 +0,0 @@ -class AddAuthTokenToUsers < ActiveRecord::Migration - def self.up - add_column :users, :auth_token, :string - end - - def self.down - remove_column :users, :auth_token - end -end diff --git a/db/migrate/20130521171512_add_new_user_token_to_users.rb b/db/migrate/20130521171512_add_new_user_token_to_users.rb new file mode 100644 index 000000000..7c122552b --- /dev/null +++ b/db/migrate/20130521171512_add_new_user_token_to_users.rb @@ -0,0 +1,19 @@ +class AddNewUserTokenToUsers < ActiveRecord::Migration + def self.up + add_column :users, :new_user_token, :string + add_column :users, :password_reset_token, :string + add_column :users, :password_reset_sent_at, :datetime + add_column :user_versions, :new_user_token, :string + add_column :user_versions, :password_reset_token, :string + add_column :user_versions, :password_reset_sent_at, :datetime + end + + def self.down + remove_column :user_versions, :new_user_token + remove_column :user_versions, :password_reset_sent_at + remove_column :user_versions, :password_reset_token + remove_column :users, :new_user_token + remove_column :users, :password_reset_sent_at + remove_column :users, :password_reset_token + end +end diff --git a/db/migrate/20130521171705_add_password_reset_to_users.rb b/db/migrate/20130521171705_add_password_reset_to_users.rb deleted file mode 100644 index c058bb784..000000000 --- a/db/migrate/20130521171705_add_password_reset_to_users.rb +++ /dev/null @@ -1,11 +0,0 @@ -class AddPasswordResetToUsers < ActiveRecord::Migration - def self.up - add_column :users, :password_reset_token, :string - add_column :users, :password_reset_sent_at, :datetime - end - - def self.down - remove_column :users, :password_reset_sent_at - remove_column :users, :password_reset_token - end -end diff --git a/db/schema.rb b/db/schema.rb index f6655bfd0..132eeb039 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended to check this file into your version control system. -ActiveRecord::Schema.define(:version => 20130520033431) do +ActiveRecord::Schema.define(:version => 20130521171512) do create_table "assignments", :force => true do |t| t.string "name" @@ -69,11 +69,6 @@ add_index "courses", ["twiki_url"], :name => "index_courses_on_twiki_url" add_index "courses", ["year"], :name => "index_courses_on_year" - create_table "courses_users", :id => false, :force => true do |t| - t.integer "course_id" - t.integer "user_id" - end - create_table "curriculum_comment_types", :force => true do |t| t.string "name" t.string "background_color" @@ -222,31 +217,6 @@ add_index "grading_rules", ["course_id"], :name => "index_grading_rules_on_course_id" - create_table "individual_contribution_for_courses", :force => true do |t| - t.integer "individual_contribution_id" - t.integer "course_id" - t.text "answer1" - t.float "answer2" - t.text "answer3" - t.text "answer4" - t.text "answer5" - end - - add_index "individual_contribution_for_courses", ["course_id"], :name => "index_individual_contribution_for_courses_on_course_id" - add_index "individual_contribution_for_courses", ["individual_contribution_id"], :name => "individual_contribution_for_courses_icid" - - create_table "individual_contributions", :force => true do |t| - t.integer "user_id" - t.integer "year" - t.integer "week_number" - t.datetime "created_at" - t.datetime "updated_at" - end - - add_index "individual_contributions", ["user_id"], :name => "index_individual_contributions_on_user_id" - add_index "individual_contributions", ["week_number"], :name => "index_individual_contributions_on_week_number" - add_index "individual_contributions", ["year"], :name => "index_individual_contributions_on_year" - create_table "page_attachments", :force => true do |t| t.integer "page_id" t.integer "user_id" @@ -418,26 +388,6 @@ add_index "presentations", ["team_id"], :name => "index_presentations_on_team_id" add_index "presentations", ["user_id"], :name => "index_presentations_on_user_id" - create_table "project_types", :force => true do |t| - t.string "name" - t.string "description" - t.datetime "created_at" - t.datetime "updated_at" - end - - add_index "project_types", ["name"], :name => "index_project_types_on_name" - - create_table "projects", :force => true do |t| - t.string "name" - t.integer "project_type_id" - t.integer "course_id" - t.boolean "is_closed" - t.datetime "created_at" - t.datetime "updated_at" - end - - add_index "projects", ["name"], :name => "index_projects_on_name" - create_table "registrations", :id => false, :force => true do |t| t.integer "course_id", :null => false t.integer "user_id", :null => false @@ -652,7 +602,9 @@ t.datetime "people_search_first_accessed_at" t.boolean "is_profile_valid" t.datetime "active_directory_account_created_at" - + t.string "new_user_token" + t.string "password_reset_token" + t.datetime "password_reset_sent_at" end add_index "user_versions", ["user_id"], :name => "index_user_versions_on_user_id" @@ -707,7 +659,7 @@ t.datetime "twiki_created" t.datetime "adobe_created" t.datetime "msdnaa_created" - t.integer "sign_in_count", :default => 0, :null => false + t.integer "sign_in_count", :default => 0, :null => false t.datetime "current_sign_in_at" t.datetime "last_sign_in_at" t.string "current_sign_in_ip" @@ -734,7 +686,9 @@ t.datetime "people_search_first_accessed_at" t.boolean "is_profile_valid" t.datetime "active_directory_account_created_at" - + t.string "new_user_token" + t.string "password_reset_token" + t.datetime "password_reset_sent_at" end add_index "users", ["email"], :name => "index_users_on_email" diff --git a/lib/active_directory.rb b/lib/active_directory.rb index 0000b093f..f1d39fd90 100644 --- a/lib/active_directory.rb +++ b/lib/active_directory.rb @@ -107,8 +107,8 @@ def password_encode(password) # Send active directory password reset token def send_password_reset_token(user) - user.generate_token(:password_reset_token) - user.password_reset_sent_at = Time.zone.now + user.set_password_reset_token + self.password_reset_sent_at = Time.zone.now user.save! PasswordMailer.password_reset(user).deliver end From 19b374d1151ad88f278ce61662225a18eeaee566 Mon Sep 17 00:00:00 2001 From: Todd Sedano Date: Tue, 11 Jun 2013 19:57:34 -0700 Subject: [PATCH 26/41] Not sure how we lost some of this data in the last commit --- db/schema.rb | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/db/schema.rb b/db/schema.rb index 132eeb039..33a59a540 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -69,6 +69,11 @@ add_index "courses", ["twiki_url"], :name => "index_courses_on_twiki_url" add_index "courses", ["year"], :name => "index_courses_on_year" + create_table "courses_users", :id => false, :force => true do |t| + t.integer "course_id" + t.integer "user_id" + end + create_table "curriculum_comment_types", :force => true do |t| t.string "name" t.string "background_color" @@ -217,6 +222,31 @@ add_index "grading_rules", ["course_id"], :name => "index_grading_rules_on_course_id" + create_table "individual_contribution_for_courses", :force => true do |t| + t.integer "individual_contribution_id" + t.integer "course_id" + t.text "answer1" + t.float "answer2" + t.text "answer3" + t.text "answer4" + t.text "answer5" + end + + add_index "individual_contribution_for_courses", ["course_id"], :name => "index_individual_contribution_for_courses_on_course_id" + add_index "individual_contribution_for_courses", ["individual_contribution_id"], :name => "individual_contribution_for_courses_icid" + + create_table "individual_contributions", :force => true do |t| + t.integer "user_id" + t.integer "year" + t.integer "week_number" + t.datetime "created_at" + t.datetime "updated_at" + end + + add_index "individual_contributions", ["user_id"], :name => "index_individual_contributions_on_user_id" + add_index "individual_contributions", ["week_number"], :name => "index_individual_contributions_on_week_number" + add_index "individual_contributions", ["year"], :name => "index_individual_contributions_on_year" + create_table "page_attachments", :force => true do |t| t.integer "page_id" t.integer "user_id" @@ -388,6 +418,26 @@ add_index "presentations", ["team_id"], :name => "index_presentations_on_team_id" add_index "presentations", ["user_id"], :name => "index_presentations_on_user_id" + create_table "project_types", :force => true do |t| + t.string "name" + t.string "description" + t.datetime "created_at" + t.datetime "updated_at" + end + + add_index "project_types", ["name"], :name => "index_project_types_on_name" + + create_table "projects", :force => true do |t| + t.string "name" + t.integer "project_type_id" + t.integer "course_id" + t.boolean "is_closed" + t.datetime "created_at" + t.datetime "updated_at" + end + + add_index "projects", ["name"], :name => "index_projects_on_name" + create_table "registrations", :id => false, :force => true do |t| t.integer "course_id", :null => false t.integer "user_id", :null => false From 171a7bd601bbdbb732135da5e5d59b697eadc9b6 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Thu, 13 Jun 2013 09:34:51 -0700 Subject: [PATCH 27/41] updated schema --- db/schema.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db/schema.rb b/db/schema.rb index 33a59a540..4e8cf532d 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended to check this file into your version control system. -ActiveRecord::Schema.define(:version => 20130521171512) do +ActiveRecord::Schema.define(:version => 20130521194045) do create_table "assignments", :force => true do |t| t.string "name" From f5318df8fb388aa1f719362f3d8179af605984e7 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Thu, 13 Jun 2013 10:45:22 -0700 Subject: [PATCH 28/41] bug fix --- lib/active_directory.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/active_directory.rb b/lib/active_directory.rb index f1d39fd90..f11a4eb19 100644 --- a/lib/active_directory.rb +++ b/lib/active_directory.rb @@ -108,7 +108,7 @@ def password_encode(password) # Send active directory password reset token def send_password_reset_token(user) user.set_password_reset_token - self.password_reset_sent_at = Time.zone.now + user.password_reset_sent_at = Time.zone.now user.save! PasswordMailer.password_reset(user).deliver end From 54f73b96f5b973493d4712319bd55aae14d14dbb Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Thu, 13 Jun 2013 10:59:57 -0700 Subject: [PATCH 29/41] renamed variables in password_resets new.htm.erb --- app/views/password_resets/new.html.erb | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/app/views/password_resets/new.html.erb b/app/views/password_resets/new.html.erb index b79072d4a..f135f2862 100644 --- a/app/views/password_resets/new.html.erb +++ b/app/views/password_resets/new.html.erb @@ -11,13 +11,13 @@

    Reset account password

    - +
    -
    - >

    -
    -

    +
    + >

    +
    +


    <%= recaptcha_tags :ssl => true %>
    From a50d9d5dd4f6c673b3b6fada028b33be74af4e98 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Thu, 13 Jun 2013 11:27:47 -0700 Subject: [PATCH 30/41] modified password resets variables --- app/views/password_resets/edit.html.erb | 6 +++--- public/javascripts/password_reset.js | 10 +++++----- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/app/views/password_resets/edit.html.erb b/app/views/password_resets/edit.html.erb index e0b9a52e7..499625cda 100644 --- a/app/views/password_resets/edit.html.erb +++ b/app/views/password_resets/edit.html.erb @@ -10,12 +10,12 @@


    - +


    - +


    -
    <%= f.submit "Update Password", :onclick=>"return validateEditForm()" %>
    +
    <%= f.submit "Update Password", :onclick=>"return validatePasswordEditForm()" %>
    <% end %> diff --git a/public/javascripts/password_reset.js b/public/javascripts/password_reset.js index a6f4dcd71..69e3b5421 100644 --- a/public/javascripts/password_reset.js +++ b/public/javascripts/password_reset.js @@ -4,8 +4,8 @@ // Helper function to validate reset form -function validateResetForm(){ - if ( ($("#primaryEmail").val()=="") || ($("#personalEmail").val()=="") ){ +function validatePasswordResetForm(){ + if ( ($("#cmu_mail").val()=="") || ($("#personal_mail").val()=="") ){ return warn_blank_fields() } else{ return true @@ -13,9 +13,9 @@ function validateResetForm(){ } // Helper function to validate edit form -function validateEditForm(){ - var newPass = $("#newPassword").val() - var oldPass = $("#confirmPassword").val() +function validatePasswordEditForm(){ + var newPass = $("#new_password").val() + var oldPass = $("#confirm_password").val() if ((newPass==oldPass) && newPass!="") { return true }else{ From 2c3eae832a533bba9e2210cd21e1fa0a24b7a19f Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Thu, 13 Jun 2013 12:08:52 -0700 Subject: [PATCH 31/41] added renamed variables in password resets controller and added default host in development.rb --- app/controllers/password_resets_controller.rb | 19 +++++++++++-------- config/environments/development.rb | 6 ++++-- 2 files changed, 15 insertions(+), 10 deletions(-) diff --git a/app/controllers/password_resets_controller.rb b/app/controllers/password_resets_controller.rb index 47fada52a..d1e6e2240 100644 --- a/app/controllers/password_resets_controller.rb +++ b/app/controllers/password_resets_controller.rb @@ -8,17 +8,17 @@ def index # Create new password reset request def create - @user = User.find_by_email(params[:primaryEmail]) + @user = User.find_by_email(params[:cmu_email]) @active_directory_services = ActiveDirectory.new if verify_recaptcha(:model => @user, :attribute => "verification code") - if @user && @user.personal_email == params[:personalEmail] + if @user && @user.personal_email == params[:personal_email] @active_directory_services.send_password_reset_token(@user) else - flash[:error] = "Your entries do not match records" + flash[:error] = "Your email entries did not match our records. Please try again or contact help@sv.cmu.edu" redirect_to new_password_reset_path and return end - redirect_to root_url, :notice => "Password reset instructions have been sent to your secondary email account." + redirect_to root_url, :notice => "Password reset instructions have been sent to #{@user.personal_email}." else flash[:error] = "Verification code is wrong" redirect_to new_password_reset_path @@ -29,7 +29,7 @@ def create def edit @user = User.find_by_password_reset_token!(params[:id]) rescue ActiveRecord::RecordNotFound - redirect_to new_password_reset_path, :flash => {:error => "Password reset link has expired."} + redirect_to new_password_reset_path, :flash => {:error => "Password reset link is invalid."} end # Do actual password reset @@ -38,14 +38,17 @@ def update @active_directory_services = ActiveDirectory.new respond_to do |format| if @user.password_reset_sent_at > 2.hours.ago - if params[:newPassword] - if @active_directory_services.reset_password(@user, params[:newPassword]) == "Success" + if params[:new_password] + if @active_directory_services.reset_password(@user, params[:new_password]) == "Success" flash[:notice] = "Password has been reset!" format.html { redirect_to root_url } else - flash[:error]="Password reset was unsuccessful." + flash[:error]="Password reset was unsuccessful. Read the instructions below or contact help@sv.cmu.edu" redirect_to edit_password_reset_path and return end + else + flash[:error]="Invalid new password parameter. Contact help@sv.cmu.edu" + redirect_to edit_password_reset_path and return end else flash[:error] = "Password reset link has expired." diff --git a/config/environments/development.rb b/config/environments/development.rb index 7a1281b29..b6d6301fe 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -27,8 +27,10 @@ ActionMailer::Base.perform_deliveries = false # ActionMailer::Base.perform_deliveries = true - # Specify host url for password reset links in email - # config.action_mailer.default_url_options = { :host => "localhost:3000" } + # This is the host url for the links we send to users + config.action_mailer.default_url_options = { + :host => ENV['HOST_NAME'] || "localhost:3000" + } ActionMailer::Base.smtp_settings = { :address => "smtp.gmail.com", From baf8e1ed67eda874cb3bbf4387fd34b78f9cf54d Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Thu, 13 Jun 2013 19:35:59 -0700 Subject: [PATCH 32/41] renamed active_directory_created to active_directory_created_at --- lib/active_directory.rb | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/lib/active_directory.rb b/lib/active_directory.rb index f11a4eb19..78691141a 100644 --- a/lib/active_directory.rb +++ b/lib/active_directory.rb @@ -25,9 +25,8 @@ def create_active_directory_account(user) end # Attempt to create active directory account - active_directory_service = ActiveDirectory.new - if active_directory_service.create_account(user) == "Success" - user.active_directory_account_created = Time.now() + if create_account(user) == "Success" + user.active_directory_account_created_at = Time.now() user.save end end From 5fcc9f239cc7bf7d8b5e9b182bac4cd360c6251c Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Thu, 13 Jun 2013 22:38:59 -0700 Subject: [PATCH 33/41] used content for javascript instead of creating a new file --- .../password_mailer/password_reset.text.erb | 4 +- app/views/password_resets/edit.html.erb | 30 ++++++++++++-- app/views/password_resets/new.html.erb | 28 +++++++++++-- lib/active_directory.rb | 8 +++- lib/person_job.rb | 2 +- public/javascripts/password_reset.js | 39 ------------------- 6 files changed, 61 insertions(+), 50 deletions(-) delete mode 100644 public/javascripts/password_reset.js diff --git a/app/views/password_mailer/password_reset.text.erb b/app/views/password_mailer/password_reset.text.erb index 790de4192..e5fb8d6d4 100644 --- a/app/views/password_mailer/password_reset.text.erb +++ b/app/views/password_mailer/password_reset.text.erb @@ -1,6 +1,6 @@ Hi <%=@user.human_name%>, -A password reset request for your login to Whiteboard has been received at <%=Time.now%> +A password reset request for your login to Whiteboard has been received at <%=Time.now.to_s%> To reset your password, please follow this link. @@ -8,6 +8,6 @@ To reset your password, please follow this link. Access to this link is only valid for 2 hours. -If you did not request a password reset, report this to your administrator immediately. +If you did not request a password reset, report this to help@sv.cmu.edu immediately. Thanks. \ No newline at end of file diff --git a/app/views/password_resets/edit.html.erb b/app/views/password_resets/edit.html.erb index 499625cda..23a5e531b 100644 --- a/app/views/password_resets/edit.html.erb +++ b/app/views/password_resets/edit.html.erb @@ -1,12 +1,36 @@ -<%= javascript_include_tag 'password_reset' %> +<% content_for :javascript do %> + + + +<% end %> <%= form_for @user, { :url => password_reset_path(params[:id]) } do |f| %>

    -

    <%= @user.human_name %>

    +

    Resetting password for <%= @user.human_name %>'s account.

    Instructions -
    Your new password must have a digit character, a capital letter, and a minimum of eight characters. +
    The new password must have a digit character, a capital letter, and a minimum of eight characters.


    diff --git a/app/views/password_resets/new.html.erb b/app/views/password_resets/new.html.erb index f135f2862..2f569f3a6 100644 --- a/app/views/password_resets/new.html.erb +++ b/app/views/password_resets/new.html.erb @@ -1,13 +1,35 @@ +<% content_for :javascript do %> + + +<% end %> -<% content_for :title, 'Whiteboard LMS for CMU-SV' %> -<%= javascript_include_tag 'password_reset' %> +<% content_for :title, 'Whiteboard Password Reset' %>

    Reset account password

    diff --git a/lib/active_directory.rb b/lib/active_directory.rb index 78691141a..cf6f5618f 100644 --- a/lib/active_directory.rb +++ b/lib/active_directory.rb @@ -25,9 +25,13 @@ def create_active_directory_account(user) end # Attempt to create active directory account - if create_account(user) == "Success" - user.active_directory_account_created_at = Time.now() + # Return void unless there is an error message + message = create_account(user) + if message == "Success" + user.active_directory_account_created_at=Time.now() user.save + else + return message end end diff --git a/lib/person_job.rb b/lib/person_job.rb index 23f4f7f7c..b6d673c10 100644 --- a/lib/person_job.rb +++ b/lib/person_job.rb @@ -24,7 +24,7 @@ def perform end if create_active_directory_account && person.active_directory_account_created_at.blank? status = ActiveDirectory.create_active_directory_account(person) - error_message += "Active directory account for #{person.human_name} was not created.

    " unless status + error_message += "Active directory account for #{person.human_name} was not created. The error was #{status}

    " unless status end diff --git a/public/javascripts/password_reset.js b/public/javascripts/password_reset.js deleted file mode 100644 index 69e3b5421..000000000 --- a/public/javascripts/password_reset.js +++ /dev/null @@ -1,39 +0,0 @@ -/* - *This page contains all relevant JS for the password reset pages - */ - - -// Helper function to validate reset form -function validatePasswordResetForm(){ - if ( ($("#cmu_mail").val()=="") || ($("#personal_mail").val()=="") ){ - return warn_blank_fields() - } else{ - return true - } -} - -// Helper function to validate edit form -function validatePasswordEditForm(){ - var newPass = $("#new_password").val() - var oldPass = $("#confirm_password").val() - if ((newPass==oldPass) && newPass!="") { - return true - }else{ - return warn_password_mismatch() - - } -} - -// Warn if password mismatches -function warn_password_mismatch(){ - $("#password_mismatch_warning").empty() - $("#password_mismatch_warning").append($('
    ').css('color', 'red').text('Password mismatch')); - return false -} - -// Warn if email fields are blank -function warn_blank_fields(){ - $("#blank_email_warning").empty() - $("#blank_email_warning").append($('
    ').css('color', 'red').text('Blank fields are not allowed')); - return false -} \ No newline at end of file From bc70852d222c7ba2d936e52a61331a8457ca7714 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Thu, 13 Jun 2013 23:07:08 -0700 Subject: [PATCH 34/41] refactored active directory create_account service --- lib/active_directory.rb | 49 ++++++++++++++--------------------------- lib/person_job.rb | 2 +- 2 files changed, 18 insertions(+), 33 deletions(-) diff --git a/lib/active_directory.rb b/lib/active_directory.rb index cf6f5618f..e6d9b94de 100644 --- a/lib/active_directory.rb +++ b/lib/active_directory.rb @@ -3,35 +3,31 @@ # This class provides active directory services class ActiveDirectory - - # - # Creates an Active Directory account for the user - # If this fails, it returns an error message as a string, else it returns true - # - def create_active_directory_account(user) - # reject blank emails + # Create an Active Directory account for a user + # Error out if user's email address is blank or domain is not Google domain + # If this fails, return an error message as a string, else return void + # The return message is "Success", "Unwilling to perform", "Entity exists", "No such object", "Could not bind to server" + def create_account(user) return "Empty email address" if user.email.blank? - # log what is happening - logger.debug("Attempting to create active directory account for " + user.email) - - # extract domain from email domain = user.email.split('@')[1] - - # Confirm domain name accuracy if domain != GOOGLE_DOMAIN - logger.debug("Domain (" + domain + ") is not the same as the google domain (" + GOOGLE_DOMAIN) return "Domain (" + domain + ") is not the same as the google domain (" + GOOGLE_DOMAIN + ")" end - # Attempt to create active directory account - # Return void unless there is an error message - message = create_account(user) - if message == "Success" - user.active_directory_account_created_at=Time.now() - user.save + if self.bind + @connection.add(:dn => user.ldap_distinguished_name(user), :attributes => ldap_attributes(user)) + + message = @connection.get_operation_result.message + if message == "Success" + user.active_directory_account_created_at=Time.now() + user.save + else + return message + end + else - return message + return "Could not bind to active directory server." end end @@ -55,17 +51,6 @@ def bind end end - # Create a user account in active directory - # Return message as "Success", "Unwilling to perform", "Entity exists" or "No such object" - def create_account(user) - if self.bind - @connection.add(:dn => user.ldap_distinguished_name(user), :attributes => ldap_attributes(user)) - return @connection.get_operation_result.message - else - return false - end - end - # Build attributes for active directory account # Code 512 creates standard user account and enables it def ldap_attributes(user) diff --git a/lib/person_job.rb b/lib/person_job.rb index b6d673c10..0ecdadcda 100644 --- a/lib/person_job.rb +++ b/lib/person_job.rb @@ -23,7 +23,7 @@ def perform error_message += 'TWiki account password was not reset.
    ' unless status end if create_active_directory_account && person.active_directory_account_created_at.blank? - status = ActiveDirectory.create_active_directory_account(person) + status = ActiveDirectory.create_account(person) error_message += "Active directory account for #{person.human_name} was not created. The error was #{status}

    " unless status end From 8a9d8bcf74c47fe9ff6059342bc92ea3384c5cd6 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Thu, 13 Jun 2013 23:08:38 -0700 Subject: [PATCH 35/41] removed scaffolded password_resets spec --- spec/fixtures/password_mailer/password_reset | 3 --- 1 file changed, 3 deletions(-) delete mode 100644 spec/fixtures/password_mailer/password_reset diff --git a/spec/fixtures/password_mailer/password_reset b/spec/fixtures/password_mailer/password_reset deleted file mode 100644 index c8a9afe7f..000000000 --- a/spec/fixtures/password_mailer/password_reset +++ /dev/null @@ -1,3 +0,0 @@ -PasswordMailer#password_reset - -Hi, find me in app/views/password_mailer/password_reset From d9ff124a0e64421786beede0b13ee6e4ba50988f Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Thu, 13 Jun 2013 23:44:03 -0700 Subject: [PATCH 36/41] edited host url config and passwor reset scripts --- app/views/password_resets/edit.html.erb | 10 ++++++---- app/views/password_resets/new.html.erb | 6 ++++-- config/environments/development.rb | 2 +- 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/app/views/password_resets/edit.html.erb b/app/views/password_resets/edit.html.erb index 23a5e531b..d45a5e7ed 100644 --- a/app/views/password_resets/edit.html.erb +++ b/app/views/password_resets/edit.html.erb @@ -6,7 +6,8 @@ function validatePasswordEditForm(){ var newPass = $("#new_password").val() var confirmPass = $("#confirm_password").val() - if ((newPass == confirmPass) && newPass!="") { + + if ((newPass == confirmPass)) { return true }else{ return warnPasswordMismatch() @@ -15,11 +16,12 @@ // Warn if new password and confirmation password mismatches function warnPasswordMismatch(){ - $("#password_mismatch_warning").empty() - $("#password_mismatch_warning").append($('
    ').css('color', 'red').text('Password mismatch')); + $("#password_blank_or_mismatch_warning").empty() + $("#password_blank_or_mismatch_warning").append($('
    ').css('color', 'red').text('Password mismatch')); return false } + <% end %> @@ -40,6 +42,6 @@

    -

    +

    <%= f.submit "Update Password", :onclick=>"return validatePasswordEditForm()" %>
    <% end %> diff --git a/app/views/password_resets/new.html.erb b/app/views/password_resets/new.html.erb index 2f569f3a6..574a874ea 100644 --- a/app/views/password_resets/new.html.erb +++ b/app/views/password_resets/new.html.erb @@ -17,13 +17,15 @@ } } - // Warn if email fields are blank - function warnBlankFields(){ + // Warn if any email input field is blank + function warnBlankEmailFields(){ $("#blank_email_warning").empty() $("#blank_email_warning").append($('
    ').css('color', 'red').text('Blank fields are not allowed')); return false } + + <% end %> diff --git a/config/environments/development.rb b/config/environments/development.rb index b6d6301fe..99de9a35c 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -27,7 +27,7 @@ ActionMailer::Base.perform_deliveries = false # ActionMailer::Base.perform_deliveries = true - # This is the host url for the links we send to users + # This is the host url for the token links in the emails we send to users config.action_mailer.default_url_options = { :host => ENV['HOST_NAME'] || "localhost:3000" } From 8c5228172b80a233c9f28fc3bad1da05e12db632 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Fri, 14 Jun 2013 00:07:38 -0700 Subject: [PATCH 37/41] modified recaptcha to use environment variables --- config/initializers/recaptcha.rb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/config/initializers/recaptcha.rb b/config/initializers/recaptcha.rb index 6232d90db..68002b79c 100644 --- a/config/initializers/recaptcha.rb +++ b/config/initializers/recaptcha.rb @@ -1,4 +1,6 @@ Recaptcha.configure do |config| - config.public_key = '6LfhP98SAAAAAMnnvCdL3ENLN5gZ1X7CkhW3G90N' - config.private_key = '6LfhP98SAAAAAOtg1NcHbREldoWIQdt2WdsVpkVT' + + # You need to register an account with http://www.google.com/recaptcha to get a public and private key + config.public_key = ENV["RECAPTCHA_PUBLIC_KEY"] + config.private_key = ENV["RECAPTCHA_PRIVATE_KEY"] end \ No newline at end of file From 5858f130d497b4ce2155a7465eb2337364557831 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Fri, 14 Jun 2013 00:08:34 -0700 Subject: [PATCH 38/41] fixed a bug in password_resets_controller spec' --- spec/controllers/password_resets_controller_spec.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/spec/controllers/password_resets_controller_spec.rb b/spec/controllers/password_resets_controller_spec.rb index 1dc8bbac6..4e0173e28 100644 --- a/spec/controllers/password_resets_controller_spec.rb +++ b/spec/controllers/password_resets_controller_spec.rb @@ -49,7 +49,7 @@ response.should redirect_to( new_password_reset_path ) end it 'should flash error if reset_link is invalid' do - flash[:error].should == "Password reset link has expired." + flash[:error].should == "Password reset link is invalid." end end @@ -69,7 +69,7 @@ context "success" do before do @active_directory_services.stub(:reset_password).with(@student_sam, "newPass").and_return("Success") - put :update, :id => @student_sam.password_reset_token, :newPassword=>"newPass" + put :update, :id => @student_sam.password_reset_token, :new_password=>"newPass" end it 'should flash notice with success' do flash[:notice].should == "Password has been reset!" @@ -82,7 +82,7 @@ context "failure" do before do @active_directory_services.stub(:reset_password).with(@student_sam, "newPass").and_return("Any other message") - put :update, :id => @student_sam.password_reset_token, :newPassword=>"newPass" + put :update, :id => @student_sam.password_reset_token, :new_password=>"newPass" end it 'should flash error' do flash[:error].should_not be_nil From 10b0874d72336d80f590069cf6f8c728eaff35d4 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Fri, 14 Jun 2013 00:12:01 -0700 Subject: [PATCH 39/41] set name password_mismatch_warning --- app/views/password_resets/edit.html.erb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/views/password_resets/edit.html.erb b/app/views/password_resets/edit.html.erb index d45a5e7ed..1e92bda55 100644 --- a/app/views/password_resets/edit.html.erb +++ b/app/views/password_resets/edit.html.erb @@ -16,8 +16,8 @@ // Warn if new password and confirmation password mismatches function warnPasswordMismatch(){ - $("#password_blank_or_mismatch_warning").empty() - $("#password_blank_or_mismatch_warning").append($('
    ').css('color', 'red').text('Password mismatch')); + $("#password_mismatch_warning").empty() + $("#password_mismatch_warning").append($('
    ').css('color', 'red').text('Password mismatch')); return false } @@ -42,6 +42,6 @@

    -

    +

    <%= f.submit "Update Password", :onclick=>"return validatePasswordEditForm()" %>
    <% end %> From d751b97c0953ee4059950706c1ff4370eab14157 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Mon, 17 Jun 2013 23:21:03 -0700 Subject: [PATCH 40/41] cleaned up the people new.html.erb --- app/views/people/new.html.erb | 183 ++++++++++++++++++++++++---------- 1 file changed, 128 insertions(+), 55 deletions(-) diff --git a/app/views/people/new.html.erb b/app/views/people/new.html.erb index 35b94ee4c..44bc2a7a0 100644 --- a/app/views/people/new.html.erb +++ b/app/views/people/new.html.erb @@ -1,5 +1,5 @@ <% content_for :title, "New person" %> -

    New person

    +

    New person

    <% content_for :javascript do %> @@ -118,23 +118,55 @@ }); add_loader(node, 'Checking account...'); } - - // Updates the graduation year of a student - function update_graduation_year() { - now = new Date; - offset = 1; - if (document.forms["new_user"].user_is_part_time.checked == true) { - offset = 2 - } - if (document.forms["new_user"].user_is_student.checked == true) { - document.forms["new_user"].user_graduation_year.value = (now.getFullYear() + offset); - } else { - document.forms["new_user"].user_graduation_year.value = ""; - } + // Update the graduation year of a student + function update_graduation_year() { + now = new Date; + offset = 1; + if ($("#user_is_part_time").is(':checked')) { + offset = 2 + } + if ($("#user_is_student").is(':checked')) { + $("#graduation_year option").filter(function() { + return $(this).text() == now.getFullYear() + offset; + }).prop('selected', true); + + } else { + $("#graduation_year option").filter(function() { + return $(this).text() == now.getFullYear()+1; + }).prop('selected', true); + } } + // Toggle student user attributes + function toggle_student_user_attributes(){ + if($("#user_is_student").is(":checked")){ + $("#student_user_attributes").fadeIn(); + } else{ + $("#student_user_attributes").fadeOut(); + } + } + + // Toggle student masters and phd programs + function toggle_masters_phd_program(){ + if($("#graduate_program").val()=="MS"){ + $("#masters_courses").fadeIn(); + $("#phd_courses").hide(); + }else if($("#graduate_program").val()=="PhD"){ + $("#masters_courses").hide(); + $("#phd_courses").fadeIn(); + } + } + + // Toggle student masters courses + function toggle_SE_tracks(){ + if($("#masters_course").val()=="SE"){ + $("#SE_tracks").fadeIn(); + }else{ + $("#SE_tracks").fadeOut(); + } + } <% end %> @@ -151,7 +183,7 @@
    <% end %> - + <%= field_set_tag nil, :class=>'cmu_table', do %>

    <%= f.label :first_name, "Preferred first name" %>
    <%= f.text_field :first_name, :onblur => "update_twiki_and_email()" %> @@ -179,12 +211,13 @@

    <%= f.label :twiki_name %>
    <%= f.text_field :twiki_name %> - <%= check_box_tag("create_twiki_account", 1, true) %> Create twiki account? + <%= check_box_tag("create_twiki_account", 1, false) %> Create twiki account?

    <%= f.label :email %>
    <%= f.text_field :email, :onblur => "check_email()" %> - <%= check_box_tag("create_google_email", 1, true) %> Create google email account? + <%= check_box_tag("create_active_directory_account", 1, false) %> Create active directory account?

    @@ -195,48 +228,88 @@

    <%= f.label :personal_email %>
    - <%= f.text_field :personal_email %>
    + <%= f.text_field :personal_email %> (Necessary for google email account creation)

    + <% end %> +

    System Roles

    -

    - <%= f.label :is_staff, "Is staff or faculty?" %>
    - <%= f.check_box :is_staff %> -

    -

    - <%= f.label :is_student, "Is a student?" %>
    - <%= f.check_box :is_student, :onchange => "update_graduation_year()" %> -

    -

    - <%= f.label :is_active, "Is active? - a current user?" %>
    - <%= f.check_box :is_active %> -

    -

    Just for students

    -

    - <%= f.label :is_part_time, "Is part time student?" %> - <%= f.check_box :is_part_time, :onchange => "update_graduation_year()" %> -

    -

    - <%= f.label :graduation_year %>
    - <%= f.text_field :graduation_year %> -

    -

    - Graduate program
    - <%= f.text_field :masters_program %>
    - SE SM INI PhD -

    -

    - Graduate track
    - <%= f.text_field :masters_track %>
    - Tech DM IS MOB SM -

    + <%= field_set_tag nil, :class=>'cmu_table', do %> +

    + <%= f.check_box :is_staff %> + <%= f.label :is_staff, "Is staff or faculty?" %>
    +

    +

    + <%= f.check_box :is_student, :onchange => "toggle_student_user_attributes()" %> + <%= f.label :is_student, "Is a student?" %>
    +

    +

    + <%= f.check_box :is_active %> + <%= f.label :is_active, "Is active? - a current user?" %>
    +

    + <% end %> + + + +

    Account Termination

    -

    - <%= f.label "Expires at" %> - <%= f.text_field :expires_at, :size => 10 %>
    - <% help_text = AcademicCalendar.next_semester + " semester starts on " + AcademicCalendar.date_for_semester_start(AcademicCalendar.next_semester, AcademicCalendar.next_semester_year).to_s %> - (<%= help_text %>) -

    + <%= field_set_tag nil, :class=>'cmu_table', do %> +

    + <%= f.label "Expires at" %> + <%= f.text_field :expires_at, :size => 10 %> + <% help_text = AcademicCalendar.next_semester + " semester starts on " + AcademicCalendar.date_for_semester_start(AcademicCalendar.next_semester, AcademicCalendar.next_semester_year).to_s %> + (<%= help_text %>) +

    + <% end %> + + +

    Account Creation Process Type

    + <%= field_set_tag nil, :class=>'cmu_table', do %> +

    + <%= radio_button_tag(:account_creation_process_type, "staged", :true) %> + Staged (Sends a link to the user's email, and the user completes the account creation process) +

    +

    + <%= radio_button_tag(:account_creation_process_type, "express") %> + Express (Allows you to complete the entire account creation process) +

    + <% end %> +
    + <%= f.submit "Create" %> From e51f728fbe5ed70f35476ad14b1564873c33a365 Mon Sep 17 00:00:00 2001 From: Edward Akoto Date: Tue, 18 Jun 2013 23:57:02 -0700 Subject: [PATCH 41/41] performed some general modifications --- app/views/password_resets/edit.html.erb | 56 +++++++++++++++++++ app/views/people/new_user.erb | 0 ...directory_password_change_notification.erb | 0 .../general_account_information.erb | 0 4 files changed, 56 insertions(+) create mode 100644 app/views/people/new_user.erb create mode 100644 app/views/person_mailer/active_directory_password_change_notification.erb create mode 100644 app/views/person_mailer/general_account_information.erb diff --git a/app/views/password_resets/edit.html.erb b/app/views/password_resets/edit.html.erb index 1e92bda55..1cf098bb3 100644 --- a/app/views/password_resets/edit.html.erb +++ b/app/views/password_resets/edit.html.erb @@ -21,6 +21,61 @@ return false } + // Password strength meter + + var shortPass = 'Too short' + var badPass = 'Bad' + var goodPass = 'Good' + var strongPass = 'Strong' + + + function passwordStrength(password){ + score = 0 + + // password length should be greater than 8 + if (password.length < 8 ) { return shortPass } + + // password has a number + if (password.match(/(.*[0-9])/)) score += 5 + + // password has 3 numbers + if (password.match(/(.*[0-9].*[0-9].*[0-9])/)) score += 5 + + // password has a symbol + if (password.match(/(.*[!,@,#,$,%,^,&,*,?,_,~])/)) score += 5 + + // password has upper and lower chars + if (password.match(/([a-z].*[A-Z])|([A-Z].*[a-z])/)) score += 10 + + // password has number and chars + if (password.match(/([a-zA-Z])/) && password.match(/([0-9])/)) score += 15 + // + // password has number and symbol + if (password.match(/([!,@,#,$,%,^,&,*,?,_,~])/) && password.match(/([0-9])/)) score += 15 + + // password has char and symbol + if (password.match(/([!,@,#,$,%,^,&,*,?,_,~])/) && password.match(/([a-zA-Z])/)) score += 15 + + // password is just numbers or chars + if (password.match(/^\w+$/) || password.match(/^\d+$/) ) score -= 10 + + // ensure 0 < score < 100 + if ( score < 0 ) score = 0 + if ( score > 100 ) score = 100 + + if (score < 20 ) return badPass + if (score >= 20 && score < 25 ) return goodPass + + return strongPass + } + + // jQuery script to show password strength + $(function() { + $("#new_password").keyup( + function() { + $('#result').html(passwordStrength($('#new_password').val())) + }); + }); @@ -37,6 +92,7 @@


    +


    diff --git a/app/views/people/new_user.erb b/app/views/people/new_user.erb new file mode 100644 index 000000000..e69de29bb diff --git a/app/views/person_mailer/active_directory_password_change_notification.erb b/app/views/person_mailer/active_directory_password_change_notification.erb new file mode 100644 index 000000000..e69de29bb diff --git a/app/views/person_mailer/general_account_information.erb b/app/views/person_mailer/general_account_information.erb new file mode 100644 index 000000000..e69de29bb