discourse/spec/requests
Alan Guo Xiang Tan e97ef7e9af
FEATURE: Allow site admin to mark a user's password as expired (#27314)
This commit adds the ability for site administrators to mark users'
passwords as expired. Note that this commit does not add any client side
interface to mark a user's password as expired.

The following changes are introduced in this commit:

1. Adds a `user_passwords` table and `UserPassword` model. While the
   `user_passwords` table is currently used to only store expired
   passwords, it will be used in the future to store a user's current
   password as well.

2. Adds a `UserPasswordExpirer.expire_user_password` method which can
   be used from the Rails console to mark a user's password as expired.

3. Updates `SessionsController#create` to check that the user's current
   password has not been marked as expired after confirming the
   password. If the password is determined to be expired based on the
   existence of a `UserPassword` record with the `password_expired_at`
   column set, we will not log the user in and will display a password
   expired notice. A forgot password email is automatically send out to
   the user as well.
2024-06-04 15:42:53 +08:00
..
admin DEV: Move webhook event header modifier for redelivery-recalucation (#27177) 2024-05-24 10:37:10 -05:00
api FEATURE: admin can disable flags (#27171) 2024-05-29 14:39:58 +10:00
examples SECURITY: Impose a upper bound on limit params in various controllers 2023-07-28 12:53:46 +01:00
about_controller_spec.rb FIX: crawler view with unicode usernames (#27051) 2024-05-16 17:11:24 +02:00
application_controller_spec.rb FIX: Apply crawler rate limits to cached requests (#27174) 2024-05-27 16:26:35 +03:00
associate_accounts_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
badges_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
bookmarks_controller_spec.rb FEATURE: Add bulk action to bookmark (#26856) 2024-05-22 12:50:21 -03:00
categories_controller_spec.rb FIX: Change request method for categories/search (#26976) 2024-05-13 14:37:17 +03:00
clicks_controller_spec.rb
composer_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
composer_messages_controller_spec.rb
csp_reports_controller_spec.rb
directory_columns_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
directory_items_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
do_not_disturb_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
drafts_controller_spec.rb FIX: Load categories with user activity and drafts (#26553) 2024-04-10 17:35:42 +03:00
edit_directory_columns_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
email_controller_spec.rb FEATURE: remove category badge style options, set bullet style as default (#24198) 2023-11-13 10:46:15 -05:00
embed_controller_spec.rb DEV: Fix assertion in embedding test (#24694) 2023-12-05 18:30:52 +02:00
exceptions_controller_spec.rb
export_csv_controller_spec.rb SECURITY: Prevent large staff actions causing DoS 2024-03-15 14:24:04 +08:00
extra_locales_controller_spec.rb DEV: Catch missing translations during test runs (#26258) 2024-05-24 22:15:53 +08:00
finish_installation_controller_spec.rb DEV: Improve error message when test fails (#25067) 2023-12-29 12:44:41 +08:00
form_templates_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
forums_controller_spec.rb DEV: Correct forums_controller success spec (#24690) 2023-12-04 14:26:29 +00:00
groups_controller_spec.rb UX: Group membership PMs thread (#26974) 2024-05-22 11:47:28 -04:00
hashtags_controller_spec.rb DEV: Fix flaky test (#25935) 2024-02-28 20:32:14 +02:00
highlightjs_controller_spec.rb FIX: Ensure app-cdn CORS is not overridden by cors_origin setting (#24661) 2023-12-01 12:57:11 +00:00
inline_onebox_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
invites_controller_spec.rb SECURITY: Limit invites params length 2024-03-15 14:24:07 +08:00
list_controller_spec.rb DEV: Remove full group refreshes from tests (#25414) 2024-01-25 14:28:26 +08:00
metadata_controller_spec.rb DEV: Fix various rubocop lints (#24749) 2023-12-06 23:25:00 +01:00
noscript_escape_spec.rb SECURITY: Properly escape user content within <noscript> 2024-01-30 09:10:09 -07:00
notifications_controller_spec.rb DEV: Allow user api key scope for notifications#totals (#26205) 2024-03-15 16:06:32 -04:00
offline_controller_spec.rb
omniauth_callbacks_controller_spec.rb DEV: Remove deprecated AuthProvider#enabled_setting= (#27081) 2024-05-20 18:10:15 +08:00
onebox_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
permalinks_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
post_action_users_controller_spec.rb DEV: Add post_action_users_list modifier for PostActionUsersController (#25740) 2024-02-20 09:48:09 +10:00
post_actions_controller_spec.rb DEV: Remove full group refreshes from tests (#25414) 2024-01-25 14:28:26 +08:00
post_readers_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
posts_controller_spec.rb FIX: paginating posts should allow for deletions and PMs (#27098) 2024-05-22 15:36:29 +10:00
presence_controller_spec.rb FIX: Updating presence status in readonly mode should fail gracefully (#24333) 2023-11-10 14:27:43 -06:00
published_pages_controller_spec.rb DEV: Fix various spec linting issues (#24672) 2023-12-04 13:45:19 +01:00
push_notification_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
qunit_controller_spec.rb DEV: Stop building test assets in production under Embroider (#23388) 2023-09-11 09:12:37 +01:00
reviewable_claimed_topics_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
reviewables_controller_spec.rb DEV: Convert min_trust_to_flag_posts setting to groups (#24864) 2023-12-13 17:18:42 +08:00
robots_txt_controller_spec.rb
safe_mode_controller_spec.rb
search_controller_spec.rb FIX: Load categories with search topic results (#25700) 2024-02-21 17:29:47 +02:00
session_controller_spec.rb FEATURE: Allow site admin to mark a user's password as expired (#27314) 2024-06-04 15:42:53 +08:00
sidebar_sections_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
similar_topics_controller_spec.rb DEV: Remove full group refreshes from tests (#25414) 2024-01-25 14:28:26 +08:00
site_controller_spec.rb DEV: Refactor discover setting reporting (#26706) 2024-04-23 09:52:01 -04:00
sitemap_controller_spec.rb DEV: Remove unnecessary rails_helper requiring (#26364) 2024-03-26 11:32:01 +01:00
slugs_controller_spec.rb DEV: Remove Discourse.redis.delete_prefixed (#22103) 2023-06-16 12:44:35 +10:00
static_controller_spec.rb DEV: Database backed admin notices (#26192) 2024-05-23 09:29:08 +08:00
steps_controller_spec.rb
stylesheets_controller_spec.rb DEV: Fix test incorrectly removing stylesheet cache of other processes (#25103) 2024-01-03 13:15:35 +08:00
svg_sprite_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
tag_groups_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
tags_controller_spec.rb FIX: muted tags breaking hot page when filtered to tags (#25824) 2024-02-23 17:11:39 +11:00
theme_javascripts_controller_spec.rb DEV: Compile theme migrations javascript files when running theme qunit (#25219) 2024-01-16 09:50:44 +08:00
topic_view_stats_controller_spec.rb FEATURE: topic_view_stats table with daily fidelity (#27197) 2024-05-27 15:25:32 +10:00
topics_controller_spec.rb FIX: display validation errors when converting topics (#27064) 2024-05-17 16:36:25 +02:00
uploads_controller_multisite_spec.rb
uploads_controller_spec.rb SECURITY: Add rate limits for uploads 2024-03-15 14:24:00 +08:00
user_actions_controller_spec.rb FIX: Load categories with user activity and drafts (#26553) 2024-04-10 17:35:42 +03:00
user_api_keys_controller_spec.rb DEV: Automatically update groups for test users with explicit TL (#25415) 2024-01-29 17:52:02 +08:00
user_avatars_controller_spec.rb FEATURE: reduce avatar sizes to 6 from 20 (#21319) 2023-06-01 10:00:01 +10:00
user_badges_controller_spec.rb DEV: Incorrect setup for test (#24736) 2023-12-06 09:26:45 +08:00
user_status_controller_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
users_controller_spec.rb DEV: Catch missing translations during test runs (#26258) 2024-05-24 22:15:53 +08:00
users_email_controller_spec.rb DEV: Update confirm-email flows to use central 2fa and ember rendering (#25404) 2024-01-30 10:32:42 +00:00
webhooks_controller_spec.rb FEATURE: Add Mailpace webhook (#21981) 2023-06-08 20:06:20 +03:00
wizard_controller_spec.rb DEV: Fix various spec linting issues (#24672) 2023-12-04 13:45:19 +01:00