assign_user_id and UserFixture password fixes.
When the database is empty, which can happen in the test database and in the dev database if the seeds.rb aren't applied, the assign_user_id method would not assign an id and the newer before_filter block to generate_token would fail. UserFixture had a password on it that wouldn't pass the new validation rules once that vulnerability is patched.
This commit is contained in:
chrismo
@@ -5,14 +5,14 @@ class UserFixture
|
||||
end
|
||||
|
||||
def self.normal_user
|
||||
password = 'aoeuaoeu'
|
||||
password = 'thi$ 1s cOmplExEr'
|
||||
user = User.new(:first_name => 'Joe', :last_name => 'Schmoe',
|
||||
:email => 'joe@schmoe.com', :password => password, :password_confirmation => password)
|
||||
def user.clear_password
|
||||
'aoeuaoeu'
|
||||
'thi$ 1s cOmplExEr'
|
||||
end
|
||||
user.build_benefits_data
|
||||
user.save!
|
||||
user
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user