Suspended account should require a password reset
Bug #620462 reported by
Dave Morley
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical SSO provider |
Fix Released
|
Critical
|
Łukasz Czyżykowski |
Bug Description
Bug Description:
bug 544293 list of steps says that you should need to reset your password. However in 2.7.1 you don't need to reset the password in order to log in once the account has been set back to active in admin.
OS:
32bit Lucid UNE
Browser:
FF 3.6.8
Problem URL:
https:/
Steps To Reproduce:
1. Get a losa to suspend your account
2. Try and log in
3. Get the losa to set your account back to active
4. Try and log in again
Expected Result:
You're meant to have to reset your password and not be able to login straight away.
Related branches
lp://staging/~canonical-isd-hackers/canonical-identity-provider/suspended-account-reset-password
- Anthony Lenton (community): Approve
-
Diff: 270 lines (+110/-15)5 files modifiedidentityprovider/admin.py (+1/-2)
identityprovider/models/account.py (+3/-3)
identityprovider/tests/functional/helpers.py (+41/-5)
identityprovider/tests/functional/test_admin.py (+59/-0)
identityprovider/tests/functional/urls.py (+6/-5)
tags: | added: bug-1 |
Changed in canonical-identity-provider: | |
importance: | Undecided → High |
milestone: | none → 2.8.0 |
assignee: | nobody → Łukasz Czyżykowski (lukasz-czyzykowski) |
status: | New → Confirmed |
Changed in canonical-identity-provider: | |
milestone: | 2.8.0 → 2.10.0 |
Changed in canonical-isd-qa: | |
importance: | Undecided → High |
milestone: | none → canonical-identity-provider+2.10.0 |
Changed in canonical-identity-provider: | |
milestone: | 2.10.0 → none |
Changed in canonical-identity-provider: | |
importance: | High → Critical |
Changed in canonical-identity-provider: | |
milestone: | none → 2-implementation |
status: | Confirmed → In Progress |
Changed in canonical-identity-provider: | |
status: | In Progress → Fix Committed |
milestone: | 2-implementation → 3-internal-qa |
Changed in canonical-identity-provider: | |
milestone: | 4-staging → 5-production |
Changed in canonical-identity-provider: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
When suspending account it seems that Account.save() code is not run, as password is not set to 'invalid'.