• Serena Fang's avatar
    Users with expired password can still access API with token · 383bc5a3
    Serena Fang authored
    Comment push test
    
    Add condition to password expired if applicable
    
    Changelog: security
    
    Create new method password expired applicable
    
    Add specs for password expired if applicable
    
    When password automatically set,
    password expired if applicable is false
    
    Fix user specs
    
    Add check for allow password auth
    
    Switch order of condition checks
    
    Rearrange user specs
    
    Move identity specs to ee
    
    Move scim, saml, smartcard specs to ee
    
    Fix failing spec
    
    Remove password automatically set from specs
    
    Fix failing specs
    
    Move password expired check higher
    
    Use omniauth user
    
    Instead of allow user to receive ldap_user
    
    Fix spec wording
    
    Small spec fixes
    
    Apply maintainer suggestions
    383bc5a3
lfs_token_spec.rb 6.25 KB