From fbf69899032ffd5e74e401aae7c94852a0722e92 Mon Sep 17 00:00:00 2001
From: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Date: Thu, 13 Jun 2013 20:06:33 +0300
Subject: [PATCH] Force admin to change password after first sign-in

---
 app/controllers/application_controller.rb | 2 +-
 app/models/user.rb                        | 7 +++++--
 db/fixtures/production/001_admin.rb       | 3 ++-
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index edb1b787dcc..fda05feefc0 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -159,7 +159,7 @@ class ApplicationController < ActionController::Base
   end
 
   def check_password_expiration
-    if current_user.password_expires_at && current_user.password_expires_at < Time.now
+    if current_user && current_user.password_expires_at && current_user.password_expires_at < Time.now
       redirect_to new_profile_password_path and return
     end
   end
diff --git a/app/models/user.rb b/app/models/user.rb
index 0a3a40b994c..3f92ca3f854 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -42,8 +42,11 @@ class User < ActiveRecord::Base
 
   attr_accessible :email, :password, :password_confirmation, :remember_me, :bio, :name, :username,
                   :skype, :linkedin, :twitter, :color_scheme_id, :theme_id, :force_random_password,
-                  :extern_uid, :provider, as: [:default, :admin]
-  attr_accessible :projects_limit, :can_create_team, :can_create_group, as: :admin
+                  :extern_uid, :provider, :password_expires_at,
+                  as: [:default, :admin]
+
+  attr_accessible :projects_limit, :can_create_team, :can_create_group,
+                  as: :admin
 
   attr_accessor :force_random_password
 
diff --git a/db/fixtures/production/001_admin.rb b/db/fixtures/production/001_admin.rb
index f119694d11d..632f6107b33 100644
--- a/db/fixtures/production/001_admin.rb
+++ b/db/fixtures/production/001_admin.rb
@@ -3,7 +3,8 @@ admin = User.create(
   name: "Administrator",
   username: 'root',
   password: "5iveL!fe",
-  password_confirmation: "5iveL!fe"
+  password_confirmation: "5iveL!fe",
+  password_expires_at: Time.now
 )
 
 admin.projects_limit = 10000
-- 
GitLab