diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 0ce5dc4cbf41..cf4918694a52 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -51,7 +51,7 @@ class ApplicationController < ActionController::Base include Accounts::UserLogin include Accounts::Authorization include Accounts::EnterpriseGuard - include ::OpenProject::Authentication::SessionExpiry + include ::OpenProject::Authentication::SessionExpiration include AdditionalUrlHelpers include OpenProjectErrorHelper include Security::DefaultUrlOptions diff --git a/app/models/user_password.rb b/app/models/user_password.rb index 239499d4e1f4..35f027946d97 100644 --- a/app/models/user_password.rb +++ b/app/models/user_password.rb @@ -61,7 +61,7 @@ def matches_plaintext?(plain, update_legacy: true) ## # Rehash the password using the currently active strategy. - # This replaces the password and keeps expiry date identical. + # This replaces the password and keeps expiration date identical. def rehash_as_active(plain) active_class = UserPassword.active_type diff --git a/app/services/users/change_password_service.rb b/app/services/users/change_password_service.rb index 6668eb77b4d7..ad09ec8ec4d7 100644 --- a/app/services/users/change_password_service.rb +++ b/app/services/users/change_password_service.rb @@ -75,8 +75,8 @@ def invalidate_other_sessions def update_message update_message = I18n.t(:notice_account_password_updated) - expiry_message = I18n.t(:notice_account_other_session_expired) - { message_type: :info, message: "#{update_message} #{expiry_message}" } + expiration_message = I18n.t(:notice_account_other_session_expired) + { message_type: :info, message: "#{update_message} #{expiration_message}" } end def log_success diff --git a/app/services/users/login_service.rb b/app/services/users/login_service.rb index 2461aaee8f0c..1c922da0c7af 100644 --- a/app/services/users/login_service.rb +++ b/app/services/users/login_service.rb @@ -66,7 +66,7 @@ def set_autologin_cookie token = Token::AutoLogin.create!(user:, data: token_session_information) cookie_options = { value: token.plain_value, - # The autologin expiry is checked on validating the token + # The autologin expiration is checked on validating the token # but still expire the cookie to avoid unnecessary retries expires: token.expires_on, path: OpenProject::Configuration["autologin_cookie_path"], diff --git a/config/constants/settings/definition.rb b/config/constants/settings/definition.rb index 7ed56a78a481..a6de92aaa111 100644 --- a/config/constants/settings/definition.rb +++ b/config/constants/settings/definition.rb @@ -169,9 +169,10 @@ class Definition default: %w[ca cs de el en es fr hu id it ja ko lt nl no pl pt-BR pt-PT ro ru sk sl sv tr uk vi zh-CN zh-TW].freeze, allowed: -> { Redmine::I18n.all_languages } }, - avatar_link_expiry_seconds: { + avatar_link_expiration_seconds: { description: "Cache duration for avatar image API responses", - default: 24.hours.to_i + default: 24.hours.to_i, + env_alias: "OPENPROJECT_AVATAR__LINK__EXPIRY__SECONDS" }, # Allow users with the required permissions to create backups via the web interface or API. backup_enabled: { @@ -216,7 +217,7 @@ class Definition default: 20 }, cache_expires_in_seconds: { - description: "Expiration time for memcache entries, empty for no expiry be default", + description: "Expiration time for memcache entries, empty for no expiration be default", format: :integer, default: nil, writable: false diff --git a/config/locales/en.yml b/config/locales/en.yml index 6815371c903e..e2d6fdb537e2 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -4428,7 +4428,7 @@ en: setting_self_registration_manual_activation_caption: > Users can register on their own. Their accounts are in a pending state until an administrator or user with the global permission to create or manage users activates them. - setting_session_ttl: "Session expiry time after inactivity" + setting_session_ttl: "Session expiration time after inactivity" setting_session_ttl_hint: "Value below 5 works like disabled" setting_session_ttl_enabled: "Session expires" setting_start_of_week: "Week starts on" diff --git a/db/migrate/20251107114245_rename_avatar_link_expiry_setting_to_expiration.rb b/db/migrate/20251107114245_rename_avatar_link_expiry_setting_to_expiration.rb new file mode 100644 index 000000000000..97e1d7615dc5 --- /dev/null +++ b/db/migrate/20251107114245_rename_avatar_link_expiry_setting_to_expiration.rb @@ -0,0 +1,43 @@ +# frozen_string_literal: true + +#-- copyright +# OpenProject is an open source project management software. +# Copyright (C) the OpenProject GmbH +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License version 3. +# +# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows: +# Copyright (C) 2006-2013 Jean-Philippe Lang +# Copyright (C) 2010-2013 the ChiliProject Team +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# +# See COPYRIGHT and LICENSE files for more details. +#++ + +require_relative "migration_utils/setting_renamer" + +class RenameAvatarLinkExpirySettingToExpiration < ActiveRecord::Migration[8.0] + def up + ::Migration::MigrationUtils::SettingRenamer + .rename(:avatar_link_expiry_seconds, :avatar_link_expiration_seconds) + end + + def down + ::Migration::MigrationUtils::SettingRenamer + .rename(:avatar_link_expiration_seconds, :avatar_link_expiry_seconds) + end +end diff --git a/db/migrate/migration_utils/setting_renamer.rb b/db/migrate/migration_utils/setting_renamer.rb index 5851fb1addc6..5591f5038eb4 100644 --- a/db/migrate/migration_utils/setting_renamer.rb +++ b/db/migrate/migration_utils/setting_renamer.rb @@ -28,26 +28,28 @@ # See COPYRIGHT and LICENSE files for more details. #++ -module Migration::MigrationUtils - class SettingRenamer - # define all the following methods as class methods - class << self - def rename(source_name, target_name) - ActiveRecord::Base.connection.execute <<-SQL - UPDATE #{settings_table} - SET name = #{quote_value(target_name)} - WHERE name = #{quote_value(source_name)} - SQL - end +module Migration + module MigrationUtils + class SettingRenamer + # define all the following methods as class methods + class << self + def rename(source_name, target_name) + ActiveRecord::Base.connection.execute <<-SQL.squish + UPDATE #{settings_table} + SET name = #{quote_value(target_name)} + WHERE name = #{quote_value(source_name)} + SQL + end - private + private - def settings_table - @settings_table ||= ActiveRecord::Base.connection.quote_table_name("settings") - end + def settings_table + @settings_table ||= ActiveRecord::Base.connection.quote_table_name("settings") + end - def quote_value(s) - ActiveRecord::Base.connection.quote(s) + def quote_value(value) + ActiveRecord::Base.connection.quote(value) + end end end end diff --git a/docs/development/concepts/secure-coding/README.md b/docs/development/concepts/secure-coding/README.md index 8f5ca6b1c8ad..3436742fa2c7 100644 --- a/docs/development/concepts/secure-coding/README.md +++ b/docs/development/concepts/secure-coding/README.md @@ -99,7 +99,7 @@ As OpenProject is a web application, the web session is the central mechanism of **Guidelines** - Use Rails' built-in secure session cookies for maintaining the users' session. It incorporates best-practices to ensure strong session tokens, tamper resistance, and proper expiration. -- Ensure session cookies are marked `secure` and `httponly`, as well as providing the appropriate `SameSite` and expiry flags according to the instance's configuration. +- Ensure session cookies are marked `secure` and `httponly`, as well as providing the appropriate `SameSite` and expiration flags according to the instance's configuration. - Provide a secure logout mechanism that invalidates the session and clears session cookies. Ensure that users are logged out after a period of inactivity. - Implement session fixation protection mechanisms to prevent attackers from fixing a user's session to a known value. - Prevent storing sensitive unencrypted session information on the client device diff --git a/docs/installation-and-operations/configuration/README.md b/docs/installation-and-operations/configuration/README.md index 868b2cff449d..e87959fade14 100644 --- a/docs/installation-and-operations/configuration/README.md +++ b/docs/installation-and-operations/configuration/README.md @@ -547,7 +547,7 @@ OPENPROJECT_REMOTE__STORAGE__DOWNLOAD__HOST=mybucket.s3.eu-west.amazonaws.com" When using remote storage for attachments via fog - usually S3 (see [`attachments_storage`](#attachments-storage) option) - each attachment download will generate a temporary URL. This option determines how long these links will be valid. -The default is 21600 seconds, that is 6 hours, which is the maximum expiry time allowed by S3 when using IAM roles for authentication. +The default is 21600 seconds, that is 6 hours, which is the maximum expiration time allowed by S3 when using IAM roles for authentication. *default: 21600* @@ -698,7 +698,7 @@ OPENPROJECT_SECURITY__BADGE__DISPLAYED="false" * When using `redis`, the following configuration option is relevant: * `cache_redis_url`: The URL of the Redis host (e.g., `redis://host:6379`) -* `cache_expires_in`: Expiration time for memcache entries (default: `nil`, no expiry) +* `cache_expires_in`: Expiration time for memcache entries (default: `nil`, no expiration) * `cache_namespace`: Namespace for cache keys, useful when multiple applications use a single memcache server (default: `nil`) ### Rails asset host diff --git a/docs/installation-and-operations/configuration/environment/README.md b/docs/installation-and-operations/configuration/environment/README.md index f6bb780e1491..3eaf0bd60e7e 100644 --- a/docs/installation-and-operations/configuration/environment/README.md +++ b/docs/installation-and-operations/configuration/environment/README.md @@ -142,7 +142,7 @@ OPENPROJECT_AUTOLOGIN (default=0) Autologin OPENPROJECT_AUTOLOGIN__COOKIE__NAME (default="autologin") Cookie name for autologin cookie OPENPROJECT_AUTOLOGIN__COOKIE__PATH (default="/") Cookie path for autologin cookie OPENPROJECT_AVAILABLE__LANGUAGES (default=["ca", "cs", "de", "el", "en", "es", "fr", "hu", "id", "it", "ja", "ko", "lt", "nl", "no", "pl", "pt-BR", "pt-PT", "ro", "ru", "sk", "sl", "sv", "tr", "uk", "vi", "zh-CN", "zh-TW"]) Available languages -OPENPROJECT_AVATAR__LINK__EXPIRY__SECONDS (default=86400) Cache duration for avatar image API responses +OPENPROJECT_AVATAR__LINK__EXPIRATION__SECONDS (default=86400) Cache duration for avatar image API responses OPENPROJECT_BACKUP__ATTACHMENT__SIZE__MAX__SUM__MB (default=1024) Maximum limit of attachment size to include into application backups OPENPROJECT_BACKUP__DAILY__LIMIT (default=3) Maximum number of application backups allowed per day OPENPROJECT_BACKUP__ENABLED (default=true) Enable application backups through the UI @@ -153,7 +153,7 @@ OPENPROJECT_BLACKLISTED__ROUTES (default=[]) Blocked routes to prevent access to OPENPROJECT_BOARDS__DEMO__DATA__AVAILABLE (default=false) Internal setting determining availability of demo seed data OPENPROJECT_BRUTE__FORCE__BLOCK__AFTER__FAILED__LOGINS (default=20) Number of login attempts per user before assuming brute force attack OPENPROJECT_BRUTE__FORCE__BLOCK__MINUTES (default=30) Number of minutes to block users after presumed brute force attack -OPENPROJECT_CACHE__EXPIRES__IN__SECONDS (default=nil) Expiration time for memcache entries, empty for no expiry be default +OPENPROJECT_CACHE__EXPIRES__IN__SECONDS (default=nil) Expiration time for memcache entries, empty for no expiration be default OPENPROJECT_CACHE__FORMATTED__TEXT (default=true) Cache formatted text OPENPROJECT_CACHE__MEMCACHE__SERVER (default=nil) The memcache server host and IP OPENPROJECT_CACHE__NAMESPACE (default=nil) Namespace for cache keys, useful when multiple applications use a single memcache server @@ -344,7 +344,7 @@ OPENPROJECT_SELF__REGISTRATION (default=2) Self-registration OPENPROJECT_SENDMAIL__ARGUMENTS (default="-i") Arguments to call sendmail with in case it is configured as outgoing email setup OPENPROJECT_SENDMAIL__LOCATION (default="/usr/sbin/sendmail") Location of sendmail to call if it is configured as outgoing email setup OPENPROJECT_SESSION__COOKIE__NAME (default="_open_project_session") Set session cookie name -OPENPROJECT_SESSION__TTL (default=120) Session expiry time after inactivity +OPENPROJECT_SESSION__TTL (default=120) Session expiration time after inactivity OPENPROJECT_SESSION__TTL__ENABLED (default=false) Session expires OPENPROJECT_SHOW__COMMUNITY__LINKS (default=true) Enable or disable links to OpenProject community instances OPENPROJECT_SHOW__PENDING__MIGRATIONS__WARNING (default=true) Enable or disable warning bar in case of pending migrations diff --git a/docs/installation-and-operations/installation/packaged/openproject-apache-example.conf b/docs/installation-and-operations/installation/packaged/openproject-apache-example.conf index 5125302cf3e7..fe5702c2d913 100644 --- a/docs/installation-and-operations/installation/packaged/openproject-apache-example.conf +++ b/docs/installation-and-operations/installation/packaged/openproject-apache-example.conf @@ -70,7 +70,7 @@ - # Send expiry headers for assets, that carry an asset id. Assuming, an asset + # Send expiration headers for assets, that carry an asset id. Assuming, an asset # id is a unix timestamp, which is currently a 10 digit integer. This might # change in the far future. diff --git a/docs/release-notes/13/13-2-0/README.md b/docs/release-notes/13/13-2-0/README.md index 89b34bb51d65..21b8d4e41ba6 100644 --- a/docs/release-notes/13/13-2-0/README.md +++ b/docs/release-notes/13/13-2-0/README.md @@ -99,7 +99,7 @@ Please note that **% Complete** does not adjust automatically when the values of - Bugfix: Can not add invited users to existing groups \[[#51679](https://community.openproject.org/wp/51679)\] - Bugfix: Project.visible scope slower than it should be \[[#51706](https://community.openproject.org/wp/51706)\] - Bugfix: Ongoing meetings are not visible via the Meetings tab in work packages \[[#51715](https://community.openproject.org/wp/51715)\] -- Bugfix: The Access Token expiry date not updated on refresh for FileStorage tokens \[[#51749](https://community.openproject.org/wp/51749)\] +- Bugfix: The Access Token expiration date not updated on refresh for FileStorage tokens \[[#51749](https://community.openproject.org/wp/51749)\] - Bugfix: Work package share permissions not in Work package permission group \[[#52086](https://community.openproject.org/wp/52086)\] - Bugfix: lockVersion missing in payload for API WP form when only having change_work_package_status permission \[[#52089](https://community.openproject.org/wp/52089)\] - Bugfix: Status cannot be changed in backlogs when only having change_work_package_status permission \[[#52090](https://community.openproject.org/wp/52090)\] diff --git a/docs/release-notes/6/6-1-6/README.md b/docs/release-notes/6/6-1-6/README.md index 6afe01dc5b7f..9286e74c000f 100644 --- a/docs/release-notes/6/6-1-6/README.md +++ b/docs/release-notes/6/6-1-6/README.md @@ -8,7 +8,7 @@ release_date: 2017-03-20 # OpenProject 6.1.6 -The release contains an important security fix regarding session expiry. +The release contains an important security fix regarding session expiration. For details on the security fix, take a look at the [release news](https://www.openproject.org/blog/openproject-6-1-6-released-security-fix/). diff --git a/docs/release-notes/7/7-0-3/README.md b/docs/release-notes/7/7-0-3/README.md index 19551c5385df..5f3938e0e76f 100644 --- a/docs/release-notes/7/7-0-3/README.md +++ b/docs/release-notes/7/7-0-3/README.md @@ -9,7 +9,7 @@ release_date: 2017-06-29 # OpenProject 7.0.3 -The release contains an important security fix regarding session expiry +The release contains an important security fix regarding session expiration and several bug fixes. For details on the security fix, take a look at the [release diff --git a/docs/security-and-privacy/processing-of-personal-data/README.md b/docs/security-and-privacy/processing-of-personal-data/README.md index 4b6b6a7641de..dfb5e0137378 100644 --- a/docs/security-and-privacy/processing-of-personal-data/README.md +++ b/docs/security-and-privacy/processing-of-personal-data/README.md @@ -686,7 +686,7 @@ flowchart LR OpenProject makes use of technical cookies to identity the browser client and/or remember information such as 2FA login state. The core application makes use of these cookies: -| **Cookie name** | **Description** | **Expiry** | **Security flags** | **Implementation** | +| **Cookie name** | **Description** | **Expiration** | **Security flags** | **Implementation** | | ---------------------------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------ | ----------------------------------------------------- | ------------------------------------------------------------ | | `_open_project_session` (name is configurable) | contains the information about the logged in user as well as information stored between requests on the user's choices (e.g. the filters for costs are in part stored there) | Session
+ configurable server-sideTTL | secure
httponly
Samesite=Lax
encrypted | [Code ref](https://github.com/opf/openproject/blob/release/16.0/config/initializers/session_store.rb#L34-L39) | | `autologin` (name is configurable) | (Optional feature, requires opt-in under Administration > Authentication settings)
enables the user to automatically log in again after the session expired (e.g. because the browser was closed). It is set when the user checks the '*Stay logged in*' box in the login form.
| Cookie 1 year
+ server-side token N days (configurable) | secure
httponly
Samesite=Lax
encrypted | [Code ref](https://github.com/opf/openproject/blob/release/16.0/app/services/users/login_service.rb#L58-L74) | diff --git a/docs/system-admin-guide/authentication/login-registration-settings/README.md b/docs/system-admin-guide/authentication/login-registration-settings/README.md index f64fe212c559..7672976591e3 100644 --- a/docs/system-admin-guide/authentication/login-registration-settings/README.md +++ b/docs/system-admin-guide/authentication/login-registration-settings/README.md @@ -29,7 +29,7 @@ Under the *Login* tab you can adjust following settings: 2. Activate the **session expiration option**. -3. Set the **duration for inactivity time**, after which a session will expire. Note that any value below 5 will be treated as disabling the session expiry setting. +3. Set the **duration for inactivity time**, after which a session will expire. Note that any value below 5 will be treated as disabling the session expiration setting. 4. Define whether **user login, name, and mail address** should be logged for all requests. diff --git a/docs/user-guide/account-settings/README.md b/docs/user-guide/account-settings/README.md index 887a715c6a2a..60e62adae86a 100644 --- a/docs/user-guide/account-settings/README.md +++ b/docs/user-guide/account-settings/README.md @@ -270,11 +270,11 @@ To view and manage your OpenProject sessions navigate to **Account settings** an ![Sessions management in OpenProject account settings](openproject_account_settings_sessions_management.png) -Here you can view and manage all of your active and remembered sessions in one place. Each row shows the browser, device, expiry date and last connection timestamp. For your current session the “Last connection” column displays **“Current (this device)”**. +Here you can view and manage all of your active and remembered sessions in one place. Each row shows the browser, device, expiration date and last connection timestamp. For your current session the “Last connection” column displays **“Current (this device)”**. You can revoke a session at any time by clicking the **×** icon at the end of the row. Hover over the icon to see the **“Revoke”** tooltip. When you click, a confirmation message appears. -Sessions expire automatically according to your instance’s authentication settings. Remembered sessions show their expiry in relative time (for example “in 5 days”). +Sessions expire automatically according to your instance’s authentication settings. Remembered sessions show their expiration in relative time (for example “in 5 days”). > [!NOTE] > Closing a browser does not necessarily terminate the session. It might still be displayed in the list and will be reactivated if you open the browser. This depends on both your browser's and the OpenProject instance's settings. diff --git a/lib/api/helpers/attachment_renderer.rb b/lib/api/helpers/attachment_renderer.rb index 2fffb34b0192..0c75202e3bd8 100644 --- a/lib/api/helpers/attachment_renderer.rb +++ b/lib/api/helpers/attachment_renderer.rb @@ -134,7 +134,7 @@ def fog_cache_seconds end def avatar_link_expires_in - seconds = avatar_link_expiry_seconds + seconds = avatar_link_expiration_seconds if seconds == 0 nil @@ -143,8 +143,8 @@ def avatar_link_expires_in end end - def avatar_link_expiry_seconds - @avatar_link_expiry_seconds ||= OpenProject::Configuration.avatar_link_expiry_seconds.to_i + def avatar_link_expiration_seconds + @avatar_link_expiration_seconds ||= OpenProject::Configuration.avatar_link_expiration_seconds.to_i end end end diff --git a/lib_static/open_project/authentication/session_expiry.rb b/lib_static/open_project/authentication/session_expiration.rb similarity index 98% rename from lib_static/open_project/authentication/session_expiry.rb rename to lib_static/open_project/authentication/session_expiration.rb index 0a45ec5b0284..f112b7ed51d4 100644 --- a/lib_static/open_project/authentication/session_expiry.rb +++ b/lib_static/open_project/authentication/session_expiration.rb @@ -30,7 +30,7 @@ module OpenProject module Authentication - module SessionExpiry + module SessionExpiration def session_ttl_enabled? Setting.session_ttl_enabled? && Setting.session_ttl.to_i >= 5 end diff --git a/lib_static/open_project/authentication/strategies/warden/session.rb b/lib_static/open_project/authentication/strategies/warden/session.rb index d5687ce0ce2d..b5a89522cbdf 100644 --- a/lib_static/open_project/authentication/strategies/warden/session.rb +++ b/lib_static/open_project/authentication/strategies/warden/session.rb @@ -28,7 +28,7 @@ # See COPYRIGHT and LICENSE files for more details. #++ -require "open_project/authentication/session_expiry" +require "open_project/authentication/session_expiration" module OpenProject module Authentication @@ -39,7 +39,7 @@ module Warden # not been unified in terms of Warden strategies and is only locally # applied to the API v3. class Session < ::Warden::Strategies::Base - include ::OpenProject::Authentication::SessionExpiry + include ::OpenProject::Authentication::SessionExpiration def valid? # A session must exist and valid diff --git a/spec/components/admin/enterprise_tokens/table_component_spec.rb b/spec/components/admin/enterprise_tokens/table_component_spec.rb index e8839f966460..83205758a196 100644 --- a/spec/components/admin/enterprise_tokens/table_component_spec.rb +++ b/spec/components/admin/enterprise_tokens/table_component_spec.rb @@ -127,7 +127,7 @@ def dates_cells expect(subscription_cells).to all(have_primer_label("Expiring soon", scheme: "attention")) end - it "has expiry date in :attention color in the dates column" do + it "has expiration date in :attention color in the dates column" do render_inline(component) expect(dates_cells[0]).to have_primer_text(format_date(tokens.first.starts_at), color: "subtle") @@ -152,7 +152,7 @@ def dates_cells expect(subscription_cells).to all(have_primer_label("In grace period", scheme: "attention")) end - it "has expiry date in :attention color in the dates column" do + it "has expiration date in :attention color in the dates column" do render_inline(component) expect(dates_cells[0]).to have_primer_text(format_date(tokens.first.starts_at), color: "subtle") @@ -178,7 +178,7 @@ def dates_cells expect(subscription_cells).to all(have_primer_label("Expired", scheme: "danger")) end - it "has expiry date in :danger color in the dates column" do + it "has expiration date in :danger color in the dates column" do render_inline(component) expect(dates_cells[0]).to have_primer_text(format_date(tokens.first.starts_at), color: "subtle") diff --git a/spec/features/admin/settings/authentication_settings_spec.rb b/spec/features/admin/settings/authentication_settings_spec.rb index 4ef95493e077..e1dbcb2bae80 100644 --- a/spec/features/admin/settings/authentication_settings_spec.rb +++ b/spec/features/admin/settings/authentication_settings_spec.rb @@ -64,19 +64,19 @@ it "allows changing session expiration options" do expect(login_page).to have_unchecked_field "Session expires" - expect(login_page).to have_no_field "Session expiry time after inactivity" + expect(login_page).to have_no_field "Session expiration time after inactivity" check "Session expires" - expect(login_page).to have_field "Session expiry time after inactivity" + expect(login_page).to have_field "Session expiration time after inactivity" - fill_in "Session expiry time after inactivity", with: "30" + fill_in "Session expiration time after inactivity", with: "30" login_page.save Setting.clear_cache login_page.reload! expect(login_page).to have_checked_field "Session expires" - expect(login_page).to have_field "Session expiry time after inactivity", with: "30", described_by: "minutes" + expect(login_page).to have_field "Session expiration time after inactivity", with: "30", described_by: "minutes" uncheck "Session expires" @@ -85,7 +85,7 @@ login_page.reload! expect(login_page).to have_unchecked_field "Session expires" - expect(login_page).to have_no_field "Session expiry time after inactivity" + expect(login_page).to have_no_field "Session expiration time after inactivity" end it "allows changing logging options" do diff --git a/spec/features/auth/login_spec.rb b/spec/features/auth/login_spec.rb index 8aeede71ca48..bdb7f18f6a17 100644 --- a/spec/features/auth/login_spec.rb +++ b/spec/features/auth/login_spec.rb @@ -186,7 +186,7 @@ def fake_browser_closed end end - context "with password expiry", :js do + context "with password expiration", :js do before do user.passwords.update_all(created_at: 31.days.ago, updated_at: 31.days.ago) diff --git a/spec/forms/settings/authentication_settings_form_spec.rb b/spec/forms/settings/authentication_settings_form_spec.rb index fe3cc581ee0e..20623106cd2d 100644 --- a/spec/forms/settings/authentication_settings_form_spec.rb +++ b/spec/forms/settings/authentication_settings_form_spec.rb @@ -53,8 +53,8 @@ def render_form expect(page).to have_unchecked_field "Session expires" end - it "renders 'Session expiry time after inactivity' number field" do - expect(page).to have_field "Session expiry time after inactivity", type: "number" + it "renders 'Session expiration time after inactivity' number field" do + expect(page).to have_field "Session expiration time after inactivity", type: "number" end it "renders 'Log user login, name, and mail address for all requests' checkbox" do diff --git a/spec/models/attachment_spec.rb b/spec/models/attachment_spec.rb index 6b6b2064b8e9..92c99f8a8e2f 100644 --- a/spec/models/attachment_spec.rb +++ b/spec/models/attachment_spec.rb @@ -227,12 +227,12 @@ let(:url_options) { {} } let(:query) { attachment.external_url(**url_options).to_s.split("?").last } - it "has a default expiry time" do + it "has a default expiration time" do expect(query).to include "X-Amz-Expires=" expect(query).not_to include "X-Amz-Expires=3600" end - context "with a custom expiry time" do + context "with a custom expiration time" do let(:url_options) { { expires_in: 1.hour } } it "uses that time" do @@ -240,7 +240,7 @@ end end - context "with expiry time exceeding maximum" do + context "with expiration time exceeding maximum" do let(:url_options) { { expires_in: 1.year } } it "uses the allowed max" do diff --git a/spec/models/user_password_spec.rb b/spec/models/user_password_spec.rb index a27aab84f14f..6f1bb70ada97 100644 --- a/spec/models/user_password_spec.rb +++ b/spec/models/user_password_spec.rb @@ -36,20 +36,20 @@ let(:password) { create(:user_password, user:, plain_password: "adminAdmin!") } describe "#expired?" do - context "with expiry value set", + context "with expiration value set", with_settings: { password_days_valid: 30 } do - it "is true for an old password when password expiry is activated" do + it "is true for an old password when password expiration is activated" do expect(old_password.expired?).to be_truthy end - it "is false when password expiry is enabled and the password was changed recently" do + it "is false when password expiration is enabled and the password was changed recently" do expect(password.expired?).to be_falsey end end - context "with expiry value disabled", + context "with expiration value disabled", with_settings: { password_days_valid: 0 } do - it "is false for an old password when password expiry is disabled" do + it "is false for an old password when password expiration is disabled" do expect(old_password.expired?).to be_falsey end end