Bug 1191779

Summary: User who has forgotten their password, but not yet activated, cannot recover their account
Product: [Retired] Zanata Reporter: Damian Jansen <djansen>
Component: Component-UIAssignee: Alex Eng <aeng>
Status: CLOSED CURRENTRELEASE QA Contact: Damian Jansen <djansen>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 3.6CC: dchen, zanata-bugs
Target Milestone: ---   
Target Release: 3.7   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 3.7.0-SNAPSHOT (git-jenkins-zanata-server-github-pull-requests-2669) Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-07-22 02:19:56 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Damian Jansen 2015-02-11 23:38:32 UTC 
Description of problem:
There's a hole in the auth process where if the user (for example)

1. Signs up to Zanata (not clicking on the activation email)
2. Forgets their password
3. Returns a time later and presses Forgot Password
4. Enters valid username and email
5. Presses Submit

They will be unable to proceed - the system will not, due to no authentication
- send the reset password email
- resend the activation email
- allow any form of updating

Zanata should allow them to to enter username and email, then either just send the activation email and tell the user (easier), or redirect to the account activation page with restrictions to resend email only (less easy).

Version-Release number of selected component (if applicable):
3.6 snapshot
Comment 1 Alex Eng 2015-02-12 04:05:48 UTC 
Pull request:
https://github.com/zanata/zanata-server/pull/689
Comment 2 Damian Jansen 2015-02-23 00:44:06 UTC 
Verified merge (master) at b319ce824c4fd49ce86b2814f17977b2bb16eae8