replace user expired password cuke

pull/6681/head
Jens Ulferts 6 years ago
parent 0c83d08357
commit 5bf74d3fcc
No known key found for this signature in database
GPG Key ID: 3CAA4B1182CF5308
  1. 57
      features/users/password_expiry.feature
  2. 49
      spec/features/auth/login_spec.rb

@ -1,57 +0,0 @@
#-- copyright
# OpenProject is a project management system.
# Copyright (C) 2012-2018 the OpenProject Foundation (OPF)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2017 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See docs/COPYRIGHT.rdoc for more details.
#++
Feature: Pasword expiry
Background:
Given there is a user named "bob"
And I am already admin
Scenario: An admin activating password expiry forces a user to change the password
When I set passwords to expire after 30 days
# login should succeed
And I try to log in with user "bob"
Then I should see "Bob Bobbit" as being logged in
When the time is 31 days later
# 31 days later, the login should fail
And I try to log in with user "bob"
Then I should not see "Bob Bobbit" as being logged in
And there should be a flash error message
# After changing the password, the user should be logged in
When I fill out the change password form
Then there should be a flash notice message
And I should see "Bob Bobbit" as being logged in
Scenario: An admin deactivating password expiry allows a user to login
When I set passwords to expire after 0 days
# login should succeed
And I try to log in with user "bob"
Then I should see "Bob Bobbit" as being logged in
When the time is 31 days later
# 31 days later, the login should fail
And I try to log in with user "bob"
Then I should see "Bob Bobbit" as being logged in

@ -40,6 +40,16 @@ describe 'Login', type: :feature do
User.current = nil
end
def expect_being_logged_in(user)
expect(page)
.to have_selector("a[title='#{user.name}']")
end
def expect_not_being_logged_in
expect(page)
.to have_field('Login')
end
context 'sign in user' do
let(:user_password) { 'bob' * 4 }
let(:new_user_password) { 'obb' * 4 }
@ -136,8 +146,7 @@ describe 'Login', type: :feature do
visit home_path
# expect being logged in automatically
expect(page)
.to have_selector("a[title='#{user.name}']")
expect_being_logged_in(user)
fake_browser_closed
# faking having changed the autologin setting
@ -147,8 +156,40 @@ describe 'Login', type: :feature do
visit my_page_path
# expect not being logged in automatically
expect(page)
.to have_field('Login')
expect_not_being_logged_in
end
end
context 'with password expiry' do
before do
user.passwords.update_all(created_at: 31.days.ago,
updated_at: 31.days.ago)
end
it 'does not allow login if the password is expired but the user can provide a new one' do
login_with(user.login, user_password)
expect_being_logged_in(user)
visit signout_path
allow(Setting)
.to receive(:password_days_valid)
.and_return(30)
login_with(user.login, user_password)
fill_in 'Current password', with: user_password
fill_in 'New password', with: new_user_password
fill_in 'Confirmation', with: new_user_password
click_button 'Save'
expect_being_logged_in(user)
visit signout_path
login_with(user.login, new_user_password)
expect_being_logged_in(user)
end
end
end

Loading…
Cancel
Save