Improve password complexity cukes, add copyright

pull/170/head
Michael Frister 12 years ago
parent 089db98541
commit ab6ab750df
  1. 20
      features/step_definitions/error_steps.rb
  2. 25
      features/step_definitions/password_steps.rb
  3. 10
      features/step_definitions/settings_steps.rb
  4. 4
      features/step_definitions/timelines_then_steps.rb
  5. 21
      features/users/password_complexity_checks.feature
  6. 13
      lib/open_project/passwords.rb

@ -0,0 +1,20 @@
#encoding: utf-8
#-- copyright
# OpenProject is a project management system.
#
# Copyright (C) 2012-2013 the OpenProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# See doc/COPYRIGHT.rdoc for more details.
#++
Then /^there should be an error message$/ do
should have_selector('#errorExplanation')
end
Then /^I should see an error explanation stating "([^"]*)"$/ do |message|
page.all(:css, ".errorExplanation li, .errorExplanation li *", :text => message).should_not be_empty
end

@ -1,3 +1,16 @@
#encoding: utf-8
#-- copyright
# OpenProject is a project management system.
#
# Copyright (C) 2012-2013 the OpenProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# See doc/COPYRIGHT.rdoc for more details.
#++
def parse_password_rules(str)
str.sub(', and ', ', ').split(', ')
end
@ -23,22 +36,20 @@ Given /^I try to set my new password to "(.+)"$/ do |password|
@new_password = password
end
Given /^there should be an error describing the password complexity is too low$/ do
should have_selector('#errorExplanation')
end
Given /^the password change should succeed$/ do
Then /^the password change should succeed$/ do
find('.notice').should have_content('success')
end
Given /^I should be able to login using the new password$/ do
Then /^I should be able to login using the new password$/ do
visit('/logout')
login(@user.login, @new_password)
end
Given /^I activate the ([a-z, ]+) password rules$/ do |rules|
When /^I activate the ([a-z, ]+) password rules$/ do |rules|
rules = parse_password_rules(rules)
# ensure checkboxes are loaded, 'all' doesn't wait
should have_selector(:xpath, "//input[@id='settings_password_active_rules_' and @value='#{rules.first}']")
all(:xpath, "//input[@id='settings_password_active_rules_']").each do |checkbox|
checkbox.set(false)
end

@ -40,14 +40,6 @@ Then /^the "(.+?)" setting should be (true|false)$/ do |name, trueish|
Setting.send((name + "?").to_sym).should == (trueish == "true")
end
When /^I visit the ([^ ]+) settings page$/ do |tab|
visit("/settings?tab=#{tab}")
@settings_tab = tab
end
Given /^I save the settings$/ do
within("#tab-content-#{@settings_tab}") do
click_button('Save')
end
@settings_tab = nil
click_button('Save', :visible => true)
end

@ -132,10 +132,6 @@ Then /^I should see an? (notice|warning|error) flash stating "([^"]*)"$/ do |cla
page.all(:css, ".flash.#{class_name}, .flash.#{class_name} *", :text => message).should_not be_empty
end
Then /^I should see an error explanation stating "([^"]*)"$/ do |message|
page.all(:css, ".errorExplanation li, .errorExplanation li *", :text => message).should_not be_empty
end
Then /^I should see a planning element named "([^"]*)"$/ do |name|
cells = page.all(:css, "table td.timelines-pe-name *", :text => name)
cells.should_not be_empty

@ -1,23 +1,36 @@
#encoding: utf-8
#-- copyright
# OpenProject is a project management system.
#
# Copyright (C) 2012-2013 the OpenProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# See doc/COPYRIGHT.rdoc for more details.
#++
Feature: Password Complexity Checks
Scenario: A user changing the password including attempts to set not complex enough passwords
Given passwords must contain 2 of lowercase, uppercase, and numeric characters
And passwords have a minimum length of 4 characters
And I am logged in
And I try to set my new password to "password"
Then there should be an error describing the password complexity is too low
Then there should be an error message
When I try to set my new password to "Password"
Then the password change should succeed
And I should be able to login using the new password
Scenario: An admin can change the password complexity requirements and they are effective
Given I am admin
When I visit the authentication settings page
When I go to the authentication tab of the settings page
And I activate the lowercase, uppercase, and special password rules
And I fill in "Minimum number of rules to adhere to" with "3"
And I save the settings
And I try to set my new password to "adminADMIN"
Then there should be an error describing the password complexity is too low
Then there should be an error message
And I try to set my new password to "adminADMIN123"
Then there should be an error describing the password complexity is too low
Then there should be an error message
And I try to set my new password to "adminADMIN!"
Then the password change should succeed

@ -1,3 +1,16 @@
#encoding: utf-8
#-- copyright
# OpenProject is a project management system.
#
# Copyright (C) 2012-2013 the OpenProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# See doc/COPYRIGHT.rdoc for more details.
#++
module OpenProject
##
# Evaluate and generate passwords

Loading…
Cancel
Save