← Back to branch summary

~juju-qa/ubuntu/xenial/juju/xenial-2.0-beta3

« back to all changes in this revision

Viewing changes to src/github.com/juju/juju/state/user_test.go

  • Committer: Martin Packman
  • Date: 2016-03-30 19:31:08 UTC
  • mfrom: (1.1.41)
  • Revision ID: martin.packman@canonical.com-20160330193108-h9iz3ak334uk0z5r
Merge new upstream source 2.0~beta3

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/github.com/juju/juju/state/user_test.go
147
147
func (s *UserSuite) TestSetPasswordHash(c *gc.C) {
148
148
        user := s.Factory.MakeUser(c, nil)
149
149
 
150
 
        err := user.SetPasswordHash(utils.UserPasswordHash("foo", utils.CompatSalt), utils.CompatSalt)
 
150
        salt, err := utils.RandomSalt()
 
151
        c.Assert(err, jc.ErrorIsNil)
 
152
        err = user.SetPasswordHash(utils.UserPasswordHash("foo", salt), salt)
151
153
        c.Assert(err, jc.ErrorIsNil)
152
154
 
153
155
        c.Assert(user.PasswordValid("foo"), jc.IsTrue)
169
171
        c.Assert(err, jc.ErrorIsNil)
170
172
 
171
173
        c.Assert(user.PasswordValid("foo"), jc.IsTrue)
172
 
        salt, hash := state.GetUserPasswordSaltAndHash(user)
 
174
        salt, _ := state.GetUserPasswordSaltAndHash(user)
173
175
        c.Assert(salt, gc.Equals, "salted")
174
 
        c.Assert(hash, gc.Not(gc.Equals), utils.UserPasswordHash("foo", utils.CompatSalt))
175
 
}
176
 
 
177
 
func (s *UserSuite) TestPasswordValidUpdatesSalt(c *gc.C) {
178
 
        user := s.Factory.MakeUser(c, nil)
179
 
 
180
 
        compatHash := utils.UserPasswordHash("foo", utils.CompatSalt)
181
 
        err := user.SetPasswordHash(compatHash, "")
182
 
        c.Assert(err, jc.ErrorIsNil)
183
 
        beforeSalt, beforeHash := state.GetUserPasswordSaltAndHash(user)
184
 
        c.Assert(beforeSalt, gc.Equals, "")
185
 
        c.Assert(beforeHash, gc.Equals, compatHash)
186
 
        c.Assert(user.PasswordValid("bar"), jc.IsFalse)
187
 
        // A bad password doesn't trigger a rewrite
188
 
        afterBadSalt, afterBadHash := state.GetUserPasswordSaltAndHash(user)
189
 
        c.Assert(afterBadSalt, gc.Equals, "")
190
 
        c.Assert(afterBadHash, gc.Equals, compatHash)
191
 
        // When we get a valid check, we then add a salt and rewrite the hash
192
 
        c.Assert(user.PasswordValid("foo"), jc.IsTrue)
193
 
        afterSalt, afterHash := state.GetUserPasswordSaltAndHash(user)
194
 
        c.Assert(afterSalt, gc.Not(gc.Equals), "")
195
 
        c.Assert(afterHash, gc.Not(gc.Equals), compatHash)
196
 
        c.Assert(afterHash, gc.Equals, utils.UserPasswordHash("foo", afterSalt))
197
 
        // running PasswordValid again doesn't trigger another rewrite
198
 
        c.Assert(user.PasswordValid("foo"), jc.IsTrue)
199
 
        lastSalt, lastHash := state.GetUserPasswordSaltAndHash(user)
200
 
        c.Assert(lastSalt, gc.Equals, afterSalt)
201
 
        c.Assert(lastHash, gc.Equals, afterHash)
202
176
}
203
177
 
204
178
func (s *UserSuite) TestCantDisableAdmin(c *gc.C) {