3
* Gallery - a web based photo album viewer and editor
4
* Copyright (C) 2000-2007 Bharat Mediratta
6
* This program is free software; you can redistribute it and/or modify
7
* it under the terms of the GNU General Public License as published by
8
* the Free Software Foundation; either version 2 of the License, or (at
9
* your option) any later version.
11
* This program is distributed in the hope that it will be useful, but
12
* WITHOUT ANY WARRANTY; without even the implied warranty of
13
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14
* General Public License for more details.
16
* You should have received a copy of the GNU General Public License
17
* along with this program; if not, write to the Free Software
18
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
22
* UserRecoverPassword controller tests
23
* @package GalleryCore
25
* @author Bharat Mediratta <bharat@menalto.com>
26
* @version $Revision: 15513 $
28
class UserRecoverPasswordConfirmControllerTest extends GalleryControllerTestCase {
30
function UserRecoverPasswordConfirmControllerTest($methodName) {
31
$this->GalleryControllerTestCase($methodName, 'core.UserRecoverPasswordConfirm');
38
/* Create a new user */
39
list ($ret, $this->_user) = $this->_createRandomUser();
41
print $ret->getAsHtml();
42
return $this->failWithStatus($ret);
44
$this->_markForCleanup($this->_user);
46
$this->_hashedPassword = $this->_user->getHashedPassword();
49
function testRecoverPassword() {
52
$ret = GalleryCoreApi::addMapEntry(
53
'GalleryRecoverPasswordMap',
54
array('userName' => $this->_user->getUserName(),
55
'authString' => md5('12345'),
56
'requestExpires' => time() + 60));
58
return $this->failWithStatus($ret);
61
GalleryUtilities::putRequestVariable('form[action][submit]', 1);
62
GalleryUtilities::putRequestVariable('form[userName]', $this->_user->getUserName());
63
GalleryUtilities::putRequestVariable('form[authString]', md5('12345'));
64
GalleryUtilities::putRequestVariable('form[password1]', 'recoverConfirmPass');
65
GalleryUtilities::putRequestVariable('form[password2]', 'recoverConfirmPass');
67
$results = $this->handleRequest();
68
$this->assertEquals(array('redirect' => array('view' => 'core.UserAdmin',
69
'subView' => 'core.UserLogin'),
71
'status' => array('passwordRecovered' => 1),
75
list ($ret, $this->_user) = $this->_user->refresh();
77
return $this->failWithStatus($ret);
80
$this->assertEquals(true, $this->_user->isCorrectPassword('recoverConfirmPass'),
81
'Password not changed');
83
$ret = $this->_verifyMapEntryRemoved();
85
return $this->failWithStatus($ret);
89
function testRecoverPasswordClearsFailedLogins() {
92
$ret = GalleryCoreApi::addMapEntry(
93
'GalleryRecoverPasswordMap',
94
array('userName' => $this->_user->getUserName(),
95
'authString' => md5('12345'),
96
'requestExpires' => time() + 60));
98
return $this->failWithStatus($ret);
101
$ret = GalleryCoreApi::addMapEntry(
103
array('userName' => $this->_user->getUserName(),
105
'lastAttempt' => time()));
107
return $this->failWithStatus($ret);
110
GalleryUtilities::putRequestVariable('form[action][submit]', 1);
111
GalleryUtilities::putRequestVariable('form[userName]', $this->_user->getUserName());
112
GalleryUtilities::putRequestVariable('form[authString]', md5('12345'));
113
GalleryUtilities::putRequestVariable('form[password1]', 'recoverConfirmPass');
114
GalleryUtilities::putRequestVariable('form[password2]', 'recoverConfirmPass');
116
$results = $this->handleRequest();
117
/* We verified that password recovery works in another test */
119
list ($ret, $searchResults) = GalleryCoreApi::getMapEntry(
122
array('userName' => $this->_user->getUserName()));
124
return $this->failWithStatus($ret);
127
$this->assertEquals(0, $searchResults->resultCount());
130
function testRequestTooOld() {
133
$ret = GalleryCoreApi::addMapEntry(
134
'GalleryRecoverPasswordMap',
135
array('userName' => $this->_user->getUserName(),
136
'authString' => md5('12345'),
137
'requestExpires' => mktime(0,0,0,1,4,2005)));
139
return $this->failWithStatus($ret);
142
GalleryUtilities::putRequestVariable('form[action][submit]', 1);
143
GalleryUtilities::putRequestVariable('form[userName]', $this->_user->getUserName());
144
GalleryUtilities::putRequestVariable('form[authString]', md5('12345'));
145
GalleryUtilities::putRequestVariable('form[password1]', 'password');
146
GalleryUtilities::putRequestVariable('form[password2]', 'password');
148
$results = $this->handleRequest();
150
array('delegate' => array('view' => 'core.UserAdmin',
151
'subView' => 'core.UserRecoverPasswordConfirm'),
153
'error' => array('form[error][request][tooOld]')),
156
$ret = $this->_verifyMapEntryRemoved();
158
return $this->failWithStatus($ret);
161
$this->_verifyNoPasswordChange();
164
function testRequestMissing() {
165
GalleryUtilities::putRequestVariable('form[action][submit]', 1);
166
GalleryUtilities::putRequestVariable('form[userName]', 'recoverTest12345');
167
GalleryUtilities::putRequestVariable('form[authString]', 1);
168
GalleryUtilities::putRequestVariable('form[password1]', 'password');
169
GalleryUtilities::putRequestVariable('form[password2]', 'password');
171
$results = $this->handleRequest();
174
array('delegate' => array('view' => 'core.UserAdmin',
175
'subView' => 'core.UserRecoverPasswordConfirm'),
177
'error' => array('form[error][request][missing]')),
180
$this->_verifyNoPasswordChange();
183
function testPasswordMismatch() {
184
GalleryUtilities::putRequestVariable('form[action][submit]', 1);
185
GalleryUtilities::putRequestVariable('form[userName]', 'recoverTest12345');
186
GalleryUtilities::putRequestVariable('form[authString]', 1);
187
GalleryUtilities::putRequestVariable('form[password1]', 'password');
188
GalleryUtilities::putRequestVariable('form[password2]', 'mismatch');
190
$results = $this->handleRequest();
193
array('delegate' => array('view' => 'core.UserAdmin',
194
'subView' => 'core.UserRecoverPasswordConfirm'),
196
'error' => array('form[error][password][mismatch]')),
199
$this->_verifyNoPasswordChange();
202
function testMissingInputs() {
203
GalleryUtilities::putRequestVariable('form[action][submit]', 1);
205
$results = $this->handleRequest();
207
array('delegate' => array('view' => 'core.UserAdmin',
208
'subView' => 'core.UserRecoverPasswordConfirm'),
210
'error' => array('form[error][userName][missing]',
211
'form[error][authString][missing]',
212
'form[error][password][missing]')),
215
$this->_verifyNoPasswordChange();
218
function testCancel() {
219
GalleryUtilities::putRequestVariable('form[action][cancel]', 1);
221
$results = $this->handleRequest();
222
$this->assertEquals(array('return' => 1,
223
'delegate' => array('view' => 'core.UserAdmin',
224
'subView' => 'core.UserRecoverPasswordConfirm'),
229
$this->_verifyNoPasswordChange();
232
function _verifyNoPasswordChange() {
233
$this->assertEquals($this->_hashedPassword, $this->_user->getHashedPassword(),
234
'Passwords changed');
237
function _verifyMapEntryRemoved() {
242
[GalleryRecoverPasswordMap::userName]
244
[GalleryRecoverPasswordMap]
246
[GalleryRecoverPasswordMap::userName] = ?
249
$data = array($this->_user->getUserName());
251
list ($ret, $searchResults) = $gallery->search($query, $data);
253
return $this->failWithStatus($ret);
256
if ($results = $searchResults->nextResult()) {
257
$this->assert($results[0], 'RecoverMap entry was not purged during password reset');