silverstripe-framework/tests/security/SecurityTest.php
Sam Minnee eb60b67732 Merged revisions 52121 via svnmerge from
http://svn.silverstripe.com/open/modules/sapphire/branches/govtsecurity

........
  r52121 | sminnee | 2008-04-03 22:04:33 +1300 (Thu, 03 Apr 2008) | 4 lines
  
  Added DataObject::validate() for specifying DataObject-level validators.
  Added DataObject::onAfterWrite(), a complement of DataObject::onBeforeWrite()
  Added password strength testing to security system
  Added password expiry to security system
........


git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@53465 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-04-26 06:31:52 +00:00

61 lines
2.2 KiB
PHP

<?php
/**
* Test the security class, including log-in form, change password form, etc
*/
class SecurityTest extends SapphireTest {
static $fixture_file = 'sapphire/tests/security/MemberTest.yml';
/**
* Test that the login form redirects to the change password form after logging in with an expired password
*/
function testExpiredPassword() {
// BAD PASSWORDS ARE LOCKED OUT
$session = new Session(array());
$badResponse = Director::test('Security/login?executeForm=LoginForm', array(
'Email' => 'sam@silverstripe.com',
'Password' => 'badpassword',
'AuthenticationMethod' => 'MemberAuthenticator',
'action_dologin' => 1,
'BackURL' => 'test/link'),
$session
);
$this->assertEquals(302, $badResponse->getStatusCode());
$this->assertRegExp('/Security\/login/', $badResponse->getHeader('Location'));
$this->assertNull($session->inst_get('loggedInAs'));
// UNEXPIRED PASSWORD GO THROUGH WITHOUT A HITCH
$session = new Session(array());
$goodResponse = Director::test('Security/login?executeForm=LoginForm', array(
'Email' => 'sam@silverstripe.com',
'Password' => '1nitialPassword',
'AuthenticationMethod' => 'MemberAuthenticator',
'action_dologin' => 1,
'BackURL' => 'test/link'),
$session
);
$this->assertEquals(302, $goodResponse->getStatusCode());
$this->assertEquals(Director::baseURL() . 'test/link', $goodResponse->getHeader('Location'));
$this->assertEquals($this->idFromFixture('Member', 'test'), $session->inst_get('loggedInAs'));
// EXPIRED PASSWORDS ARE SENT TO THE CHANGE PASSWORD FORM
$session = new Session(array());
$expiredResponse = Director::test('Security/login?executeForm=LoginForm', array(
'Email' => 'expired@silverstripe.com',
'Password' => '1nitialPassword',
'AuthenticationMethod' => 'MemberAuthenticator',
'action_dologin' => 1,
'BackURL' => 'test/link'),
$session
);
$this->assertEquals(302, $expiredResponse->getStatusCode());
$this->assertEquals(Director::baseURL() . 'Security/changepassword', $expiredResponse->getHeader('Location'));
$this->assertEquals($this->idFromFixture('Member', 'expiredpassword'), $session->inst_get('loggedInAs'));
}
}