Add test for Password/Demo (#595)

9 years ago · bb3a2e37bd
parent 72d94f0726
commit bb3a2e37bd
6 changed files with 125 additions and 9 deletions
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
@ -125,7 +125,7 @@ sub do {

    # TODO: updateStatus
    if ( !$self->conf->{noAjaxHook} and $req->wantJSON ) {
-        if ( $err > 0 ) {
+        if ( $err > 0 and !%{ $req->sessionInfo } ) {
            return [
                401,
                [
@ -135,9 +135,21 @@ sub do {
                []
            ];
        }
+        elsif ( $err > 0 ) {
+            return $self->sendJSONresponse(
+                $req,
+                { result => 0, error => $err },
+                code => 400
+            );
+        }
        else {
-            return $self->sendJSONresponse( $req,
-                { result => 1, message => 'Authenticated' } );
+            return $self->sendJSONresponse(
+                $req,
+                {
+                    result => 1,
+                    code   => $err
+                }
+            );
        }
    }
    else {
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/Base.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/Base.pm
@ -5,6 +5,7 @@ use strict;
 use Mouse;
 use Lemonldap::NG::Portal::Main::Constants qw(
  PE_OK
+  PE_BADOLDPASSWORD
  PE_PASSWORD_OK
  PE_PASSWORD_MISMATCH
  PE_PP_MUST_SUPPLY_OLD_PASSWORD
@ -28,7 +29,7 @@ sub _modifyPassword {

        # TODO: verify oldpassword
        unless ( $req->datas->{oldpassword} = $req->param('oldpassword') ) {
-            $self->lmLog( "Portal require old password", 'error' );
+            $self->lmLog( "Portal require old password", 'warn' );
            return PE_PP_MUST_SUPPLY_OLD_PASSWORD;
        }

@ -38,6 +39,8 @@ sub _modifyPassword {
            $req->datas->{newpassword} eq $req->param('confirmpassword') );

        # Verify old password
+        return PE_BADOLDPASSWORD
+          unless ( $self->confirm( $req, $req->datas->{newpassword} ) );
    }

    # Call password package
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/Demo.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/Demo.pm
@ -8,15 +8,13 @@ extends 'Lemonldap::NG::Portal::Password::Base';

 sub init {
    my ($self) = @_;
-    if ( $self->p->get_module('auth') eq 'Demo' ) {
-        return PE_OK;
+    if ( $self->p->getModule(undef,'auth') eq 'Demo' ) {
+        return 1;
    }
    else {
        $self->lmLog( "Use PasswordDBDemo only with AuthDemo", 'error' );
-        return PE_ERROR;
+        return 0;
    }
-
-    PE_OK;
 }

 sub confirm {
--- a/lemonldap-ng-portal/t/21-Notifications-File.t
+++ b/lemonldap-ng-portal/t/21-Notifications-File.t
--- a/lemonldap-ng-portal/t/22-Notifications-DBI.t
+++ b/lemonldap-ng-portal/t/22-Notifications-DBI.t
--- a/lemonldap-ng-portal/t/40-Password-Demo.t
+++ b/lemonldap-ng-portal/t/40-Password-Demo.t
@ -0,0 +1,103 @@
+use Test::More;
+use strict;
+use IO::String;
+use JSON;
+use Lemonldap::NG::Portal::Main::Constants
+  qw(PE_BADOLDPASSWORD PE_PASSWORD_MISMATCH PE_PP_MUST_SUPPLY_OLD_PASSWORD);
+
+require 't/test-lib.pm';
+
+my $res;
+
+init(
+    {
+        logLevel                 => 'error',
+        passwordDB               => 'Demo',
+        portalRequireOldPassword => 1,
+    }
+);
+
+# Try yo authenticate
+# -------------------
+ok(
+    $res = &client->_post(
+        '/',
+        IO::String->new('user=dwho&password=dwho'),
+        length => 23
+    ),
+    'Auth query'
+);
+ok( $res->[0] == 200, 'Response is 200' ) or explain( $res->[0], 200 );
+my $cookies = getCookies($res);
+my $id;
+ok( $id = $cookies->{lemonldap}, 'Get cookie' )
+  or explain( $res, 'Set-Cookie: something' );
+count(3);
+
+# Test mismatch pwd
+ok(
+    $res = &client->_post(
+        '/',
+        IO::String->new('oldpassword=dwho&newpassword=test&confirmpassword=t'),
+        cookie => "lemonldap=$id",
+        accept => 'application/json',
+        length => 51
+    ),
+    'Password mismatch'
+);
+ok( $res->[0] == 400, 'Response is 400' ) or explain( $res->[0], 400 );
+my $json;
+ok( $json = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
+  or print STDERR "$@\n" . Dumper($res);
+ok( $json->{error} == PE_PASSWORD_MISMATCH, 'Response is PE_PASSWORD_MISMATCH' )
+  or explain( $json, "error => 34" );
+count(3);
+
+# Test missing old pwd
+ok(
+    $res = &client->_post(
+        '/',
+        IO::String->new('newpassword=test&confirmpassword=test'),
+        cookie => "lemonldap=$id",
+        accept => 'application/json',
+        length => 37
+    ),
+    'Missing old password'
+);
+ok( $res->[0] == 400, 'Response is 400' ) or explain( $res->[0], 400 );
+my $json;
+ok( $json = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
+  or print STDERR "$@\n" . Dumper($res);
+ok(
+    $json->{error} == PE_PP_MUST_SUPPLY_OLD_PASSWORD,
+    'Response is PE_PP_MUST_SUPPLY_OLD_PASSWORD'
+) or explain( $json, "error => 27" );
+count(3);
+
+# Test bad old pwd
+ok(
+    $res = &client->_post(
+        '/',
+        IO::String->new('oldpassword=dd&newpassword=test&confirmpassword=test'),
+        cookie => "lemonldap=$id",
+        accept => 'application/json',
+        length => 52
+    ),
+    'Bad old password'
+);
+ok( $res->[0] == 400, 'Response is 400' ) or explain( $res->[0], 400 );
+my $json;
+ok( $json = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
+  or print STDERR "$@\n" . Dumper($res);
+ok( $json->{error} == PE_BADOLDPASSWORD, 'Response is PE_BADOLDPASSWORD' )
+  or explain( $json, "error => 27" );
+count(3);
+
+# Test logout
+logout($id);
+
+#print STDERR Dumper($res);
+
+clean_sessions();
+
+done_testing( count() );