public function GaLoginOthersPermissionsTestCase::testCheckboxOnAccountEditPage in Google Authenticator login 7
Test checkbox on account edit page.
File
- ./
ga_login.test, line 608 - Tests for ga_login.module.
Class
- GaLoginOthersPermissionsTestCase
- Test others' permissions.
Code
public function testCheckboxOnAccountEditPage() {
$admin = $this
->drupalCreateUser(array(
'administer users',
'create others login codes',
'delete others login codes',
));
$account = $this
->drupalCreateUser(array(
'login without code',
));
// Login as admin.
$this
->drupalLogin($admin);
// Check the checkbox on the account edit page.
$edit = array();
$edit['ga_login_force_tfa'] = '1';
$this
->drupalPost("user/{$account->uid}/edit", $edit, t('Save'));
// Make sure we are redirected to the ga_login tab.
$this
->assertUrl("user/{$account->uid}/ga_login");
// Make sure tfa checkbox is not checked.
$this
->drupalGet("user/{$account->uid}/edit");
$this
->assertNoFieldChecked('edit-ga-login-force-tfa');
// Create code for account user.
$edit = array();
$this
->drupalPost("user/{$account->uid}/ga_login", $edit, t('Get started'));
// Seconds step: select time based code.
$edit = array();
$edit['tokentype'] = 'TOTP';
$this
->drupalPost(NULL, $edit, t('Create code'));
// Get the secret key from the page.
$code_on_page = $this
->xpath('//span[@class=:class]', array(
':class' => 'secret-key',
));
$code_on_page = $code_on_page[0][0];
$edit = array();
$edit['verify_code'] = ga_login_test_generate_code($code_on_page);
$this
->drupalPost(NULL, $edit, t('Use this code'));
$this
->assertText(t("You can now log in with your new code."));
$this
->assertUrl("user/{$account->uid}");
// Make sure we can stil access the ga_login tab.
$edit = array();
$this
->drupalGet("user/{$account->uid}/ga_login");
$this
->assertText(t("Two step verification"));
// Make sure tfa checkbox is checked.
$this
->drupalGet("user/{$account->uid}/edit");
$this
->assertFieldChecked('edit-ga-login-force-tfa');
$this
->drupalLogout();
// Make sure we need a code to log in.
// Login using a code.
$edit = array();
$edit['name'] = $account->name;
$edit['pass'] = $account->pass_raw;
$this
->drupalPost('user', $edit, t('Log in'));
$this
->assertText(t('Sorry, unrecognized username or password.'));
// Login using a code.
$edit = array();
$edit['name'] = $account->name;
$edit['pass'] = $account->pass_raw;
// Make sure we have a new code.
$edit['gacode'] = ga_login_test_generate_code($code_on_page, 1);
$this
->drupalPost('user', $edit, t('Log in'));
$this
->assertText(t('Member for'));
// Make sure account can not access the ga_login tab.
$this
->drupalGet("user/{$account->uid}/ga_login");
$this
->assertText(t("You are not authorized to access this page."));
$this
->drupalLogout();
// Try to log in with the same code.
$this
->drupalPost('user', $edit, t('Log in'));
$this
->assertText(t("Your code isn't valid or has already been used."));
$this
->assertText(t("Sorry, unrecognized username or password."));
$this
->drupalLogout();
// Login as admin.
$this
->drupalLogin($admin);
// Delete the code.
$edit = array();
$this
->drupalPost("user/{$account->uid}/edit", $edit, t('Delete GA Login Code'));
$this
->assertText(t("Delete the GA Login code for"));
// Confirm.
$this
->drupalPost(NULL, $edit, 'Delete');
$this
->assertUrl("user/{$account->uid}/edit");
$this
->assertText(t("Successfully deleted the GA Login code for"));
// Make sure tfa checkbox is not checked.
$this
->drupalGet("user/{$account->uid}/edit");
$this
->assertNoFieldChecked('edit-ga-login-force-tfa');
$this
->drupalLogout();
}