You are here

Home » API reference » Google Authenticator login 7 » ga_login.test » GaLoginOthersPermissionsTestCase

public function GaLoginOthersPermissionsTestCase::testCreateOthersLoginCodesPermission in Google Authenticator login 7

Test create others login codes.

File

./ga_login.test, line 550
Tests for ga_login.module.

Class

GaLoginOthersPermissionsTestCase
Test others' permissions.

Code

public function testCreateOthersLoginCodesPermission() {
  $admin = $this
    ->drupalCreateUser(array(
    'access user profiles',
    'create others login codes',
  ));
  $account = $this
    ->drupalCreateUser(array(
    'require code',
  ));

  // Login as admin.
  $this
    ->drupalLogin($admin);

  // Create code for account user.
  $edit = array();
  $this
    ->drupalPost("user/{$account->uid}/ga_login", $edit, t('Get started'));

  // Seconds step: select time based code.
  $edit = array();
  $edit['tokentype'] = 'TOTP';
  $this
    ->drupalPost(NULL, $edit, t('Create code'));

  // Get the secret key from the page.
  $code_on_page = $this
    ->xpath('//span[@class=:class]', array(
    ':class' => 'secret-key',
  ));
  $code_on_page = $code_on_page[0][0];
  $edit = array();
  $edit['verify_code'] = ga_login_test_generate_code($code_on_page);
  $this
    ->drupalPost(NULL, $edit, t('Use this code'));
  $this
    ->assertText(t("You can now log in with your new code."));
  $this
    ->assertUrl("user/{$account->uid}");

  // Make sure we can stil access the ga_login tab.
  $edit = array();
  $this
    ->drupalGet("user/{$account->uid}/ga_login");
  $this
    ->assertText(t("Two step verification"));
  $this
    ->drupalLogout();

  // Login using a code.
  $edit = array();
  $edit['name'] = $account->name;
  $edit['pass'] = $account->pass_raw;

  // Make sure we have a new code.
  $edit['gacode'] = ga_login_test_generate_code($code_on_page, 1);
  $this
    ->drupalPost('user', $edit, t('Log in'));
  $this
    ->assertText(t('Member for'));

  // Make sure account can not access the ga_login tab.
  $this
    ->drupalGet("user/{$account->uid}/ga_login");
  $this
    ->assertText(t("You are not authorized to access this page."));
  $this
    ->drupalLogout();

  // Try to log in with the same code.
  $this
    ->drupalPost('user', $edit, t('Log in'));
  $this
    ->assertText(t("Your code isn't valid or has already been used."));
  $this
    ->assertText(t("Sorry, unrecognized username or password."));
  $this
    ->drupalLogout();
}