You are here

public function LoginSecurityUserBlockingTest::testUserBlocking in Login Security 7

Same name and namespace in other branches
  1. 6 login_security.test \LoginSecurityUserBlockingTest::testUserBlocking()

Test user blocking.

File

./login_security.test, line 98
Test the basic functions of the Login Security module.

Class

LoginSecurityUserBlockingTest
Test login_security user blocking.

Code

public function testUserBlocking() {
  $login_attempts_limit = 2;

  // Allow 2 attempts to login before being blocking is enforced.
  variable_set('login_security_user_wrong_count', $login_attempts_limit);

  // In Drupal 7, we can drupalGetMails() to see if a notice went out to
  // admin. In the meantime, turn the message off just in case it doesn't get
  // caught properly yet.
  variable_set('login_security_user_blocked_email_user', '');
  $normal_user = $this
    ->drupalCreateUser(array(
    'access content',
  ));

  // Intentionally break the password to repeat invalid logins.
  $normal_user->pass_raw = user_password();
  variable_set('login_security_notice_attempts_available', 1);

  // drupalLogin() has assertions that we know will fail, so we must skip
  // them with an alternate function.
  $this
    ->drupalLoginLite($normal_user);
  $this
    ->assertText("You have used 1 out of {$login_attempts_limit} login attempts. After all {$login_attempts_limit} have been used, you will be unable to login.", t('Attempts available message displayed.'));
  $this
    ->assertFieldByName('form_id', 'user_login', t('Login form found.'));

  // Turns off the warning message we looked for in the previous assert.
  variable_set('login_security_notice_attempts_available', 0);
  $this
    ->drupalLoginLite($normal_user);
  $this
    ->assertNoText("You have used 2 out of {$login_attempts_limit} login attempts. After all {$login_attempts_limit} have been used, you will be unable to login.", t('Attempts available message displayed.'));
  $this
    ->assertFieldByName('form_id', 'user_login', t('Login form found.'));

  // Turns back on the warning message we looked for in the previous assert.
  $this
    ->assertText("The user {$normal_user->name} has been blocked due to failed login attempts.", t('Blocked message displayed.'));
  $this
    ->assertFieldByName('form_id', 'user_login', t('Login form found.'));
}