You are here

public function PasswordPolicyForcePasswordChangeTestCase::testExtraAllowedPaths in Password Policy 7

Tests "Extra allowed paths" setting.

File

tests/password_policy.test, line 659
Functional tests for Password policy module.

Class

PasswordPolicyForcePasswordChangeTestCase
Tests of forcing password changes.

Code

public function testExtraAllowedPaths() {
  $admin = $this
    ->drupalCreateUser(array(
    'force password change',
    'administer password policies',
    'administer users',
  ));
  $user = $this
    ->drupalCreateUser();

  // Force user to change their password.
  $this
    ->drupalLogin($admin);
  $edit = array(
    'force_password_change' => TRUE,
  );
  $this
    ->drupalPost("user/{$user->uid}/edit", $edit, t('Save'));
  $this
    ->drupalLogout();

  // Verify user is forced to change password.
  $this
    ->drupalLogin($user);
  $this
    ->assertFieldByName('current_pass', NULL, 'User redirected correctly.');
  $this
    ->assertRaw(t('Your password has expired. You must change your password to proceed on the site.'), 'User presented with error instructing them to change their password.');

  // Try to visit disallowed paths.
  $this
    ->drupalGet('node');
  $this
    ->assertFieldByName('mail', NULL, 'User redirected back to user-edit page.');
  $this
    ->assertRaw(t('Your password has expired. You must change your password to proceed on the site.'), 'User forced to change password.');
  $this
    ->drupalGet('node/add/page');
  $this
    ->assertFieldByName('mail', NULL, 'User redirected back to user-edit page.');
  $this
    ->assertRaw(t('Your password has expired. You must change your password to proceed on the site.'), 'User forced to change password.');
  $this
    ->drupalLogout();

  // Add extra allowed paths.
  // One path tests using a wildcard and the other does not.
  $this
    ->drupalLogin($admin);
  $edit = array(
    'password_policy_force_change_extra_allowed_paths' => "node\nnode/add/*",
  );
  $this
    ->drupalPost('admin/config/people/password_policy', $edit, t('Save configuration'));
  $this
    ->assertRaw(t('The configuration options have been saved.'), 'Enabled "Force password change by e-mail".');
  $this
    ->drupalLogout();

  // Verify user is still forced to change password.
  $this
    ->drupalLogin($user);
  $this
    ->assertFieldByName('current_pass', NULL, 'User redirected correctly.');
  $this
    ->assertRaw(t('Your password has expired. You must change your password to proceed on the site.'), 'User presented with error instructing them to change their password.');

  // Try to visit paths that are now allowed.
  // Note that "Access denied" is expected for node/add/page.
  $this
    ->drupalGet('node');
  $this
    ->assertNoFieldByName('mail', NULL, 'User not redirected back to user-edit page.');
  $this
    ->drupalGet('node/add/page');
  $this
    ->assertNoFieldByName('mail', NULL, 'User not redirected back to user-edit page.');

  // Try to visit a path that is still disallowed.
  $this
    ->drupalGet("user/{$user->uid}/view");
  $this
    ->assertFieldByName('mail', NULL, 'User redirected back to user-edit page.');
  $this
    ->assertRaw(t('Your password has expired. You must change your password to proceed on the site.'), 'User forced to change password.');
  $this
    ->drupalLogout();
}