public function PasswordPolicyForcePasswordChangeTestCase::testForceChangeOnReset in Password Policy 7
Tests "Force password change on reset" setting.
Some code copied from UserPasswordResetTestCase::testUserPasswordReset().
File
- tests/
password_policy.test, line 575 - Functional tests for Password policy module.
Class
- PasswordPolicyForcePasswordChangeTestCase
- Tests of forcing password changes.
Code
public function testForceChangeOnReset() {
// Create a user.
$user = $this
->drupalCreateUser();
$this
->drupalLogin($user);
$this
->drupalLogout();
// Check that user is not forced to change password on reset by default.
// Attempt to reset password.
$edit = array(
'name' => $user->name,
);
$this
->drupalPost('user/password', $edit, t('E-mail new password'));
// Visit reset URL.
$reset_url = $this
->getPasswordResetUrlFromMail();
$this
->drupalGet($reset_url);
$this
->drupalPost(NULL, array(), t('Log in'));
// Try to visit another page without changing password.
$this
->drupalGet('node');
// Verify user not redirected to change password.
$this
->assertNoFieldByName('mail', NULL, 'User not redirected back to user-edit page.');
$this
->assertNoRaw(t('Your password has expired. You must change your password to proceed on the site.'), 'User not forced to change password.');
$this
->drupalLogout();
// Enable force change on reset.
$admin = $this
->drupalCreateUser(array(
'administer password policies',
));
$this
->drupalLogin($admin);
$edit = array(
'password_policy_force_change_reset' => TRUE,
);
$this
->drupalPost('admin/config/people/password_policy', $edit, t('Save configuration'));
$this
->assertRaw(t('The configuration options have been saved.'), 'Enabled "Force password change on reset".');
$this
->drupalLogout();
// Check user is forced to change password if they try to skip doing so.
// Attempt to reset password.
$edit = array(
'name' => $user->name,
);
$this
->drupalPost('user/password', $edit, t('E-mail new password'));
// Visit reset URL.
$reset_url = $this
->getPasswordResetUrlFromMail();
$this
->drupalGet($reset_url);
$this
->drupalPost(NULL, array(), t('Log in'));
// Try to visit another page without changing password.
$this
->drupalGet('node');
// Verify user redirected to change password.
$this
->assertFieldByName('mail', NULL, 'User redirected back to user-edit page.');
$this
->assertRaw(t('Your password has expired. You must change your password to proceed on the site.'), 'User forced to change password.');
// Change password.
$edit = array(
'pass[pass1]' => 'fpcR@nd0m!',
'pass[pass2]' => 'fpcR@nd0m!',
);
$this
->drupalPost(NULL, $edit, t('Save'));
$this
->assertRaw(t('The changes have been saved.'), 'User changed password.');
// Try to visit another page without changing password.
$this
->drupalGet('node');
// Verify user not again redirected to change password.
$this
->assertNoFieldByName('mail', NULL, 'User not redirected back to user-edit page.');
$this
->assertNoRaw(t('Your password has expired. You must change your password to proceed on the site.'), 'User not forced to change password.');
$this
->drupalLogout();
// Check that user is not forced to change password twice if they
// immediately change their password.
// Attempt to reset password.
$edit = array(
'name' => $user->name,
);
$this
->drupalPost('user/password', $edit, t('E-mail new password'));
// Visit reset URL.
$reset_url = $this
->getPasswordResetUrlFromMail();
$this
->drupalGet($reset_url);
$this
->drupalPost(NULL, array(), t('Log in'));
// Change password.
$edit = array(
'pass[pass1]' => 'fpcR@nd0m!',
'pass[pass2]' => 'fpcR@nd0m!',
);
$this
->drupalPost(NULL, $edit, t('Save'));
$this
->assertRaw(t('The changes have been saved.'), 'User changed password.');
// Try to visit another page.
$this
->drupalGet('node');
// Verify user not redirected to change password.
$this
->assertNoFieldByName('mail', NULL, 'User not redirected back to user-edit page.');
$this
->assertNoRaw(t('Your password has expired. You must change your password to proceed on the site.'), 'User not forced to change password.');
}