public function PasswordPolicyExpirationTestCase::testExpirationConstraint in Password Policy 7
Tests expiration constraint.
File
- tests/
password_policy_expiration.test, line 65 - Tests for Password policy module expiration functionality.
Class
- PasswordPolicyExpirationTestCase
- Tests of password expiration.
Code
public function testExpirationConstraint() {
// Create role to which the expiration policy will apply.
// It is identical to the 'authenticated user' role in permissions. We
// create this separate role because we would like the policy maker user to
// be exempt from the expiration policy.
$expiration_rid = $this
->drupalCreateRole(array());
// Log in policy maker.
$policy_maker_user = $this->policyMaker;
$this
->drupalLogin($policy_maker_user);
// Create a policy.
$policy_name = $this
->createExpirationPolicy(1, $expiration_rid);
// Verify that an expiration rule has been set in the policy.
$pid = db_query('SELECT pid FROM {password_policy} WHERE name = :name', array(
':name' => $policy_name,
))
->fetchField();
$expiration = db_query('SELECT expiration FROM {password_policy} WHERE pid = :pid', array(
':pid' => $pid,
))
->fetchField();
$this
->verbose('Expiration: ' . var_export($expiration, TRUE));
$this
->assertTrue($expiration == 1, 'Verified expiration set.');
// Enable the policy.
$this
->enablePolicy($policy_name);
_password_policy_advance_test_clock(60 * 60 * 24 + 1);
// Create an account to test with.
$name1 = $this
->randomName();
$pass1 = 'aaaaaa';
$edit = array(
'name' => $name1,
'mail' => $name1 . '@example.com',
'pass[pass1]' => $pass1,
'pass[pass2]' => $pass1,
);
$this
->drupalPost('admin/people/create', $edit, 'Create new account');
$uid = db_query('SELECT uid FROM {users} WHERE name = :name', array(
':name' => $name1,
))
->fetchField();
$this
->drupalGet('user/' . $uid . '/edit');
$this
->assertFieldChecked('edit-status-1', 'Account status is set to active.');
// Add user to role covered by expiration policy.
user_multiple_role_edit(array(
$uid,
), 'add_role', $expiration_rid);
// Log out and attempt to log in with the newly created test account.
$this
->drupalLogout();
$edit = array(
'name' => $name1,
'pass' => $pass1,
);
$this
->drupalPost('user/login', $edit, t('Log in'));
$this
->assertNoText(t('The username !name has not been activated or is blocked.', array(
'!name' => $name1,
)), 'Account not blocked from logging in.');
_password_policy_advance_test_clock(60 * 60 * 24 + 1);
// Check that password should be expired, once cron runs.
$created = db_query('SELECT created FROM {password_policy_history} WHERE uid = :uid', array(
':uid' => '3',
))
->fetchField();
$this
->verbose('Created: ' . var_export($created, TRUE));
$created = db_query('SELECT created FROM {password_policy} WHERE pid = :pid', array(
':pid' => $pid,
))
->fetchField();
$this
->verbose('$pid ' . $pid . ' created: ' . var_export($created, TRUE));
// Run cron to trigger password expirations.
$this
->cronRun();
// Check that test account has been blocked.
$this
->drupalLogin($policy_maker_user);
$this
->drupalGet('user/' . $uid . '/edit');
$this
->assertFieldChecked('edit-status-0', 'Account status is set to blocked.');
$this
->drupalGet('admin/people/expired');
$this
->assertText('unblock', 'Account marked as blocked on Expired Accounts tab.');
// Log out and attempt to log in to the expired account again, to verify
// block.
$this
->drupalLogout();
$edit = array(
'name' => $name1,
'pass' => $pass1,
);
$this
->drupalPost('user/login', $edit, t('Log in'));
$this
->assertText(t('The username !name has not been activated or is blocked.', array(
'!name' => $name1,
)), 'Account blocked from logging in.');
// Log in as policy making user to unblock the test user.
$this
->drupalLogin($policy_maker_user);
$this
->drupalPost('admin/people/expired/unblock/' . $uid, array(), t('Unblock user'));
$this
->assertText(t('The user !name has been unblocked.', array(
'!name' => $name1,
)), 'Account account has been unblocked.');
$this
->drupalGet('admin/people/expired');
$this
->assertNoText('unblock', 'Account not marked as blocked on Expired Accounts tab.');
// Log out and attempt to log in the expired account again.
$this
->drupalLogout();
$edit = array(
'name' => $name1,
'pass' => $pass1,
);
$this
->drupalPost('user/login', $edit, t('Log in'));
$this
->assertNoText(t('The username !name has not been activated or is blocked.', array(
'!name' => $name1,
)), 'Account not blocked from logging in.');
$this
->assertNoText(t('User login'), 'Check that login block is not shown, to verify user successfully logged in.');
$this
->assertRaw(t('Your password has expired. You must change your password to proceed on the site.'), 'User forced to change password.');
// Change test user account's password.
$pass2 = 'bbbbbb';
$edit = array(
'current_pass' => $pass1,
'pass[pass1]' => $pass2,
'pass[pass2]' => $pass2,
);
$this
->drupalPost('user/' . $uid . '/edit', $edit, t('Save'));
$this
->assertText(t('The changes have been saved.'), format_string('1st password change: !pass', array(
'!pass' => $pass2,
)));
$this
->drupalGet('node');
$this
->drupalLogout();
// Run cron to trigger password expirations.
$this
->cronRun();
// Log in to confirm password not seen as expired now that it has changed.
$edit = array(
'name' => $name1,
'pass' => $pass1,
);
$this
->drupalPost('user/login', $edit, t('Log in'));
$this
->assertNoText(t('The username !name has not been activated or is blocked.', array(
'!name' => $name1,
)), 'Account not blocked from logging in.');
$this
->assertNoText(t('User login'), 'Check that login block is not shown, to verify user successfully logged in.');
$this
->drupalLogout();
// Delete test policy.
$this
->drupalLogin($policy_maker_user);
$this
->drupalPost('admin/config/people/password_policy/' . $pid . '/delete', array(), t('Delete'));
$this
->assertText('Password policy ' . $policy_name . ' was deleted.', 'Default password policy ' . $policy_name . 'was deleted');
}