You are here

password_strength.test in Password Strength 7

Same filename and directory in other branches
  1. 6.2 tests/password_strength.test

Tests for password strength module.

File

tests/password_strength.test
View source
<?php

/**
 * @file
 * Tests for password strength module.
 */
class PasswordStrengthTestCase extends DrupalWebTestCase {

  /**
   * A user able to change her password.
   *
   * @var object
   */
  protected $web_user;

  /**
   * A user with permission to set the minimum password strength required level.
   *
   * @var object
   */
  protected $admin_user;
  public static function getInfo() {
    return array(
      'name' => 'Password strength required score',
      'description' => 'Test password strength module functionality.',
      'group' => 'Password strength',
    );
  }
  function setUp() {
    parent::setUp('password_strength', 'composer_manager');
    $this->web_user = $this
      ->drupalCreateUser();
    $this->admin_user = $this
      ->drupalCreateUser(array(
      'administer site configuration',
    ));
  }

  /**
   * Tests various levels of minimum scores when changing a user account password.
   */
  function testChangePassword() {

    // Set required score to very weak and test that any password works.
    $this
      ->setRequiredScore('0');
    $this
      ->changePassword($this->web_user, 'Password1');
    $this
      ->changePassword($this->web_user, '35qzYI^HUbAZ');

    // Set required score to very strong and test that a weak password fails and
    // that a strong password works.
    $this
      ->setRequiredScore('4');
    $this
      ->changePassword($this->web_user, 'Password1', TRUE);
    $this
      ->changePassword($this->web_user, '35qzYI^HUbAZ');
  }

  /**
   * Tests a user account password change.
   *
   * @param stdClass $account
   *   Drupal user account for additional contexts.
   *
   * @param string $new_pass
   *   Plain-text password to be used as new password.
   *
   * @param boolean $too_weak
   *   Optional Whether the password is too weak and the change should fail.
   */
  function changePassword($account, $new_pass, $too_weak = FALSE) {
    $this
      ->drupalLogin($account);

    // Check that filling out a single password field does not validate.
    $edit = array();
    $edit['pass[pass1]'] = '';
    $edit['pass[pass2]'] = $new_pass;
    $this
      ->drupalPost("user/{$account->uid}/edit", $edit, t('Save'));
    $this
      ->assertText(t("The specified passwords do not match."), 'Typing mismatched passwords displays an error message.');
    $edit['pass[pass1]'] = $new_pass;
    $edit['pass[pass2]'] = '';
    $this
      ->drupalPost("user/{$account->uid}/edit", $edit, t('Save'));
    $this
      ->assertText(t("The specified passwords do not match."), 'Typing mismatched passwords displays an error message.');

    // Test that the error message appears when attempting to change the mail or
    // pass without the current password.
    $edit = array();
    $edit['mail'] = $this
      ->randomName() . '@new.example.com';
    $this
      ->drupalPost("user/{$account->uid}/edit", $edit, t('Save'));
    $this
      ->assertRaw(t("Your current password is missing or incorrect; it's required to change the %name.", array(
      '%name' => t('E-mail address'),
    )));
    $edit['current_pass'] = $account->pass_raw;
    $this
      ->drupalPost("user/{$account->uid}/edit", $edit, t('Save'));
    $this
      ->assertRaw(t("The changes have been saved."));

    // Test that the user must enter current password before changing passwords.
    $edit = array();
    $edit['pass[pass1]'] = $new_pass;
    $edit['pass[pass2]'] = $new_pass;
    $this
      ->drupalPost("user/{$account->uid}/edit", $edit, t('Save'));
    $this
      ->assertRaw(t("Your current password is missing or incorrect; it's required to change the %name.", array(
      '%name' => t('Password'),
    )));

    // Try again with the current password.
    $edit['current_pass'] = $account->pass_raw;
    $this
      ->drupalPost("user/{$account->uid}/edit", $edit, t('Save'));
    if ($too_weak) {
      $this
        ->assertRaw(t("Password does not meet required strength."));
    }
    else {
      $this
        ->assertRaw(t("The changes have been saved."));

      // Make sure the user can log in with their new password.
      $this
        ->drupalLogout();
      $account->pass_raw = $new_pass;
      $this
        ->drupalLogin($account);
      $this
        ->drupalLogout();
    }
  }

  /**
   * Sets a required score through the admin UI.
   *
   * @param int $score
   *   An integer corresponding to a password strength.
   */
  function setRequiredScore($score) {
    $this
      ->drupalLogin($this->admin_user);
    $edit = array();
    $edit['password_strength_default_required_score'] = $score;
    $this
      ->drupalPost('admin/config/system/password-strength', $edit, t('Save configuration'));

    // Ensure the value was saved.
    $this
      ->assertIdentical(variable_get('password_strength_default_required_score'), $score, 'Password strength was saved properly.');
  }

}

Classes

Namesort descending Description
PasswordStrengthTestCase @file Tests for password strength module.