Commit 502a32e2 authored by Clément OUDOT's avatar Clément OUDOT

Add unit test and fix code for ppolicy grace (#1691)

parent 01ab88ba
......@@ -207,9 +207,7 @@ sub userBind {
# Get expiration warning and graces
if ( $resp->grace_authentications_remaining ) {
# TODO
$self->info(
$req->info(
$self->{portal}->loadTemplate(
'ldapPpGrace',
params => {
......
......@@ -7,7 +7,7 @@ require 't/test-lib.pm';
use lib 't/lib';
my $res;
my $maintests = 22;
my $maintests = 24;
SKIP: {
skip( 'LLNGTESTLDAP is not set', $maintests ) unless ( $ENV{LLNGTESTLDAP} );
......@@ -33,7 +33,7 @@ SKIP: {
);
use Lemonldap::NG::Portal::Main::Constants 'PE_PP_CHANGE_AFTER_RESET',
'PE_PP_PASSWORD_EXPIRED', 'PE_PASSWORD_OK', 'PE_PP_ACCOUNT_LOCKED',
'PE_PP_PASSWORD_TOO_SHORT';
'PE_PP_PASSWORD_TOO_SHORT', 'PE_PP_GRACE';
# 1 - TEST PE_PP_CHANGE_AFTER_RESET AND PE_PP_PASSWORD_EXPIRED
# ------------------------------------------------------------
......@@ -46,7 +46,7 @@ SKIP: {
my $code = $tpl->[1];
my $postString = "user=$user&password=$user";
# Try yo authenticate
# Try to authenticate
# -------------------
ok(
$res = $client->_post(
......@@ -91,13 +91,32 @@ SKIP: {
expectCookie($res) or print STDERR Dumper($res);
}
# 2 - TEST PE_PP_ACCOUNT_LOCKED
# 2 - TEST PE_PP_GRACE
# -------------------------
my $user = 'grace';
my $code = "ppGrace";
my $postString = "user=$user&password=$user";
# Try to authenticate
# -------------------
ok(
$res = $client->_post(
'/', IO::String->new($postString),
length => length($postString),
accept => 'text/html',
),
'Auth query'
);
my $match = 'trmsg="' . $code . '"';
ok( $res->[2]->[0] =~ /$match/, 'Grace remaining' );
# 3 - TEST PE_PP_ACCOUNT_LOCKED
# -------------------------
my $user = 'lock';
my $code = PE_PP_ACCOUNT_LOCKED;
my $postString = "user=$user&password=$user";
# Try yo authenticate
# Try to authenticate
# -------------------
ok(
$res = $client->_post(
......@@ -124,13 +143,13 @@ SKIP: {
$match = 'trmsg="' . PE_PASSWORD_OK . '"';
ok( $res->[2]->[0] !~ /$match/s, 'Password is not changed' );
# 3 - TEST PE_PP_PASSWORD_TOO_SHORT
# 4 - TEST PE_PP_PASSWORD_TOO_SHORT
# ---------------------------------
$user = 'short';
$code = PE_PP_PASSWORD_TOO_SHORT;
$postString = "user=$user&password=passwordnottooshort";
# Try yo authenticate
# Try to authenticate
# -------------------
ok(
$res = $client->_post(
......
......@@ -86,6 +86,16 @@ mail: short@badwolf.org
userPassword: passwordnottooshort
pwdPolicySubentry: cn=passwordshort,ou=ppolicies,dc=example,dc=com
dn: uid=grace,ou=users,dc=example,dc=com
objectClass: inetOrgPerson
uid: grace
cn: grace
sn: grace
mail: grace@badwolf.org
userPassword: grace
pwdPolicySubentry: cn=passwordgrace,ou=ppolicies,dc=example,dc=com
pwdChangedTime: 20190101000000Z
dn: ou=ppolicies,dc=example,dc=com
objectClass: top
objectClass: organizationalUnit
......@@ -128,3 +138,13 @@ pwdAllowUserChange: TRUE
pwdCheckQuality: 2
pwdMinLength: 6
dn: cn=passwordgrace,ou=ppolicies,dc=example,dc=com
objectClass: device
objectClass: pwdPolicy
cn: passwordgrace
pwdAttribute: userPassword
pwdAllowUserChange: TRUE
pwdCheckQuality: 0
pwdMaxAge: 5
pwdGraceAuthnLimit: 2
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment