قرینه از
https://github.com/matomo-org/matomo.git
synced 2025-08-22 15:07:44 +00:00
78fea226f7
* Add new System setting for enabling password strength check (#23362) * Add new System setting for enabling password strength check * Update broken UI tests * Update default value to off, update some text * Update broken UI test by description change * Add PasswordStrength component (#23371) * Add PasswordStrength component * Wire up form submit button to strength check * Allow the strength validator to work with external input * Update UI test screenshots * Add password strength field to UI demo page * Add backend password strength checks to password set forms (#23378) * Add backend password strength checks to password set forms * Add UI test for user manager page * Update UI fixture to enable strong passwords * Update valid special characters * Update text used in Login system settings notification email (#23404) * Update special character checks to be more inclusive * Remove readonly filter from event emit to keep the object further updatable (#23406) * Remove readonly filter from event emit to keep the object further updatable * Clone the parent user object when edit form is created to prevent silent nested prop manipulation --------- Co-authored-by: Nathan Gavin <nathangavin987@gmail.com>
89 خطوط
2.6 KiB
PHP
89 خطوط
2.6 KiB
PHP
<?php
|
|
|
|
/**
|
|
* Matomo - free/libre analytics platform
|
|
*
|
|
* @link https://matomo.org
|
|
* @license https://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
|
|
*/
|
|
|
|
namespace Piwik\Plugins\UsersManager\tests\Integration;
|
|
|
|
use Piwik\Tests\Framework\TestCase\IntegrationTestCase;
|
|
use Piwik\Plugins\UsersManager\Controller;
|
|
use Piwik\Nonce;
|
|
use Piwik\Auth\PasswordStrength;
|
|
use Piwik\Date;
|
|
use Piwik\Plugins\UsersManager\Model;
|
|
use Piwik\Plugins\Login\PasswordVerifier;
|
|
use Piwik\Translation\Loader\DevelopmentLoader;
|
|
use Piwik\Translation\Loader\JsonFileLoader;
|
|
use Piwik\Translation\Translator;
|
|
|
|
/**
|
|
* @group UsersManager
|
|
* @group ControllerTest
|
|
* @group Plugins
|
|
*/
|
|
class ControllerTest extends IntegrationTestCase
|
|
{
|
|
/**
|
|
* @var Controller
|
|
*/
|
|
private $controller;
|
|
private $post;
|
|
|
|
public function setUp(): void
|
|
{
|
|
parent::setUp();
|
|
|
|
$this->controller = new Controller(
|
|
$translator = new Translator(new DevelopmentLoader(new JsonFileLoader())),
|
|
$passwordVerify = new PasswordVerifier(),
|
|
$userModel = new Model(),
|
|
$passwordStrength = new PasswordStrength(true)
|
|
);
|
|
$this->post = $_POST;
|
|
}
|
|
|
|
public function tearDown(): void
|
|
{
|
|
parent::tearDown();
|
|
$_POST = $this->post;
|
|
}
|
|
|
|
public function testRecordPasswordChangePasswordStrengthCheckWeakPassword()
|
|
{
|
|
$this->setupPostStateWithPassword('password1');
|
|
|
|
$this->expectException(\Exception::class);
|
|
$this->expectExceptionMessage('General_PasswordStrengthValidationFailed');
|
|
$this->controller->recordPasswordChange();
|
|
}
|
|
|
|
public function testRecordPasswordChangePasswordStrengthCheckStrongPassword()
|
|
{
|
|
$this->setupPostStateWithPassword('Password111!');
|
|
|
|
// create user to get test in a repeatable state
|
|
$userLogin = 'super user was set';
|
|
$userEmail = 'test@test.com';
|
|
$usersModel = new Model();
|
|
$usersModel->addUser($userLogin, $passwordHash = '', $userEmail, Date::now()->getDatetime());
|
|
|
|
// expect test to get past strength check and fail when checking existing password
|
|
$this->expectException(\Exception::class);
|
|
$this->expectExceptionMessage('UsersManager_ConfirmWithPassword');
|
|
$this->controller->recordPasswordChange();
|
|
}
|
|
|
|
private function setupPostStateWithPassword(string $password)
|
|
{
|
|
$_POST['nonce'] = Nonce::getNonce('changePasswordNonce');
|
|
$_POST['password'] = $password;
|
|
$_POST['passwordBis'] = $password;
|
|
// original password (irrelevant for test)
|
|
$_POST['passwordConfirmation'] = '';
|
|
}
|
|
}
|