/**
* @see ChangePasswordFormController#handleSubmission(HttpSession, String, String, String, String,
* String, User, BindingResult)
*/
@Test
@Verifies(
value =
"do not set the user property forcePassword to false after unsuccessful password change",
method = "handleSubmission()")
public void handleSubmission_shouldNotChangeTheUserPropertyForcePasswordChangeToFalse()
throws Exception {
User user = Context.getAuthenticatedUser();
new UserProperties(user.getUserProperties()).setSupposedToChangePassword(true);
UserService us = Context.getUserService();
us.saveUser(user, "Openmr5xy");
ChangePasswordFormController controller = new ChangePasswordFormController();
BindException errors = new BindException(controller.formBackingObject(), "user");
controller.handleSubmission(
new MockHttpSession(),
"Passw0rd",
"Pasw0rd",
"",
"",
"",
Context.getAuthenticatedUser(),
errors);
User modifiedUser = us.getUser(user.getId());
assertTrue(new UserProperties(modifiedUser.getUserProperties()).isSupposedToChangePassword());
}
/**
* @see ChangePasswordFormController#handleSubmission(HttpSession, String, String, String, String,
* String, User, BindingResult)
*/
@Test
@Verifies(value = "set the secret question and answer of the user", method = "handleSubmission()")
public void handleSubmission_shouldSetTheUserSecretQuestionAndAnswer() throws Exception {
User user = Context.getAuthenticatedUser();
new UserProperties(user.getUserProperties()).setSupposedToChangePassword(true);
UserService us = Context.getUserService();
us.saveUser(user, "Openmr5xy");
ChangePasswordFormController controller = new ChangePasswordFormController();
BindException errors = new BindException(controller.formBackingObject(), "user");
controller.handleSubmission(
new MockHttpSession(),
"Passw0rd",
"Passw0rd",
"test_question",
"test_answer",
"test_answer",
Context.getAuthenticatedUser(),
errors);
User modifiedUser = us.getUser(user.getId());
assertTrue(us.isSecretAnswer(modifiedUser, "test_answer"));
}
/** @see ChangePasswordFormController#formBackingObject() */
@Test
@Verifies(value = "return an authenticated User", method = "formBackingObject()")
public void formBackingObject_shouldReturnAuthenticatedUser() throws Exception {
ChangePasswordFormController controller = new ChangePasswordFormController();
User user = controller.formBackingObject();
assertNotNull(user);
assertEquals(Context.getAuthenticatedUser(), user);
}
/**
* @see ChangePasswordFormController#handleSubmission(HttpSession, String, String, String, String,
* String, User, BindingResult) test =
*/
@Test
@Verifies(
value = "display error message when the password is empty",
method = "handleSubmission()")
public void handleSubmission_shouldDisplayErrorMessageWhenPasswordIsEmpty() throws Exception {
ChangePasswordFormController controller = new ChangePasswordFormController();
BindException errors = new BindException(controller.formBackingObject(), "user");
String result =
controller.handleSubmission(
new MockHttpSession(), "", "", "", "", "", Context.getAuthenticatedUser(), errors);
assertTrue(errors.hasErrors());
assertEquals("error.password.weak", errors.getGlobalError().getCode());
}
/** @see ChangePasswordFormController#formBackingObject() */
@Test
@Verifies(
value = "remain on the changePasswordForm page if there are errors",
method = "formBackingObject()")
public void formBackingObject_shouldRemainOnChangePasswordFormPageIfThereAreErrors()
throws Exception {
ChangePasswordFormController controller = new ChangePasswordFormController();
BindException errors = new BindException(controller.formBackingObject(), "user");
errors.addError(new ObjectError("Test", "Test Error"));
String result =
controller.handleSubmission(
new MockHttpSession(),
"password",
"differentPassword",
"",
"",
"",
Context.getAuthenticatedUser(),
errors);
assertEquals("/module/legacyui/admin/users/changePasswordForm", result);
}
/**
* @see ChangePasswordFormController#handleSubmission(HttpSession, String, String, String, String,
* String, User, BindingResult)
*/
@Test
@Verifies(
value = "navigate to the home page if the authentication is successful",
method = "handleSubmission()")
public void handleSubmission_shouldProceedToHomePageIfOperationIsSuccesful() throws Exception {
ChangePasswordFormController controller = new ChangePasswordFormController();
BindException errors = new BindException(controller.formBackingObject(), "user");
String result =
controller.handleSubmission(
new MockHttpSession(),
"Passw0rd",
"Passw0rd",
"question",
"answer",
"answer",
Context.getAuthenticatedUser(),
errors);
assertTrue(!errors.hasErrors());
assertEquals("redirect:/index.htm", result);
}
/**
* @see ChangePasswordFormController#handleSubmission(HttpSession, String, String, String, String,
* String, User, BindingResult)
*/
@Test
@Verifies(
value = "not display error message if password and confirm password are the same",
method = "handleSubmission()")
public void handleSubmission_shouldRedirectToIndexPageWhenPasswordAndConfirmPasswordAreTheSame()
throws Exception {
ChangePasswordFormController controller = new ChangePasswordFormController();
BindException errors = new BindException(controller.formBackingObject(), "user");
String result =
controller.handleSubmission(
new MockHttpSession(),
"Passw0rd",
"Passw0rd",
"",
"",
"",
Context.getAuthenticatedUser(),
errors);
assertTrue(!errors.hasErrors());
assertEquals("redirect:/index.htm", result);
}
/**
* @see ChangePasswordFormController#handleSubmission(HttpSession, String, String, String, String,
* String, User, BindingResult)
*/
@Test
@Verifies(
value = "display error message when the answer is empty and question is not empty",
method = "handleSubmission()")
public void handleSubmission_shouldDisplayErrorMessageIfQuestionIsNotEmptyAndAnswerIsEmpty()
throws Exception {
ChangePasswordFormController controller = new ChangePasswordFormController();
BindException errors = new BindException(controller.formBackingObject(), "user");
String result =
controller.handleSubmission(
new MockHttpSession(),
"Passw0rd",
"Passw0rd",
"question",
"",
"",
Context.getAuthenticatedUser(),
errors);
assertTrue(errors.hasErrors());
assertEquals("auth.question.fill", errors.getGlobalError().getCode());
}
/**
* @see ChangePasswordFormController#handleSubmission(HttpSession, String, String, String, String,
* String, User, BindingResult)
*/
@Test
@Verifies(
value =
"display an error message when the password and confirm password entries are different",
method = "handleSubmission()")
public void handleSubmission_shouldDisplayErrorMessageWhenPasswordAndConfirmPasswordAreNotSame()
throws Exception {
ChangePasswordFormController controller = new ChangePasswordFormController();
BindException errors = new BindException(controller.formBackingObject(), "user");
String result =
controller.handleSubmission(
new MockHttpSession(),
"password",
"differentPassword",
"",
"",
"",
Context.getAuthenticatedUser(),
errors);
assertTrue(errors.hasErrors());
assertEquals("error.password.match", errors.getGlobalError().getCode());
}
/**
* @see ChangePasswordFormController#handleSubmission(HttpSession, String, String, String, String,
* String, User, BindingResult)
*/
@Test
@Verifies(
value =
"display error message when the answer and the confirm answer entered are not the same",
method = "handleSubmission()")
public void handleSubmission_shouldDiplayErrorMessageIfAnswerAndConfirmAnswerAreNotTheSame()
throws Exception {
ChangePasswordFormController controller = new ChangePasswordFormController();
BindException errors = new BindException(controller.formBackingObject(), "user");
String result =
controller.handleSubmission(
new MockHttpSession(),
"Passw0rd",
"Passw0rd",
"question",
"answer",
"confirmanswer",
Context.getAuthenticatedUser(),
errors);
assertTrue(errors.hasErrors());
assertEquals("error.options.secretAnswer.match", errors.getGlobalError().getCode());
}
