@Test(expected = ScimException.class)
public void changePasswordRequestFailsForAdminWithoutOwnCurrentPassword() {
endpoints.setSecurityContextAccessor(mockSecurityContext(joel));
PasswordChangeRequest change = new PasswordChangeRequest();
change.setPassword("newpassword");
endpoints.changePassword(joel.getId(), change);
}
@Test(expected = BadCredentialsException.class)
public void changePasswordFailsForUserIfTheySupplyWrongCurrentPassword() {
endpoints.setSecurityContextAccessor(mockSecurityContext(joel));
PasswordChangeRequest change = new PasswordChangeRequest();
change.setPassword("newpassword");
change.setOldPassword("wrongpassword");
endpoints.changePassword(joel.getId(), change);
}
@Test(expected = ScimException.class)
public void userCantChangeAnotherUsersPassword() {
endpoints.setSecurityContextAccessor(mockSecurityContext(joel));
PasswordChangeRequest change = new PasswordChangeRequest();
change.setOldPassword("password");
change.setPassword("newpassword");
endpoints.changePassword(dale.getId(), change);
}
@Test
public void userCanChangeTheirOwnPasswordIfTheySupplyCorrectCurrentPassword() {
endpoints.setSecurityContextAccessor(mockSecurityContext(joel));
PasswordChangeRequest change = new PasswordChangeRequest();
change.setOldPassword("password");
change.setPassword("newpassword");
endpoints.changePassword(joel.getId(), change);
}
@Test
public void clientCanChangeUserPasswordWithoutCurrentPassword() {
SecurityContextAccessor sca = mockSecurityContext(joel);
when(sca.isClient()).thenReturn(true);
endpoints.setSecurityContextAccessor(sca);
PasswordChangeRequest change = new PasswordChangeRequest();
change.setPassword("newpassword");
endpoints.changePassword(joel.getId(), change);
}
@Test
public void adminCanChangeAnotherUsersPassword() {
SecurityContextAccessor sca = mockSecurityContext(dale);
when(sca.isAdmin()).thenReturn(true);
endpoints.setSecurityContextAccessor(sca);
PasswordChangeRequest change = new PasswordChangeRequest();
change.setPassword("newpassword");
endpoints.changePassword(joel.getId(), change);
}
@Test
public void passwordIsValidated() throws Exception {
endpoints.setSecurityContextAccessor(mockSecurityContext(joel));
PasswordValidator mockPasswordValidator = mock(PasswordValidator.class);
endpoints.setPasswordValidator(mockPasswordValidator);
PasswordChangeRequest change = new PasswordChangeRequest();
change.setOldPassword("password");
change.setPassword("newpassword");
endpoints.changePassword(joel.getId(), change);
verify(mockPasswordValidator).validate("newpassword");
}
@Test
public void changePasswordFailsForNewPasswordIsSameAsCurrentPassword() {
endpoints.setSecurityContextAccessor(mockSecurityContext(joel));
PasswordChangeRequest change = new PasswordChangeRequest();
change.setPassword("password");
change.setOldPassword("password");
try {
endpoints.changePassword(joel.getId(), change);
fail();
} catch (InvalidPasswordException e) {
assertEquals(
"Your new password cannot be the same as the old password.", e.getLocalizedMessage());
}
}