Add unit test and fix code for ppolicy grace (#1691)
This commit is contained in:
parent
01ab88ba57
commit
502a32e257
|
@ -207,9 +207,7 @@ sub userBind {
|
|||
|
||||
# Get expiration warning and graces
|
||||
if ( $resp->grace_authentications_remaining ) {
|
||||
|
||||
# TODO
|
||||
$self->info(
|
||||
$req->info(
|
||||
$self->{portal}->loadTemplate(
|
||||
'ldapPpGrace',
|
||||
params => {
|
||||
|
|
|
@ -7,7 +7,7 @@ require 't/test-lib.pm';
|
|||
use lib 't/lib';
|
||||
|
||||
my $res;
|
||||
my $maintests = 22;
|
||||
my $maintests = 24;
|
||||
|
||||
SKIP: {
|
||||
skip( 'LLNGTESTLDAP is not set', $maintests ) unless ( $ENV{LLNGTESTLDAP} );
|
||||
|
@ -33,7 +33,7 @@ SKIP: {
|
|||
);
|
||||
use Lemonldap::NG::Portal::Main::Constants 'PE_PP_CHANGE_AFTER_RESET',
|
||||
'PE_PP_PASSWORD_EXPIRED', 'PE_PASSWORD_OK', 'PE_PP_ACCOUNT_LOCKED',
|
||||
'PE_PP_PASSWORD_TOO_SHORT';
|
||||
'PE_PP_PASSWORD_TOO_SHORT', 'PE_PP_GRACE';
|
||||
|
||||
# 1 - TEST PE_PP_CHANGE_AFTER_RESET AND PE_PP_PASSWORD_EXPIRED
|
||||
# ------------------------------------------------------------
|
||||
|
@ -46,7 +46,7 @@ SKIP: {
|
|||
my $code = $tpl->[1];
|
||||
my $postString = "user=$user&password=$user";
|
||||
|
||||
# Try yo authenticate
|
||||
# Try to authenticate
|
||||
# -------------------
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
|
@ -91,13 +91,32 @@ SKIP: {
|
|||
expectCookie($res) or print STDERR Dumper($res);
|
||||
}
|
||||
|
||||
# 2 - TEST PE_PP_ACCOUNT_LOCKED
|
||||
# 2 - TEST PE_PP_GRACE
|
||||
# -------------------------
|
||||
my $user = 'grace';
|
||||
my $code = "ppGrace";
|
||||
my $postString = "user=$user&password=$user";
|
||||
|
||||
# Try to authenticate
|
||||
# -------------------
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/', IO::String->new($postString),
|
||||
length => length($postString),
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Auth query'
|
||||
);
|
||||
my $match = 'trmsg="' . $code . '"';
|
||||
ok( $res->[2]->[0] =~ /$match/, 'Grace remaining' );
|
||||
|
||||
# 3 - TEST PE_PP_ACCOUNT_LOCKED
|
||||
# -------------------------
|
||||
my $user = 'lock';
|
||||
my $code = PE_PP_ACCOUNT_LOCKED;
|
||||
my $postString = "user=$user&password=$user";
|
||||
|
||||
# Try yo authenticate
|
||||
# Try to authenticate
|
||||
# -------------------
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
|
@ -124,13 +143,13 @@ SKIP: {
|
|||
$match = 'trmsg="' . PE_PASSWORD_OK . '"';
|
||||
ok( $res->[2]->[0] !~ /$match/s, 'Password is not changed' );
|
||||
|
||||
# 3 - TEST PE_PP_PASSWORD_TOO_SHORT
|
||||
# 4 - TEST PE_PP_PASSWORD_TOO_SHORT
|
||||
# ---------------------------------
|
||||
$user = 'short';
|
||||
$code = PE_PP_PASSWORD_TOO_SHORT;
|
||||
$postString = "user=$user&password=passwordnottooshort";
|
||||
|
||||
# Try yo authenticate
|
||||
# Try to authenticate
|
||||
# -------------------
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
|
|
|
@ -86,6 +86,16 @@ mail: short@badwolf.org
|
|||
userPassword: passwordnottooshort
|
||||
pwdPolicySubentry: cn=passwordshort,ou=ppolicies,dc=example,dc=com
|
||||
|
||||
dn: uid=grace,ou=users,dc=example,dc=com
|
||||
objectClass: inetOrgPerson
|
||||
uid: grace
|
||||
cn: grace
|
||||
sn: grace
|
||||
mail: grace@badwolf.org
|
||||
userPassword: grace
|
||||
pwdPolicySubentry: cn=passwordgrace,ou=ppolicies,dc=example,dc=com
|
||||
pwdChangedTime: 20190101000000Z
|
||||
|
||||
dn: ou=ppolicies,dc=example,dc=com
|
||||
objectClass: top
|
||||
objectClass: organizationalUnit
|
||||
|
@ -128,3 +138,13 @@ pwdAllowUserChange: TRUE
|
|||
pwdCheckQuality: 2
|
||||
pwdMinLength: 6
|
||||
|
||||
dn: cn=passwordgrace,ou=ppolicies,dc=example,dc=com
|
||||
objectClass: device
|
||||
objectClass: pwdPolicy
|
||||
cn: passwordgrace
|
||||
pwdAttribute: userPassword
|
||||
pwdAllowUserChange: TRUE
|
||||
pwdCheckQuality: 0
|
||||
pwdMaxAge: 5
|
||||
pwdGraceAuthnLimit: 2
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user