Changeset 15287 for main/waeup.kofa/trunk/src/waeup/kofa/browser/tests/test_permissions.py

Timestamp:

9 Jan 2019, 21:17:08 (6 years ago)

Author:

Henrik Bettermann

Message:

Stored insecure passwords are no longer accepted.
Officers with an insecure password can't login and are
redirected to the ChangePasswordRequestPage to request a
new password.

File:

• main/waeup.kofa/trunk/src/waeup/kofa/browser/tests/test_permissions.py (modified) (6 diffs)

main/waeup.kofa/trunk/src/waeup/kofa/browser/tests/test_permissions.py

@@ -37 +37 @@
     remove_logger)
 from waeup.kofa.tests.test_async import FunctionalAsyncTestCase
-
+from waeup.kofa.tests.test_authentication import SECRET
 
 
@@ -157 +157 @@
     def testReportsPermissions(self):
         # Create reports officer
-        self.app['users'].addUser('mrofficer', 'mrofficer')
+        self.app['users'].addUser('mrofficer', SECRET)
         self.app['users']['mrofficer'].email = 'mrofficer@foo.ng'
         self.app['users']['mrofficer'].title = 'Otto Report'
@@ -163 +163 @@
         prmglobal.assignRoleToPrincipal('waeup.ReportsOfficer', 'mrofficer')
         # Create reports manager
-        self.app['users'].addUser('mrmanager', 'mrmanager')
+        self.app['users'].addUser('mrmanager', SECRET)
         self.app['users']['mrmanager'].email = 'mrmanager@foo.ng'
         self.app['users']['mrmanager'].title = 'Manfred Report'
@@ -171 +171 @@
         self.browser.open('http://localhost/app/login')
         self.browser.getControl(name="form.login").value = 'mrofficer'
-        self.browser.getControl(name="form.password").value = 'mrofficer'
+        self.browser.getControl(name="form.password").value = SECRET
         self.browser.getControl("Login").click()
         self.trigger_report_creation('2004')
@@ -184 +184 @@
         self.browser.open('http://localhost/app/login')
         self.browser.getControl(name="form.login").value = 'mrmanager'
-        self.browser.getControl(name="form.password").value = 'mrmanager'
+        self.browser.getControl(name="form.password").value = SECRET
         self.browser.getControl("Login").click()
         self.trigger_report_creation('2005')
@@ -199 +199 @@
         self.browser.open('http://localhost/app/login')
         self.browser.getControl(name="form.login").value = 'mrofficer'
-        self.browser.getControl(name="form.password").value = 'mrofficer'
+        self.browser.getControl(name="form.password").value = SECRET
         self.browser.getControl("Login").click()
         self.browser.open('http://localhost/app/reports')