Ignore:
Timestamp:
9 Jan 2019, 21:17:08 (6 years ago)
Author:
Henrik Bettermann
Message:

Stored insecure passwords are no longer accepted.
Officers with an insecure password can't login and are
redirected to the ChangePasswordRequestPage to request a
new password.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • main/waeup.kofa/trunk/src/waeup/kofa/students/tests/test_browser.py

    r15285 r15287  
    5353from waeup.kofa.tests.test_async import FunctionalAsyncTestCase
    5454from waeup.kofa.browser.tests.test_pdf import samples_dir
     55from waeup.kofa.tests.test_authentication import SECRET
    5556
    5657PH_LEN = 15911  # Length of placeholder file
     
    15211522    def init_clearance_officer(self):
    15221523        # Create clearance officer
    1523         self.app['users'].addUser('mrclear', 'mrclearsecret')
     1524        self.app['users'].addUser('mrclear', SECRET)
    15241525        self.app['users']['mrclear'].email = 'mrclear@foo.ng'
    15251526        self.app['users']['mrclear'].title = 'Carlo Pitter'
     
    15431544        self.browser.open(self.login_path)
    15441545        self.browser.getControl(name="form.login").value = 'mrclear'
    1545         self.browser.getControl(name="form.password").value = 'mrclearsecret'
     1546        self.browser.getControl(name="form.password").value = SECRET
    15461547        self.browser.getControl("Login").click()
    15471548
     
    17021703
    17031704    def test_handle_courses_by_ca(self):
    1704         self.app['users'].addUser('mrsadvise', 'mrsadvisesecret')
     1705        self.app['users'].addUser('mrsadvise', SECRET)
    17051706        self.app['users']['mrsadvise'].email = 'mradvise@foo.ng'
    17061707        self.app['users']['mrsadvise'].title = u'Helen Procter'
     
    17131714        self.browser.open(self.login_path)
    17141715        self.browser.getControl(name="form.login").value = 'mrsadvise'
    1715         self.browser.getControl(name="form.password").value = 'mrsadvisesecret'
     1716        self.browser.getControl(name="form.password").value = SECRET
    17161717        self.browser.getControl("Login").click()
    17171718        self.assertMatches('...You logged in...', self.browser.contents)
     
    18511852    def test_find_students_in_faculties(self):
    18521853        # Create local students manager in faculty
    1853         self.app['users'].addUser('mrmanager', 'mrmanagersecret')
     1854        self.app['users'].addUser('mrmanager', SECRET)
    18541855        self.app['users']['mrmanager'].email = 'mrmanager@foo.ng'
    18551856        self.app['users']['mrmanager'].title = u'Volk Wagen'
     
    18651866        self.browser.open(self.login_path)
    18661867        self.browser.getControl(name="form.login").value = 'mrmanager'
    1867         self.browser.getControl(name="form.password").value = 'mrmanagersecret'
     1868        self.browser.getControl(name="form.password").value = SECRET
    18681869        self.browser.getControl("Login").click()
    18691870        self.assertMatches('...You logged in...', self.browser.contents)
     
    20212022        # StudentImpersonators can login as student
    20222023        # Create clearance officer
    2023         self.app['users'].addUser('mrofficer', 'mrofficersecret')
     2024        self.app['users'].addUser('mrofficer', SECRET)
    20242025        self.app['users']['mrofficer'].email = 'mrofficer@foo.ng'
    20252026        self.app['users']['mrofficer'].title = 'Harry Actor'
     
    20302031        self.browser.open(self.login_path)
    20312032        self.browser.getControl(name="form.login").value = 'mrofficer'
    2032         self.browser.getControl(name="form.password").value = 'mrofficersecret'
     2033        self.browser.getControl(name="form.password").value = SECRET
    20332034        self.browser.getControl("Login").click()
    20342035        self.assertMatches('...You logged in...', self.browser.contents)
     
    21282129            'Address line2\n\n')
    21292130        # Create officer with both roles
    2130         self.app['users'].addUser('mrtranscript', 'mrtranscriptsecret')
     2131        self.app['users'].addUser('mrtranscript', SECRET)
    21312132        self.app['users']['mrtranscript'].email = 'mrtranscript@foo.ng'
    21322133        self.app['users']['mrtranscript'].title = 'Ruth Gordon'
     
    21382139        self.browser.open(self.login_path)
    21392140        self.browser.getControl(name="form.login").value = 'mrtranscript'
    2140         self.browser.getControl(name="form.password").value = 'mrtranscriptsecret'
     2141        self.browser.getControl(name="form.password").value = SECRET
    21412142        self.browser.getControl("Login").click()
    21422143        self.assertMatches('...You logged in...', self.browser.contents)
     
    22742275        notify(grok.ObjectModifiedEvent(self.student))
    22752276        # Create transcript officer
    2276         self.app['users'].addUser('mrtranscript', 'mrtranscriptsecret')
     2277        self.app['users'].addUser('mrtranscript', SECRET)
    22772278        self.app['users']['mrtranscript'].email = 'mrtranscript@foo.ng'
    22782279        self.app['users']['mrtranscript'].title = 'Ruth Gordon'
     
    22872288        self.browser.open(self.login_path)
    22882289        self.browser.getControl(name="form.login").value = 'mrtranscript'
    2289         self.browser.getControl(name="form.password").value = 'mrtranscriptsecret'
     2290        self.browser.getControl(name="form.password").value = SECRET
    22902291        self.browser.getControl("Login").click()
    22912292        self.assertMatches('...You logged in...', self.browser.contents)
     
    23152316        notify(grok.ObjectModifiedEvent(self.student))
    23162317        # Create transcript signee
    2317         self.app['users'].addUser('mrtranscript', 'mrtranscriptsecret')
     2318        self.app['users'].addUser('mrtranscript', SECRET)
    23182319        self.app['users']['mrtranscript'].email = 'mrtranscript@foo.ng'
    23192320        self.app['users']['mrtranscript'].title = 'Ruth Gordon'
     
    23282329        self.browser.open(self.login_path)
    23292330        self.browser.getControl(name="form.login").value = 'mrtranscript'
    2330         self.browser.getControl(name="form.password").value = 'mrtranscriptsecret'
     2331        self.browser.getControl(name="form.password").value = SECRET
    23312332        self.browser.getControl("Login").click()
    23322333        self.assertMatches('...You logged in...', self.browser.contents)
     
    41114112    def test_export_departmet_officers(self):
    41124113        # Create department officer
    4113         self.app['users'].addUser('mrdepartment', 'mrdepartmentsecret')
     4114        self.app['users'].addUser('mrdepartment', SECRET)
    41144115        self.app['users']['mrdepartment'].email = 'mrdepartment@foo.ng'
    41154116        self.app['users']['mrdepartment'].title = 'Carlo Pitter'
     
    41214122        self.browser.open(self.login_path)
    41224123        self.browser.getControl(name="form.login").value = 'mrdepartment'
    4123         self.browser.getControl(name="form.password").value = 'mrdepartmentsecret'
     4124        self.browser.getControl(name="form.password").value = SECRET
    41244125        self.browser.getControl("Login").click()
    41254126        self.assertMatches('...You logged in...', self.browser.contents)
     
    41454146    def test_export_bursary_officers(self):
    41464147        # Create bursary officer
    4147         self.app['users'].addUser('mrbursary', 'mrbursarysecret')
     4148        self.app['users'].addUser('mrbursary', SECRET)
    41484149        self.app['users']['mrbursary'].email = 'mrbursary@foo.ng'
    41494150        self.app['users']['mrbursary'].title = 'Carlo Pitter'
     
    41534154        self.browser.open(self.login_path)
    41544155        self.browser.getControl(name="form.login").value = 'mrbursary'
    4155         self.browser.getControl(name="form.password").value = 'mrbursarysecret'
     4156        self.browser.getControl(name="form.password").value = SECRET
    41564157        self.browser.getControl("Login").click()
    41574158        self.assertMatches('...You logged in...', self.browser.contents)
     
    41834184    def test_export_accommodation_officers(self):
    41844185        # Create bursary officer
    4185         self.app['users'].addUser('mracco', 'mraccosecret')
     4186        self.app['users'].addUser('mracco', SECRET)
    41864187        self.app['users']['mracco'].email = 'mracco@foo.ng'
    41874188        self.app['users']['mracco'].title = 'Carlo Pitter'
     
    41914192        self.browser.open(self.login_path)
    41924193        self.browser.getControl(name="form.login").value = 'mracco'
    4193         self.browser.getControl(name="form.password").value = 'mraccosecret'
     4194        self.browser.getControl(name="form.password").value = SECRET
    41944195        self.browser.getControl("Login").click()
    41954196        self.assertMatches('...You logged in...', self.browser.contents)
     
    42344235
    42354236    def login_as_lecturer(self):
    4236         self.app['users'].addUser('mrslecturer', 'mrslecturersecret')
     4237        self.app['users'].addUser('mrslecturer', SECRET)
    42374238        self.app['users']['mrslecturer'].email = 'mrslecturer@foo.ng'
    42384239        self.app['users']['mrslecturer'].title = u'Mercedes Benz'
     
    42534254        self.browser.getControl(name="form.login").value = 'mrslecturer'
    42544255        self.browser.getControl(
    4255             name="form.password").value = 'mrslecturersecret'
     4256            name="form.password").value = SECRET
    42564257        self.browser.getControl("Login").click()
    42574258        # Store reused urls/paths
Note: See TracChangeset for help on using the changeset viewer.