From dc792a0222ef46cd05412d70696dc4dd04498492 Mon Sep 17 00:00:00 2001 From: David Goodwin Date: Wed, 27 Dec 2023 16:09:35 +0000 Subject: [PATCH] add unit test to cover some of Login::addAppPassword() --- model/Login.php | 20 +------------------- tests/LoginTest.php | 31 +++++++++++++++++++++++++++++-- 2 files changed, 30 insertions(+), 21 deletions(-) diff --git a/model/Login.php b/model/Login.php index d9832855..93086866 100644 --- a/model/Login.php +++ b/model/Login.php @@ -228,29 +228,11 @@ class Login $app_pass = pacrypt($app_pass); - /* maybe we want this - if (Config::bool('password_expiration')) { - $domain = $this->getUserDomain($username); - if (!is_null($domain)) { - $password_expiration_value = (int)get_password_expiration_value($domain); - $set['password_expiry'] = date('Y-m-d H:i', strtotime("+$password_expiration_value day")); - } - } - */ - - // As PostgeSQL lacks REPLACE we first check and delete any previous rows matching this ip and user - $exists = db_query_all('SELECT id FROM mailbox_app_password WHERE username = :username AND description = :description', - ['username' => $username, 'description' => $app_desc,]); - if (isset($exists[0])) { - foreach ($exists as $x) { - db_delete('mailbox_app_password', 'id', $x['id']); - } - } $result = db_insert('mailbox_app_password', ['username' => $username, 'description' => $app_desc, 'password_hash' => $app_pass], []); if ($result != 1) { - db_log($domain, 'edit_password', "FAILURE: " . $username); + db_log($domain, 'add_app_password', "FAILURE: " . $username); throw new \Exception(Config::lang('pAdd_app_password_result_error')); } diff --git a/tests/LoginTest.php b/tests/LoginTest.php index af20cf85..f5174791 100644 --- a/tests/LoginTest.php +++ b/tests/LoginTest.php @@ -43,7 +43,7 @@ class LoginTest extends \PHPUnit\Framework\TestCase db_query('DELETE FROM domain'); } - public function testPasswordchange() + public function testChangePassword() { $login = new Login('mailbox'); @@ -106,7 +106,7 @@ class LoginTest extends \PHPUnit\Framework\TestCase $this->assertFalse($l->login('test@fails.com', 'foobar')); } - public function testValidLogin() + public function testInvalidLogin() { $login = new Login('mailbox'); @@ -122,4 +122,31 @@ class LoginTest extends \PHPUnit\Framework\TestCase $this->assertFalse($login->generatePasswordRecoveryCode('doesnotexist')); $this->assertNotEmpty($login->generatePasswordRecoveryCode('test@example.com')); } + + public function testAddAppPasswordIncorrectPassword() + { + $login = new Login('mailbox'); + $this->assertTrue($login->login('test@example.com', 'foobar')); + + $this->expectExceptionMessage("You didn't supply your current password!"); + $this->assertTrue($login->addAppPassword('test@example.com', 'fish', '1st-app-password', 'something')); + } + public function testAddAppPassword() + { + $login = new Login('mailbox'); + $this->assertTrue($login->login('test@example.com', 'foobar')); + + $this->assertTrue($login->addAppPassword('test@example.com', 'foobar', '1st-app-password', 'something')); + $this->assertTrue($login->addAppPassword('test@example.com', 'foobar', '1st-app-password', 'something')); + + $rows = db_query_all('SELECT * FROM mailbox_app_password'); + + $this->assertEquals(2, count($rows)); + + foreach ($rows as $r) { + $this->assertEquals('1st-app-password', $r['description']); + $this->assertNotEmpty($r['password_hash']); + $this->assertEquals('test@example.com', $r['username']); + } + } }