/**
* Execute the action.
* @param array command line parameters specific for this command
*/
public function actionIndex($username, $password)
{
// we want to change password and while doing so it would be better to assume
// a root-level system user.
Yii::app()->user->userModel = BaseControlUserConfigUtil::getUserToRunAs(true);
if (!isset($username)) {
$this->usageError('A username must be specified.');
}
if (!isset($password)) {
$this->usageError('You must specify the new password.');
}
try {
$user = User::getByUsername($username);
} catch (NotFoundException $e) {
$this->usageError('The specified username does not exist.');
}
$user->setScenario('changePassword');
$userPasswordForm = new UserPasswordForm($user);
$userPasswordForm->setScenario('changePassword');
$userPasswordForm->newPassword = $password;
$userPasswordForm->newPassword_repeat = $password;
if (!$userPasswordForm->validate()) {
$this->addErrorsAsUsageErrors($userPasswordForm->getErrors());
}
if (!$user->validate()) {
$this->addErrorsAsUsageErrors($user->getErrors());
}
if (!$user->save()) {
throw new FailedToSaveModelException();
}
echo 'Updated Password' . "\n";
}
/**
* @depends testCreateAndGetUserById
*/
public function testPasswordUserNamePolicyChangesValidationAndLogin()
{
$bill = User::getByUsername('bill');
$bill->setScenario('changePassword');
$billPasswordForm = new UserPasswordForm($bill);
$billPasswordForm->setScenario('changePassword');
$this->assertEquals(null, $bill->getEffectivePolicy('UsersModule', UsersModule::POLICY_ENFORCE_STRONG_PASSWORDS));
$this->assertEquals(5, $bill->getEffectivePolicy('UsersModule', UsersModule::POLICY_MINIMUM_PASSWORD_LENGTH));
$this->assertEquals(3, $bill->getEffectivePolicy('UsersModule', UsersModule::POLICY_MINIMUM_USERNAME_LENGTH));
$_FAKEPOST = array('UserPasswordForm' => array('username' => 'ab', 'newPassword' => 'ab', 'newPassword_repeat' => 'ab'));
$billPasswordForm->setAttributes($_FAKEPOST['UserPasswordForm']);
$this->assertFalse($billPasswordForm->save());
$errors = array('newPassword' => array('The password is too short. Minimum length is 5.'));
$this->assertEquals($errors, $billPasswordForm->getErrors());
$_FAKEPOST = array('UserPasswordForm' => array('username' => 'abcdefg', 'newPassword' => 'abcdefg', 'newPassword_repeat' => 'abcdefg'));
$billPasswordForm->setAttributes($_FAKEPOST['UserPasswordForm']);
$this->assertEquals('abcdefg', $billPasswordForm->username);
$this->assertEquals('abcdefg', $billPasswordForm->newPassword);
$validated = $billPasswordForm->validate();
$this->assertTrue($validated);
$saved = $billPasswordForm->save();
$this->assertTrue($saved);
$bill->setPolicy('UsersModule', UsersModule::POLICY_ENFORCE_STRONG_PASSWORDS, Policy::YES);
// If security is optimized the optimization will see the policy value in the database
// and so wont use it in validating, so the non-strong password wont be validated as
// invalid until the next save.
$this->assertEquals(SECURITY_OPTIMIZED, $billPasswordForm->save());
$_FAKEPOST = array('UserPasswordForm' => array('newPassword' => 'abcdefg', 'newPassword_repeat' => 'abcdefg'));
$billPasswordForm->setAttributes($_FAKEPOST['UserPasswordForm']);
$this->assertFalse($billPasswordForm->save());
$this->assertEquals(md5('abcdefg'), $bill->hash);
$errors = array('newPassword' => array('The password must have at least one uppercase letter', 'The password must have at least one number and one letter'));
$this->assertEquals($errors, $billPasswordForm->getErrors());
$_FAKEPOST = array('UserPasswordForm' => array('newPassword' => 'abcdefgN', 'newPassword_repeat' => 'abcdefgN'));
$billPasswordForm->setAttributes($_FAKEPOST['UserPasswordForm']);
$this->assertFalse($billPasswordForm->save());
$errors = array('newPassword' => array('The password must have at least one number and one letter'));
$this->assertEquals($errors, $billPasswordForm->getErrors());
$_FAKEPOST = array('UserPasswordForm' => array('newPassword' => 'ABCDEFGH', 'newPassword_repeat' => 'ABCDEFGH'));
$billPasswordForm->setAttributes($_FAKEPOST['UserPasswordForm']);
$this->assertFalse($billPasswordForm->save());
$errors = array('newPassword' => array('The password must have at least one lowercase letter', 'The password must have at least one number and one letter'));
$this->assertEquals($errors, $billPasswordForm->getErrors());
$_FAKEPOST = array('UserPasswordForm' => array('newPassword' => 'abcdefgN4', 'newPassword_repeat' => 'abcdefgN4'));
$billPasswordForm->setAttributes($_FAKEPOST['UserPasswordForm']);
$this->assertTrue($billPasswordForm->save());
$bill->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB);
$this->assertTrue($billPasswordForm->save());
$this->assertEquals(Right::ALLOW, $bill->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB));
//Now attempt to login as bill
$bill->forget();
$bill = User::getByUsername('abcdefg');
$this->assertEquals(md5('abcdefgN4'), $bill->hash);
$identity = new UserIdentity('abcdefg', 'abcdefgN4');
$authenticated = $identity->authenticate();
$this->assertEquals(0, $identity->errorCode);
$this->assertTrue($authenticated);
//Now turn off login via web for bill
Yii::app()->user->userModel = User::getByUsername('super');
$bill = User::getByUsername('abcdefg');
$bill->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB, RIGHT::DENY);
$this->assertTrue($bill->save());
$identity = new UserIdentity('abcdefg', 'abcdefgN4');
$this->assertFalse($identity->authenticate());
$this->assertEquals(UserIdentity::ERROR_NO_RIGHT_WEB_LOGIN, $identity->errorCode);
}