public function testReconnectAccount() {
$owner_instance_dao = new OwnerInstanceMySQLDAO();
$instance_dao = new InstanceMySQLDAO();
$owner_dao = new OwnerMySQLDAO();
$_GET['p'] = 'facebook';
$_GET['perms'] = 'offline_access,read_stream,user_likes,user_location,user_website,read_friendlists';
$_GET['selected_profiles'] = '606837591';
$_GET['session'] = '{"session_key":"new-faux-access-token","uid":"606837591","expires":0,"secret":'.
'"itsasecret","access_token":"new-faux-access-token","sig":"siggysigsig"}';
$options_arry = $this->buildPluginOptions();
$this->simulateLogin('*****@*****.**', true);
$owner = $owner_dao->getByEmail(Session::getLoggedInUser());
$controller = new FacebookPluginConfigurationController($owner, 'facebook');
$output = $controller->go();
$v_mgr = $controller->getViewManager();
$this->assertEqual($v_mgr->getTemplateDataItem('successmsg'), "Success! You've reconnected your Facebook ".
"account.");
$instance = $instance_dao->getByUserIdOnNetwork('606837591', 'facebook');
$this->assertTrue(isset($instance));
$oinstance = $owner_instance_dao->get($owner->id, $instance->id);
$this->assertTrue(isset($oinstance));
$this->assertEqual($oinstance->oauth_access_token, 'new-faux-access-token');
}
public function testForDeleteCSRFToken()
{
self::buildInstanceData();
$owner_instance_dao = new OwnerInstanceMySQLDAO();
$instance_dao = new InstanceMySQLDAO();
$owner_dao = new OwnerMySQLDAO();
$options_arry = $this->buildPluginOptions();
$this->simulateLogin('*****@*****.**', true, true);
$owner = $owner_dao->getByEmail(Session::getLoggedInUser());
$controller = new FacebookPluginConfigurationController($owner, 'facebook');
// add mock page data to view
$owner_instance_pages = array('123456' => array('id' => '123456', 'network_username' => 'test_username', 'network' => 'facebook'));
$view = $controller->getViewManager();
$view->assign('owner_instance_pages', $owner_instance_pages);
$output = $controller->go();
// looks for account delete token
$this->assertPattern('/name="csrf_token" value="' . self::CSRF_TOKEN . '" \\/><!\\-\\- delete account csrf token \\-\\->/', $output);
// looks for page delete token
$this->assertPattern('/name="csrf_token" value="' . self::CSRF_TOKEN . '" \\/><!\\-\\- delete page csrf token \\-\\->/', $output);
}
public function testAuthControlLoggedInTimeZone()
{
$owner_dao = new OwnerMySQLDAO();
$owner = $owner_dao->getByEmail('*****@*****.**');
$this->assertEqual('UTC', $owner->timezone);
$this->simulateLogin('*****@*****.**', false, true);
$_POST['updatepreferences'] = 'Update';
$_POST['timezone'] = 'America/New_York';
$controller = new AccountConfigurationController(true);
$controller->go();
$owner = $owner_dao->getByEmail('*****@*****.**');
// No CSRF shouldn't update
$this->assertNotEqual('America/NewYork', $owner->timezone);
$this->simulateLogin('*****@*****.**', false, true);
$_POST['updatepreferences'] = 'Update';
$_POST['timezone'] = 'bananas';
$_POST['csrf_token'] = parent::CSRF_TOKEN;
$controller = new AccountConfigurationController(true);
$output = $controller->go();
$owner = $owner_dao->getByEmail('*****@*****.**');
// bad value, shouldn't update
$this->assertNotEqual('bananas', $owner->timezone);
$this->assertEqual('UTC', $owner->timezone);
$this->assertNoPattern('/time zone has been saved/', $output);
$this->simulateLogin('*****@*****.**', false, true);
$_POST['updatepreferences'] = 'Update';
$_POST['timezone'] = 'America/New_York';
$_POST['csrf_token'] = parent::CSRF_TOKEN;
$controller = new AccountConfigurationController(true);
$output = $controller->go();
$owner = $owner_dao->getByEmail('*****@*****.**');
$this->assertNotEqual('UTC', $owner->timezone);
$this->assertEqual('America/New_York', $owner->timezone);
$this->assertPattern('/time zone has been saved/', $output);
}
public function testFailedLoginLockout() {
$session = new Session();
$cryptpass = $session->pwdcrypt("blah");
$owner = array('id'=>2, 'email'=>'*****@*****.**', 'pwd'=>$cryptpass, 'is_activated'=>1);
$builder = FixtureBuilder::build('owners', $owner);
//force login lockout by providing the wrong password more than 10 times
$i = 1;
while ($i <= 15) {
$_POST['Submit'] = 'Log In';
$_POST['email'] = '*****@*****.**';
$_POST['pwd'] = 'blah1';
$controller = new LoginController(true);
$results = $controller->go();
$v_mgr = $controller->getViewManager();
$this->assertEqual($v_mgr->getTemplateDataItem('controller_title'), 'Log in');
if ($i <= 11) {
$this->assertPattern("/Incorrect password/", $v_mgr->getTemplateDataItem('errormsg'));
$owner_dao = new OwnerMySQLDAO();
$owner = $owner_dao->getByEmail('*****@*****.**');
$this->assertEqual($owner->failed_logins, $i);
} else {
$this->assertEqual("Inactive account. Account deactivated due to too many failed logins. ".
'<a href="forgot.php">Reset your password.</a>', $v_mgr->getTemplateDataItem('errormsg'));
$owner_dao = new OwnerMySQLDAO();
$owner = $owner_dao->getByEmail('*****@*****.**');
$this->assertEqual($owner->account_status, "Account deactivated due to too many failed logins");
}
$i = $i + 1;
}
}
public function testAuthControlLoggedInChangeNotificationFrequency()
{
$owner_dao = new OwnerMySQLDAO();
$owner = $owner_dao->getByEmail('*****@*****.**');
$this->assertEqual('daily', $owner->email_notification_frequency);
$this->simulateLogin('*****@*****.**', false, true);
$controller = new AccountConfigurationController(true);
$output = $controller->go();
$this->assertPattern('/"daily"[^>]*selected/', $output);
$this->assertNoPattern('/"both"[^>]*selected/', $output);
$this->simulateLogin('*****@*****.**', false, true);
$_POST['updatefrequency'] = 'Update Frequency';
$_POST['notificationfrequency'] = 'both';
$controller = new AccountConfigurationController(true);
$controller->go();
$owner = $owner_dao->getByEmail('*****@*****.**');
// No CSRF shouldn't update
$this->assertNotEqual('both', $owner->email_notification_frequency);
$this->simulateLogin('*****@*****.**', false, true);
$_POST['updatefrequency'] = 'Update Frequency';
$_POST['notificationfrequency'] = 'bananas';
$_POST['csrf_token'] = parent::CSRF_TOKEN;
$controller = new AccountConfigurationController(true);
$output = $controller->go();
$owner = $owner_dao->getByEmail('*****@*****.**');
// bad value, shouldn't update
$this->assertNotEqual('bananas', $owner->email_notification_frequency);
$this->assertEqual('daily', $owner->email_notification_frequency);
$this->assertNoPattern('/email notification frequency has been updated/', $output);
$this->simulateLogin('*****@*****.**', false, true);
$_POST['updatefrequency'] = 'Update Frequency';
$_POST['notificationfrequency'] = 'both';
$_POST['csrf_token'] = parent::CSRF_TOKEN;
$controller = new AccountConfigurationController(true);
$output = $controller->go();
$owner = $owner_dao->getByEmail('*****@*****.**');
$this->assertNotEqual('daily', $owner->email_notification_frequency);
$this->assertEqual('both', $owner->email_notification_frequency);
$this->assertNoPattern('/"daily"[^>]*selected/', $output);
$this->assertPattern('/"both"[^>]*selected/', $output);
$this->assertPattern('/email notification frequency has been updated/', $output);
}
