public function testChangePassword(FunctionalTester $I)
{
$I->amGoingTo('test the change password functionality');
// Create one user
$user = Commons::createUser();
$I->amGoingTo('login a user');
$loginPage = LoginPage::openBy($I);
$loginPage->login(Commons::TEST_EMAIL, Commons::TEST_PASSWORD);
$changePasswordPage = ChangePasswordPage::openBy($I);
$I->see('Change password');
$I->seeElement('#changepasswordform-newpassword');
$I->seeElement('#changepasswordform-newpasswordrepeat');
$I->dontSeeElement('#changepasswordform-email');
$I->dontSeeElement('#changepasswordform-oldpassword');
$I->amGoingTo('try to change the password with two different passwords for the new password and the new password repeat fields');
$changePasswordPage->changePassword('123123', '234234');
$I->expect('the form will catch the difference');
$I->see('The new passwords are not the same.');
$I->amGoingTo('test adding new password with length lower than the default length');
$changePasswordPage->changePassword('123', '123');
$I->expect('the form will warn the user');
$I->see('New password should contain at least 6 characters');
$I->see('New password repeat should contain at least 6 characters');
$I->amGoingTo('change the password of the user properly');
$changePasswordPage->changePassword('Nik)lay!23', 'Nik)lay!23');
$I->expect('that this time everything will be ok and the user will be redirected to the home page');
$user->refresh();
$I->assertNotNull($user->password_changed_at);
$I->seeInCurrentUrl('/');
}
public function testPasswordRecoveryRequest(FunctionalTester $I)
{
// Create one user
$user = Commons::createUser();
$I->expectTo('see the recovery form when going to the recovery page');
$passwordRecoveryRequestPage = PasswordRecoveryRequestPage::openBy($I);
$I->seeElement('#password-recovery-form');
$I->expectTo('see that a proper message is sent when an empty email is set');
$passwordRecoveryRequestPage->submitRecoveryForm('');
$I->seeElement('#password-recovery-form');
$I->see('Email cannot be blank');
$I->expectTo('see that a proper message is sent when a wrong email is set');
$passwordRecoveryRequestPage->submitRecoveryForm('test@fds');
$I->seeElement('#password-recovery-form');
$I->see('Email is not a valid email address.');
$I->expectTo('see that a proper message is sent when an email of unexisting user is set');
$passwordRecoveryRequestPage->submitRecoveryForm('*****@*****.**');
$I->seeElement('#password-recovery-form');
$I->see('There is no user with this email address');
$I->amGoingTo('save the form with correct data');
$passwordRecoveryRequestPage->submitRecoveryForm(Commons::TEST_EMAIL);
$I->expectTo('see the user is redirected to the correct page');
$I->see('Recovery message sent');
$I->expectTo('see that a the token is saved to the database');
$I->seeRecord(Token::className(), ['user_id' => $user->id]);
$I->expectTo('see that a recovery email is sent to the user');
$I->assertNotEmpty($this->mailDir);
}
public function testChangePasswordAfterFirstLogin()
{
// Asure that everything is configured properly
verify('Check that the advanced directory exists', is_dir(Commons::ADVANCED_MIGRATIONS_DIR))->true();
$files = scandir(Commons::ADVANCED_MIGRATIONS_DIR);
$result = preg_grep('/' . self::ATTR_REQUIRE_PASSWORD_CHANGE . '/', $files);
verify('Check that the migration exists', $result)->notEmpty();
verify('Check that the field is added to the table (the migration is run)', (new User())->hasAttribute(self::ATTR_REQUIRE_PASSWORD_CHANGE))->true();
// Behavior validations
$behavior = Yii::$app->user->attachBehavior('firstLoginPolicy', 'nkostadinov\\user\\behaviors\\FirstLoginPolicyBehavior');
verify('Check that the behavior exists', $behavior)->notNull();
$user = Commons::createUser();
// Defaults validations
verify('Check that the default value of the ' . self::ATTR_REQUIRE_PASSWORD_CHANGE . ' field is set to 1', $user->require_password_change)->equals(1);
// The user is required to change his password on a first login
verify('Check that the login fails', Yii::$app->user->login($user))->false();
// Change the password of the user and check the user is logged in
$changePasswordForm = new ChangePasswordForm();
$changePasswordForm->email = Commons::TEST_EMAIL;
$changePasswordForm->oldPassword = Commons::TEST_PASSWORD;
$changePasswordForm->newPassword = '******';
$changePasswordForm->newPasswordRepeat = 'Risto-Bageristo1';
$changePasswordForm->changePassword();
// The user is logged in after a password change
$user->refresh();
verify('Asure the ' . self::ATTR_REQUIRE_PASSWORD_CHANGE . ' is set to 0', $user->require_password_change)->equals(0);
verify('Check that the login passes', Yii::$app->user->isGuest)->false();
Yii::$app->user->logout();
// Logout the user to continue testing without a logged in user
}
