public function testReconnectAccount()  {
        $owner_instance_dao = new OwnerInstanceMySQLDAO();
        $instance_dao = new InstanceMySQLDAO();
        $owner_dao = new OwnerMySQLDAO();

        $_GET['p'] = 'facebook';
        $_GET['perms'] = 'offline_access,read_stream,user_likes,user_location,user_website,read_friendlists';
        $_GET['selected_profiles'] = '606837591';
        $_GET['session'] = '{"session_key":"new-faux-access-token","uid":"606837591","expires":0,"secret":'.
        '"itsasecret","access_token":"new-faux-access-token","sig":"siggysigsig"}';

        $options_arry = $this->buildPluginOptions();
        $this->simulateLogin('*****@*****.**', true);
        $owner = $owner_dao->getByEmail(Session::getLoggedInUser());
        $controller = new FacebookPluginConfigurationController($owner, 'facebook');
        $output = $controller->go();

        $v_mgr = $controller->getViewManager();
        $this->assertEqual($v_mgr->getTemplateDataItem('successmsg'), "Success! You've reconnected your Facebook ".
        "account.");

        $instance = $instance_dao->getByUserIdOnNetwork('606837591', 'facebook');
        $this->assertTrue(isset($instance));

        $oinstance = $owner_instance_dao->get($owner->id, $instance->id);
        $this->assertTrue(isset($oinstance));
        $this->assertEqual($oinstance->oauth_access_token, 'new-faux-access-token');
    }
 public function testForDeleteCSRFToken()
 {
     self::buildInstanceData();
     $owner_instance_dao = new OwnerInstanceMySQLDAO();
     $instance_dao = new InstanceMySQLDAO();
     $owner_dao = new OwnerMySQLDAO();
     $options_arry = $this->buildPluginOptions();
     $this->simulateLogin('*****@*****.**', true, true);
     $owner = $owner_dao->getByEmail(Session::getLoggedInUser());
     $controller = new FacebookPluginConfigurationController($owner, 'facebook');
     // add mock page data to view
     $owner_instance_pages = array('123456' => array('id' => '123456', 'network_username' => 'test_username', 'network' => 'facebook'));
     $view = $controller->getViewManager();
     $view->assign('owner_instance_pages', $owner_instance_pages);
     $output = $controller->go();
     // looks for account delete token
     $this->assertPattern('/name="csrf_token" value="' . self::CSRF_TOKEN . '" \\/><!\\-\\- delete account csrf token \\-\\->/', $output);
     // looks for page delete token
     $this->assertPattern('/name="csrf_token" value="' . self::CSRF_TOKEN . '" \\/><!\\-\\- delete page csrf token \\-\\->/', $output);
 }
 public function testAuthControlLoggedInTimeZone()
 {
     $owner_dao = new OwnerMySQLDAO();
     $owner = $owner_dao->getByEmail('*****@*****.**');
     $this->assertEqual('UTC', $owner->timezone);
     $this->simulateLogin('*****@*****.**', false, true);
     $_POST['updatepreferences'] = 'Update';
     $_POST['timezone'] = 'America/New_York';
     $controller = new AccountConfigurationController(true);
     $controller->go();
     $owner = $owner_dao->getByEmail('*****@*****.**');
     // No CSRF shouldn't update
     $this->assertNotEqual('America/NewYork', $owner->timezone);
     $this->simulateLogin('*****@*****.**', false, true);
     $_POST['updatepreferences'] = 'Update';
     $_POST['timezone'] = 'bananas';
     $_POST['csrf_token'] = parent::CSRF_TOKEN;
     $controller = new AccountConfigurationController(true);
     $output = $controller->go();
     $owner = $owner_dao->getByEmail('*****@*****.**');
     // bad value, shouldn't update
     $this->assertNotEqual('bananas', $owner->timezone);
     $this->assertEqual('UTC', $owner->timezone);
     $this->assertNoPattern('/time zone has been saved/', $output);
     $this->simulateLogin('*****@*****.**', false, true);
     $_POST['updatepreferences'] = 'Update';
     $_POST['timezone'] = 'America/New_York';
     $_POST['csrf_token'] = parent::CSRF_TOKEN;
     $controller = new AccountConfigurationController(true);
     $output = $controller->go();
     $owner = $owner_dao->getByEmail('*****@*****.**');
     $this->assertNotEqual('UTC', $owner->timezone);
     $this->assertEqual('America/New_York', $owner->timezone);
     $this->assertPattern('/time zone has been saved/', $output);
 }
Exemplo n.º 4
0
    public function testFailedLoginLockout() {
        $session = new Session();
        $cryptpass = $session->pwdcrypt("blah");

        $owner = array('id'=>2, 'email'=>'*****@*****.**', 'pwd'=>$cryptpass, 'is_activated'=>1);
        $builder = FixtureBuilder::build('owners', $owner);

        //force login lockout by providing the wrong password more than 10 times
        $i = 1;
        while ($i <= 15) {
            $_POST['Submit'] = 'Log In';
            $_POST['email'] = '*****@*****.**';
            $_POST['pwd'] = 'blah1';
            $controller = new LoginController(true);
            $results = $controller->go();

            $v_mgr = $controller->getViewManager();
            $this->assertEqual($v_mgr->getTemplateDataItem('controller_title'), 'Log in');
            if ($i <= 11) {
                $this->assertPattern("/Incorrect password/", $v_mgr->getTemplateDataItem('errormsg'));
                $owner_dao = new OwnerMySQLDAO();
                $owner = $owner_dao->getByEmail('*****@*****.**');
                $this->assertEqual($owner->failed_logins, $i);
            } else {
                $this->assertEqual("Inactive account. Account deactivated due to too many failed logins. ".
                '<a href="forgot.php">Reset your password.</a>', $v_mgr->getTemplateDataItem('errormsg'));
                $owner_dao = new OwnerMySQLDAO();
                $owner = $owner_dao->getByEmail('*****@*****.**');
                $this->assertEqual($owner->account_status, "Account deactivated due to too many failed logins");
            }
            $i = $i + 1;
        }
    }
 public function testAuthControlLoggedInChangeNotificationFrequency()
 {
     $owner_dao = new OwnerMySQLDAO();
     $owner = $owner_dao->getByEmail('*****@*****.**');
     $this->assertEqual('daily', $owner->email_notification_frequency);
     $this->simulateLogin('*****@*****.**', false, true);
     $controller = new AccountConfigurationController(true);
     $output = $controller->go();
     $this->assertPattern('/"daily"[^>]*selected/', $output);
     $this->assertNoPattern('/"both"[^>]*selected/', $output);
     $this->simulateLogin('*****@*****.**', false, true);
     $_POST['updatefrequency'] = 'Update Frequency';
     $_POST['notificationfrequency'] = 'both';
     $controller = new AccountConfigurationController(true);
     $controller->go();
     $owner = $owner_dao->getByEmail('*****@*****.**');
     // No CSRF shouldn't update
     $this->assertNotEqual('both', $owner->email_notification_frequency);
     $this->simulateLogin('*****@*****.**', false, true);
     $_POST['updatefrequency'] = 'Update Frequency';
     $_POST['notificationfrequency'] = 'bananas';
     $_POST['csrf_token'] = parent::CSRF_TOKEN;
     $controller = new AccountConfigurationController(true);
     $output = $controller->go();
     $owner = $owner_dao->getByEmail('*****@*****.**');
     // bad value, shouldn't update
     $this->assertNotEqual('bananas', $owner->email_notification_frequency);
     $this->assertEqual('daily', $owner->email_notification_frequency);
     $this->assertNoPattern('/email notification frequency has been updated/', $output);
     $this->simulateLogin('*****@*****.**', false, true);
     $_POST['updatefrequency'] = 'Update Frequency';
     $_POST['notificationfrequency'] = 'both';
     $_POST['csrf_token'] = parent::CSRF_TOKEN;
     $controller = new AccountConfigurationController(true);
     $output = $controller->go();
     $owner = $owner_dao->getByEmail('*****@*****.**');
     $this->assertNotEqual('daily', $owner->email_notification_frequency);
     $this->assertEqual('both', $owner->email_notification_frequency);
     $this->assertNoPattern('/"daily"[^>]*selected/', $output);
     $this->assertPattern('/"both"[^>]*selected/', $output);
     $this->assertPattern('/email notification frequency has been updated/', $output);
 }