public function testChangePassword_PasswordChanged()
{
// create user with a random password
$e = new MongoTestEnvironment();
$userId = $e->createUser('test', 'test user', '*****@*****.**');
$passwordModel = new PasswordModel($userId);
$someRandomPassword = '******';
// bcrypt for 'blahblah'
$passwordModel->password = $someRandomPassword;
$passwordModel->write();
// change the password to 12345
$password = '******';
$passwordModel->changePassword($password);
$passwordModel->write();
// assert that the password was changed correctly
$passwordModel2 = new PasswordModel($userId);
$this->assertTrue($passwordModel2->verifyPassword($password));
}
/**
* Activate a user on the specified site and validate email if it was empty, otherwise login
* @param string $username
* @param string $password
* @param string $email
* @param Website $website
* @param Application $app
* @param DeliveryInterface $delivery
* @return string|boolean $userId|false otherwise
*/
public static function activate($username, $password, $email, $website, $app, DeliveryInterface $delivery = null)
{
CodeGuard::checkEmptyAndThrow($username, 'username');
CodeGuard::checkEmptyAndThrow($password, 'password');
CodeGuard::checkEmptyAndThrow($email, 'email');
CodeGuard::checkNullAndThrow($website, 'website');
$identityCheck = self::checkIdentity($username, $email, $website);
if ($website->allowSignupFromOtherSites && $identityCheck->usernameExists && !$identityCheck->usernameExistsOnThisSite && ($identityCheck->emailIsEmpty || $identityCheck->emailMatchesAccount)) {
$user = new PasswordModel();
if ($user->readByProperty('username', $username)) {
if ($user->verifyPassword($password)) {
$user = new UserModel($user->id->asString());
$user->siteRole[$website->domain] = $website->userDefaultSiteRole;
if ($identityCheck->emailIsEmpty) {
$user->emailPending = $email;
}
$user->write();
// if website has a default project then add them to that project
$project = ProjectModel::getDefaultProject($website);
$url = '/app';
if ($project) {
$project->addUser($user->id->asString(), ProjectRoles::CONTRIBUTOR);
$user->addProject($project->id->asString());
$project->write();
$user->write();
$url = '/app/' . $project->appName . '/' . $project->id->asString();
}
if ($identityCheck->emailIsEmpty) {
Communicate::sendSignup($user, $website, $delivery);
}
if ($identityCheck->emailMatchesAccount) {
Auth::login($app, $username, $password);
return Auth::result(Auth::LOGIN_SUCCESS, $url, 'location');
}
return Auth::result(Auth::LOGIN_FAIL_USER_UNAUTHORIZED, '', 'location');
}
}
}
return false;
}
public function testChangePassword_SystemAdminChangeOtherUser_Succeeds()
{
$this->environ->clean();
$adminModel = new Api\Model\UserModel();
$adminModel->username = '******';
$adminModel->role = SystemRoles::SYSTEM_ADMIN;
$adminId = $adminModel->write();
$userModel = new Api\Model\UserModel();
$userModel->username = '******';
$userModel->role = SystemRoles::NONE;
$userId = $userModel->write();
$this->assertNotEqual($adminId, $userId);
UserCommands::changePassword($userId, 'somepass', $adminId);
$passwordModel = new PasswordModel($userId);
$result = $passwordModel->verifyPassword('somepass');
$this->assertTrue($result, 'Could not verify changed password');
}