Add tests for the Change Password Endpoints

2025-11-12 16:35:45 +01:00 · 2018-09-19 15:54:24 +02:00
parent 2187b95ef8
commit 5c64c52a31
30 changed files with 1229 additions and 380 deletions
--- a/scm-it/src/test/java/sonia/scm/it/UserITCase.java
+++ b/scm-it/src/test/java/sonia/scm/it/UserITCase.java
@@ -0,0 +1,112 @@
+package sonia.scm.it;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import sonia.scm.it.utils.ScmRequests;
+import sonia.scm.it.utils.TestData;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+public class UserITCase {
+
+  @Before
+  public void init(){
+    TestData.cleanup();
+  }
+
+  @Test
+  public void adminShouldChangeOwnPassword() {
+    String newPassword = TestData.USER_SCM_ADMIN + "1";
+    // admin change the own password
+    ScmRequests.start()
+      .given()
+      .url(TestData.getUserUrl(TestData.USER_SCM_ADMIN))
+      .usernameAndPassword(TestData.USER_SCM_ADMIN, TestData.USER_SCM_ADMIN)
+      .getUserResource()
+      .assertStatusCode(200)
+      .usingUserResponse()
+      .assertAdmin(aBoolean -> assertThat(aBoolean).isEqualTo(Boolean.TRUE))
+      .assertPassword(Assert::assertNull)
+      .requestChangePassword(newPassword) // the oldPassword is not needed in the user resource
+      .assertStatusCode(204);
+    // assert password is changed -> login with the new Password than undo changes
+    ScmRequests.start()
+      .given()
+      .url(TestData.getUserUrl(TestData.USER_SCM_ADMIN))
+      .usernameAndPassword(TestData.USER_SCM_ADMIN, newPassword)
+      .getUserResource()
+      .assertStatusCode(200)
+      .usingUserResponse()
+      .assertAdmin(aBoolean -> assertThat(aBoolean).isEqualTo(Boolean.TRUE))
+      .assertPassword(Assert::assertNull)
+      .requestChangePassword(TestData.USER_SCM_ADMIN)
+      .assertStatusCode(204);
+
+  }
+
+  @Test
+  public void adminShouldChangePasswordOfOtherUser() {
+    String newUser = "user";
+    String password = "pass";
+    TestData.createUser(newUser, password, true, "xml");
+    String newPassword = "new_password";
+    // admin change the password of the user
+    ScmRequests.start()
+      .given()
+      .url(TestData.getUserUrl(newUser))// the admin get the user object
+      .usernameAndPassword(TestData.USER_SCM_ADMIN, TestData.USER_SCM_ADMIN)
+      .getUserResource()
+      .assertStatusCode(200)
+      .usingUserResponse()
+      .assertAdmin(aBoolean -> assertThat(aBoolean).isEqualTo(Boolean.TRUE)) // the user anonymous is not an admin
+      .assertPassword(Assert::assertNull)
+      .requestChangePassword(newPassword) // the oldPassword is not needed in the user resource
+      .assertStatusCode(204);
+    // assert password is changed
+    ScmRequests.start()
+      .given()
+      .url(TestData.getUserUrl(newUser))
+      .usernameAndPassword(newUser, newPassword)
+      .getUserResource()
+      .assertStatusCode(200);
+
+  }
+
+
+  @Test
+  public void shouldHidePasswordLinkIfUserTypeIsNotXML() {
+    String newUser = "user";
+    String password = "pass";
+    String type = "not XML Type";
+    TestData.createUser(newUser, password, true, type);
+    ScmRequests.start()
+      .given()
+      .url(TestData.getMeUrl())
+      .usernameAndPassword(newUser, password)
+      .getUserResource()
+      .assertStatusCode(200)
+      .usingUserResponse()
+      .assertAdmin(aBoolean -> assertThat(aBoolean).isEqualTo(Boolean.TRUE))
+      .assertPassword(Assert::assertNull)
+      .assertType(s -> assertThat(s).isEqualTo(type))
+      .assertPasswordLinkDoesNotExists();
+  }
+
+  @Test
+  public void shouldGet403IfUserIsNotAdmin() {
+    String newUser = "user";
+    String password = "pass";
+    String type = "xml";
+    TestData.createUser(newUser, password, false, type);
+    ScmRequests.start()
+      .given()
+      .url(TestData.getMeUrl())
+      .usernameAndPassword(newUser, password)
+      .getUserResource()
+      .assertStatusCode(403);
+  }
+
+
+
+}