1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
<?php
/**
* Function area: Common manipulation
* Sub function area: Security
*
* @author Augmentum SpikeSource Team
* @copyright 2005 by Augmentum, Inc.
*/
// Import the precondition class.
if(is_dir('../Public'))
{
require_once('../Public/SetPrecondition.php');
}
/**
* This class is to test the security management.
* It includes login/logout and modify password.
*/
class SecurityTest extends PreconditionSet
{
// Declare the member variables for the invalid username/password.
private $_invalidUserName = 'invalidusername';
private $_invalidPassword = 'invalidpassword';
function setUp()
{
return TRUE;
}
function tearDown()
{
return TRUE;
}
/*
* TestCaseID: CSM01
* Test to login with special user name.
*/
function testSpecialLogin()
{
global $webUrl;
global $NORMAL_USER_NAME;
global $lang;
// Login with special user name "postgres".
$this->login('postgres', $this->_invalidPassword, "$webUrl/login.php");
// Verify the error messages.
$this->assertWantedText($lang['strlogindisallowed']);
$this->assertWantedText($lang['strviewfaq']);
// Login with special user name "postgres".
$this->login($NORMAL_USER_NAME, '', "$webUrl/login.php");
// Verify the error messages.
$this->assertWantedText($lang['strlogindisallowed']);
$this->assertWantedText($lang['strviewfaq']);
return TRUE;
}
/*
* TestCaseID: CSM02
* Test to login with invalid user name or password.
*/
function testInvalidLogin()
{
global $webUrl;
global $SUPER_USER_NAME;
global $lang;
// Login with invalid user name.
$this->login($this->_invalidUserName, $this->_invalidPassword, "$webUrl/login.php");
// Verify the error messages.
$this->assertWantedText($lang['strloginfailed']);
// Login with valid username and invalid password.
$this->login($SUPER_USER_NAME, $this->_invalidPassword, "$webUrl/login.php");
// Verify the error messages.
$this->assertWantedText($lang['strloginfailed']);
return TRUE;
}
/*
* TestCaseID: CSM03
* Test to change the current user's password.
*/
function testAccount()
{
global $webUrl;
global $NORMAL_USER_NAME;
global $NORMAL_USER_PASSWORD;
global $lang, $SERVER;
$newpassword = 'newpassword';
$this->login($NORMAL_USER_NAME, $NORMAL_USER_PASSWORD, "$webUrl/login.php");
// Turn to the account page and change the password page.
$this->assertTrue($this->get("$webUrl/users.php", array('server' => $SERVER, 'action' => 'account')));
$this->assertTrue($this->clickLink($lang['strchangepassword']));
// Enter the new password and different confirm password.
$this->assertTrue($this->setField('password', $newpassword));
$this->assertTrue($this->setField('confirm', $this->_invalidPassword));
// Then submit and verify the error messages.
$this->assertTrue($this->clickSubmit($lang['strok']));
$this->assertWantedText($lang['strpasswordconfirm']);
// Enter the new password and confirm password.
$this->assertTrue($this->setField('password', $NORMAL_USER_PASSWORD));
$this->assertTrue($this->setField('confirm', $NORMAL_USER_PASSWORD));
// Then submit and verify the messages.
$this->assertTrue($this->clickSubmit($lang['strok']));
$this->assertWantedText($lang['strpasswordchanged']);
$this->logout();
return TRUE;
}
}
?>
|
