#!/usr/bin/perl
use Test::WWW::Mechanize::CGIApp;
use strict;
use warnings;
use Data::Printer;
use Test::More tests => 37; #use Test::More 'no_plan';
=begin # tests:
0) tests mysql_supports_innodb in BEGIN block
1) login as default user
2) try to re-login as default user
3) logout
4) try to login with invalid pwd
5) test forgotten password with invalid email address
6) re-login & try to change password - submit too short value
7) submit mis-matched new pwds
8) submit correctly formatted new pwd
9) check logged out & redirected to login page
10) test new registration email link
=cut
BEGIN {
require 't/test-lib.pl';
# 1st test MySQL supports InnoDB tables:
die 'no innodb support' unless mysql_supports_innodb();
}
my $test_username = 'admin_fname.admin_lname';
my $test_password = 'adm1n';
my $mech = get_mech();
my $dbix = get_dbix();
# login/logout tests handled by test-lib.pl
do_login($test_username, $test_password); # print_and_exit();
# invoke login again:
$mech->get_ok('/login'); # print_and_exit();
my $user_map = get_user_map($test_username); # warn Dumper $user_map;
# confirmed already logged in
$mech->content_contains(
"You are logged in as $test_username",
'confirmed already logged in',
); # print_and_exit();
# logout:
do_logout();
{ # test redirect_after_login (permitted destination url):
my $permitted_url = 'search/notification/1';
$mech->get_ok($permitted_url);
# not logged in yet but check destination set correctly:
$mech->form_name('login_form');
like( $mech->field('destination'), qr{$permitted_url},
'OK: intended destination detected'); # print_and_exit();
# login:
$mech->submit_form(
fields => {
authen_username => $test_username,
authen_password => $test_password,
}
); # print_and_exit();
# print $mech->content; exit;
# find urls containing request id:
my @links = $mech->find_all_links( url_regex => qr{\w+/=/1} ); # eg screen/=/1
# warn Dumper $_->url for @links; exit;
$mech->links_ok( \@links, 'OK: nav links checked' ); # print_and_exit();
}
# logout:
do_logout();
{ # test redirect_after_login (disallowed destination url):
my $disallowed_redirect = 'report/update_report/1?diagnosis_id=1'; # don't need rest of url'
$mech->get_ok($disallowed_redirect); # print_and_exit();
$mech->form_name('login_form');
is( $mech->field('destination'), '', 'OK: disallowed destination url'); # print_and_exit();
# login:
$mech->submit_form(
fields => {
authen_username => $test_username,
authen_password => $test_password,
}
); # print_and_exit();
# check no rediect:
$mech->has_tag_like(
h2 => qr/Search for record\(s\)/,
'OK: search page loaded, no redirect'
); # print_and_exit();
}
do_logout();
{ # test new registration email link:
# epoch value of admin last_login:
$dbix->select('users', 'last_login', { username => 'admin' })->into(my $date); # p $date;
my $epoch = DateTime::Format::MySQL->parse_datetime($date)->epoch / 100; # p $epoch;
my $url = '/?uid=1&first_login='.$epoch
. '&authen_username='.$test_username
. '&authen_password='.$test_password; # p $url;
$mech->get_ok($url); # print_and_exit();
$mech->has_tag_like(
h2 => qr/Search for record\(s\)/,
'OK: logged in OK'
); # print_and_exit();
}
do_logout();
{ # test redirect generated by password reset function:
my $url = '/login?authen_username='.$test_username
. '&authen_password='.$test_password
. '&destination=/user/change_password/'.$test_password;
$mech->get_ok($url); # print_and_exit();
$mech->has_tag( h2 => 'Change password', 'OK: change password page loaded');
$mech->has_tag_like(
p => qr/Now please change your password/,
'OK: please change password',
);
}
do_logout();
### select 1st form:
$mech->form_name('login_form');
# test invalid login:
$mech->submit_form( # WWW::Mechanize function
fields => {
authen_username => $test_username,
authen_password => 'invalid',
}
); # print_and_exit();
# invalid login detected:
$mech->content_contains(
'Login failed (login attempt 1)',
'catches invalid login',
); # print_and_exit();
# test forgotten password with invalid email:
$mech->form_name('forgotten_pwd');
my $email = 'noone@here.com';
$mech->submit_form(
fields => {
email_address => $email,
}
);
$mech->content_contains(
get_messages('login')->{email_not_found},
'flash working - email not recognised',
); # print_and_exit();
# login & change pwd:
$mech->submit_form(
fields => {
authen_username => $test_username,
authen_password => $test_password,
}
); # print_and_exit();
# change password:
$mech->get_ok('/user/change_password'); # print_and_exit();
# submit too short new pwd:
$mech->submit_form(
fields => {
old_password => 'adm1n',
new_password => 'pwd',
new_password_confirm => 'pwd',
}
); # print_and_exit();
has_dfv_errors();
$mech->content_contains(
get_messages('form_validator')->{user}->{new_password}->{LENGTH},
'new password: incorrect length detected ok',
);
$mech->content_contains(
get_messages('form_validator')->{user}->{new_password_confirm}->{LENGTH},
'confirm new password: incorrect length detected ok',
);
# submit mis-matched new pwds:
$mech->submit_form(
fields => {
old_password => 'adm1n',
new_password => 'new_pwd',
new_password_confirm => 'new-pwd',
}
);
has_dfv_errors();
$mech->content_contains(
get_messages('form_validator')->{user}->{pwds}->{DUPLICATION},
'new passwords do not match: detected ok',
);
# submit correct data:
$mech->submit_form(
fields => {
old_password => 'adm1n',
new_password => 'new_pwd',
new_password_confirm => 'new_pwd',
}
); # print_and_exit();
$mech->content_contains(
get_messages('user')->{pwd_change_success},
'change password: success',
);
$mech->content_contains(
'Please enter your login details',
'redirect to login page: success',
); # print_and_exit();
# no need - already logged out:
# do_logout();
