Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/tests/phpunit/structure/PasswordPolicyStructureTest.php
Dayllan Maza 4b39919c47 Add password policy setting suggestChangeOnLogin 
Password policy checks that fail and have `suggestChangeOnLogin` set to true will
prompt for a password change on login.

Below are some rules that apply to this setting in different scenarios:

- If only one policy fails and has `suggestChangeOnLogin = false`, a password change will
  not be requested
- If more than one policy fails and one or more have `suggestChangeOnLogin` set to true`,
  a password change will be requested
- If `forceChange` is present in any of the failing policies, `suggestChangeOnLogin` value
  will be ignored and password change will be enforced
- if $wgInvalidPasswordReset is set to false `suggestChangeOnLogin` is ignored

IMPORTANT**
Before this patch, suggesting a password change was the default behavior (depending on
$wgInvalidPasswordReset), which means that the necessary changes to $wgPasswordPolicy
need to be in place before this patch is merged and gets to production.

Bug: T211621
Change-Id: I7a4a0a06273fa4e8bd0da3dac54cf5a1b78bb3fd
2019-03-09 14:59:02 -05:00

49 lines
1.2 KiB
PHP
Raw Blame History

<?php
/**
* @coversNothing
*/
class PasswordPolicyStructureTest extends MediaWikiTestCase {
public function provideChecks() {
global $wgPasswordPolicy;
foreach ( $wgPasswordPolicy['checks'] as $name => $callback ) {
yield [ $name ];
}
}
public function provideFlags() {
global $wgPasswordPolicy;
// This won't actually find all flags, just the ones in use. Can't really be helped,
// other than adding the core flags here.
$flags = [ 'forceChange', 'suggestChangeOnLogin' ];
foreach ( $wgPasswordPolicy['policies'] as $group => $checks ) {
foreach ( $checks as $check => $settings ) {
if ( is_array( $settings ) ) {
$flags = array_unique(
array_merge( $flags, array_diff( array_keys( $settings ), [ 'value' ] ) )
);
}
}
}
foreach ( $flags as $flag ) {
yield [ $flag ];
}
}
/** @dataProvider provideChecks */
public function testCheckMessage( $check ) {
$msg = wfMessage( 'passwordpolicies-policy-' . strtolower( $check ) );
$this->assertTrue( $msg->exists() );
}
/** @dataProvider provideFlags */
public function testFlagMessage( $flag ) {
$msg = wfMessage( 'passwordpolicies-policyflag-' . strtolower( $flag ) );
$this->assertTrue( $msg->exists() );
}
}
Reference in a new issue View git blame Copy permalink