From 7e519e11b7b8376d92fdec2492732e75abcda350 Mon Sep 17 00:00:00 2001 From: Emily Stark Date: Thu, 19 Jun 2014 15:10:40 -0700 Subject: [PATCH] Add a changePassword test --- packages/accounts-password/password_tests.js | 92 ++++++++++--------- .../accounts-password/password_tests_setup.js | 37 ++++++-- 2 files changed, 76 insertions(+), 53 deletions(-) diff --git a/packages/accounts-password/password_tests.js b/packages/accounts-password/password_tests.js index e1e51d4aac..9cc41dc305 100644 --- a/packages/accounts-password/password_tests.js +++ b/packages/accounts-password/password_tests.js @@ -768,50 +768,54 @@ if (Meteor.isClient) (function () { } ]); - testAsyncMulti("passwords - srp to bcrypt upgrade via password change", [ - logoutStep, - // Create user with old SRP credentials in the database. - function (test, expect) { - var self = this; - Meteor.call("testCreateSRPUser", expect(function (error, result) { - test.isFalse(error); - self.username = result; - })); - }, - // Log in with the plaintext password handler, which should NOT upgrade us to bcrypt. - function (test, expect) { - Accounts.callLoginMethod({ - methodName: "login", - methodArguments: [ { user: { username: this.username }, password: "abcdef" } ], - userCallback: expect(function (err) { - test.isFalse(err); - }) - }); - }, - function (test, expect) { - Meteor.call("testNoSRPUpgrade", this.username, expect(function (error) { - test.isFalse(error); - })); - }, - // Changing our password should upgrade us to bcrypt. - function (test, expect) { - Accounts.changePassword("abcdef", "abcdefg", expect(function (error) { - test.isFalse(error); - })); - }, - function (test, expect) { - Meteor.call("testSRPUpgrade", this.username, expect(function (error) { - test.isFalse(error); - })); - }, - // And after the upgrade we should be able to change our password again. - function (test, expect) { - Accounts.changePassword("abcdefg", "abcdef", expect(function (error) { - test.isFalse(error); - })); - }, - logoutStep - ]); + _.each([true, false], function (email) { + testAsyncMulti("passwords - srp to bcrypt upgrade via password change, " + + "user with " + (email ? "email" : "username"), [ + logoutStep, + // Create user with old SRP credentials in the database. + function (test, expect) { + var self = this; + Meteor.call("testCreateSRPUser", email, expect(function (error, result) { + test.isFalse(error); + self[email ? "email" : "username"] = result; + })); + }, + // Log in with the plaintext password handler, which should NOT upgrade us to bcrypt. + function (test, expect) { + var selector = email ? { email: this.email } : { username: this.username }; + Accounts.callLoginMethod({ + methodName: "login", + methodArguments: [ { user: selector, password: "abcdef" } ], + userCallback: expect(function (err) { + test.isFalse(err); + }) + }); + }, + function (test, expect) { + Meteor.call("testNoSRPUpgrade", email ? this.email : this.username, expect(function (error) { + test.isFalse(error); + })); + }, + // Changing our password should upgrade us to bcrypt. + function (test, expect) { + Accounts.changePassword("abcdef", "abcdefg", expect(function (error) { + test.isFalse(error); + })); + }, + function (test, expect) { + Meteor.call("testSRPUpgrade", email ? this.email : this.username, expect(function (error) { + test.isFalse(error); + })); + }, + // And after the upgrade we should be able to change our password again. + function (test, expect) { + Accounts.changePassword("abcdefg", "abcdef", expect(function (error) { + test.isFalse(error); + })); + }, + logoutStep + ]); + }); }) (); diff --git a/packages/accounts-password/password_tests_setup.js b/packages/accounts-password/password_tests_setup.js index fa4432f097..0c58f76a67 100644 --- a/packages/accounts-password/password_tests_setup.js +++ b/packages/accounts-password/password_tests_setup.js @@ -120,10 +120,17 @@ Meteor.methods({ // Create a user that had previously logged in with SRP. Meteor.methods({ - testCreateSRPUser: function () { - var username = Random.id(); - Meteor.users.remove({username: username}); - var userId = Accounts.createUser({username: username}); + testCreateSRPUser: function (email) { + var userId; + if (email) { + email = Random.id() + "@example.com"; + Meteor.users.remove({ "emails.address": email }); + userId = Accounts.createUser({ email: email }); + } else { + var username = Random.id(); + Meteor.users.remove({username: username}); + userId = Accounts.createUser({username: username}); + } Meteor.users.update( userId, { '$set': { 'services.password.srp': { @@ -132,19 +139,31 @@ Meteor.methods({ "verifier" : "2e8bce266b1357edf6952cc56d979db19f699ced97edfb2854b95972f820b0c7006c1a18e98aad40edf3fe111b87c52ef7dd06b320ce452d01376df2d560fdc4d8e74f7a97bca1f67b3cfaef34dee34dd6c76571c247d762624dc166dab5499da06bc9358528efa75bf74e2e7f5a80d09e60acf8856069ae5cfb080f2239ee76" } } } ); - return username; + return email || username; }, - testSRPUpgrade: function (username) { - var user = Meteor.users.findOne({username: username}); + testSRPUpgrade: function (usernameOrEmail) { + var selector; + if (usernameOrEmail.indexOf("@") !== -1) { + selector = { "emails.address": usernameOrEmail }; + } else { + selector = { username: usernameOrEmail }; + } + var user = Meteor.users.findOne(selector); if (user.services && user.services.password && user.services.password.srp) throw new Error("srp wasn't removed"); if (!(user.services && user.services.password && user.services.password.bcrypt)) throw new Error("bcrypt wasn't added"); }, - testNoSRPUpgrade: function (username) { - var user = Meteor.users.findOne({username: username}); + testNoSRPUpgrade: function (usernameOrEmail) { + var selector; + if (usernameOrEmail.indexOf("@") !== -1) { + selector = { "emails.address": usernameOrEmail }; + } else { + selector = { username: usernameOrEmail }; + } + var user = Meteor.users.findOne(selector); if (user.services && user.services.password && user.services.password.bcrypt) throw new Error("bcrypt was added"); if (user.services && user.services.password && ! user.services.password.srp)