Merge branch 'feature/change-password' into 'develop'

Feature/change password See merge request pleroma/pleroma!166
author: lambda <pleromagit@rogerbraun.net> 2018-05-24 17:16:37 +0000
committer: lambda <pleromagit@rogerbraun.net> 2018-05-24 17:16:37 +0000
commit: c41012053a6eb3e190f8ae69ad26db184d3555d2 (patch)
tree: 8e270f16cf77bd4116a577192ceebb7cbac57d73 /test
parent: 1cd6194deeca32a96a31fc43c0ed27daadd65f64 (diff)
parent: 69aa7c213a8aa1dfa54dbcfdab0c4b10ec415df8 (diff)
download: pleroma-c41012053a6eb3e190f8ae69ad26db184d3555d2.tar.gz
2 files changed, 79 insertions, 3 deletions
diff --git a/test/web/common_api/common_api_utils_test.exs b/test/web/common_api/common_api_utils_test.exs
index 23cce471f..f39472ee3 100644
--- a/test/web/common_api/common_api_utils_test.exs
+++ b/test/web/common_api/common_api_utils_test.exs
@@ -21,13 +21,12 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do
     test "incorrect password given" do
       {:ok, user} = UserBuilder.insert()
 
-      assert Utils.confirm_current_password(user, %{"password" => ""}) ==
-               {:error, "Invalid password."}
+      assert Utils.confirm_current_password(user, "") == {:error, "Invalid password."}
     end
 
     test "correct password given" do
       {:ok, user} = UserBuilder.insert()
-      assert Utils.confirm_current_password(user, %{"password" => "test"}) == {:ok, user}
+      assert Utils.confirm_current_password(user, "test") == {:ok, user}
     end
   end
 end
diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs
index 02aba0bc8..73443e053 100644
--- a/test/web/twitter_api/twitter_api_controller_test.exs
+++ b/test/web/twitter_api/twitter_api_controller_test.exs
@@ -8,6 +8,7 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
   alias Pleroma.Web.TwitterAPI.NotificationView
   alias Pleroma.Web.CommonAPI
   alias Pleroma.Web.TwitterAPI.TwitterAPI
+  alias Comeonin.Pbkdf2
 
   import Pleroma.Factory
 
@@ -801,6 +802,82 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
     assert user.bio == "Hello,<br>World! I<br> am a test."
   end
 
+  describe "POST /api/pleroma/change_password" do
+    setup [:valid_user]
+
+    test "without credentials", %{conn: conn} do
+      conn = post(conn, "/api/pleroma/change_password")
+      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
+    end
+
+    test "with credentials and invalid password", %{conn: conn, user: current_user} do
+      conn =
+        conn
+        |> with_credentials(current_user.nickname, "test")
+        |> post("/api/pleroma/change_password", %{
+          "password" => "hi",
+          "new_password" => "newpass",
+          "new_password_confirmation" => "newpass"
+        })
+
+      assert json_response(conn, 200) == %{"error" => "Invalid password."}
+    end
+
+    test "with credentials, valid password and new password and confirmation not matching", %{
+      conn: conn,
+      user: current_user
+    } do
+      conn =
+        conn
+        |> with_credentials(current_user.nickname, "test")
+        |> post("/api/pleroma/change_password", %{
+          "password" => "test",
+          "new_password" => "newpass",
+          "new_password_confirmation" => "notnewpass"
+        })
+
+      assert json_response(conn, 200) == %{
+               "error" => "New password does not match confirmation."
+             }
+    end
+
+    test "with credentials, valid password and invalid new password", %{
+      conn: conn,
+      user: current_user
+    } do
+      conn =
+        conn
+        |> with_credentials(current_user.nickname, "test")
+        |> post("/api/pleroma/change_password", %{
+          "password" => "test",
+          "new_password" => "",
+          "new_password_confirmation" => ""
+        })
+
+      assert json_response(conn, 200) == %{
+               "error" => "New password can't be blank."
+             }
+    end
+
+    test "with credentials, valid password and matching new password and confirmation", %{
+      conn: conn,
+      user: current_user
+    } do
+      conn =
+        conn
+        |> with_credentials(current_user.nickname, "test")
+        |> post("/api/pleroma/change_password", %{
+          "password" => "test",
+          "new_password" => "newpass",
+          "new_password_confirmation" => "newpass"
+        })
+
+      assert json_response(conn, 200) == %{"status" => "success"}
+      fetched_user = Repo.get(User, current_user.id)
+      assert Pbkdf2.checkpw("newpass", fetched_user.password_hash) == true
+    end
+  end
+
   describe "POST /api/pleroma/delete_account" do
     setup [:valid_user]
author	lambda <pleromagit@rogerbraun.net>	2018-05-24 17:16:37 +0000
committer	lambda <pleromagit@rogerbraun.net>	2018-05-24 17:16:37 +0000
commit	c41012053a6eb3e190f8ae69ad26db184d3555d2 (patch)
tree	8e270f16cf77bd4116a577192ceebb7cbac57d73 /test
parent	1cd6194deeca32a96a31fc43c0ed27daadd65f64 (diff)
parent	69aa7c213a8aa1dfa54dbcfdab0c4b10ec415df8 (diff)
download	pleroma-c41012053a6eb3e190f8ae69ad26db184d3555d2.tar.gz