discourse/spec/components/validators/password_validator_spec.rb

require 'spec_helper'
require_dependency "common_passwords/common_passwords"

describe PasswordValidator do

  let(:validator) { described_class.new({attributes: :password}) }
  subject(:validate) { validator.validate_each(record,:password,@password) }

  context "password required" do
    let(:record) { u = Fabricate.build(:user, password: @password); u.password_required!; u }

    context "password is not common" do
      before do
        CommonPasswords.stubs(:common_password?).returns(false)
      end

      context "min password length is 8" do
        before { SiteSetting.stubs(:min_password_length).returns(8) }

        it "doesn't add an error when password is good" do
          @password = "weron235alsfn234"
          validate
          expect(record.errors[:password]).not_to be_present
        end

        it "adds an error when password is too short" do
          @password = "p"
          validate
          expect(record.errors[:password]).to be_present
        end

        it "adds an error when password is blank" do
          @password = ''
          validate
          expect(record.errors[:password]).to be_present
        end

        it "adds an error when password is nil" do
          @password = nil
          validate
          expect(record.errors[:password]).to be_present
        end
      end

      context "min password length is 12" do
        before { SiteSetting.stubs(:min_password_length).returns(12) }

        it "adds an error when password length is 11" do
          @password = "gt38sdt92bv"
          validate
          expect(record.errors[:password]).to be_present
        end
      end
    end

    context "password is commonly used" do
      before do
        CommonPasswords.stubs(:common_password?).returns(true)
      end

      it "adds an error when block_common_passwords is enabled" do
        SiteSetting.stubs(:block_common_passwords).returns(true)
        @password = "password"
        validate
        expect(record.errors[:password]).to be_present
      end

      it "doesn't add an error when block_common_passwords is disabled" do
        SiteSetting.stubs(:block_common_passwords).returns(false)
        @password = "password"
        validate
        expect(record.errors[:password]).not_to be_present
      end
    end

    it "adds an error when password is the same as the username" do
      @password = "porkchops1"
      record.username = @password
      validate
      expect(record.errors[:password]).to be_present
    end
  end

  context "password not required" do
    let(:record) { Fabricate.build(:user, password: @password) }

    it "doesn't add an error if password is not required" do
      @password = nil
      validate
      expect(record.errors[:password]).not_to be_present
    end
  end

end
Move password validation into PasswordValidator 2013-12-19 15:12:03 -05:00			`require 'spec_helper'`
Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature. 2013-12-20 16:34:34 -05:00			`require_dependency "common_passwords/common_passwords"`
Move password validation into PasswordValidator 2013-12-19 15:12:03 -05:00
			`describe PasswordValidator do`

			`let(:validator) { described_class.new({attributes: :password}) }`
			`subject(:validate) { validator.validate_each(record,:password,@password) }`

			`context "password required" do`
			`let(:record) { u = Fabricate.build(:user, password: @password); u.password_required!; u }`

Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature. 2013-12-20 16:34:34 -05:00			`context "password is not common" do`
			`before do`
Fix password_validator_spec 2013-12-27 11:15:53 -05:00			`CommonPasswords.stubs(:common_password?).returns(false)`
Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature. 2013-12-20 16:34:34 -05:00			`end`
Minimum password length is configurable with the min_password_length site setting. FIX: reset password needs to validate password length. 2013-12-19 16:15:36 -05:00
Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature. 2013-12-20 16:34:34 -05:00			`context "min password length is 8" do`
			`before { SiteSetting.stubs(:min_password_length).returns(8) }`

			`it "doesn't add an error when password is good" do`
			`@password = "weron235alsfn234"`
			`validate`
few components with rspec3 syntax 2015-01-09 11:34:37 -05:00			`expect(record.errors[:password]).not_to be_present`
Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature. 2013-12-20 16:34:34 -05:00			`end`

			`it "adds an error when password is too short" do`
			`@password = "p"`
			`validate`
few components with rspec3 syntax 2015-01-09 11:34:37 -05:00			`expect(record.errors[:password]).to be_present`
Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature. 2013-12-20 16:34:34 -05:00			`end`

			`it "adds an error when password is blank" do`
			`@password = ''`
			`validate`
few components with rspec3 syntax 2015-01-09 11:34:37 -05:00			`expect(record.errors[:password]).to be_present`
Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature. 2013-12-20 16:34:34 -05:00			`end`

			`it "adds an error when password is nil" do`
			`@password = nil`
			`validate`
few components with rspec3 syntax 2015-01-09 11:34:37 -05:00			`expect(record.errors[:password]).to be_present`
Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature. 2013-12-20 16:34:34 -05:00			`end`
Minimum password length is configurable with the min_password_length site setting. FIX: reset password needs to validate password length. 2013-12-19 16:15:36 -05:00			`end`

Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature. 2013-12-20 16:34:34 -05:00			`context "min password length is 12" do`
			`before { SiteSetting.stubs(:min_password_length).returns(12) }`

			`it "adds an error when password length is 11" do`
			`@password = "gt38sdt92bv"`
			`validate`
few components with rspec3 syntax 2015-01-09 11:34:37 -05:00			`expect(record.errors[:password]).to be_present`
Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature. 2013-12-20 16:34:34 -05:00			`end`
Minimum password length is configurable with the min_password_length site setting. FIX: reset password needs to validate password length. 2013-12-19 16:15:36 -05:00			`end`
Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature. 2013-12-20 16:34:34 -05:00			`end`
Minimum password length is configurable with the min_password_length site setting. FIX: reset password needs to validate password length. 2013-12-19 16:15:36 -05:00
Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature. 2013-12-20 16:34:34 -05:00			`context "password is commonly used" do`
			`before do`
Fix password_validator_spec 2013-12-27 11:15:53 -05:00			`CommonPasswords.stubs(:common_password?).returns(true)`
Minimum password length is configurable with the min_password_length site setting. FIX: reset password needs to validate password length. 2013-12-19 16:15:36 -05:00			`end`

Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature. 2013-12-20 16:34:34 -05:00			`it "adds an error when block_common_passwords is enabled" do`
			`SiteSetting.stubs(:block_common_passwords).returns(true)`
			`@password = "password"`
Minimum password length is configurable with the min_password_length site setting. FIX: reset password needs to validate password length. 2013-12-19 16:15:36 -05:00			`validate`
few components with rspec3 syntax 2015-01-09 11:34:37 -05:00			`expect(record.errors[:password]).to be_present`
Minimum password length is configurable with the min_password_length site setting. FIX: reset password needs to validate password length. 2013-12-19 16:15:36 -05:00			`end`
Move password validation into PasswordValidator 2013-12-19 15:12:03 -05:00
Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature. 2013-12-20 16:34:34 -05:00			`it "doesn't add an error when block_common_passwords is disabled" do`
			`SiteSetting.stubs(:block_common_passwords).returns(false)`
			`@password = "password"`
Minimum password length is configurable with the min_password_length site setting. FIX: reset password needs to validate password length. 2013-12-19 16:15:36 -05:00			`validate`
few components with rspec3 syntax 2015-01-09 11:34:37 -05:00			`expect(record.errors[:password]).not_to be_present`
Minimum password length is configurable with the min_password_length site setting. FIX: reset password needs to validate password length. 2013-12-19 16:15:36 -05:00			`end`
Move password validation into PasswordValidator 2013-12-19 15:12:03 -05:00			`end`
FEATURE: don't allow username and password to be the same 2015-02-25 11:59:57 -05:00
			`it "adds an error when password is the same as the username" do`
			`@password = "porkchops1"`
			`record.username = @password`
			`validate`
			`expect(record.errors[:password]).to be_present`
			`end`
Move password validation into PasswordValidator 2013-12-19 15:12:03 -05:00			`end`

			`context "password not required" do`
			`let(:record) { Fabricate.build(:user, password: @password) }`

			`it "doesn't add an error if password is not required" do`
			`@password = nil`
			`validate`
few components with rspec3 syntax 2015-01-09 11:34:37 -05:00			`expect(record.errors[:password]).not_to be_present`
Move password validation into PasswordValidator 2013-12-19 15:12:03 -05:00			`end`
			`end`

			`end`