discourse/spec/components/validators/password_validator_spec.rb

176 lines
5.2 KiB
Ruby

# frozen_string_literal: true
require 'rails_helper'
require_dependency "common_passwords/common_passwords"
describe PasswordValidator do
def password_error_message(key)
I18n.t("activerecord.errors.models.user.attributes.password.#{key.to_s}")
end
let(:validator) { described_class.new(attributes: :password) }
subject(:validate) { validator.validate_each(record, :password, @password) }
context "password required" do
let(:record) { u = Fabricate.build(:user, password: @password); u.password_required!; u }
context "password is not common" do
before do
CommonPasswords.stubs(:common_password?).returns(false)
end
context "min password length is 8" do
before { SiteSetting.min_password_length = 8 }
it "doesn't add an error when password is good" do
@password = "weron235alsfn234"
validate
expect(record.errors[:password]).not_to be_present
end
it "adds an error when password is too short" do
@password = "p"
validate
expect(record.errors[:password]).to be_present
end
it "adds an error when password is blank" do
@password = ''
validate
expect(record.errors[:password]).to be_present
end
it "adds an error when password is nil" do
@password = nil
validate
expect(record.errors[:password]).to be_present
end
it "adds an error when user is admin and password is less than 15 chars" do
SiteSetting.min_admin_password_length = 15
@password = "12345678912"
record.admin = true
validate
expect(record.errors[:password]).to be_present
end
end
context "min password length is 12" do
before { SiteSetting.min_password_length = 12 }
it "adds an error when password length is 11" do
@password = "gt38sdt92bv"
validate
expect(record.errors[:password]).to be_present
end
end
end
context "password is commonly used" do
before do
SiteSetting.min_password_length = 8
CommonPasswords.stubs(:common_password?).returns(true)
end
it "adds an error when block_common_passwords is enabled" do
SiteSetting.block_common_passwords = true
@password = "password"
validate
expect(record.errors[:password]).to include(password_error_message(:common))
end
it "doesn't add an error when block_common_passwords is disabled" do
SiteSetting.block_common_passwords = false
@password = "password"
validate
expect(record.errors[:password]).not_to be_present
end
end
context "password_unique_characters is 5" do
before do
SiteSetting.password_unique_characters = 5
end
it "adds an error when there are too few unique characters" do
SiteSetting.password_unique_characters = 6
@password = "aaaaaa5432"
validate
expect(record.errors[:password]).to include(password_error_message(:unique_characters))
end
it "doesn't add an error when there are enough unique characters" do
@password = "aaaaa12345"
validate
expect(record.errors[:password]).not_to be_present
end
it "counts capital letters as different" do
@password = "aaaAaa1234"
validate
expect(record.errors[:password]).not_to be_present
end
end
it "adds an error when password is the same as the username" do
@password = "porkchops1234"
record.username = @password
validate
expect(record.errors[:password]).to include(password_error_message(:same_as_username))
end
it "adds an error when password is the same as the email" do
@password = "pork@chops.com"
record.email = @password
validate
expect(record.errors[:password]).to include(password_error_message(:same_as_email))
end
it "adds an error when new password is same as current password" do
@password = "mypetsname"
record.save!
record.reload
record.password = @password
validate
expect(record.errors[:password]).to include(password_error_message(:same_as_current))
end
it "validation required if password is required" do
expect(record.password_validation_required?).to eq(true)
end
it "validation not required after save until a new password is set" do
@password = "myoldpassword"
record.save!
record.reload
expect(record.password_validation_required?).to eq(false)
record.password = "mynewpassword"
expect(record.password_validation_required?).to eq(true)
end
end
context "password not required" do
let(:record) { Fabricate.build(:user, password: @password) }
it "doesn't add an error if password is not required" do
@password = nil
validate
expect(record.errors[:password]).not_to be_present
end
it "validation required if a password is set" do
@password = "mygameshow"
expect(record.password_validation_required?).to eq(true)
end
it "adds an error even password not required" do
@password = "p"
validate
expect(record.errors[:password]).to be_present
end
end
end