use of org.xwiki.administration.test.po.ResetPasswordPage in project xwiki-platform by xwiki.
the class ResetPasswordIT method resetForgottenPassword.
@Test
public void resetForgottenPassword() throws Exception {
String userName = "testUser" + RandomStringUtils.randomAlphanumeric(6);
String password = "password";
String newPassword = "newPassword";
// Create a user
getUtil().createUser(userName, password, null);
// Make sure we are not logged in and go to the reset password page
getUtil().forceGuestUser();
ResetPasswordPage resetPasswordPage = ResetPasswordPage.gotoPage();
// Try to reset the password of a non existent user
resetPasswordPage.setUserName("SomeUserThatDoesNotExist");
resetPasswordPage.clickResetPassword();
Assert.assertFalse(resetPasswordPage.isResetPasswordSent());
Assert.assertTrue(resetPasswordPage.getMessage().contains("user does not exist"));
// Try again
resetPasswordPage = resetPasswordPage.clickRetry();
// Try to reset the password of our user, when he has no email set
resetPasswordPage.setUserName(userName);
resetPasswordPage.clickResetPassword();
Assert.assertFalse(resetPasswordPage.isResetPasswordSent());
Assert.assertTrue(resetPasswordPage.getMessage().contains("email address not provided"));
// Try again. This time, set the user's email address in the profile
getUtil().loginAsSuperAdmin();
getUtil().updateObject("XWiki", userName, "XWiki.XWikiUsers", 0, "email", "foo@bar.com", "form_token", getUtil().getSecretToken());
getUtil().forceGuestUser();
// Actually reset the user's password
resetPasswordPage = ResetPasswordPage.gotoPage();
resetPasswordPage.setUserName(userName);
resetPasswordPage.clickResetPassword();
// Check the result
Assert.assertTrue(resetPasswordPage.isResetPasswordSent());
// Check the emails received by the user
MimeMessage[] receivedEmails = this.mail.getReceivedMessages();
Assert.assertEquals(1, receivedEmails.length);
MimeMessage receivedEmail = receivedEmails[0];
Assert.assertEquals("Password reset request for " + userName, receivedEmail.getSubject());
String receivedMailContent = getMessageContent(receivedEmail).get("textPart");
String passwordResetLink = getResetLink(receivedMailContent, userName);
Assert.assertNotNull(passwordResetLink);
// Use the password reset link
getUtil().gotoPage(passwordResetLink);
// We should now be on the ResetPasswordComplete page
ResetPasswordCompletePage resetPasswordCompletePage = new ResetPasswordCompletePage();
// Check that the link was valid
Assert.assertTrue(resetPasswordCompletePage.isResetLinkValid());
resetPasswordCompletePage.setPassword(newPassword);
resetPasswordCompletePage.setPasswordConfirmation(newPassword);
resetPasswordCompletePage = resetPasswordCompletePage.clickSave();
// Check the result
Assert.assertTrue(resetPasswordCompletePage.isPasswordSuccessfullyReset());
LoginPage loginPage = resetPasswordCompletePage.clickLogin();
// Check the new password
loginPage.loginAs(userName, newPassword);
Assert.assertEquals(userName, getUtil().getLoggedInUserName());
}
Aggregations