/* =================================================================== * ForgotPasswordTest.java * * Created Feb 11, 2005 6:18:43 PM * * Copyright (c) 2004 Matt Magoffin (spamsqr@msqr.us) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License as * published by the Free Software Foundation; either version 2 of * the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA * 02111-1307 USA * =================================================================== * $Id: ForgotPasswordTest.java 60 2009-05-11 09:18:28Z msqr $ * =================================================================== */ package magoffin.matt.ieat.biz.test; import magoffin.matt.ieat.AuthorizationException; import magoffin.matt.ieat.biz.UserBiz; import magoffin.matt.ieat.domain.User; import magoffin.matt.ieat.test.AbstractSpringEnabledTest; /** * Test case for forgot password process. * * @author Matt Magoffin (spamsqr@msqr.us) * @version $Revision: 60 $ $Date: 2009-05-11 21:18:28 +1200 (Mon, 11 May 2009) $ */ public class ForgotPasswordTest extends AbstractSpringEnabledTest { /** * Test forgot password. * @throws Exception if any error occurs */ public void testForgotPassword() throws Exception { doTestWithRegisteredDummyUser(new TestWithDummyUser() { public void test(User user) throws Exception { String currPassword = user.getPassword(); UserBiz userBiz = getUserBiz(); String confirmCode = userBiz.forgotPassword(user.getLogin(),null); user = userBiz.getUserById(user.getUserId(),null); assertTrue("User's password should have changed in forgotPassword()", !currPassword.equals(user.getPassword())); assertTrue("Confirmation code from forgotPassword() should not be null", confirmCode != null); } }); } /** * Test forgot password for login that does not exist. * @throws Exception if any error occurs */ public void testForgotPasswordNonExistentUser() throws Exception { try { UserBiz userBiz = getUserBiz(); userBiz.forgotPassword("this.user.does.not.exist",null); fail("An AuthorizationException should be thrown when trying to call forgotPassword() with an unkown user login"); } catch ( AuthorizationException e ) { if ( AuthorizationException.UNKNOWN_LOGIN != e.getReason() ) { fail("The AuthorizationException reason code should be UNKNOWN_LOGIN"); } } catch ( Exception e ) { fail("An AuthorizationException should be thrown when trying to call forgotPassword() with an unkown user login"); } } /** * Test confirm forgot password. * @throws Exception if any error occurs */ public void testConfirmForgotPassword() throws Exception { doTestWithRegisteredDummyUser(new TestWithDummyUser() { public void test(User user) throws Exception { UserBiz userBiz = getUserBiz(); // first, forget password String confirmCode = userBiz.forgotPassword(user.getLogin(),null); // get user so we can confirm their password gets changed User forgetfulUser = userBiz.getUserById(user.getUserId(),null); // now confirm forgot password User confirmedUser = userBiz.confirmForgotPassword( user.getLogin(),confirmCode,"mynewpass",null); assertNotNull("User returned from confirmForgotPassword() should not be null", confirmedUser ); assertTrue("User's password should have changed in confirmForgotPassword()", !forgetfulUser.getPassword().equals(confirmedUser.getPassword())); } }); } /** * Test confirm forgot password for login that does not exist. * @throws Exception if any error occurs */ public void testConfirmForgotPasswordNonExistentUser() throws Exception { try { UserBiz userBiz = getUserBiz(); userBiz.confirmForgotPassword("this.user.does.not.exist","does.not.matter","does.not.matter",null); fail("An AuthorizationException should be thrown when trying to call confirmForgotPassword() with an unkown user login"); } catch ( AuthorizationException e ) { if ( AuthorizationException.UNKNOWN_LOGIN != e.getReason() ) { fail("The AuthorizationException reason code should be UNKNOWN_LOGIN"); } } catch ( Exception e ) { fail("An AuthorizationException should be thrown when trying to call confirmForgotPassword() with an unkown user login"); } } /** * Test forgot password for bad confirmation code. * @throws Exception if any error occurs */ public void testConfirmForgotPasswordBadConfirmationCode() throws Exception { doTestWithRegisteredDummyUser(new TestWithDummyUser() { public void test(User user) throws Exception { UserBiz userBiz = getUserBiz(); // first, forget password String confirmCode = userBiz.forgotPassword(user.getLogin(),null); // now confirm forgot password, but with not same confirmation code try { userBiz.confirmForgotPassword( user.getLogin(),"NOT"+confirmCode,"does.not.matter",null); fail("An AuthorizationException should be thrown when trying to call confirmForgotPassword() with a bad confirmation code"); } catch ( AuthorizationException e ) { if ( AuthorizationException.FORGOTTEN_PASSWORD_NOT_CONFIRMED != e.getReason() ) { fail("The AuthorizationException reason code should be FORGOTTEN_PASSWORD_NOT_CONFIRMED"); } } catch ( Exception e ) { fail("An AuthorizationException should be thrown when trying to call confirmForgotPassword() with a bad confirmation code"); } } }); } }