4 # This file is part of Koha
6 # Koha is free software; you can redistribute it and/or modify it
7 # under the terms of the GNU General Public License as published by
8 # the Free Software Foundation; either version 3 of the License, or
9 # (at your option) any later version.
11 # Koha is distributed in the hope that it will be useful, but
12 # WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 # GNU General Public License for more details.
16 # You should have received a copy of the GNU General Public License
17 # along with Koha; if not, see <http://www.gnu.org/licenses>.
21 use Test::More tests => 5;
24 use t::lib::TestBuilder;
28 use Koha::DateUtils qw(dt_from_string);
30 my $schema = Koha::Database->new->schema;
31 my $builder = t::lib::TestBuilder->new;
33 my $t = Test::Mojo->new('Koha::REST::V1');
34 t::lib::Mocks::mock_preference( 'RESTBasicAuth', 1 );
36 $schema->storage->txn_begin;
38 # create a privileged user
39 my $librarian = $builder->build_object(
41 class => 'Koha::Patrons',
42 value => { flags => 2 ** 4 } # borrowers flag = 4
45 my $password = 'thePassword123';
46 $librarian->set_password( { password => $password, skip_validation => 1 } );
47 my $userid = $librarian->userid;
49 subtest 'password validation - account lock out' => sub {
53 $schema->storage->txn_begin;
55 t::lib::Mocks::mock_preference( 'FailedLoginAttempts', 1 );
58 identifier => $userid,
62 $t->post_ok( "//$userid:$password@/api/v1/auth/password/validation" => json => $json )
64 ->json_is({ error => q{Validation failed} });
66 $json->{password} = $password;
68 $t->post_ok( "//$userid:$password@/api/v1/auth/password/validation" => json => $json )
70 ->json_is({ error => q{Validation failed} });
72 $schema->storage->txn_rollback;
75 subtest 'password validation - unauthorized user' => sub {
79 $schema->storage->txn_begin;
81 my $patron = $builder->build_object(
83 class => 'Koha::Patrons',
84 value => { flags => 2 ** 2 } # catalogue flag = 2
87 my $password = 'thePassword123';
88 $patron->set_password( { password => $password, skip_validation => 1 } );
89 my $userid = $patron->userid;
92 identifier => $userid,
96 $t->post_ok( "//$userid:$password@/api/v1/auth/password/validation" => json => $json )
98 ->json_is('/error' => 'Authorization failure. Missing required permission(s).');
100 $schema->storage->txn_rollback;
103 subtest 'password validation - unauthenticated user' => sub {
106 $schema->storage->txn_begin;
109 identifier => "banana",
113 $t->post_ok( "/api/v1/auth/password/validation" => json => $json )
114 ->json_is( '/error' => 'Authentication failure.' )
117 $schema->storage->txn_rollback;
120 subtest 'Password validation - authorized requests tests' => sub {
124 $schema->storage->txn_begin;
126 # generate a random unused userid
127 my $patron_to_delete = $builder->build_object( { class => 'Koha::Patrons' } );
129 my $deleted_userid = $patron_to_delete->userid;
130 my $deleted_cardnumber = $patron_to_delete->cardnumber;
132 $patron_to_delete->delete;
135 identifier => $librarian->userid,
136 password => $password,
139 $t->post_ok( "//$userid:$password@/api/v1/auth/password/validation" => json => $json )
140 ->status_is( 201, 'Validating using `cardnumber` works' )
142 { cardnumber => $librarian->cardnumber, patron_id => $librarian->id, userid => $librarian->userid } );
145 identifier => $librarian->cardnumber,
146 password => $password,
149 $t->post_ok( "//$userid:$password@/api/v1/auth/password/validation" => json => $json )
150 ->status_is( 201, 'Validating using `cardnumber` works' )
152 { cardnumber => $librarian->cardnumber, patron_id => $librarian->id, userid => $librarian->userid } );
155 identifier => $deleted_cardnumber,
156 password => $password,
159 $t->post_ok( "//$userid:$password@/api/v1/auth/password/validation" => json => $json )
160 ->status_is( 400, 'Validating using and invalid identifier fails' )
161 ->json_is( { error => 'Validation failed' } );
164 identifier => $deleted_userid,
165 password => $password,
168 $t->post_ok( "//$userid:$password@/api/v1/auth/password/validation" => json => $json )
169 ->status_is( 400, 'Validating using and invalid identifier fails' )
170 ->json_is( { error => 'Validation failed' } );
173 password => $password,
174 userid => $deleted_userid,
177 $t->post_ok( "//$userid:$password@/api/v1/auth/password/validation" => json => $json )
178 ->status_is( 400, 'Validating using and invalid userid fails' )->json_is( { error => 'Validation failed' } );
181 password => $password,
185 $t->post_ok( "//$userid:$password@/api/v1/auth/password/validation" => json => $json )
186 ->status_is( 201, 'Validating using the `userid` attribute works' )
188 { cardnumber => $librarian->cardnumber, patron_id => $librarian->id, userid => $librarian->userid } );
191 password => $password,
192 userid => $librarian->cardnumber,
195 $t->post_ok( "//$userid:$password@/api/v1/auth/password/validation" => json => $json )
196 ->status_is( 400, 'Validating using a cardnumber as userid fails' )->json_is( { error => 'Validation failed' } );
199 identifier => $userid,
200 password => $password,
204 $t->post_ok( "//$userid:$password@/api/v1/auth/password/validation" => json => $json )
205 ->status_is( 400, 'Passing both parameters forbidden' )
206 ->json_is( { error => 'Bad request. Only one identifier attribute can be passed.' } );
208 $schema->storage->txn_rollback;
211 subtest 'password validation - expired password' => sub {
215 $schema->storage->txn_begin;
217 my $patron = $builder->build_object(
219 class => 'Koha::Patrons',
220 value => { flags => 2**2 } # catalogue flag = 2
223 my $patron_password = 'thePassword123';
224 $patron->set_password( { password => $patron_password, skip_validation => 1 } );
226 my $date = dt_from_string();
227 my $expiration_date = $date->subtract( days => 1 );
229 $patron->password_expiration_date($expiration_date)->store;
232 identifier => $patron->userid,
233 password => $patron_password,
236 $t->post_ok( "//$userid:$password@/api/v1/auth/password/validation" => json => $json )->status_is(400)
237 ->json_is( '/error' => 'Password expired' );
239 $schema->storage->txn_rollback;
242 $schema->storage->txn_rollback;