From 0e5890475e90711b9f4232d6c380291cb3f3cee4 Mon Sep 17 00:00:00 2001
From: Nick Clemens <nick@bywatersolutions.com>
Date: Fri, 5 Feb 2016 16:01:17 +0000
Subject: [PATCH] Bug 15343 [QA Followup]

* Check for leading/trailing spaces in password
* Check hashed password in tests

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
---
 koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-memberentry.tt | 3 ++-
 opac/opac-memberentry.pl                                     | 3 +++
 t/db_dependent/Members.t                                     | 5 ++++-
 3 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-memberentry.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-memberentry.tt
index 7ef1f5bacf..0ea468d5c5 100644
--- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-memberentry.tt
+++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-memberentry.tt
@@ -61,7 +61,8 @@
                                 [% IF field == "emailpro" %]<li>Contact information: <a href="#borrower_emailpro">secondary email address</a></li>[% END %]
                                 [% IF field == "B_email" %]<li>Alternate address information: <a href="#borrower_B_email">email address</a></li>[% END %]
                                 [% IF field == "password_match" %]<li>Passwords do not match! <a href="#password">password</a></li>[% END %]
-                                [% IF field == "password_invalid" %]<li>Password does not meet minium requirements! <a href="#password">password</a></li>[% END %]
+                                [% IF field == "password_invalid" %]<li>Password does not meet minimum requirements! <a href="#password">password</a></li>[% END %]
+                                [% IF field == "password_spaces" %]<li>Password contains leading and/or trailing spaces! <a href="#password">password</a></li>[% END %]
                             [% END %]
                         </ul>
                         Please correct the errors and resubmit.
diff --git a/opac/opac-memberentry.pl b/opac/opac-memberentry.pl
index 03ae18e382..72cb2560c6 100755
--- a/opac/opac-memberentry.pl
+++ b/opac/opac-memberentry.pl
@@ -326,6 +326,9 @@ sub CheckForInvalidFields {
     if ( $borrower->{'password'}  && $minpw && (length($borrower->{'password'}) < $minpw) ) {
        push(@invalidFields, "password_invalid");
     }
+    if ( $borrower->{'password'} ) {
+       push(@invalidFields, "password_spaces") if ($borrower->{'password'} =~ /^\s/ or $borrower->{'password'} =~ /\s$/);
+    }
 
     return \@invalidFields;
 }
diff --git a/t/db_dependent/Members.t b/t/db_dependent/Members.t
index 13e6b57f28..55bdf82d28 100755
--- a/t/db_dependent/Members.t
+++ b/t/db_dependent/Members.t
@@ -17,7 +17,7 @@
 
 use Modern::Perl;
 
-use Test::More tests => 76;
+use Test::More tests => 77;
 use Test::MockModule;
 use Data::Dumper;
 use C4::Context;
@@ -371,6 +371,9 @@ my $password="";
 is( $password =~ /^[a-zA-Z]{10}$/ , 1, 'Test for autogenerated password if none submitted');
 ( $borrowernumber, $password ) = AddMember_Opac(surname=>"Deckard",firstname=>"Rick",password=>"Nexus-6",branchcode => $library2->{branchcode});
 is( $password eq "Nexus-6", 1, 'Test password used if submitted');
+$borrower = GetMember(borrowernumber => $borrowernumber);
+my $hashed_up =  Koha::AuthUtils::hash_password("Nexus-6", $borrower->{password});
+is( $borrower->{password} eq $hashed_up, 1, 'Check password hash equals hash of submitted password' );
 
 
 
-- 
2.20.1