summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--qa/t/test_create_user_accounts.t2
-rw-r--r--qa/t/webservice_user_create.t10
2 files changed, 10 insertions, 2 deletions
diff --git a/qa/t/test_create_user_accounts.t b/qa/t/test_create_user_accounts.t
index d9c0c4404..5d6471073 100644
--- a/qa/t/test_create_user_accounts.t
+++ b/qa/t/test_create_user_accounts.t
@@ -85,6 +85,8 @@ foreach my $account (@accounts) {
# These accounts are illegal but do not cause a javascript alert
@accounts = ('test@bugzilla.org@bugzilla.test', 'test@bugzilla..test');
+# Logins larger than 127 characters must be rejected, for security reasons.
+push @accounts, 'selenium-' . random_string(110) . '@bugzilla.test';
foreach my $account (@accounts) {
$sel->click_ok("link=New Account");
$sel->wait_for_page_to_load_ok(WAIT_TIME);
diff --git a/qa/t/webservice_user_create.t b/qa/t/webservice_user_create.t
index 20301a6c5..551de9977 100644
--- a/qa/t/webservice_user_create.t
+++ b/qa/t/webservice_user_create.t
@@ -13,7 +13,7 @@ use strict;
use warnings;
use lib qw(lib);
use QA::Util;
-use Test::More tests => 69;
+use Test::More tests => 75;
my ($config, $xmlrpc, $jsonrpc, $jsonrpc_get) = get_rpc_clients();
use constant NEW_PASSWORD => 'password';
@@ -25,7 +25,7 @@ use constant PASSWORD_TOO_SHORT => 'a';
use constant INVALID_EMAIL => '()[]\;:,<>@webservice.test';
sub new_login {
- return 'created_' . random_string() . '@webservice.test';
+ return 'created_' . random_string(@_) . '@webservice.test';
}
sub post_success {
@@ -76,6 +76,12 @@ foreach my $rpc ($jsonrpc, $xmlrpc) {
test => 'Invalid email address fails',
},
{ user => 'admin',
+ args => { email => new_login(128), full_name => NEW_FULLNAME,
+ password => NEW_PASSWORD },
+ error => "didn't pass our syntax checking",
+ test => 'Too long (> 127 chars) email address fails',
+ },
+ { user => 'admin',
args => { email => $config->{unprivileged_user_login},
full_name => NEW_FULLNAME, password => NEW_PASSWORD },
error => "There is already an account",