From e9adcde4648b54db8d40f314ca938dca5080bb9c Mon Sep 17 00:00:00 2001
From: Dylan William Hardison <dylan@hardison.net>
Date: Fri, 15 Sep 2017 14:30:40 -0400
Subject: Bug 1391702 - Replace Bugzilla::User::validate_password() with calls
 to Data::Password::passwdqc

---
 qa/t/test_bmo_enter_new_bug.t   |  2 +-
 qa/t/test_password_complexity.t | 97 -----------------------------------------
 qa/t/test_user_groups.t         |  7 +--
 qa/t/webservice_user_create.t   |  4 +-
 4 files changed, 7 insertions(+), 103 deletions(-)
 delete mode 100644 qa/t/test_password_complexity.t

(limited to 'qa/t')

diff --git a/qa/t/test_bmo_enter_new_bug.t b/qa/t/test_bmo_enter_new_bug.t
index 702d067a1..6e5753c74 100644
--- a/qa/t/test_bmo_enter_new_bug.t
+++ b/qa/t/test_bmo_enter_new_bug.t
@@ -413,7 +413,7 @@ sub _check_user {
     $sel->wait_for_page_to_load(WAIT_TIME);
     $sel->title_is('Add user');
     $sel->type_ok('login', $user);
-    $sel->type_ok('password', 'password');
+    $sel->type_ok('password', 'icohF1io2ohw');
     $sel->click_ok("add");
     $sel->wait_for_page_to_load(WAIT_TIME);
     $sel->is_text_present('regexp:The user account .* has been created successfully');
diff --git a/qa/t/test_password_complexity.t b/qa/t/test_password_complexity.t
deleted file mode 100644
index 97b440ddd..000000000
--- a/qa/t/test_password_complexity.t
+++ /dev/null
@@ -1,97 +0,0 @@
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0. If a copy of the MPL was not distributed with this
-# file, You can obtain one at http://mozilla.org/MPL/2.0/.
-#
-# This Source Code Form is "Incompatible With Secondary Licenses", as
-# defined by the Mozilla Public License, v. 2.0.
-
-use 5.10.1;
-use strict;
-use warnings;
-use lib qw(lib ../../lib ../../local/lib/perl5);
-
-use Test::More "no_plan";
-use QA::Util;
-
-my ($sel, $config) = get_selenium();
-log_in($sel, $config, 'admin');
-
-set_parameters($sel, {"Administrative Policies" => {"allowuserdeletion-on" => undef},
-                      "User Authentication"     => {"createemailregexp" => {type => "text", value => '.*'},
-                                                    "emailsuffix" => {type => "text", value => ''}} });
-
-# Set the password complexity to BMO.
-# Password must contain at least one UPPER and one lowercase letter.
-my @invalid_bmo = qw(lowercase UPPERCASE 1234567890 123lowercase 123UPPERCASE !@%&^lower !@&^UPPER);
-
-check_passwords($sel, 'bmo', \@invalid_bmo, ['Longerthan12chars', '%9rT#j22S']);
-
-# Set the password complexity to No Constraints.
-check_passwords($sel, 'no_constraints', ['12xY!', 'aaaaa'], ['aaaaaaaa', '>F12Xy?#']);
-
-logout($sel);
-
-sub check_passwords {
-    my ($sel, $param, $invalid_passwords, $valid_passwords) = @_;
-
-    set_parameters($sel, { "User Authentication" => {"password_complexity" => {type => "select", value => $param}} });
-    my $new_user = 'selenium-' . random_string(10) . '@bugzilla.org';
-
-    go_to_admin($sel);
-    $sel->click_ok("link=Users");
-    $sel->wait_for_page_to_load_ok(WAIT_TIME);
-    $sel->title_is('Search users');
-    $sel->click_ok('link=add a new user');
-    $sel->wait_for_page_to_load_ok(WAIT_TIME);
-    $sel->title_is('Add user');
-    $sel->type_ok('login', $new_user);
-
-    foreach my $password (@$invalid_passwords) {
-        $sel->type_ok('password', $password, 'Enter password');
-        $sel->click_ok('add');
-        $sel->wait_for_page_to_load_ok(WAIT_TIME);
-        if ($param eq 'no_constraints') {
-            $sel->title_is('Password Too Short');
-        }
-        else {
-            $sel->title_is('Password Fails Requirements');
-        }
-
-        my $error_msg = trim($sel->get_text("error_msg"));
-        if ($param eq 'bmo') {
-            ok($error_msg =~ /must meet three of the following requirements/,
-               "Password fails requirement: $password");
-        }
-        else {
-            ok($error_msg =~ /The password must be at least \d+ characters long/,
-               "Password Too Short: $password");
-        }
-        $sel->go_back_ok();
-        $sel->wait_for_page_to_load_ok(WAIT_TIME);
-    }
-
-    my $created = 0;
-
-    foreach my $password (@$valid_passwords) {
-        $sel->type_ok('password', $password, 'Enter password');
-        $sel->click_ok($created ? 'update' : 'add');
-        $sel->wait_for_page_to_load_ok(WAIT_TIME);
-        $sel->title_is($created ? "User $new_user updated" : "Edit user $new_user");
-        my $msg = trim($sel->get_text('message'));
-        if ($created++) {
-            ok($msg =~ /A new password has been set/, 'Account updated');
-        }
-        else {
-            ok($msg =~ /The user account $new_user has been created successfully/, 'Account created');
-        }
-    }
-
-    return unless $created;
-
-    $sel->click_ok('delete');
-    $sel->wait_for_page_to_load_ok(WAIT_TIME);
-    $sel->title_is("Confirm deletion of user $new_user");
-    $sel->click_ok('delete');
-    $sel->wait_for_page_to_load_ok(WAIT_TIME);
-    $sel->title_is("User $new_user deleted");
-}
diff --git a/qa/t/test_user_groups.t b/qa/t/test_user_groups.t
index 89fc2fd6d..0798a1b80 100644
--- a/qa/t/test_user_groups.t
+++ b/qa/t/test_user_groups.t
@@ -12,6 +12,7 @@ use lib qw(lib ../../lib ../../local/lib/perl5);
 use Test::More "no_plan";
 
 use QA::Util;
+use constant PASSWORD => 'uChoopoh1che';
 
 my ($sel, $config) = get_selenium();
 
@@ -67,7 +68,7 @@ $sel->wait_for_page_to_load_ok(WAIT_TIME);
 $sel->title_is('Add user');
 $sel->type_ok('login', 'master@selenium.bugzilla.org');
 $sel->type_ok('name', 'master-user');
-$sel->type_ok('password', 'selenium', 'Enter password');
+$sel->type_ok('password', PASSWORD, 'Enter password');
 $sel->type_ok('disabledtext', 'Not for common usage');
 $sel->click_ok('add');
 $sel->wait_for_page_to_load_ok(WAIT_TIME);
@@ -83,7 +84,7 @@ $sel->wait_for_page_to_load_ok(WAIT_TIME);
 $sel->title_is('Add user');
 $sel->type_ok('login', 'slave@selenium.bugzilla.org');
 $sel->type_ok('name', 'slave-user');
-$sel->type_ok('password', 'selenium', 'Enter password');
+$sel->type_ok('password', PASSWORD, 'Enter password');
 $sel->type_ok('disabledtext', 'Not for common usage');
 $sel->click_ok('add');
 $sel->wait_for_page_to_load_ok(WAIT_TIME);
@@ -99,7 +100,7 @@ $sel->wait_for_page_to_load_ok(WAIT_TIME);
 $sel->title_is('Add user');
 $sel->type_ok('login', 'reg@selenium.bugzilla.org');
 $sel->type_ok('name', 'reg-user');
-$sel->type_ok('password', 'selenium', 'Enter password');
+$sel->type_ok('password', PASSWORD, 'Enter password');
 $sel->type_ok('disabledtext', 'Not for common usage');
 $sel->click_ok('add');
 $sel->wait_for_page_to_load_ok(WAIT_TIME);
diff --git a/qa/t/webservice_user_create.t b/qa/t/webservice_user_create.t
index f82e71ae4..34b7a4896 100644
--- a/qa/t/webservice_user_create.t
+++ b/qa/t/webservice_user_create.t
@@ -16,7 +16,7 @@ use QA::Util;
 use Test::More tests => 75;
 my ($config, $xmlrpc, $jsonrpc, $jsonrpc_get) = get_rpc_clients();
 
-use constant NEW_PASSWORD => 'password';
+use constant NEW_PASSWORD => 'UiX1Shuuchid';
 use constant NEW_FULLNAME => 'WebService Created User';
 
 use constant PASSWORD_TOO_SHORT => 'a';
@@ -91,7 +91,7 @@ foreach my $rpc ($jsonrpc, $xmlrpc) {
         { user  => 'admin',
           args  => { email    => new_login(), full_name => NEW_FULLNAME,
                      password => PASSWORD_TOO_SHORT },
-          error => 'password must be at least',
+          error => 'The password does not meet our security requirements for the following reason: too short',
           test  => 'Password Too Short fails',
         },
         { user => 'admin',
-- 
cgit v1.2.3-24-g4f1b