summaryrefslogtreecommitdiffstats
path: root/xt/webservice/user_login_logout.t
blob: 2fc659a65fddfe70f332b9d22f593b258eab1488 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
# This Source Code Form is "Incompatible With Secondary Licenses", as
# defined by the Mozilla Public License, v. 2.0.

##########################################################
# Test for xmlrpc call to User.login() and User.logout() #
##########################################################

use 5.14.0;
use strict;
use warnings;

use FindBin qw($RealBin);
use lib "$RealBin/../lib";

use Data::Dumper;
use QA::Util;
use Test::More tests => 119;
my ($config, @clients) = get_rpc_clients();

use constant INVALID_EMAIL => '@invalid_user@';

my $user = $config->{unprivileged_user_login};
my $pass = $config->{unprivileged_user_passwd};
my $error = "The login or password you entered is not valid";

my @tests = (
    { user => 'unprivileged',
      test => "Unprivileged user can log in successfully",
    },

    { args  => { login => $user, password => '' },
      error => $error,
      test  => "Empty password can't log in",
    },
    { args  => { login => '', password => $pass },
      error => $error,
      test  => "Empty login can't log in",
    },
    { args  => { login => $user },
      error => "requires a password argument",
      test  => "Undef password can't log in",
    },
    { args  => { password => $pass },
      error => "requires a login argument",
      test  => "Undef login can't log in",
    },

    { args  => { login => INVALID_EMAIL, password => $pass },
      error => $error,
      test  => "Invalid email can't log in",
    },
    { args  => { login => $user, password => '*' },
      error => $error,
      test  => "Invalid password can't log in",
    },

    { args  => { login    => $config->{disabled_user_login},
                 password => $config->{disabled_user_passwd} },
      error => "!!This is the text!!",
      test  => "Can't log in with a disabled account",
    },
    { args  => { login => $config->{disabled_user_login}, password => '*' },
      error => $error,
      test  => "Logging in with invalid password doesn't show disabledtext",
    },
);

sub _login_args {
    my $args = shift;
    my %fixed_args = %$args;
    $fixed_args{Bugzilla_login} = delete $fixed_args{login};
    $fixed_args{Bugzilla_password} = delete $fixed_args{password};
    return \%fixed_args;
}

foreach my $rpc (@clients) {
    if ($rpc->bz_get_mode) {
        $rpc->bz_call_fail('User.logout', undef, 'must use HTTP POST',
                           'User.logout fails when called via GET');
    }

    foreach my $t (@tests) {
        if ($t->{user}) {
            my $username = $config->{$t->{user} . '_user_login'};
            my $password = $config->{$t->{user} . '_user_passwd'};

            if ($rpc->bz_get_mode) {
                $rpc->bz_call_fail('User.login',
                    { login => $username, password => $password },
                    'must use HTTP POST', $t->{test} . ' (fails on GET)');
            }
            else {
                $rpc->bz_log_in($t->{user});
                ok($rpc->{_bz_credentials}->{token}, 'Login token returned');
                $rpc->bz_call_success('User.logout');
            }

            if ($t->{error}) {
                $rpc->bz_call_fail('Bugzilla.version',
                    { Bugzilla_login => $username,
                      Bugzilla_password => $password });
            }
            else {
                $rpc->bz_call_success('Bugzilla.version',
                    { Bugzilla_login => $username,
                      Bugzilla_password => $password });
            }
        }
        else {
            # Under GET, there's no reason to have extra failing tests.
            if (!$rpc->bz_get_mode) {
                $rpc->bz_call_fail('User.login', $t->{args}, $t->{error},
                                   $t->{test});
            }
            if (defined $t->{args}->{login}
                and defined $t->{args}->{password})
            {
                my $fixed_args = _login_args($t->{args});
                $rpc->bz_call_fail('Bugzilla.version', $fixed_args,
                    $t->{error}, "Bugzilla_login: " . $t->{test});
            }
        }
    }
}