1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
namespace CWP\Core\Tests; |
4
|
|
|
|
5
|
|
|
use SilverStripe\Dev\SapphireTest; |
6
|
|
|
use SilverStripe\Security\Member; |
7
|
|
|
|
8
|
|
|
/** |
9
|
|
|
* Indeed it appears to only be testing config settings, however that isn't the main goal of this minor test suite. The |
10
|
|
|
* goal is more to catch 'regressions' should someone alter the values, given that the minimums tested here are a |
11
|
|
|
* requirement for compliance. The tests should still pass if passwords are strengthened with more checks or higher |
12
|
|
|
* character limits, for example. The values were previously removed due to duplication. However on inspection I could |
13
|
|
|
* not find where they were duplicated. I assume framework defaults - however I couldn't find where they were set there |
14
|
|
|
* either. This is merely an extra layer of assurance. |
15
|
|
|
* |
16
|
|
|
* E.g. the TestNames have no default in the core, and are not configurable. I didn't look too hard at mid-method |
17
|
|
|
* fallbacks, but it seemed a logical conclusion to add this back in via the use of Injector as seen in the |
18
|
|
|
* _config/sercurity.yml section of this PR. To ensure this is set I run the test - not because it's not a config |
19
|
|
|
* setting, but because it's also an Integration test - the PasswordValidator is always fetched via the way it's |
20
|
|
|
* created in use (not directly with new or only with Injector via create). |
21
|
|
|
* |
22
|
|
|
* This is my justification for adding this wee test suite. |
23
|
|
|
* |
24
|
|
|
* @group integration |
25
|
|
|
* @group compliance |
26
|
|
|
*/ |
27
|
|
|
class PasswordStrengthTest extends SapphireTest |
28
|
|
|
{ |
29
|
|
|
public function testPasswordMinLength() |
30
|
|
|
{ |
31
|
|
|
$passwordValidator = Member::password_validator(); |
32
|
|
|
$this->assertGreaterThanOrEqual(10, $passwordValidator->getMinLength()); |
33
|
|
|
} |
34
|
|
|
|
35
|
|
|
public function testMinTestScore() |
36
|
|
|
{ |
37
|
|
|
$passwordValidator = Member::password_validator(); |
38
|
|
|
$this->assertGreaterThanOrEqual(3, $passwordValidator->getMinTestScore()); |
39
|
|
|
} |
40
|
|
|
|
41
|
|
|
public function testHistoricCheckCount() |
42
|
|
|
{ |
43
|
|
|
$passwordValidator = Member::password_validator(); |
44
|
|
|
$this->assertGreaterThanOrEqual(6, $passwordValidator->getHistoricCount()); |
45
|
|
|
} |
46
|
|
|
|
47
|
|
|
public function testTestNamesInclude() |
48
|
|
|
{ |
49
|
|
|
$passwordValidator = Member::password_validator(); |
50
|
|
|
$this->assertContains('lowercase', $passwordValidator->getTestNames()); |
51
|
|
|
$this->assertContains('uppercase', $passwordValidator->getTestNames()); |
52
|
|
|
$this->assertContains('digits', $passwordValidator->getTestNames()); |
53
|
|
|
$this->assertContains('punctuation', $passwordValidator->getTestNames()); |
54
|
|
|
} |
55
|
|
|
} |
56
|
|
|
|