Index: modules/user/user.test =================================================================== RCS file: /cvs/drupal/drupal/modules/user/user.test,v retrieving revision 1.38 diff -u -r1.38 user.test --- modules/user/user.test 24 May 2009 17:39:35 -0000 1.38 +++ modules/user/user.test 26 May 2009 06:57:51 -0000 @@ -55,15 +55,71 @@ $this->drupalPost('user', $edit, t('Log in')); $this->assertText(t('Sorry, unrecognized username or password. Have you forgotten your password?'), t('Invalid login attempt failed.')); - // Login using password reset page. - $url = user_pass_reset_url($user); - sleep(1); // TODO Find better way. - $this->drupalGet($url); - $this->assertText(t('This login can be used only once.'), t('Login can be used only once.')); + // Try to reset the password for an invalid account. + $this->drupalGet('user/password'); + $edit = array(); + $edit['name'] = $this->randomName(32); + $this->drupalPost(NULL, $edit, t('E-mail new password')); + $this->assertRaw(t('Sorry, %name is not recognized as a user name or an e-mail address.', array('%name' => $edit['name'])), t('Validation message shown when trying to request password for invalid account.')); + $this->assertEqual(count($this->drupalGetMails(array('id' => 'user_password_reset'))), 0, t('No e-mail was sent when requesting a password for an invalid account.')); + // Reset the password via the password reset page and reset by username. + $edit = array(); + $edit['name'] = $name; + $this->drupalPost(NULL, $edit, t('E-mail new password')); + + // Verify that the user received an e-mail + $this->assertMail('to', $user->mail, t('Password e-mail sent to user.')); + $subject = t('Replacement login information for !username at !site', array('!username' => $name, '!site' => variable_get('site_name', 'Drupal'))); + $this->assertMail('subject', $subject, t('Password reset e-mail subject is correct.')); + + // Try to extract the one-time login link from the body of that e-mail. + $mail = $this->drupalGetMails( + array( + 'to' => $user->mail, + 'id' => 'user_password_reset', + ) + ); + preg_match('~user/reset/\d+/\d+/[a-z\d]+~', $mail[0]['body'], $match); + $this->assertTrue(count($match) == 1, t('E-mail contains one-time login link.')); + $this->drupalGet($match[0]); + + // Check the one-time login page. + $this->assertText($name, t('One-time login page contains the correct username.') ); + $this->assertText(t('This login can be used only once.'), t('Login can be used only once.')); $this->drupalPost(NULL, NULL, t('Log in')); $this->assertText(t('You have just used your one-time login link. It is no longer necessary to use this link to login. Please change your password.'), t('This link is no longer valid.')); + // Log out, and try to log in again using the same one-time link. + $this->drupalLogout(); + $this->drupalGet($match[0]); + $this->assertText(t('You have tried to use a one-time login link which has either been used or is no longer valid.'), t('One-time link is no longer valid.')); + + // Request a new password again, this time using the e-mail address. + $this->drupalGet('user/password'); + $edit = array(); + $edit['name'] = $user->mail; + $this->drupalPost(NULL, $edit, t('E-mail new password')); + + // Verify that the user received an e-mail + $this->assertMail('to', $user->mail, t('Password e-mail sent to user.')); + + // Try to extract the one-time login link from the body of that e-mail. + $mail = $this->drupalGetMails( + array( + 'to' => $user->mail, + 'subject' => t('Replacement login information for !username at !site', array('!username' => $name, '!site' => variable_get('site_name', 'Drupal'))), + ) + ); + preg_match('~user/reset/\d+/\d+/[a-z\d]+~', $mail[1]['body'], $match); + $this->assertTrue(count($match) == 1, t('E-mail contains one-time login link.')); + $this->drupalGet($match[0]); + + // Check the one-time login page. + $this->assertText($name, t('One-time login page contains the correct username.') ); + $this->assertText(t('This login can be used only once.'), t('Login can be used only once.')); + $this->drupalPost(NULL, NULL, t('Log in')); + // Check password type validation $edit = array(); $edit['pass[pass1]'] = '99999.0';