The Behat test for login assumes that the system has an account "admin" with the username "admin." This is not likely to be true for any system other than one spun up by Travis. Instead, the test should generate a user with a random username and password, log them in for the test, and then destroy the user afterward.

CommentFileSizeAuthor
#2 user-for-login-test-2299157-2.patch1.41 KBcboyden

Comments

dsnopek’s picture

dsnopek
he/him
Primary language English
Location USA
commented
Title: Login test uses insecure credentials » Login test depends on known credentials

Ah, yes, I agree this is a bug, but not because it insecure (it's just a test!) but because it's a hidden dependency outside of panopoly_test and the tests themselves.

cboyden’s picture

cboyden commented
Status: Active » Needs review
StatusFileSize
new user-for-login-test-2299157-2.patch1.41 KB

Here's a patch that uses the Drupal extension's "Given users:" step to create a test user and use them for the scenario. I would prefer to use the random generator, but I was not able to get it to work in this context.

The Drupal Extension does not document the fact that you can set a password using this step. Their example table only includes the name, mail, and roles fields. If there is no pass field, it creates a random password.

  • dsnopek committed ca1706e on 7.x-1.x 
    Update Panopoly Test for #2299157 by cboyden: Fixed Login test depends...
dsnopek’s picture

dsnopek
he/him
Primary language English
Location USA
commented
Status: Needs review » Fixed

Thanks! :-) Rerolled for the move to panopoly_test and committed. Worked locally, but let's see what Travis-CI says:

https://travis-ci.org/panopoly/panopoly/builds/29916966

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.