Testing the password form ========================= This is about the 'change_password' form. This test will try to login as a Plone user, change the password, logout and login with the new password. >>> view_name = '@@change-password' Viewing this form should not be possible for anonymous users: >>> self.browser.open('http://nohost/plone/' + view_name) >>> 'Login Name' in self.browser.contents True So let's login as Plone user: >>> self.browser.open('http://nohost/plone/') >>> self.browser.getLink('Log in').click() >>> self.browser.getControl('Login Name').value = 'test_user_1_' >>> self.browser.getControl('Password').value = 'secret' >>> self.browser.getControl('Log in').click() >>> 'Login failed' in self.browser.contents False Now we should be able to access the change password form: >>> self.browser.open('http://nohost/plone/' + view_name) >>> 'Login Name' in self.browser.contents False >>> 'Forgot your password' in self.browser.contents False >>> self.browser.url.endswith(view_name) True Let's try to change the password with a new one containing non-ascii chars: >>> self.browser.getControl(name='form.current_password').value = 'secret' >>> self.browser.getControl(name='form.new_password').value = 'super-secrét' >>> self.browser.getControl(name='form.new_password_ctl').value = 'super-secrét' >>> self.browser.getControl(name="form.actions.reset_passwd").click() >>> 'Password changed' in self.browser.contents True Let's try to change the password with the current one containing non-ascii chars: >>> self.browser.getControl(name='form.current_password').value = 'super-secrét' >>> self.browser.getControl(name='form.new_password').value = 'super-sécrét' >>> self.browser.getControl(name='form.new_password_ctl').value = 'super-sécrét' >>> self.browser.getControl(name="form.actions.reset_passwd").click() >>> 'Password changed' in self.browser.contents True Okay the password has been changed, let's logout and login again with the new password. >>> self.browser.open('http://nohost/plone/logout') >>> self.browser.open('http://nohost/plone/') >>> self.browser.getLink('Log in').click() >>> self.browser.getControl('Login Name').value = 'test_user_1_' >>> self.browser.getControl('Password').value = 'super-sécrét' >>> self.browser.getControl('Log in').click() >>> 'Login failed' in self.browser.contents False If we are logged in the change password form is available >>> self.browser.open('http://nohost/plone/' + view_name) >>> 'Please log in' in self.browser.contents False >>> 'Forgot your password' in self.browser.contents False >>> self.browser.url.endswith(view_name) True Now let's test using a PAS Password validation plugin. Add a test plugin. >>> self.addParrotPasswordPolicy() >>> self.browser.open('http://nohost/plone/' + view_name) >>> self.browser.url.endswith(view_name) True Check that we are given instructions on what is a valid password >>> print self.browser.contents <... ...Enter your new password. Must not be dead... Let's try to change the password with an invalid password: >>> self.browser.getControl(name='form.current_password').value = 'super-sécrét' >>> self.browser.getControl(name='form.new_password').value = 'dead parrot' >>> self.browser.getControl(name='form.new_password_ctl').value = 'dead parrot' >>> self.browser.getControl(name="form.actions.reset_passwd").click() >>> print self.browser.contents <... ...Must not be dead... Now try a valid password >>> self.browser.getControl(name='form.current_password').value = 'super-sécrét' >>> self.browser.getControl(name='form.new_password').value = 'fish' >>> self.browser.getControl(name='form.new_password_ctl').value = 'fish' >>> self.browser.getControl(name="form.actions.reset_passwd").click() >>> print self.browser.contents <... ...Password changed...