Commit 470df2e3 authored by ale's avatar ale

Add test for opportunistic encryption enabling on pw change

parent cb4ddb0b
Pipeline #1523 passed with stages
in 1 minute and 26 seconds
......@@ -234,9 +234,12 @@ func TestIntegration_ChangeUserPassword(t *testing.T) {
// Verify various attempts at changing the password (user has no encryption keys).
func TestIntegration_ChangeUserPassword_WithOpportunisticEncryption(t *testing.T) {
runChangeUserPasswordTest(t, "uno@investici.org", as.Config{
user := runChangeUserPasswordTest(t, "uno@investici.org", as.Config{
EnableOpportunisticEncryption: true,
})
if !user.HasEncryptionKeys {
t.Fatal("encryption keys were not created on password change")
}
}
// Verify various attempts at changing the password (user with encryption keys).
......@@ -244,8 +247,8 @@ func TestIntegration_ChangeUserPassword_WithEncryptionKeys(t *testing.T) {
runChangeUserPasswordTest(t, "due@investici.org", as.Config{})
}
func runChangeUserPasswordTest(t *testing.T, username string, cfg as.Config) {
stop, _, c := startServiceWithConfig(t, cfg)
func runChangeUserPasswordTest(t *testing.T, username string, cfg as.Config) *as.RawUser {
stop, be, c := startServiceWithConfig(t, cfg)
defer stop()
testdata := []struct {
......@@ -279,6 +282,10 @@ func runChangeUserPasswordTest(t *testing.T, username string, cfg as.Config) {
t.Fatalf("ChangeUserPassword(old=%s new=%s) failed: %v", td.password, td.newPassword, err)
}
}
// The password that should work at the end of the above
// series of checks is still "password".
return checkUserInvariants(t, be, username, "password")
}
func TestIntegration_CreateResource(t *testing.T) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment