Merge branch 'MDL-54755_master' of https://github.com/StudiUM/moodle

2025-01-18 05:58:34 +01:00 · 2016-06-28 09:46:42 +08:00 · 2016-06-28 09:46:42 +08:00 · ffcbabcdd0
commit ffcbabcdd0
parent e1ac41ecc4 975bd11258
3 changed files with 119 additions and 1 deletions
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@ -4302,7 +4302,7 @@ function authenticate_user_login($username, $password, $ignorelockout=false, &$f
 * @return stdClass A {@link $USER} object - BC only, do not use
 */
 function complete_user_login($user) {
-    global $CFG, $USER;
+    global $CFG, $USER, $SESSION;

    \core\session\manager::login_user($user);

@ -4345,6 +4345,7 @@ function complete_user_login($user) {
            if ($changeurl = $userauth->change_password_url()) {
                redirect($changeurl);
            } else {
+                $SESSION->wantsurl = core_login_get_return_url();
                redirect($CFG->httpswwwroot.'/login/change_password.php');
            }
        } else {
--- a/login/tests/behat/behat_login.php
+++ b/login/tests/behat/behat_login.php
@ -0,0 +1,52 @@
+<?php
+// This file is part of Moodle - http://moodle.org/
+//
+// Moodle is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Moodle is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
+
+/**
+ * Behat login related steps definitions.
+ *
+ * @package    core
+ * @category   test
+ * @copyright  2016 Universite de Montreal
+ * @author     Gilles-Philippe Leblanc
+ * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+
+// NOTE: no MOODLE_INTERNAL used, this file may be required by behat before including /config.php.
+
+require_once(__DIR__ . '/../../../lib/behat/behat_base.php');
+
+/**
+ * Contains functions used by behat to test functionality.
+ *
+ * @package    core
+ * @category   test
+ * @copyright  2016 Universite de Montreal
+ * @author     Gilles-Philippe Leblanc
+ * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+class behat_login extends behat_base {
+
+    /**
+     * Force a password change for a specific user.
+     *
+     * @Given /^I force a password change for user "([^"]*)"$/
+     * @param string $username The username of the user whose password will expire
+     */
+    public function i_force_a_password_change_for_user($username) {
+        $user = core_user::get_user_by_username($username, 'id', null, MUST_EXIST);
+        set_user_preference("auth_forcepasswordchange", true, $user);
+    }
+}
--- a/login/tests/behat/change_password.feature
+++ b/login/tests/behat/change_password.feature
@ -0,0 +1,65 @@
+@core
+Feature: Change password
+  In order to ensure the password change works as expected
+  As a user
+  I need to test all the way to change my password
+
+  Background:
+    Given the following "users" exist:
+      | username | firstname | lastname | email |
+      | testuser | Test | User | moodle@example.com |
+
+  Scenario: A user can change his password manually
+    Given I am on site homepage
+    When I log in as "testuser"
+    And I follow "Preferences" in the user menu
+    And I follow "Change password"
+    And I set the field "Current password" to "testuser"
+    And I set the field "New password" to "NewPassword1*"
+    And I set the field "New password (again)" to "NewPassword1*"
+    And I click on "Save changes" "button"
+    And I should see "Password has been changed"
+    And I click on "Continue" "button"
+    And I should see "Preferences" in the "#region-main" "css_element"
+    And I log out
+    And I follow "Log in"
+    And I set the field "Username" to "testuser"
+    And I set the field "Password" to "NewPassword1*"
+    And I press "Log in"
+    Then I should see "You are logged in as Test User" in the "page-footer" "region"
+
+  Scenario: A user with expired password must change it when log in directly and then be redirected to the home page
+    Given I force a password change for user "testuser"
+    When I log in as "testuser"
+    Then I should see "You must change your password to proceed"
+    And I set the field "Current password" to "testuser"
+    And I set the field "New password" to "NewPassword1*"
+    And I set the field "New password (again)" to "NewPassword1*"
+    And I click on "Save changes" "button"
+    And I should see "Password has been changed"
+    And I click on "Continue" "button"
+    And I am on site homepage
+
+  @javascript
+  Scenario: A user with expired password trying to visit a required login page must change and it and then be redirected to this page
+    Given I force a password change for user "testuser"
+    And the following "courses" exist:
+      | fullname | shortname | visible |
+      | Course 1 | c1 | 1 |
+    And the following "course enrolments" exist:
+      | user | course | role |
+      | testuser | c1 | student |
+    And I am on site homepage
+    And I expand "Courses" node
+    When I follow "Course 1"
+    And I set the field "Username" to "testuser"
+    And I set the field "Password" to "testuser"
+    And I press "Log in"
+    Then I should see "You must change your password to proceed"
+    And I set the field "Current password" to "testuser"
+    And I set the field "New password" to "NewPassword1*"
+    And I set the field "New password (again)" to "NewPassword1*"
+    And I click on "Save changes" "button"
+    And I should see "Password has been changed"
+    And I click on "Continue" "button"
+    And I should see "Course 1"