Skip to content

Commit

Permalink
added tests for change password
Browse files Browse the repository at this point in the history
  • Loading branch information
@Celiant
Celiant committed Jan 24, 2025
1 parent 0bb780d commit bbea8d7
Show file tree
Hide file tree
Showing 2 changed files with 130 additions and 0 deletions.
129 changes: 129 additions & 0 deletions e2e-tests/cypress/e2e/api-tests/000_accounts/postUpdatePassword.cy.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,129 @@
import { METHOD, STATUS_CODE } from "../../../support/api/api-const";
import API from "../../../support/ApiUrls";

context("Update password", { tags: ['accounts', 'firstPool', 'all'] }, () => {
const name = "TestUserRegistration";

it("Change password", () => {
cy.request({
method: METHOD.POST,
url: API.ApiServer + API.ChangePassword,
body: {
username: name,
oldPassword: "test",
newPassword: "test1"
}
}).then((response) => {
expect(response.status).to.eq(STATUS_CODE.OK);
expect(response.body).to.have.property("username", name);
expect(response.body).to.have.property("role", "USER");
}).then(() => {
cy.request({
method: METHOD.POST,
url: API.ApiServer + API.AccountsLogin,
body: {
username: name,
password: "test1"
}
}).then((response) => {
expect(response.status).to.eq(STATUS_CODE.OK);
expect(response.body).to.have.property("username", name);
expect(response.body).to.have.property("role", "USER");
});
cy.request({
method: METHOD.POST,
url: API.ApiServer + API.AccountsLogin,
body: {
username: name,
password: "test"
},
failOnStatusCode: false
}).then((response) => {
expect(response.status).to.eq(STATUS_CODE.UNAUTHORIZED);
});
});
});

it("Change password without body - Negative", () => {
cy.request({
method: METHOD.POST,
url: API.ApiServer + API.ChangePassword,
failOnStatusCode: false
}).then((response) => {
expect(response.status).to.eq(STATUS_CODE.UNPROCESSABLE);
})
});

it("Change password with wrong password body - Negative", () => {
cy.request({
method: METHOD.POST,
url: API.ApiServer + API.ChangePassword,
body: {
username: name,
oldPassword: "test",
newPassword: "test2"
},
failOnStatusCode: false
}).then((response) => {
expect(response.status).to.eq(STATUS_CODE.UNAUTHORIZED);
})
});

it('Change password without username - Negative', () => {
cy.request({
method: METHOD.POST,
url: API.ApiServer + API.ChangePassword,
body: {
oldPassword: "test",
newPassword: "test1"
},
failOnStatusCode: false
}).then((response) => {
expect(response.status).to.eq(STATUS_CODE.UNPROCESSABLE);
})
});

it('Change password without old password - Negative', () => {
cy.request({
method: METHOD.POST,
url: API.ApiServer + API.ChangePassword,
body: {
username: name,
newPassword: "test1"
},
failOnStatusCode: false
}).then((response) => {
expect(response.status).to.eq(STATUS_CODE.UNPROCESSABLE);
})
});

it('Change password with wrong username - Negative', () => {
cy.request({
method: METHOD.POST,
url: API.ApiServer + API.ChangePassword,
body: {
username: name + "fdsafds",
oldPassword: "test",
newPassword: "test1"
},
failOnStatusCode: false
}).then((response) => {
expect(response.status).to.eq(STATUS_CODE.UNAUTHORIZED);
})
});

it('Change password with sql infection - Negative', () => {
cy.request({
method: METHOD.POST,
url: API.ApiServer + API.ChangePassword,
body: {
username: 'select * from users where id = 1 or 1=1',
oldPassword: "test",
newPassword: "test1"
},
failOnStatusCode: false
}).then((response) => {
expect(response.status).to.eq(STATUS_CODE.UNAUTHORIZED);
})
});
});
1 change: 1 addition & 0 deletions e2e-tests/cypress/support/ApiUrls.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ const API = {
//Accounts
Accounts: "accounts/",
AccountsLogin: "accounts/login/",
ChangePassword: "accounts/change-password/",
AccessToken: "accounts/access-token/",
RootAuthorities: "accounts/root-authorities",
Installer: "accounts/installer",
Expand Down

0 comments on commit bbea8d7

Please sign in to comment.