1# -- 2# Copyright (C) 2001-2020 OTRS AG, https://otrs.com/ 3# -- 4# This software comes with ABSOLUTELY NO WARRANTY. For details, see 5# the enclosed file COPYING for license information (GPL). If you 6# did not receive this file, see https://www.gnu.org/licenses/gpl-3.0.txt. 7# -- 8 9use strict; 10use warnings; 11use utf8; 12 13use vars (qw($Self)); 14 15# get helper object 16$Kernel::OM->ObjectParamAdd( 17 'Kernel::System::UnitTest::Helper' => { 18 RestoreDatabase => 1, 19 }, 20); 21my $Helper = $Kernel::OM->Get('Kernel::System::UnitTest::Helper'); 22 23# get config object 24my $ConfigObject = $Kernel::OM->Get('Kernel::Config'); 25 26# configure auth backend to db 27$ConfigObject->Set( 28 Key => 'AuthBackend', 29 Value => 'DB', 30); 31 32# no additional auth backends 33for my $Count ( 1 .. 10 ) { 34 35 $ConfigObject->Set( 36 Key => "AuthBackend$Count", 37 Value => '', 38 ); 39} 40 41# disable email checks to create new user 42$ConfigObject->Set( 43 Key => 'CheckEmailAddresses', 44 Value => 0, 45); 46 47my $TestUserID; 48my $UserRand = 'example-user' . $Helper->GetRandomID(); 49 50# get user object 51my $UserObject = $Kernel::OM->Get('Kernel::System::User'); 52 53# add test user 54$TestUserID = $UserObject->UserAdd( 55 UserFirstname => 'Firstname Test1', 56 UserLastname => 'Lastname Test1', 57 UserLogin => $UserRand, 58 UserEmail => $UserRand . '@example.com', 59 ValidID => 1, 60 ChangeUserID => 1, 61) || die "Could not create test user"; 62 63# make sure that the customer user objects gets recreated for each loop. 64$Kernel::OM->ObjectsDiscard( 65 Objects => [ 66 'Kernel::System::User', 67 'Kernel::System::Auth', 68 ], 69); 70 71my $AuthObject = $Kernel::OM->Get('Kernel::System::Auth'); 72 73my $PasswordSet = $UserObject->SetPassword( 74 UserLogin => $UserRand, 75 PW => '123', 76); 77 78$Self->True( 79 $PasswordSet, 80 "Password set" 81); 82 83my $AuthResult = $AuthObject->Auth( 84 User => $UserRand, 85 Pw => '123', 86); 87 88$Self->Is( 89 $AuthResult, 90 $UserRand, 91 "First authentication ok", 92); 93 94$ConfigObject->Get('PreferencesGroups')->{Password}->{PasswordMaxLoginFailed} = 2; 95 96for ( 1 .. 2 ) { 97 $AuthResult = $AuthObject->Auth( 98 User => $UserRand, 99 Pw => 'wrong', 100 ); 101 102 $Self->Is( 103 $AuthResult, 104 undef, 105 "Wrong authentication", 106 ); 107} 108 109$AuthResult = $AuthObject->Auth( 110 User => $UserRand, 111 Pw => '123', 112); 113 114$Self->Is( 115 $AuthResult, 116 undef, 117 "Authentication not possible any more after too many failures", 118); 119 120my %User = $UserObject->GetUserData( 121 UserID => $TestUserID, 122); 123delete $User{UserPw}; # Don't update/break password. 124 125my $Update = $UserObject->UserUpdate( 126 %User, 127 ValidID => 1, 128 ChangeUserID => 1, 129); 130 131$Self->True( 132 $Update, 133 "User revalidated" 134); 135 136$AuthResult = $AuthObject->Auth( 137 User => $UserRand, 138 Pw => '123', 139); 140 141$Self->Is( 142 $AuthResult, 143 $UserRand, 144 "Authentication possible again after revalidation", 145); 146 147# cleanup is done by RestoreDatabase 148 1491; 150