Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-42816

Add password expiry for manual auth method

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide

      Testing prerequisites

      1. You need write access in the database for this test.
      2. You need admin access to moodle.
      3. You need to have two manual user account created in your database before doing the upgrade with the patch. One older than 30 days but newer than 60 days, one created within the last 30 days. (You may change the user "timecreated and
        timemodified" value in the mdl_user table directly in the database).
      4. Update the moodle sourcefile.

      Testing instructions

      1. Run the following unit tests:

        phpunit auth_manual_testcase auth/manual/tests/manual_test.php
        phpunit core_user_testcase lib/tests/user_test.php
        

      2. As an admin, go to the "Password expiration settings" in the manual account auth settings page, put the option "Enable password expiry" to "yes", "Notification threshold" to "2 days" and click "Save changes".
      3. Disconnect from the admin account and login with the old created user account.
      4. You should see a notification message notice you that your password is expired.
      5. Click cancel. You should remains connected.
      6. Disconnect and login as an admin, go to the "Password expiry settings" in the manual account auth settings page, put the option "Enable password expiry" to "no" and click "Save changes".
      7. Disconnect and login with the old created user account.
      8. You should be connected without warnings.
      9. Disconnect and login as an admin, go to the "Password expiry settings" in the manual account auth settings page, put the option "Enable password expiry" to "yes", the option "Password duration" to "60 days" and click "Save changes".
      10. Disconnect and login with the old created user account.
      11. You should be connect without warnings.
      12. Disconnect and login as an admin, go to the "Password expiry settings" in the manual account auth settings page, put the option "Password duration" to "30 days" and click "Save changes".
      13. Disconnect and login with the old created user account.
      14. You should see a message warning you that your password is expired.
      15. Change the password.
      16. Disconnect from this account and reconnect again. You should not see the expiry notification message.
      17. Disconnect from this account.
      18. Login with the newly created user. You should not see the expiry notification message.
      19. Disconnect from this account.
      20. Go to the database and replace the "auth_manual_passwordupdatetime" value in "mdl_user_preferences" table for the old user with a unixtime around 29 days before the time in the value field
      21. Login with the old user account. you should see a warning that your account will expire in 1 day will propose you to change it now. Click cancel and disconnect.
      22. As an admin, go to the "Password expiry settings" in the manual account auth settings page, put the option "Notification threshold" to "Never" and click "Save changes".
      23. Disconnect and login with the old user account. you should not see any warning. Disconnect.
      24. As an admin, go to the "Password expiry settings" in the manual account auth settings page, put the option "Notification threshold" to "2 days" and click "Save changes".
      25. Disconnect and login with the old user account. you should see a notification that your account will expire in 1 day will propose you to change it now. Update it now.
      26. Disconnect and reconnect. You should not see any notification.
      Show
      Testing prerequisites You need write access in the database for this test. You need admin access to moodle. You need to have two manual user account created in your database before doing the upgrade with the patch. One older than 30 days but newer than 60 days, one created within the last 30 days. (You may change the user "timecreated and timemodified" value in the mdl_user table directly in the database). Update the moodle sourcefile. Testing instructions Run the following unit tests: phpunit auth_manual_testcase auth/manual/tests/manual_test.php phpunit core_user_testcase lib/tests/user_test.php As an admin, go to the "Password expiration settings" in the manual account auth settings page, put the option "Enable password expiry" to "yes", "Notification threshold" to "2 days" and click "Save changes". Disconnect from the admin account and login with the old created user account. You should see a notification message notice you that your password is expired. Click cancel. You should remains connected. Disconnect and login as an admin, go to the "Password expiry settings" in the manual account auth settings page, put the option "Enable password expiry" to "no" and click "Save changes". Disconnect and login with the old created user account. You should be connected without warnings. Disconnect and login as an admin, go to the "Password expiry settings" in the manual account auth settings page, put the option "Enable password expiry" to "yes", the option "Password duration" to "60 days" and click "Save changes". Disconnect and login with the old created user account. You should be connect without warnings. Disconnect and login as an admin, go to the "Password expiry settings" in the manual account auth settings page, put the option "Password duration" to "30 days" and click "Save changes". Disconnect and login with the old created user account. You should see a message warning you that your password is expired. Change the password. Disconnect from this account and reconnect again. You should not see the expiry notification message. Disconnect from this account. Login with the newly created user. You should not see the expiry notification message. Disconnect from this account. Go to the database and replace the "auth_manual_passwordupdatetime" value in "mdl_user_preferences" table for the old user with a unixtime around 29 days before the time in the value field Login with the old user account. you should see a warning that your account will expire in 1 day will propose you to change it now. Click cancel and disconnect. As an admin, go to the "Password expiry settings" in the manual account auth settings page, put the option "Notification threshold" to "Never" and click "Save changes". Disconnect and login with the old user account. you should not see any warning. Disconnect. As an admin, go to the "Password expiry settings" in the manual account auth settings page, put the option "Notification threshold" to "2 days" and click "Save changes". Disconnect and login with the old user account. you should see a notification that your account will expire in 1 day will propose you to change it now. Update it now. Disconnect and reconnect. You should not see any notification.
    • Affected Branches:
      MOODLE_27_STABLE
    • Fixed Branches:
      MOODLE_27_STABLE
    • Pull Master Branch:
      MDL-42816-master

      Description

      It may be nice to add password expiry for the manual accounts authentication method.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                1 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  12/May/14