Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-58716

New Web Service core_auth_request_password_reset

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide
      1. As admin disable the protectusernames global setting
      2. Now, execute the following curl request

        curl 'http://localhost/m/stable_master/lib/ajax/service.php' --data-binary '[{"index":0,"methodname":"core_auth_request_password_reset","args":{"username": "", "email": "fakeemail@gmail.com"}}]' | python -m "json.tool"

      3. You should get a "status": "dataerror", The email address was not found in the database
      4. Execute the same curl request again but leaving empty the email field and adding an invalid username
      5. You should get a similar error but this time the username is what wasn't found
      6. Leave the username and email parameters empty and execute the curl call again
      7. You should get a new error dataerror, with 2 warnings (one for the username being and empty an the other one for the email field)
      8. Now, in the email field put a valid email address in your site
      9. You should get an status "emailresetconfirmsent" and a notice indicating that an email was sent to you
      10. Check that you receive correctly the email
      11. Now, execute the SAME curl request again
      12. The status now is: emailalreadysent
      13. Now, execute the SAME curl request again but leaving the email field empty and adding the username linked to the email account
      14. The status should be again: emailalreadysent
      15. Open your email inbox and using the latest email received change your username password and check that you can access with the new password
      16. Enable again the protectusernames global setting
      17. Execute the curl request using a valid email account
      18. Check that now you get an status of emailpasswordconfirmmaybesent and the notice is: If you supplied a correct username or email address then an e....
      19. Finally, using the Moodle web interface check that you can request a password reset and the complete process work as expected
      Show
      As admin disable the protectusernames global setting Now, execute the following curl request curl 'http://localhost/m/stable_master/lib/ajax/service.php' --data-binary ' [{"index":0,"methodname":"core_auth_request_password_reset","args":{"username": "", "email": "fakeemail@gmail.com"}}] ' | python -m "json.tool" You should get a "status": "dataerror", The email address was not found in the database Execute the same curl request again but leaving empty the email field and adding an invalid username You should get a similar error but this time the username is what wasn't found Leave the username and email parameters empty and execute the curl call again You should get a new error dataerror, with 2 warnings (one for the username being and empty an the other one for the email field) Now, in the email field put a valid email address in your site You should get an status "emailresetconfirmsent" and a notice indicating that an email was sent to you Check that you receive correctly the email Now, execute the SAME curl request again The status now is: emailalreadysent Now, execute the SAME curl request again but leaving the email field empty and adding the username linked to the email account The status should be again: emailalreadysent Open your email inbox and using the latest email received change your username password and check that you can access with the new password Enable again the protectusernames global setting Execute the curl request using a valid email account Check that now you get an status of emailpasswordconfirmmaybesent and the notice is: If you supplied a correct username or email address then an e.... Finally, using the Moodle web interface check that you can request a password reset and the complete process work as expected
    • Affected Branches:
      MOODLE_33_STABLE
    • Fixed Branches:
      MOODLE_34_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-58716-master

      Description

      Public Web Service (via XHR) to allow users to request a password reset using the mobile app.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  13/Nov/17