diff options
| author | Akshay Vishnoi <akshay.vishnoi@vinsol.com> | 2014-06-14 12:35:31 +0530 |
|---|---|---|
| committer | Akshay Vishnoi <akshay.vishnoi@vinsol.com> | 2014-06-14 12:35:31 +0530 |
| commit | cabbc8f6a58635bdae4002e6553ebed2206fd17d (patch) | |
| tree | 6f4cde539a1e260e041b38351b587e59767f35b2 /activemodel/test/cases | |
| parent | cf67031546735651375b7df06bda6721ad57fbe2 (diff) | |
| download | rails-cabbc8f6a58635bdae4002e6553ebed2206fd17d.tar.gz rails-cabbc8f6a58635bdae4002e6553ebed2206fd17d.tar.bz2 rails-cabbc8f6a58635bdae4002e6553ebed2206fd17d.zip | |
SecurePassword - Validate password must be less than or equal to 72
See #14591, Reason - BCrypt hash function can handle maximum 72 characters.
Diffstat (limited to 'activemodel/test/cases')
| -rw-r--r-- | activemodel/test/cases/secure_password_test.rb | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/activemodel/test/cases/secure_password_test.rb b/activemodel/test/cases/secure_password_test.rb index bcd1e04a0f..f6dfdc5342 100644 --- a/activemodel/test/cases/secure_password_test.rb +++ b/activemodel/test/cases/secure_password_test.rb @@ -45,6 +45,20 @@ class SecurePasswordTest < ActiveModel::TestCase assert_equal ["can't be blank"], @user.errors[:password] end + test 'create a new user with validation and password length less than or equal to 72' do + @user.password = 'nakshay' * 10 + @user.password_confirmation = @user.password + assert @user.valid?(:create), 'user should be valid' + end + + test 'create a new user with validation and password length greater than 72' do + @user.password = 'nakshay' * 11 + @user.password_confirmation = @user.password + assert !@user.valid?(:create), 'user should be invalid' + assert_equal 1, @user.errors.count + assert_equal ["is too long (maximum is 72 characters)"], @user.errors[:password] + end + test "create a new user with validation and a blank password confirmation" do @user.password = 'password' @user.password_confirmation = '' @@ -97,6 +111,20 @@ class SecurePasswordTest < ActiveModel::TestCase assert_equal ["can't be blank"], @existing_user.errors[:password] end + test 'updating an existing user with validation and password length less than or equal to 72' do + @existing_user.password = 'nakshay' * 10 + @existing_user.password_confirmation = @existing_user.password + assert @existing_user.valid?(:update), 'user should be valid' + end + + test 'updating an existing user with validation and password length greater than 72' do + @existing_user.password = 'nakshay' * 11 + @existing_user.password_confirmation = @existing_user.password + assert !@existing_user.valid?(:update), 'user should be invalid' + assert_equal 1, @existing_user.errors.count + assert_equal ["is too long (maximum is 72 characters)"], @existing_user.errors[:password] + end + test "updating an existing user with validation and a blank password confirmation" do @existing_user.password = 'password' @existing_user.password_confirmation = '' |