LP#1710949: add tests for blocking after failed attempts

Enhance the live tests to verify that attempts to log in
get blocked after too many failed ones; this assumes
a stock value for block_count.

General testing plan:

[1] Use srfsh to test, e.g.,

srfsh# request open-ils.auth open-ils.auth.login {"identifier":"99999389406","password":"12345","type":"opac","org":1}

[2] Try various scenarios:

    - wrong password
    - type = staff but user doesn't have STAFF_LOGIN
    - repeated failed attempts
    - barcode is inactive
    - using "identifier" in conjunction with opac.barcode_regex set
    - using "username" or "barcode"
    - supplying a workstation name that exists
    - ... or does not
    - user is inactive
    - user is marked barrred

Signed-off-by: Galen Charlton <gmc@equinoxinitiative.org>
Signed-off-by: Mike Rylander <mrylander@gmail.com>

diff --git a/Open-ILS/src/perlmods/live_t/24-lp1710949-login-api.t b/Open-ILS/src/perlmods/live_t/24-lp1710949-login-api.t
index ba4e4df..e32ec61 100644 (file)
--- a/Open-ILS/src/perlmods/live_t/24-lp1710949-login-api.t
+++ b/Open-ILS/src/perlmods/live_t/24-lp1710949-login-api.t
@@ -1,12 +1,13 @@
 #!perl
 
-use Test::More tests => 6;
+use Test::More tests => 22;
 
 diag("Tests open-ils.auth.login");
 
 use strict; use warnings;
 use OpenILS::Utils::TestUtils;
 use OpenILS::Application::AppUtils;
+use OpenSRF::Utils::Cache;
 our $U = "OpenILS::Application::AppUtils";
 
 OpenILS::Utils::TestUtils->new->bootstrap;
@@ -67,3 +68,28 @@ $resp = $U->simplereq(
 
 is($resp->{textcode}, 'SUCCESS', 'Identifier check for br1mclark OK');
 
+foreach my $i (1..15) {
+    $resp = $U->simplereq(
+        'open-ils.auth',
+        'open-ils.auth.login', {
+            identifier => 'br1mclark',
+            password => 'justplainwrong',
+            type => 'staff'
+        }
+    );
+    isnt($resp->{textcode}, 'SUCCESS', "Attempt $i: wrong password br1mclark does not work");
+}
+
+$resp = $U->simplereq(
+    'open-ils.auth',
+    'open-ils.auth.login', {
+        identifier => 'br1mclark',
+        password => 'montyc1234',
+        type => 'staff'
+    }
+);
+isnt($resp->{textcode}, 'SUCCESS', '... and consequently multiple failed attempts block');
+
+# and clean up
+my $cache = OpenSRF::Utils::Cache->new("global", 0);
+$cache->delete_cache('oils_auth_br1mclark_count');