LP#1673059: Update passwd storage test

[working/Evergreen.git] / Open-ILS / src / sql / Pg / live_t / lp1468422_passwd_storage.pg

\set ECHO none
\set QUIET 1
-- Turn off echo and keep things quiet.

-- Format the output for nice TAP.
\pset format unaligned
\pset tuples_only true
\pset pager

-- Revert all changes on failure.
\set ON_ERROR_ROLLBACK 1
\set ON_ERROR_STOP true
\set QUIET 1

BEGIN;

-- Plan the tests.
SELECT plan(6);

SELECT ok(
    (SELECT TRUE AS verify_old_pw FROM actor.usr 
        WHERE id = 189 AND passwd = MD5('montyc1234')),
    'Legacy password should match'
);

SELECT isnt_empty(
    'SELECT actor.get_salt(189, ''main'')',
    'get_salt() returns a new salt'
);

SELECT isnt_empty(
    'SELECT * FROM actor.passwd WHERE usr = 189 AND passwd_type = ''main''',
    'get_salt() should migrate the password'
);

SELECT ok(
    (SELECT actor.verify_passwd(189, 'main', 
        MD5(actor.get_salt(189, 'main') || MD5('montyc1234')))),
    'verify_passwd should verify migrated password'
);

SELECT ok(
    (SELECT NOT (
        SELECT actor.verify_passwd(189, 'main', 
            MD5(actor.get_salt(189, 'main') || MD5('BADPASSWORD'))))
    ),
    'verify_passwd should fail with wrong password'
);

-- This code chunk mimics the application changing a user's password
DO $$
    DECLARE new_salt TEXT;
BEGIN
    -- we have to capture the salt, because subsequent 
    -- calls will create a new one.
    SELECT INTO new_salt actor.create_salt('main');
    PERFORM actor.set_passwd(
        189, 'main', MD5(new_salt || MD5('bobblehead')), new_salt);
END $$;

SELECT ok(
    (SELECT actor.verify_passwd(189, 'main', 
        MD5(actor.get_salt(189, 'main') || MD5('bobblehead')))),
    'verify_passwd should verify new password'
);

-- Finish the tests and clean up.
SELECT * FROM finish();

ROLLBACK;