diff options
Diffstat (limited to 'service')
-rw-r--r-- | service/diagrams/backup_account.png | bin | 0 -> 32685 bytes | |||
-rw-r--r-- | service/diagrams/backup_account.txt | 37 | ||||
-rw-r--r-- | service/diagrams/forgot_password.png | bin | 0 -> 36634 bytes | |||
-rw-r--r-- | service/diagrams/forgot_password.txt | 35 | ||||
-rw-r--r-- | service/test/functional/features/environment.py | 2 | ||||
-rw-r--r-- | service/test/functional/features/smoke.feature | 9 | ||||
-rw-r--r-- | service/test/functional/features/steps/backup_account.py | 22 | ||||
-rw-r--r-- | service/test/functional/features/steps/login.py | 5 |
8 files changed, 110 insertions, 0 deletions
diff --git a/service/diagrams/backup_account.png b/service/diagrams/backup_account.png Binary files differnew file mode 100644 index 00000000..e3e6871b --- /dev/null +++ b/service/diagrams/backup_account.png diff --git a/service/diagrams/backup_account.txt b/service/diagrams/backup_account.txt new file mode 100644 index 00000000..661126f2 --- /dev/null +++ b/service/diagrams/backup_account.txt @@ -0,0 +1,37 @@ +title Backup Account Flow + +actor User + +User -> PixUA : backup email +note left + existing user adds backup email +end note + +PixUA -> SoledadClient +note right + generate recovery code + encrypt secret + save to secrets doc +end note + +SoledadClient -> PixUA: recovery code + +PixUA -> BonafideClient : recovery code +note right + generate salt and verifier +end note + +BonafideClient -> LeapWebapp : recovery code + +LeapWebapp -> BonafideClient +BonafideClient -> PixUA + +alt successful case + PixUA -> SoledadClient + note right: delete old recovery code + PixUA -> User : email with recovery code +else bonafide failure + PixUA -> SoledadClient + note right: delete new recovery code + PixUA -> User : error message +end diff --git a/service/diagrams/forgot_password.png b/service/diagrams/forgot_password.png Binary files differnew file mode 100644 index 00000000..37dea8fa --- /dev/null +++ b/service/diagrams/forgot_password.png diff --git a/service/diagrams/forgot_password.txt b/service/diagrams/forgot_password.txt new file mode 100644 index 00000000..2a303ddc --- /dev/null +++ b/service/diagrams/forgot_password.txt @@ -0,0 +1,35 @@ +title Forgot Password Flow + +actor User + +User -> PixUA : recovery code and new password + +PixUA -> BonafideClient : //handshake// +PixUA -> BonafideClient : recovery code and new password +note right + generate salt and verifier +end note + +BonafideClient -> LeapWebapp : recovery code and new password +note right + authenticate + save new password +end note + +LeapWebapp -> BonafideClient +BonafideClient -> PixUA + +alt successful case + PixUA -> SoledadClient : new password + note right : save secret with new password + SoledadClient -> PixUA + + alt successful case + PixUA -> User : confirmation page + note left: start backup account flow + else soledad failure + PixUA -> User : error message + end +else bonafide failure + PixUA -> User : error message +end diff --git a/service/test/functional/features/environment.py b/service/test/functional/features/environment.py index 821a762b..9f8507b2 100644 --- a/service/test/functional/features/environment.py +++ b/service/test/functional/features/environment.py @@ -54,11 +54,13 @@ def before_all(context): hostname = urlparse(context.host).hostname context.signup_url = 'https://{}/signup'.format(hostname) context.login_url = 'https://mail.{}/login'.format(hostname) + context.backup_account_url = 'https://mail.{}/backup-account'.format(hostname) context.username = 'testuser_{}'.format(uuid.uuid4()) if 'localhost' in context.host: _mock_user_agent(context) context.login_url = context.multi_user_url + '/login' + context.backup_account_url = context.single_user_url + '/backup-account' context.username = 'username' diff --git a/service/test/functional/features/smoke.feature b/service/test/functional/features/smoke.feature index 724c680c..1467baf9 100644 --- a/service/test/functional/features/smoke.feature +++ b/service/test/functional/features/smoke.feature @@ -34,3 +34,12 @@ Feature: sign up, login and logout Then I have mails When I logout Then I should see the login page + + Scenario: Existing user logs in and logs out from the header + Given a user is accessing the login page + When I enter username and password as credentials + And I click on the login button + Then I should see the fancy interstitial + Given I am on the backup account page + When I logout from the header + Then I should see the login page diff --git a/service/test/functional/features/steps/backup_account.py b/service/test/functional/features/steps/backup_account.py new file mode 100644 index 00000000..914309f2 --- /dev/null +++ b/service/test/functional/features/steps/backup_account.py @@ -0,0 +1,22 @@ +# +# Copyright (c) 2017 ThoughtWorks, Inc. +# +# Pixelated is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Pixelated is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with Pixelated. If not, see <http://www.gnu.org/licenses/>. + +from behave import given + + +@given(u'I am on the backup account page') +def backup_account_page(context): + context.browser.get(context.backup_account_url) diff --git a/service/test/functional/features/steps/login.py b/service/test/functional/features/steps/login.py index 9ce37370..2d7be259 100644 --- a/service/test/functional/features/steps/login.py +++ b/service/test/functional/features/steps/login.py @@ -48,6 +48,11 @@ def click_logout(context): find_element_by_css_selector(context, '#logout-form div').click() +@when(u'I logout from the header') +def click_logout(context): + find_element_by_css_selector(context, 'button[name="logout"]').click() + + @then(u'I should see the login page') def see_login_page(context): find_element_by_css_selector(context, 'form#login_form') |