mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-18 10:09:59 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
de76dc72d4e7034ef4c0e8d9da3fcb3e47f21668
opencloud/tests/acceptance/features/apiGraph/changeOwnPassword.feature
Ralf Haferkamp 29f52515e1 graph: Fix Status code when updating the password 
Up to now the /me/changePassword endpoint return a 500 Status when
issue a password change with the old password set to the wrong password.
This changes the code to return 400 (Bad Request) with an additional
message that the old password is wrong. This does not seem to weaken the
security of /me/changePassword (i.e. for allowing easier brute-force
attacks) as the endpoint is only available to already authenticated
users (and only for changing their own passwords)

See #4480
2022-09-05 15:57:46 +02:00

18 lines
858 B
Gherkin
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
@api
Feature: an user changes its own password
Scenario Outline: change own password
Given user "Alice" has been created with default attributes and without skeleton files
When the user "Alice" changes its own password "<currentPassword>" to "<newPassword>" using the Graph API
Then the HTTP status code should be "<code>"
Examples:
| currentPassword | newPassword | code |
| 123456 | validPass | 204 |
| 123456 | кириллица | 204 |
| 123456 | | 204 |
| 123456 | ?&^%0 | 204 |
| 123456 | | 400 |
| 123456 | 123456 | 400 |
| wrongPass | 123456 | 400 |
| | validPass | 400 |
Reference in New Issue View Git Blame Copy Permalink