subject:"\[MediaWiki\-commits\] \[Gerrit\] Logging in via LoginPage#login_with is a security risk \- change \(mediawiki...ZeroPortal\)"

[MediaWiki-commits] [Gerrit] Logging in via LoginPage#login_with is a security risk - change (mediawiki...ZeroPortal)

2016-02-17 Thread jenkins-bot (Code Review)

jenkins-bot has submitted this change and it was merged.

Change subject: Logging in via LoginPage#login_with is a security risk
..


Logging in via LoginPage#login_with is a security risk

Log in via the API instead.

Bug: T127042
Change-Id: Ifa07019efa40511bfe3e138cbab0f17757fd30cd
---
M tests/browser/features/step_definitions/common_steps.rb
D tests/browser/features/support/pages/login_page.rb
2 files changed, 1 insertion(+), 18 deletions(-)

Approvals:
  Hashar: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/tests/browser/features/step_definitions/common_steps.rb 
b/tests/browser/features/step_definitions/common_steps.rb
index 9694777..4c5aacd 100644
--- a/tests/browser/features/step_definitions/common_steps.rb
+++ b/tests/browser/features/step_definitions/common_steps.rb
@@ -1,7 +1,7 @@
 # Utility step definitions for common use across features
 
 Given /^I am logged in as an? (.*?)$/ do |userType|
-  as_user(userType) { visit(LoginPage).login_with(user, password) }
+  as_user(userType) { log_in }
 end
 
 # Check for link visibility within a section
diff --git a/tests/browser/features/support/pages/login_page.rb 
b/tests/browser/features/support/pages/login_page.rb
deleted file mode 100644
index d859d04..000
--- a/tests/browser/features/support/pages/login_page.rb
+++ /dev/null
@@ -1,17 +0,0 @@
-class LoginPage
-  include PageObject
-
-  page_url "Special:UserLogin"
-
-  button(:login, id: "wpLoginAttempt")
-  text_field(:username, name: "wpName")
-  text_field(:password, name: "wpPassword")
-  div(:login_error, class: "errorbox")
-
-  def login_with(username, password)
-self.username_element.when_present.clear
-self.username = username
-self.password = password
-login
-  end
-end

-- 
To view, visit https://gerrit.wikimedia.org/r/271266
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Ifa07019efa40511bfe3e138cbab0f17757fd30cd
Gerrit-PatchSet: 2
Gerrit-Project: mediawiki/extensions/ZeroPortal
Gerrit-Branch: master
Gerrit-Owner: Zfilipin 
Gerrit-Reviewer: Dduvall 
Gerrit-Reviewer: Hashar 
Gerrit-Reviewer: Zfilipin 
Gerrit-Reviewer: jenkins-bot <>

___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] Logging in via LoginPage#login_with is a security risk - change (mediawiki...ZeroPortal)

2016-02-17 Thread Zfilipin (Code Review)

Zfilipin has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/271266

Change subject: Logging in via LoginPage#login_with is a security risk
..

Logging in via LoginPage#login_with is a security risk

Log in via the API instead.

Bug: T127042
Change-Id: Ifa07019efa40511bfe3e138cbab0f17757fd30cd
---
M tests/browser/features/step_definitions/common_steps.rb
D tests/browser/features/support/pages/login_page.rb
2 files changed, 1 insertion(+), 18 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/ZeroPortal 
refs/changes/66/271266/1

diff --git a/tests/browser/features/step_definitions/common_steps.rb 
b/tests/browser/features/step_definitions/common_steps.rb
index 9694777..4c5aacd 100644
--- a/tests/browser/features/step_definitions/common_steps.rb
+++ b/tests/browser/features/step_definitions/common_steps.rb
@@ -1,7 +1,7 @@
 # Utility step definitions for common use across features
 
 Given /^I am logged in as an? (.*?)$/ do |userType|
-  as_user(userType) { visit(LoginPage).login_with(user, password) }
+  as_user(userType) { log_in }
 end
 
 # Check for link visibility within a section
diff --git a/tests/browser/features/support/pages/login_page.rb 
b/tests/browser/features/support/pages/login_page.rb
deleted file mode 100644
index d859d04..000
--- a/tests/browser/features/support/pages/login_page.rb
+++ /dev/null
@@ -1,17 +0,0 @@
-class LoginPage
-  include PageObject
-
-  page_url "Special:UserLogin"
-
-  button(:login, id: "wpLoginAttempt")
-  text_field(:username, name: "wpName")
-  text_field(:password, name: "wpPassword")
-  div(:login_error, class: "errorbox")
-
-  def login_with(username, password)
-self.username_element.when_present.clear
-self.username = username
-self.password = password
-login
-  end
-end

-- 
To view, visit https://gerrit.wikimedia.org/r/271266
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Ifa07019efa40511bfe3e138cbab0f17757fd30cd
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/ZeroPortal
Gerrit-Branch: master
Gerrit-Owner: Zfilipin 

___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] Logging in via LoginPage#login_with is a security risk - change (mediawiki...ZeroPortal)

[MediaWiki-commits] [Gerrit] Logging in via LoginPage#login_with is a security risk - change (mediawiki...ZeroPortal)

2 matches

Site Navigation

Mail list logo

Footer information