[MediaWiki-commits] [Gerrit] Logging in via LoginPage#login_with is a security risk - change (mediawiki...ZeroPortal)
jenkins-bot has submitted this change and it was merged. Change subject: Logging in via LoginPage#login_with is a security risk .. Logging in via LoginPage#login_with is a security risk Log in via the API instead. Bug: T127042 Change-Id: Ifa07019efa40511bfe3e138cbab0f17757fd30cd --- M tests/browser/features/step_definitions/common_steps.rb D tests/browser/features/support/pages/login_page.rb 2 files changed, 1 insertion(+), 18 deletions(-) Approvals: Hashar: Looks good to me, approved jenkins-bot: Verified diff --git a/tests/browser/features/step_definitions/common_steps.rb b/tests/browser/features/step_definitions/common_steps.rb index 9694777..4c5aacd 100644 --- a/tests/browser/features/step_definitions/common_steps.rb +++ b/tests/browser/features/step_definitions/common_steps.rb @@ -1,7 +1,7 @@ # Utility step definitions for common use across features Given /^I am logged in as an? (.*?)$/ do |userType| - as_user(userType) { visit(LoginPage).login_with(user, password) } + as_user(userType) { log_in } end # Check for link visibility within a section diff --git a/tests/browser/features/support/pages/login_page.rb b/tests/browser/features/support/pages/login_page.rb deleted file mode 100644 index d859d04..000 --- a/tests/browser/features/support/pages/login_page.rb +++ /dev/null @@ -1,17 +0,0 @@ -class LoginPage - include PageObject - - page_url "Special:UserLogin" - - button(:login, id: "wpLoginAttempt") - text_field(:username, name: "wpName") - text_field(:password, name: "wpPassword") - div(:login_error, class: "errorbox") - - def login_with(username, password) -self.username_element.when_present.clear -self.username = username -self.password = password -login - end -end -- To view, visit https://gerrit.wikimedia.org/r/271266 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: Ifa07019efa40511bfe3e138cbab0f17757fd30cd Gerrit-PatchSet: 2 Gerrit-Project: mediawiki/extensions/ZeroPortal Gerrit-Branch: master Gerrit-Owner: ZfilipinGerrit-Reviewer: Dduvall Gerrit-Reviewer: Hashar Gerrit-Reviewer: Zfilipin Gerrit-Reviewer: jenkins-bot <> ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
[MediaWiki-commits] [Gerrit] Logging in via LoginPage#login_with is a security risk - change (mediawiki...ZeroPortal)
Zfilipin has uploaded a new change for review. https://gerrit.wikimedia.org/r/271266 Change subject: Logging in via LoginPage#login_with is a security risk .. Logging in via LoginPage#login_with is a security risk Log in via the API instead. Bug: T127042 Change-Id: Ifa07019efa40511bfe3e138cbab0f17757fd30cd --- M tests/browser/features/step_definitions/common_steps.rb D tests/browser/features/support/pages/login_page.rb 2 files changed, 1 insertion(+), 18 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/ZeroPortal refs/changes/66/271266/1 diff --git a/tests/browser/features/step_definitions/common_steps.rb b/tests/browser/features/step_definitions/common_steps.rb index 9694777..4c5aacd 100644 --- a/tests/browser/features/step_definitions/common_steps.rb +++ b/tests/browser/features/step_definitions/common_steps.rb @@ -1,7 +1,7 @@ # Utility step definitions for common use across features Given /^I am logged in as an? (.*?)$/ do |userType| - as_user(userType) { visit(LoginPage).login_with(user, password) } + as_user(userType) { log_in } end # Check for link visibility within a section diff --git a/tests/browser/features/support/pages/login_page.rb b/tests/browser/features/support/pages/login_page.rb deleted file mode 100644 index d859d04..000 --- a/tests/browser/features/support/pages/login_page.rb +++ /dev/null @@ -1,17 +0,0 @@ -class LoginPage - include PageObject - - page_url "Special:UserLogin" - - button(:login, id: "wpLoginAttempt") - text_field(:username, name: "wpName") - text_field(:password, name: "wpPassword") - div(:login_error, class: "errorbox") - - def login_with(username, password) -self.username_element.when_present.clear -self.username = username -self.password = password -login - end -end -- To view, visit https://gerrit.wikimedia.org/r/271266 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ifa07019efa40511bfe3e138cbab0f17757fd30cd Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/extensions/ZeroPortal Gerrit-Branch: master Gerrit-Owner: Zfilipin___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits