diff --git a/cfl_common/common/csp_config.py b/cfl_common/common/csp_config.py index 1c06b5666..f28f91375 100644 --- a/cfl_common/common/csp_config.py +++ b/cfl_common/common/csp_config.py @@ -6,6 +6,7 @@ CSP_CONNECT_SRC = ( "'self'", "https://*.onetrust.com/", + "https://api.pwnedpasswords.com", "https://euc-widget.freshworks.com/", "https://codeforlife.freshdesk.com/", "https://api.iconify.design/", @@ -14,7 +15,7 @@ "https://www.google-analytics.com/", "https://pyodide-cdn2.iodide.io/v0.15.0/full/", "https://crowdin.com/", - f"wss://{MODULE_NAME}-aimmo.codeforlife.education/", + "" f"wss://{MODULE_NAME}-aimmo.codeforlife.education/", f"https://{MODULE_NAME}-aimmo.codeforlife.education/", ) CSP_FONT_SRC = ("'self'", "https://fonts.gstatic.com/", "https://fonts.googleapis.com/", "https://use.typekit.net/") @@ -22,6 +23,7 @@ "'self'", "'unsafe-inline'", "'unsafe-eval'", + "https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js", "https://cdn.crowdin.com/", "https://*.onetrust.com/", "https://code.jquery.com/", diff --git a/portal/helpers/password.py b/portal/helpers/password.py index 4a6d0fdee..11e454a9a 100644 --- a/portal/helpers/password.py +++ b/portal/helpers/password.py @@ -54,9 +54,7 @@ def password_test(self, password): f"Password not strong enough, consider using at least {minimum_password_length} characters and making it hard to guess." ) if is_password_pwned(password): - raise forms.ValidationError( - "Password has been found in a data breach, please choose a different password." - ) + raise forms.ValidationError("Password is too common, consider using a different password.") elif self is PasswordStrength.INDEPENDENT: minimum_password_length = 8 @@ -73,9 +71,7 @@ def password_test(self, password): "upper and lower case letters, and numbers and making it hard to guess." ) if is_password_pwned(password): - raise forms.ValidationError( - "Password has been found in a data breach, please choose a different password." - ) + raise forms.ValidationError("Password is too common, consider using a different password.") else: minimum_password_length = 10 if password and not password_strength_test( @@ -91,9 +87,7 @@ def password_test(self, password): "upper and lower case letters, numbers, special characters and making it hard to guess." ) if is_password_pwned(password): - raise forms.ValidationError( - "Password has been found in a data breach, please choose a different password." - ) + raise forms.ValidationError("Password is too common, consider using a different password.") return password diff --git a/portal/static/portal/js/passwordStrength.js b/portal/static/portal/js/passwordStrength.js index 82e528b32..d47530c7f 100644 --- a/portal/static/portal/js/passwordStrength.js +++ b/portal/static/portal/js/passwordStrength.js @@ -1,82 +1,130 @@ -var TEACHER_PASSWORD_FIELD_ID = ''; -var INDEP_STUDENT_PASSWORD_FIELD_ID = ''; -let teacher_password_field = ''; -let indep_student_password_field = ''; -let most_used_passwords = ['Abcd1234', 'Password1', 'Qwerty123']; - let password_strengths = [ - { name: 'No password!', colour: '#FF0000' }, - { name: 'Password too weak!', colour: '#DBA901' }, - { name: 'Strong password!', colour: '#088A08' }, - { name: 'Password too common!', colour: '#DBA901' } + { name: 'No password!', colour: '#FF0000' }, + { name: 'Password too weak!', colour: '#DBA901' }, + { name: 'Password too common!', colour: '#DBA901' }, + { name: 'Strong password!', colour: '#088A08' } ]; -$(function() { +async function handlePasswordStrength() { + const teacherPassword = $('#id_teacher_signup-teacher_password').val(); + const independentStudentPassword = $( + '#id_independent_student_signup-password' + ).val(); + + const isTeacherPasswordNonEmpty = teacherPassword.length > 0; + const isIndependentStudentPasswordNonEmpty = independentStudentPassword.length > 0; + + const isTeacherPasswordComplex = isPasswordStrong(teacherPassword, true) && isTeacherPasswordNonEmpty; + const isIndependentStudentPasswordComplex = isPasswordStrong(independentStudentPassword, false) && isIndependentStudentPasswordNonEmpty; + + const isTeacherPasswordNotPwned = await getPwnedStatus(teacherPassword) && isTeacherPasswordComplex; + const isIndependentStudentPasswordNotPwned = await getPwnedStatus(independentStudentPassword) && isIndependentStudentPasswordComplex; + + const teacherPasswordStrength = [isTeacherPasswordNonEmpty, isTeacherPasswordComplex, isTeacherPasswordNotPwned].filter(value => value).length; + const independentStudentPasswordStrength = [isIndependentStudentPasswordNonEmpty, isIndependentStudentPasswordComplex, isIndependentStudentPasswordNotPwned].filter(value => value).length; + + console.log(teacherPasswordStrength, independentStudentPasswordStrength) + console.log(password_strengths) + + $('#teacher-password-sign').css( + 'background-color', + password_strengths[teacherPasswordStrength].colour + ); + $('#teacher-password-text').html(password_strengths[teacherPasswordStrength].name); + $('#student-password-sign').css( + 'background-color', + password_strengths[independentStudentPasswordStrength].colour + ); + $('#student-password-text').html(password_strengths[independentStudentPasswordStrength].name); +} - teacher_password_field = $('#' + TEACHER_PASSWORD_FIELD_ID); - indep_student_password_field = $('#' + INDEP_STUDENT_PASSWORD_FIELD_ID); - setUpDynamicUpdates(teacher_password_field, true); - setUpDynamicUpdates(indep_student_password_field, false); +const getPwnedStatus = async (password) => { + const computeSHA1Hash = (password) => + CryptoJS.SHA1(password).toString().toUpperCase(); - updatePasswordStrength(true); - updatePasswordStrength(false); -}); + const doesSuffixExist = (data, suffix) => data.includes(suffix); -function setUpDynamicUpdates(password_field, isTeacher) { - password_field.on('keyup', function(){ - updatePasswordStrength(isTeacher) - }); - password_field.on('paste', function(){ - updatePasswordStrength(isTeacher) - }); - password_field.on('cut', function(){ - updatePasswordStrength(isTeacher) - }); -} + const calculateLevenshteinDistance = async (a, b) => { + if (a.length === 0) return b.length; + if (b.length === 0) return a.length; -function updatePasswordStrength(isTeacher) { - // The reason for the timeout is that if we just got $('#...').val() we'd get the - // old value before the keypress / change. Apparently even jQuery itself implements - // things this way, so maybe there is no better workaround. + const matrix = Array.from({ length: a.length + 1 }, (_, i) => [i]); + for (let j = 1; j <= b.length; j++) matrix[0][j] = j; - setTimeout(function() { - let password; + for (let i = 1; i <= a.length; i++) { + for (let j = 1; j <= b.length; j++) { + const cost = a[i - 1] === b[j - 1] ? 0 : 1; + matrix[i][j] = Math.min( + matrix[i - 1][j] + 1, // deletion + matrix[i][j - 1] + 1, // insertion + matrix[i - 1][j - 1] + cost // substitution + ); + } + } - if (isTeacher) { - password = $('#' + TEACHER_PASSWORD_FIELD_ID).val(); - } - else { - password = $('#' + INDEP_STUDENT_PASSWORD_FIELD_ID).val(); - } + return matrix[a.length][b.length]; + }; - let strength = 0; - if (password.length > 0) { strength++; } - if (isPasswordStrong(password, isTeacher)) { strength++; } + try { + const hashedPassword = computeSHA1Hash(password); + const prefix = hashedPassword.substring(0, 5); + const suffix = hashedPassword.substring(5); + const apiUrl = `https://api.pwnedpasswords.com/range/${prefix}`; - if ($.inArray(password, most_used_passwords) >= 0 && strength == 2) { strength = 3; } + const response = await fetch(apiUrl); - if (isTeacher) { - updatePasswordCSS('#teacher-password-sign', '#teacher-password-text', strength); - } - else { - updatePasswordCSS('#student-password-sign', '#student-password-text', strength); - } + if (!response.ok) { + return true; // ignore the check if the server is down as the popup warns + // the user that we cannot check the password + } - }); -} + const data = await response.text(); -function isPasswordStrong(password, isTeacher) { - if (isTeacher) { - return password.length >= 10 && !(password.search(/[A-Z]/) === -1 || password.search(/[a-z]/) === -1 || password.search(/[0-9]/) === -1 || password.search(/[!@#$%^&*()_+\-=\[\]{};':\"\\|,.<>\/?]/) === -1) + if (doesSuffixExist(data, suffix)) { + return false; } - else { - return password.length >= 8 && !(password.search(/[A-Z]/) === -1 || password.search(/[a-z]/) === -1 || password.search(/[0-9]/) === -1) + + const similarPasswords = data + .split('\n') + .map((line) => line.split(':')) + .filter( + ([hashSuffix]) => calculateLevenshteinDistance(suffix, hashSuffix) <= 2 + ); + + if (similarPasswords.length > 0) { + similarPasswords.forEach(([hashSuffix, count]) => + console.log(`Hash: ${hashSuffix}, Occurrences: ${count}`) + ); + } else { + return true; } -} + return true; + } catch (error) { + console.error(`Request failed with error: ${error.message}`); + return false; + } +}; -function updatePasswordCSS(passwordStrengthSign, passwordStrengthText, strength) { - $(passwordStrengthSign).css('background-color', password_strengths[strength].colour); - $(passwordStrengthText).html(password_strengths[strength].name); +function isPasswordStrong(password, isTeacher) { + if (isTeacher) { + return ( + password.length >= 10 && + !( + password.search(/[A-Z]/) === -1 || + password.search(/[a-z]/) === -1 || + password.search(/[0-9]/) === -1 || + password.search(/[!@#$%^&*()_+\-=\[\]{};':\"\\|,.<>\/?]/) === -1 + ) + ); + } else { + return ( + password.length >= 8 && + !( + password.search(/[A-Z]/) === -1 || + password.search(/[a-z]/) === -1 || + password.search(/[0-9]/) === -1 + ) + ); + } } - diff --git a/portal/templates/portal/base.html b/portal/templates/portal/base.html index 3aeb9cb13..e8fba462d 100644 --- a/portal/templates/portal/base.html +++ b/portal/templates/portal/base.html @@ -1,70 +1,77 @@ {% load static %} {% load app_tags %} - {% load sekizai_tags %} - - - {% render_block "css" %} - - {% block title %}Code for Life{% endblock %} - - - - {% include "common/onetrust_cookies_consent_notice.html" %} - - {% block head %} - {% endblock head %} - - {% block css %} - - - - - - - - - {% endblock css %} - - {% include "portal/tag_manager/tag_manager_head.html" %} - - - - - - - - - - - {% block check_user_status %} - + + + + + + + + + + {% block check_user_status %} + - {% endblock check_user_status %} - - {% block google_analytics %} - {% if request|is_production %} - - - + {% endblock check_user_status %} + {% block google_analytics %} + {% if request|is_production %} + + + - - - - + + + - {% endif %} - {% endblock google_analytics %} - - - -{% include "portal/tag_manager/tag_manager_body.html" %} -{% render_block "js" %} -{% include 'portal/mouseflow.html' %} - -
- - {% block contentWrapper %} -
- {% block topBar %} - {% include 'portal/partials/header.html' %} - {% endblock topBar %} - - {% block subNav %} - {% endblock subNav %} -
- {% if messages %} -
- {% for message in messages %} -
-
-
-
- {% if 'error' in message.tags or 'warning' in message.tags %} - error - {% else %} - info - {% endif %} -

- {% if 'safe' in message.tags %}{{ message|safe }}{% else %}{{ message }}{% endif %} -

- Close + + {% endif %} + {% endblock google_analytics %} + + + {% include "portal/tag_manager/tag_manager_body.html" %} + {% render_block "js" %} + {% include 'portal/mouseflow.html' %} +
+ {% block contentWrapper %} +
+ {% block topBar %} + {% include 'portal/partials/header.html' %} + {% endblock topBar %} + {% block subNav %} + {% endblock subNav %} +
+ {% if messages %} +
+ {% for message in messages %} +
+
+
+
+ {% if 'error' in message.tags or 'warning' in message.tags %} + error + {% else %} + info + {% endif %} +

+ {% if 'safe' in message.tags %} + {{ message|safe }} + {% else %} + {{ message }} + {% endif %} +

+ Close +
+
+
+
+ {% endfor %}
-
+ {% endif %}
-
- {% endfor %} -
- {% endif %} -
- - - {% block contentDiv %} -
- - {% block content %} - {% block base_new_content %}{% endblock %} - {% endblock content %} - -
- {% endblock contentDiv %} - -
-
- {% endblock contentWrapper %} - - {% if request.session.screentime_warning_timeout %} - {% include "portal/partials/screentime_popup.html" %} - - {% endif %} - - {% if request.session.last_request %} - {% include "portal/partials/session_popup.html" %} - + {% endif %} + {% if request.session.last_request %} + {% include "portal/partials/session_popup.html" %} + - {% endif %} - - {% block footer %} - {% include 'portal/partials/footer.html' %} - {% endblock footer %} -
- -
- -{% block scripts %} - + {% endif %} + {% block footer %} + {% include 'portal/partials/footer.html' %} + {% endblock footer %} +
+
+ {% block scripts %} + -{% include "common/freshdesk_widget.html" %} - + {% include "common/freshdesk_widget.html" %} + - + -{% endblock scripts %} - + + {% endblock scripts %} + diff --git a/portal/templates/portal/register.html b/portal/templates/portal/register.html index b6b200fe8..64d4f0f9d 100644 --- a/portal/templates/portal/register.html +++ b/portal/templates/portal/register.html @@ -1,187 +1,226 @@ {% extends 'portal/base.html' %} {% load static %} {% load app_tags %} - {% block content %} -
- -
-
-
-

Teacher/Tutor

-
-

Register below to create your school or club.

- You will have access to teaching resources, progress tracking and lesson plans - for both Rapid Router and Kurono. -
-
- - {% csrf_token %} - - {{ teacher_signup_form.non_field_errors }} -
- - {{ teacher_signup_form.teacher_first_name }} - {{ teacher_signup_form.teacher_first_name.help_text }} - {{ teacher_signup_form.teacher_first_name.errors }} -
-
- - {{ teacher_signup_form.teacher_last_name }} - {{ teacher_signup_form.teacher_last_name.help_text }} - {{ teacher_signup_form.teacher_last_name.errors }} -
-
- - {{ teacher_signup_form.teacher_email }} - {{ teacher_signup_form.teacher_email.help_text }} - {{ teacher_signup_form.teacher_email.errors }} -
-
-
-
- {{ teacher_signup_form.consent_ticked }} -
-

I am over 18 years old have read and understood the - Terms of use and the - Privacy notice.

-
-
-
- {% include 'portal/partials/register_newsletter_tickbox.html' with newsletter_ticked=teacher_signup_form.newsletter_ticked %} -
-
- -
- {{ teacher_signup_form.teacher_password }} -
- {{ teacher_signup_form.teacher_password.help_text }} - {{ teacher_signup_form.teacher_password.errors }} -
+ {% include "portal/partials/popup.html" %} + {% include "portal/partials/delete_popup.html" %} + {% include "portal/partials/invite_admin_teacher.html" %} +
+
+
+
+

Teacher/Tutor

- -
- {{ teacher_signup_form.teacher_confirm_password }} -
- {{ teacher_signup_form.teacher_confirm_password.help_text }} - {{ teacher_signup_form.teacher_confirm_password.errors }} -
- -
-
-
-
-
-
- -
{{ teacher_signup_form.captcha }}
-
- +

Register below to create your school or club.

+ You will have access to teaching resources, progress tracking and lesson plans + for both Rapid Router and Kurono.
- - -
-
- -
-
-

Independent learner

-
-

Register below if you are not part of a school or club and wish to set up a home - learning account.

- You will have access to learning resources for Rapid Router. -
- -
- - {% csrf_token %} - -
- {{ independent_student_signup_form.date_of_birth.help_text }} -
- {{ independent_student_signup_form.date_of_birth }} + + {% csrf_token %} + {{ teacher_signup_form.non_field_errors }} +
+ + {{ teacher_signup_form.teacher_first_name }} + {{ teacher_signup_form.teacher_first_name.help_text }} + {{ teacher_signup_form.teacher_first_name.errors }}
-
- {{ independent_student_signup_form.date_of_birth.errors }} - -
- {{ independent_student_signup_form.non_field_errors }}
- - {{ independent_student_signup_form.name }} - {{ independent_student_signup_form.name.help_text }} - {{ independent_student_signup_form.name.errors }} + + {{ teacher_signup_form.teacher_last_name }} + {{ teacher_signup_form.teacher_last_name.help_text }} + {{ teacher_signup_form.teacher_last_name.errors }}
- - {{ independent_student_signup_form.email }} - {{ independent_student_signup_form.email.help_text }} - {{ independent_student_signup_form.email.errors }} + + {{ teacher_signup_form.teacher_email }} + {{ teacher_signup_form.teacher_email.help_text }} + {{ teacher_signup_form.teacher_email.errors }}
-
+
-
- {{ independent_student_signup_form.consent_ticked }} -
-
{{ teacher_signup_form.consent_ticked }}
+

+ I am over 18 years old have read and understood the Terms of use and the - Privacy notice.

- + Privacy notice. +

-
- {% include 'portal/partials/register_newsletter_tickbox.html' with newsletter_ticked=independent_student_signup_form.newsletter_ticked %} -
- -
- We will send your parent/guardian an email to ask them to activate the account - for you. Once they've done this you'll be able to log in using your name and password. +
+ {% include 'portal/partials/register_newsletter_tickbox.html' with newsletter_ticked=teacher_signup_form.newsletter_ticked %}
-
- +
- {{ independent_student_signup_form.password }} + {{ teacher_signup_form.teacher_password }}
- {{ independent_student_signup_form.password.help_text }} - {{ independent_student_signup_form.password.errors }} + {{ teacher_signup_form.teacher_password.help_text }} + {{ teacher_signup_form.teacher_password.errors }}
-
- +
- {{ independent_student_signup_form.confirm_password }} + {{ teacher_signup_form.teacher_confirm_password }}
- {{ independent_student_signup_form.confirm_password.help_text }} - {{ independent_student_signup_form.confirm_password.errors }} + {{ teacher_signup_form.teacher_confirm_password.help_text }} + {{ teacher_signup_form.teacher_confirm_password.errors }}
-
-
-
+
+
- -
{{ independent_student_signup_form.captcha }}
+
{{ teacher_signup_form.captcha }}
- +
+ +
+
+
+
+

Independent learner

+
+

+ Register below if you are not part of a school or club and wish to set up a home + learning account. +

+ You will have access to learning resources for Rapid Router.
- +
+ {% csrf_token %} +
+ {{ independent_student_signup_form.date_of_birth.help_text }} +
+ {{ independent_student_signup_form.date_of_birth }} +
+
+ {{ independent_student_signup_form.date_of_birth.errors }} +
+ {{ independent_student_signup_form.non_field_errors }} +
+ + {{ independent_student_signup_form.name }} + {{ independent_student_signup_form.name.help_text }} + {{ independent_student_signup_form.name.errors }} +
+
+ + {{ independent_student_signup_form.email }} + {{ independent_student_signup_form.email.help_text }} + {{ independent_student_signup_form.email.errors }} +
+
+
+
+ {{ independent_student_signup_form.consent_ticked }} +
+ + +
+
+
+ {% include 'portal/partials/register_newsletter_tickbox.html' with newsletter_ticked=independent_student_signup_form.newsletter_ticked %} +
+
+ We will send your parent/guardian an email to ask them to activate the account + for you. Once they've done this you'll be able to log in using your name and password. +
+
+ +
+ {{ independent_student_signup_form.password }} +
+ {{ independent_student_signup_form.password.help_text }} + {{ independent_student_signup_form.password.errors }} +
+
+ +
+ {{ independent_student_signup_form.confirm_password }} +
+ {{ independent_student_signup_form.confirm_password.help_text }} + {{ independent_student_signup_form.confirm_password.errors }} +
+
+
+
+
+
+
+
+
+
+ {{ independent_student_signup_form.captcha }} +
+
+ +
+
+
+
-
- - - - + + + - + async function isPwnedPasswordApiAvailable(url) { + try { + const response = await fetch(url, {metheod: 'GET'}) + return response.ok; + } + catch (error) { + console.error(error) + return false; + } + } + async function handlePwnedPasswordApiAvailability() { + const url = 'https://api.pwnedpasswords.com/range/00000'; + const isAvailable = await isPwnedPasswordApiAvailable(url); + const errorTitle = 'Password Leak Verification Unavailable'; + const errorMessage = "We were unable to verify if the password you entered was involved in any known password leaks. For your account's security, please ensure that you choose a strong and unique password, avoiding commonly used passwords."; + if (!isAvailable) { + showPopupConfirmation(errorTitle, errorMessage, 'hidePopupConfirmation()') + } + } + handlePwnedPasswordApiAvailability() + handlePasswordStrength(); // the password strength text is updated dynamically hence this is the initial first call + $(document).ready(function() { + $('#id_teacher_signup-teacher_password, #id_independent_student_signup-password').on('input change focus blur', handlePasswordStrength); + +}); + {% endblock content %} diff --git a/portal/tests/cypress/integration/independentStudent.spec.js b/portal/tests/cypress/integration/independentStudent.spec.js index 4d6841ded..97b781574 100644 --- a/portal/tests/cypress/integration/independentStudent.spec.js +++ b/portal/tests/cypress/integration/independentStudent.spec.js @@ -1,25 +1,43 @@ /// -import { testMultipleLoginSessions } from "../support/multipleLoginSessionsTester.ts"; -import { testRegistration } from "../support/registrationTester.ts"; +import { testMultipleLoginSessions } from '../support/multipleLoginSessionsTester.ts'; +import { testRegistration } from '../support/registrationTester.ts'; -describe("Independent student", () => { - it("cannot login from multiple sessions", () => { - testMultipleLoginSessions(cy.loginAsIndependentStudent, "/play/"); +describe('Independent student', () => { + it('cannot login from multiple sessions', () => { + testMultipleLoginSessions(cy.loginAsIndependentStudent, '/play/'); }); - it("cannot register with invalid data", () => { - const PASSWORD_TOO_WEAK_MESSAGE = `Password not strong enough, consider using at least 8 characters, upper and lower case letters, and numbers and making it hard to guess.` - const PASSWORD_DO_NOT_MATCH_MESSAGE = `Your passwords do not match` - const INVALID_NAME_MESSAGE = `Names may only contain letters, numbers, dashes, underscores, and spaces.` + it('cannot register with invalid data', () => { + const PASSWORD_TOO_WEAK_MESSAGE = `Password not strong enough, consider using at least 8 characters, upper and lower case letters, and numbers and making it hard to guess.`; + const PASSWORD_DO_NOT_MATCH_MESSAGE = `Your passwords do not match`; + const PASSWORD_TOO_COMMON_MESSAGE = `Password is too common, consider using a different password.`; + const INVALID_NAME_MESSAGE = `Names may only contain letters, numbers, dashes, underscores, and spaces.`; - testRegistration(cy.signupAsIndependentStudent,["Test Name", "test@email.com", "pass", "pass"], - false, PASSWORD_TOO_WEAK_MESSAGE); + testRegistration( + cy.signupAsIndependentStudent, + ['Test Name', 'test@email.com', 'pass', 'pass'], + false, + PASSWORD_TOO_WEAK_MESSAGE + ); - testRegistration(cy.signupAsIndependentStudent,["Test Name", "test@email.com", "£EDCVFR$5tgb", "%TGBNHY^7ujm"], - false, PASSWORD_DO_NOT_MATCH_MESSAGE); - - testRegistration(cy.signupAsIndependentStudent,["///", "test@email.com", "£EDCVFR$5tgb", "£EDCVFR$5tgb"], - false, INVALID_NAME_MESSAGE); + testRegistration( + cy.signupAsIndependentStudent, + ['Test Name', 'test@email.com', '£EDCVFR$5tgb', '%TGBNHY^7ujm'], + false, + PASSWORD_DO_NOT_MATCH_MESSAGE + ); + testRegistration( + cy.signupAsIndependentStudent, + ['Test Name', 'Password123$', 'Password123$'], + false, + PASSWORD_TOO_COMMON_MESSAGE + ); + testRegistration( + cy.signupAsIndependentStudent, + ['///', 'test@email.com', '£EDCVFR$5tgb', '£EDCVFR$5tgb'], + false, + INVALID_NAME_MESSAGE + ); }); }); diff --git a/portal/tests/cypress/integration/teacher.spec.js b/portal/tests/cypress/integration/teacher.spec.js index 6f73453d3..94bb0e41b 100644 --- a/portal/tests/cypress/integration/teacher.spec.js +++ b/portal/tests/cypress/integration/teacher.spec.js @@ -1,7 +1,7 @@ /// -import { testMultipleLoginSessions } from "../support/multipleLoginSessionsTester.ts"; -import { testRegistration } from "../support/registrationTester.ts"; +import { testMultipleLoginSessions } from '../support/multipleLoginSessionsTester.ts'; +import { testRegistration } from '../support/registrationTester.ts'; import { createClass, createStudent, @@ -9,55 +9,63 @@ import { deleteAllStudents, goToClassSettings, editClassSettings, - transferClass, -} from "../support/classTester.ts"; + transferClass +} from '../support/classTester.ts'; -describe("Teacher", () => { - it("cannot login from multiple sessions", () => { - testMultipleLoginSessions(cy.loginAsDefaultTeacher, "/teach/dashboard/"); +describe('Teacher', () => { + it('cannot login from multiple sessions', () => { + testMultipleLoginSessions(cy.loginAsDefaultTeacher, '/teach/dashboard/'); }); - it("cannot register with invalid data", () => { + it('cannot register with invalid data', () => { const PASSWORD_TOO_WEAK_MESSAGE = `Password not strong enough, consider using at least 10 characters, upper and lower case letters, numbers, special characters and making it hard to guess.`; const PASSWORD_DO_NOT_MATCH_MESSAGE = `The password and the confirmation password do not match`; + const PASSWORD_TOO_COMMON_MESSAGE = `Password is too common, consider using a different password.`; testRegistration( cy.signupAsTeacher, - ["Test Name", "Test Last Name", "test@email.com", "pass", "pass"], + ['Test Name', 'Test Last Name', 'test@email.com', 'pass', 'pass'], false, PASSWORD_TOO_WEAK_MESSAGE ); + testRegistration( + cy.signupAsTeacher, + ['Test Name', 'Test Last Name', 'Password123$', 'Password123$'], + false, + PASSWORD_TOO_COMMON_MESSAGE + ); + testRegistration( cy.signupAsTeacher, [ - "Test Name", - "Test Last Name", - "test@email.com", - "StrongPassword1!", - "StrongPassword2!", + 'Test Name', + 'Test Last Name', + 'test@email.com', + 'StrongPassword1!', + 'StrongPassword2!' ], false, PASSWORD_DO_NOT_MATCH_MESSAGE ); }); - it("can delete a class only when empty", () => { + it('can delete a class only when empty', () => { // Login as Portaladmin - cy.loginAsSuperuser("codeforlife-portal@ocado.com", "abc123"); + cy.loginAsSuperuser('codeforlife-portal@ocado.com', 'abc123'); - cy.get("#tab-classes").click(); + cy.get('#tab-classes').click(); createClass(); createStudent(); - cy.get("#back_to_class_button").click(); + cy.get('#back_to_class_button').click(); // Try to delete class deleteClass(); - cy.get("#messages").should("be.visible"); - cy.get("#messages").should( - "contain.text", + cy.get('#messages').should('be.visible'); + cy.get('#messages').should( + 'contain.text', `This class still has students, please remove or delete them all before deleting the class.` ); @@ -66,102 +74,102 @@ describe("Teacher", () => { deleteClass(); // Check class no longer exists - cy.get("#classes-table").should("not.contain.text", `Test Class`); + cy.get('#classes-table').should('not.contain.text', `Test Class`); cy.logout(); }); - it("can edit a class", () => { + it('can edit a class', () => { // Login as Portaladmin - cy.loginAsSuperuser("codeforlife-portal@ocado.com", "abc123"); + cy.loginAsSuperuser('codeforlife-portal@ocado.com', 'abc123'); - cy.get("#tab-classes").click(); + cy.get('#tab-classes').click(); createClass(); goToClassSettings(); // Check class settings - cy.get("#id_name").invoke("val").should("equal", "Test Class"); - cy.get("#id_classmate_progress").should("not.be.checked"); - cy.get(".container").should( - "contain.text", + cy.get('#id_name').invoke('val').should('equal', 'Test Class'); + cy.get('#id_classmate_progress').should('not.be.checked'); + cy.get('.container').should( + 'contain.text', `This class is not currently accepting external requests.` ); - editClassSettings("New Test Class", true, "1000"); + editClassSettings('New Test Class', true, '1000'); goToClassSettings(); // Check new class settings - cy.get("#id_name").invoke("val").should("equal", "New Test Class"); - cy.get("#id_classmate_progress").should("be.checked"); - cy.get(".container").should( - "contain.text", + cy.get('#id_name').invoke('val').should('equal', 'New Test Class'); + cy.get('#id_classmate_progress').should('be.checked'); + cy.get('.container').should( + 'contain.text', `This class is currently set to always accept requests.` ); - cy.get("#return_to_class_button").click(); + cy.get('#return_to_class_button').click(); // Cleanup deleteClass(); // Check class no longer exists - cy.get("#classes-table").should("not.contain.text", `Test Class`); + cy.get('#classes-table').should('not.contain.text', `Test Class`); cy.logout(); }); - it("can transfer a class", () => { + it('can transfer a class', () => { // Login as Portaladmin - cy.loginAsSuperuser("codeforlife-portal@ocado.com", "abc123"); + cy.loginAsSuperuser('codeforlife-portal@ocado.com', 'abc123'); - cy.get("#tab-classes").click(); + cy.get('#tab-classes').click(); createClass(); createStudent(); - cy.get("#back_to_class_button").click(); + cy.get('#back_to_class_button').click(); goToClassSettings(); // Transfer class to Max Planck - transferClass("2"); + transferClass('2'); cy.logout(); // Login as Max Planck - cy.loginAsSuperuser("maxplanck@codeforlife.com", "Password1"); + cy.loginAsSuperuser('maxplanck@codeforlife.com', 'Password1'); // Check class and student exist - cy.get("#tab-classes").click(); - cy.get("#classes-table").should("contain.text", `Test Class`); + cy.get('#tab-classes').click(); + cy.get('#classes-table').should('contain.text', `Test Class`); cy.get('[href^="/teach/class/"]').last().click(); - cy.get("#student_table").should("contain.text", `Test Student`); + cy.get('#student_table').should('contain.text', `Test Student`); // Cleanup deleteAllStudents(); deleteClass(); // Check class no longer exists - cy.get("#classes-table").should("not.contain.text", `Test Class`); + cy.get('#classes-table').should('not.contain.text', `Test Class`); cy.logout(); }); - it("cannot see an anonymised teacher in dashboard", () => { - const teacherEmail = "teacher.to.be.deleted2@codeforlife.com"; // from teachersToBeDeleted fixture - const teacherName = "Teacher To Be Deleted 2"; + it('cannot see an anonymised teacher in dashboard', () => { + const teacherEmail = 'teacher.to.be.deleted2@codeforlife.com'; // from teachersToBeDeleted fixture + const teacherName = 'Teacher To Be Deleted 2'; // Login as default teacher and check the teacher is in the teachers table cy.loginAsDefaultTeacher(); - cy.get("#teachers_table").should("contain.text", teacherName); + cy.get('#teachers_table').should('contain.text', teacherName); cy.logout(); // Login as Portaladmin, go to admin site and anonymise teacher - cy.loginAsSuperuser("codeforlife-portal@ocado.com", "abc123"); - cy.visit("administration/"); + cy.loginAsSuperuser('codeforlife-portal@ocado.com', 'abc123'); + cy.visit('administration/'); cy.anonymiseUser(teacherEmail); cy.adminLogout(); // Login as default teacher again and check the teacher is not there now cy.loginAsDefaultTeacher(); - cy.get("#teachers_table").should("not.contain", teacherName); - cy.get("#teachers_table").should("not.contain", "Deleted User"); + cy.get('#teachers_table').should('not.contain', teacherName); + cy.get('#teachers_table').should('not.contain', 'Deleted User'); }); });