add: user client certificate must have a verification within <=24 months

[gigi.git] / tests / club / wpia / gigi / pages / account / TestCertificateRequest.java

diff --git a/tests/club/wpia/gigi/pages/account/TestCertificateRequest.java b/tests/club/wpia/gigi/pages/account/TestCertificateRequest.java
index da580ccf48cae58a5d4aac3db449dc5cb553266b..372f2bfaba86144d4023d921a38e5d115ac71d3a 100644 (file)
--- a/tests/club/wpia/gigi/pages/account/TestCertificateRequest.java
+++ b/tests/club/wpia/gigi/pages/account/TestCertificateRequest.java
@@ -15,8 +15,8 @@ import club.wpia.gigi.database.GigiPreparedStatement;
 import club.wpia.gigi.dbObjects.EmailAddress;
 import club.wpia.gigi.dbObjects.Group;
 import club.wpia.gigi.pages.account.certs.CertificateRequest;
+import club.wpia.gigi.testUtils.ClientBusinessTest;
 import club.wpia.gigi.testUtils.ClientTest;
-import club.wpia.gigi.testUtils.TestEmailReceiver.TestMail;
 import club.wpia.gigi.util.AuthorizationContext;
 import club.wpia.gigi.util.TimeConditions;
 
@@ -27,7 +27,7 @@ public class TestCertificateRequest extends ClientTest {
     AuthorizationContext ac;
 
     public TestCertificateRequest() throws GeneralSecurityException, IOException, GigiApiException {
-        ac = new AuthorizationContext(u, u);
+        ac = new AuthorizationContext(u, u, false);
         makeAgent(u.getId());
     }
 
@@ -95,8 +95,8 @@ public class TestCertificateRequest extends ClientTest {
     public void testPingPeriodOneAddress() throws IOException, GeneralSecurityException, GigiApiException {
         // get new email address with last ping in past
         String furtherEmail = createUniqueName() + "@example.org";
-        EmailAddress ea = new EmailAddress(u, furtherEmail, Locale.ENGLISH);
-        TestMail mail = getMailReceiver().receive(furtherEmail);
+        new EmailAddress(u, furtherEmail, Locale.ENGLISH);
+        getMailReceiver().receive(furtherEmail);
         try (GigiPreparedStatement stmt = new GigiPreparedStatement("UPDATE `emailPinglog` SET `status`='success'::`pingState`, `when` = (now() - interval '1 months' * ?::INTEGER) WHERE `email`=? ")) {
             stmt.setInt(1, TimeConditions.getInstance().getEmailPingMonths());
             stmt.setString(2, furtherEmail);
@@ -109,7 +109,7 @@ public class TestCertificateRequest extends ClientTest {
             cr.draft();
             fail();
         } catch (GigiApiException e) {
-            assertThat(e.getMessage(), containsString("needs an email ping within the past"));
+            assertThat(e.getMessage(), containsString("needs a verification via email ping within the past"));
         }
 
     }
@@ -118,8 +118,8 @@ public class TestCertificateRequest extends ClientTest {
     public void testPingPeriodTwoAddresses() throws IOException, GeneralSecurityException, GigiApiException {
         // get new email address with last ping in past
         String furtherEmail = createUniqueName() + "@example.org";
-        EmailAddress ea = new EmailAddress(u, furtherEmail, Locale.ENGLISH);
-        TestMail mail = getMailReceiver().receive(furtherEmail);
+        new EmailAddress(u, furtherEmail, Locale.ENGLISH);
+        getMailReceiver().receive(furtherEmail);
         try (GigiPreparedStatement stmt = new GigiPreparedStatement("UPDATE `emailPinglog` SET `status`='success'::`pingState`, `when` = (now() - interval '1 months' * ?::INTEGER) WHERE `email`=? ")) {
             stmt.setInt(1, TimeConditions.getInstance().getEmailPingMonths());
             stmt.setString(2, furtherEmail);
@@ -132,7 +132,22 @@ public class TestCertificateRequest extends ClientTest {
             cr.draft();
             fail();
         } catch (GigiApiException e) {
-            assertThat(e.getMessage(), containsString("needs an email ping within the past"));
+            assertThat(e.getMessage(), containsString("needs a verification via email ping within the past"));
+        }
+
+    }
+
+    @Test
+    public void testVerificationInPast() throws IOException, GeneralSecurityException, GigiApiException {
+
+        ClientBusinessTest.setVerificationDateToPast(u.getPreferredName());
+        try {
+            CertificateRequest cr = new CertificateRequest(ac, generatePEMCSR(kp, "CN=a ab"));
+            cr.update(u.getPreferredName().toString(), "SHA512", "client-a", null, null, "email:" + email);
+            cr.draft();
+            fail();
+        } catch (GigiApiException e) {
+            assertThat(e.getMessage(), containsString("The entered name needs a valid verification within the last"));
         }
 
     }