jenkins-bot has submitted this change and it was merged.
Change subject: Logging in via LoginPage#login_with is a security risk
......................................................................
Logging in via LoginPage#login_with is a security risk
Log in via the API instead.
Bug: T127042
Change-Id: Ifa07019efa40511bfe3e138cbab0f17757fd30cd
---
M tests/browser/features/step_definitions/common_steps.rb
D tests/browser/features/support/pages/login_page.rb
2 files changed, 1 insertion(+), 18 deletions(-)
Approvals:
Hashar: Looks good to me, approved
jenkins-bot: Verified
diff --git a/tests/browser/features/step_definitions/common_steps.rb
b/tests/browser/features/step_definitions/common_steps.rb
index 9694777..4c5aacd 100644
--- a/tests/browser/features/step_definitions/common_steps.rb
+++ b/tests/browser/features/step_definitions/common_steps.rb
@@ -1,7 +1,7 @@
# Utility step definitions for common use across features
Given /^I am logged in as an? (.*?)$/ do |userType|
- as_user(userType) { visit(LoginPage).login_with(user, password) }
+ as_user(userType) { log_in }
end
# Check for link visibility within a section
diff --git a/tests/browser/features/support/pages/login_page.rb
b/tests/browser/features/support/pages/login_page.rb
deleted file mode 100644
index d859d04..0000000
--- a/tests/browser/features/support/pages/login_page.rb
+++ /dev/null
@@ -1,17 +0,0 @@
-class LoginPage
- include PageObject
-
- page_url "Special:UserLogin"
-
- button(:login, id: "wpLoginAttempt")
- text_field(:username, name: "wpName")
- text_field(:password, name: "wpPassword")
- div(:login_error, class: "errorbox")
-
- def login_with(username, password)
- self.username_element.when_present.clear
- self.username = username
- self.password = password
- login
- end
-end
--
To view, visit https://gerrit.wikimedia.org/r/271266
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Ifa07019efa40511bfe3e138cbab0f17757fd30cd
Gerrit-PatchSet: 2
Gerrit-Project: mediawiki/extensions/ZeroPortal
Gerrit-Branch: master
Gerrit-Owner: Zfilipin <[email protected]>
Gerrit-Reviewer: Dduvall <[email protected]>
Gerrit-Reviewer: Hashar <[email protected]>
Gerrit-Reviewer: Zfilipin <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
