Uploaded image for project: 'AdMaxLocal'
  1. AdMaxLocal
  2. AML-1497

Disabled users are able to reset the password successfully.

          Details

          • Type: Bug
          • Status: Open
          • Priority: Minor
          • Resolution: Unresolved
          • Affects Version/s: 2.1.0
          • Fix Version/s: All Time Backlog
          • Component/s: Security Framework
          • Labels:
            None
          • Environment:

            QA environment 1

            · Reseller UI - RC1 Build 6
            · Merchant UI - RC1 Build 6
            · Admin UI - Build 15
            · Core - 2.1.0 Build 1
            · BidMgr - 2.1.0 Build 1

          • Sprint:
            High Priority

            Description

            Steps:

            1. Create a user

            groovy create-user.groovy -ah http://aq-qa-tomcat1:8080/sapi/rest/ -cu atulsanagar@rediffmail.com -cp Testing123 -cr qaamlntttest -u atul.sanagartsa@gmail.com -ll TRACE -d "Atul test token timeout " -ra qaamlntttest

            2.Activate the user

            mysql> select * from users where email like '%atul.sanagartsa@%';
            -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

            id realm_id type first_name last_name display description created_on created_by modified_on modified_by active password salt organization language country timezone gender birthday login email homepage home_phone work_phone mobile_phone

            -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

            559e1eae-a50f-4120-9e22-6757593652a4 com.thesearchagency/9abef394-494c-482c-83b4-e9256785bfee P NULL NULL Atul test token timeout   2013-05-06 06:37:06 bb7483ae-1eae-4513-9412-1917cb635a9f 2013-05-06 06:37:06 bb7483ae-1eae-4513-9412-1917cb635a9f T 826f4896a08ba2d19d908efbe87bb0d54d451af76dec7a8a6013628737c45d3d04bf12e1f28cc3aa00550be4196656724694e49640c4400beee3cb1a369bee7b 39928fa66eb796d0790ffa408a67968c7dbb80e9ba1c32df36b4d85862f1261b1e80851d09c27343302ed53a69cd8ee194a9f6c624bfaadb69d75368b394da7f NULL en US America/New_York M NULL 1970-01-01 00:00:00 atul.sanagartsa@gmail.com NULL   NULL  

            -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
            1 row in set (0.00 sec)

            3.Now run disable-user.groovy and disable it.

            groovy disable-user.groovy -ah http://aq-qa2-front1:8080/sapi/rest/ -uuid 093c9085-53c1-4848-9ad0-7ef3304fdf2a

            mysql> select * from users where email like '%atul.sanagartsa@%';
            -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

            id realm_id type first_name last_name display description created_on created_by modified_on modified_by active password salt organization language country timezone gender birthday login email homepage home_phone work_phone mobile_phone

            -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

            559e1eae-a50f-4120-9e22-6757593652a4 com.thesearchagency/9abef394-494c-482c-83b4-e9256785bfee P NULL NULL Atul test token timeout   2013-05-06 06:37:06 bb7483ae-1eae-4513-9412-1917cb635a9f 2013-05-06 06:37:06 bb7483ae-1eae-4513-9412-1917cb635a9f F 826f4896a08ba2d19d908efbe87bb0d54d451af76dec7a8a6013628737c45d3d04bf12e1f28cc3aa00550be4196656724694e49640c4400beee3cb1a369bee7b 39928fa66eb796d0790ffa408a67968c7dbb80e9ba1c32df36b4d85862f1261b1e80851d09c27343302ed53a69cd8ee194a9f6c624bfaadb69d75368b394da7f NULL en US America/New_York M NULL 1970-01-01 00:00:00 atul.sanagartsa@gmail.com NULL   NULL  

            -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
            1 row in set (0.00 sec)

            4.Access Reseller login page - http://qaamlntttest.aq-qa-tomcat1:9980/reseller/#LOGIN and click "Forgot Password" link

            5.Reset the password by entering above email address.

            Actual Result:

            As user is disabled, he shouldn't able to reset the password.

            Note: Even though he has reset the password, he CAN'T login to Reseller UI.

              Attachments

                Activity

                  People

                  • Assignee:
                    Unassigned
                    Reporter:
                    atul.sanagar Atul Sanagar (Inactive)
                  • Votes:
                    0 Vote for this issue
                    Watchers:
                    1 Start watching this issue

                    Dates

                    • Created:
                      Updated: