-- Test change_password set client_min_messages to warning; create extension if not exists pgtap; reset client_min_messages; begin; select plan(14); set search_path to numerus, auth, public; select has_function('numerus', 'change_password', array ['text']); select function_lang_is('numerus', 'change_password', array ['text'], 'sql'); select function_returns('numerus', 'change_password', array ['text'], 'void'); select is_definer('numerus', 'change_password', array ['text']); select volatility_is('numerus', 'change_password', array ['text'], 'volatile'); select function_privs_are('numerus', 'change_password', array ['text'], 'guest', array []::text[]); select function_privs_are('numerus', 'change_password', array ['text'], 'invoicer', array ['EXECUTE']); select function_privs_are('numerus', 'change_password', array ['text'], 'admin', array ['EXECUTE']); select function_privs_are('numerus', 'change_password', array ['text'], 'authenticator', array []::text[]); set client_min_messages to warning; truncate auth."user" cascade; reset client_min_messages; insert into auth."user" (user_id, email, name, password, role, cookie, cookie_expires_at) values (1, 'demo@tandem.blog', 'Demo', 'test', 'invoicer', '44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e', current_timestamp + interval '1 month') , (9, 'admin@tandem.blog', 'Demo', 'test', 'admin', '12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524', current_timestamp + interval '1 month') ; select lives_ok( $$ select change_password('another') $$, 'Should run even without current user' ); select isnt_empty ( $$ select * from auth."user" where password = crypt('test', password) $$, 'Should not have changed any password' ); select set_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog'); select lives_ok( $$ select change_password('another') $$, 'Should run with the correct user' ); reset role; select isnt_empty ( $$ select * from auth."user" where email = 'demo@tandem.blog' and password = crypt('another', password) $$, 'Should have changed the password of the current user' ); select isnt_empty ( $$ select * from auth."user" where email = 'admin@tandem.blog' and password = crypt('test', password) $$, 'Should not have changed any other password' ); select * from finish(); rollback;