[MGNLCE-394] Prepare UI test for new sessions invalidation behavior when changing password Created: 16/Jan/24  Updated: 25/Jan/24

Status: In Progress
Project: Community Edition
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Story Priority: Neutral
Reporter: Nguyen Phung Chi Assignee: Khayal Musayev
Resolution: Unresolved Votes: 0
Labels: SSO_and_Security_Initiative
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: PNG File Invalidation confirmation dialog.png    
Issue Links:
Relates
relates to MAGNOLIA-9236 Tracking MgnlUser sessions using Http... Closed
relates to MAGNOLIA-9252 CLONE - Tracking MgnlUser sessions us... Closed
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Epic Link: Security maintenance
Team: AdminX
Work Started:

 Description   

Goal

We want to make sure the new session invalidation on password changes works properly.

Therefore we'd need a UI test which would test the following: 

  • A user changes the password from "Edit user profile" dialog, expected that a confirmation dialog (see attachment) pops up, click button "Log out" should invalidate all active sessions (include current one)
  • A user changes the password from "Edit user profile" dialog, expected that a confirmation dialog (see attachment) pops up, click button "Keep active sessions" should do nothing and the sessions remain working.

From the Security app:

  • A Superuser changes another user password from Security app, expected that a confirmation dialog (see attachment) pops up if the user has any active sessions, click button "Log out" should invalidate all active sessions of the user
  • A Superuser changes another user password from Security app, expected that a confirmation dialog (see attachment) pops up if the user has any active sessions, click button "Keep active sessions"  should do nothing and the sessions of the user remain working.
  • A Superuser changes his own password from Security app, expected that a confirmation dialog (see attachment) pops up, click button "Log out" should invalidate all active sessions (include current one)
  • A Superuser changes his own password from Security app, expected that a confirmation dialog (see attachment) pops up, click button "Keep active sessions" should do nothing and the sessions remain working.
  • The 4 cases above should be tested on the new Security app (migrated to new UI framework)

Dev notes

The new UI tests should be placed in https://git.magnolia-cms.com/projects/PLATFORM/repos/ce/browse/magnolia-integration-tests/tests/src/test/java/it/info/magnolia/functionaltests


Generated at Mon Feb 12 00:08:56 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.