diff --git a/resources/static/pages/manage_account.js b/resources/static/pages/manage_account.js
index d8afdd24a0234387ace79492a4b6a02c2a8279a4..7509704480aa163e396130553ea976e3f6bc1544 100644
--- a/resources/static/pages/manage_account.js
+++ b/resources/static/pages/manage_account.js
@@ -8,6 +8,7 @@ BrowserID.manageAccount = (function() {
var bid = BrowserID,
user = bid.User,
+ network = bid.Network,
errors = bid.Errors,
dom = bid.DOM,
storage = bid.Storage,
@@ -16,7 +17,8 @@ BrowserID.manageAccount = (function() {
cancelEvent = pageHelpers.cancelEvent,
confirmAction = confirm,
doc = document,
- tooltip = bid.Tooltip;
+ tooltip = bid.Tooltip,
+ authLevel;
function syncAndDisplayEmails(oncomplete) {
user.syncEmails(function() {
@@ -118,6 +120,19 @@ BrowserID.manageAccount = (function() {
typeof oncomplete == "function" && oncomplete(status);
}
+ function changePassword() {
+ user.changePassword(oldPassword, newPassword, function(status) {
+ if(status) {
+ dom.removeClass("#edit_password", "edit");
+ }
+ else {
+ tooltip.showTooltip("#tooltipInvalidPassword");
+ }
+
+ complete(status);
+ }, pageHelpers.getFailure(errors.updatePassword, oncomplete));
+ }
+
if(!oldPassword) {
tooltip.showTooltip("#tooltipOldRequired");
complete(false);
@@ -127,24 +142,30 @@ BrowserID.manageAccount = (function() {
complete(false);
}
else if(newPassword.length < 8 || 80 < newPassword.length) {
- tooltip.showTooltip("tooltipPasswordLength");
+ tooltip.showTooltip("#tooltipPasswordLength");
complete(false);
}
- else {
- user.changePassword(oldPassword, newPassword, function(status) {
+ else if(authLevel !== "password") {
+ var email = getSecondary();
+ // go striaght to the network level instead of user level so that if
+ // the user gets the password wrong, we don't clear their info.
+ network.authenticate(email, oldPassword, function(status) {
if(status) {
- dom.removeClass("#edit_password", "edit");
+ authLevel = "password";
+ changePassword();
}
else {
tooltip.showTooltip("#tooltipInvalidPassword");
+ complete(false);
}
-
- complete(status);
- }, pageHelpers.getFailure(errors.updatePassword, oncomplete));
+ }, pageHelpers.getFailure(errors.authenticate, oncomplete));
+ }
+ else {
+ changePassword();
}
-
}
+
function displayHelpTextToNewUser() {
var newUser = !storage.manage_page.get("has_visited_manage_page");
@@ -153,10 +174,19 @@ BrowserID.manageAccount = (function() {
}
function displayChangePassword(oncomplete) {
- user.canSetPassword(function(canSetPassword) {
- dom[canSetPassword ? "addClass" : "removeClass"]("body", "canSetPassword");
- oncomplete && oncomplete();
- }, pageHelpers.getFailure(errors.hasSecondary));
+ var canSetPassword = !!getSecondary();
+ dom[canSetPassword ? "addClass" : "removeClass"]("body", "canSetPassword");
+ oncomplete && oncomplete();
+ }
+
+ function getSecondary() {
+ var emails = storage.getEmails();
+
+ for(var key in emails) {
+ if(emails[key].type === "secondary") {
+ return key;
+ }
+ }
}
function init(options, oncomplete) {
@@ -171,10 +201,14 @@ BrowserID.manageAccount = (function() {
dom.bindEvent("button.done", "click", cancelEdit);
dom.bindEvent("#edit_password_form", "submit", cancelEvent(changePassword));
- syncAndDisplayEmails(function() {
- displayHelpTextToNewUser();
- displayChangePassword(oncomplete);
- });
+ user.checkAuthentication(function(auth_level) {
+ authLevel = auth_level;
+
+ syncAndDisplayEmails(function() {
+ displayHelpTextToNewUser();
+ displayChangePassword(oncomplete);
+ });
+ }, pageHelpers.getFailure(errors.checkAuthentication, oncomplete));
}
// BEGIN TESTING API
diff --git a/resources/static/test/qunit/mocks/xhr.js b/resources/static/test/qunit/mocks/xhr.js
index d9db587ed7192452b290f01fa922c2730693dbf8..2652c8cee6ce2478a1f2051a9513454393e4be94 100644
--- a/resources/static/test/qunit/mocks/xhr.js
+++ b/resources/static/test/qunit/mocks/xhr.js
@@ -35,6 +35,7 @@ BrowserID.Mocks.xhr = (function() {
"get /wsapi/email_for_token?token=token invalid": { success: false },
"post /wsapi/authenticate_user valid": { success: true },
"post /wsapi/authenticate_user invalid": { success: false },
+ "post /wsapi/authenticate_user incorrectPassword": { success: false },
"post /wsapi/authenticate_user ajaxError": undefined,
"post /wsapi/auth_with_assertion primary": { success: true },
"post /wsapi/auth_with_assertion valid": { success: true },
diff --git a/resources/static/test/qunit/pages/manage_account_unit_test.js b/resources/static/test/qunit/pages/manage_account_unit_test.js
index df81a4583344029149a363d2c6c0b0a10dc08cd1..c27ed462712130cda5b789d2b23d3a6a418efc2b 100644
--- a/resources/static/test/qunit/pages/manage_account_unit_test.js
+++ b/resources/static/test/qunit/pages/manage_account_unit_test.js
@@ -21,6 +21,7 @@
setup: function() {
testHelpers.setup();
bid.Renderer.render("#page_head", "site/index", {});
+ xhr.setContextInfo("auth_level", "password");
mocks.document.location = "";
},
teardown: function() {
@@ -157,7 +158,7 @@
bid.manageAccount.changePassword(function(status) {
equal(status, false, "on missing old password, status is false");
- equal(tooltip.shown, true, "tooltip is visible");
+ testHelpers.testTooltipVisible();
start();
});
});
@@ -170,7 +171,7 @@
bid.manageAccount.changePassword(function(status) {
equal(status, false, "on missing new password, status is false");
- equal(tooltip.shown, true, "tooltip is visible");
+ testHelpers.testTooltipVisible();
start();
});
});
@@ -183,7 +184,7 @@
bid.manageAccount.changePassword(function(status) {
equal(status, false, "on too short of a password, status is false");
- equal(tooltip.shown, true, "tooltip is visible");
+ testHelpers.testTooltipVisible();
start();
});
});
@@ -200,7 +201,7 @@
bid.manageAccount.changePassword(function(status) {
equal(status, false, "on too short of a password, status is false");
- equal(tooltip.shown, true, "tooltip is visible");
+ testHelpers.testTooltipVisible();
start();
});
});
@@ -216,7 +217,7 @@
bid.manageAccount.changePassword(function(status) {
equal(status, false, "on incorrect old password, status is false");
- equal(tooltip.shown, true, "tooltip is visible");
+ testHelpers.testTooltipVisible();
start();
});
});
@@ -236,7 +237,39 @@
});
});
- asyncTest("changePassword happy case", function() {
+ asyncTest("changePassword with user authenticated to password level, happy case", function() {
+
+ bid.manageAccount(mocks, function() {
+ $("#old_password").val("oldpassword");
+ $("#new_password").val("newpassword");
+
+ bid.manageAccount.changePassword(function(status) {
+ equal(status, true, "on proper completion, status is true");
+ equal(tooltip.shown, false, "on proper completion, tooltip is not shown");
+ start();
+ });
+ });
+ });
+
+ asyncTest("changePassword with user authenticated to assertion level level, incorrect password - show tooltip", function() {
+ xhr.setContextInfo("auth_level", "assertion");
+
+ bid.manageAccount(mocks, function() {
+ $("#old_password").val("oldpassword");
+ $("#new_password").val("newpassword");
+ xhr.useResult("incorrectPassword");
+
+ bid.manageAccount.changePassword(function(status) {
+ equal(status, false, "bad password, status is false");
+ testHelpers.testTooltipVisible();
+ start();
+ });
+ });
+ });
+
+ asyncTest("changePassword with user authenticated to assertion level level, correct password - log user in, change password", function() {
+ xhr.setContextInfo("auth_level", "assertion");
+
bid.manageAccount(mocks, function() {
$("#old_password").val("oldpassword");
$("#new_password").val("newpassword");