Merge pull request #5810 from Automattic/staging

Production release: v20240820.0
Automattic · Aug 20, 2024 · fdf2302 · fdf2302
2 parents 4b38fdf + a90ce81
commit fdf2302
Show file tree

Hide file tree

Showing 7 changed files with 174 additions and 72 deletions.
diff --git a/__tests__/e2e/lib/pages/wp-login-page.ts b/__tests__/e2e/lib/pages/wp-login-page.ts
@@ -3,8 +3,10 @@ import type { Page } from '@playwright/test';
 const selectors = {
 	userField: '#user_login',
 	passwordField: '#user_pass',
+	rememberMeField: 'input#rememberme',
 	submitButton: '#wp-submit',
 	lostPasswordLink: '#nav a[href*="wp-login.php?action=lostpassword"]',
+	loginErrorBlock: 'div#login_error',
 };
 
 export class LoginPage {
@@ -38,10 +40,32 @@ export class LoginPage {
 		return Promise.all( [ this.page.waitForURL( '**/wp-admin/**' ), this.page.click( selectors.submitButton ) ] );
 	}
 
+	public async loginEx( login: string, password: string, rememberMe: boolean ): Promise<unknown> {
+		await this.page.locator( selectors.userField ).fill( login );
+		await this.page.locator( selectors.passwordField ).fill( password );
+		if ( rememberMe ) {
+			await this.page.locator( selectors.rememberMeField ).check();
+		} else {
+			await this.page.locator( selectors.rememberMeField ).uncheck();
+		}
+
+		await this.page.click( selectors.submitButton );
+		return this.page.waitForLoadState( 'load' );
+	}
+
 	public lostPassword(): Promise<unknown> {
 		return Promise.all( [
 			this.page.waitForURL( /\/wp-login\.php\?action=lostpassword/ ),
 			this.page.locator( selectors.lostPasswordLink ).click(),
 		] );
 	}
+
+	public async getLoginError(): Promise<string | null> {
+		const locator = this.page.locator( selectors.loginErrorBlock );
+		if ( await locator.count() > 0 ) {
+			return locator.textContent();
+		}
+
+		return null;
+	}
 }
diff --git a/__tests__/e2e/specs/security.spec.ts b/__tests__/e2e/specs/security.spec.ts
@@ -3,6 +3,9 @@ import { expect, test } from '@playwright/test';
 import { LostPasswordPage } from '../lib/pages/lost-password-page';
 import { LoginPage } from '../lib/pages/wp-login-page';
 
+const genericLoginError = 'Error: The username/email address or password is incorrect';
+const resetConfirmation = 'If there is an account associated with the username/email address, you will receive an email with a link to reset your password.';
+
 test.describe( 'Security', () => {
 	test.beforeEach( async ( { page, context } ) => {
 		await context.clearCookies();
@@ -18,6 +21,8 @@ test.describe( 'Security', () => {
 
 		expect( response.status() ).toBe( 200 );
 		expect( response.url() ).toContain( '/wp-login.php?checkemail=confirm' );
+
+		await expect( page.locator( '#login .message' ) ).toHaveText( resetConfirmation );
 	} );
 
 	test( 'Reset password for existing non-existing user', async ( { page } ) => {
@@ -29,5 +34,27 @@ test.describe( 'Security', () => {
 
 		expect( response.status() ).toBe( 200 );
 		expect( response.url() ).toContain( '/wp-login.php?checkemail=confirm' );
+
+		await expect( page.locator( '#login .message' ) ).toHaveText( resetConfirmation );
+	} );
+
+	test( 'Login with incorrect password', async ( { page } ) => {
+		const loginPage = new LoginPage( page );
+		await loginPage.loginEx( process.env.E2E_USER!, 'bad-password', false );
+
+		expect( page.url() ).toContain( '/wp-login.php' );
+
+		const loginError = await loginPage.getLoginError();
+		expect( loginError ).toContain( genericLoginError );
+	} );
+
+	test( 'Login with incorrect credentials', async ( { page } ) => {
+		const loginPage = new LoginPage( page );
+		await loginPage.loginEx( 'no-such-user', 'bad-password', false );
+
+		expect( page.url() ).toContain( '/wp-login.php' );
+
+		const loginError = await loginPage.getLoginError();
+		expect( loginError ).toContain( genericLoginError );
 	} );
 } );
diff --git a/integrations/block-data-api.php b/integrations/block-data-api.php
@@ -20,7 +20,7 @@ class BlockDataApiIntegration extends Integration {
 	 *
 	 * @var string
 	 */
-	protected string $version = '1.2';
+	protected string $version = '1.3';
 
 	/**
 	 * Returns `true` if `Block Data API` is already available e.g. via customer code. We will use

diff --git a/package-lock.json b/package-lock.json