[github/wallabag/wallabag.git] / src / Wallabag / CoreBundle / Tests / Controller / SecurityControllerTest.php

<?php

namespace Wallabag\CoreBundle\Tests\Controller;

use Symfony\Component\Filesystem\Filesystem;
use Symfony\Component\Finder\Finder;
use Wallabag\CoreBundle\Tests\WallabagCoreTestCase;

class SecurityControllerTest extends WallabagCoreTestCase
{
    public function testRegister()
    {
        $client = $this->getClient();

        $crawler = $client->request('GET', '/register/');

        $this->assertEquals(200, $client->getResponse()->getStatusCode());
        $this->assertContains('Register', $client->getResponse()->getContent());
    }

    public function dataForCreateAccountFailed()
    {
        return array(
            array(
                array(
                    'fos_user_registration_form[email]' => '',
                    'fos_user_registration_form[username]' => 'newuser',
                    'fos_user_registration_form[plainPassword][first]' => 'mypassword',
                    'fos_user_registration_form[plainPassword][second]' => 'mypassword',
                ),
                'Please enter an email',
            ),
            array(
                array(
                    'fos_user_registration_form[email]' => 'newuser@wallabag.org',
                    'fos_user_registration_form[username]' => 'admin',
                    'fos_user_registration_form[plainPassword][first]' => 'mypassword',
                    'fos_user_registration_form[plainPassword][second]' => 'mypassword',
                ),
                'The username is already used',
            ),
            array(
                array(
                    'fos_user_registration_form[email]' => 'newuser@wallabag.org',
                    'fos_user_registration_form[username]' => 'newuser',
                    'fos_user_registration_form[plainPassword][first]' => 'mypassword1',
                    'fos_user_registration_form[plainPassword][second]' => 'mypassword2',
                ),
                'The entered passwords don&#039;t match',
            ),
        );
    }

    /**
     * @dataProvider dataForCreateAccountFailed
     */
    public function testCreateAccountFailed($data, $expectedMessage)
    {
        $client = $this->getClient();

        $crawler = $client->request('GET', '/register/');

        $form = $crawler->filter('input[type=submit]')->form();

        $client->submit($form, $data);

        $this->assertEquals(200, $client->getResponse()->getStatusCode());
        $this->assertContains($expectedMessage, $client->getResponse()->getContent());
    }

    public function dataForCreateAccountSuccess()
    {
        return array(
            array(
                array(
                    'fos_user_registration_form[email]' => 'newuser@wallabag.org',
                    'fos_user_registration_form[username]' => 'newuser',
                    'fos_user_registration_form[plainPassword][first]' => 'mypassword',
                    'fos_user_registration_form[plainPassword][second]' => 'mypassword',
                ),
            ),
        );
    }

    /**
     * @dataProvider dataForCreateAccountSuccess
     */
    public function testCreateAccountSuccess($data)
    {
        $client = $this->getClient();

        $crawler = $client->request('GET', '/register/');

        $form = $crawler->filter('input[type=submit]')->form();

        $client->submit($form, $data);
        $this->assertEquals(302, $client->getResponse()->getStatusCode());

        $crawler = $client->followRedirect();

        $this->assertContains('The user has been created successfully', $client->getResponse()->getContent());
    }

    public function testRegistrationConfirmation()
    {
        $client = $this->getClient();
        $client->followRedirects();

        $user = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:User')
            ->findOneByUsername('newuser');

        $this->assertNull($user->getConfig());

        $client->request('GET', '/register/confirm/b4dT0k3n');
        $this->assertEquals(404, $client->getResponse()->getStatusCode());

        $crawler = $client->request('GET', '/register/confirm/'.$user->getConfirmationToken());
        $this->assertEquals(200, $client->getResponse()->getStatusCode());

        $user = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:User')
            ->findOneByUsername('newuser');
        $this->assertNotNull($user->getConfig());
    }

    public function testLogin()
    {
        $client = $this->getClient();

        $crawler = $client->request('GET', '/new');

        $this->assertEquals(302, $client->getResponse()->getStatusCode());
        $this->assertContains('login', $client->getResponse()->headers->get('location'));
    }

    public function testLoginFail()
    {
        $client = $this->getClient();

        $crawler = $client->request('GET', '/login');

        $form = $crawler->filter('button[type=submit]')->form();
        $data = array(
            '_username' => 'admin',
            '_password' => 'admin',
        );

        $client->submit($form, $data);

        $this->assertEquals(302, $client->getResponse()->getStatusCode());
        $this->assertContains('login', $client->getResponse()->headers->get('location'));

        $crawler = $client->followRedirect();

        $this->assertContains('Bad credentials', $client->getResponse()->getContent());
    }

    public function testRedirectionAfterLogin()
    {
        $client = $this->getClient();
        $client->followRedirects();

        $crawler = $client->request('GET', '/config');

        $form = $crawler->filter('button[type=submit]')->form();

        $data = array(
            '_username' => 'admin',
            '_password' => 'mypassword',
        );

        $client->submit($form, $data);

        $this->assertContains('RSS', $client->getResponse()->getContent());
    }

    public function testForgotPassword()
    {
        $client = $this->getClient();

        $crawler = $client->request('GET', '/forgot-password');

        $this->assertEquals(200, $client->getResponse()->getStatusCode());

        $this->assertContains('Forgot password', $client->getResponse()->getContent());

        $form = $crawler->filter('button[type=submit]');

        $this->assertCount(1, $form);

        return array(
            'form' => $form->form(),
            'client' => $client,
        );
    }

    /**
     * @depends testForgotPassword
     */
    public function testSubmitForgotPasswordFail($parameters)
    {
        $form = $parameters['form'];
        $client = $parameters['client'];

        $data = array(
            'forgot_password[email]' => 'material',
        );

        $client->submit($form, $data);

        $this->assertEquals(200, $client->getResponse()->getStatusCode());
        $this->assertContains('No user found with this email', $client->getResponse()->getContent());
    }

    /**
     * @depends testForgotPassword
     *
     * Instead of using collector which slow down the test suite
     * http://symfony.com/doc/current/cookbook/email/testing.html
     *
     * Use a different way where Swift store email as file
     */
    public function testSubmitForgotPassword($parameters)
    {
        $form = $parameters['form'];
        $client = $parameters['client'];

        $spoolDir = $client->getKernel()->getContainer()->getParameter('swiftmailer.spool.default.file.path');

        // cleanup pool dir
        $filesystem = new Filesystem();
        $filesystem->remove($spoolDir);

        // to use `getCollector` since `collect: false` in config_test.yml
        $client->enableProfiler();

        $data = array(
            'forgot_password[email]' => 'bobby@wallabag.org',
        );

        $client->submit($form, $data);

        $this->assertEquals(302, $client->getResponse()->getStatusCode());

        $crawler = $client->followRedirect();

        $this->assertContains('An email has been sent to', $client->getResponse()->getContent());

        // find every files (ie: emails) inside the spool dir except hidden files
        $finder = new Finder();
        $finder
            ->in($spoolDir)
            ->ignoreDotFiles(true)
            ->files();

        $this->assertCount(1, $finder, 'Only one email has been sent');

        foreach ($finder as $file) {
            $message = unserialize(file_get_contents($file));

            $this->assertInstanceOf('Swift_Message', $message);
            $this->assertEquals('Reset Password', $message->getSubject());
            $this->assertEquals('no-reply@wallabag.org', key($message->getFrom()));
            $this->assertEquals('bobby@wallabag.org', key($message->getTo()));
            $this->assertContains(
                'To reset your password - please visit',
                $message->getBody()
            );
        }
    }

    public function testReset()
    {
        $client = $this->getClient();
        $user = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:User')
            ->findOneByEmail('bobby@wallabag.org');

        $crawler = $client->request('GET', '/forgot-password/'.$user->getConfirmationToken());

        $this->assertEquals(200, $client->getResponse()->getStatusCode());
        $this->assertCount(2, $crawler->filter('input[type=password]'));
        $this->assertCount(1, $form = $crawler->filter('button[type=submit]'));
        $this->assertCount(1, $form);

        $data = array(
            'change_passwd[new_password][first]' => 'mypassword',
            'change_passwd[new_password][second]' => 'mypassword',
        );

        $client->submit($form->form(), $data);

        $this->assertEquals(302, $client->getResponse()->getStatusCode());
        $this->assertContains('login', $client->getResponse()->headers->get('location'));
    }

    public function testResetBadToken()
    {
        $client = $this->getClient();

        $client->request('GET', '/forgot-password/UIZOAU29UE902IEPZO');

        $this->assertEquals(404, $client->getResponse()->getStatusCode());
    }

    public function testCheckEmailWithoutEmail()
    {
        $client = $this->getClient();

        $client->request('GET', '/forgot-password/check-email');

        $this->assertEquals(302, $client->getResponse()->getStatusCode());
        $this->assertContains('forgot-password', $client->getResponse()->headers->get('location'));
    }
}
Commit	Line	Data
3b815d2d J	1	<?php
	2
	3	namespace Wallabag\CoreBundle\Tests\Controller;
	4
6894d48e J	5	use Symfony\Component\Filesystem\Filesystem;
6894d48e J	6	use Symfony\Component\Finder\Finder;
769e19dc	7	use Wallabag\CoreBundle\Tests\WallabagCoreTestCase;
3b815d2d	8
769e19dc	9	class SecurityControllerTest extends WallabagCoreTestCase
3b815d2d	10	{
359b3f43 NL	11	public function testRegister()
	12	{
	13	$client = $this->getClient();
	14
	15	$crawler = $client->request('GET', '/register/');
	16
	17	$this->assertEquals(200, $client->getResponse()->getStatusCode());
	18	$this->assertContains('Register', $client->getResponse()->getContent());
	19	}
	20
	21	public function dataForCreateAccountFailed()
	22	{
	23	return array(
	24	array(
	25	array(
	26	'fos_user_registration_form[email]' => '',
	27	'fos_user_registration_form[username]' => 'newuser',
	28	'fos_user_registration_form[plainPassword][first]' => 'mypassword',
	29	'fos_user_registration_form[plainPassword][second]' => 'mypassword',
	30	),
	31	'Please enter an email',
	32	),
	33	array(
	34	array(
	35	'fos_user_registration_form[email]' => 'newuser@wallabag.org',
	36	'fos_user_registration_form[username]' => 'admin',
	37	'fos_user_registration_form[plainPassword][first]' => 'mypassword',
	38	'fos_user_registration_form[plainPassword][second]' => 'mypassword',
	39	),
	40	'The username is already used',
	41	),
	42	array(
	43	array(
	44	'fos_user_registration_form[email]' => 'newuser@wallabag.org',
	45	'fos_user_registration_form[username]' => 'newuser',
	46	'fos_user_registration_form[plainPassword][first]' => 'mypassword1',
	47	'fos_user_registration_form[plainPassword][second]' => 'mypassword2',
	48	),
	49	'The entered passwords don't match',
	50	),
	51	);
	52	}
	53
	54	/**
	55	* @dataProvider dataForCreateAccountFailed
	56	*/
	57	public function testCreateAccountFailed($data, $expectedMessage)
	58	{
	59	$client = $this->getClient();
	60
	61	$crawler = $client->request('GET', '/register/');
	62
	63	$form = $crawler->filter('input[type=submit]')->form();
	64
	65	$client->submit($form, $data);
	66
	67	$this->assertEquals(200, $client->getResponse()->getStatusCode());
	68	$this->assertContains($expectedMessage, $client->getResponse()->getContent());
	69	}
	70
	71	public function dataForCreateAccountSuccess()
	72	{
	73	return array(
	74	array(
75	array(
76	'fos_user_registration_form[email]' => 'newuser@wallabag.org',
77	'fos_user_registration_form[username]' => 'newuser',
78	'fos_user_registration_form[plainPassword][first]' => 'mypassword',
79	'fos_user_registration_form[plainPassword][second]' => 'mypassword',
80	),
2c13918a	81	),
359b3f43 NL	82	);
	83	}
	84
	85	/**
	86	* @dataProvider dataForCreateAccountSuccess
	87	*/
	88	public function testCreateAccountSuccess($data)
	89	{
	90	$client = $this->getClient();
	91
	92	$crawler = $client->request('GET', '/register/');
	93
	94	$form = $crawler->filter('input[type=submit]')->form();
	95
	96	$client->submit($form, $data);
	97	$this->assertEquals(302, $client->getResponse()->getStatusCode());
	98
	99	$crawler = $client->followRedirect();
	100
	101	$this->assertContains('The user has been created successfully', $client->getResponse()->getContent());
	102	}
	103
2c13918a NL	104	public function testRegistrationConfirmation()
	105	{
	106	$client = $this->getClient();
	107	$client->followRedirects();
	108
	109	$user = $client->getContainer()
	110	->get('doctrine.orm.entity_manager')
	111	->getRepository('WallabagCoreBundle:User')
	112	->findOneByUsername('newuser');
	113
	114	$this->assertNull($user->getConfig());
	115
	116	$client->request('GET', '/register/confirm/b4dT0k3n');
	117	$this->assertEquals(404, $client->getResponse()->getStatusCode());
	118
	119	$crawler = $client->request('GET', '/register/confirm/'.$user->getConfirmationToken());
	120	$this->assertEquals(200, $client->getResponse()->getStatusCode());
	121
	122	$user = $client->getContainer()
	123	->get('doctrine.orm.entity_manager')
	124	->getRepository('WallabagCoreBundle:User')
	125	->findOneByUsername('newuser');
	126	$this->assertNotNull($user->getConfig());
	127	}
	128
3b815d2d J	129	public function testLogin()
	130	{
	131	$client = $this->getClient();
	132
	133	$crawler = $client->request('GET', '/new');
	134
	135	$this->assertEquals(302, $client->getResponse()->getStatusCode());
	136	$this->assertContains('login', $client->getResponse()->headers->get('location'));
	137	}
	138
	139	public function testLoginFail()
	140	{
	141	$client = $this->getClient();
	142
	143	$crawler = $client->request('GET', '/login');
	144
	145	$form = $crawler->filter('button[type=submit]')->form();
	146	$data = array(
	147	'_username' => 'admin',
	148	'_password' => 'admin',
	149	);
	150
	151	$client->submit($form, $data);
	152
	153	$this->assertEquals(302, $client->getResponse()->getStatusCode());
	154	$this->assertContains('login', $client->getResponse()->headers->get('location'));
	155
	156	$crawler = $client->followRedirect();
	157
	158	$this->assertContains('Bad credentials', $client->getResponse()->getContent());
	159	}
6894d48e	160
7fc14130 NL	161	public function testRedirectionAfterLogin()
	162	{
	163	$client = $this->getClient();
	164	$client->followRedirects();
	165
	166	$crawler = $client->request('GET', '/config');
	167
	168	$form = $crawler->filter('button[type=submit]')->form();
	169
	170	$data = array(
	171	'_username' => 'admin',
	172	'_password' => 'mypassword',
	173	);
	174
	175	$client->submit($form, $data);
	176
	177	$this->assertContains('RSS', $client->getResponse()->getContent());
	178	}
	179
6894d48e J	180	public function testForgotPassword()
	181	{
	182	$client = $this->getClient();
	183
	184	$crawler = $client->request('GET', '/forgot-password');
	185
	186	$this->assertEquals(200, $client->getResponse()->getStatusCode());
	187
	188	$this->assertContains('Forgot password', $client->getResponse()->getContent());
	189
	190	$form = $crawler->filter('button[type=submit]');
	191
	192	$this->assertCount(1, $form);
	193
	194	return array(
	195	'form' => $form->form(),
	196	'client' => $client,
	197	);
	198	}
	199
	200	/**
	201	* @depends testForgotPassword
	202	*/
	203	public function testSubmitForgotPasswordFail($parameters)
	204	{
	205	$form = $parameters['form'];
	206	$client = $parameters['client'];
	207
	208	$data = array(
4ab58dcf	209	'forgot_password[email]' => 'material',
6894d48e J	210	);
	211
	212	$client->submit($form, $data);
	213
	214	$this->assertEquals(200, $client->getResponse()->getStatusCode());
	215	$this->assertContains('No user found with this email', $client->getResponse()->getContent());
	216	}
	217
	218	/**
	219	* @depends testForgotPassword
	220	*
	221	* Instead of using collector which slow down the test suite
	222	* http://symfony.com/doc/current/cookbook/email/testing.html
	223	*
	224	* Use a different way where Swift store email as file
	225	*/
	226	public function testSubmitForgotPassword($parameters)
	227	{
	228	$form = $parameters['form'];
	229	$client = $parameters['client'];
	230
	231	$spoolDir = $client->getKernel()->getContainer()->getParameter('swiftmailer.spool.default.file.path');
	232
	233	// cleanup pool dir
	234	$filesystem = new Filesystem();
	235	$filesystem->remove($spoolDir);
	236
	237	// to use `getCollector` since `collect: false` in config_test.yml
	238	$client->enableProfiler();
	239
	240	$data = array(
	241	'forgot_password[email]' => 'bobby@wallabag.org',
	242	);
	243
	244	$client->submit($form, $data);
	245
	246	$this->assertEquals(302, $client->getResponse()->getStatusCode());
	247
	248	$crawler = $client->followRedirect();
	249
	250	$this->assertContains('An email has been sent to', $client->getResponse()->getContent());
	251
	252	// find every files (ie: emails) inside the spool dir except hidden files
	253	$finder = new Finder();
	254	$finder
	255	->in($spoolDir)
	256	->ignoreDotFiles(true)
	257	->files();
	258
	259	$this->assertCount(1, $finder, 'Only one email has been sent');
	260
	261	foreach ($finder as $file) {
	262	$message = unserialize(file_get_contents($file));
	263
	264	$this->assertInstanceOf('Swift_Message', $message);
	265	$this->assertEquals('Reset Password', $message->getSubject());
	266	$this->assertEquals('no-reply@wallabag.org', key($message->getFrom()));
	267	$this->assertEquals('bobby@wallabag.org', key($message->getTo()));
	268	$this->assertContains(
	269	'To reset your password - please visit',
	270	$message->getBody()
	271	);
	272	}
	273	}
d0c2243b J	274
	275	public function testReset()
	276	{
	277	$client = $this->getClient();
	278	$user = $client->getContainer()
	279	->get('doctrine.orm.entity_manager')
	280	->getRepository('WallabagCoreBundle:User')
	281	->findOneByEmail('bobby@wallabag.org');
	282
	283	$crawler = $client->request('GET', '/forgot-password/'.$user->getConfirmationToken());
	284
	285	$this->assertEquals(200, $client->getResponse()->getStatusCode());
	286	$this->assertCount(2, $crawler->filter('input[type=password]'));
	287	$this->assertCount(1, $form = $crawler->filter('button[type=submit]'));
	288	$this->assertCount(1, $form);
	289
	290	$data = array(
	291	'change_passwd[new_password][first]' => 'mypassword',
	292	'change_passwd[new_password][second]' => 'mypassword',
	293	);
	294
	295	$client->submit($form->form(), $data);
	296
	297	$this->assertEquals(302, $client->getResponse()->getStatusCode());
	298	$this->assertContains('login', $client->getResponse()->headers->get('location'));
	299	}
	300
	301	public function testResetBadToken()
	302	{
	303	$client = $this->getClient();
	304
	305	$client->request('GET', '/forgot-password/UIZOAU29UE902IEPZO');
	306
	307	$this->assertEquals(404, $client->getResponse()->getStatusCode());
	308	}
	309
	310	public function testCheckEmailWithoutEmail()
	311	{
	312	$client = $this->getClient();
	313
	314	$client->request('GET', '/forgot-password/check-email');
	315
	316	$this->assertEquals(302, $client->getResponse()->getStatusCode());
	317	$this->assertContains('forgot-password', $client->getResponse()->headers->get('location'));
	318	}
3b815d2d	319	}