aboutsummaryrefslogblamecommitdiffhomepage
path: root/tests/front/controller/admin/PasswordControllerTest.php
blob: 58f47b4929ad5748fc77be66e2dfc82ad2728201 (plain) (tree)
1
2
3
4
5
6
7
8
9
10





                                         
                                 
                                                         

                                                
                     














































































































































































                                                                                                                       















                                                                                               
 
<?php

declare(strict_types=1);

namespace Shaarli\Front\Controller\Admin;

use Shaarli\Config\ConfigManager;
use Shaarli\Front\Exception\OpenShaarliPasswordException;
use Shaarli\Front\Exception\WrongTokenException;
use Shaarli\Security\SessionManager;
use Shaarli\TestCase;
use Slim\Http\Request;
use Slim\Http\Response;

class PasswordControllerTest extends TestCase
{
    use FrontAdminControllerMockHelper;

    /** @var PasswordController */
    protected $controller;

    /** @var mixed[] Variables assigned to the template */
    protected $assignedVariables = [];

    public function setUp(): void
    {
        $this->createContainer();
        $this->assignTemplateVars($this->assignedVariables);

        $this->controller = new PasswordController($this->container);
    }

    /**
     * Test displaying the change password page.
     */
    public function testGetPage(): void
    {
        $request = $this->createMock(Request::class);
        $response = new Response();

        $result = $this->controller->index($request, $response);

        static::assertSame(200, $result->getStatusCode());
        static::assertSame('changepassword', (string) $result->getBody());
        static::assertSame('Change password - Shaarli', $this->assignedVariables['pagetitle']);
    }

    /**
     * Change the password with valid parameters
     */
    public function testPostNewPasswordDefault(): void
    {
        $request = $this->createMock(Request::class);
        $request->method('getParam')->willReturnCallback(function (string $key): string {
             if ('oldpassword' === $key) {
                 return 'old';
             }
             if ('setpassword' === $key) {
                 return 'new';
             }

             return $key;
        });
        $response = new Response();

        $this->container->conf = $this->createMock(ConfigManager::class);
        $this->container->conf->method('get')->willReturnCallback(function (string $key, $default) {
            if ('credentials.hash' === $key) {
                return sha1('old' . 'credentials.login' . 'credentials.salt');
            }

            return strpos($key, 'credentials') !== false ? $key : $default;
        });
        $this->container->conf->expects(static::once())->method('write')->with(true);

        $this->container->conf
            ->method('set')
            ->willReturnCallback(function (string $key, string $value) {
                if ('credentials.hash' === $key) {
                    static::assertSame(sha1('new' . 'credentials.login' . 'credentials.salt'), $value);
                }
            })
        ;

        $result = $this->controller->change($request, $response);

        static::assertSame(200, $result->getStatusCode());
        static::assertSame('changepassword', (string) $result->getBody());
        static::assertSame('Change password - Shaarli', $this->assignedVariables['pagetitle']);
    }

    /**
     * Change the password with a wrong existing password
     */
    public function testPostNewPasswordWrongOldPassword(): void
    {
        $request = $this->createMock(Request::class);
        $request->method('getParam')->willReturnCallback(function (string $key): string {
            if ('oldpassword' === $key) {
                return 'wrong';
            }
            if ('setpassword' === $key) {
                return 'new';
            }

            return $key;
        });
        $response = new Response();

        $this->container->conf = $this->createMock(ConfigManager::class);
        $this->container->conf->method('get')->willReturnCallback(function (string $key, $default) {
            if ('credentials.hash' === $key) {
                return sha1('old' . 'credentials.login' . 'credentials.salt');
            }

            return strpos($key, 'credentials') !== false ? $key : $default;
        });

        $this->container->conf->expects(static::never())->method('set');
        $this->container->conf->expects(static::never())->method('write');

        $this->container->sessionManager
            ->expects(static::once())
            ->method('setSessionParameter')
            ->with(SessionManager::KEY_ERROR_MESSAGES, ['The old password is not correct.'])
        ;

        $result = $this->controller->change($request, $response);

        static::assertSame(400, $result->getStatusCode());
        static::assertSame('changepassword', (string) $result->getBody());
        static::assertSame('Change password - Shaarli', $this->assignedVariables['pagetitle']);
    }

    /**
     * Change the password with a wrong existing password
     */
    public function testPostNewPasswordWrongToken(): void
    {
        $this->container->sessionManager = $this->createMock(SessionManager::class);
        $this->container->sessionManager->method('checkToken')->willReturn(false);

        $this->container->conf->expects(static::never())->method('set');
        $this->container->conf->expects(static::never())->method('write');

        $request = $this->createMock(Request::class);
        $response = new Response();

        $this->expectException(WrongTokenException::class);

        $this->controller->change($request, $response);
    }

    /**
     * Change the password with an empty new password
     */
    public function testPostNewEmptyPassword(): void
    {
        $this->container->sessionManager
            ->expects(static::once())
            ->method('setSessionParameter')
            ->with(SessionManager::KEY_ERROR_MESSAGES, ['You must provide the current and new password to change it.'])
        ;

        $this->container->conf->expects(static::never())->method('set');
        $this->container->conf->expects(static::never())->method('write');

        $request = $this->createMock(Request::class);
        $request->method('getParam')->willReturnCallback(function (string $key): string {
            if ('oldpassword' === $key) {
                return 'old';
            }
            if ('setpassword' === $key) {
                return '';
            }

            return $key;
        });
        $response = new Response();

        $result = $this->controller->change($request, $response);

        static::assertSame(400, $result->getStatusCode());
        static::assertSame('changepassword', (string) $result->getBody());
        static::assertSame('Change password - Shaarli', $this->assignedVariables['pagetitle']);
    }

    /**
     * Change the password on an open shaarli
     */
    public function testPostNewPasswordOnOpenShaarli(): void
    {
        $this->container->conf = $this->createMock(ConfigManager::class);
        $this->container->conf->method('get')->with('security.open_shaarli')->willReturn(true);

        $request = $this->createMock(Request::class);
        $response = new Response();

        $this->expectException(OpenShaarliPasswordException::class);

        $this->controller->change($request, $response);
    }
}