Move all admin controller into a dedicated group

Also handle authentication check in a new middleware for the admin group.

3 files changed, 51 insertions, 66 deletions

diff --git a/tests/front/controller/admin/SessionFilterControllerTest.php b/tests/front/controller/admin/SessionFilterControllerTest.php
index 7d5511ed..d306c6e9 100644
--- a/tests/front/controller/admin/SessionFilterControllerTest.php
+++ b/tests/front/controller/admin/SessionFilterControllerTest.php
@@ -174,55 +174,4 @@ class SessionFilterControllerTest extends TestCase
         static::assertSame(302, $result->getStatusCode());
         static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location'));
     }
-
-    /**
-     * Untagged only - valid call
-     */
-    public function testUntaggedOnly(): void
-    {
-        $this->container->environment = ['HTTP_REFERER' => 'http://shaarli/subfolder/controller/?searchtag=abc'];
-
-        $request = $this->createMock(Request::class);
-        $response = new Response();
-
-        $this->container->sessionManager
-            ->expects(static::once())
-            ->method('setSessionParameter')
-            ->with(SessionManager::KEY_UNTAGGED_ONLY, true)
-        ;
-
-        $result = $this->controller->untaggedOnly($request, $response);
-
-        static::assertInstanceOf(Response::class, $result);
-        static::assertSame(302, $result->getStatusCode());
-        static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location'));
-    }
-
-    /**
-     * Untagged only - toggle off
-     */
-    public function testUntaggedOnlyToggleOff(): void
-    {
-        $this->container->environment = ['HTTP_REFERER' => 'http://shaarli/subfolder/controller/?searchtag=abc'];
-
-        $request = $this->createMock(Request::class);
-        $response = new Response();
-
-        $this->container->sessionManager
-            ->method('getSessionParameter')
-            ->with(SessionManager::KEY_UNTAGGED_ONLY)
-            ->willReturn(true)
-        ;
-        $this->container->sessionManager
-            ->expects(static::once())
-            ->method('setSessionParameter')
-            ->with(SessionManager::KEY_UNTAGGED_ONLY, false)
-        ;
-
-        $result = $this->controller->untaggedOnly($request, $response);
-
-        static::assertInstanceOf(Response::class, $result);
-        static::assertSame(302, $result->getStatusCode());
-        static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location'));
-    }
 }
diff --git a/tests/front/controller/admin/ShaarliAdminControllerTest.php b/tests/front/controller/admin/ShaarliAdminControllerTest.php
index 7c5f50a6..fff427cb 100644
--- a/tests/front/controller/admin/ShaarliAdminControllerTest.php
+++ b/tests/front/controller/admin/ShaarliAdminControllerTest.php
@@ -5,9 +5,7 @@ declare(strict_types=1);
 namespace Shaarli\Front\Controller\Admin;
 
 use PHPUnit\Framework\TestCase;
-use Shaarli\Front\Exception\UnauthorizedException;
 use Shaarli\Front\Exception\WrongTokenException;
-use Shaarli\Security\LoginManager;
 use Shaarli\Security\SessionManager;
 use Slim\Http\Request;
 
@@ -53,19 +51,6 @@ class ShaarliAdminControllerTest extends TestCase
     }
 
     /**
-     * Creating an instance of an admin controller while logged out should raise an exception.
-     */
-    public function testInstantiateWhileLoggedOut(): void
-    {
-        $this->expectException(UnauthorizedException::class);
-
-        $this->container->loginManager = $this->createMock(LoginManager::class);
-        $this->container->loginManager->method('isLoggedIn')->willReturn(false);
-
-        $this->controller = new class($this->container) extends ShaarliAdminController {};
-    }
-
-    /**
      * Trigger controller's checkToken with a valid token.
      */
     public function testCheckTokenWithValidToken(): void
diff --git a/tests/front/controller/visitor/PublicSessionFilterControllerTest.php b/tests/front/controller/visitor/PublicSessionFilterControllerTest.php
index 3aa1cb99..06352750 100644
--- a/tests/front/controller/visitor/PublicSessionFilterControllerTest.php
+++ b/tests/front/controller/visitor/PublicSessionFilterControllerTest.php
@@ -68,4 +68,55 @@ class PublicSessionFilterControllerTest extends TestCase
         static::assertSame(302, $result->getStatusCode());
         static::assertSame(['/subfolder/'], $result->getHeader('location'));
     }
+
+    /**
+     * Untagged only - valid call
+     */
+    public function testUntaggedOnly(): void
+    {
+        $this->container->environment = ['HTTP_REFERER' => 'http://shaarli/subfolder/controller/?searchtag=abc'];
+
+        $request = $this->createMock(Request::class);
+        $response = new Response();
+
+        $this->container->sessionManager
+            ->expects(static::once())
+            ->method('setSessionParameter')
+            ->with(SessionManager::KEY_UNTAGGED_ONLY, true)
+        ;
+
+        $result = $this->controller->untaggedOnly($request, $response);
+
+        static::assertInstanceOf(Response::class, $result);
+        static::assertSame(302, $result->getStatusCode());
+        static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location'));
+    }
+
+    /**
+     * Untagged only - toggle off
+     */
+    public function testUntaggedOnlyToggleOff(): void
+    {
+        $this->container->environment = ['HTTP_REFERER' => 'http://shaarli/subfolder/controller/?searchtag=abc'];
+
+        $request = $this->createMock(Request::class);
+        $response = new Response();
+
+        $this->container->sessionManager
+            ->method('getSessionParameter')
+            ->with(SessionManager::KEY_UNTAGGED_ONLY)
+            ->willReturn(true)
+        ;
+        $this->container->sessionManager
+            ->expects(static::once())
+            ->method('setSessionParameter')
+            ->with(SessionManager::KEY_UNTAGGED_ONLY, false)
+        ;
+
+        $result = $this->controller->untaggedOnly($request, $response);
+
+        static::assertInstanceOf(Response::class, $result);
+        static::assertSame(302, $result->getStatusCode());
+        static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location'));
+    }
 }