aboutsummaryrefslogtreecommitdiffhomepage
path: root/tests/security/SessionManagerTest.php
diff options
context:
space:
mode:
authorArthurHoaro <arthur@hoa.ro>2020-10-13 12:05:08 +0200
committerArthurHoaro <arthur@hoa.ro>2020-10-13 12:05:08 +0200
commitb6f678a5a1d15acf284ebcec16c905e976671ce1 (patch)
tree33c7da831482ed79c44896ef19c73c72ada84f2e /tests/security/SessionManagerTest.php
parentb14687036b9b800681197f51fdc47e62f0c88e2e (diff)
parent1c1520b6b98ab20201bfe15577782a52320339df (diff)
downloadShaarli-b6f678a5a1d15acf284ebcec16c905e976671ce1.tar.gz
Shaarli-b6f678a5a1d15acf284ebcec16c905e976671ce1.tar.zst
Shaarli-b6f678a5a1d15acf284ebcec16c905e976671ce1.zip
Merge branch 'v0.12' into latest
Diffstat (limited to 'tests/security/SessionManagerTest.php')
-rw-r--r--tests/security/SessionManagerTest.php90
1 files changed, 72 insertions, 18 deletions
diff --git a/tests/security/SessionManagerTest.php b/tests/security/SessionManagerTest.php
index f264505e..3f9c3ef5 100644
--- a/tests/security/SessionManagerTest.php
+++ b/tests/security/SessionManagerTest.php
@@ -1,12 +1,8 @@
1<?php 1<?php
2require_once 'tests/utils/FakeConfigManager.php';
3 2
4// Initialize reference data _before_ PHPUnit starts a session 3namespace Shaarli\Security;
5require_once 'tests/utils/ReferenceSessionIdHashes.php';
6ReferenceSessionIdHashes::genAllHashes();
7 4
8use PHPUnit\Framework\TestCase; 5use Shaarli\TestCase;
9use Shaarli\Security\SessionManager;
10 6
11/** 7/**
12 * Test coverage for SessionManager 8 * Test coverage for SessionManager
@@ -28,23 +24,23 @@ class SessionManagerTest extends TestCase
28 /** 24 /**
29 * Assign reference data 25 * Assign reference data
30 */ 26 */
31 public static function setUpBeforeClass() 27 public static function setUpBeforeClass(): void
32 { 28 {
33 self::$sidHashes = ReferenceSessionIdHashes::getHashes(); 29 self::$sidHashes = \ReferenceSessionIdHashes::getHashes();
34 } 30 }
35 31
36 /** 32 /**
37 * Initialize or reset test resources 33 * Initialize or reset test resources
38 */ 34 */
39 public function setUp() 35 protected function setUp(): void
40 { 36 {
41 $this->conf = new FakeConfigManager([ 37 $this->conf = new \FakeConfigManager([
42 'credentials.login' => 'johndoe', 38 'credentials.login' => 'johndoe',
43 'credentials.salt' => 'salt', 39 'credentials.salt' => 'salt',
44 'security.session_protection_disabled' => false, 40 'security.session_protection_disabled' => false,
45 ]); 41 ]);
46 $this->session = []; 42 $this->session = [];
47 $this->sessionManager = new SessionManager($this->session, $this->conf); 43 $this->sessionManager = new SessionManager($this->session, $this->conf, 'session_path');
48 } 44 }
49 45
50 /** 46 /**
@@ -69,7 +65,7 @@ class SessionManagerTest extends TestCase
69 $token => 1, 65 $token => 1,
70 ], 66 ],
71 ]; 67 ];
72 $sessionManager = new SessionManager($session, $this->conf); 68 $sessionManager = new SessionManager($session, $this->conf, 'session_path');
73 69
74 // check and destroy the token 70 // check and destroy the token
75 $this->assertTrue($sessionManager->checkToken($token)); 71 $this->assertTrue($sessionManager->checkToken($token));
@@ -211,15 +207,16 @@ class SessionManagerTest extends TestCase
211 'expires_on' => time() + 1000, 207 'expires_on' => time() + 1000,
212 'username' => 'johndoe', 208 'username' => 'johndoe',
213 'visibility' => 'public', 209 'visibility' => 'public',
214 'untaggedonly' => false, 210 'untaggedonly' => true,
215 ]; 211 ];
216 $this->sessionManager->logout(); 212 $this->sessionManager->logout();
217 213
218 $this->assertFalse(isset($this->session['ip'])); 214 $this->assertArrayNotHasKey('ip', $this->session);
219 $this->assertFalse(isset($this->session['expires_on'])); 215 $this->assertArrayNotHasKey('expires_on', $this->session);
220 $this->assertFalse(isset($this->session['username'])); 216 $this->assertArrayNotHasKey('username', $this->session);
221 $this->assertFalse(isset($this->session['visibility'])); 217 $this->assertArrayNotHasKey('visibility', $this->session);
222 $this->assertFalse(isset($this->session['untaggedonly'])); 218 $this->assertArrayHasKey('untaggedonly', $this->session);
219 $this->assertTrue($this->session['untaggedonly']);
223 } 220 }
224 221
225 /** 222 /**
@@ -269,4 +266,61 @@ class SessionManagerTest extends TestCase
269 $this->session['ip'] = 'ip_id_one'; 266 $this->session['ip'] = 'ip_id_one';
270 $this->assertTrue($this->sessionManager->hasClientIpChanged('ip_id_two')); 267 $this->assertTrue($this->sessionManager->hasClientIpChanged('ip_id_two'));
271 } 268 }
269
270 /**
271 * Test creating an entry in the session array
272 */
273 public function testSetSessionParameterCreate(): void
274 {
275 $this->sessionManager->setSessionParameter('abc', 'def');
276
277 static::assertSame('def', $this->session['abc']);
278 }
279
280 /**
281 * Test updating an entry in the session array
282 */
283 public function testSetSessionParameterUpdate(): void
284 {
285 $this->session['abc'] = 'ghi';
286
287 $this->sessionManager->setSessionParameter('abc', 'def');
288
289 static::assertSame('def', $this->session['abc']);
290 }
291
292 /**
293 * Test updating an entry in the session array with null value
294 */
295 public function testSetSessionParameterUpdateNull(): void
296 {
297 $this->session['abc'] = 'ghi';
298
299 $this->sessionManager->setSessionParameter('abc', null);
300
301 static::assertArrayHasKey('abc', $this->session);
302 static::assertNull($this->session['abc']);
303 }
304
305 /**
306 * Test deleting an existing entry in the session array
307 */
308 public function testDeleteSessionParameter(): void
309 {
310 $this->session['abc'] = 'def';
311
312 $this->sessionManager->deleteSessionParameter('abc');
313
314 static::assertArrayNotHasKey('abc', $this->session);
315 }
316
317 /**
318 * Test deleting a non existent entry in the session array
319 */
320 public function testDeleteSessionParameterNotExisting(): void
321 {
322 $this->sessionManager->deleteSessionParameter('abc');
323
324 static::assertArrayNotHasKey('abc', $this->session);
325 }
272} 326}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 13:07:26 +0000