diff options
| author | ArthurHoaro <arthur@hoa.ro> | 2020-11-12 13:02:36 +0100 |
|---|---|---|
| committer | ArthurHoaro <arthur@hoa.ro> | 2020-11-12 13:02:36 +0100 |
| commit | 1409f1c89a7ca01456ae2dcd6357d296e2b99f5a (patch) | |
| tree | ffa30a9358e82d27be75d8fc5e57f3c8820dc6d3 /tests/security | |
| parent | 054e03f37fa29da8066f1a637919f13c7e7dc5d2 (diff) | |
| parent | a6935feb22df8d9634189ee87d257da9f03eedbd (diff) | |
| download | Shaarli-0.12.1.tar.gz Shaarli-0.12.1.tar.zst Shaarli-0.12.1.zip | |
Diffstat (limited to 'tests/security')
| -rw-r--r-- | tests/security/BanManagerTest.php | 5 | ||||
| -rw-r--r-- | tests/security/LoginManagerTest.php | 51 | ||||
| -rw-r--r-- | tests/security/SessionManagerTest.php | 5 |
3 files changed, 45 insertions, 16 deletions
diff --git a/tests/security/BanManagerTest.php b/tests/security/BanManagerTest.php index 698d3d10..29d2791b 100644 --- a/tests/security/BanManagerTest.php +++ b/tests/security/BanManagerTest.php | |||
| @@ -3,7 +3,8 @@ | |||
| 3 | 3 | ||
| 4 | namespace Shaarli\Security; | 4 | namespace Shaarli\Security; |
| 5 | 5 | ||
| 6 | use Shaarli\FileUtils; | 6 | use Psr\Log\LoggerInterface; |
| 7 | use Shaarli\Helper\FileUtils; | ||
| 7 | use Shaarli\TestCase; | 8 | use Shaarli\TestCase; |
| 8 | 9 | ||
| 9 | /** | 10 | /** |
| @@ -387,7 +388,7 @@ class BanManagerTest extends TestCase | |||
| 387 | 3, | 388 | 3, |
| 388 | 1800, | 389 | 1800, |
| 389 | $this->banFile, | 390 | $this->banFile, |
| 390 | $this->logFile | 391 | $this->createMock(LoggerInterface::class) |
| 391 | ); | 392 | ); |
| 392 | } | 393 | } |
| 393 | } | 394 | } |
diff --git a/tests/security/LoginManagerTest.php b/tests/security/LoginManagerTest.php index d302983d..f7609fc6 100644 --- a/tests/security/LoginManagerTest.php +++ b/tests/security/LoginManagerTest.php | |||
| @@ -2,6 +2,8 @@ | |||
| 2 | 2 | ||
| 3 | namespace Shaarli\Security; | 3 | namespace Shaarli\Security; |
| 4 | 4 | ||
| 5 | use Psr\Log\LoggerInterface; | ||
| 6 | use Shaarli\FakeConfigManager; | ||
| 5 | use Shaarli\TestCase; | 7 | use Shaarli\TestCase; |
| 6 | 8 | ||
| 7 | /** | 9 | /** |
| @@ -9,7 +11,7 @@ use Shaarli\TestCase; | |||
| 9 | */ | 11 | */ |
| 10 | class LoginManagerTest extends TestCase | 12 | class LoginManagerTest extends TestCase |
| 11 | { | 13 | { |
| 12 | /** @var \FakeConfigManager Configuration Manager instance */ | 14 | /** @var FakeConfigManager Configuration Manager instance */ |
| 13 | protected $configManager = null; | 15 | protected $configManager = null; |
| 14 | 16 | ||
| 15 | /** @var LoginManager Login Manager instance */ | 17 | /** @var LoginManager Login Manager instance */ |
| @@ -60,6 +62,9 @@ class LoginManagerTest extends TestCase | |||
| 60 | /** @var CookieManager */ | 62 | /** @var CookieManager */ |
| 61 | protected $cookieManager; | 63 | protected $cookieManager; |
| 62 | 64 | ||
| 65 | /** @var BanManager */ | ||
| 66 | protected $banManager; | ||
| 67 | |||
| 63 | /** | 68 | /** |
| 64 | * Prepare or reset test resources | 69 | * Prepare or reset test resources |
| 65 | */ | 70 | */ |
| @@ -71,7 +76,7 @@ class LoginManagerTest extends TestCase | |||
| 71 | 76 | ||
| 72 | $this->passwordHash = sha1($this->password . $this->login . $this->salt); | 77 | $this->passwordHash = sha1($this->password . $this->login . $this->salt); |
| 73 | 78 | ||
| 74 | $this->configManager = new \FakeConfigManager([ | 79 | $this->configManager = new FakeConfigManager([ |
| 75 | 'credentials.login' => $this->login, | 80 | 'credentials.login' => $this->login, |
| 76 | 'credentials.hash' => $this->passwordHash, | 81 | 'credentials.hash' => $this->passwordHash, |
| 77 | 'credentials.salt' => $this->salt, | 82 | 'credentials.salt' => $this->salt, |
| @@ -91,18 +96,29 @@ class LoginManagerTest extends TestCase | |||
| 91 | return $this->cookie[$key] ?? null; | 96 | return $this->cookie[$key] ?? null; |
| 92 | }); | 97 | }); |
| 93 | $this->sessionManager = new SessionManager($this->session, $this->configManager, 'session_path'); | 98 | $this->sessionManager = new SessionManager($this->session, $this->configManager, 'session_path'); |
| 94 | $this->loginManager = new LoginManager($this->configManager, $this->sessionManager, $this->cookieManager); | 99 | $this->banManager = $this->createMock(BanManager::class); |
| 100 | $this->loginManager = new LoginManager( | ||
| 101 | $this->configManager, | ||
| 102 | $this->sessionManager, | ||
| 103 | $this->cookieManager, | ||
| 104 | $this->banManager, | ||
| 105 | $this->createMock(LoggerInterface::class) | ||
| 106 | ); | ||
| 95 | $this->server['REMOTE_ADDR'] = $this->ipAddr; | 107 | $this->server['REMOTE_ADDR'] = $this->ipAddr; |
| 96 | } | 108 | } |
| 97 | 109 | ||
| 98 | /** | 110 | /** |
| 99 | * Record a failed login attempt | 111 | * Record a failed login attempt |
| 100 | */ | 112 | */ |
| 101 | public function testHandleFailedLogin() | 113 | public function testHandleFailedLogin(): void |
| 102 | { | 114 | { |
| 115 | $this->banManager->expects(static::exactly(2))->method('handleFailedAttempt'); | ||
| 116 | $this->banManager->method('isBanned')->willReturn(true); | ||
| 117 | |||
| 103 | $this->loginManager->handleFailedLogin($this->server); | 118 | $this->loginManager->handleFailedLogin($this->server); |
| 104 | $this->loginManager->handleFailedLogin($this->server); | 119 | $this->loginManager->handleFailedLogin($this->server); |
| 105 | $this->assertFalse($this->loginManager->canLogin($this->server)); | 120 | |
| 121 | static::assertFalse($this->loginManager->canLogin($this->server)); | ||
| 106 | } | 122 | } |
| 107 | 123 | ||
| 108 | /** | 124 | /** |
| @@ -114,8 +130,13 @@ class LoginManagerTest extends TestCase | |||
| 114 | 'REMOTE_ADDR' => $this->trustedProxy, | 130 | 'REMOTE_ADDR' => $this->trustedProxy, |
| 115 | 'HTTP_X_FORWARDED_FOR' => $this->ipAddr, | 131 | 'HTTP_X_FORWARDED_FOR' => $this->ipAddr, |
| 116 | ]; | 132 | ]; |
| 133 | |||
| 134 | $this->banManager->expects(static::exactly(2))->method('handleFailedAttempt'); | ||
| 135 | $this->banManager->method('isBanned')->willReturn(true); | ||
| 136 | |||
| 117 | $this->loginManager->handleFailedLogin($server); | 137 | $this->loginManager->handleFailedLogin($server); |
| 118 | $this->loginManager->handleFailedLogin($server); | 138 | $this->loginManager->handleFailedLogin($server); |
| 139 | |||
| 119 | $this->assertFalse($this->loginManager->canLogin($server)); | 140 | $this->assertFalse($this->loginManager->canLogin($server)); |
| 120 | } | 141 | } |
| 121 | 142 | ||
| @@ -196,10 +217,16 @@ class LoginManagerTest extends TestCase | |||
| 196 | */ | 217 | */ |
| 197 | public function testCheckLoginStateNotConfigured() | 218 | public function testCheckLoginStateNotConfigured() |
| 198 | { | 219 | { |
| 199 | $configManager = new \FakeConfigManager([ | 220 | $configManager = new FakeConfigManager([ |
| 200 | 'resource.ban_file' => $this->banFile, | 221 | 'resource.ban_file' => $this->banFile, |
| 201 | ]); | 222 | ]); |
| 202 | $loginManager = new LoginManager($configManager, null, $this->cookieManager); | 223 | $loginManager = new LoginManager( |
| 224 | $configManager, | ||
| 225 | $this->sessionManager, | ||
| 226 | $this->cookieManager, | ||
| 227 | $this->banManager, | ||
| 228 | $this->createMock(LoggerInterface::class) | ||
| 229 | ); | ||
| 203 | $loginManager->checkLoginState(''); | 230 | $loginManager->checkLoginState(''); |
| 204 | 231 | ||
| 205 | $this->assertFalse($loginManager->isLoggedIn()); | 232 | $this->assertFalse($loginManager->isLoggedIn()); |
| @@ -270,7 +297,7 @@ class LoginManagerTest extends TestCase | |||
| 270 | public function testCheckCredentialsWrongLogin() | 297 | public function testCheckCredentialsWrongLogin() |
| 271 | { | 298 | { |
| 272 | $this->assertFalse( | 299 | $this->assertFalse( |
| 273 | $this->loginManager->checkCredentials('', '', 'b4dl0g1n', $this->password) | 300 | $this->loginManager->checkCredentials('', 'b4dl0g1n', $this->password) |
| 274 | ); | 301 | ); |
| 275 | } | 302 | } |
| 276 | 303 | ||
| @@ -280,7 +307,7 @@ class LoginManagerTest extends TestCase | |||
| 280 | public function testCheckCredentialsWrongPassword() | 307 | public function testCheckCredentialsWrongPassword() |
| 281 | { | 308 | { |
| 282 | $this->assertFalse( | 309 | $this->assertFalse( |
| 283 | $this->loginManager->checkCredentials('', '', $this->login, 'b4dp455wd') | 310 | $this->loginManager->checkCredentials('', $this->login, 'b4dp455wd') |
| 284 | ); | 311 | ); |
| 285 | } | 312 | } |
| 286 | 313 | ||
| @@ -290,7 +317,7 @@ class LoginManagerTest extends TestCase | |||
| 290 | public function testCheckCredentialsWrongLoginAndPassword() | 317 | public function testCheckCredentialsWrongLoginAndPassword() |
| 291 | { | 318 | { |
| 292 | $this->assertFalse( | 319 | $this->assertFalse( |
| 293 | $this->loginManager->checkCredentials('', '', 'b4dl0g1n', 'b4dp455wd') | 320 | $this->loginManager->checkCredentials('', 'b4dl0g1n', 'b4dp455wd') |
| 294 | ); | 321 | ); |
| 295 | } | 322 | } |
| 296 | 323 | ||
| @@ -300,7 +327,7 @@ class LoginManagerTest extends TestCase | |||
| 300 | public function testCheckCredentialsGoodLoginAndPassword() | 327 | public function testCheckCredentialsGoodLoginAndPassword() |
| 301 | { | 328 | { |
| 302 | $this->assertTrue( | 329 | $this->assertTrue( |
| 303 | $this->loginManager->checkCredentials('', '', $this->login, $this->password) | 330 | $this->loginManager->checkCredentials('', $this->login, $this->password) |
| 304 | ); | 331 | ); |
| 305 | } | 332 | } |
| 306 | 333 | ||
| @@ -311,7 +338,7 @@ class LoginManagerTest extends TestCase | |||
| 311 | { | 338 | { |
| 312 | $this->configManager->set('ldap.host', 'dummy'); | 339 | $this->configManager->set('ldap.host', 'dummy'); |
| 313 | $this->assertFalse( | 340 | $this->assertFalse( |
| 314 | $this->loginManager->checkCredentials('', '', $this->login, $this->password) | 341 | $this->loginManager->checkCredentials('', $this->login, $this->password) |
| 315 | ); | 342 | ); |
| 316 | } | 343 | } |
| 317 | 344 | ||
diff --git a/tests/security/SessionManagerTest.php b/tests/security/SessionManagerTest.php index 3f9c3ef5..6830d714 100644 --- a/tests/security/SessionManagerTest.php +++ b/tests/security/SessionManagerTest.php | |||
| @@ -2,6 +2,7 @@ | |||
| 2 | 2 | ||
| 3 | namespace Shaarli\Security; | 3 | namespace Shaarli\Security; |
| 4 | 4 | ||
| 5 | use Shaarli\FakeConfigManager; | ||
| 5 | use Shaarli\TestCase; | 6 | use Shaarli\TestCase; |
| 6 | 7 | ||
| 7 | /** | 8 | /** |
| @@ -12,7 +13,7 @@ class SessionManagerTest extends TestCase | |||
| 12 | /** @var array Session ID hashes */ | 13 | /** @var array Session ID hashes */ |
| 13 | protected static $sidHashes = null; | 14 | protected static $sidHashes = null; |
| 14 | 15 | ||
| 15 | /** @var \FakeConfigManager ConfigManager substitute for testing */ | 16 | /** @var FakeConfigManager ConfigManager substitute for testing */ |
| 16 | protected $conf = null; | 17 | protected $conf = null; |
| 17 | 18 | ||
| 18 | /** @var array $_SESSION array for testing */ | 19 | /** @var array $_SESSION array for testing */ |
| @@ -34,7 +35,7 @@ class SessionManagerTest extends TestCase | |||
| 34 | */ | 35 | */ |
| 35 | protected function setUp(): void | 36 | protected function setUp(): void |
| 36 | { | 37 | { |
| 37 | $this->conf = new \FakeConfigManager([ | 38 | $this->conf = new FakeConfigManager([ |
| 38 | 'credentials.login' => 'johndoe', | 39 | 'credentials.login' => 'johndoe', |
| 39 | 'credentials.salt' => 'salt', | 40 | 'credentials.salt' => 'salt', |
| 40 | 'security.session_protection_disabled' => false, | 41 | 'security.session_protection_disabled' => false, |