diff options
author | ArthurHoaro <arthur@hoa.ro> | 2020-08-13 11:08:13 +0200 |
---|---|---|
committer | ArthurHoaro <arthur@hoa.ro> | 2020-08-13 11:08:13 +0200 |
commit | bedbb845eec20363b928b424143787dbe988eefe (patch) | |
tree | 6b835ca247e39157b333323a539dde3c410c08f5 /tests | |
parent | 1a68ae5a29bc33ab80c9cfbe043cb1213551533c (diff) | |
download | Shaarli-bedbb845eec20363b928b424143787dbe988eefe.tar.gz Shaarli-bedbb845eec20363b928b424143787dbe988eefe.tar.zst Shaarli-bedbb845eec20363b928b424143787dbe988eefe.zip |
Move all admin controller into a dedicated group
Also handle authentication check in a new middleware for the admin group.
Diffstat (limited to 'tests')
-rw-r--r-- | tests/front/ShaarliAdminMiddlewareTest.php | 100 | ||||
-rw-r--r-- | tests/front/ShaarliMiddlewareTest.php | 2 | ||||
-rw-r--r-- | tests/front/controller/admin/SessionFilterControllerTest.php | 51 | ||||
-rw-r--r-- | tests/front/controller/admin/ShaarliAdminControllerTest.php | 15 | ||||
-rw-r--r-- | tests/front/controller/visitor/PublicSessionFilterControllerTest.php | 51 | ||||
-rw-r--r-- | tests/legacy/LegacyControllerTest.php | 4 |
6 files changed, 154 insertions, 69 deletions
diff --git a/tests/front/ShaarliAdminMiddlewareTest.php b/tests/front/ShaarliAdminMiddlewareTest.php new file mode 100644 index 00000000..7451330b --- /dev/null +++ b/tests/front/ShaarliAdminMiddlewareTest.php | |||
@@ -0,0 +1,100 @@ | |||
1 | <?php | ||
2 | |||
3 | declare(strict_types=1); | ||
4 | |||
5 | namespace Shaarli\Front; | ||
6 | |||
7 | use PHPUnit\Framework\TestCase; | ||
8 | use Shaarli\Config\ConfigManager; | ||
9 | use Shaarli\Container\ShaarliContainer; | ||
10 | use Shaarli\Security\LoginManager; | ||
11 | use Shaarli\Updater\Updater; | ||
12 | use Slim\Http\Request; | ||
13 | use Slim\Http\Response; | ||
14 | use Slim\Http\Uri; | ||
15 | |||
16 | class ShaarliAdminMiddlewareTest extends TestCase | ||
17 | { | ||
18 | protected const TMP_MOCK_FILE = '.tmp'; | ||
19 | |||
20 | /** @var ShaarliContainer */ | ||
21 | protected $container; | ||
22 | |||
23 | /** @var ShaarliMiddleware */ | ||
24 | protected $middleware; | ||
25 | |||
26 | public function setUp(): void | ||
27 | { | ||
28 | $this->container = $this->createMock(ShaarliContainer::class); | ||
29 | |||
30 | touch(static::TMP_MOCK_FILE); | ||
31 | |||
32 | $this->container->conf = $this->createMock(ConfigManager::class); | ||
33 | $this->container->conf->method('getConfigFileExt')->willReturn(static::TMP_MOCK_FILE); | ||
34 | |||
35 | $this->container->loginManager = $this->createMock(LoginManager::class); | ||
36 | $this->container->updater = $this->createMock(Updater::class); | ||
37 | |||
38 | $this->container->environment = ['REQUEST_URI' => 'http://shaarli/subfolder/path']; | ||
39 | |||
40 | $this->middleware = new ShaarliAdminMiddleware($this->container); | ||
41 | } | ||
42 | |||
43 | public function tearDown(): void | ||
44 | { | ||
45 | unlink(static::TMP_MOCK_FILE); | ||
46 | } | ||
47 | |||
48 | /** | ||
49 | * Try to access an admin controller while logged out -> redirected to login page. | ||
50 | */ | ||
51 | public function testMiddlewareWhileLoggedOut(): void | ||
52 | { | ||
53 | $this->container->loginManager->expects(static::once())->method('isLoggedIn')->willReturn(false); | ||
54 | |||
55 | $request = $this->createMock(Request::class); | ||
56 | $request->method('getUri')->willReturnCallback(function (): Uri { | ||
57 | $uri = $this->createMock(Uri::class); | ||
58 | $uri->method('getBasePath')->willReturn('/subfolder'); | ||
59 | |||
60 | return $uri; | ||
61 | }); | ||
62 | |||
63 | $response = new Response(); | ||
64 | |||
65 | /** @var Response $result */ | ||
66 | $result = $this->middleware->__invoke($request, $response, function () {}); | ||
67 | |||
68 | static::assertSame(302, $result->getStatusCode()); | ||
69 | static::assertSame( | ||
70 | '/subfolder/login?returnurl=' . urlencode('http://shaarli/subfolder/path'), | ||
71 | $result->getHeader('location')[0] | ||
72 | ); | ||
73 | } | ||
74 | |||
75 | /** | ||
76 | * Process controller while logged in. | ||
77 | */ | ||
78 | public function testMiddlewareWhileLoggedIn(): void | ||
79 | { | ||
80 | $this->container->loginManager->method('isLoggedIn')->willReturn(true); | ||
81 | |||
82 | $request = $this->createMock(Request::class); | ||
83 | $request->method('getUri')->willReturnCallback(function (): Uri { | ||
84 | $uri = $this->createMock(Uri::class); | ||
85 | $uri->method('getBasePath')->willReturn('/subfolder'); | ||
86 | |||
87 | return $uri; | ||
88 | }); | ||
89 | |||
90 | $response = new Response(); | ||
91 | $controller = function (Request $request, Response $response): Response { | ||
92 | return $response->withStatus(418); // I'm a tea pot | ||
93 | }; | ||
94 | |||
95 | /** @var Response $result */ | ||
96 | $result = $this->middleware->__invoke($request, $response, $controller); | ||
97 | |||
98 | static::assertSame(418, $result->getStatusCode()); | ||
99 | } | ||
100 | } | ||
diff --git a/tests/front/ShaarliMiddlewareTest.php b/tests/front/ShaarliMiddlewareTest.php index 09bebd04..d435f506 100644 --- a/tests/front/ShaarliMiddlewareTest.php +++ b/tests/front/ShaarliMiddlewareTest.php | |||
@@ -43,7 +43,7 @@ class ShaarliMiddlewareTest extends TestCase | |||
43 | $this->middleware = new ShaarliMiddleware($this->container); | 43 | $this->middleware = new ShaarliMiddleware($this->container); |
44 | } | 44 | } |
45 | 45 | ||
46 | public function tearDown() | 46 | public function tearDown(): void |
47 | { | 47 | { |
48 | unlink(static::TMP_MOCK_FILE); | 48 | unlink(static::TMP_MOCK_FILE); |
49 | } | 49 | } |
diff --git a/tests/front/controller/admin/SessionFilterControllerTest.php b/tests/front/controller/admin/SessionFilterControllerTest.php index 7d5511ed..d306c6e9 100644 --- a/tests/front/controller/admin/SessionFilterControllerTest.php +++ b/tests/front/controller/admin/SessionFilterControllerTest.php | |||
@@ -174,55 +174,4 @@ class SessionFilterControllerTest extends TestCase | |||
174 | static::assertSame(302, $result->getStatusCode()); | 174 | static::assertSame(302, $result->getStatusCode()); |
175 | static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location')); | 175 | static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location')); |
176 | } | 176 | } |
177 | |||
178 | /** | ||
179 | * Untagged only - valid call | ||
180 | */ | ||
181 | public function testUntaggedOnly(): void | ||
182 | { | ||
183 | $this->container->environment = ['HTTP_REFERER' => 'http://shaarli/subfolder/controller/?searchtag=abc']; | ||
184 | |||
185 | $request = $this->createMock(Request::class); | ||
186 | $response = new Response(); | ||
187 | |||
188 | $this->container->sessionManager | ||
189 | ->expects(static::once()) | ||
190 | ->method('setSessionParameter') | ||
191 | ->with(SessionManager::KEY_UNTAGGED_ONLY, true) | ||
192 | ; | ||
193 | |||
194 | $result = $this->controller->untaggedOnly($request, $response); | ||
195 | |||
196 | static::assertInstanceOf(Response::class, $result); | ||
197 | static::assertSame(302, $result->getStatusCode()); | ||
198 | static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location')); | ||
199 | } | ||
200 | |||
201 | /** | ||
202 | * Untagged only - toggle off | ||
203 | */ | ||
204 | public function testUntaggedOnlyToggleOff(): void | ||
205 | { | ||
206 | $this->container->environment = ['HTTP_REFERER' => 'http://shaarli/subfolder/controller/?searchtag=abc']; | ||
207 | |||
208 | $request = $this->createMock(Request::class); | ||
209 | $response = new Response(); | ||
210 | |||
211 | $this->container->sessionManager | ||
212 | ->method('getSessionParameter') | ||
213 | ->with(SessionManager::KEY_UNTAGGED_ONLY) | ||
214 | ->willReturn(true) | ||
215 | ; | ||
216 | $this->container->sessionManager | ||
217 | ->expects(static::once()) | ||
218 | ->method('setSessionParameter') | ||
219 | ->with(SessionManager::KEY_UNTAGGED_ONLY, false) | ||
220 | ; | ||
221 | |||
222 | $result = $this->controller->untaggedOnly($request, $response); | ||
223 | |||
224 | static::assertInstanceOf(Response::class, $result); | ||
225 | static::assertSame(302, $result->getStatusCode()); | ||
226 | static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location')); | ||
227 | } | ||
228 | } | 177 | } |
diff --git a/tests/front/controller/admin/ShaarliAdminControllerTest.php b/tests/front/controller/admin/ShaarliAdminControllerTest.php index 7c5f50a6..fff427cb 100644 --- a/tests/front/controller/admin/ShaarliAdminControllerTest.php +++ b/tests/front/controller/admin/ShaarliAdminControllerTest.php | |||
@@ -5,9 +5,7 @@ declare(strict_types=1); | |||
5 | namespace Shaarli\Front\Controller\Admin; | 5 | namespace Shaarli\Front\Controller\Admin; |
6 | 6 | ||
7 | use PHPUnit\Framework\TestCase; | 7 | use PHPUnit\Framework\TestCase; |
8 | use Shaarli\Front\Exception\UnauthorizedException; | ||
9 | use Shaarli\Front\Exception\WrongTokenException; | 8 | use Shaarli\Front\Exception\WrongTokenException; |
10 | use Shaarli\Security\LoginManager; | ||
11 | use Shaarli\Security\SessionManager; | 9 | use Shaarli\Security\SessionManager; |
12 | use Slim\Http\Request; | 10 | use Slim\Http\Request; |
13 | 11 | ||
@@ -53,19 +51,6 @@ class ShaarliAdminControllerTest extends TestCase | |||
53 | } | 51 | } |
54 | 52 | ||
55 | /** | 53 | /** |
56 | * Creating an instance of an admin controller while logged out should raise an exception. | ||
57 | */ | ||
58 | public function testInstantiateWhileLoggedOut(): void | ||
59 | { | ||
60 | $this->expectException(UnauthorizedException::class); | ||
61 | |||
62 | $this->container->loginManager = $this->createMock(LoginManager::class); | ||
63 | $this->container->loginManager->method('isLoggedIn')->willReturn(false); | ||
64 | |||
65 | $this->controller = new class($this->container) extends ShaarliAdminController {}; | ||
66 | } | ||
67 | |||
68 | /** | ||
69 | * Trigger controller's checkToken with a valid token. | 54 | * Trigger controller's checkToken with a valid token. |
70 | */ | 55 | */ |
71 | public function testCheckTokenWithValidToken(): void | 56 | public function testCheckTokenWithValidToken(): void |
diff --git a/tests/front/controller/visitor/PublicSessionFilterControllerTest.php b/tests/front/controller/visitor/PublicSessionFilterControllerTest.php index 3aa1cb99..06352750 100644 --- a/tests/front/controller/visitor/PublicSessionFilterControllerTest.php +++ b/tests/front/controller/visitor/PublicSessionFilterControllerTest.php | |||
@@ -68,4 +68,55 @@ class PublicSessionFilterControllerTest extends TestCase | |||
68 | static::assertSame(302, $result->getStatusCode()); | 68 | static::assertSame(302, $result->getStatusCode()); |
69 | static::assertSame(['/subfolder/'], $result->getHeader('location')); | 69 | static::assertSame(['/subfolder/'], $result->getHeader('location')); |
70 | } | 70 | } |
71 | |||
72 | /** | ||
73 | * Untagged only - valid call | ||
74 | */ | ||
75 | public function testUntaggedOnly(): void | ||
76 | { | ||
77 | $this->container->environment = ['HTTP_REFERER' => 'http://shaarli/subfolder/controller/?searchtag=abc']; | ||
78 | |||
79 | $request = $this->createMock(Request::class); | ||
80 | $response = new Response(); | ||
81 | |||
82 | $this->container->sessionManager | ||
83 | ->expects(static::once()) | ||
84 | ->method('setSessionParameter') | ||
85 | ->with(SessionManager::KEY_UNTAGGED_ONLY, true) | ||
86 | ; | ||
87 | |||
88 | $result = $this->controller->untaggedOnly($request, $response); | ||
89 | |||
90 | static::assertInstanceOf(Response::class, $result); | ||
91 | static::assertSame(302, $result->getStatusCode()); | ||
92 | static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location')); | ||
93 | } | ||
94 | |||
95 | /** | ||
96 | * Untagged only - toggle off | ||
97 | */ | ||
98 | public function testUntaggedOnlyToggleOff(): void | ||
99 | { | ||
100 | $this->container->environment = ['HTTP_REFERER' => 'http://shaarli/subfolder/controller/?searchtag=abc']; | ||
101 | |||
102 | $request = $this->createMock(Request::class); | ||
103 | $response = new Response(); | ||
104 | |||
105 | $this->container->sessionManager | ||
106 | ->method('getSessionParameter') | ||
107 | ->with(SessionManager::KEY_UNTAGGED_ONLY) | ||
108 | ->willReturn(true) | ||
109 | ; | ||
110 | $this->container->sessionManager | ||
111 | ->expects(static::once()) | ||
112 | ->method('setSessionParameter') | ||
113 | ->with(SessionManager::KEY_UNTAGGED_ONLY, false) | ||
114 | ; | ||
115 | |||
116 | $result = $this->controller->untaggedOnly($request, $response); | ||
117 | |||
118 | static::assertInstanceOf(Response::class, $result); | ||
119 | static::assertSame(302, $result->getStatusCode()); | ||
120 | static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location')); | ||
121 | } | ||
71 | } | 122 | } |
diff --git a/tests/legacy/LegacyControllerTest.php b/tests/legacy/LegacyControllerTest.php index ff4520a3..759a5b2a 100644 --- a/tests/legacy/LegacyControllerTest.php +++ b/tests/legacy/LegacyControllerTest.php | |||
@@ -73,8 +73,8 @@ class LegacyControllerTest extends TestCase | |||
73 | ['addlink', [], '/login', false], | 73 | ['addlink', [], '/login', false], |
74 | ['login', [], '/login', true], | 74 | ['login', [], '/login', true], |
75 | ['login', [], '/login', false], | 75 | ['login', [], '/login', false], |
76 | ['logout', [], '/logout', true], | 76 | ['logout', [], '/admin/logout', true], |
77 | ['logout', [], '/logout', false], | 77 | ['logout', [], '/admin/logout', false], |
78 | ['picwall', [], '/picture-wall', false], | 78 | ['picwall', [], '/picture-wall', false], |
79 | ['picwall', [], '/picture-wall', true], | 79 | ['picwall', [], '/picture-wall', true], |
80 | ['tagcloud', [], '/tags/cloud', false], | 80 | ['tagcloud', [], '/tags/cloud', false], |