aboutsummaryrefslogtreecommitdiffhomepage
path: root/tests
diff options
context:
space:
mode:
authorArthurHoaro <arthur@hoa.ro>2020-08-13 11:08:13 +0200
committerArthurHoaro <arthur@hoa.ro>2020-08-13 11:08:13 +0200
commitbedbb845eec20363b928b424143787dbe988eefe (patch)
tree6b835ca247e39157b333323a539dde3c410c08f5 /tests
parent1a68ae5a29bc33ab80c9cfbe043cb1213551533c (diff)
downloadShaarli-bedbb845eec20363b928b424143787dbe988eefe.tar.gz
Shaarli-bedbb845eec20363b928b424143787dbe988eefe.tar.zst
Shaarli-bedbb845eec20363b928b424143787dbe988eefe.zip
Move all admin controller into a dedicated group
Also handle authentication check in a new middleware for the admin group.
Diffstat (limited to 'tests')
-rw-r--r--tests/front/ShaarliAdminMiddlewareTest.php100
-rw-r--r--tests/front/ShaarliMiddlewareTest.php2
-rw-r--r--tests/front/controller/admin/SessionFilterControllerTest.php51
-rw-r--r--tests/front/controller/admin/ShaarliAdminControllerTest.php15
-rw-r--r--tests/front/controller/visitor/PublicSessionFilterControllerTest.php51
-rw-r--r--tests/legacy/LegacyControllerTest.php4
6 files changed, 154 insertions, 69 deletions
diff --git a/tests/front/ShaarliAdminMiddlewareTest.php b/tests/front/ShaarliAdminMiddlewareTest.php
new file mode 100644
index 00000000..7451330b
--- /dev/null
+++ b/tests/front/ShaarliAdminMiddlewareTest.php
@@ -0,0 +1,100 @@
1<?php
2
3declare(strict_types=1);
4
5namespace Shaarli\Front;
6
7use PHPUnit\Framework\TestCase;
8use Shaarli\Config\ConfigManager;
9use Shaarli\Container\ShaarliContainer;
10use Shaarli\Security\LoginManager;
11use Shaarli\Updater\Updater;
12use Slim\Http\Request;
13use Slim\Http\Response;
14use Slim\Http\Uri;
15
16class ShaarliAdminMiddlewareTest extends TestCase
17{
18 protected const TMP_MOCK_FILE = '.tmp';
19
20 /** @var ShaarliContainer */
21 protected $container;
22
23 /** @var ShaarliMiddleware */
24 protected $middleware;
25
26 public function setUp(): void
27 {
28 $this->container = $this->createMock(ShaarliContainer::class);
29
30 touch(static::TMP_MOCK_FILE);
31
32 $this->container->conf = $this->createMock(ConfigManager::class);
33 $this->container->conf->method('getConfigFileExt')->willReturn(static::TMP_MOCK_FILE);
34
35 $this->container->loginManager = $this->createMock(LoginManager::class);
36 $this->container->updater = $this->createMock(Updater::class);
37
38 $this->container->environment = ['REQUEST_URI' => 'http://shaarli/subfolder/path'];
39
40 $this->middleware = new ShaarliAdminMiddleware($this->container);
41 }
42
43 public function tearDown(): void
44 {
45 unlink(static::TMP_MOCK_FILE);
46 }
47
48 /**
49 * Try to access an admin controller while logged out -> redirected to login page.
50 */
51 public function testMiddlewareWhileLoggedOut(): void
52 {
53 $this->container->loginManager->expects(static::once())->method('isLoggedIn')->willReturn(false);
54
55 $request = $this->createMock(Request::class);
56 $request->method('getUri')->willReturnCallback(function (): Uri {
57 $uri = $this->createMock(Uri::class);
58 $uri->method('getBasePath')->willReturn('/subfolder');
59
60 return $uri;
61 });
62
63 $response = new Response();
64
65 /** @var Response $result */
66 $result = $this->middleware->__invoke($request, $response, function () {});
67
68 static::assertSame(302, $result->getStatusCode());
69 static::assertSame(
70 '/subfolder/login?returnurl=' . urlencode('http://shaarli/subfolder/path'),
71 $result->getHeader('location')[0]
72 );
73 }
74
75 /**
76 * Process controller while logged in.
77 */
78 public function testMiddlewareWhileLoggedIn(): void
79 {
80 $this->container->loginManager->method('isLoggedIn')->willReturn(true);
81
82 $request = $this->createMock(Request::class);
83 $request->method('getUri')->willReturnCallback(function (): Uri {
84 $uri = $this->createMock(Uri::class);
85 $uri->method('getBasePath')->willReturn('/subfolder');
86
87 return $uri;
88 });
89
90 $response = new Response();
91 $controller = function (Request $request, Response $response): Response {
92 return $response->withStatus(418); // I'm a tea pot
93 };
94
95 /** @var Response $result */
96 $result = $this->middleware->__invoke($request, $response, $controller);
97
98 static::assertSame(418, $result->getStatusCode());
99 }
100}
diff --git a/tests/front/ShaarliMiddlewareTest.php b/tests/front/ShaarliMiddlewareTest.php
index 09bebd04..d435f506 100644
--- a/tests/front/ShaarliMiddlewareTest.php
+++ b/tests/front/ShaarliMiddlewareTest.php
@@ -43,7 +43,7 @@ class ShaarliMiddlewareTest extends TestCase
43 $this->middleware = new ShaarliMiddleware($this->container); 43 $this->middleware = new ShaarliMiddleware($this->container);
44 } 44 }
45 45
46 public function tearDown() 46 public function tearDown(): void
47 { 47 {
48 unlink(static::TMP_MOCK_FILE); 48 unlink(static::TMP_MOCK_FILE);
49 } 49 }
diff --git a/tests/front/controller/admin/SessionFilterControllerTest.php b/tests/front/controller/admin/SessionFilterControllerTest.php
index 7d5511ed..d306c6e9 100644
--- a/tests/front/controller/admin/SessionFilterControllerTest.php
+++ b/tests/front/controller/admin/SessionFilterControllerTest.php
@@ -174,55 +174,4 @@ class SessionFilterControllerTest extends TestCase
174 static::assertSame(302, $result->getStatusCode()); 174 static::assertSame(302, $result->getStatusCode());
175 static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location')); 175 static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location'));
176 } 176 }
177
178 /**
179 * Untagged only - valid call
180 */
181 public function testUntaggedOnly(): void
182 {
183 $this->container->environment = ['HTTP_REFERER' => 'http://shaarli/subfolder/controller/?searchtag=abc'];
184
185 $request = $this->createMock(Request::class);
186 $response = new Response();
187
188 $this->container->sessionManager
189 ->expects(static::once())
190 ->method('setSessionParameter')
191 ->with(SessionManager::KEY_UNTAGGED_ONLY, true)
192 ;
193
194 $result = $this->controller->untaggedOnly($request, $response);
195
196 static::assertInstanceOf(Response::class, $result);
197 static::assertSame(302, $result->getStatusCode());
198 static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location'));
199 }
200
201 /**
202 * Untagged only - toggle off
203 */
204 public function testUntaggedOnlyToggleOff(): void
205 {
206 $this->container->environment = ['HTTP_REFERER' => 'http://shaarli/subfolder/controller/?searchtag=abc'];
207
208 $request = $this->createMock(Request::class);
209 $response = new Response();
210
211 $this->container->sessionManager
212 ->method('getSessionParameter')
213 ->with(SessionManager::KEY_UNTAGGED_ONLY)
214 ->willReturn(true)
215 ;
216 $this->container->sessionManager
217 ->expects(static::once())
218 ->method('setSessionParameter')
219 ->with(SessionManager::KEY_UNTAGGED_ONLY, false)
220 ;
221
222 $result = $this->controller->untaggedOnly($request, $response);
223
224 static::assertInstanceOf(Response::class, $result);
225 static::assertSame(302, $result->getStatusCode());
226 static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location'));
227 }
228} 177}
diff --git a/tests/front/controller/admin/ShaarliAdminControllerTest.php b/tests/front/controller/admin/ShaarliAdminControllerTest.php
index 7c5f50a6..fff427cb 100644
--- a/tests/front/controller/admin/ShaarliAdminControllerTest.php
+++ b/tests/front/controller/admin/ShaarliAdminControllerTest.php
@@ -5,9 +5,7 @@ declare(strict_types=1);
5namespace Shaarli\Front\Controller\Admin; 5namespace Shaarli\Front\Controller\Admin;
6 6
7use PHPUnit\Framework\TestCase; 7use PHPUnit\Framework\TestCase;
8use Shaarli\Front\Exception\UnauthorizedException;
9use Shaarli\Front\Exception\WrongTokenException; 8use Shaarli\Front\Exception\WrongTokenException;
10use Shaarli\Security\LoginManager;
11use Shaarli\Security\SessionManager; 9use Shaarli\Security\SessionManager;
12use Slim\Http\Request; 10use Slim\Http\Request;
13 11
@@ -53,19 +51,6 @@ class ShaarliAdminControllerTest extends TestCase
53 } 51 }
54 52
55 /** 53 /**
56 * Creating an instance of an admin controller while logged out should raise an exception.
57 */
58 public function testInstantiateWhileLoggedOut(): void
59 {
60 $this->expectException(UnauthorizedException::class);
61
62 $this->container->loginManager = $this->createMock(LoginManager::class);
63 $this->container->loginManager->method('isLoggedIn')->willReturn(false);
64
65 $this->controller = new class($this->container) extends ShaarliAdminController {};
66 }
67
68 /**
69 * Trigger controller's checkToken with a valid token. 54 * Trigger controller's checkToken with a valid token.
70 */ 55 */
71 public function testCheckTokenWithValidToken(): void 56 public function testCheckTokenWithValidToken(): void
diff --git a/tests/front/controller/visitor/PublicSessionFilterControllerTest.php b/tests/front/controller/visitor/PublicSessionFilterControllerTest.php
index 3aa1cb99..06352750 100644
--- a/tests/front/controller/visitor/PublicSessionFilterControllerTest.php
+++ b/tests/front/controller/visitor/PublicSessionFilterControllerTest.php
@@ -68,4 +68,55 @@ class PublicSessionFilterControllerTest extends TestCase
68 static::assertSame(302, $result->getStatusCode()); 68 static::assertSame(302, $result->getStatusCode());
69 static::assertSame(['/subfolder/'], $result->getHeader('location')); 69 static::assertSame(['/subfolder/'], $result->getHeader('location'));
70 } 70 }
71
72 /**
73 * Untagged only - valid call
74 */
75 public function testUntaggedOnly(): void
76 {
77 $this->container->environment = ['HTTP_REFERER' => 'http://shaarli/subfolder/controller/?searchtag=abc'];
78
79 $request = $this->createMock(Request::class);
80 $response = new Response();
81
82 $this->container->sessionManager
83 ->expects(static::once())
84 ->method('setSessionParameter')
85 ->with(SessionManager::KEY_UNTAGGED_ONLY, true)
86 ;
87
88 $result = $this->controller->untaggedOnly($request, $response);
89
90 static::assertInstanceOf(Response::class, $result);
91 static::assertSame(302, $result->getStatusCode());
92 static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location'));
93 }
94
95 /**
96 * Untagged only - toggle off
97 */
98 public function testUntaggedOnlyToggleOff(): void
99 {
100 $this->container->environment = ['HTTP_REFERER' => 'http://shaarli/subfolder/controller/?searchtag=abc'];
101
102 $request = $this->createMock(Request::class);
103 $response = new Response();
104
105 $this->container->sessionManager
106 ->method('getSessionParameter')
107 ->with(SessionManager::KEY_UNTAGGED_ONLY)
108 ->willReturn(true)
109 ;
110 $this->container->sessionManager
111 ->expects(static::once())
112 ->method('setSessionParameter')
113 ->with(SessionManager::KEY_UNTAGGED_ONLY, false)
114 ;
115
116 $result = $this->controller->untaggedOnly($request, $response);
117
118 static::assertInstanceOf(Response::class, $result);
119 static::assertSame(302, $result->getStatusCode());
120 static::assertSame(['/subfolder/controller/?searchtag=abc'], $result->getHeader('location'));
121 }
71} 122}
diff --git a/tests/legacy/LegacyControllerTest.php b/tests/legacy/LegacyControllerTest.php
index ff4520a3..759a5b2a 100644
--- a/tests/legacy/LegacyControllerTest.php
+++ b/tests/legacy/LegacyControllerTest.php
@@ -73,8 +73,8 @@ class LegacyControllerTest extends TestCase
73 ['addlink', [], '/login', false], 73 ['addlink', [], '/login', false],
74 ['login', [], '/login', true], 74 ['login', [], '/login', true],
75 ['login', [], '/login', false], 75 ['login', [], '/login', false],
76 ['logout', [], '/logout', true], 76 ['logout', [], '/admin/logout', true],
77 ['logout', [], '/logout', false], 77 ['logout', [], '/admin/logout', false],
78 ['picwall', [], '/picture-wall', false], 78 ['picwall', [], '/picture-wall', false],
79 ['picwall', [], '/picture-wall', true], 79 ['picwall', [], '/picture-wall', true],
80 ['tagcloud', [], '/tags/cloud', false], 80 ['tagcloud', [], '/tags/cloud', false],