aboutsummaryrefslogtreecommitdiffhomepage
path: root/tests/security/SessionManagerTest.php
diff options
context:
space:
mode:
Diffstat (limited to 'tests/security/SessionManagerTest.php')
-rw-r--r--tests/security/SessionManagerTest.php91
1 files changed, 73 insertions, 18 deletions
diff --git a/tests/security/SessionManagerTest.php b/tests/security/SessionManagerTest.php
index f264505e..6830d714 100644
--- a/tests/security/SessionManagerTest.php
+++ b/tests/security/SessionManagerTest.php
@@ -1,12 +1,9 @@
1<?php 1<?php
2require_once 'tests/utils/FakeConfigManager.php';
3 2
4// Initialize reference data _before_ PHPUnit starts a session 3namespace Shaarli\Security;
5require_once 'tests/utils/ReferenceSessionIdHashes.php';
6ReferenceSessionIdHashes::genAllHashes();
7 4
8use PHPUnit\Framework\TestCase; 5use Shaarli\FakeConfigManager;
9use Shaarli\Security\SessionManager; 6use Shaarli\TestCase;
10 7
11/** 8/**
12 * Test coverage for SessionManager 9 * Test coverage for SessionManager
@@ -16,7 +13,7 @@ class SessionManagerTest extends TestCase
16 /** @var array Session ID hashes */ 13 /** @var array Session ID hashes */
17 protected static $sidHashes = null; 14 protected static $sidHashes = null;
18 15
19 /** @var \FakeConfigManager ConfigManager substitute for testing */ 16 /** @var FakeConfigManager ConfigManager substitute for testing */
20 protected $conf = null; 17 protected $conf = null;
21 18
22 /** @var array $_SESSION array for testing */ 19 /** @var array $_SESSION array for testing */
@@ -28,15 +25,15 @@ class SessionManagerTest extends TestCase
28 /** 25 /**
29 * Assign reference data 26 * Assign reference data
30 */ 27 */
31 public static function setUpBeforeClass() 28 public static function setUpBeforeClass(): void
32 { 29 {
33 self::$sidHashes = ReferenceSessionIdHashes::getHashes(); 30 self::$sidHashes = \ReferenceSessionIdHashes::getHashes();
34 } 31 }
35 32
36 /** 33 /**
37 * Initialize or reset test resources 34 * Initialize or reset test resources
38 */ 35 */
39 public function setUp() 36 protected function setUp(): void
40 { 37 {
41 $this->conf = new FakeConfigManager([ 38 $this->conf = new FakeConfigManager([
42 'credentials.login' => 'johndoe', 39 'credentials.login' => 'johndoe',
@@ -44,7 +41,7 @@ class SessionManagerTest extends TestCase
44 'security.session_protection_disabled' => false, 41 'security.session_protection_disabled' => false,
45 ]); 42 ]);
46 $this->session = []; 43 $this->session = [];
47 $this->sessionManager = new SessionManager($this->session, $this->conf); 44 $this->sessionManager = new SessionManager($this->session, $this->conf, 'session_path');
48 } 45 }
49 46
50 /** 47 /**
@@ -69,7 +66,7 @@ class SessionManagerTest extends TestCase
69 $token => 1, 66 $token => 1,
70 ], 67 ],
71 ]; 68 ];
72 $sessionManager = new SessionManager($session, $this->conf); 69 $sessionManager = new SessionManager($session, $this->conf, 'session_path');
73 70
74 // check and destroy the token 71 // check and destroy the token
75 $this->assertTrue($sessionManager->checkToken($token)); 72 $this->assertTrue($sessionManager->checkToken($token));
@@ -211,15 +208,16 @@ class SessionManagerTest extends TestCase
211 'expires_on' => time() + 1000, 208 'expires_on' => time() + 1000,
212 'username' => 'johndoe', 209 'username' => 'johndoe',
213 'visibility' => 'public', 210 'visibility' => 'public',
214 'untaggedonly' => false, 211 'untaggedonly' => true,
215 ]; 212 ];
216 $this->sessionManager->logout(); 213 $this->sessionManager->logout();
217 214
218 $this->assertFalse(isset($this->session['ip'])); 215 $this->assertArrayNotHasKey('ip', $this->session);
219 $this->assertFalse(isset($this->session['expires_on'])); 216 $this->assertArrayNotHasKey('expires_on', $this->session);
220 $this->assertFalse(isset($this->session['username'])); 217 $this->assertArrayNotHasKey('username', $this->session);
221 $this->assertFalse(isset($this->session['visibility'])); 218 $this->assertArrayNotHasKey('visibility', $this->session);
222 $this->assertFalse(isset($this->session['untaggedonly'])); 219 $this->assertArrayHasKey('untaggedonly', $this->session);
220 $this->assertTrue($this->session['untaggedonly']);
223 } 221 }
224 222
225 /** 223 /**
@@ -269,4 +267,61 @@ class SessionManagerTest extends TestCase
269 $this->session['ip'] = 'ip_id_one'; 267 $this->session['ip'] = 'ip_id_one';
270 $this->assertTrue($this->sessionManager->hasClientIpChanged('ip_id_two')); 268 $this->assertTrue($this->sessionManager->hasClientIpChanged('ip_id_two'));
271 } 269 }
270
271 /**
272 * Test creating an entry in the session array
273 */
274 public function testSetSessionParameterCreate(): void
275 {
276 $this->sessionManager->setSessionParameter('abc', 'def');
277
278 static::assertSame('def', $this->session['abc']);
279 }
280
281 /**
282 * Test updating an entry in the session array
283 */
284 public function testSetSessionParameterUpdate(): void
285 {
286 $this->session['abc'] = 'ghi';
287
288 $this->sessionManager->setSessionParameter('abc', 'def');
289
290 static::assertSame('def', $this->session['abc']);
291 }
292
293 /**
294 * Test updating an entry in the session array with null value
295 */
296 public function testSetSessionParameterUpdateNull(): void
297 {
298 $this->session['abc'] = 'ghi';
299
300 $this->sessionManager->setSessionParameter('abc', null);
301
302 static::assertArrayHasKey('abc', $this->session);
303 static::assertNull($this->session['abc']);
304 }
305
306 /**
307 * Test deleting an existing entry in the session array
308 */
309 public function testDeleteSessionParameter(): void
310 {
311 $this->session['abc'] = 'def';
312
313 $this->sessionManager->deleteSessionParameter('abc');
314
315 static::assertArrayNotHasKey('abc', $this->session);
316 }
317
318 /**
319 * Test deleting a non existent entry in the session array
320 */
321 public function testDeleteSessionParameterNotExisting(): void
322 {
323 $this->sessionManager->deleteSessionParameter('abc');
324
325 static::assertArrayNotHasKey('abc', $this->session);
326 }
272} 327}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 01:07:40 +0000