From 2899ebb5b5e82890c877151f5c02045266ac9973 Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Fri, 22 May 2020 13:20:31 +0200 Subject: Initialize admin Slim controllers - Reorganize visitor controllers - Fix redirection with Slim's requests base path - Fix daily links --- .../controller/visitor/LoginControllerTest.php | 144 +++++++++++++++++++++ 1 file changed, 144 insertions(+) create mode 100644 tests/front/controller/visitor/LoginControllerTest.php (limited to 'tests/front/controller/visitor/LoginControllerTest.php') diff --git a/tests/front/controller/visitor/LoginControllerTest.php b/tests/front/controller/visitor/LoginControllerTest.php new file mode 100644 index 00000000..9d223316 --- /dev/null +++ b/tests/front/controller/visitor/LoginControllerTest.php @@ -0,0 +1,144 @@ +createContainer(); + + $this->controller = new LoginController($this->container); + } + + public function testValidControllerInvoke(): void + { + $this->createValidContainerMockSet(); + + $request = $this->createMock(Request::class); + $request->expects(static::once())->method('getServerParam')->willReturn('> referer'); + $response = new Response(); + + $assignedVariables = []; + $this->container->pageBuilder + ->method('assign') + ->willReturnCallback(function ($key, $value) use (&$assignedVariables) { + $assignedVariables[$key] = $value; + + return $this; + }) + ; + + $this->container->loginManager->method('canLogin')->willReturn(true); + + $result = $this->controller->index($request, $response); + + static::assertInstanceOf(Response::class, $result); + static::assertSame(200, $result->getStatusCode()); + static::assertSame('loginform', (string) $result->getBody()); + + static::assertSame('> referer', $assignedVariables['returnurl']); + static::assertSame(true, $assignedVariables['remember_user_default']); + static::assertSame('Login - Shaarli', $assignedVariables['pagetitle']); + } + + public function testValidControllerInvokeWithUserName(): void + { + $this->createValidContainerMockSet(); + + $request = $this->createMock(Request::class); + $request->expects(static::once())->method('getServerParam')->willReturn('> referer'); + $request->expects(static::exactly(2))->method('getParam')->willReturn('myUser>'); + $response = new Response(); + + $assignedVariables = []; + $this->container->pageBuilder + ->method('assign') + ->willReturnCallback(function ($key, $value) use (&$assignedVariables) { + $assignedVariables[$key] = $value; + + return $this; + }) + ; + + $this->container->loginManager->expects(static::once())->method('canLogin')->willReturn(true); + + $result = $this->controller->index($request, $response); + + static::assertInstanceOf(Response::class, $result); + static::assertSame(200, $result->getStatusCode()); + static::assertSame('loginform', (string) $result->getBody()); + + static::assertSame('myUser>', $assignedVariables['username']); + static::assertSame('> referer', $assignedVariables['returnurl']); + static::assertSame(true, $assignedVariables['remember_user_default']); + static::assertSame('Login - Shaarli', $assignedVariables['pagetitle']); + } + + public function testLoginControllerWhileLoggedIn(): void + { + $this->createValidContainerMockSet(); + + $request = $this->createMock(Request::class); + $response = new Response(); + + $this->container->loginManager->expects(static::once())->method('isLoggedIn')->willReturn(true); + + $result = $this->controller->index($request, $response); + + static::assertInstanceOf(Response::class, $result); + static::assertSame(302, $result->getStatusCode()); + static::assertSame(['./'], $result->getHeader('Location')); + } + + public function testLoginControllerOpenShaarli(): void + { + $this->createValidContainerMockSet(); + + $request = $this->createMock(Request::class); + $response = new Response(); + + $conf = $this->createMock(ConfigManager::class); + $conf->method('get')->willReturnCallback(function (string $parameter, $default) { + if ($parameter === 'security.open_shaarli') { + return true; + } + return $default; + }); + $this->container->conf = $conf; + + $result = $this->controller->index($request, $response); + + static::assertInstanceOf(Response::class, $result); + static::assertSame(302, $result->getStatusCode()); + static::assertSame(['./'], $result->getHeader('Location')); + } + + public function testLoginControllerWhileBanned(): void + { + $this->createValidContainerMockSet(); + + $request = $this->createMock(Request::class); + $response = new Response(); + + $this->container->loginManager->method('isLoggedIn')->willReturn(false); + $this->container->loginManager->method('canLogin')->willReturn(false); + + $this->expectException(LoginBannedException::class); + + $this->controller->index($request, $response); + } +} -- cgit v1.2.3 From ef00f9d2033f6de11e71bf3a909399cae6f73a9f Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Wed, 27 May 2020 13:35:48 +0200 Subject: Process password change controller through Slim --- tests/front/controller/visitor/LoginControllerTest.php | 10 ---------- 1 file changed, 10 deletions(-) (limited to 'tests/front/controller/visitor/LoginControllerTest.php') diff --git a/tests/front/controller/visitor/LoginControllerTest.php b/tests/front/controller/visitor/LoginControllerTest.php index 9d223316..faa8ac71 100644 --- a/tests/front/controller/visitor/LoginControllerTest.php +++ b/tests/front/controller/visitor/LoginControllerTest.php @@ -26,8 +26,6 @@ class LoginControllerTest extends TestCase public function testValidControllerInvoke(): void { - $this->createValidContainerMockSet(); - $request = $this->createMock(Request::class); $request->expects(static::once())->method('getServerParam')->willReturn('> referer'); $response = new Response(); @@ -57,8 +55,6 @@ class LoginControllerTest extends TestCase public function testValidControllerInvokeWithUserName(): void { - $this->createValidContainerMockSet(); - $request = $this->createMock(Request::class); $request->expects(static::once())->method('getServerParam')->willReturn('> referer'); $request->expects(static::exactly(2))->method('getParam')->willReturn('myUser>'); @@ -90,8 +86,6 @@ class LoginControllerTest extends TestCase public function testLoginControllerWhileLoggedIn(): void { - $this->createValidContainerMockSet(); - $request = $this->createMock(Request::class); $response = new Response(); @@ -106,8 +100,6 @@ class LoginControllerTest extends TestCase public function testLoginControllerOpenShaarli(): void { - $this->createValidContainerMockSet(); - $request = $this->createMock(Request::class); $response = new Response(); @@ -129,8 +121,6 @@ class LoginControllerTest extends TestCase public function testLoginControllerWhileBanned(): void { - $this->createValidContainerMockSet(); - $request = $this->createMock(Request::class); $response = new Response(); -- cgit v1.2.3 From 9c75f877935fa6adec951a4d8d32b328aaab314f Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Sat, 13 Jun 2020 13:08:01 +0200 Subject: Use multi-level routes for existing controllers instead of 1 level everywhere Also prefix most admin routes with /admin/ --- tests/front/controller/visitor/LoginControllerTest.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests/front/controller/visitor/LoginControllerTest.php') diff --git a/tests/front/controller/visitor/LoginControllerTest.php b/tests/front/controller/visitor/LoginControllerTest.php index faa8ac71..e57f44b9 100644 --- a/tests/front/controller/visitor/LoginControllerTest.php +++ b/tests/front/controller/visitor/LoginControllerTest.php @@ -95,7 +95,7 @@ class LoginControllerTest extends TestCase static::assertInstanceOf(Response::class, $result); static::assertSame(302, $result->getStatusCode()); - static::assertSame(['./'], $result->getHeader('Location')); + static::assertSame(['/subfolder/'], $result->getHeader('Location')); } public function testLoginControllerOpenShaarli(): void @@ -116,7 +116,7 @@ class LoginControllerTest extends TestCase static::assertInstanceOf(Response::class, $result); static::assertSame(302, $result->getStatusCode()); - static::assertSame(['./'], $result->getHeader('Location')); + static::assertSame(['/subfolder/'], $result->getHeader('Location')); } public function testLoginControllerWhileBanned(): void -- cgit v1.2.3 From a8c11451e8d885a243c1ad52012093ba8d121e2c Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Tue, 21 Jul 2020 20:33:33 +0200 Subject: Process login through Slim controller --- .../controller/visitor/LoginControllerTest.php | 278 ++++++++++++++++++++- 1 file changed, 274 insertions(+), 4 deletions(-) (limited to 'tests/front/controller/visitor/LoginControllerTest.php') diff --git a/tests/front/controller/visitor/LoginControllerTest.php b/tests/front/controller/visitor/LoginControllerTest.php index e57f44b9..0a21f938 100644 --- a/tests/front/controller/visitor/LoginControllerTest.php +++ b/tests/front/controller/visitor/LoginControllerTest.php @@ -7,6 +7,10 @@ namespace Shaarli\Front\Controller\Visitor; use PHPUnit\Framework\TestCase; use Shaarli\Config\ConfigManager; use Shaarli\Front\Exception\LoginBannedException; +use Shaarli\Front\Exception\WrongTokenException; +use Shaarli\Render\TemplatePage; +use Shaarli\Security\CookieManager; +use Shaarli\Security\SessionManager; use Slim\Http\Request; use Slim\Http\Response; @@ -21,13 +25,25 @@ class LoginControllerTest extends TestCase { $this->createContainer(); + $this->container->cookieManager = $this->createMock(CookieManager::class); + $this->container->sessionManager->method('checkToken')->willReturn(true); + $this->controller = new LoginController($this->container); } + /** + * Test displaying login form with valid parameters. + */ public function testValidControllerInvoke(): void { $request = $this->createMock(Request::class); - $request->expects(static::once())->method('getServerParam')->willReturn('> referer'); + $request + ->expects(static::atLeastOnce()) + ->method('getParam') + ->willReturnCallback(function (string $key) { + return 'returnurl' === $key ? '> referer' : null; + }) + ; $response = new Response(); $assignedVariables = []; @@ -46,18 +62,32 @@ class LoginControllerTest extends TestCase static::assertInstanceOf(Response::class, $result); static::assertSame(200, $result->getStatusCode()); - static::assertSame('loginform', (string) $result->getBody()); + static::assertSame(TemplatePage::LOGIN, (string) $result->getBody()); static::assertSame('> referer', $assignedVariables['returnurl']); static::assertSame(true, $assignedVariables['remember_user_default']); static::assertSame('Login - Shaarli', $assignedVariables['pagetitle']); } + /** + * Test displaying login form with username defined in the request. + */ public function testValidControllerInvokeWithUserName(): void { + $this->container->environment = ['HTTP_REFERER' => '> referer']; + $request = $this->createMock(Request::class); - $request->expects(static::once())->method('getServerParam')->willReturn('> referer'); - $request->expects(static::exactly(2))->method('getParam')->willReturn('myUser>'); + $request + ->expects(static::atLeastOnce()) + ->method('getParam') + ->willReturnCallback(function (string $key, $default) { + if ('login' === $key) { + return 'myUser>'; + } + + return $default; + }) + ; $response = new Response(); $assignedVariables = []; @@ -84,6 +114,9 @@ class LoginControllerTest extends TestCase static::assertSame('Login - Shaarli', $assignedVariables['pagetitle']); } + /** + * Test displaying login page while being logged in. + */ public function testLoginControllerWhileLoggedIn(): void { $request = $this->createMock(Request::class); @@ -98,6 +131,9 @@ class LoginControllerTest extends TestCase static::assertSame(['/subfolder/'], $result->getHeader('Location')); } + /** + * Test displaying login page with open shaarli configured: redirect to homepage. + */ public function testLoginControllerOpenShaarli(): void { $request = $this->createMock(Request::class); @@ -119,6 +155,9 @@ class LoginControllerTest extends TestCase static::assertSame(['/subfolder/'], $result->getHeader('Location')); } + /** + * Test displaying login page while being banned. + */ public function testLoginControllerWhileBanned(): void { $request = $this->createMock(Request::class); @@ -131,4 +170,235 @@ class LoginControllerTest extends TestCase $this->controller->index($request, $response); } + + /** + * Test processing login with valid parameters. + */ + public function testProcessLoginWithValidParameters(): void + { + $parameters = [ + 'login' => 'bob', + 'password' => 'pass', + ]; + $request = $this->createMock(Request::class); + $request + ->expects(static::atLeastOnce()) + ->method('getParam') + ->willReturnCallback(function (string $key) use ($parameters) { + return $parameters[$key] ?? null; + }) + ; + $response = new Response(); + + $this->container->loginManager->method('canLogin')->willReturn(true); + $this->container->loginManager->expects(static::once())->method('handleSuccessfulLogin'); + $this->container->loginManager + ->expects(static::once()) + ->method('checkCredentials') + ->with('1.2.3.4', '1.2.3.4', 'bob', 'pass') + ->willReturn(true) + ; + $this->container->loginManager->method('getStaySignedInToken')->willReturn(bin2hex(random_bytes(8))); + + $this->container->sessionManager->expects(static::never())->method('extendSession'); + $this->container->sessionManager->expects(static::once())->method('destroy'); + $this->container->sessionManager + ->expects(static::once()) + ->method('cookieParameters') + ->with(0, '/subfolder/', 'shaarli') + ; + $this->container->sessionManager->expects(static::once())->method('start'); + $this->container->sessionManager->expects(static::once())->method('regenerateId')->with(true); + + $result = $this->controller->login($request, $response); + + static::assertSame(302, $result->getStatusCode()); + static::assertSame('/subfolder/', $result->getHeader('location')[0]); + } + + /** + * Test processing login with return URL. + */ + public function testProcessLoginWithReturnUrl(): void + { + $parameters = [ + 'returnurl' => 'http://shaarli/subfolder/admin/shaare', + ]; + $request = $this->createMock(Request::class); + $request + ->expects(static::atLeastOnce()) + ->method('getParam') + ->willReturnCallback(function (string $key) use ($parameters) { + return $parameters[$key] ?? null; + }) + ; + $response = new Response(); + + $this->container->loginManager->method('canLogin')->willReturn(true); + $this->container->loginManager->expects(static::once())->method('handleSuccessfulLogin'); + $this->container->loginManager->expects(static::once())->method('checkCredentials')->willReturn(true); + $this->container->loginManager->method('getStaySignedInToken')->willReturn(bin2hex(random_bytes(8))); + + $result = $this->controller->login($request, $response); + + static::assertSame(302, $result->getStatusCode()); + static::assertSame('/subfolder/admin/shaare', $result->getHeader('location')[0]); + } + + /** + * Test processing login with remember me session enabled. + */ + public function testProcessLoginLongLastingSession(): void + { + $parameters = [ + 'longlastingsession' => true, + ]; + $request = $this->createMock(Request::class); + $request + ->expects(static::atLeastOnce()) + ->method('getParam') + ->willReturnCallback(function (string $key) use ($parameters) { + return $parameters[$key] ?? null; + }) + ; + $response = new Response(); + + $this->container->loginManager->method('canLogin')->willReturn(true); + $this->container->loginManager->expects(static::once())->method('handleSuccessfulLogin'); + $this->container->loginManager->expects(static::once())->method('checkCredentials')->willReturn(true); + $this->container->loginManager->method('getStaySignedInToken')->willReturn(bin2hex(random_bytes(8))); + + $this->container->sessionManager->expects(static::once())->method('destroy'); + $this->container->sessionManager + ->expects(static::once()) + ->method('cookieParameters') + ->with(42, '/subfolder/', 'shaarli') + ; + $this->container->sessionManager->expects(static::once())->method('start'); + $this->container->sessionManager->expects(static::once())->method('regenerateId')->with(true); + $this->container->sessionManager->expects(static::once())->method('extendSession')->willReturn(42); + + $this->container->cookieManager = $this->createMock(CookieManager::class); + $this->container->cookieManager + ->expects(static::once()) + ->method('setCookieParameter') + ->willReturnCallback(function (string $name): CookieManager { + static::assertSame(CookieManager::STAY_SIGNED_IN, $name); + + return $this->container->cookieManager; + }) + ; + + $result = $this->controller->login($request, $response); + + static::assertSame(302, $result->getStatusCode()); + static::assertSame('/subfolder/', $result->getHeader('location')[0]); + } + + /** + * Test processing login with invalid credentials + */ + public function testProcessLoginWrongCredentials(): void + { + $parameters = [ + 'returnurl' => 'http://shaarli/subfolder/admin/shaare', + ]; + $request = $this->createMock(Request::class); + $request + ->expects(static::atLeastOnce()) + ->method('getParam') + ->willReturnCallback(function (string $key) use ($parameters) { + return $parameters[$key] ?? null; + }) + ; + $response = new Response(); + + $this->container->loginManager->method('canLogin')->willReturn(true); + $this->container->loginManager->expects(static::once())->method('handleFailedLogin'); + $this->container->loginManager->expects(static::once())->method('checkCredentials')->willReturn(false); + + $this->container->sessionManager + ->expects(static::once()) + ->method('setSessionParameter') + ->with(SessionManager::KEY_ERROR_MESSAGES, ['Wrong login/password.']) + ; + + $result = $this->controller->login($request, $response); + + static::assertSame(200, $result->getStatusCode()); + static::assertSame(TemplatePage::LOGIN, (string) $result->getBody()); + } + + /** + * Test processing login with wrong token + */ + public function testProcessLoginWrongToken(): void + { + $request = $this->createMock(Request::class); + $response = new Response(); + + $this->container->sessionManager = $this->createMock(SessionManager::class); + $this->container->sessionManager->method('checkToken')->willReturn(false); + + $this->expectException(WrongTokenException::class); + + $this->controller->login($request, $response); + } + + /** + * Test processing login with wrong token + */ + public function testProcessLoginAlreadyLoggedIn(): void + { + $request = $this->createMock(Request::class); + $response = new Response(); + + $this->container->loginManager->method('isLoggedIn')->willReturn(true); + $this->container->loginManager->expects(static::never())->method('handleSuccessfulLogin'); + $this->container->loginManager->expects(static::never())->method('handleFailedLogin'); + + $result = $this->controller->login($request, $response); + + static::assertSame(302, $result->getStatusCode()); + static::assertSame('/subfolder/', $result->getHeader('location')[0]); + } + + /** + * Test processing login with wrong token + */ + public function testProcessLoginInOpenShaarli(): void + { + $request = $this->createMock(Request::class); + $response = new Response(); + + $this->container->conf = $this->createMock(ConfigManager::class); + $this->container->conf->method('get')->willReturnCallback(function (string $key, $value) { + return 'security.open_shaarli' === $key ? true : $value; + }); + + $this->container->loginManager->expects(static::never())->method('handleSuccessfulLogin'); + $this->container->loginManager->expects(static::never())->method('handleFailedLogin'); + + $result = $this->controller->login($request, $response); + + static::assertSame(302, $result->getStatusCode()); + static::assertSame('/subfolder/', $result->getHeader('location')[0]); + } + + /** + * Test processing login while being banned + */ + public function testProcessLoginWhileBanned(): void + { + $request = $this->createMock(Request::class); + $response = new Response(); + + $this->container->loginManager->method('canLogin')->willReturn(false); + $this->container->loginManager->expects(static::never())->method('handleSuccessfulLogin'); + $this->container->loginManager->expects(static::never())->method('handleFailedLogin'); + + $this->expectException(LoginBannedException::class); + + $this->controller->login($request, $response); + } } -- cgit v1.2.3