1
1
Fork 0
mirror of https://code.mensbeam.com/MensBeam/Arsse.git synced 2024-12-23 09:02:41 +00:00
Arsse/tests/lib/Database/SeriesUser.php

164 lines
6.8 KiB
PHP
Raw Normal View History

<?php
/** @license MIT
* Copyright 2017 J. King, Dustin Wilson et al.
* See LICENSE and AUTHORS files for details */
declare(strict_types=1);
namespace JKingWeb\Arsse\Test\Database;
2017-08-29 14:50:31 +00:00
use JKingWeb\Arsse\Arsse;
use JKingWeb\Arsse\User\Driver as UserDriver;
use Phake;
trait SeriesUser {
2017-06-18 16:48:29 +00:00
protected $data = [
'arsse_users' => [
'columns' => [
'id' => 'str',
'password' => 'str',
'name' => 'str',
'rights' => 'int',
],
2017-06-18 16:48:29 +00:00
'rows' => [
["admin@example.net", '$2y$10$PbcG2ZR3Z8TuPzM7aHTF8.v61dtCjzjK78gdZJcp4UePE8T9jEgBW', "Hard Lip Herbert", 100], // password is hash of "secret"
["jane.doe@example.com", "", "Jane Doe", 0],
["john.doe@example.com", "", "John Doe", 0],
2017-06-18 16:48:29 +00:00
],
],
];
2017-08-29 14:50:31 +00:00
public function testCheckThatAUserExists() {
$this->assertTrue(Arsse::$db->userExists("jane.doe@example.com"));
$this->assertFalse(Arsse::$db->userExists("jane.doe@example.org"));
Phake::verify(Arsse::$user)->authorize("jane.doe@example.com", "userExists");
Phake::verify(Arsse::$user)->authorize("jane.doe@example.org", "userExists");
$this->compareExpectations($this->data);
}
2017-08-29 14:50:31 +00:00
public function testCheckThatAUserExistsWithoutAuthority() {
Phake::when(Arsse::$user)->authorize->thenReturn(false);
$this->assertException("notAuthorized", "User", "ExceptionAuthz");
Arsse::$db->userExists("jane.doe@example.com");
}
2017-08-29 14:50:31 +00:00
public function testGetAPassword() {
$hash = Arsse::$db->userPasswordGet("admin@example.net");
$this->assertSame('$2y$10$PbcG2ZR3Z8TuPzM7aHTF8.v61dtCjzjK78gdZJcp4UePE8T9jEgBW', $hash);
Phake::verify(Arsse::$user)->authorize("admin@example.net", "userPasswordGet");
$this->assertTrue(password_verify("secret", $hash));
}
2017-08-29 14:50:31 +00:00
public function testGetThePasswordOfAMissingUser() {
$this->assertException("doesNotExist", "User");
Arsse::$db->userPasswordGet("john.doe@example.org");
}
2017-08-29 14:50:31 +00:00
public function testGetAPasswordWithoutAuthority() {
Phake::when(Arsse::$user)->authorize->thenReturn(false);
$this->assertException("notAuthorized", "User", "ExceptionAuthz");
Arsse::$db->userPasswordGet("admin@example.net");
}
2018-10-26 18:58:04 +00:00
2017-08-29 14:50:31 +00:00
public function testAddANewUser() {
$this->assertSame("", Arsse::$db->userAdd("john.doe@example.org", ""));
Phake::verify(Arsse::$user)->authorize("john.doe@example.org", "userAdd");
$state = $this->primeExpectations($this->data, ['arsse_users' => ['id','name','rights']]);
$state['arsse_users']['rows'][] = ["john.doe@example.org", null, 0];
$this->compareExpectations($state);
}
/**
* @depends testGetAPassword
* @depends testAddANewUser
*/
2017-08-29 14:50:31 +00:00
public function testAddANewUserWithARandomPassword() {
$user1 = "john.doe@example.org";
$user2 = "john.doe@example.net";
$pass1 = Arsse::$db->userAdd($user1);
$pass2 = Arsse::$db->userAdd($user2);
$this->assertSame(Arsse::$conf->userTempPasswordLength, strlen($pass1));
$this->assertSame(Arsse::$conf->userTempPasswordLength, strlen($pass2));
$this->assertNotEquals($pass1, $pass2);
$hash1 = Arsse::$db->userPasswordGet($user1);
$hash2 = Arsse::$db->userPasswordGet($user2);
Phake::verify(Arsse::$user)->authorize($user1, "userAdd");
Phake::verify(Arsse::$user)->authorize($user2, "userAdd");
Phake::verify(Arsse::$user)->authorize($user1, "userPasswordGet");
Phake::verify(Arsse::$user)->authorize($user2, "userPasswordGet");
$this->assertTrue(password_verify($pass1, $hash1), "Failed verifying password of $user1 '$pass1' against hash '$hash1'.");
$this->assertTrue(password_verify($pass2, $hash2), "Failed verifying password of $user2 '$pass2' against hash '$hash2'.");
}
2017-08-29 14:50:31 +00:00
public function testAddAnExistingUser() {
$this->assertException("alreadyExists", "User");
Arsse::$db->userAdd("john.doe@example.com", "");
}
2017-08-29 14:50:31 +00:00
public function testAddANewUserWithoutAuthority() {
Phake::when(Arsse::$user)->authorize->thenReturn(false);
$this->assertException("notAuthorized", "User", "ExceptionAuthz");
Arsse::$db->userAdd("john.doe@example.org", "");
}
2018-10-26 18:58:04 +00:00
2017-08-29 14:50:31 +00:00
public function testRemoveAUser() {
$this->assertTrue(Arsse::$db->userRemove("admin@example.net"));
Phake::verify(Arsse::$user)->authorize("admin@example.net", "userRemove");
$state = $this->primeExpectations($this->data, ['arsse_users' => ['id']]);
array_shift($state['arsse_users']['rows']);
$this->compareExpectations($state);
}
2017-08-29 14:50:31 +00:00
public function testRemoveAMissingUser() {
$this->assertException("doesNotExist", "User");
Arsse::$db->userRemove("john.doe@example.org");
}
2018-10-26 18:58:04 +00:00
2017-08-29 14:50:31 +00:00
public function testRemoveAUserWithoutAuthority() {
Phake::when(Arsse::$user)->authorize->thenReturn(false);
$this->assertException("notAuthorized", "User", "ExceptionAuthz");
Arsse::$db->userRemove("admin@example.net");
}
2017-08-29 14:50:31 +00:00
public function testListAllUsers() {
$users = ["admin@example.net", "jane.doe@example.com", "john.doe@example.com"];
$this->assertSame($users, Arsse::$db->userList());
Phake::verify(Arsse::$user)->authorize("", "userList");
}
2017-08-29 14:50:31 +00:00
public function testListAllUsersWithoutAuthority() {
Phake::when(Arsse::$user)->authorize->thenReturn(false);
$this->assertException("notAuthorized", "User", "ExceptionAuthz");
Arsse::$db->userList();
}
2018-10-26 18:58:04 +00:00
/**
* @depends testGetAPassword
*/
2017-08-29 14:50:31 +00:00
public function testSetAPassword() {
$user = "john.doe@example.com";
$this->assertEquals("", Arsse::$db->userPasswordGet($user));
$pass = Arsse::$db->userPasswordSet($user, "secret");
$hash = Arsse::$db->userPasswordGet($user);
$this->assertNotEquals("", $hash);
Phake::verify(Arsse::$user)->authorize($user, "userPasswordSet");
$this->assertTrue(password_verify($pass, $hash), "Failed verifying password of $user '$pass' against hash '$hash'.");
}
2017-08-29 14:50:31 +00:00
public function testSetARandomPassword() {
$user = "john.doe@example.com";
$this->assertEquals("", Arsse::$db->userPasswordGet($user));
$pass = Arsse::$db->userPasswordSet($user);
$hash = Arsse::$db->userPasswordGet($user);
}
2017-08-29 14:50:31 +00:00
public function testSetThePasswordOfAMissingUser() {
$this->assertException("doesNotExist", "User");
Arsse::$db->userPasswordSet("john.doe@example.org", "secret");
}
2018-10-26 18:58:04 +00:00
2017-08-29 14:50:31 +00:00
public function testSetAPasswordWithoutAuthority() {
Phake::when(Arsse::$user)->authorize->thenReturn(false);
$this->assertException("notAuthorized", "User", "ExceptionAuthz");
Arsse::$db->userPasswordSet("john.doe@example.com", "secret");
}
2017-08-29 14:50:31 +00:00
}