2017-03-30 03:41:05 +00:00
|
|
|
<?php
|
2017-11-17 01:23:18 +00:00
|
|
|
/** @license MIT
|
|
|
|
* Copyright 2017 J. King, Dustin Wilson et al.
|
|
|
|
* See LICENSE and AUTHORS files for details */
|
|
|
|
|
2017-03-30 03:41:05 +00:00
|
|
|
declare(strict_types=1);
|
2018-11-23 15:01:17 +00:00
|
|
|
namespace JKingWeb\Arsse\TestCase\Database;
|
2017-08-29 14:50:31 +00:00
|
|
|
|
2017-07-17 11:47:57 +00:00
|
|
|
use JKingWeb\Arsse\Arsse;
|
2017-03-30 03:41:05 +00:00
|
|
|
|
2017-03-31 17:24:00 +00:00
|
|
|
trait SeriesUser {
|
2020-01-20 18:52:48 +00:00
|
|
|
protected function setUpSeriesUser(): void {
|
2018-11-25 05:03:56 +00:00
|
|
|
$this->data = [
|
|
|
|
'arsse_users' => [
|
|
|
|
'columns' => [
|
|
|
|
'id' => 'str',
|
|
|
|
'password' => 'str',
|
2020-10-30 19:25:22 +00:00
|
|
|
'num' => 'int',
|
2018-11-25 05:03:56 +00:00
|
|
|
],
|
|
|
|
'rows' => [
|
2020-10-30 19:25:22 +00:00
|
|
|
["admin@example.net", '$2y$10$PbcG2ZR3Z8TuPzM7aHTF8.v61dtCjzjK78gdZJcp4UePE8T9jEgBW',1], // password is hash of "secret"
|
|
|
|
["jane.doe@example.com", "",2],
|
|
|
|
["john.doe@example.com", "",3],
|
2018-11-25 05:03:56 +00:00
|
|
|
],
|
2017-06-18 16:24:19 +00:00
|
|
|
],
|
2018-11-25 05:03:56 +00:00
|
|
|
];
|
|
|
|
}
|
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
protected function tearDownSeriesUser(): void {
|
2018-11-25 05:03:56 +00:00
|
|
|
unset($this->data);
|
|
|
|
}
|
2017-03-30 03:41:05 +00:00
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testCheckThatAUserExists(): void {
|
2017-07-17 11:47:57 +00:00
|
|
|
$this->assertTrue(Arsse::$db->userExists("jane.doe@example.com"));
|
|
|
|
$this->assertFalse(Arsse::$db->userExists("jane.doe@example.org"));
|
2019-09-05 14:03:32 +00:00
|
|
|
\Phake::verify(Arsse::$user)->authorize("jane.doe@example.com", "userExists");
|
|
|
|
\Phake::verify(Arsse::$user)->authorize("jane.doe@example.org", "userExists");
|
2019-06-21 22:52:27 +00:00
|
|
|
$this->compareExpectations(static::$drv, $this->data);
|
2017-03-30 03:41:05 +00:00
|
|
|
}
|
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testCheckThatAUserExistsWithoutAuthority(): void {
|
2019-09-05 14:03:32 +00:00
|
|
|
\Phake::when(Arsse::$user)->authorize->thenReturn(false);
|
2017-03-30 03:41:05 +00:00
|
|
|
$this->assertException("notAuthorized", "User", "ExceptionAuthz");
|
2017-07-17 11:47:57 +00:00
|
|
|
Arsse::$db->userExists("jane.doe@example.com");
|
2017-03-30 03:41:05 +00:00
|
|
|
}
|
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testGetAPassword(): void {
|
2017-07-17 11:47:57 +00:00
|
|
|
$hash = Arsse::$db->userPasswordGet("admin@example.net");
|
2017-03-30 03:41:05 +00:00
|
|
|
$this->assertSame('$2y$10$PbcG2ZR3Z8TuPzM7aHTF8.v61dtCjzjK78gdZJcp4UePE8T9jEgBW', $hash);
|
2019-09-05 14:03:32 +00:00
|
|
|
\Phake::verify(Arsse::$user)->authorize("admin@example.net", "userPasswordGet");
|
2017-03-30 03:41:05 +00:00
|
|
|
$this->assertTrue(password_verify("secret", $hash));
|
|
|
|
}
|
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testGetThePasswordOfAMissingUser(): void {
|
2017-07-23 03:08:08 +00:00
|
|
|
$this->assertException("doesNotExist", "User");
|
|
|
|
Arsse::$db->userPasswordGet("john.doe@example.org");
|
|
|
|
}
|
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testGetAPasswordWithoutAuthority(): void {
|
2019-09-05 14:03:32 +00:00
|
|
|
\Phake::when(Arsse::$user)->authorize->thenReturn(false);
|
2017-03-30 03:41:05 +00:00
|
|
|
$this->assertException("notAuthorized", "User", "ExceptionAuthz");
|
2017-07-17 11:47:57 +00:00
|
|
|
Arsse::$db->userPasswordGet("admin@example.net");
|
2017-03-30 03:41:05 +00:00
|
|
|
}
|
2018-10-26 18:58:04 +00:00
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testAddANewUser(): void {
|
2018-11-02 15:52:55 +00:00
|
|
|
$this->assertTrue(Arsse::$db->userAdd("john.doe@example.org", ""));
|
2019-09-05 14:03:32 +00:00
|
|
|
\Phake::verify(Arsse::$user)->authorize("john.doe@example.org", "userAdd");
|
2019-03-09 21:23:56 +00:00
|
|
|
$state = $this->primeExpectations($this->data, ['arsse_users' => ['id']]);
|
|
|
|
$state['arsse_users']['rows'][] = ["john.doe@example.org"];
|
2019-06-21 22:52:27 +00:00
|
|
|
$this->compareExpectations(static::$drv, $state);
|
2017-03-30 03:41:05 +00:00
|
|
|
}
|
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testAddAnExistingUser(): void {
|
2017-03-30 03:41:05 +00:00
|
|
|
$this->assertException("alreadyExists", "User");
|
2017-07-17 11:47:57 +00:00
|
|
|
Arsse::$db->userAdd("john.doe@example.com", "");
|
2017-03-30 03:41:05 +00:00
|
|
|
}
|
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testAddANewUserWithoutAuthority(): void {
|
2019-09-05 14:03:32 +00:00
|
|
|
\Phake::when(Arsse::$user)->authorize->thenReturn(false);
|
2017-03-30 03:41:05 +00:00
|
|
|
$this->assertException("notAuthorized", "User", "ExceptionAuthz");
|
2017-07-17 11:47:57 +00:00
|
|
|
Arsse::$db->userAdd("john.doe@example.org", "");
|
2017-03-30 03:41:05 +00:00
|
|
|
}
|
2018-10-26 18:58:04 +00:00
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testRemoveAUser(): void {
|
2017-07-17 11:47:57 +00:00
|
|
|
$this->assertTrue(Arsse::$db->userRemove("admin@example.net"));
|
2019-09-05 14:03:32 +00:00
|
|
|
\Phake::verify(Arsse::$user)->authorize("admin@example.net", "userRemove");
|
2017-03-30 03:41:05 +00:00
|
|
|
$state = $this->primeExpectations($this->data, ['arsse_users' => ['id']]);
|
|
|
|
array_shift($state['arsse_users']['rows']);
|
2019-06-21 22:52:27 +00:00
|
|
|
$this->compareExpectations(static::$drv, $state);
|
2017-03-30 03:41:05 +00:00
|
|
|
}
|
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testRemoveAMissingUser(): void {
|
2017-03-30 03:41:05 +00:00
|
|
|
$this->assertException("doesNotExist", "User");
|
2017-07-17 11:47:57 +00:00
|
|
|
Arsse::$db->userRemove("john.doe@example.org");
|
2017-03-30 03:41:05 +00:00
|
|
|
}
|
2018-10-26 18:58:04 +00:00
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testRemoveAUserWithoutAuthority(): void {
|
2019-09-05 14:03:32 +00:00
|
|
|
\Phake::when(Arsse::$user)->authorize->thenReturn(false);
|
2017-03-30 03:41:05 +00:00
|
|
|
$this->assertException("notAuthorized", "User", "ExceptionAuthz");
|
2017-07-17 11:47:57 +00:00
|
|
|
Arsse::$db->userRemove("admin@example.net");
|
2017-03-30 03:41:05 +00:00
|
|
|
}
|
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testListAllUsers(): void {
|
2017-03-30 03:41:05 +00:00
|
|
|
$users = ["admin@example.net", "jane.doe@example.com", "john.doe@example.com"];
|
2017-07-17 11:47:57 +00:00
|
|
|
$this->assertSame($users, Arsse::$db->userList());
|
2019-09-05 14:03:32 +00:00
|
|
|
\Phake::verify(Arsse::$user)->authorize("", "userList");
|
2017-03-30 03:41:05 +00:00
|
|
|
}
|
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testListAllUsersWithoutAuthority(): void {
|
2019-09-05 14:03:32 +00:00
|
|
|
\Phake::when(Arsse::$user)->authorize->thenReturn(false);
|
2017-03-30 03:41:05 +00:00
|
|
|
$this->assertException("notAuthorized", "User", "ExceptionAuthz");
|
2017-07-17 11:47:57 +00:00
|
|
|
Arsse::$db->userList();
|
2017-03-30 03:41:05 +00:00
|
|
|
}
|
2018-10-26 18:58:04 +00:00
|
|
|
|
2017-03-30 03:41:05 +00:00
|
|
|
/**
|
|
|
|
* @depends testGetAPassword
|
|
|
|
*/
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testSetAPassword(): void {
|
2017-03-30 03:41:05 +00:00
|
|
|
$user = "john.doe@example.com";
|
2018-11-02 15:52:55 +00:00
|
|
|
$pass = "secret";
|
2017-07-17 11:47:57 +00:00
|
|
|
$this->assertEquals("", Arsse::$db->userPasswordGet($user));
|
2018-11-02 15:52:55 +00:00
|
|
|
$this->assertTrue(Arsse::$db->userPasswordSet($user, $pass));
|
2017-07-17 11:47:57 +00:00
|
|
|
$hash = Arsse::$db->userPasswordGet($user);
|
2017-03-30 03:41:05 +00:00
|
|
|
$this->assertNotEquals("", $hash);
|
2019-09-05 14:03:32 +00:00
|
|
|
\Phake::verify(Arsse::$user)->authorize($user, "userPasswordSet");
|
2017-03-30 03:41:05 +00:00
|
|
|
$this->assertTrue(password_verify($pass, $hash), "Failed verifying password of $user '$pass' against hash '$hash'.");
|
|
|
|
}
|
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testUnsetAPassword(): void {
|
2019-03-24 18:42:23 +00:00
|
|
|
$user = "john.doe@example.com";
|
|
|
|
$this->assertEquals("", Arsse::$db->userPasswordGet($user));
|
|
|
|
$this->assertTrue(Arsse::$db->userPasswordSet($user, null));
|
|
|
|
$this->assertNull(Arsse::$db->userPasswordGet($user));
|
|
|
|
}
|
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testSetThePasswordOfAMissingUser(): void {
|
2017-03-30 03:41:05 +00:00
|
|
|
$this->assertException("doesNotExist", "User");
|
2017-07-17 11:47:57 +00:00
|
|
|
Arsse::$db->userPasswordSet("john.doe@example.org", "secret");
|
2017-03-30 03:41:05 +00:00
|
|
|
}
|
2018-10-26 18:58:04 +00:00
|
|
|
|
2020-01-20 18:52:48 +00:00
|
|
|
public function testSetAPasswordWithoutAuthority(): void {
|
2019-09-05 14:03:32 +00:00
|
|
|
\Phake::when(Arsse::$user)->authorize->thenReturn(false);
|
2017-03-30 03:41:05 +00:00
|
|
|
$this->assertException("notAuthorized", "User", "ExceptionAuthz");
|
2017-07-17 11:47:57 +00:00
|
|
|
Arsse::$db->userPasswordSet("john.doe@example.com", "secret");
|
2017-03-30 03:41:05 +00:00
|
|
|
}
|
2017-08-29 14:50:31 +00:00
|
|
|
}
|