mirror of
https://code.mensbeam.com/MensBeam/Arsse.git
synced 2024-12-22 21:22:40 +00:00
More User tests and resultant fixes
This commit is contained in:
parent
7785eb072b
commit
8a0d021622
6 changed files with 61 additions and 9 deletions
|
@ -38,7 +38,7 @@ abstract class AbstractException extends \Exception {
|
||||||
"User/Exception.alreadyExists" => 10403,
|
"User/Exception.alreadyExists" => 10403,
|
||||||
"User/Exception.authMissing" => 10411,
|
"User/Exception.authMissing" => 10411,
|
||||||
"User/Exception.authFailed" => 10412,
|
"User/Exception.authFailed" => 10412,
|
||||||
"User/Exception.notAuthorized" => 10421,
|
"User/ExceptionAuthz.notAuthorized" => 10421,
|
||||||
"Feed/Exception.invalidCertificate" => 10501,
|
"Feed/Exception.invalidCertificate" => 10501,
|
||||||
"Feed/Exception.invalidUrl" => 10502,
|
"Feed/Exception.invalidUrl" => 10502,
|
||||||
"Feed/Exception.maxRedirect" => 10503,
|
"Feed/Exception.maxRedirect" => 10503,
|
||||||
|
@ -60,7 +60,7 @@ abstract class AbstractException extends \Exception {
|
||||||
$class = get_called_class();
|
$class = get_called_class();
|
||||||
$codeID = str_replace("\\", "/", str_replace(NS_BASE, "", $class)).".$msgID";
|
$codeID = str_replace("\\", "/", str_replace(NS_BASE, "", $class)).".$msgID";
|
||||||
if(!array_key_exists($codeID, self::CODES)) {
|
if(!array_key_exists($codeID, self::CODES)) {
|
||||||
throw new Exception("uncoded");
|
throw new Exception("uncoded", $codeID);
|
||||||
} else {
|
} else {
|
||||||
$code = self::CODES[$codeID];
|
$code = self::CODES[$codeID];
|
||||||
$msg = "Exception.".str_replace("\\", "/", $class).".$msgID";
|
$msg = "Exception.".str_replace("\\", "/", $class).".$msgID";
|
||||||
|
|
|
@ -199,7 +199,7 @@ class Database {
|
||||||
$domain = "%@".$domain;
|
$domain = "%@".$domain;
|
||||||
$set = $this->db->prepare("SELECT id from newssync_users where id like ?", "str")->run($domain);
|
$set = $this->db->prepare("SELECT id from newssync_users where id like ?", "str")->run($domain);
|
||||||
} else {
|
} else {
|
||||||
if(!$this->data->user->authorize("", __FUNCTION__)) throw new User\ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => "all users"]);
|
if(!$this->data->user->authorize("", __FUNCTION__)) throw new User\ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => "global"]);
|
||||||
$set = $this->db->prepare("SELECT id from newssync_users")->run();
|
$set = $this->db->prepare("SELECT id from newssync_users")->run();
|
||||||
}
|
}
|
||||||
$out = [];
|
$out = [];
|
||||||
|
|
|
@ -193,7 +193,7 @@ class User {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function passwordSet(string $user, string $newPassword = null, $oldPassword = null): bool {
|
public function passwordSet(string $user, string $newPassword = null, $oldPassword = null): string {
|
||||||
$func = "userPasswordSet";
|
$func = "userPasswordSet";
|
||||||
switch($this->u->driverFunctions($func)) {
|
switch($this->u->driverFunctions($func)) {
|
||||||
case User\Driver::FUNC_EXTERNAL:
|
case User\Driver::FUNC_EXTERNAL:
|
||||||
|
|
|
@ -50,7 +50,21 @@ return [
|
||||||
'Exception.JKingWeb/NewsSync/User/Exception.doesNotExist' => 'Could not perform action "{action}" because the user {user} does not exist',
|
'Exception.JKingWeb/NewsSync/User/Exception.doesNotExist' => 'Could not perform action "{action}" because the user {user} does not exist',
|
||||||
'Exception.JKingWeb/NewsSync/User/Exception.authMissing' => 'Please log in to proceed',
|
'Exception.JKingWeb/NewsSync/User/Exception.authMissing' => 'Please log in to proceed',
|
||||||
'Exception.JKingWeb/NewsSync/User/Exception.authFailed' => 'Authentication failed',
|
'Exception.JKingWeb/NewsSync/User/Exception.authFailed' => 'Authentication failed',
|
||||||
'Exception.JKingWeb/NewsSync/User/ExceptionAuthz.notAuthorized' => 'Authenticated user is not authorized to perform the action "{action}" on behalf of {user}',
|
'Exception.JKingWeb/NewsSync/User/ExceptionAuthz.notAuthorized' =>
|
||||||
|
/*'{action, select,
|
||||||
|
userList {{user, select,
|
||||||
|
"*" {Authenticated user is not authorized to view the global user list}
|
||||||
|
other {Authenticated user is not authorized to view the user list for domain {user}}
|
||||||
|
}}
|
||||||
|
other {Authenticated user is not authorized to perform the action "{action}" on behalf of {user}}
|
||||||
|
}',*/
|
||||||
|
'{action, select,
|
||||||
|
userList {{user, select,
|
||||||
|
global {Authenticated user is not authorized to view the global user list}
|
||||||
|
other {Authenticated user is not authorized to view the user list for domain {user}}
|
||||||
|
}}
|
||||||
|
other {Authenticated user is not authorized to perform the action "{action}" on behalf of {user}}
|
||||||
|
}',
|
||||||
|
|
||||||
'Exception.JKingWeb/NewsSync/Feed/Exception.invalidCertificate' => 'Could not download feed "{url}" because its server is serving an invalid SSL certificate',
|
'Exception.JKingWeb/NewsSync/Feed/Exception.invalidCertificate' => 'Could not download feed "{url}" because its server is serving an invalid SSL certificate',
|
||||||
'Exception.JKingWeb/NewsSync/Feed/Exception.invalidURL' => 'Feed URL "{url}" is invalid',
|
'Exception.JKingWeb/NewsSync/Feed/Exception.invalidURL' => 'Feed URL "{url}" is invalid',
|
||||||
|
|
|
@ -18,6 +18,7 @@ class TestUser extends \PHPUnit\Framework\TestCase {
|
||||||
$conf->userAuthPreferHTTP = true;
|
$conf->userAuthPreferHTTP = true;
|
||||||
$this->data = new Test\RuntimeData($conf);
|
$this->data = new Test\RuntimeData($conf);
|
||||||
$this->data->user = new User($this->data);
|
$this->data->user = new User($this->data);
|
||||||
|
$this->data->user->authorizationEnabled(false);
|
||||||
$_SERVER['PHP_AUTH_USER'] = self::USER1;
|
$_SERVER['PHP_AUTH_USER'] = self::USER1;
|
||||||
$_SERVER['PHP_AUTH_PW'] = "secret";
|
$_SERVER['PHP_AUTH_PW'] = "secret";
|
||||||
}
|
}
|
||||||
|
@ -69,4 +70,25 @@ class TestUser extends \PHPUnit\Framework\TestCase {
|
||||||
$this->assertTrue($this->data->user->auth(self::USER1, "secret"));
|
$this->assertTrue($this->data->user->auth(self::USER1, "secret"));
|
||||||
$this->assertFalse($this->data->user->auth(self::USER1, "superman"));
|
$this->assertFalse($this->data->user->auth(self::USER1, "superman"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function testChangeAPassword() {
|
||||||
|
$this->data->user->add(self::USER1, "secret");
|
||||||
|
$this->assertEquals("superman", $this->data->user->passwordSet(self::USER1, "superman"));
|
||||||
|
$this->assertTrue($this->data->user->auth(self::USER1, "superman"));
|
||||||
|
$this->assertFalse($this->data->user->auth(self::USER1, "secret"));
|
||||||
|
$this->assertEquals($this->data->conf->userTempPasswordLength, strlen($this->data->user->passwordSet(self::USER1)));
|
||||||
|
}
|
||||||
|
|
||||||
|
function testChangeAPasswordForAMissingUser() {
|
||||||
|
$this->assertException("doesNotExist", "User");
|
||||||
|
$this->data->user->passwordSet(self::USER1, "superman");
|
||||||
|
}
|
||||||
|
|
||||||
|
function testGetThePropertiesOfAUser() {
|
||||||
|
$this->data->user->add(self::USER1, "secret");
|
||||||
|
$p = $this->data->user->propertiesGet(self::USER1);
|
||||||
|
$this->assertArrayHasKey('name', $p);
|
||||||
|
$this->assertArrayNotHasKey('password', $p);
|
||||||
|
$this->assertEquals(self::USER1, $p['name']);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +1,13 @@
|
||||||
<?php
|
<?php
|
||||||
declare(strict_types=1);
|
declare(strict_types=1);
|
||||||
namespace JKingWeb\NewsSync\Test\User;
|
namespace JKingWeb\NewsSync\Test\User;
|
||||||
use JKingWeb\NewsSync\Lang, JKingWeb\NewsSync\User\Driver, JKingWeb\NewsSync\User\Exception, PasswordGenerator\Generator as PassGen;
|
use JKingWeb\NewsSync\Lang;
|
||||||
|
use JKingWeb\NewsSync\User\Driver;
|
||||||
|
use JKingWeb\NewsSync\User\Exception;
|
||||||
|
use JKingWeb\NewsSync\User\ExceptionAuthz;
|
||||||
|
use PasswordGenerator\Generator as PassGen;
|
||||||
|
|
||||||
final class DriverInternalMock implements Driver {
|
class DriverInternalMock implements Driver {
|
||||||
|
|
||||||
protected $db = [];
|
protected $db = [];
|
||||||
protected $data;
|
protected $data;
|
||||||
|
@ -49,14 +53,16 @@ final class DriverInternalMock implements Driver {
|
||||||
}
|
}
|
||||||
|
|
||||||
function authorize(string $affectedUser, string $action, int $newRightsLevel = 0): bool {
|
function authorize(string $affectedUser, string $action, int $newRightsLevel = 0): bool {
|
||||||
return true;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
function userExists(string $user): bool {
|
function userExists(string $user): bool {
|
||||||
|
if(!$this->data->user->authorize($user, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
|
||||||
return array_key_exists($user, $this->db);
|
return array_key_exists($user, $this->db);
|
||||||
}
|
}
|
||||||
|
|
||||||
function userAdd(string $user, string $password = null): string {
|
function userAdd(string $user, string $password = null): string {
|
||||||
|
if(!$this->data->user->authorize($user, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
|
||||||
if($this->userExists($user)) throw new Exception("alreadyExists", ["action" => __FUNCTION__, "user" => $user]);
|
if($this->userExists($user)) throw new Exception("alreadyExists", ["action" => __FUNCTION__, "user" => $user]);
|
||||||
if($password===null) $password = (new PassGen)->length($this->data->conf->userTempPasswordLength)->get();
|
if($password===null) $password = (new PassGen)->length($this->data->conf->userTempPasswordLength)->get();
|
||||||
$u = [
|
$u = [
|
||||||
|
@ -68,6 +74,7 @@ final class DriverInternalMock implements Driver {
|
||||||
}
|
}
|
||||||
|
|
||||||
function userRemove(string $user): bool {
|
function userRemove(string $user): bool {
|
||||||
|
if(!$this->data->user->authorize($user, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
|
||||||
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
|
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
|
||||||
unset($this->db[$user]);
|
unset($this->db[$user]);
|
||||||
return true;
|
return true;
|
||||||
|
@ -76,10 +83,12 @@ final class DriverInternalMock implements Driver {
|
||||||
function userList(string $domain = null): array {
|
function userList(string $domain = null): array {
|
||||||
$list = array_keys($this->db);
|
$list = array_keys($this->db);
|
||||||
if($domain===null) {
|
if($domain===null) {
|
||||||
|
if(!$this->data->user->authorize("", __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => "global"]);
|
||||||
return $list;
|
return $list;
|
||||||
} else {
|
} else {
|
||||||
$suffix = '@'.$domain;
|
$suffix = '@'.$domain;
|
||||||
$len = -1 * strlen($suffix);
|
$len = -1 * strlen($suffix);
|
||||||
|
if(!$this->data->user->authorize($suffix, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $domain]);
|
||||||
return array_filter($list, function($user) use($suffix, $len) {
|
return array_filter($list, function($user) use($suffix, $len) {
|
||||||
return substr_compare($user, $suffix, $len);
|
return substr_compare($user, $suffix, $len);
|
||||||
});
|
});
|
||||||
|
@ -87,6 +96,7 @@ final class DriverInternalMock implements Driver {
|
||||||
}
|
}
|
||||||
|
|
||||||
function userPasswordSet(string $user, string $newPassword = null, string $oldPassword = null): string {
|
function userPasswordSet(string $user, string $newPassword = null, string $oldPassword = null): string {
|
||||||
|
if(!$this->data->user->authorize($user, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
|
||||||
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
|
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
|
||||||
if($newPassword===null) $newPassword = (new PassGen)->length($this->data->conf->userTempPasswordLength)->get();
|
if($newPassword===null) $newPassword = (new PassGen)->length($this->data->conf->userTempPasswordLength)->get();
|
||||||
$this->db[$user]['password'] = password_hash($newPassword, \PASSWORD_DEFAULT);
|
$this->db[$user]['password'] = password_hash($newPassword, \PASSWORD_DEFAULT);
|
||||||
|
@ -94,22 +104,28 @@ final class DriverInternalMock implements Driver {
|
||||||
}
|
}
|
||||||
|
|
||||||
function userPropertiesGet(string $user): array {
|
function userPropertiesGet(string $user): array {
|
||||||
|
if(!$this->data->user->authorize($user, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
|
||||||
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
|
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
|
||||||
return $this->db[$user];
|
$out = $this->db[$user];
|
||||||
|
unset($out['password']);
|
||||||
|
return $out;
|
||||||
}
|
}
|
||||||
|
|
||||||
function userPropertiesSet(string $user, array $properties): array {
|
function userPropertiesSet(string $user, array $properties): array {
|
||||||
|
if(!$this->data->user->authorize($user, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
|
||||||
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
|
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
|
||||||
$this->db[$user] = array_merge($this->db[$user], $properties);
|
$this->db[$user] = array_merge($this->db[$user], $properties);
|
||||||
return $this->userPropertiesGet($user);
|
return $this->userPropertiesGet($user);
|
||||||
}
|
}
|
||||||
|
|
||||||
function userRightsGet(string $user): int {
|
function userRightsGet(string $user): int {
|
||||||
|
if(!$this->data->user->authorize($user, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
|
||||||
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
|
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
|
||||||
return $this->db[$user]['rights'];
|
return $this->db[$user]['rights'];
|
||||||
}
|
}
|
||||||
|
|
||||||
function userRightsSet(string $user, int $level): bool {
|
function userRightsSet(string $user, int $level): bool {
|
||||||
|
if(!$this->data->user->authorize($user, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
|
||||||
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
|
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
|
||||||
$this->db[$user]['rights'] = $level;
|
$this->db[$user]['rights'] = $level;
|
||||||
return true;
|
return true;
|
||||||
|
|
Loading…
Reference in a new issue