From e4852b581a463fc650c1b12ddfa985475c64a1c3 Mon Sep 17 00:00:00 2001 From: "J. King" Date: Mon, 27 Feb 2017 23:04:13 -0500 Subject: [PATCH] Start on tests for authorization --- lib/User.php | 2 ++ tests/User/TestAuthorization.php | 47 +++++++++++++++++++++++++++ tests/lib/User/DriverInternalMock.php | 1 + tests/lib/User/DriverSkeleton.php | 2 +- tests/phpunit.xml | 1 + 5 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 tests/User/TestAuthorization.php diff --git a/lib/User.php b/lib/User.php index b5fa3dcf..27ede95d 100644 --- a/lib/User.php +++ b/lib/User.php @@ -9,6 +9,7 @@ class User { protected $u; protected $authz = true; protected $authzSupported = 0; + protected $actor = []; static public function listDrivers(): array { $sep = \DIRECTORY_SEPARATOR; @@ -108,6 +109,7 @@ class User { if($this->data->conf->userAuthPreferHTTP) return $this->authHTTP(); return $this->authForm(); } else { + $this->id = $user; switch($this->u->driverFunctions("auth")) { case User\Driver::FUNC_EXTERNAL: $out = $this->u->auth($user, $password); diff --git a/tests/User/TestAuthorization.php b/tests/User/TestAuthorization.php new file mode 100644 index 00000000..ecab74aa --- /dev/null +++ b/tests/User/TestAuthorization.php @@ -0,0 +1,47 @@ +userDriver = $drv; + $conf->userAuthPreferHTTP = true; + $this->data = new Test\RuntimeData($conf); + $this->data->user = new User($this->data); + $this->data->user->authorizationEnabled(false); + $users = [ + 'user@example.com' => User\Driver::RIGHTS_NONE, + 'user@example.org' => User\Driver::RIGHTS_NONE, + 'dman@example.com' => User\Driver::RIGHTS_DOMAIN_MANAGER, + 'dman@example.org' => User\Driver::RIGHTS_DOMAIN_MANAGER, + 'dadm@example.com' => User\Driver::RIGHTS_DOMAIN_ADMIN, + 'dadm@example.org' => User\Driver::RIGHTS_DOMAIN_ADMIN, + 'gman@example.com' => User\Driver::RIGHTS_GLOBAL_MANAGER, + 'gman@example.org' => User\Driver::RIGHTS_GLOBAL_MANAGER, + 'gadm@example.com' => User\Driver::RIGHTS_GLOBAL_ADMIN, + 'gadm@example.org' => User\Driver::RIGHTS_GLOBAL_ADMIN, + ]; + foreach($users as $user => $level) { + $this->data->user->add($user, ""); + $this->data->user->rightsSet($user, $level); + } + $this->data->user->authorizationEnabled(true); + } + + function testRegularUserActingOnSelf() { + $u = "user@example.com"; + $this->data->user->auth($u, ""); + $this->data->user->remove($u); + $this->assertFalse($this->data->user->exists($u)); + } +} \ No newline at end of file diff --git a/tests/lib/User/DriverInternalMock.php b/tests/lib/User/DriverInternalMock.php index c1c65978..bdb27972 100644 --- a/tests/lib/User/DriverInternalMock.php +++ b/tests/lib/User/DriverInternalMock.php @@ -43,6 +43,7 @@ class DriverInternalMock extends Database implements Driver { function auth(string $user, string $password): bool { if(!$this->userExists($user)) return false; + if($password==="" && $this->db[$user]['password']==="") return true; if(password_verify($password, $this->db[$user]['password'])) return true; return false; } diff --git a/tests/lib/User/DriverSkeleton.php b/tests/lib/User/DriverSkeleton.php index 6b420cbc..af1e563c 100644 --- a/tests/lib/User/DriverSkeleton.php +++ b/tests/lib/User/DriverSkeleton.php @@ -18,7 +18,7 @@ abstract class DriverSkeleton { function userAdd(string $user, string $password = null): string { $u = [ - 'password' => $password ? password_hash($password, \PASSWORD_DEFAULT) : null, + 'password' => $password ? password_hash($password, \PASSWORD_DEFAULT) : "", 'rights' => Driver::RIGHTS_NONE, ]; $this->db[$user] = $u; diff --git a/tests/phpunit.xml b/tests/phpunit.xml index 72d2bda7..fd2effa9 100644 --- a/tests/phpunit.xml +++ b/tests/phpunit.xml @@ -24,6 +24,7 @@ User/TestUser.php User/TestUserExternal.php + User/TestAuthorization.php \ No newline at end of file