webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2026-01-03 23:42:28 +03:00
Code Activity

Copied over work from user_permissions branch

Browse Source 
Only that relevant to the additional testing work.
This commit is contained in:
Dan Brown
2023-01-21 11:08:34 +00:00
parent 6070d804f8
commit c724bfe4d3
72 changed files with 1566 additions and 545 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
tests/Auth/AuthTest.php
View File

@@ -44,7 +44,7 @@ class AuthTest extends TestCase
public function test_mfa_session_cleared_on_logout()
{
$user = $this->getEditor();
$user = $this->users->editor();
$mfaSession = $this->app->make(MfaSession::class);
$mfaSession->markVerifiedForUser($user);
@@ -94,7 +94,7 @@ class AuthTest extends TestCase
public function test_login_authenticates_nonadmins_on_default_guard_only()
{
$editor = $this->getEditor();
$editor = $this->users->editor();
$editor->password = bcrypt('password');
$editor->save();
@@ -120,7 +120,7 @@ class AuthTest extends TestCase
public function test_logged_in_user_with_unconfirmed_email_is_logged_out()
{
$this->setSettings(['registration-confirmation' => 'true']);
$user = $this->getEditor();
$user = $this->users->editor();
$user->email_confirmed = false;
$user->save();

8
tests/Auth/GroupSyncServiceTest.php
View File

@@ -11,7 +11,7 @@ class GroupSyncServiceTest extends TestCase
{
public function test_user_is_assigned_to_matching_roles()
{
$user = $this->getViewer();
$user = $this->users->viewer();
$roleA = Role::factory()->create(['display_name' => 'Wizards']);
$roleB = Role::factory()->create(['display_name' => 'Gremlins']);
@@ -33,7 +33,7 @@ class GroupSyncServiceTest extends TestCase
public function test_multiple_values_in_role_external_auth_id_handled()
{
$user = $this->getViewer();
$user = $this->users->viewer();
$role = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'sales, engineering, developers, marketers']);
$this->assertFalse($user->hasRole($role->id));
@@ -45,7 +45,7 @@ class GroupSyncServiceTest extends TestCase
public function test_commas_can_be_used_in_external_auth_id_if_escaped()
{
$user = $this->getViewer();
$user = $this->users->viewer();
$role = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'sales\,-developers, marketers']);
$this->assertFalse($user->hasRole($role->id));
@@ -57,7 +57,7 @@ class GroupSyncServiceTest extends TestCase
public function test_external_auth_id_matches_ignoring_case()
{
$user = $this->getViewer();
$user = $this->users->viewer();
$role = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'WaRRioRs']);
$this->assertFalse($user->hasRole($role->id));

4
tests/Auth/LdapTest.php
View File

@@ -235,7 +235,7 @@ class LdapTest extends TestCase
public function test_user_edit_form()
{
$editUser = $this->getNormalUser();
$editUser = $this->users->viewer();
$editPage = $this->asAdmin()->get("/settings/users/{$editUser->id}");
$editPage->assertSee('Edit User');
$editPage->assertDontSee('Password');
@@ -257,7 +257,7 @@ class LdapTest extends TestCase
public function test_non_admins_cannot_change_auth_id()
{
$testUser = $this->getNormalUser();
$testUser = $this->users->viewer();
$this->actingAs($testUser)
->get('/settings/users/' . $testUser->id)
->assertDontSee('External Authentication');

2
tests/Auth/LoginAutoInitiateTest.php
View File

@@ -70,7 +70,7 @@ class LoginAutoInitiateTest extends TestCase
config()->set([
'auth.method' => 'oidc',
]);
$this->actingAs($this->getEditor());
$this->actingAs($this->users->editor());
$req = $this->post('/logout');
$req->assertRedirect('/login?prevent_auto_init=true');

18
tests/Auth/MfaConfigurationTest.php
View File

@@ -13,7 +13,7 @@ class MfaConfigurationTest extends TestCase
{
public function test_totp_setup()
{
$editor = $this->getEditor();
$editor = $this->users->editor();
$this->assertDatabaseMissing('mfa_values', ['user_id' => $editor->id]);
// Setup page state
@@ -66,7 +66,7 @@ class MfaConfigurationTest extends TestCase
public function test_backup_codes_setup()
{
$editor = $this->getEditor();
$editor = $this->users->editor();
$this->assertDatabaseMissing('mfa_values', ['user_id' => $editor->id]);
// Setup page state
@@ -112,8 +112,8 @@ class MfaConfigurationTest extends TestCase
public function test_mfa_method_count_is_visible_on_user_edit_page()
{
$user = $this->getEditor();
$resp = $this->actingAs($this->getAdmin())->get($user->getEditUrl());
$user = $this->users->editor();
$resp = $this->actingAs($this->users->admin())->get($user->getEditUrl());
$resp->assertSee('0 methods configured');
MfaValue::upsertWithValue($user, MfaValue::METHOD_TOTP, 'test');
@@ -127,17 +127,17 @@ class MfaConfigurationTest extends TestCase
public function test_mfa_setup_link_only_shown_when_viewing_own_user_edit_page()
{
$admin = $this->getAdmin();
$admin = $this->users->admin();
$resp = $this->actingAs($admin)->get($admin->getEditUrl());
$this->withHtml($resp)->assertElementExists('a[href$="/mfa/setup"]');
$resp = $this->actingAs($admin)->get($this->getEditor()->getEditUrl());
$resp = $this->actingAs($admin)->get($this->users->editor()->getEditUrl());
$this->withHtml($resp)->assertElementNotExists('a[href$="/mfa/setup"]');
}
public function test_mfa_indicator_shows_in_user_list()
{
$admin = $this->getAdmin();
$admin = $this->users->admin();
User::query()->where('id', '!=', $admin->id)->delete();
$resp = $this->actingAs($admin)->get('/settings/users');
@@ -150,7 +150,7 @@ class MfaConfigurationTest extends TestCase
public function test_remove_mfa_method()
{
$admin = $this->getAdmin();
$admin = $this->users->admin();
MfaValue::upsertWithValue($admin, MfaValue::METHOD_TOTP, 'test');
$this->assertEquals(1, $admin->mfaValues()->count());
@@ -168,7 +168,7 @@ class MfaConfigurationTest extends TestCase
public function test_totp_setup_url_shows_correct_user_when_setup_forced_upon_login()
{
$admin = $this->getAdmin();
$admin = $this->users->admin();
/** @var Role $role */
$role = $admin->roles()->first();
$role->mfa_enforced = true;

10
tests/Auth/MfaVerificationTest.php
View File

@@ -140,7 +140,7 @@ class MfaVerificationTest extends TestCase
public function test_both_mfa_options_available_if_set_on_profile()
{
$user = $this->getEditor();
$user = $this->users->editor();
$user->password = Hash::make('password');
$user->save();
@@ -165,7 +165,7 @@ class MfaVerificationTest extends TestCase
public function test_mfa_required_with_no_methods_leads_to_setup()
{
$user = $this->getEditor();
$user = $this->users->editor();
$user->password = Hash::make('password');
$user->save();
/** @var Role $role */
@@ -222,7 +222,7 @@ class MfaVerificationTest extends TestCase
// Attempted login user, who has configured mfa, access
// Sets up user that has MFA required after attempted login.
$loginService = $this->app->make(LoginService::class);
$user = $this->getEditor();
$user = $this->users->editor();
/** @var Role $role */
$role = $user->roles->first();
$role->mfa_enforced = true;
@@ -257,7 +257,7 @@ class MfaVerificationTest extends TestCase
protected function startTotpLogin(): array
{
$secret = $this->app->make(TotpService::class)->generateSecret();
$user = $this->getEditor();
$user = $this->users->editor();
$user->password = Hash::make('password');
$user->save();
MfaValue::upsertWithValue($user, MfaValue::METHOD_TOTP, $secret);
@@ -274,7 +274,7 @@ class MfaVerificationTest extends TestCase
*/
protected function startBackupCodeLogin($codes = ['kzzu6-1pgll', 'bzxnf-plygd', 'bwdsp-ysl51', '1vo93-ioy7n', 'lf7nw-wdyka', 'xmtrd-oplac']): array
{
$user = $this->getEditor();
$user = $this->users->editor();
$user->password = Hash::make('password');
$user->save();
MfaValue::upsertWithValue($user, MfaValue::METHOD_BACKUP_CODES, json_encode($codes));

6
tests/Auth/OidcTest.php
View File

@@ -93,7 +93,7 @@ class OidcTest extends TestCase
public function test_logout_route_functions()
{
$this->actingAs($this->getEditor());
$this->actingAs($this->users->editor());
$this->post('/logout');
$this->assertFalse(auth()->check());
}
@@ -228,7 +228,7 @@ class OidcTest extends TestCase
public function test_auth_login_as_existing_user()
{
$editor = $this->getEditor();
$editor = $this->users->editor();
$editor->external_auth_id = 'benny505';
$editor->save();
@@ -245,7 +245,7 @@ class OidcTest extends TestCase
public function test_auth_login_as_existing_user_email_with_different_auth_id_fails()
{
$editor = $this->getEditor();
$editor = $this->users->editor();
$editor->external_auth_id = 'editor101';
$editor->save();

2
tests/Auth/ResetPasswordTest.php
View File

@@ -85,7 +85,7 @@ class ResetPasswordTest extends TestCase
public function test_reset_request_is_throttled()
{
$editor = $this->getEditor();
$editor = $this->users->editor();
Notification::fake();
$this->get('/password/email');
$this->followingRedirects()->post('/password/email', [

2
tests/Auth/Saml2Test.php
View File

@@ -170,7 +170,7 @@ class Saml2Test extends TestCase
'saml2.onelogin.strict' => false,
]);
$resp = $this->actingAs($this->getEditor())->get('/');
$resp = $this->actingAs($this->users->editor())->get('/');
$this->withHtml($resp)->assertElementContains('form[action$="/saml2/logout"] button', 'Logout');
}

6
tests/Auth/SocialAuthTest.php
View File

@@ -77,18 +77,18 @@ class SocialAuthTest extends TestCase
// Test social callback with matching social account
DB::table('social_accounts')->insert([
'user_id' => $this->getAdmin()->id,
'user_id' => $this->users->admin()->id,
'driver' => 'github',
'driver_id' => 'logintest123',
]);
$resp = $this->followingRedirects()->get('/login/service/github/callback');
$resp->assertDontSee('login-form');
$this->assertActivityExists(ActivityType::AUTH_LOGIN, null, 'github; (' . $this->getAdmin()->id . ') ' . $this->getAdmin()->name);
$this->assertActivityExists(ActivityType::AUTH_LOGIN, null, 'github; (' . $this->users->admin()->id . ') ' . $this->users->admin()->name);
}
public function test_social_account_detach()
{
$editor = $this->getEditor();
$editor = $this->users->editor();
config([
'GITHUB_APP_ID' => 'abc123', 'GITHUB_APP_SECRET' => '123abc',
'APP_URL' => 'http://localhost',

10
tests/Auth/UserInviteTest.php
View File

@@ -17,7 +17,7 @@ class UserInviteTest extends TestCase
public function test_user_creation_creates_invite()
{
Notification::fake();
$admin = $this->getAdmin();
$admin = $this->users->admin();
$email = Str::random(16) . '@example.com';
$resp = $this->actingAs($admin)->post('/settings/users/create', [
@@ -38,7 +38,7 @@ class UserInviteTest extends TestCase
public function test_user_invite_sent_in_selected_language()
{
Notification::fake();
$admin = $this->getAdmin();
$admin = $this->users->admin();
$email = Str::random(16) . '@example.com';
$resp = $this->actingAs($admin)->post('/settings/users/create', [
@@ -62,7 +62,7 @@ class UserInviteTest extends TestCase
public function test_invite_set_password()
{
Notification::fake();
$user = $this->getViewer();
$user = $this->users->viewer();
$inviteService = app(UserInviteService::class);
$inviteService->sendInvitation($user);
@@ -91,7 +91,7 @@ class UserInviteTest extends TestCase
public function test_invite_set_has_password_validation()
{
Notification::fake();
$user = $this->getViewer();
$user = $this->users->viewer();
$inviteService = app(UserInviteService::class);
$inviteService->sendInvitation($user);
@@ -126,7 +126,7 @@ class UserInviteTest extends TestCase
public function test_token_expires_after_two_weeks()
{
Notification::fake();
$user = $this->getViewer();
$user = $this->users->viewer();
$inviteService = app(UserInviteService::class);
$inviteService->sendInvitation($user);