MensBeam
/
Arsse
3
1
Fork 0
Code Issues 24 Pull Requests Releases 28 Activity
Browse Source

More User tests and resultant fixes

microsub
J. King 7 years ago
parent
7785eb072b
commit
8a0d021622
6 changed files with 61 additions and 9 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      lib/AbstractException.php
  2. 2
      lib/Database.php
  3. 2
      lib/User.php
  4. 16
      locale/en.php
  5. 22
      tests/User/TestUser.php
  6. 24
      tests/lib/User/DriverInternalMock.php

4
lib/AbstractException.php
View File

@ -38,7 +38,7 @@ abstract class AbstractException extends \Exception {
"User/Exception.alreadyExists" => 10403, "User/Exception.alreadyExists" => 10403,
"User/Exception.authMissing" => 10411, "User/Exception.authMissing" => 10411,
"User/Exception.authFailed" => 10412, "User/Exception.authFailed" => 10412,
"User/Exception.notAuthorized" => 10421, "User/ExceptionAuthz.notAuthorized" => 10421,
"Feed/Exception.invalidCertificate" => 10501, "Feed/Exception.invalidCertificate" => 10501,
"Feed/Exception.invalidUrl" => 10502, "Feed/Exception.invalidUrl" => 10502,
"Feed/Exception.maxRedirect" => 10503, "Feed/Exception.maxRedirect" => 10503,
@ -60,7 +60,7 @@ abstract class AbstractException extends \Exception {
$class = get_called_class(); $class = get_called_class();
$codeID = str_replace("\\", "/", str_replace(NS_BASE, "", $class)).".$msgID"; $codeID = str_replace("\\", "/", str_replace(NS_BASE, "", $class)).".$msgID";
if(!array_key_exists($codeID, self::CODES)) { if(!array_key_exists($codeID, self::CODES)) {
throw new Exception("uncoded"); throw new Exception("uncoded", $codeID);
} else { } else {
$code = self::CODES[$codeID]; $code = self::CODES[$codeID];
$msg = "Exception.".str_replace("\\", "/", $class).".$msgID"; $msg = "Exception.".str_replace("\\", "/", $class).".$msgID";

2
lib/Database.php
View File

@ -199,7 +199,7 @@ class Database {
$domain = "%@".$domain; $domain = "%@".$domain;
$set = $this->db->prepare("SELECT id from newssync_users where id like ?", "str")->run($domain); $set = $this->db->prepare("SELECT id from newssync_users where id like ?", "str")->run($domain);
} else { } else {
if(!$this->data->user->authorize("", __FUNCTION__)) throw new User\ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => "all users"]); if(!$this->data->user->authorize("", __FUNCTION__)) throw new User\ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => "global"]);
$set = $this->db->prepare("SELECT id from newssync_users")->run(); $set = $this->db->prepare("SELECT id from newssync_users")->run();
} }
$out = []; $out = [];

2
lib/User.php
View File

@ -193,7 +193,7 @@ class User {
} }
} }
public function passwordSet(string $user, string $newPassword = null, $oldPassword = null): bool { public function passwordSet(string $user, string $newPassword = null, $oldPassword = null): string {
$func = "userPasswordSet"; $func = "userPasswordSet";
switch($this->u->driverFunctions($func)) { switch($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL: case User\Driver::FUNC_EXTERNAL:

16
locale/en.php
View File

@ -50,7 +50,21 @@ return [
'Exception.JKingWeb/NewsSync/User/Exception.doesNotExist' => 'Could not perform action "{action}" because the user {user} does not exist', 'Exception.JKingWeb/NewsSync/User/Exception.doesNotExist' => 'Could not perform action "{action}" because the user {user} does not exist',
'Exception.JKingWeb/NewsSync/User/Exception.authMissing' => 'Please log in to proceed', 'Exception.JKingWeb/NewsSync/User/Exception.authMissing' => 'Please log in to proceed',
'Exception.JKingWeb/NewsSync/User/Exception.authFailed' => 'Authentication failed', 'Exception.JKingWeb/NewsSync/User/Exception.authFailed' => 'Authentication failed',
'Exception.JKingWeb/NewsSync/User/ExceptionAuthz.notAuthorized' => 'Authenticated user is not authorized to perform the action "{action}" on behalf of {user}', 'Exception.JKingWeb/NewsSync/User/ExceptionAuthz.notAuthorized' =>
/*'{action, select,
userList {{user, select,
"*" {Authenticated user is not authorized to view the global user list}
other {Authenticated user is not authorized to view the user list for domain {user}}
}}
other {Authenticated user is not authorized to perform the action "{action}" on behalf of {user}}
}',*/
'{action, select,
userList {{user, select,
global {Authenticated user is not authorized to view the global user list}
other {Authenticated user is not authorized to view the user list for domain {user}}
}}
other {Authenticated user is not authorized to perform the action "{action}" on behalf of {user}}
}',
'Exception.JKingWeb/NewsSync/Feed/Exception.invalidCertificate' => 'Could not download feed "{url}" because its server is serving an invalid SSL certificate', 'Exception.JKingWeb/NewsSync/Feed/Exception.invalidCertificate' => 'Could not download feed "{url}" because its server is serving an invalid SSL certificate',
'Exception.JKingWeb/NewsSync/Feed/Exception.invalidURL' => 'Feed URL "{url}" is invalid', 'Exception.JKingWeb/NewsSync/Feed/Exception.invalidURL' => 'Feed URL "{url}" is invalid',

22
tests/User/TestUser.php
View File

@ -18,6 +18,7 @@ class TestUser extends \PHPUnit\Framework\TestCase {
$conf->userAuthPreferHTTP = true; $conf->userAuthPreferHTTP = true;
$this->data = new Test\RuntimeData($conf); $this->data = new Test\RuntimeData($conf);
$this->data->user = new User($this->data); $this->data->user = new User($this->data);
$this->data->user->authorizationEnabled(false);
$_SERVER['PHP_AUTH_USER'] = self::USER1; $_SERVER['PHP_AUTH_USER'] = self::USER1;
$_SERVER['PHP_AUTH_PW'] = "secret"; $_SERVER['PHP_AUTH_PW'] = "secret";
} }
@ -69,4 +70,25 @@ class TestUser extends \PHPUnit\Framework\TestCase {
$this->assertTrue($this->data->user->auth(self::USER1, "secret")); $this->assertTrue($this->data->user->auth(self::USER1, "secret"));
$this->assertFalse($this->data->user->auth(self::USER1, "superman")); $this->assertFalse($this->data->user->auth(self::USER1, "superman"));
} }
function testChangeAPassword() {
$this->data->user->add(self::USER1, "secret");
$this->assertEquals("superman", $this->data->user->passwordSet(self::USER1, "superman"));
$this->assertTrue($this->data->user->auth(self::USER1, "superman"));
$this->assertFalse($this->data->user->auth(self::USER1, "secret"));
$this->assertEquals($this->data->conf->userTempPasswordLength, strlen($this->data->user->passwordSet(self::USER1)));
}
function testChangeAPasswordForAMissingUser() {
$this->assertException("doesNotExist", "User");
$this->data->user->passwordSet(self::USER1, "superman");
}
function testGetThePropertiesOfAUser() {
$this->data->user->add(self::USER1, "secret");
$p = $this->data->user->propertiesGet(self::USER1);
$this->assertArrayHasKey('name', $p);
$this->assertArrayNotHasKey('password', $p);
$this->assertEquals(self::USER1, $p['name']);
}
} }

24
tests/lib/User/DriverInternalMock.php
View File

@ -1,9 +1,13 @@
<?php <?php
declare(strict_types=1); declare(strict_types=1);
namespace JKingWeb\NewsSync\Test\User; namespace JKingWeb\NewsSync\Test\User;
use JKingWeb\NewsSync\Lang, JKingWeb\NewsSync\User\Driver, JKingWeb\NewsSync\User\Exception, PasswordGenerator\Generator as PassGen; use JKingWeb\NewsSync\Lang;
use JKingWeb\NewsSync\User\Driver;
use JKingWeb\NewsSync\User\Exception;
use JKingWeb\NewsSync\User\ExceptionAuthz;
use PasswordGenerator\Generator as PassGen;
final class DriverInternalMock implements Driver { class DriverInternalMock implements Driver {
protected $db = []; protected $db = [];
protected $data; protected $data;
@ -49,14 +53,16 @@ final class DriverInternalMock implements Driver {
} }
function authorize(string $affectedUser, string $action, int $newRightsLevel = 0): bool { function authorize(string $affectedUser, string $action, int $newRightsLevel = 0): bool {
return true; return false;
} }
function userExists(string $user): bool { function userExists(string $user): bool {
if(!$this->data->user->authorize($user, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
return array_key_exists($user, $this->db); return array_key_exists($user, $this->db);
} }
function userAdd(string $user, string $password = null): string { function userAdd(string $user, string $password = null): string {
if(!$this->data->user->authorize($user, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
if($this->userExists($user)) throw new Exception("alreadyExists", ["action" => __FUNCTION__, "user" => $user]); if($this->userExists($user)) throw new Exception("alreadyExists", ["action" => __FUNCTION__, "user" => $user]);
if($password===null) $password = (new PassGen)->length($this->data->conf->userTempPasswordLength)->get(); if($password===null) $password = (new PassGen)->length($this->data->conf->userTempPasswordLength)->get();
$u = [ $u = [
@ -68,6 +74,7 @@ final class DriverInternalMock implements Driver {
} }
function userRemove(string $user): bool { function userRemove(string $user): bool {
if(!$this->data->user->authorize($user, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]); if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
unset($this->db[$user]); unset($this->db[$user]);
return true; return true;
@ -76,10 +83,12 @@ final class DriverInternalMock implements Driver {
function userList(string $domain = null): array { function userList(string $domain = null): array {
$list = array_keys($this->db); $list = array_keys($this->db);
if($domain===null) { if($domain===null) {
if(!$this->data->user->authorize("", __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => "global"]);
return $list; return $list;
} else { } else {
$suffix = '@'.$domain; $suffix = '@'.$domain;
$len = -1 * strlen($suffix); $len = -1 * strlen($suffix);
if(!$this->data->user->authorize($suffix, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $domain]);
return array_filter($list, function($user) use($suffix, $len) { return array_filter($list, function($user) use($suffix, $len) {
return substr_compare($user, $suffix, $len); return substr_compare($user, $suffix, $len);
}); });
@ -87,6 +96,7 @@ final class DriverInternalMock implements Driver {
} }
function userPasswordSet(string $user, string $newPassword = null, string $oldPassword = null): string { function userPasswordSet(string $user, string $newPassword = null, string $oldPassword = null): string {
if(!$this->data->user->authorize($user, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]); if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
if($newPassword===null) $newPassword = (new PassGen)->length($this->data->conf->userTempPasswordLength)->get(); if($newPassword===null) $newPassword = (new PassGen)->length($this->data->conf->userTempPasswordLength)->get();
$this->db[$user]['password'] = password_hash($newPassword, \PASSWORD_DEFAULT); $this->db[$user]['password'] = password_hash($newPassword, \PASSWORD_DEFAULT);
@ -94,22 +104,28 @@ final class DriverInternalMock implements Driver {
} }
function userPropertiesGet(string $user): array { function userPropertiesGet(string $user): array {
if(!$this->data->user->authorize($user, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]); if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
return $this->db[$user]; $out = $this->db[$user];
unset($out['password']);
return $out;
} }
function userPropertiesSet(string $user, array $properties): array { function userPropertiesSet(string $user, array $properties): array {
if(!$this->data->user->authorize($user, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]); if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
$this->db[$user] = array_merge($this->db[$user], $properties); $this->db[$user] = array_merge($this->db[$user], $properties);
return $this->userPropertiesGet($user); return $this->userPropertiesGet($user);
} }
function userRightsGet(string $user): int { function userRightsGet(string $user): int {
if(!$this->data->user->authorize($user, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]); if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
return $this->db[$user]['rights']; return $this->db[$user]['rights'];
} }
function userRightsSet(string $user, int $level): bool { function userRightsSet(string $user, int $level): bool {
if(!$this->data->user->authorize($user, __FUNCTION__)) throw new ExceptionAuthz("notAuthorized", ["action" => __FUNCTION__, "user" => $user]);
if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]); if(!$this->userExists($user)) throw new Exception("doesNotExist", ["action" => __FUNCTION__, "user" => $user]);
$this->db[$user]['rights'] = $level; $this->db[$user]['rights'] = $level;
return true; return true;

Write Preview
Loading…
Cancel
Save