The clean & modern RSS server that doesn't give you any crap. https://thearsse.com/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

TestUser.php 14KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300
  1. <?php
  2. /** @license MIT
  3. * Copyright 2017 J. King, Dustin Wilson et al.
  4. * See LICENSE and AUTHORS files for details */
  5. declare(strict_types=1);
  6. namespace JKingWeb\Arsse\TestCase\User;
  7. use JKingWeb\Arsse\Arsse;
  8. use JKingWeb\Arsse\Conf;
  9. use JKingWeb\Arsse\Database;
  10. use JKingWeb\Arsse\User;
  11. use JKingWeb\Arsse\AbstractException as Exception;
  12. use JKingWeb\Arsse\User\Driver;
  13. use JKingWeb\Arsse\User\Internal\Driver as InternalDriver;
  14. use Phake;
  15. /** @covers \JKingWeb\Arsse\User */
  16. class TestUser extends \JKingWeb\Arsse\Test\AbstractTest {
  17. public function setUp() {
  18. self::clearData();
  19. self::setConf();
  20. // create a mock database interface
  21. Arsse::$db = Phake::mock(Database::class);
  22. Phake::when(Arsse::$db)->begin->thenReturn(Phake::mock(\JKingWeb\Arsse\Db\Transaction::class));
  23. // create a mock user driver
  24. $this->drv = Phake::mock(Driver::class);
  25. }
  26. public function testListDrivers() {
  27. $exp = [
  28. 'JKingWeb\\Arsse\\User\\Internal\\Driver' => Arsse::$lang->msg("Driver.User.Internal.Name"),
  29. ];
  30. $this->assertArraySubset($exp, User::driverList());
  31. }
  32. public function testConstruct() {
  33. $this->assertInstanceOf(User::class, new User($this->drv));
  34. $this->assertInstanceOf(User::class, new User);
  35. }
  36. public function testConversionToString() {
  37. $u = new User;
  38. $u->id = "john.doe@example.com";
  39. $this->assertSame("john.doe@example.com", (string) $u);
  40. $u->id = null;
  41. $this->assertSame("", (string) $u);
  42. }
  43. /** @dataProvider provideAuthentication */
  44. public function testAuthenticateAUser(bool $preAuth, string $user, string $password, bool $exp) {
  45. Arsse::$conf->userPreAuth = $preAuth;
  46. Phake::when($this->drv)->auth->thenReturn(false);
  47. Phake::when($this->drv)->auth("john.doe@example.com", "secret")->thenReturn(true);
  48. Phake::when($this->drv)->auth("jane.doe@example.com", "superman")->thenReturn(true);
  49. Phake::when(Arsse::$db)->userExists("john.doe@example.com")->thenReturn(true);
  50. Phake::when(Arsse::$db)->userExists("jane.doe@example.com")->thenReturn(false);
  51. Phake::when(Arsse::$db)->userAdd->thenReturn("");
  52. $u = new User($this->drv);
  53. $this->assertSame($exp, $u->auth($user, $password));
  54. $this->assertNull($u->id);
  55. Phake::verify(Arsse::$db, Phake::times($exp ? 1 : 0))->userExists($user);
  56. Phake::verify(Arsse::$db, Phake::times($exp && $user == "jane.doe@example.com" ? 1 : 0))->userAdd($user, $password);
  57. }
  58. public function provideAuthentication() {
  59. $john = "john.doe@example.com";
  60. $jane = "jane.doe@example.com";
  61. return [
  62. [false, $john, "secret", true],
  63. [false, $john, "superman", false],
  64. [false, $jane, "secret", false],
  65. [false, $jane, "superman", true],
  66. [true, $john, "secret", true],
  67. [true, $john, "superman", true],
  68. [true, $jane, "secret", true],
  69. [true, $jane, "superman", true],
  70. ];
  71. }
  72. /** @dataProvider provideUserList */
  73. public function testListUsers(bool $authorized, $exp) {
  74. $u = new User($this->drv);
  75. Phake::when($this->drv)->authorize->thenReturn($authorized);
  76. Phake::when($this->drv)->userList->thenReturn(["john.doe@example.com", "jane.doe@example.com"]);
  77. if ($exp instanceof Exception) {
  78. $this->assertException("notAuthorized", "User", "ExceptionAuthz");
  79. }
  80. $this->assertSame($exp, $u->list());
  81. }
  82. public function provideUserList() {
  83. $john = "john.doe@example.com";
  84. $jane = "jane.doe@example.com";
  85. return [
  86. [false, new \JKingWeb\Arsse\User\ExceptionAuthz("notAuthorized")],
  87. [true, [$john, $jane]],
  88. ];
  89. }
  90. /** @dataProvider provideExistence */
  91. public function testCheckThatAUserExists(bool $authorized, string $user, $exp) {
  92. $u = new User($this->drv);
  93. Phake::when($this->drv)->authorize->thenReturn($authorized);
  94. Phake::when($this->drv)->userExists("john.doe@example.com")->thenReturn(true);
  95. Phake::when($this->drv)->userExists("jane.doe@example.com")->thenReturn(false);
  96. if ($exp instanceof Exception) {
  97. $this->assertException("notAuthorized", "User", "ExceptionAuthz");
  98. }
  99. $this->assertSame($exp, $u->exists($user));
  100. }
  101. public function provideExistence() {
  102. $john = "john.doe@example.com";
  103. $jane = "jane.doe@example.com";
  104. return [
  105. [false, $john, new \JKingWeb\Arsse\User\ExceptionAuthz("notAuthorized")],
  106. [false, $jane, new \JKingWeb\Arsse\User\ExceptionAuthz("notAuthorized")],
  107. [true, $john, true],
  108. [true, $jane, false],
  109. ];
  110. }
  111. /** @dataProvider provideAdditions */
  112. public function testAddAUser(bool $authorized, string $user, $password, $exp) {
  113. $u = new User($this->drv);
  114. Phake::when($this->drv)->authorize->thenReturn($authorized);
  115. Phake::when($this->drv)->userAdd("john.doe@example.com", $this->anything())->thenThrow(new \JKingWeb\Arsse\User\Exception("alreadyExists"));
  116. Phake::when($this->drv)->userAdd("jane.doe@example.com", $this->anything())->thenReturnCallback(function($user, $pass) {
  117. return $pass ?? "random password";
  118. });
  119. if ($exp instanceof Exception) {
  120. if ($exp instanceof \JKingWeb\Arsse\User\ExceptionAuthz) {
  121. $this->assertException("notAuthorized", "User", "ExceptionAuthz");
  122. } else {
  123. $this->assertException("alreadyExists", "User");
  124. }
  125. }
  126. $this->assertSame($exp, $u->add($user, $password));
  127. }
  128. /** @dataProvider provideAdditions */
  129. public function testAddAUserWithARandomPassword(bool $authorized, string $user, $password, $exp) {
  130. $u = Phake::partialMock(User::class, $this->drv);
  131. Phake::when($this->drv)->authorize->thenReturn($authorized);
  132. Phake::when($this->drv)->userAdd($this->anything(), $this->isNull())->thenReturn(null);
  133. Phake::when($this->drv)->userAdd("john.doe@example.com", $this->logicalNot($this->isNull()))->thenThrow(new \JKingWeb\Arsse\User\Exception("alreadyExists"));
  134. Phake::when($this->drv)->userAdd("jane.doe@example.com", $this->logicalNot($this->isNull()))->thenReturnCallback(function($user, $pass) {
  135. return $pass;
  136. });
  137. if ($exp instanceof Exception) {
  138. if ($exp instanceof \JKingWeb\Arsse\User\ExceptionAuthz) {
  139. $this->assertException("notAuthorized", "User", "ExceptionAuthz");
  140. $calls = 0;
  141. } else {
  142. $this->assertException("alreadyExists", "User");
  143. $calls = 2;
  144. }
  145. } else {
  146. $calls = 4;
  147. }
  148. try {
  149. $pass1 = $u->add($user, null);
  150. $pass2 = $u->add($user, null);
  151. $this->assertNotEquals($pass1, $pass2);
  152. } finally {
  153. Phake::verify($this->drv, Phake::times($calls))->userAdd;
  154. Phake::verify($u, Phake::times($calls / 2))->generatePassword;
  155. }
  156. }
  157. public function provideAdditions() {
  158. $john = "john.doe@example.com";
  159. $jane = "jane.doe@example.com";
  160. return [
  161. [false, $john, "secret", new \JKingWeb\Arsse\User\ExceptionAuthz("notAuthorized")],
  162. [false, $jane, "superman", new \JKingWeb\Arsse\User\ExceptionAuthz("notAuthorized")],
  163. [true, $john, "secret", new \JKingWeb\Arsse\User\Exception("alreadyExists")],
  164. [true, $jane, "superman", "superman"],
  165. [true, $jane, null, "random password"],
  166. ];
  167. }
  168. /** @dataProvider provideRemovals */
  169. public function testRemoveAUser(bool $authorized, string $user, bool $exists, $exp) {
  170. $u = new User($this->drv);
  171. Phake::when($this->drv)->authorize->thenReturn($authorized);
  172. Phake::when($this->drv)->userRemove("john.doe@example.com")->thenReturn(true);
  173. Phake::when($this->drv)->userRemove("jane.doe@example.com")->thenThrow(new \JKingWeb\Arsse\User\Exception("doesNotExist"));
  174. Phake::when(Arsse::$db)->userExists->thenReturn($exists);
  175. Phake::when(Arsse::$db)->userRemove->thenReturn(true);
  176. if ($exp instanceof Exception) {
  177. if ($exp instanceof \JKingWeb\Arsse\User\ExceptionAuthz) {
  178. $this->assertException("notAuthorized", "User", "ExceptionAuthz");
  179. } else {
  180. $this->assertException("doesNotExist", "User");
  181. }
  182. }
  183. try {
  184. $this->assertSame($exp, $u->remove($user));
  185. } finally {
  186. Phake::verify(Arsse::$db, Phake::times((int) $authorized))->userExists($user);
  187. Phake::verify(Arsse::$db, Phake::times((int) ($authorized && $exists)))->userRemove($user);
  188. }
  189. }
  190. public function provideRemovals() {
  191. $john = "john.doe@example.com";
  192. $jane = "jane.doe@example.com";
  193. return [
  194. [false, $john, true, new \JKingWeb\Arsse\User\ExceptionAuthz("notAuthorized")],
  195. [false, $john, false, new \JKingWeb\Arsse\User\ExceptionAuthz("notAuthorized")],
  196. [false, $jane, true, new \JKingWeb\Arsse\User\ExceptionAuthz("notAuthorized")],
  197. [false, $jane, false, new \JKingWeb\Arsse\User\ExceptionAuthz("notAuthorized")],
  198. [true, $john, true, true],
  199. [true, $john, false, true],
  200. [true, $jane, true, new \JKingWeb\Arsse\User\Exception("doesNotExist")],
  201. [true, $jane, false, new \JKingWeb\Arsse\User\Exception("doesNotExist")],
  202. ];
  203. }
  204. /** @dataProvider providePasswordChanges */
  205. public function testChangeAPassword(bool $authorized, string $user, $password, bool $exists, $exp) {
  206. $u = new User($this->drv);
  207. Phake::when($this->drv)->authorize->thenReturn($authorized);
  208. Phake::when($this->drv)->userPasswordSet("john.doe@example.com", $this->anything(), $this->anything())->thenReturnCallback(function($user, $pass, $old) {
  209. return $pass ?? "random password";
  210. });
  211. Phake::when($this->drv)->userPasswordSet("jane.doe@example.com", $this->anything(), $this->anything())->thenThrow(new \JKingWeb\Arsse\User\Exception("doesNotExist"));
  212. Phake::when(Arsse::$db)->userExists->thenReturn($exists);
  213. if ($exp instanceof Exception) {
  214. if ($exp instanceof \JKingWeb\Arsse\User\ExceptionAuthz) {
  215. $this->assertException("notAuthorized", "User", "ExceptionAuthz");
  216. } else {
  217. $this->assertException("doesNotExist", "User");
  218. }
  219. $calls = 0;
  220. } else {
  221. $calls = 1;
  222. }
  223. try {
  224. $this->assertSame($exp, $u->passwordSet($user, $password));
  225. } finally {
  226. Phake::verify(Arsse::$db, Phake::times($calls))->userExists($user);
  227. Phake::verify(Arsse::$db, Phake::times($exists ? $calls : 0))->userPasswordSet($user, $password ?? "random password", null);
  228. }
  229. }
  230. /** @dataProvider providePasswordChanges */
  231. public function testChangeAPasswordToARandomPassword(bool $authorized, string $user, $password, bool $exists, $exp) {
  232. $u = Phake::partialMock(User::class, $this->drv);
  233. Phake::when($this->drv)->authorize->thenReturn($authorized);
  234. Phake::when($this->drv)->userPasswordSet($this->anything(), $this->isNull(), $this->anything())->thenReturn(null);
  235. Phake::when($this->drv)->userPasswordSet("john.doe@example.com", $this->logicalNot($this->isNull()), $this->anything())->thenReturnCallback(function($user, $pass, $old) {
  236. return $pass ?? "random password";
  237. });
  238. Phake::when($this->drv)->userPasswordSet("jane.doe@example.com", $this->logicalNot($this->isNull()), $this->anything())->thenThrow(new \JKingWeb\Arsse\User\Exception("doesNotExist"));
  239. Phake::when(Arsse::$db)->userExists->thenReturn($exists);
  240. if ($exp instanceof Exception) {
  241. if ($exp instanceof \JKingWeb\Arsse\User\ExceptionAuthz) {
  242. $this->assertException("notAuthorized", "User", "ExceptionAuthz");
  243. $calls = 0;
  244. } else {
  245. $this->assertException("doesNotExist", "User");
  246. $calls = 2;
  247. }
  248. } else {
  249. $calls = 4;
  250. }
  251. try {
  252. $pass1 = $u->passwordSet($user, null);
  253. $pass2 = $u->passwordSet($user, null);
  254. $this->assertNotEquals($pass1, $pass2);
  255. } finally {
  256. Phake::verify($this->drv, Phake::times($calls))->userPasswordSet;
  257. Phake::verify($u, Phake::times($calls / 2))->generatePassword;
  258. Phake::verify(Arsse::$db, Phake::times($calls==4 ? 2 : 0))->userExists($user);
  259. if ($calls == 4) {
  260. Phake::verify(Arsse::$db, Phake::times($exists ? 1 : 0))->userPasswordSet($user, $pass1, null);
  261. Phake::verify(Arsse::$db, Phake::times($exists ? 1 : 0))->userPasswordSet($user, $pass2, null);
  262. } else {
  263. Phake::verify(Arsse::$db, Phake::times(0))->userPasswordSet;
  264. }
  265. }
  266. }
  267. public function providePasswordChanges() {
  268. $john = "john.doe@example.com";
  269. $jane = "jane.doe@example.com";
  270. return [
  271. [false, $john, "secret", true, new \JKingWeb\Arsse\User\ExceptionAuthz("notAuthorized")],
  272. [false, $jane, "superman", false, new \JKingWeb\Arsse\User\ExceptionAuthz("notAuthorized")],
  273. [true, $john, "superman", true, "superman"],
  274. [true, $john, null, true, "random password"],
  275. [true, $john, "superman", false, "superman"],
  276. [true, $john, null, false, "random password"],
  277. [true, $jane, "secret", true, new \JKingWeb\Arsse\User\Exception("doesNotExist")],
  278. ];
  279. }
  280. }