summaryrefslogtreecommitdiff
path: root/tests/units
diff options
context:
space:
mode:
authorFrederic Guillot <fred@kanboard.net>2015-12-05 20:31:27 -0500
committerFrederic Guillot <fred@kanboard.net>2015-12-05 20:31:27 -0500
commite9fedf3e5cd63aea4da7a71f6647ee427c62fa49 (patch)
treeabc2de5aebace4a2d7c94805552264dab6b10bc7 /tests/units
parent346b8312e5ac877ce3192c2db3a26b500018bbb5 (diff)
Rewrite of the authentication and authorization system
Diffstat (limited to 'tests/units')
-rw-r--r--tests/units/Action/TaskAssignCurrentUserTest.php2
-rw-r--r--tests/units/Auth/DatabaseAuthTest.php52
-rw-r--r--tests/units/Auth/LdapTest.php697
-rw-r--r--tests/units/Auth/ReverseProxyTest.php37
-rw-r--r--tests/units/Auth/TotpAuthTest.php63
-rw-r--r--tests/units/Base.php3
-rw-r--r--tests/units/Core/Http/OAuth2Test.php (renamed from tests/units/Core/OAuth2Test.php)4
-rw-r--r--tests/units/Core/Http/RememberMeCookieTest.php108
-rw-r--r--tests/units/Core/Http/RequestTest.php175
-rw-r--r--tests/units/Core/Ldap/ClientTest.php53
-rw-r--r--tests/units/Core/Ldap/EntriesTest.php55
-rw-r--r--tests/units/Core/Ldap/EntryTest.php71
-rw-r--r--tests/units/Core/Ldap/LdapGroupTest.php160
-rw-r--r--tests/units/Core/Ldap/LdapUserTest.php379
-rw-r--r--tests/units/Core/Ldap/QueryTest.php45
-rw-r--r--tests/units/Core/Ldap/UserTest.php95
-rw-r--r--tests/units/Core/Security/AccessMapTest.php29
-rw-r--r--tests/units/Core/Security/AuthenticationManagerTest.php150
-rw-r--r--tests/units/Core/Security/AuthorizationTest.php25
-rw-r--r--tests/units/Core/User/GroupSyncTest.php30
-rw-r--r--tests/units/Core/User/UserProfileTest.php63
-rw-r--r--tests/units/Core/User/UserPropertyTest.php60
-rw-r--r--tests/units/Core/User/UserSessionTest.php (renamed from tests/units/Model/UserSessionTest.php)58
-rw-r--r--tests/units/Core/User/UserSyncTest.php55
-rw-r--r--tests/units/Helper/UserHelperTest.php261
-rw-r--r--tests/units/Integration/BitbucketWebhookTest.php11
-rw-r--r--tests/units/Integration/GithubWebhookTest.php15
-rw-r--r--tests/units/Integration/GitlabWebhookTest.php7
-rw-r--r--tests/units/Model/AclTest.php296
-rw-r--r--tests/units/Model/ActionTest.php27
-rw-r--r--tests/units/Model/AuthenticationTest.php39
-rw-r--r--tests/units/Model/ProjectDuplicationTest.php37
-rw-r--r--tests/units/Model/ProjectGroupRoleTest.php340
-rw-r--r--tests/units/Model/ProjectPermissionTest.php318
-rw-r--r--tests/units/Model/ProjectTest.php1
-rw-r--r--tests/units/Model/ProjectUserRoleTest.php400
-rw-r--r--tests/units/Model/SubtaskTest.php2
-rw-r--r--tests/units/Model/TaskCreationTest.php1
-rw-r--r--tests/units/Model/TaskDuplicationTest.php35
-rw-r--r--tests/units/Model/TaskFinderTest.php1
-rw-r--r--tests/units/Model/TaskModificationTest.php1
-rw-r--r--tests/units/Model/TaskPermissionTest.php2
-rw-r--r--tests/units/Model/TaskStatusTest.php1
-rw-r--r--tests/units/Model/TaskTest.php1
-rw-r--r--tests/units/Model/UserLockingTest.php43
-rw-r--r--tests/units/Model/UserNotificationTest.php22
-rw-r--r--tests/units/Model/UserTest.php108
-rw-r--r--tests/units/Notification/MailTest.php1
-rw-r--r--tests/units/User/DatabaseUserProviderTest.php14
49 files changed, 2692 insertions, 1761 deletions
diff --git a/tests/units/Action/TaskAssignCurrentUserTest.php b/tests/units/Action/TaskAssignCurrentUserTest.php
index 08176b1c..e2d1c11a 100644
--- a/tests/units/Action/TaskAssignCurrentUserTest.php
+++ b/tests/units/Action/TaskAssignCurrentUserTest.php
@@ -7,7 +7,7 @@ use Kanboard\Model\Task;
use Kanboard\Model\TaskCreation;
use Kanboard\Model\TaskFinder;
use Kanboard\Model\Project;
-use Kanboard\Model\UserSession;
+use Kanboard\Core\User\UserSession;
use Kanboard\Action\TaskAssignCurrentUser;
class TaskAssignCurrentUserTest extends Base
diff --git a/tests/units/Auth/DatabaseAuthTest.php b/tests/units/Auth/DatabaseAuthTest.php
new file mode 100644
index 00000000..a13b7fee
--- /dev/null
+++ b/tests/units/Auth/DatabaseAuthTest.php
@@ -0,0 +1,52 @@
+<?php
+
+require_once __DIR__.'/../Base.php';
+
+use Kanboard\Auth\DatabaseAuth;
+
+class DatabaseAuthTest extends Base
+{
+ public function testGetName()
+ {
+ $provider = new DatabaseAuth($this->container);
+ $this->assertEquals('Database', $provider->getName());
+ }
+
+ public function testAuthenticate()
+ {
+ $provider = new DatabaseAuth($this->container);
+
+ $provider->setUsername('admin');
+ $provider->setPassword('admin');
+ $this->assertTrue($provider->authenticate());
+
+ $provider->setUsername('admin');
+ $provider->setPassword('test');
+ $this->assertFalse($provider->authenticate());
+ }
+
+ public function testGetUser()
+ {
+ $provider = new DatabaseAuth($this->container);
+ $this->assertEquals(null, $provider->getUser());
+
+ $provider = new DatabaseAuth($this->container);
+ $provider->setUsername('admin');
+ $provider->setPassword('admin');
+
+ $this->assertTrue($provider->authenticate());
+ $this->assertInstanceOf('Kanboard\User\DatabaseUserProvider', $provider->getUser());
+ }
+
+ public function testIsvalidSession()
+ {
+ $provider = new DatabaseAuth($this->container);
+ $this->assertFalse($provider->isValidSession());
+
+ $this->container['sessionStorage']->user = array('id' => 1);
+ $this->assertTrue($provider->isValidSession());
+
+ $this->container['sessionStorage']->user = array('id' => 2);
+ $this->assertFalse($provider->isValidSession());
+ }
+}
diff --git a/tests/units/Auth/LdapTest.php b/tests/units/Auth/LdapTest.php
deleted file mode 100644
index bf2cec35..00000000
--- a/tests/units/Auth/LdapTest.php
+++ /dev/null
@@ -1,697 +0,0 @@
-<?php
-
-namespace Kanboard\Auth;
-
-require_once __DIR__.'/../Base.php';
-
-function ldap_connect($hostname, $port)
-{
- return LdapTest::$functions->ldap_connect($hostname, $port);
-}
-
-function ldap_set_option()
-{
-}
-
-function ldap_bind($link_identifier, $bind_rdn, $bind_password)
-{
- return LdapTest::$functions->ldap_bind($link_identifier, $bind_rdn, $bind_password);
-}
-
-function ldap_search($link_identifier, $base_dn, $filter, array $attributes)
-{
- return LdapTest::$functions->ldap_search($link_identifier, $base_dn, $filter, $attributes);
-}
-
-function ldap_get_entries($link_identifier, $result_identifier)
-{
- return LdapTest::$functions->ldap_get_entries($link_identifier, $result_identifier);
-}
-
-class LdapTest extends \Base
-{
- public static $functions;
- private $ldap;
-
- public function setUp()
- {
- parent::setup();
-
- self::$functions = $this
- ->getMockBuilder('stdClass')
- ->setMethods(array(
- 'ldap_connect',
- 'ldap_set_option',
- 'ldap_bind',
- 'ldap_search',
- 'ldap_get_entries',
- ))
- ->getMock();
- }
-
- public function tearDown()
- {
- parent::tearDown();
- self::$functions = null;
- }
-
- public function testGetAttributes()
- {
- $ldap = new Ldap($this->container);
- $this->assertCount(3, $ldap->getProfileAttributes());
- $this->assertContains(LDAP_ACCOUNT_FULLNAME, $ldap->getProfileAttributes());
- $this->assertContains(LDAP_ACCOUNT_EMAIL, $ldap->getProfileAttributes());
- $this->assertContains(LDAP_ACCOUNT_MEMBEROF, $ldap->getProfileAttributes());
- }
-
- public function testConnectSuccess()
- {
- $ldap = $this
- ->getMockBuilder('\Kanboard\Auth\Ldap')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('getLdapServer'))
- ->getMock();
-
- $ldap
- ->expects($this->once())
- ->method('getLdapServer')
- ->will($this->returnValue('my_ldap_server'));
-
- self::$functions
- ->expects($this->once())
- ->method('ldap_connect')
- ->with(
- $this->equalTo('my_ldap_server'),
- $this->equalTo($ldap->getLdapPort())
- )
- ->will($this->returnValue('my_ldap_resource'));
-
- $this->assertNotFalse($ldap->connect());
- }
-
- public function testConnectFailure()
- {
- $ldap = $this
- ->getMockBuilder('\Kanboard\Auth\Ldap')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('getLdapServer'))
- ->getMock();
-
- $ldap
- ->expects($this->once())
- ->method('getLdapServer')
- ->will($this->returnValue('my_ldap_server'));
-
- self::$functions
- ->expects($this->once())
- ->method('ldap_connect')
- ->with(
- $this->equalTo('my_ldap_server'),
- $this->equalTo($ldap->getLdapPort())
- )
- ->will($this->returnValue(false));
-
- $this->assertFalse($ldap->connect());
- }
-
- public function testBindAnonymous()
- {
- $ldap = $this
- ->getMockBuilder('\Kanboard\Auth\Ldap')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('getLdapBindType'))
- ->getMock();
-
- $ldap
- ->expects($this->any())
- ->method('getLdapBindType')
- ->will($this->returnValue('anonymous'));
-
- self::$functions
- ->expects($this->once())
- ->method('ldap_bind')
- ->with(
- $this->equalTo('my_ldap_connection'),
- $this->equalTo(null),
- $this->equalTo(null)
- )
- ->will($this->returnValue(true));
-
- $this->assertTrue($ldap->bind('my_ldap_connection', 'my_user', 'my_password'));
- }
-
- public function testBindUser()
- {
- $ldap = $this
- ->getMockBuilder('\Kanboard\Auth\Ldap')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('getLdapUsername', 'getLdapBindType'))
- ->getMock();
-
- $ldap
- ->expects($this->once())
- ->method('getLdapUsername')
- ->will($this->returnValue('uid=my_user'));
-
- $ldap
- ->expects($this->any())
- ->method('getLdapBindType')
- ->will($this->returnValue('user'));
-
- self::$functions
- ->expects($this->once())
- ->method('ldap_bind')
- ->with(
- $this->equalTo('my_ldap_connection'),
- $this->equalTo('uid=my_user'),
- $this->equalTo('my_password')
- )
- ->will($this->returnValue(true));
-
- $this->assertTrue($ldap->bind('my_ldap_connection', 'my_user', 'my_password'));
- }
-
- public function testBindProxy()
- {
- $ldap = $this
- ->getMockBuilder('\Kanboard\Auth\Ldap')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('getLdapUsername', 'getLdapPassword', 'getLdapBindType'))
- ->getMock();
-
- $ldap
- ->expects($this->once())
- ->method('getLdapUsername')
- ->will($this->returnValue('someone'));
-
- $ldap
- ->expects($this->once())
- ->method('getLdapPassword')
- ->will($this->returnValue('something'));
-
- $ldap
- ->expects($this->any())
- ->method('getLdapBindType')
- ->will($this->returnValue('proxy'));
-
- self::$functions
- ->expects($this->once())
- ->method('ldap_bind')
- ->with(
- $this->equalTo('my_ldap_connection'),
- $this->equalTo('someone'),
- $this->equalTo('something')
- )
- ->will($this->returnValue(true));
-
- $this->assertTrue($ldap->bind('my_ldap_connection', 'my_user', 'my_password'));
- }
-
- public function testSearchSuccess()
- {
- $entries = array(
- 'count' => 1,
- 0 => array(
- 'count' => 2,
- 'dn' => 'uid=my_user,ou=People,dc=kanboard,dc=local',
- 'displayname' => array(
- 'count' => 1,
- 0 => 'My user',
- ),
- 'mail' => array(
- 'count' => 2,
- 0 => 'user1@localhost',
- 1 => 'user2@localhost',
- ),
- 0 => 'displayname',
- 1 => 'mail',
- )
- );
-
- $expected = array(
- 'username' => 'my_user',
- 'name' => 'My user',
- 'email' => 'user1@localhost',
- 'is_admin' => 0,
- 'is_project_admin' => 0,
- 'is_ldap_user' => 1,
- );
-
- $ldap = $this
- ->getMockBuilder('\Kanboard\Auth\Ldap')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('getLdapUserPattern', 'getLdapBaseDn'))
- ->getMock();
-
- $ldap
- ->expects($this->once())
- ->method('getLdapUserPattern')
- ->will($this->returnValue('uid=my_user'));
-
- $ldap
- ->expects($this->once())
- ->method('getLdapBaseDn')
- ->will($this->returnValue('ou=People,dc=kanboard,dc=local'));
-
- self::$functions
- ->expects($this->at(0))
- ->method('ldap_search')
- ->with(
- $this->equalTo('my_ldap_connection'),
- $this->equalTo('ou=People,dc=kanboard,dc=local'),
- $this->equalTo('uid=my_user'),
- $this->equalTo($ldap->getProfileAttributes())
- )
- ->will($this->returnValue('my_result_identifier'));
-
- self::$functions
- ->expects($this->at(1))
- ->method('ldap_get_entries')
- ->with(
- $this->equalTo('my_ldap_connection'),
- $this->equalTo('my_result_identifier')
- )
- ->will($this->returnValue($entries));
-
- self::$functions
- ->expects($this->at(2))
- ->method('ldap_bind')
- ->with(
- $this->equalTo('my_ldap_connection'),
- $this->equalTo('uid=my_user,ou=People,dc=kanboard,dc=local'),
- $this->equalTo('my_password')
- )
- ->will($this->returnValue(true));
-
- $this->assertEquals($expected, $ldap->getProfile('my_ldap_connection', 'my_user', 'my_password'));
- }
-
- public function testSearchWithBadPassword()
- {
- $entries = array(
- 'count' => 1,
- 0 => array(
- 'count' => 2,
- 'dn' => 'uid=my_user,ou=People,dc=kanboard,dc=local',
- 'displayname' => array(
- 'count' => 1,
- 0 => 'My user',
- ),
- 'mail' => array(
- 'count' => 2,
- 0 => 'user1@localhost',
- 1 => 'user2@localhost',
- ),
- 0 => 'displayname',
- 1 => 'mail',
- )
- );
-
- $ldap = $this
- ->getMockBuilder('\Kanboard\Auth\Ldap')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('getLdapUserPattern', 'getLdapBaseDn'))
- ->getMock();
-
- $ldap
- ->expects($this->once())
- ->method('getLdapUserPattern')
- ->will($this->returnValue('uid=my_user'));
-
- $ldap
- ->expects($this->once())
- ->method('getLdapBaseDn')
- ->will($this->returnValue('ou=People,dc=kanboard,dc=local'));
-
- self::$functions
- ->expects($this->at(0))
- ->method('ldap_search')
- ->with(
- $this->equalTo('my_ldap_connection'),
- $this->equalTo('ou=People,dc=kanboard,dc=local'),
- $this->equalTo('uid=my_user'),
- $this->equalTo($ldap->getProfileAttributes())
- )
- ->will($this->returnValue('my_result_identifier'));
-
- self::$functions
- ->expects($this->at(1))
- ->method('ldap_get_entries')
- ->with(
- $this->equalTo('my_ldap_connection'),
- $this->equalTo('my_result_identifier')
- )
- ->will($this->returnValue($entries));
-
- self::$functions
- ->expects($this->at(2))
- ->method('ldap_bind')
- ->with(
- $this->equalTo('my_ldap_connection'),
- $this->equalTo('uid=my_user,ou=People,dc=kanboard,dc=local'),
- $this->equalTo('my_password')
- )
- ->will($this->returnValue(false));
-
- $this->assertFalse($ldap->getProfile('my_ldap_connection', 'my_user', 'my_password'));
- }
-
- public function testSearchWithUserNotFound()
- {
- $ldap = $this
- ->getMockBuilder('\Kanboard\Auth\Ldap')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('getLdapUserPattern', 'getLdapBaseDn'))
- ->getMock();
-
- $ldap
- ->expects($this->once())
- ->method('getLdapUserPattern')
- ->will($this->returnValue('uid=my_user'));
-
- $ldap
- ->expects($this->once())
- ->method('getLdapBaseDn')
- ->will($this->returnValue('ou=People,dc=kanboard,dc=local'));
-
- self::$functions
- ->expects($this->at(0))
- ->method('ldap_search')
- ->with(
- $this->equalTo('my_ldap_connection'),
- $this->equalTo('ou=People,dc=kanboard,dc=local'),
- $this->equalTo('uid=my_user'),
- $this->equalTo($ldap->getProfileAttributes())
- )
- ->will($this->returnValue('my_result_identifier'));
-
- self::$functions
- ->expects($this->at(1))
- ->method('ldap_get_entries')
- ->with(
- $this->equalTo('my_ldap_connection'),
- $this->equalTo('my_result_identifier')
- )
- ->will($this->returnValue(array()));
-
- $this->assertFalse($ldap->getProfile('my_ldap_connection', 'my_user', 'my_password'));
- }
-
- public function testSuccessfulAuthentication()
- {
- $this->container['userSession'] = $this
- ->getMockBuilder('\Kanboard\Model\UserSession')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('initialize'))
- ->getMock();
-
- $this->container['user'] = $this
- ->getMockBuilder('\Kanboard\Model\User')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('getByUsername'))
- ->getMock();
-
- $ldap = $this
- ->getMockBuilder('\Kanboard\Auth\Ldap')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('findUser'))
- ->getMock();
-
- $ldap
- ->expects($this->once())
- ->method('findUser')
- ->with(
- $this->equalTo('user'),
- $this->equalTo('password')
- )
- ->will($this->returnValue(array('username' => 'user', 'name' => 'My user', 'email' => 'user@here')));
-
- $this->container['user']
- ->expects($this->once())
- ->method('getByUsername')
- ->with(
- $this->equalTo('user')
- )
- ->will($this->returnValue(array('id' => 2, 'username' => 'user', 'is_ldap_user' => 1)));
-
- $this->container['userSession']
- ->expects($this->once())
- ->method('initialize');
-
- $this->assertTrue($ldap->authenticate('user', 'password'));
- }
-
- public function testAuthenticationWithExistingLocalUser()
- {
- $this->container['userSession'] = $this
- ->getMockBuilder('\Kanboard\Model\UserSession')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('initialize'))
- ->getMock();
-
- $this->container['user'] = $this
- ->getMockBuilder('\Kanboard\Model\User')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('getByUsername'))
- ->getMock();
-
- $ldap = $this
- ->getMockBuilder('\Kanboard\Auth\Ldap')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('findUser'))
- ->getMock();
-
- $ldap
- ->expects($this->once())
- ->method('findUser')
- ->with(
- $this->equalTo('user'),
- $this->equalTo('password')
- )
- ->will($this->returnValue(array('username' => 'user', 'name' => 'My user', 'email' => 'user@here')));
-
- $this->container['user']
- ->expects($this->once())
- ->method('getByUsername')
- ->with(
- $this->equalTo('user')
- )
- ->will($this->returnValue(array('id' => 2, 'username' => 'user', 'is_ldap_user' => 0)));
-
- $this->container['userSession']
- ->expects($this->never())
- ->method('initialize');
-
- $this->assertFalse($ldap->authenticate('user', 'password'));
- }
-
- public function testAuthenticationWithAutomaticAccountCreation()
- {
- $ldap_profile = array('username' => 'user', 'name' => 'My user', 'email' => 'user@here');
-
- $this->container['userSession'] = $this
- ->getMockBuilder('\Kanboard\Model\UserSession')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('initialize'))
- ->getMock();
-
- $this->container['user'] = $this
- ->getMockBuilder('\Kanboard\Model\User')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('getByUsername', 'create'))
- ->getMock();
-
- $ldap = $this
- ->getMockBuilder('\Kanboard\Auth\Ldap')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('findUser'))
- ->getMock();
-
- $ldap
- ->expects($this->at(0))
- ->method('findUser')
- ->with(
- $this->equalTo('user'),
- $this->equalTo('password')
- )
- ->will($this->returnValue($ldap_profile));
-
- $this->container['user']
- ->expects($this->at(0))
- ->method('getByUsername')
- ->with(
- $this->equalTo('user')
- )
- ->will($this->returnValue(null));
-
- $this->container['user']
- ->expects($this->at(1))
- ->method('create')
- ->with(
- $this->equalTo($ldap_profile)
- )
- ->will($this->returnValue(true));
-
- $this->container['user']
- ->expects($this->at(2))
- ->method('getByUsername')
- ->with(
- $this->equalTo('user')
- )
- ->will($this->returnValue(array('id' => 2, 'username' => 'user', 'is_ldap_user' => 1)));
-
- $this->container['userSession']
- ->expects($this->once())
- ->method('initialize');
-
- $this->assertTrue($ldap->authenticate('user', 'password'));
- }
-
- public function testAuthenticationWithAutomaticAccountCreationFailed()
- {
- $ldap_profile = array('username' => 'user', 'name' => 'My user', 'email' => 'user@here');
-
- $this->container['userSession'] = $this
- ->getMockBuilder('\Kanboard\Model\UserSession')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('initialize'))
- ->getMock();
-
- $this->container['user'] = $this
- ->getMockBuilder('\Kanboard\Model\User')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('getByUsername', 'create'))
- ->getMock();
-
- $ldap = $this
- ->getMockBuilder('\Kanboard\Auth\Ldap')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('findUser'))
- ->getMock();
-
- $ldap
- ->expects($this->at(0))
- ->method('findUser')
- ->with(
- $this->equalTo('user'),
- $this->equalTo('password')
- )
- ->will($this->returnValue($ldap_profile));
-
- $this->container['user']
- ->expects($this->at(0))
- ->method('getByUsername')
- ->with(
- $this->equalTo('user')
- )
- ->will($this->returnValue(null));
-
- $this->container['user']
- ->expects($this->at(1))
- ->method('create')
- ->with(
- $this->equalTo($ldap_profile)
- )
- ->will($this->returnValue(false));
-
- $this->container['userSession']
- ->expects($this->never())
- ->method('initialize');
-
- $this->assertFalse($ldap->authenticate('user', 'password'));
- }
-
- public function testLookup()
- {
- $entries = array(
- 'count' => 1,
- 0 => array(
- 'count' => 2,
- 'dn' => 'uid=my_user,ou=People,dc=kanboard,dc=local',
- 'displayname' => array(
- 'count' => 1,
- 0 => 'My LDAP user',
- ),
- 'mail' => array(
- 'count' => 2,
- 0 => 'user1@localhost',
- 1 => 'user2@localhost',
- ),
- 'samaccountname' => array(
- 'count' => 1,
- 0 => 'my_ldap_user',
- ),
- 0 => 'displayname',
- 1 => 'mail',
- 2 => 'samaccountname',
- )
- );
-
- $expected = array(
- 'username' => 'my_ldap_user',
- 'name' => 'My LDAP user',
- 'email' => 'user1@localhost',
- 'is_admin' => 0,
- 'is_project_admin' => 0,
- 'is_ldap_user' => 1,
- );
-
- $ldap = $this
- ->getMockBuilder('\Kanboard\Auth\Ldap')
- ->setConstructorArgs(array($this->container))
- ->setMethods(array('connect', 'getLdapUserPattern', 'getLdapBaseDn', 'getLdapAccountId'))
- ->getMock();
-
- $ldap
- ->expects($this->once())
- ->method('connect')
- ->will($this->returnValue('my_ldap_connection'));
-
- $ldap
- ->expects($this->once())
- ->method('getLdapUserPattern')
- ->will($this->returnValue('sAMAccountName=my_user'));
-
- $ldap
- ->expects($this->any())
- ->method('getLdapAccountId')
- ->will($this->returnValue('samaccountname'));
-
- $ldap
- ->expects($this->once())
- ->method('getLdapBaseDn')
- ->will($this->returnValue('ou=People,dc=kanboard,dc=local'));
-
- self::$functions
- ->expects($this->at(0))
- ->method('ldap_bind')
- ->with(
- $this->equalTo('my_ldap_connection'),
- $this->equalTo(null),
- $this->equalTo(null)
- )
- ->will($this->returnValue(true));
-
- self::$functions
- ->expects($this->at(1))
- ->method('ldap_search')
- ->with(
- $this->equalTo('my_ldap_connection'),
- $this->equalTo('ou=People,dc=kanboard,dc=local'),
- $this->equalTo('(&(sAMAccountName=my_user)(mail=user@localhost))'),
- $this->equalTo($ldap->getProfileAttributes())
- )
- ->will($this->returnValue('my_result_identifier'));
-
- self::$functions
- ->expects($this->at(2))
- ->method('ldap_get_entries')
- ->with(
- $this->equalTo('my_ldap_connection'),
- $this->equalTo('my_result_identifier')
- )
- ->will($this->returnValue($entries));
-
- $this->assertEquals($expected, $ldap->lookup('my_user', 'user@localhost'));
- }
-}
diff --git a/tests/units/Auth/ReverseProxyTest.php b/tests/units/Auth/ReverseProxyTest.php
deleted file mode 100644
index 6aaa5a67..00000000
--- a/tests/units/Auth/ReverseProxyTest.php
+++ /dev/null
@@ -1,37 +0,0 @@
-<?php
-
-require_once __DIR__.'/../Base.php';
-
-use Kanboard\Auth\ReverseProxy;
-use Kanboard\Model\User;
-
-class ReverseProxyTest extends Base
-{
- public function setUp()
- {
- parent::setup();
- $_SERVER = array();
- }
-
- public function testFailedAuthentication()
- {
- $auth = new ReverseProxy($this->container);
- $this->assertFalse($auth->authenticate());
- }
-
- public function testSuccessfulAuthentication()
- {
- $_SERVER[REVERSE_PROXY_USER_HEADER] = 'my_user';
-
- $a = new ReverseProxy($this->container);
- $u = new User($this->container);
-
- $this->assertTrue($a->authenticate());
-
- $user = $u->getByUsername('my_user');
- $this->assertNotEmpty($user);
- $this->assertEquals(0, $user['is_admin']);
- $this->assertEquals(1, $user['is_ldap_user']);
- $this->assertEquals(1, $user['disable_login_form']);
- }
-}
diff --git a/tests/units/Auth/TotpAuthTest.php b/tests/units/Auth/TotpAuthTest.php
new file mode 100644
index 00000000..fcb7ea31
--- /dev/null
+++ b/tests/units/Auth/TotpAuthTest.php
@@ -0,0 +1,63 @@
+<?php
+
+require_once __DIR__.'/../Base.php';
+
+use Kanboard\Auth\TotpAuth;
+
+class TotpAuthTest extends Base
+{
+ public function testGetName()
+ {
+ $provider = new TotpAuth($this->container);
+ $this->assertEquals('Time-based One-time Password Algorithm', $provider->getName());
+ }
+
+ public function testGetSecret()
+ {
+ $provider = new TotpAuth($this->container);
+ $secret = $provider->getSecret();
+
+ $this->assertNotEmpty($secret);
+ $this->assertEquals($secret, $provider->getSecret());
+ $this->assertEquals($secret, $provider->getSecret());
+ }
+
+ public function testSetSecret()
+ {
+ $provider = new TotpAuth($this->container);
+ $provider->setSecret('mySecret');
+ $this->assertEquals('mySecret', $provider->getSecret());
+ }
+
+ public function testGetUrl()
+ {
+ $provider = new TotpAuth($this->container);
+ $this->assertEmpty($provider->getQrCodeUrl('me'));
+ $this->assertEmpty($provider->getKeyUrl('me'));
+
+ $provider->setSecret('mySecret');
+ $this->assertEquals(
+ 'https://chart.googleapis.com/chart?chs=200x200&cht=qr&chld=M|0&chl=otpauth%3A%2F%2Ftotp%2Fme%3Fsecret%3DmySecret',
+ $provider->getQrCodeUrl('me')
+ );
+
+ $this->assertEquals('otpauth://totp/me?secret=mySecret', $provider->getKeyUrl('me'));
+ }
+
+ public function testAuthentication()
+ {
+ $provider = new TotpAuth($this->container);
+
+ $secret = $provider->getSecret();
+ $this->assertNotEmpty($secret);
+
+ $provider->setCode('1234');
+ $this->assertFalse($provider->authenticate());
+
+ if (!!`which oathtool`) {
+ $code = shell_exec('oathtool --totp -b '.$secret);
+ $provider->setCode(trim($code));
+ $this->assertTrue($provider->authenticate());
+ }
+ }
+}
diff --git a/tests/units/Base.php b/tests/units/Base.php
index 6d7a97a3..4b54cdb0 100644
--- a/tests/units/Base.php
+++ b/tests/units/Base.php
@@ -75,8 +75,11 @@ abstract class Base extends PHPUnit_Framework_TestCase
}
$this->container = new Pimple\Container;
+ $this->container->register(new Kanboard\ServiceProvider\AuthenticationProvider);
$this->container->register(new Kanboard\ServiceProvider\DatabaseProvider);
$this->container->register(new Kanboard\ServiceProvider\ClassProvider);
+ $this->container->register(new Kanboard\ServiceProvider\NotificationProvider);
+ $this->container->register(new Kanboard\ServiceProvider\RouteProvider);
$this->container['dispatcher'] = new TraceableEventDispatcher(
new EventDispatcher,
diff --git a/tests/units/Core/OAuth2Test.php b/tests/units/Core/Http/OAuth2Test.php
index d5713608..d703dd7a 100644
--- a/tests/units/Core/OAuth2Test.php
+++ b/tests/units/Core/Http/OAuth2Test.php
@@ -1,8 +1,8 @@
<?php
-require_once __DIR__.'/../Base.php';
+require_once __DIR__.'/../../Base.php';
-use Kanboard\Core\OAuth2;
+use Kanboard\Core\Http\OAuth2;
class OAuth2Test extends Base
{
diff --git a/tests/units/Core/Http/RememberMeCookieTest.php b/tests/units/Core/Http/RememberMeCookieTest.php
new file mode 100644
index 00000000..ae5606ac
--- /dev/null
+++ b/tests/units/Core/Http/RememberMeCookieTest.php
@@ -0,0 +1,108 @@
+<?php
+
+namespace Kanboard\Core\Http;
+
+require_once __DIR__.'/../../Base.php';
+
+function setcookie($name, $value = "", $expire = 0, $path = "", $domain = "", $secure = false, $httponly = false)
+{
+ return RememberMeCookieTest::$functions->setcookie($name, $value, $expire, $path, $domain, $secure, $httponly);
+}
+
+class RememberMeCookieTest extends \Base
+{
+ public static $functions;
+
+ public function setUp()
+ {
+ parent::setup();
+
+ self::$functions = $this
+ ->getMockBuilder('stdClass')
+ ->setMethods(array(
+ 'setcookie',
+ ))
+ ->getMock();
+ }
+
+ public function tearDown()
+ {
+ parent::tearDown();
+ self::$functions = null;
+ }
+
+ public function testEncode()
+ {
+ $cookie = new RememberMeCookie($this->container);
+ $this->assertEquals('a|b', $cookie->encode('a', 'b'));
+ }
+
+ public function testDecode()
+ {
+ $cookie = new RememberMeCookie($this->container);
+ $this->assertEquals(array('token' => 'a', 'sequence' => 'b'), $cookie->decode('a|b'));
+ }
+
+ public function testHasCookie()
+ {
+ $this->container['request'] = new Request($this->container, array(), array(), array(), array(), array());
+
+ $cookie = new RememberMeCookie($this->container);
+ $this->assertFalse($cookie->hasCookie());
+
+ $this->container['request'] = new Request($this->container, array(), array(), array(), array(), array(RememberMeCookie::COOKIE_NAME => 'miam'));
+ $this->assertTrue($cookie->hasCookie());
+ }
+
+ public function testWrite()
+ {
+ self::$functions
+ ->expects($this->once())
+ ->method('setcookie')
+ ->with(
+ RememberMeCookie::COOKIE_NAME,
+ 'myToken|mySequence',
+ 1234,
+ '',
+ '',
+ false,
+ true
+ )
+ ->will($this->returnValue(true));
+
+ $cookie = new RememberMeCookie($this->container);
+ $this->assertTrue($cookie->write('myToken', 'mySequence', 1234));
+ }
+
+ public function testRead()
+ {
+ $this->container['request'] = new Request($this->container, array(), array(), array(), array(), array());
+
+ $cookie = new RememberMeCookie($this->container);
+ $this->assertFalse($cookie->read());
+
+ $this->container['request'] = new Request($this->container, array(), array(), array(), array(), array(RememberMeCookie::COOKIE_NAME => 'T|S'));
+
+ $this->assertEquals(array('token' => 'T', 'sequence' => 'S'), $cookie->read());
+ }
+
+ public function testRemove()
+ {
+ self::$functions
+ ->expects($this->once())
+ ->method('setcookie')
+ ->with(
+ RememberMeCookie::COOKIE_NAME,
+ '',
+ time() - 3600,
+ '',
+ '',
+ false,
+ true
+ )
+ ->will($this->returnValue(true));
+
+ $cookie = new RememberMeCookie($this->container);
+ $this->assertTrue($cookie->remove());
+ }
+}
diff --git a/tests/units/Core/Http/RequestTest.php b/tests/units/Core/Http/RequestTest.php
new file mode 100644
index 00000000..217698f9
--- /dev/null
+++ b/tests/units/Core/Http/RequestTest.php
@@ -0,0 +1,175 @@
+<?php
+
+require_once __DIR__.'/../../Base.php';
+
+use Kanboard\Core\Http\Request;
+
+class RequestTest extends Base
+{
+ public function testGetStringParam()
+ {
+ $request = new Request($this->container, array(), array(), array(), array(), array());
+ $this->assertEquals('', $request->getStringParam('myvar'));
+
+ $request = new Request($this->container, array(), array(), array(), array(), array());
+ $this->assertEquals('default', $request->getStringParam('myvar', 'default'));
+
+ $request = new Request($this->container, array(), array('myvar' => 'myvalue'), array(), array(), array());
+ $this->assertEquals('myvalue', $request->getStringParam('myvar'));
+ }
+
+ public function testGetIntegerParam()
+ {
+ $request = new Request($this->container, array(), array(), array(), array(), array());
+ $this->assertEquals(0, $request->getIntegerParam('myvar'));
+
+ $request = new Request($this->container, array(), array(), array(), array(), array());
+ $this->assertEquals(5, $request->getIntegerParam('myvar', 5));
+
+ $request = new Request($this->container, array(), array('myvar' => 'myvalue'), array(), array(), array());
+ $this->assertEquals(0, $request->getIntegerParam('myvar'));
+
+ $request = new Request($this->container, array(), array('myvar' => '123'), array(), array(), array());
+ $this->assertEquals(123, $request->getIntegerParam('myvar'));
+ }
+
+ public function testGetValues()
+ {
+ $request = new Request($this->container, array(), array(), array('myvar' => 'myvalue'), array(), array());
+ $this->assertEmpty($request->getValue('myvar'));
+
+ $request = new Request($this->container, array(), array(), array('myvar' => 'myvalue', 'csrf_token' => $this->container['token']->getCSRFToken()), array(), array());
+ $this->assertEquals('myvalue', $request->getValue('myvar'));
+
+ $request = new Request($this->container, array(), array(), array('myvar' => 'myvalue', 'csrf_token' => $this->container['token']->getCSRFToken()), array(), array());
+ $this->assertEquals(array('myvar' => 'myvalue'), $request->getValues());
+ }
+
+ public function testGetFileContent()
+ {
+ $request = new Request($this->container, array(), array(), array(), array(), array());
+ $this->assertEmpty($request->getFileContent('myfile'));
+
+ $filename = tempnam(sys_get_temp_dir(), 'UnitTest');
+ file_put_contents($filename, 'something');
+
+ $request = new Request($this->container, array(), array(), array(), array('myfile' => array('tmp_name' => $filename)), array());
+ $this->assertEquals('something', $request->getFileContent('myfile'));
+
+ unlink($filename);
+ }
+
+ public function testGetFilePath()
+ {
+ $request = new Request($this->container, array(), array(), array(), array(), array());
+ $this->assertEmpty($request->getFilePath('myfile'));
+
+ $request = new Request($this->container, array(), array(), array(), array('myfile' => array('tmp_name' => 'somewhere')), array());
+ $this->assertEquals('somewhere', $request->getFilePath('myfile'));
+ }
+
+ public function testIsPost()
+ {
+ $request = new Request($this->container, array(), array(), array(), array(), array());
+ $this->assertFalse($request->isPost());
+
+ $request = new Request($this->container, array('REQUEST_METHOD' => 'POST'), array(), array(), array(), array());
+ $this->assertTrue($request->isPost());
+ }
+
+ public function testIsAjax()
+ {
+ $request = new Request($this->container, array(), array(), array(), array(), array());
+ $this->assertFalse($request->isAjax());
+
+ $request = new Request($this->container, array('HTTP_X_REQUESTED_WITH' => 'XMLHttpRequest'), array(), array(), array(), array());
+ $this->assertTrue($request->isAjax());
+ }
+
+ public function testIsHTTPS()
+ {
+ $request = new Request($this->container, array(), array(), array(), array());
+ $this->assertFalse($request->isHTTPS());
+
+ $request = new Request($this->container, array('HTTPS' => ''), array(), array(), array(), array());
+ $this->assertFalse($request->isHTTPS());
+
+ $request = new Request($this->container, array('HTTPS' => 'off'), array(), array(), array(), array());
+ $this->assertFalse($request->isHTTPS());
+
+ $request = new Request($this->container, array('HTTPS' => 'on'), array(), array(), array(), array());
+ $this->assertTrue($request->isHTTPS());
+
+ $request = new Request($this->container, array('HTTPS' => '1'), array(), array(), array(), array());
+ $this->assertTrue($request->isHTTPS());
+ }
+
+ public function testGetCookie()
+ {
+ $request = new Request($this->container, array(), array(), array(), array(), array());
+ $this->assertEmpty($request->getCookie('mycookie'));
+
+ $request = new Request($this->container, array(), array(), array(), array(), array('mycookie' => 'miam'));
+ $this->assertEquals('miam', $request->getCookie('mycookie'));
+ }
+
+ public function testGetHeader()
+ {
+ $request = new Request($this->container, array(), array(), array(), array(), array());
+ $this->assertEmpty($request->getHeader('X-Forwarded-For'));
+
+ $request = new Request($this->container, array('HTTP_X_FORWARDED_FOR' => 'test'), array(), array(), array(), array());
+ $this->assertEquals('test', $request->getHeader('X-Forwarded-For'));
+ }
+
+ public function testGetRemoteUser()
+ {
+ $request = new Request($this->container, array(), array(), array(), array(), array());
+ $this->assertEmpty($request->getRemoteUser());
+
+ $request = new Request($this->container, array(REVERSE_PROXY_USER_HEADER => 'test'), array(), array(), array(), array());
+ $this->assertEquals('test', $request->getRemoteUser());
+ }
+
+ public function testGetQueryString()
+ {
+ $request = new Request($this->container, array(), array(), array(), array(), array());
+ $this->assertEmpty($request->getQueryString());
+
+ $request = new Request($this->container, array('QUERY_STRING' => 'k=v'), array(), array(), array(), array());
+ $this->assertEquals('k=v', $request->getQueryString());
+ }
+
+ public function testGetUri()
+ {
+ $request = new Request($this->container, array(), array(), array(), array(), array());
+ $this->assertEmpty($request->getUri());
+
+ $request = new Request($this->container, array('REQUEST_URI' => '/blah'), array(), array(), array(), array());
+ $this->assertEquals('/blah', $request->getUri());
+ }
+
+ public function testGetUserAgent()
+ {
+ $request = new Request($this->container, array(), array(), array(), array(), array());
+ $this->assertEquals('Unknown', $request->getUserAgent());
+
+ $request = new Request($this->container, array('HTTP_USER_AGENT' => 'My browser'), array(), array(), array(), array());
+ $this->assertEquals('My browser', $request->getUserAgent());
+ }
+
+ public function testGetIpAddress()
+ {
+ $request = new Request($this->container, array(), array(), array(), array(), array());
+ $this->assertEquals('Unknown', $request->getIpAddress());
+
+ $request = new Request($this->container, array('HTTP_X_FORWARDED_FOR' => '192.168.0.1,127.0.0.1'), array(), array(), array(), array());
+ $this->assertEquals('192.168.0.1', $request->getIpAddress());
+
+ $request = new Request($this->container, array('REMOTE_ADDR' => '192.168.0.1'), array(), array(), array(), array());
+ $this->assertEquals('192.168.0.1', $request->getIpAddress());
+
+ $request = new Request($this->container, array('REMOTE_ADDR' => ''), array(), array(), array(), array());
+ $this->assertEquals('Unknown', $request->getIpAddress());
+ }
+}
diff --git a/tests/units/Core/Ldap/ClientTest.php b/tests/units/Core/Ldap/ClientTest.php
index 7b6e983d..d149500e 100644
--- a/tests/units/Core/Ldap/ClientTest.php
+++ b/tests/units/Core/Ldap/ClientTest.php
@@ -49,6 +49,13 @@ class ClientTest extends \Base
self::$functions = null;
}
+ public function testGetLdapServerNotConfigured()
+ {
+ $this->setExpectedException('\LogicException');
+ $ldap = new Client;
+ $ldap->getLdapServer();
+ }
+
public function testConnectSuccess()
{
self::$functions
@@ -61,7 +68,8 @@ class ClientTest extends \Base
->will($this->returnValue('my_ldap_resource'));
$ldap = new Client;
- $this->assertEquals('my_ldap_resource', $ldap->getConnection('my_ldap_server'));
+ $ldap->open('my_ldap_server');
+ $this->assertEquals('my_ldap_resource', $ldap->getConnection());
}
public function testConnectFailure()
@@ -78,7 +86,8 @@ class ClientTest extends \Base
$this->setExpectedException('\Kanboard\Core\Ldap\ClientException');
$ldap = new Client;
- $this->assertNotEquals('my_ldap_resource', $ldap->getConnection('my_ldap_server'));
+ $ldap->open('my_ldap_server');
+ $this->assertNotEquals('my_ldap_resource', $ldap->getConnection());
}
public function testConnectSuccessWithTLS()
@@ -101,7 +110,8 @@ class ClientTest extends \Base
->will($this->returnValue(true));
$ldap = new Client;
- $this->assertEquals('my_ldap_resource', $ldap->getConnection('my_ldap_server', 389, true));
+ $ldap->open('my_ldap_server', 389, true);
+ $this->assertEquals('my_ldap_resource', $ldap->getConnection());
}
public function testConnectFailureWithTLS()
@@ -126,7 +136,8 @@ class ClientTest extends \Base
$this->setExpectedException('\Kanboard\Core\Ldap\ClientException');
$ldap = new Client;
- $this->assertNotEquals('my_ldap_resource', $ldap->getConnection('my_ldap_server', 389, true));
+ $ldap->open('my_ldap_server', 389, true);
+ $this->assertNotEquals('my_ldap_resource', $ldap->getConnection());
}
public function testAnonymousAuthenticationSuccess()
@@ -134,13 +145,10 @@ class ClientTest extends \Base
self::$functions
->expects($this->once())
->method('ldap_bind')
- ->with(
- $this->equalTo('my_ldap_resource')
- )
->will($this->returnValue(true));
$ldap = new Client;
- $this->assertTrue($ldap->useAnonymousAuthentication('my_ldap_resource'));
+ $this->assertTrue($ldap->useAnonymousAuthentication());
}
public function testAnonymousAuthenticationFailure()
@@ -148,21 +156,27 @@ class ClientTest extends \Base
self::$functions
->expects($this->once())
->method('ldap_bind')
- ->with(
- $this->equalTo('my_ldap_resource')
- )
->will($this->returnValue(false));
$this->setExpectedException('\Kanboard\Core\Ldap\ClientException');
$ldap = new Client;
- $ldap->useAnonymousAuthentication('my_ldap_resource');
+ $ldap->useAnonymousAuthentication();
}
public function testUserAuthenticationSuccess()
{
self::$functions
->expects($this->once())
+ ->method('ldap_connect')
+ ->with(
+ $this->equalTo('my_ldap_server'),
+ $this->equalTo(389)
+ )
+ ->will($this->returnValue('my_ldap_resource'));
+
+ self::$functions
+ ->expects($this->once())
->method('ldap_bind')
->with(
$this->equalTo('my_ldap_resource'),
@@ -172,13 +186,23 @@ class ClientTest extends \Base
->will($this->returnValue(true));
$ldap = new Client;
- $this->assertTrue($ldap->authenticate('my_ldap_resource', 'my_ldap_user', 'my_ldap_password'));
+ $ldap->open('my_ldap_server');
+ $this->assertTrue($ldap->authenticate('my_ldap_user', 'my_ldap_password'));
}
public function testUserAuthenticationFailure()
{
self::$functions
->expects($this->once())
+ ->method('ldap_connect')
+ ->with(
+ $this->equalTo('my_ldap_server'),
+ $this->equalTo(389)
+ )
+ ->will($this->returnValue('my_ldap_resource'));
+
+ self::$functions
+ ->expects($this->once())
->method('ldap_bind')
->with(
$this->equalTo('my_ldap_resource'),
@@ -190,6 +214,7 @@ class ClientTest extends \Base
$this->setExpectedException('\Kanboard\Core\Ldap\ClientException');
$ldap = new Client;
- $ldap->authenticate('my_ldap_resource', 'my_ldap_user', 'my_ldap_password');
+ $ldap->open('my_ldap_server');
+ $ldap->authenticate('my_ldap_user', 'my_ldap_password');
}
}
diff --git a/tests/units/Core/Ldap/EntriesTest.php b/tests/units/Core/Ldap/EntriesTest.php
new file mode 100644
index 00000000..65025b6e
--- /dev/null
+++ b/tests/units/Core/Ldap/EntriesTest.php
@@ -0,0 +1,55 @@
+<?php
+
+require_once __DIR__.'/../../Base.php';
+
+use Kanboard\Core\Ldap\Entries;
+
+class EntriesTest extends Base
+{
+ private $entries = array(
+ 'count' => 2,
+ 0 => array(
+ 'cn' => array(
+ 'count' => 1,
+ 0 => 'Kanboard Other Group',
+ ),
+ 0 => 'cn',
+ 'count' => 1,
+ 'dn' => 'CN=Kanboard Other Group,CN=Users,DC=kanboard,DC=local',
+ ),
+ 1 => array(
+ 'cn' => array(
+ 'count' => 1,
+ 0 => 'Kanboard Users',
+ ),
+ 0 => 'cn',
+ 'count' => 1,
+ 'dn' => 'CN=Kanboard Users,CN=Users,DC=kanboard,DC=local',
+ ),
+ );
+
+ public function testGetAll()
+ {
+ $entries = new Entries(array());
+ $this->assertEmpty($entries->getAll());
+
+ $entries = new Entries($this->entries);
+ $result = $entries->getAll();
+ $this->assertCount(2, $result);
+ $this->assertInstanceOf('Kanboard\Core\Ldap\Entry', $result[0]);
+ $this->assertEquals('CN=Kanboard Users,CN=Users,DC=kanboard,DC=local', $result[1]->getDn());
+ $this->assertEquals('Kanboard Users', $result[1]->getFirstValue('cn'));
+ }
+
+ public function testGetFirst()
+ {
+ $entries = new Entries(array());
+ $this->assertEquals('', $entries->getFirstEntry()->getDn());
+
+ $entries = new Entries($this->entries);
+ $result = $entries->getFirstEntry();
+ $this->assertInstanceOf('Kanboard\Core\Ldap\Entry', $result);
+ $this->assertEquals('CN=Kanboard Other Group,CN=Users,DC=kanboard,DC=local', $result->getDn());
+ $this->assertEquals('Kanboard Other Group', $result->getFirstValue('cn'));
+ }
+}
diff --git a/tests/units/Core/Ldap/EntryTest.php b/tests/units/Core/Ldap/EntryTest.php
new file mode 100644
index 00000000..45585e77
--- /dev/null
+++ b/tests/units/Core/Ldap/EntryTest.php
@@ -0,0 +1,71 @@
+<?php
+
+require_once __DIR__.'/../../Base.php';
+
+use Kanboard\Core\Ldap\Entry;
+
+class EntryTest extends Base
+{
+ private $entry = array(
+ 'count' => 2,
+ 'dn' => 'uid=my_user,ou=People,dc=kanboard,dc=local',
+ 'displayname' => array(
+ 'count' => 1,
+ 0 => 'My LDAP user',
+ ),
+ 'broken' => array(
+ ),
+ 'mail' => array(
+ 'count' => 2,
+ 0 => 'user1@localhost',
+ 1 => 'user2@localhost',
+ ),
+ 'samaccountname' => array(
+ 'count' => 1,
+ 0 => 'my_ldap_user',
+ ),
+ 0 => 'displayname',
+ 1 => 'mail',
+ 2 => 'samaccountname',
+ );
+
+ public function testGetAll()
+ {
+ $expected = array(
+ 'user1@localhost',
+ 'user2@localhost',
+ );
+
+ $entry = new Entry($this->entry);
+ $this->assertEquals($expected, $entry->getAll('mail'));
+ $this->assertEmpty($entry->getAll('not found'));
+ $this->assertEmpty($entry->getAll('broken'));
+ }
+
+ public function testGetFirst()
+ {
+ $entry = new Entry($this->entry);
+ $this->assertEquals('user1@localhost', $entry->getFirstValue('mail'));
+ $this->assertEquals('', $entry->getFirstValue('not found'));
+ $this->assertEquals('default', $entry->getFirstValue('not found', 'default'));
+ $this->assertEquals('default', $entry->getFirstValue('broken', 'default'));
+ }
+
+ public function testGetDn()
+ {
+ $entry = new Entry($this->entry);
+ $this->assertEquals('uid=my_user,ou=People,dc=kanboard,dc=local', $entry->getDn());
+
+ $entry = new Entry(array());
+ $this->assertEquals('', $entry->getDn());
+ }
+
+ public function testHasValue()
+ {
+ $entry = new Entry($this->entry);
+ $this->assertTrue($entry->hasValue('mail', 'user2@localhost'));
+ $this->assertFalse($entry->hasValue('mail', 'user3@localhost'));
+ $this->assertTrue($entry->hasValue('displayname', 'My LDAP user'));
+ $this->assertFalse($entry->hasValue('displayname', 'Something else'));
+ }
+}
diff --git a/tests/units/Core/Ldap/LdapGroupTest.php b/tests/units/Core/Ldap/LdapGroupTest.php
new file mode 100644
index 00000000..3f538249
--- /dev/null
+++ b/tests/units/Core/Ldap/LdapGroupTest.php
@@ -0,0 +1,160 @@
+<?php
+
+require_once __DIR__.'/../../Base.php';
+
+use Kanboard\Core\Ldap\Group;
+use Kanboard\Core\Ldap\Entries;
+use Kanboard\Core\Security\Role;
+
+class LdapGroupTest extends Base
+{
+ private $query;
+ private $client;
+ private $group;
+
+ public function setUp()
+ {
+ parent::setUp();
+
+ $this->client = $this
+ ->getMockBuilder('\Kanboard\Core\Ldap\Client')
+ ->setMethods(array(
+ 'getConnection',
+ ))
+ ->getMock();
+
+ $this->query = $this
+ ->getMockBuilder('\Kanboard\Core\Ldap\Query')
+ ->setConstructorArgs(array($this->client))
+ ->setMethods(array(
+ 'execute',
+ 'hasResult',
+ 'getEntries',
+ ))
+ ->getMock();
+
+ $this->group = $this
+ ->getMockBuilder('\Kanboard\Core\Ldap\Group')
+ ->setConstructorArgs(array($this->query))
+ ->setMethods(array(
+ 'getAttributeName',
+ 'getBasDn',
+ ))
+ ->getMock();
+ }
+
+ public function testGetGroups()
+ {
+ $entries = new Entries(array(
+ 'count' => 2,
+ 0 => array(
+ 'cn' => array(
+ 'count' => 1,
+ 0 => 'Kanboard Other Group',
+ ),
+ 0 => 'cn',
+ 'count' => 1,
+ 'dn' => 'CN=Kanboard Other Group,CN=Users,DC=kanboard,DC=local',
+ ),
+ 1 => array(
+ 'cn' => array(
+ 'count' => 1,
+ 0 => 'Kanboard Users',
+ ),
+ 0 => 'cn',
+ 'count' => 1,
+ 'dn' => 'CN=Kanboard Users,CN=Users,DC=kanboard,DC=local',
+ ),
+ ));
+
+ $this->client
+ ->expects($this->any())
+ ->method('getConnection')
+ ->will($this->returnValue('my_ldap_resource'));
+
+ $this->query
+ ->expects($this->once())
+ ->method('execute')
+ ->with(
+ $this->equalTo('CN=Users,DC=kanboard,DC=local'),
+ $this->equalTo('(&(objectClass=group)(sAMAccountName=Kanboard*))')
+ );
+
+ $this->query
+ ->expects($this->once())
+ ->method('hasResult')
+ ->will($this->returnValue(true));
+
+ $this->query
+ ->expects($this->once())
+ ->method('getEntries')
+ ->will($this->returnValue($entries));
+
+ $this->group
+ ->expects($this->any())
+ ->method('getAttributeName')
+ ->will($this->returnValue('cn'));
+
+ $this->group
+ ->expects($this->any())
+ ->method('getBasDn')
+ ->will($this->returnValue('CN=Users,DC=kanboard,DC=local'));
+
+ $groups = $this->group->find('(&(objectClass=group)(sAMAccountName=Kanboard*))');
+ $this->assertCount(2, $groups);
+ $this->assertInstanceOf('Kanboard\Group\LdapGroupProvider', $groups[0]);
+ $this->assertInstanceOf('Kanboard\Group\LdapGroupProvider', $groups[1]);
+ $this->assertEquals('Kanboard Other Group', $groups[0]->getName());
+ $this->assertEquals('Kanboard Users', $groups[1]->getName());
+ $this->assertEquals('CN=Kanboard Other Group,CN=Users,DC=kanboard,DC=local', $groups[0]->getExternalId());
+ $this->assertEquals('CN=Kanboard Users,CN=Users,DC=kanboard,DC=local', $groups[1]->getExternalId());
+ }
+
+ public function testGetGroupsWithNoResult()
+ {
+ $entries = new Entries(array());
+
+ $this->client
+ ->expects($this->any())
+ ->method('getConnection')
+ ->will($this->returnValue('my_ldap_resource'));
+
+ $this->query
+ ->expects($this->once())
+ ->method('execute')
+ ->with(
+ $this->equalTo('CN=Users,DC=kanboard,DC=local'),
+ $this->equalTo('(&(objectClass=group)(sAMAccountName=Kanboard*))')
+ );
+
+ $this->query
+ ->expects($this->once())
+ ->method('hasResult')
+ ->will($this->returnValue(false));
+
+ $this->query
+ ->expects($this->never())
+ ->method('getEntries');
+
+ $this->group
+ ->expects($this->any())
+ ->method('getAttributeName')
+ ->will($this->returnValue('cn'));
+
+ $this->group
+ ->expects($this->any())
+ ->method('getBasDn')
+ ->will($this->returnValue('CN=Users,DC=kanboard,DC=local'));
+
+ $groups = $this->group->find('(&(objectClass=group)(sAMAccountName=Kanboard*))');
+ $this->assertCount(0, $groups);
+ }
+
+ public function testGetBaseDnNotConfigured()
+ {
+ $this->setExpectedException('\LogicException');
+
+ $group = new Group($this->query);
+ $group->getBasDn();
+ }
+}
diff --git a/tests/units/Core/Ldap/LdapUserTest.php b/tests/units/Core/Ldap/LdapUserTest.php
new file mode 100644
index 00000000..2b3db1e5
--- /dev/null
+++ b/tests/units/Core/Ldap/LdapUserTest.php
@@ -0,0 +1,379 @@
+<?php
+
+require_once __DIR__.'/../../Base.php';
+
+use Kanboard\Core\Ldap\User;
+use Kanboard\Core\Ldap\Entries;
+use Kanboard\Core\Security\Role;
+
+class LdapUserTest extends Base
+{
+ private $query;
+ private $client;
+ private $user;
+
+ public function setUp()
+ {
+ parent::setUp();
+
+ $this->client = $this
+ ->getMockBuilder('\Kanboard\Core\Ldap\Client')
+ ->setMethods(array(
+ 'getConnection',
+ ))
+ ->getMock();
+
+ $this->query = $this
+ ->getMockBuilder('\Kanboard\Core\Ldap\Query')
+ ->setConstructorArgs(array($this->client))
+ ->setMethods(array(
+ 'execute',
+ 'hasResult',
+ 'getEntries',
+ ))
+ ->getMock();
+
+ $this->user = $this
+ ->getMockBuilder('\Kanboard\Core\Ldap\User')
+ ->setConstructorArgs(array($this->query))
+ ->setMethods(array(
+ 'getAttributeUsername',
+ 'getAttributeEmail',
+ 'getAttributeName',
+ 'getAttributeGroup',
+ 'getGroupAdminDn',
+ 'getGroupManagerDn',
+ 'getBasDn',
+ ))
+ ->getMock();
+ }
+
+ public function testGetUser()
+ {
+ $entries = new Entries(array(
+ 'count' => 1,
+ 0 => array(
+ 'count' => 2,
+ 'dn' => 'uid=my_ldap_user,ou=People,dc=kanboard,dc=local',
+ 'displayname' => array(
+ 'count' => 1,
+ 0 => 'My LDAP user',
+ ),
+ 'mail' => array(
+ 'count' => 2,
+ 0 => 'user1@localhost',
+ 1 => 'user2@localhost',
+ ),
+ 'samaccountname' => array(
+ 'count' => 1,
+ 0 => 'my_ldap_user',
+ ),
+ 0 => 'displayname',
+ 1 => 'mail',
+ 2 => 'samaccountname',
+ )
+ ));
+
+ $this->client
+ ->expects($this->any())
+ ->method('getConnection')
+ ->will($this->returnValue('my_ldap_resource'));
+
+ $this->query
+ ->expects($this->once())
+ ->method('execute')
+ ->with(
+ $this->equalTo('ou=People,dc=kanboard,dc=local'),
+ $this->equalTo('(uid=my_ldap_user)')
+ );
+
+ $this->query
+ ->expects($this->once())
+ ->method('hasResult')
+ ->will($this->returnValue(true));
+
+ $this->query
+ ->expects($this->once())
+ ->method('getEntries')
+ ->will($this->returnValue($entries));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeUsername')
+ ->will($this->returnValue('samaccountname'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeName')
+ ->will($this->returnValue('displayname'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeEmail')
+ ->will($this->returnValue('mail'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getBasDn')
+ ->will($this->returnValue('ou=People,dc=kanboard,dc=local'));
+
+ $user = $this->user->find('(uid=my_ldap_user)');
+ $this->assertInstanceOf('Kanboard\User\LdapUserProvider', $user);
+ $this->assertEquals('uid=my_ldap_user,ou=People,dc=kanboard,dc=local', $user->getDn());
+ $this->assertEquals('my_ldap_user', $user->getUsername());
+ $this->assertEquals('My LDAP user', $user->getName());
+ $this->assertEquals('user1@localhost', $user->getEmail());
+ $this->assertEquals(Role::APP_USER, $user->getRole());
+ $this->assertEquals(array(), $user->getExternalGroupIds());
+ $this->assertEquals(array('is_ldap_user' => 1), $user->getExtraAttributes());
+ }
+
+ public function testGetUserWithAdminRole()
+ {
+ $entries = new Entries(array(
+ 'count' => 1,
+ 0 => array(
+ 'count' => 2,
+ 'dn' => 'uid=my_ldap_user,ou=People,dc=kanboard,dc=local',
+ 'displayname' => array(
+ 'count' => 1,
+ 0 => 'My LDAP user',
+ ),
+ 'mail' => array(
+ 'count' => 2,
+ 0 => 'user1@localhost',
+ 1 => 'user2@localhost',
+ ),
+ 'samaccountname' => array(
+ 'count' => 1,
+ 0 => 'my_ldap_user',
+ ),
+ 'memberof' => array(
+ 'count' => 1,
+ 0 => 'CN=Kanboard-Admins,CN=Users,DC=kanboard,DC=local',
+ ),
+ 0 => 'displayname',
+ 1 => 'mail',
+ 2 => 'samaccountname',
+ 3 => 'memberof',
+ )
+ ));
+
+ $this->client
+ ->expects($this->any())
+ ->method('getConnection')
+ ->will($this->returnValue('my_ldap_resource'));
+
+ $this->query
+ ->expects($this->once())
+ ->method('execute')
+ ->with(
+ $this->equalTo('ou=People,dc=kanboard,dc=local'),
+ $this->equalTo('(uid=my_ldap_user)')
+ );
+
+ $this->query
+ ->expects($this->once())
+ ->method('hasResult')
+ ->will($this->returnValue(true));
+
+ $this->query
+ ->expects($this->once())
+ ->method('getEntries')
+ ->will($this->returnValue($entries));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeUsername')
+ ->will($this->returnValue('samaccountname'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeName')
+ ->will($this->returnValue('displayname'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeEmail')
+ ->will($this->returnValue('mail'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeGroup')
+ ->will($this->returnValue('memberof'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getGroupAdminDn')
+ ->will($this->returnValue('CN=Kanboard-Admins,CN=Users,DC=kanboard,DC=local'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getBasDn')
+ ->will($this->returnValue('ou=People,dc=kanboard,dc=local'));
+
+ $user = $this->user->find('(uid=my_ldap_user)');
+ $this->assertInstanceOf('Kanboard\User\LdapUserProvider', $user);
+ $this->assertEquals('uid=my_ldap_user,ou=People,dc=kanboard,dc=local', $user->getDn());
+ $this->assertEquals('my_ldap_user', $user->getUsername());
+ $this->assertEquals('My LDAP user', $user->getName());
+ $this->assertEquals('user1@localhost', $user->getEmail());
+ $this->assertEquals(Role::APP_ADMIN, $user->getRole());
+ $this->assertEquals(array('CN=Kanboard-Admins,CN=Users,DC=kanboard,DC=local'), $user->getExternalGroupIds());
+ $this->assertEquals(array('is_ldap_user' => 1), $user->getExtraAttributes());
+ }
+
+ public function testGetUserWithManagerRole()
+ {
+ $entries = new Entries(array(
+ 'count' => 1,
+ 0 => array(
+ 'count' => 2,
+ 'dn' => 'uid=my_ldap_user,ou=People,dc=kanboard,dc=local',
+ 'displayname' => array(
+ 'count' => 1,
+ 0 => 'My LDAP user',
+ ),
+ 'mail' => array(
+ 'count' => 2,
+ 0 => 'user1@localhost',
+ 1 => 'user2@localhost',
+ ),
+ 'samaccountname' => array(
+ 'count' => 1,
+ 0 => 'my_ldap_user',
+ ),
+ 'memberof' => array(
+ 'count' => 2,
+ 0 => 'CN=Kanboard-Users,CN=Users,DC=kanboard,DC=local',
+ 1 => 'CN=Kanboard-Managers,CN=Users,DC=kanboard,DC=local',
+ ),
+ 0 => 'displayname',
+ 1 => 'mail',
+ 2 => 'samaccountname',
+ 3 => 'memberof',
+ )
+ ));
+
+ $this->client
+ ->expects($this->any())
+ ->method('getConnection')
+ ->will($this->returnValue('my_ldap_resource'));
+
+ $this->query
+ ->expects($this->once())
+ ->method('execute')
+ ->with(
+ $this->equalTo('ou=People,dc=kanboard,dc=local'),
+ $this->equalTo('(uid=my_ldap_user)')
+ );
+
+ $this->query
+ ->expects($this->once())
+ ->method('hasResult')
+ ->will($this->returnValue(true));
+
+ $this->query
+ ->expects($this->once())
+ ->method('getEntries')
+ ->will($this->returnValue($entries));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeUsername')
+ ->will($this->returnValue('samaccountname'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeName')
+ ->will($this->returnValue('displayname'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeEmail')
+ ->will($this->returnValue('mail'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeGroup')
+ ->will($this->returnValue('memberof'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getGroupManagerDn')
+ ->will($this->returnValue('CN=Kanboard-Managers,CN=Users,DC=kanboard,DC=local'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getBasDn')
+ ->will($this->returnValue('ou=People,dc=kanboard,dc=local'));
+
+ $user = $this->user->find('(uid=my_ldap_user)');
+ $this->assertInstanceOf('Kanboard\User\LdapUserProvider', $user);
+ $this->assertEquals('uid=my_ldap_user,ou=People,dc=kanboard,dc=local', $user->getDn());
+ $this->assertEquals('my_ldap_user', $user->getUsername());
+ $this->assertEquals('My LDAP user', $user->getName());
+ $this->assertEquals('user1@localhost', $user->getEmail());
+ $this->assertEquals(Role::APP_MANAGER, $user->getRole());
+ $this->assertEquals(array('CN=Kanboard-Users,CN=Users,DC=kanboard,DC=local', 'CN=Kanboard-Managers,CN=Users,DC=kanboard,DC=local'), $user->getExternalGroupIds());
+ $this->assertEquals(array('is_ldap_user' => 1), $user->getExtraAttributes());
+ }
+
+ public function testGetUserNotFound()
+ {
+ $entries = new Entries(array());
+
+ $this->client
+ ->expects($this->any())
+ ->method('getConnection')
+ ->will($this->returnValue('my_ldap_resource'));
+
+ $this->query
+ ->expects($this->once())
+ ->method('execute')
+ ->with(
+ $this->equalTo('ou=People,dc=kanboard,dc=local'),
+ $this->equalTo('(uid=my_ldap_user)')
+ );
+
+ $this->query
+ ->expects($this->once())
+ ->method('hasResult')
+ ->will($this->returnValue(false));
+
+ $this->query
+ ->expects($this->never())
+ ->method('getEntries');
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeUsername')
+ ->will($this->returnValue('samaccountname'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeName')
+ ->will($this->returnValue('displayname'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getAttributeEmail')
+ ->will($this->returnValue('mail'));
+
+ $this->user
+ ->expects($this->any())
+ ->method('getBasDn')
+ ->will($this->returnValue('ou=People,dc=kanboard,dc=local'));
+
+ $user = $this->user->find('(uid=my_ldap_user)');
+ $this->assertEquals(null, $user);
+ }
+
+ public function testGetBaseDnNotConfigured()
+ {
+ $this->setExpectedException('\LogicException');
+
+ $user = new User($this->query);
+ $user->getBasDn();
+ }
+}
diff --git a/tests/units/Core/Ldap/QueryTest.php b/tests/units/Core/Ldap/QueryTest.php
index 2eb3940f..b3987df0 100644
--- a/tests/units/Core/Ldap/QueryTest.php
+++ b/tests/units/Core/Ldap/QueryTest.php
@@ -17,6 +17,7 @@ function ldap_get_entries($link_identifier, $result_identifier)
class QueryTest extends \Base
{
public static $functions;
+ private $client;
public function setUp()
{
@@ -29,6 +30,13 @@ class QueryTest extends \Base
'ldap_get_entries',
))
->getMock();
+
+ $this->client = $this
+ ->getMockBuilder('\Kanboard\Core\Ldap\Client')
+ ->setMethods(array(
+ 'getConnection',
+ ))
+ ->getMock();
}
public function tearDown()
@@ -58,6 +66,11 @@ class QueryTest extends \Base
)
);
+ $this->client
+ ->expects($this->any())
+ ->method('getConnection')
+ ->will($this->returnValue('my_ldap_resource'));
+
self::$functions
->expects($this->once())
->method('ldap_search')
@@ -78,20 +91,25 @@ class QueryTest extends \Base
)
->will($this->returnValue($entries));
- $query = new Query;
- $query->execute('my_ldap_resource', 'ou=People,dc=kanboard,dc=local', 'uid=my_user', array('displayname'));
+ $query = new Query($this->client);
+ $query->execute('ou=People,dc=kanboard,dc=local', 'uid=my_user', array('displayname'));
$this->assertTrue($query->hasResult());
- $this->assertEquals('My user', $query->getAttributeValue('displayname'));
- $this->assertEquals('user1@localhost', $query->getAttributeValue('mail'));
- $this->assertEquals('', $query->getAttributeValue('not_found'));
+ $this->assertEquals('My user', $query->getEntries()->getFirstEntry()->getFirstValue('displayname'));
+ $this->assertEquals('user1@localhost', $query->getEntries()->getFirstEntry()->getFirstValue('mail'));
+ $this->assertEquals('', $query->getEntries()->getFirstEntry()->getFirstValue('not_found'));
- $this->assertEquals('uid=my_user,ou=People,dc=kanboard,dc=local', $query->getAttribute('dn'));
- $this->assertEquals(null, $query->getAttribute('missing'));
+ $this->assertEquals('uid=my_user,ou=People,dc=kanboard,dc=local', $query->getEntries()->getFirstEntry()->getDn());
+ $this->assertEquals('', $query->getEntries()->getFirstEntry()->getFirstValue('missing'));
}
public function testExecuteQueryNotFound()
{
+ $this->client
+ ->expects($this->any())
+ ->method('getConnection')
+ ->will($this->returnValue('my_ldap_resource'));
+
self::$functions
->expects($this->once())
->method('ldap_search')
@@ -112,13 +130,18 @@ class QueryTest extends \Base
)
->will($this->returnValue(array()));
- $query = new Query;
- $query->execute('my_ldap_resource', 'ou=People,dc=kanboard,dc=local', 'uid=my_user', array('displayname'));
+ $query = new Query($this->client);
+ $query->execute('ou=People,dc=kanboard,dc=local', 'uid=my_user', array('displayname'));
$this->assertFalse($query->hasResult());
}
public function testExecuteQueryFailed()
{
+ $this->client
+ ->expects($this->once())
+ ->method('getConnection')
+ ->will($this->returnValue('my_ldap_resource'));
+
self::$functions
->expects($this->once())
->method('ldap_search')
@@ -130,8 +153,8 @@ class QueryTest extends \Base
)
->will($this->returnValue(false));
- $query = new Query;
- $query->execute('my_ldap_resource', 'ou=People,dc=kanboard,dc=local', 'uid=my_user', array('displayname'));
+ $query = new Query($this->client);
+ $query->execute('ou=People,dc=kanboard,dc=local', 'uid=my_user', array('displayname'));
$this->assertFalse($query->hasResult());
}
}
diff --git a/tests/units/Core/Ldap/UserTest.php b/tests/units/Core/Ldap/UserTest.php
deleted file mode 100644
index 56cc588c..00000000
--- a/tests/units/Core/Ldap/UserTest.php
+++ /dev/null
@@ -1,95 +0,0 @@
-<?php
-
-namespace Kanboard\Core\Ldap;
-
-require_once __DIR__.'/../../Base.php';
-
-class UserTest extends \Base
-{
- public function testGetProfile()
- {
- $entries = array(
- 'count' => 1,
- 0 => array(
- 'count' => 2,
- 'dn' => 'uid=my_user,ou=People,dc=kanboard,dc=local',
- 'displayname' => array(
- 'count' => 1,
- 0 => 'My LDAP user',
- ),
- 'mail' => array(
- 'count' => 2,
- 0 => 'user1@localhost',
- 1 => 'user2@localhost',
- ),
- 'samaccountname' => array(
- 'count' => 1,
- 0 => 'my_ldap_user',
- ),
- 0 => 'displayname',
- 1 => 'mail',
- 2 => 'samaccountname',
- )
- );
-
- $expected = array(
- 'ldap_id' => 'uid=my_user,ou=People,dc=kanboard,dc=local',
- 'username' => 'my_ldap_user',
- 'name' => 'My LDAP user',
- 'email' => 'user1@localhost',
- 'is_admin' => 0,
- 'is_project_admin' => 0,
- 'is_ldap_user' => 1,
- );
-
- $query = $this
- ->getMockBuilder('\Kanboard\Core\Ldap\Query')
- ->setConstructorArgs(array($entries))
- ->setMethods(array(
- 'execute',
- 'hasResult',
- ))
- ->getMock();
-
- $query
- ->expects($this->once())
- ->method('execute')
- ->with(
- $this->equalTo('my_ldap_resource'),
- $this->equalTo('ou=People,dc=kanboard,dc=local'),
- $this->equalTo('(uid=my_user)')
- );
-
- $query
- ->expects($this->once())
- ->method('hasResult')
- ->will($this->returnValue(true));
-
- $user = $this
- ->getMockBuilder('\Kanboard\Core\Ldap\User')
- ->setConstructorArgs(array($query))
- ->setMethods(array(
- 'getAttributeUsername',
- 'getAttributeEmail',
- 'getAttributeName',
- ))
- ->getMock();
-
- $user
- ->expects($this->any())
- ->method('getAttributeUsername')
- ->will($this->returnValue('samaccountname'));
-
- $user
- ->expects($this->any())
- ->method('getAttributeName')
- ->will($this->returnValue('displayname'));
-
- $user
- ->expects($this->any())
- ->method('getAttributeEmail')
- ->will($this->returnValue('mail'));
-
- $this->assertEquals($expected, $user->getProfile('my_ldap_resource', 'ou=People,dc=kanboard,dc=local', '(uid=my_user)'));
- }
-}
diff --git a/tests/units/Core/Security/AccessMapTest.php b/tests/units/Core/Security/AccessMapTest.php
index ab74e036..61693ce8 100644
--- a/tests/units/Core/Security/AccessMapTest.php
+++ b/tests/units/Core/Security/AccessMapTest.php
@@ -6,17 +6,34 @@ use Kanboard\Core\Security\AccessMap;
class AccessMapTest extends Base
{
- public function testGetRoles()
+ public function testRoleHierarchy()
+ {
+ $acl = new AccessMap;
+ $acl->setRoleHierarchy('admin', array('manager', 'user'));
+ $acl->setRoleHierarchy('manager', array('user'));
+
+ $this->assertEquals(array('admin'), $acl->getRoleHierarchy('admin'));
+ $this->assertEquals(array('manager', 'admin'), $acl->getRoleHierarchy('manager'));
+ $this->assertEquals(array('user', 'admin', 'manager'), $acl->getRoleHierarchy('user'));
+ }
+
+ public function testAddRulesAndGetRoles()
{
$acl = new AccessMap;
$acl->setDefaultRole('role3');
- $acl->add('MyController', 'myAction1', array('role1', 'role2'));
- $acl->add('MyController', 'myAction2', array('role1'));
- $acl->add('MyAdminController', '*', array('role2'));
+ $acl->setRoleHierarchy('role2', array('role1'));
+
+ $acl->add('MyController', 'myAction1', 'role2');
+ $acl->add('MyController', 'myAction2', 'role1');
+ $acl->add('MyAdminController', '*', 'role2');
+ $acl->add('SomethingElse', array('actionA', 'actionB'), 'role2');
- $this->assertEquals(array('role1', 'role2'), $acl->getRoles('mycontroller', 'MyAction1'));
- $this->assertEquals(array('role1'), $acl->getRoles('mycontroller', 'MyAction2'));
+ $this->assertEquals(array('role2'), $acl->getRoles('mycontroller', 'MyAction1'));
+ $this->assertEquals(array('role1', 'role2'), $acl->getRoles('mycontroller', 'MyAction2'));
$this->assertEquals(array('role2'), $acl->getRoles('Myadmincontroller', 'MyAction'));
$this->assertEquals(array('role3'), $acl->getRoles('AnotherController', 'ActionNotFound'));
+ $this->assertEquals(array('role2'), $acl->getRoles('somethingelse', 'actiona'));
+ $this->assertEquals(array('role2'), $acl->getRoles('somethingelse', 'actionb'));
+ $this->assertEquals(array('role3'), $acl->getRoles('somethingelse', 'actionc'));
}
}
diff --git a/tests/units/Core/Security/AuthenticationManagerTest.php b/tests/units/Core/Security/AuthenticationManagerTest.php
new file mode 100644
index 00000000..c2369626
--- /dev/null
+++ b/tests/units/Core/Security/AuthenticationManagerTest.php
@@ -0,0 +1,150 @@
+<?php
+
+require_once __DIR__.'/../../Base.php';
+
+use Kanboard\Core\Http\Request;
+use Kanboard\Core\Security\AuthenticationManager;
+use Kanboard\Auth\DatabaseAuth;
+use Kanboard\Auth\TotpAuth;
+use Kanboard\Auth\ReverseProxyAuth;
+
+class AuthenticationManagerTest extends Base
+{
+ public function testRegister()
+ {
+ $authManager = new AuthenticationManager($this->container);
+ $authManager->register(new DatabaseAuth($this->container));
+ $provider = $authManager->getProvider('Database');
+
+ $this->assertInstanceOf('Kanboard\Core\Security\AuthenticationProviderInterface', $provider);
+ }
+
+ public function testGetProviderNotFound()
+ {
+ $authManager = new AuthenticationManager($this->container);
+ $this->setExpectedException('LogicException');
+ $authManager->getProvider('Dababase');
+ }
+
+ public function testGetPostProviderNotFound()
+ {
+ $authManager = new AuthenticationManager($this->container);
+ $this->setExpectedException('LogicException');
+ $authManager->getPostAuthenticationProvider();
+ }
+
+ public function testGetPostProvider()
+ {
+ $authManager = new AuthenticationManager($this->container);
+ $authManager->register(new TotpAuth($this->container));
+ $provider = $authManager->getPostAuthenticationProvider();
+
+ $this->assertInstanceOf('Kanboard\Core\Security\PostAuthenticationProviderInterface', $provider);
+ }
+
+ public function testCheckSessionWhenNobodyIsLogged()
+ {
+ $authManager = new AuthenticationManager($this->container);
+ $authManager->register(new DatabaseAuth($this->container));
+
+ $this->assertFalse($this->container['userSession']->isLogged());
+ $this->assertTrue($authManager->checkCurrentSession());
+ }
+
+ public function testCheckSessionWhenSomeoneIsLogged()
+ {
+ $authManager = new AuthenticationManager($this->container);
+ $authManager->register(new DatabaseAuth($this->container));
+
+ $this->container['sessionStorage']->user = array('id' => 1);
+
+ $this->assertTrue($this->container['userSession']->isLogged());
+ $this->assertTrue($authManager->checkCurrentSession());
+ }
+
+ public function testCheckSessionWhenNotValid()
+ {
+ $authManager = new AuthenticationManager($this->container);
+ $authManager->register(new DatabaseAuth($this->container));
+
+ $this->container['sessionStorage']->user = array('id' => 2);
+
+ $this->assertTrue($this->container['userSession']->isLogged());
+ $this->assertFalse($authManager->checkCurrentSession());
+ $this->assertFalse($this->container['userSession']->isLogged());
+ }
+
+ public function testPreAuthenticationSuccessful()
+ {
+ $this->container['request'] = new Request($this->container, array(REVERSE_PROXY_USER_HEADER => 'admin'));
+ $this->container['dispatcher']->addListener(AuthenticationManager::EVENT_SUCCESS, array($this, 'onSuccess'));
+ $this->container['dispatcher']->addListener(AuthenticationManager::EVENT_FAILURE, array($this, 'onFailure'));
+
+ $authManager = new AuthenticationManager($this->container);
+ $authManager->register(new ReverseProxyAuth($this->container));
+
+ $this->assertTrue($authManager->preAuthentication());
+
+ $called = $this->container['dispatcher']->getCalledListeners();
+ $this->assertArrayHasKey(AuthenticationManager::EVENT_SUCCESS.'.AuthenticationManagerTest::onSuccess', $called);
+ $this->assertArrayNotHasKey(AuthenticationManager::EVENT_FAILURE.'.AuthenticationManagerTest::onFailure', $called);
+ }
+
+ public function testPreAuthenticationFailed()
+ {
+ $this->container['request'] = new Request($this->container, array(REVERSE_PROXY_USER_HEADER => ''));
+ $this->container['dispatcher']->addListener(AuthenticationManager::EVENT_SUCCESS, array($this, 'onSuccess'));
+ $this->container['dispatcher']->addListener(AuthenticationManager::EVENT_FAILURE, array($this, 'onFailure'));
+
+ $authManager = new AuthenticationManager($this->container);
+ $authManager->register(new ReverseProxyAuth($this->container));
+
+ $this->assertFalse($authManager->preAuthentication());
+
+ $called = $this->container['dispatcher']->getCalledListeners();
+ $this->assertArrayNotHasKey(AuthenticationManager::EVENT_SUCCESS.'.AuthenticationManagerTest::onSuccess', $called);
+ $this->assertArrayNotHasKey(AuthenticationManager::EVENT_FAILURE.'.AuthenticationManagerTest::onFailure', $called);
+ }
+
+ public function testPasswordAuthenticationSuccessful()
+ {
+ $this->container['dispatcher']->addListener(AuthenticationManager::EVENT_SUCCESS, array($this, 'onSuccess'));
+ $this->container['dispatcher']->addListener(AuthenticationManager::EVENT_FAILURE, array($this, 'onFailure'));
+
+ $authManager = new AuthenticationManager($this->container);
+ $authManager->register(new DatabaseAuth($this->container));
+
+ $this->assertTrue($authManager->passwordAuthentication('admin', 'admin'));
+
+ $called = $this->container['dispatcher']->getCalledListeners();
+ $this->assertArrayHasKey(AuthenticationManager::EVENT_SUCCESS.'.AuthenticationManagerTest::onSuccess', $called);
+ $this->assertArrayNotHasKey(AuthenticationManager::EVENT_FAILURE.'.AuthenticationManagerTest::onFailure', $called);
+ }
+
+ public function testPasswordAuthenticationFailed()
+ {
+ $this->container['dispatcher']->addListener(AuthenticationManager::EVENT_SUCCESS, array($this, 'onSuccess'));
+ $this->container['dispatcher']->addListener(AuthenticationManager::EVENT_FAILURE, array($this, 'onFailure'));
+
+ $authManager = new AuthenticationManager($this->container);
+ $authManager->register(new DatabaseAuth($this->container));
+
+ $this->assertFalse($authManager->passwordAuthentication('admin', 'wrong password'));
+
+ $called = $this->container['dispatcher']->getCalledListeners();
+ $this->assertArrayNotHasKey(AuthenticationManager::EVENT_SUCCESS.'.AuthenticationManagerTest::onSuccess', $called);
+ $this->assertArrayHasKey(AuthenticationManager::EVENT_FAILURE.'.AuthenticationManagerTest::onFailure', $called);
+ }
+
+ public function onSuccess($event)
+ {
+ $this->assertInstanceOf('Kanboard\Event\AuthSuccessEvent', $event);
+ $this->assertTrue(in_array($event->getAuthType(), array('Database', 'ReverseProxy')));
+ }
+
+ public function onFailure($event)
+ {
+ $this->assertInstanceOf('Kanboard\Event\AuthFailureEvent', $event);
+ $this->assertEquals('admin', $event->getUsername());
+ }
+}
diff --git a/tests/units/Core/Security/AuthorizationTest.php b/tests/units/Core/Security/AuthorizationTest.php
index ffeb3741..70561ad8 100644
--- a/tests/units/Core/Security/AuthorizationTest.php
+++ b/tests/units/Core/Security/AuthorizationTest.php
@@ -12,17 +12,28 @@ class AuthorizationTest extends Base
{
$acl = new AccessMap;
$acl->setDefaultRole(Role::APP_USER);
- $acl->add('MyController', 'myAction1', array(Role::APP_ADMIN, Role::APP_MANAGER));
- $acl->add('MyController', 'myAction2', array(Role::APP_ADMIN));
- $acl->add('MyAdminController', '*', array(Role::APP_MANAGER));
+ $acl->setRoleHierarchy(Role::APP_ADMIN, array(Role::APP_MANAGER, Role::APP_USER));
+ $acl->setRoleHierarchy(Role::APP_MANAGER, array(Role::APP_USER));
+
+ $acl->add('MyController', 'myAction1', Role::APP_MANAGER);
+ $acl->add('MyController', 'myAction2', Role::APP_ADMIN);
+ $acl->add('MyManagerController', '*', Role::APP_MANAGER);
$authorization = new Authorization($acl);
+
$this->assertTrue($authorization->isAllowed('myController', 'myAction1', Role::APP_ADMIN));
$this->assertTrue($authorization->isAllowed('myController', 'myAction1', Role::APP_MANAGER));
$this->assertFalse($authorization->isAllowed('myController', 'myAction1', Role::APP_USER));
- $this->assertTrue($authorization->isAllowed('anotherController', 'anotherAction', Role::APP_USER));
- $this->assertTrue($authorization->isAllowed('MyAdminController', 'myAction', Role::APP_MANAGER));
- $this->assertFalse($authorization->isAllowed('MyAdminController', 'myAction', Role::APP_ADMIN));
- $this->assertFalse($authorization->isAllowed('MyAdminController', 'myAction', 'something else'));
+ $this->assertFalse($authorization->isAllowed('myController', 'myAction1', 'something else'));
+
+ $this->assertTrue($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_ADMIN));
+ $this->assertTrue($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_MANAGER));
+ $this->assertFalse($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_USER));
+ $this->assertFalse($authorization->isAllowed('MyManagerController', 'myAction', 'something else'));
+
+ $this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_ADMIN));
+ $this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_MANAGER));
+ $this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_USER));
+ $this->assertFalse($authorization->isAllowed('MyUserController', 'myAction', 'something else'));
}
}
diff --git a/tests/units/Core/User/GroupSyncTest.php b/tests/units/Core/User/GroupSyncTest.php
new file mode 100644
index 00000000..e22b86d4
--- /dev/null
+++ b/tests/units/Core/User/GroupSyncTest.php
@@ -0,0 +1,30 @@
+<?php
+
+require_once __DIR__.'/../../Base.php';
+
+use Kanboard\Core\User\GroupSync;
+use Kanboard\Model\Group;
+use Kanboard\Model\GroupMember;
+
+class GroupSyncTest extends Base
+{
+ public function testSynchronize()
+ {
+ $group = new Group($this->container);
+ $groupMember = new GroupMember($this->container);
+ $groupSync = new GroupSync($this->container);
+
+ $this->assertEquals(1, $group->create('My Group 1', 'externalId1'));
+ $this->assertEquals(2, $group->create('My Group 2', 'externalId2'));
+
+ $this->assertTrue($groupMember->addUser(1, 1));
+
+ $this->assertTrue($groupMember->isMember(1, 1));
+ $this->assertFalse($groupMember->isMember(2, 1));
+
+ $groupSync->synchronize(1, array('externalId1', 'externalId2', 'externalId3'));
+
+ $this->assertTrue($groupMember->isMember(1, 1));
+ $this->assertTrue($groupMember->isMember(2, 1));
+ }
+}
diff --git a/tests/units/Core/User/UserProfileTest.php b/tests/units/Core/User/UserProfileTest.php
new file mode 100644
index 00000000..4886a945
--- /dev/null
+++ b/tests/units/Core/User/UserProfileTest.php
@@ -0,0 +1,63 @@
+<?php
+
+require_once __DIR__.'/../../Base.php';
+
+use Kanboard\Core\Security\Role;
+use Kanboard\Core\User\UserProfile;
+use Kanboard\User\LdapUserProvider;
+use Kanboard\User\DatabaseUserProvider;
+
+class UserProfileTest extends Base
+{
+ public function testInitializeLocalUser()
+ {
+ $userProfile = new UserProfile($this->container);
+ $user = new DatabaseUserProvider(array('id' => 1));
+
+ $this->assertTrue($userProfile->initialize($user));
+ $this->assertNotEmpty($this->container['sessionStorage']->user);
+ $this->assertEquals('admin', $this->container['sessionStorage']->user['username']);
+ }
+
+ public function testInitializeLocalUserNotFound()
+ {
+ $userProfile = new UserProfile($this->container);
+ $user = new DatabaseUserProvider(array('id' => 2));
+
+ $this->assertFalse($userProfile->initialize($user));
+ $this->assertFalse(isset($this->container['sessionStorage']->user));
+ }
+
+ public function testInitializeRemoteUser()
+ {
+ $userProfile = new UserProfile($this->container);
+ $user = new LdapUserProvider('ldapId', 'bob', 'Bob', '', Role::APP_MANAGER, array());
+
+ $this->assertTrue($userProfile->initialize($user));
+ $this->assertNotEmpty($this->container['sessionStorage']->user);
+ $this->assertEquals(2, $this->container['sessionStorage']->user['id']);
+ $this->assertEquals('bob', $this->container['sessionStorage']->user['username']);
+ $this->assertEquals(Role::APP_MANAGER, $this->container['sessionStorage']->user['role']);
+
+ $user = new LdapUserProvider('ldapId', 'bob', 'Bob', '', Role::APP_MANAGER, array());
+
+ $this->assertTrue($userProfile->initialize($user));
+ $this->assertNotEmpty($this->container['sessionStorage']->user);
+ $this->assertEquals(2, $this->container['sessionStorage']->user['id']);
+ $this->assertEquals('bob', $this->container['sessionStorage']->user['username']);
+ }
+
+ public function testAssignRemoteUser()
+ {
+ $userProfile = new UserProfile($this->container);
+ $user = new LdapUserProvider('ldapId', 'bob', 'Bob', '', Role::APP_MANAGER, array());
+
+ $this->assertTrue($userProfile->assign(1, $user));
+ $this->assertNotEmpty($this->container['sessionStorage']->user);
+ $this->assertEquals(1, $this->container['sessionStorage']->user['id']);
+ $this->assertEquals('admin', $this->container['sessionStorage']->user['username']);
+ $this->assertEquals('Bob', $this->container['sessionStorage']->user['name']);
+ $this->assertEquals('', $this->container['sessionStorage']->user['email']);
+ $this->assertEquals(Role::APP_ADMIN, $this->container['sessionStorage']->user['role']);
+ }
+}
diff --git a/tests/units/Core/User/UserPropertyTest.php b/tests/units/Core/User/UserPropertyTest.php
new file mode 100644
index 00000000..170eab4c
--- /dev/null
+++ b/tests/units/Core/User/UserPropertyTest.php
@@ -0,0 +1,60 @@
+<?php
+
+require_once __DIR__.'/../../Base.php';
+
+use Kanboard\Core\Security\Role;
+use Kanboard\Core\User\UserProperty;
+use Kanboard\User\LdapUserProvider;
+
+class UserPropertyTest extends Base
+{
+ public function testGetProperties()
+ {
+ $user = new LdapUserProvider('ldapId', 'bob', 'Bob', '', Role::APP_USER, array());
+
+ $expected = array(
+ 'username' => 'bob',
+ 'name' => 'Bob',
+ 'role' => Role::APP_USER,
+ 'is_ldap_user' => 1,
+ );
+
+ $this->assertEquals($expected, UserProperty::getProperties($user));
+
+ $user = new LdapUserProvider('ldapId', 'bob', '', '', '', array());
+
+ $expected = array(
+ 'username' => 'bob',
+ 'is_ldap_user' => 1,
+ );
+
+ $this->assertEquals($expected, UserProperty::getProperties($user));
+ }
+
+ public function testFilterProperties()
+ {
+ $profile = array(
+ 'id' => 123,
+ 'username' => 'bob',
+ 'name' => null,
+ 'email' => '',
+ 'other_column' => 'myvalue',
+ 'role' => Role::APP_ADMIN,
+ );
+
+ $properties = array(
+ 'external_id' => '456',
+ 'username' => 'bobby',
+ 'name' => 'Bobby',
+ 'email' => 'admin@localhost',
+ 'role' => '',
+ );
+
+ $expected = array(
+ 'name' => 'Bobby',
+ 'email' => 'admin@localhost',
+ );
+
+ $this->assertEquals($expected, UserProperty::filterProperties($profile, $properties));
+ }
+}
diff --git a/tests/units/Model/UserSessionTest.php b/tests/units/Core/User/UserSessionTest.php
index ba1f8aac..64413f98 100644
--- a/tests/units/Model/UserSessionTest.php
+++ b/tests/units/Core/User/UserSessionTest.php
@@ -1,8 +1,9 @@
<?php
-require_once __DIR__.'/../Base.php';
+require_once __DIR__.'/../../Base.php';
-use Kanboard\Model\UserSession;
+use Kanboard\Core\User\UserSession;
+use Kanboard\Core\Security\Role;
class UserSessionTest extends Base
{
@@ -19,6 +20,7 @@ class UserSessionTest extends Base
'is_project_admin' => '0',
'is_ldap_user' => '0',
'twofactor_activated' => '0',
+ 'role' => Role::APP_MANAGER,
);
$us->initialize($user);
@@ -28,12 +30,13 @@ class UserSessionTest extends Base
$this->assertNotEmpty($session);
$this->assertEquals(123, $session['user']['id']);
$this->assertEquals('john', $session['user']['username']);
- $this->assertTrue($session['user']['is_admin']);
- $this->assertFalse($session['user']['is_project_admin']);
+ $this->assertEquals(Role::APP_MANAGER, $session['user']['role']);
$this->assertFalse($session['user']['is_ldap_user']);
$this->assertFalse($session['user']['twofactor_activated']);
$this->assertArrayNotHasKey('password', $session['user']);
$this->assertArrayNotHasKey('twofactor_secret', $session['user']);
+ $this->assertArrayNotHasKey('is_admin', $session['user']);
+ $this->assertArrayNotHasKey('is_project_admin', $session['user']);
$this->assertEquals('john', $us->getUsername());
}
@@ -70,30 +73,14 @@ class UserSessionTest extends Base
$this->assertFalse($us->isAdmin());
- $this->container['sessionStorage']->user = array('is_admin' => '1');
- $this->assertFalse($us->isAdmin());
+ $this->container['sessionStorage']->user = array('role' => Role::APP_ADMIN);
+ $this->assertTrue($us->isAdmin());
- $this->container['sessionStorage']->user = array('is_admin' => '2');
+ $this->container['sessionStorage']->user = array('role' => Role::APP_USER);
$this->assertFalse($us->isAdmin());
- $this->container['sessionStorage']->user = array('is_admin' => false);
+ $this->container['sessionStorage']->user = array('role' => '');
$this->assertFalse($us->isAdmin());
-
- $this->container['sessionStorage']->user = array('is_admin' => true);
- $this->assertTrue($us->isAdmin());
- }
-
- public function testIsProjectAdmin()
- {
- $us = new UserSession($this->container);
-
- $this->assertFalse($us->isProjectAdmin());
-
- $this->container['sessionStorage']->user = array('is_project_admin' => false);
- $this->assertFalse($us->isProjectAdmin());
-
- $this->container['sessionStorage']->user = array('is_project_admin' => true);
- $this->assertTrue($us->isProjectAdmin());
}
public function testCommentSorting()
@@ -131,28 +118,27 @@ class UserSessionTest extends Base
$this->assertEquals('assignee:bob', $us->getFilters(2));
}
- public function test2FA()
+ public function testPostAuthentication()
{
$us = new UserSession($this->container);
+ $this->assertFalse($us->isPostAuthenticationValidated());
- $this->assertFalse($us->check2FA());
-
- $this->container['sessionStorage']->postAuth = array('validated' => false);
- $this->assertFalse($us->check2FA());
+ $this->container['sessionStorage']->postAuthenticationValidated = false;
+ $this->assertFalse($us->isPostAuthenticationValidated());
- $this->container['sessionStorage']->postAuth = array('validated' => true);
- $this->assertTrue($us->check2FA());
+ $us->validatePostAuthentication();
+ $this->assertTrue($us->isPostAuthenticationValidated());
$this->container['sessionStorage']->user = array();
- $this->assertFalse($us->has2FA());
+ $this->assertFalse($us->hasPostAuthentication());
$this->container['sessionStorage']->user = array('twofactor_activated' => false);
- $this->assertFalse($us->has2FA());
+ $this->assertFalse($us->hasPostAuthentication());
$this->container['sessionStorage']->user = array('twofactor_activated' => true);
- $this->assertTrue($us->has2FA());
+ $this->assertTrue($us->hasPostAuthentication());
- $us->disable2FA();
- $this->assertFalse($us->has2FA());
+ $us->disablePostAuthentication();
+ $this->assertFalse($us->hasPostAuthentication());
}
}
diff --git a/tests/units/Core/User/UserSyncTest.php b/tests/units/Core/User/UserSyncTest.php
new file mode 100644
index 00000000..e7ce42b2
--- /dev/null
+++ b/tests/units/Core/User/UserSyncTest.php
@@ -0,0 +1,55 @@
+<?php
+
+require_once __DIR__.'/../../Base.php';
+
+use Kanboard\Core\Security\Role;
+use Kanboard\Core\User\UserSync;
+use Kanboard\User\LdapUserProvider;
+
+class UserSyncTest extends Base
+{
+ public function testSynchronizeNewUser()
+ {
+ $user = new LdapUserProvider('ldapId', 'bob', 'Bob', '', Role::APP_MANAGER, array());
+ $userSync = new UserSync($this->container);
+
+ $profile = array(
+ 'id' => 2,
+ 'username' => 'bob',
+ 'name' => 'Bob',
+ 'email' => '',
+ 'role' => Role::APP_MANAGER,
+ 'is_ldap_user' => 1,
+ );
+
+ $this->assertArraySubset($profile, $userSync->synchronize($user));
+ }
+
+ public function testSynchronizeExistingUser()
+ {
+ $userSync = new UserSync($this->container);
+ $user = new LdapUserProvider('ldapId', 'admin', 'Admin', 'email@localhost', Role::APP_MANAGER, array());
+
+ $profile = array(
+ 'id' => 1,
+ 'username' => 'admin',
+ 'name' => 'Admin',
+ 'email' => 'email@localhost',
+ 'role' => Role::APP_MANAGER,
+ );
+
+ $this->assertArraySubset($profile, $userSync->synchronize($user));
+
+ $user = new LdapUserProvider('ldapId', 'admin', '', '', Role::APP_ADMIN, array());
+
+ $profile = array(
+ 'id' => 1,
+ 'username' => 'admin',
+ 'name' => 'Admin',
+ 'email' => 'email@localhost',
+ 'role' => Role::APP_ADMIN,
+ );
+
+ $this->assertArraySubset($profile, $userSync->synchronize($user));
+ }
+}
diff --git a/tests/units/Helper/UserHelperTest.php b/tests/units/Helper/UserHelperTest.php
index eba977ee..2b503157 100644
--- a/tests/units/Helper/UserHelperTest.php
+++ b/tests/units/Helper/UserHelperTest.php
@@ -4,172 +4,227 @@ require_once __DIR__.'/../Base.php';
use Kanboard\Helper\User;
use Kanboard\Model\Project;
-use Kanboard\Model\ProjectPermission;
+use Kanboard\Model\ProjectUserRole;
use Kanboard\Model\User as UserModel;
+use Kanboard\Core\Security\Role;
class UserHelperTest extends Base
{
public function testInitials()
{
- $h = new User($this->container);
+ $helper = new User($this->container);
- $this->assertEquals('CN', $h->getInitials('chuck norris'));
- $this->assertEquals('A', $h->getInitials('admin'));
+ $this->assertEquals('CN', $helper->getInitials('chuck norris'));
+ $this->assertEquals('A', $helper->getInitials('admin'));
}
- public function testIsProjectAdministrationAllowedForProjectAdmin()
+ public function testGetRoleName()
{
- $h = new User($this->container);
- $p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
- $u = new UserModel($this->container);
-
- // We create our user
- $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest')));
+ $helper = new User($this->container);
+ $this->assertEquals('Administrator', $helper->getRoleName(Role::APP_ADMIN));
+ $this->assertEquals('Manager', $helper->getRoleName(Role::APP_MANAGER));
+ $this->assertEquals('Project Viewer', $helper->getRoleName(Role::PROJECT_VIEWER));
+ }
- // We create a project and set our user as project manager
- $this->assertEquals(1, $p->create(array('name' => 'UnitTest')));
- $this->assertTrue($pp->addMember(1, 2));
- $this->assertTrue($pp->isMember(1, 2));
- $this->assertFalse($pp->isManager(1, 2));
+ public function testHasAccessForAdmins()
+ {
+ $helper = new User($this->container);
- // We fake a session for him
$this->container['sessionStorage']->user = array(
'id' => 2,
- 'is_admin' => false,
- 'is_project_admin' => true,
+ 'role' => Role::APP_ADMIN,
);
- $this->assertTrue($h->isProjectAdministrationAllowed(1));
+ $this->assertTrue($helper->hasAccess('user', 'create'));
+ $this->assertTrue($helper->hasAccess('project', 'create'));
+ $this->assertTrue($helper->hasAccess('project', 'createPrivate'));
}
- public function testIsProjectAdministrationAllowedForProjectMember()
+ public function testHasAccessForManagers()
{
- $h = new User($this->container);
- $p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
- $u = new UserModel($this->container);
-
- // We create our user
- $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest')));
-
- // We create a project and set our user as project member
- $this->assertEquals(1, $p->create(array('name' => 'UnitTest')));
- $this->assertTrue($pp->addMember(1, 2));
- $this->assertTrue($pp->isMember(1, 2));
- $this->assertFalse($pp->isManager(1, 2));
+ $helper = new User($this->container);
- // We fake a session for him
$this->container['sessionStorage']->user = array(
'id' => 2,
- 'is_admin' => false,
- 'is_project_admin' => false,
+ 'role' => Role::APP_MANAGER,
);
- $this->assertFalse($h->isProjectAdministrationAllowed(1));
+ $this->assertFalse($helper->hasAccess('user', 'create'));
+ $this->assertTrue($helper->hasAccess('project', 'create'));
+ $this->assertTrue($helper->hasAccess('project', 'createPrivate'));
}
- public function testIsProjectAdministrationAllowedForProjectManager()
+ public function testHasAccessForUsers()
{
- $h = new User($this->container);
- $p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
- $u = new UserModel($this->container);
+ $helper = new User($this->container);
- // We create our user
- $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest')));
+ $this->container['sessionStorage']->user = array(
+ 'id' => 2,
+ 'role' => Role::APP_USER,
+ );
+
+ $this->assertFalse($helper->hasAccess('user', 'create'));
+ $this->assertFalse($helper->hasAccess('project', 'create'));
+ $this->assertTrue($helper->hasAccess('project', 'createPrivate'));
+ }
- // We create a project and set our user as project member
- $this->assertEquals(1, $p->create(array('name' => 'UnitTest')));
- $this->assertTrue($pp->addManager(1, 2));
- $this->assertTrue($pp->isMember(1, 2));
- $this->assertTrue($pp->isManager(1, 2));
+ public function testHasProjectAccessForAdmins()
+ {
+ $helper = new User($this->container);
+ $project = new Project($this->container);
- // We fake a session for him
$this->container['sessionStorage']->user = array(
'id' => 2,
- 'is_admin' => false,
- 'is_project_admin' => false,
+ 'role' => Role::APP_ADMIN,
);
- $this->assertFalse($h->isProjectAdministrationAllowed(1));
+ $this->assertEquals(1, $project->create(array('name' => 'My project')));
+
+ $this->assertTrue($helper->hasProjectAccess('project', 'edit', 1));
+ $this->assertTrue($helper->hasProjectAccess('board', 'show', 1));
}
- public function testIsProjectManagementAllowedForProjectAdmin()
+ public function testHasProjectAccessForManagers()
{
- $h = new User($this->container);
- $p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
- $u = new UserModel($this->container);
+ $helper = new User($this->container);
+ $project = new Project($this->container);
+
+ $this->container['sessionStorage']->user = array(
+ 'id' => 2,
+ 'role' => Role::APP_MANAGER,
+ );
- // We create our user
- $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest')));
+ $this->assertEquals(1, $project->create(array('name' => 'My project')));
- // We create a project and set our user as project manager
- $this->assertEquals(1, $p->create(array('name' => 'UnitTest')));
- $this->assertTrue($pp->addMember(1, 2));
- $this->assertTrue($pp->isMember(1, 2));
- $this->assertFalse($pp->isManager(1, 2));
+ $this->assertFalse($helper->hasProjectAccess('project', 'edit', 1));
+ $this->assertFalse($helper->hasProjectAccess('board', 'show', 1));
+ }
+
+ public function testHasProjectAccessForUsers()
+ {
+ $helper = new User($this->container);
+ $project = new Project($this->container);
- // We fake a session for him
$this->container['sessionStorage']->user = array(
'id' => 2,
- 'is_admin' => false,
- 'is_project_admin' => true,
+ 'role' => Role::APP_USER,
);
- $this->assertTrue($h->isProjectManagementAllowed(1));
+ $this->assertEquals(1, $project->create(array('name' => 'My project')));
+
+ $this->assertFalse($helper->hasProjectAccess('project', 'edit', 1));
+ $this->assertFalse($helper->hasProjectAccess('board', 'show', 1));
}
- public function testIsProjectManagementAllowedForProjectMember()
+ public function testHasProjectAccessForAppManagerAndProjectManagers()
{
- $h = new User($this->container);
- $p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
- $u = new UserModel($this->container);
+ $helper = new User($this->container);
+ $user = new UserModel($this->container);
+ $project = new Project($this->container);
+ $projectUserRole = new ProjectUserRole($this->container);
- // We create our user
- $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest')));
+ $this->container['sessionStorage']->user = array(
+ 'id' => 2,
+ 'role' => Role::APP_MANAGER,
+ );
+
+ $this->assertEquals(1, $project->create(array('name' => 'My project')));
+ $this->assertEquals(2, $project->create(array('name' => 'My project')));
+ $this->assertEquals(2, $user->create(array('username' => 'user')));
+ $this->assertTrue($projectUserRole->addUser(1, 2, Role::PROJECT_MANAGER));
+
+ $this->assertTrue($helper->hasProjectAccess('project', 'edit', 1));
+ $this->assertTrue($helper->hasProjectAccess('board', 'show', 1));
+ $this->assertTrue($helper->hasProjectAccess('task', 'show', 1));
+ $this->assertTrue($helper->hasProjectAccess('taskcreation', 'save', 1));
- // We create a project and set our user as project member
- $this->assertEquals(1, $p->create(array('name' => 'UnitTest')));
- $this->assertTrue($pp->addMember(1, 2));
- $this->assertTrue($pp->isMember(1, 2));
- $this->assertFalse($pp->isManager(1, 2));
+ $this->assertFalse($helper->hasProjectAccess('project', 'edit', 2));
+ $this->assertFalse($helper->hasProjectAccess('board', 'show', 2));
+ $this->assertFalse($helper->hasProjectAccess('task', 'show', 2));
+ $this->assertFalse($helper->hasProjectAccess('taskcreation', 'save', 2));
+ }
+
+ public function testHasProjectAccessForProjectManagers()
+ {
+ $helper = new User($this->container);
+ $user = new UserModel($this->container);
+ $project = new Project($this->container);
+ $projectUserRole = new ProjectUserRole($this->container);
- // We fake a session for him
$this->container['sessionStorage']->user = array(
'id' => 2,
- 'is_admin' => false,
- 'is_project_admin' => false,
+ 'role' => Role::APP_USER,
);
- $this->assertFalse($h->isProjectManagementAllowed(1));
+ $this->assertEquals(1, $project->create(array('name' => 'My project')));
+ $this->assertEquals(2, $project->create(array('name' => 'My project')));
+ $this->assertEquals(2, $user->create(array('username' => 'user')));
+ $this->assertTrue($projectUserRole->addUser(1, 2, Role::PROJECT_MANAGER));
+
+ $this->assertTrue($helper->hasProjectAccess('project', 'edit', 1));
+ $this->assertTrue($helper->hasProjectAccess('board', 'show', 1));
+ $this->assertTrue($helper->hasProjectAccess('task', 'show', 1));
+ $this->assertTrue($helper->hasProjectAccess('taskcreation', 'save', 1));
+
+ $this->assertFalse($helper->hasProjectAccess('project', 'edit', 2));
+ $this->assertFalse($helper->hasProjectAccess('board', 'show', 2));
+ $this->assertFalse($helper->hasProjectAccess('task', 'show', 2));
+ $this->assertFalse($helper->hasProjectAccess('taskcreation', 'save', 2));
}
- public function testIsProjectManagementAllowedForProjectManager()
+ public function testHasProjectAccessForProjectMembers()
{
- $h = new User($this->container);
- $p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
- $u = new UserModel($this->container);
+ $helper = new User($this->container);
+ $user = new UserModel($this->container);
+ $project = new Project($this->container);
+ $projectUserRole = new ProjectUserRole($this->container);
- // We create our user
- $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest')));
+ $this->container['sessionStorage']->user = array(
+ 'id' => 2,
+ 'role' => Role::APP_USER,
+ );
+
+ $this->assertEquals(1, $project->create(array('name' => 'My project')));
+ $this->assertEquals(2, $project->create(array('name' => 'My project')));
+ $this->assertEquals(2, $user->create(array('username' => 'user')));
+ $this->assertTrue($projectUserRole->addUser(1, 2, Role::PROJECT_MEMBER));
+
+ $this->assertFalse($helper->hasProjectAccess('project', 'edit', 1));
+ $this->assertTrue($helper->hasProjectAccess('board', 'show', 1));
+ $this->assertTrue($helper->hasProjectAccess('task', 'show', 1));
+ $this->assertTrue($helper->hasProjectAccess('taskcreation', 'save', 1));
- // We create a project and set our user as project member
- $this->assertEquals(1, $p->create(array('name' => 'UnitTest')));
- $this->assertTrue($pp->addManager(1, 2));
- $this->assertTrue($pp->isMember(1, 2));
- $this->assertTrue($pp->isManager(1, 2));
+ $this->assertFalse($helper->hasProjectAccess('project', 'edit', 2));
+ $this->assertFalse($helper->hasProjectAccess('board', 'show', 2));
+ $this->assertFalse($helper->hasProjectAccess('task', 'show', 2));
+ $this->assertFalse($helper->hasProjectAccess('taskcreation', 'save', 2));
+ }
+
+ public function testHasProjectAccessForProjectViewers()
+ {
+ $helper = new User($this->container);
+ $user = new UserModel($this->container);
+ $project = new Project($this->container);
+ $projectUserRole = new ProjectUserRole($this->container);
- // We fake a session for him
$this->container['sessionStorage']->user = array(
'id' => 2,
- 'is_admin' => false,
- 'is_project_admin' => false,
+ 'role' => Role::APP_USER,
);
- $this->assertTrue($h->isProjectManagementAllowed(1));
+ $this->assertEquals(1, $project->create(array('name' => 'My project')));
+ $this->assertEquals(2, $project->create(array('name' => 'My project')));
+ $this->assertEquals(2, $user->create(array('username' => 'user')));
+ $this->assertTrue($projectUserRole->addUser(1, 2, Role::PROJECT_VIEWER));
+
+ $this->assertFalse($helper->hasProjectAccess('project', 'edit', 1));
+ $this->assertTrue($helper->hasProjectAccess('board', 'show', 1));
+ $this->assertTrue($helper->hasProjectAccess('task', 'show', 1));
+ $this->assertFalse($helper->hasProjectAccess('taskcreation', 'save', 1));
+
+ $this->assertFalse($helper->hasProjectAccess('project', 'edit', 2));
+ $this->assertFalse($helper->hasProjectAccess('board', 'show', 2));
+ $this->assertFalse($helper->hasProjectAccess('task', 'show', 2));
+ $this->assertFalse($helper->hasProjectAccess('taskcreation', 'save', 2));
}
}
diff --git a/tests/units/Integration/BitbucketWebhookTest.php b/tests/units/Integration/BitbucketWebhookTest.php
index 1a3b005b..40dbde2e 100644
--- a/tests/units/Integration/BitbucketWebhookTest.php
+++ b/tests/units/Integration/BitbucketWebhookTest.php
@@ -6,8 +6,9 @@ use Kanboard\Integration\BitbucketWebhook;
use Kanboard\Model\TaskCreation;
use Kanboard\Model\TaskFinder;
use Kanboard\Model\Project;
-use Kanboard\Model\ProjectPermission;
+use Kanboard\Model\ProjectUserRole;
use Kanboard\Model\User;
+use Kanboard\Core\Security\Role;
class BitbucketWebhookTest extends Base
{
@@ -108,8 +109,8 @@ class BitbucketWebhookTest extends Base
$u = new User($this->container);
$this->assertEquals(2, $u->create(array('username' => 'minicoders')));
- $pp = new ProjectPermission($this->container);
- $this->assertTrue($pp->addMember(1, 2));
+ $pp = new ProjectUserRole($this->container);
+ $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER));
$g = new BitbucketWebhook($this->container);
$g->setProjectId(1);
@@ -232,8 +233,8 @@ class BitbucketWebhookTest extends Base
$u = new User($this->container);
$this->assertEquals(2, $u->create(array('username' => 'minicoders')));
- $pp = new ProjectPermission($this->container);
- $this->assertTrue($pp->addMember(1, 2));
+ $pp = new ProjectUserRole($this->container);
+ $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER));
$g = new BitbucketWebhook($this->container);
$g->setProjectId(1);
diff --git a/tests/units/Integration/GithubWebhookTest.php b/tests/units/Integration/GithubWebhookTest.php
index d64e783e..f00e5dde 100644
--- a/tests/units/Integration/GithubWebhookTest.php
+++ b/tests/units/Integration/GithubWebhookTest.php
@@ -6,8 +6,9 @@ use Kanboard\Integration\GithubWebhook;
use Kanboard\Model\TaskCreation;
use Kanboard\Model\TaskFinder;
use Kanboard\Model\Project;
-use Kanboard\Model\ProjectPermission;
+use Kanboard\Model\ProjectUserRole;
use Kanboard\Model\User;
+use Kanboard\Core\Security\Role;
class GithubWebhookTest extends Base
{
@@ -40,8 +41,8 @@ class GithubWebhookTest extends Base
$u = new User($this->container);
$this->assertEquals(2, $u->create(array('username' => 'fguillot')));
- $pp = new ProjectPermission($this->container);
- $this->assertTrue($pp->addMember(1, 2));
+ $pp = new ProjectUserRole($this->container);
+ $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER));
$g = new GithubWebhook($this->container);
$g->setProjectId(1);
@@ -111,8 +112,8 @@ class GithubWebhookTest extends Base
$u = new User($this->container);
$this->assertEquals(2, $u->create(array('username' => 'fguillot')));
- $pp = new ProjectPermission($this->container);
- $this->assertTrue($pp->addMember(1, 2));
+ $pp = new ProjectUserRole($this->container);
+ $this->assertTrue($pp->addUser(1, 2, ROLE::PROJECT_MANAGER));
$g = new GithubWebhook($this->container);
$g->setProjectId(1);
@@ -323,8 +324,8 @@ class GithubWebhookTest extends Base
$u = new User($this->container);
$this->assertEquals(2, $u->create(array('username' => 'fguillot')));
- $pp = new ProjectPermission($this->container);
- $this->assertTrue($pp->addMember(1, 2));
+ $pp = new ProjectUserRole($this->container);
+ $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER));
$g = new GithubWebhook($this->container);
$g->setProjectId(1);
diff --git a/tests/units/Integration/GitlabWebhookTest.php b/tests/units/Integration/GitlabWebhookTest.php
index fa05f292..3e0e6d2c 100644
--- a/tests/units/Integration/GitlabWebhookTest.php
+++ b/tests/units/Integration/GitlabWebhookTest.php
@@ -6,8 +6,9 @@ use Kanboard\Integration\GitlabWebhook;
use Kanboard\Model\TaskCreation;
use Kanboard\Model\TaskFinder;
use Kanboard\Model\Project;
-use Kanboard\Model\ProjectPermission;
+use Kanboard\Model\ProjectUserRole;
use Kanboard\Model\User;
+use Kanboard\Core\Security\Role;
class GitlabWebhookTest extends Base
{
@@ -179,8 +180,8 @@ class GitlabWebhookTest extends Base
$u = new User($this->container);
$this->assertEquals(2, $u->create(array('username' => 'minicoders')));
- $pp = new ProjectPermission($this->container);
- $this->assertTrue($pp->addMember(1, 2));
+ $pp = new ProjectUserRole($this->container);
+ $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER));
$g = new GitlabWebhook($this->container);
$g->setProjectId(1);
diff --git a/tests/units/Model/AclTest.php b/tests/units/Model/AclTest.php
deleted file mode 100644
index afda446b..00000000
--- a/tests/units/Model/AclTest.php
+++ /dev/null
@@ -1,296 +0,0 @@
-<?php
-
-require_once __DIR__.'/../Base.php';
-
-use Kanboard\Model\Acl;
-use Kanboard\Model\Project;
-use Kanboard\Model\ProjectPermission;
-use Kanboard\Model\User;
-
-class AclTest extends Base
-{
- public function testMatchAcl()
- {
- $acl_rules = array(
- 'controller1' => array('action1', 'action3'),
- 'controller3' => '*',
- 'controller5' => '-',
- 'controller6' => array(),
- 'controllera' => '*',
- );
-
- $acl = new Acl($this->container);
- $this->assertTrue($acl->matchAcl($acl_rules, 'controller1', 'aCtiOn1'));
- $this->assertTrue($acl->matchAcl($acl_rules, 'controller1', 'action1'));
- $this->assertTrue($acl->matchAcl($acl_rules, 'controller1', 'action3'));
- $this->assertFalse($acl->matchAcl($acl_rules, 'controller1', 'action2'));
- $this->assertFalse($acl->matchAcl($acl_rules, 'controller2', 'action2'));
- $this->assertFalse($acl->matchAcl($acl_rules, 'controller2', 'action3'));
- $this->assertTrue($acl->matchAcl($acl_rules, 'controller3', 'anything'));
- $this->assertFalse($acl->matchAcl($acl_rules, 'controller4', 'anything'));
- $this->assertFalse($acl->matchAcl($acl_rules, 'controller5', 'anything'));
- $this->assertFalse($acl->matchAcl($acl_rules, 'controller6', 'anything'));
- $this->assertTrue($acl->matchAcl($acl_rules, 'ControllerA', 'anything'));
- $this->assertTrue($acl->matchAcl($acl_rules, 'controllera', 'anything'));
- }
-
- public function testPublicActions()
- {
- $acl = new Acl($this->container);
- $this->assertTrue($acl->isPublicAction('task', 'readonly'));
- $this->assertTrue($acl->isPublicAction('board', 'readonly'));
- $this->assertFalse($acl->isPublicAction('board', 'show'));
- $this->assertTrue($acl->isPublicAction('feed', 'project'));
- $this->assertTrue($acl->isPublicAction('feed', 'user'));
- $this->assertTrue($acl->isPublicAction('ical', 'project'));
- $this->assertTrue($acl->isPublicAction('ical', 'user'));
- $this->assertTrue($acl->isPublicAction('oauth', 'github'));
- $this->assertTrue($acl->isPublicAction('oauth', 'google'));
- $this->assertTrue($acl->isPublicAction('auth', 'login'));
- $this->assertTrue($acl->isPublicAction('auth', 'check'));
- $this->assertTrue($acl->isPublicAction('auth', 'captcha'));
- }
-
- public function testAdminActions()
- {
- $acl = new Acl($this->container);
- $this->assertFalse($acl->isAdminAction('board', 'show'));
- $this->assertFalse($acl->isAdminAction('task', 'show'));
- $this->assertTrue($acl->isAdminAction('config', 'api'));
- $this->assertTrue($acl->isAdminAction('config', 'anything'));
- $this->assertTrue($acl->isAdminAction('config', 'anything'));
- $this->assertTrue($acl->isAdminAction('user', 'save'));
- }
-
- public function testProjectAdminActions()
- {
- $acl = new Acl($this->container);
- $this->assertFalse($acl->isProjectAdminAction('config', 'save'));
- $this->assertFalse($acl->isProjectAdminAction('user', 'index'));
- $this->assertTrue($acl->isProjectAdminAction('project', 'remove'));
- }
-
- public function testProjectManagerActions()
- {
- $acl = new Acl($this->container);
- $this->assertFalse($acl->isProjectManagerAction('board', 'readonly'));
- $this->assertFalse($acl->isProjectManagerAction('project', 'remove'));
- $this->assertFalse($acl->isProjectManagerAction('project', 'show'));
- $this->assertTrue($acl->isProjectManagerAction('project', 'disable'));
- $this->assertTrue($acl->isProjectManagerAction('category', 'index'));
- $this->assertTrue($acl->isProjectManagerAction('project', 'users'));
- $this->assertFalse($acl->isProjectManagerAction('app', 'index'));
- }
-
- public function testPageAccessNoSession()
- {
- $acl = new Acl($this->container);
-
- $this->assertFalse($acl->isAllowed('board', 'readonly'));
- $this->assertFalse($acl->isAllowed('task', 'show'));
- $this->assertFalse($acl->isAllowed('config', 'application'));
- $this->assertFalse($acl->isAllowed('project', 'users'));
- $this->assertFalse($acl->isAllowed('task', 'remove'));
- $this->assertTrue($acl->isAllowed('app', 'index'));
- }
-
- public function testPageAccessEmptySession()
- {
- $acl = new Acl($this->container);
- $this->container['sessionStorage']->user = array();
-
- $this->assertFalse($acl->isAllowed('board', 'readonly'));
- $this->assertFalse($acl->isAllowed('task', 'show'));
- $this->assertFalse($acl->isAllowed('config', 'application'));
- $this->assertFalse($acl->isAllowed('project', 'users'));
- $this->assertFalse($acl->isAllowed('task', 'remove'));
- $this->assertTrue($acl->isAllowed('app', 'index'));
- }
-
- public function testPageAccessAdminUser()
- {
- $acl = new Acl($this->container);
- $this->container['sessionStorage']->user = array(
- 'is_admin' => true,
- );
-
- $this->assertTrue($acl->isAllowed('board', 'readonly'));
- $this->assertTrue($acl->isAllowed('task', 'readonly'));
- $this->assertTrue($acl->isAllowed('webhook', 'github'));
- $this->assertTrue($acl->isAllowed('task', 'show'));
- $this->assertTrue($acl->isAllowed('task', 'update'));
- $this->assertTrue($acl->isAllowed('config', 'application'));
- $this->assertTrue($acl->isAllowed('project', 'show'));
- $this->assertTrue($acl->isAllowed('project', 'users'));
- $this->assertTrue($acl->isAllowed('project', 'remove'));
- $this->assertTrue($acl->isAllowed('category', 'edit'));
- $this->assertTrue($acl->isAllowed('task', 'remove'));
- $this->assertTrue($acl->isAllowed('app', 'index'));
- }
-
- public function testPageAccessProjectAdmin()
- {
- $acl = new Acl($this->container);
- $p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
- $u = new User($this->container);
-
- // We create our user
- $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest')));
-
- // We create a project and set our user as project manager
- $this->assertEquals(1, $p->create(array('name' => 'UnitTest')));
- $this->assertTrue($pp->addMember(1, 2));
- $this->assertTrue($pp->isMember(1, 2));
- $this->assertFalse($pp->isManager(1, 2));
-
- // We fake a session for him
- $this->container['sessionStorage']->user = array(
- 'id' => 2,
- 'is_admin' => false,
- 'is_project_admin' => true,
- );
-
- $this->assertTrue($acl->isAllowed('board', 'readonly', 1));
- $this->assertTrue($acl->isAllowed('task', 'readonly', 1));
- $this->assertTrue($acl->isAllowed('webhook', 'github', 1));
- $this->assertTrue($acl->isAllowed('task', 'show', 1));
- $this->assertFalse($acl->isAllowed('task', 'show', 2));
- $this->assertTrue($acl->isAllowed('task', 'update', 1));
- $this->assertTrue($acl->isAllowed('project', 'show', 1));
- $this->assertFalse($acl->isAllowed('config', 'application', 1));
-
- $this->assertTrue($acl->isAllowed('project', 'users', 1));
- $this->assertFalse($acl->isAllowed('project', 'users', 2));
-
- $this->assertTrue($acl->isAllowed('project', 'remove', 1));
- $this->assertFalse($acl->isAllowed('project', 'remove', 2));
-
- $this->assertTrue($acl->isAllowed('category', 'edit', 1));
- $this->assertTrue($acl->isAllowed('task', 'remove', 1));
- $this->assertTrue($acl->isAllowed('app', 'index', 1));
- }
-
- public function testPageAccessProjectManager()
- {
- $acl = new Acl($this->container);
- $p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
- $u = new User($this->container);
-
- // We create our user
- $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest')));
-
- // We create a project and set our user as project manager
- $this->assertEquals(1, $p->create(array('name' => 'UnitTest'), 2, true));
- $this->assertTrue($pp->isMember(1, 2));
- $this->assertTrue($pp->isManager(1, 2));
-
- // We fake a session for him
- $this->container['sessionStorage']->user = array(
- 'id' => 2,
- 'is_admin' => false,
- );
-
- $this->assertTrue($acl->isAllowed('board', 'readonly', 1));
- $this->assertTrue($acl->isAllowed('task', 'readonly', 1));
- $this->assertTrue($acl->isAllowed('webhook', 'github', 1));
- $this->assertTrue($acl->isAllowed('task', 'show', 1));
- $this->assertFalse($acl->isAllowed('task', 'show', 2));
- $this->assertTrue($acl->isAllowed('task', 'update', 1));
- $this->assertTrue($acl->isAllowed('project', 'show', 1));
- $this->assertFalse($acl->isAllowed('config', 'application', 1));
-
- $this->assertTrue($acl->isAllowed('project', 'users', 1));
- $this->assertFalse($acl->isAllowed('project', 'users', 2));
-
- $this->assertFalse($acl->isAllowed('project', 'remove', 1));
- $this->assertFalse($acl->isAllowed('project', 'remove', 2));
-
- $this->assertTrue($acl->isAllowed('category', 'edit', 1));
- $this->assertTrue($acl->isAllowed('task', 'remove', 1));
- $this->assertTrue($acl->isAllowed('app', 'index', 1));
- }
-
- public function testPageAccessMember()
- {
- $acl = new Acl($this->container);
- $p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
- $u = new User($this->container);
-
- // We create our user
- $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest')));
-
- // We create a project and set our user as member
- $this->assertEquals(1, $p->create(array('name' => 'UnitTest1')));
- $this->assertEquals(2, $p->create(array('name' => 'UnitTest2')));
- $this->assertTrue($pp->addMember(1, 2));
- $this->assertTrue($pp->isMember(1, 2));
- $this->assertFalse($pp->isManager(1, 2));
-
- $this->container['sessionStorage']->user = array(
- 'id' => 2,
- 'is_admin' => false,
- );
-
- $this->assertTrue($acl->isAllowed('board', 'readonly', 1));
- $this->assertTrue($acl->isAllowed('task', 'readonly', 1));
- $this->assertTrue($acl->isAllowed('webhook', 'github', 1));
- $this->assertFalse($acl->isAllowed('board', 'show', 2));
- $this->assertTrue($acl->isAllowed('board', 'show', 1));
- $this->assertFalse($acl->isAllowed('task', 'show', 2));
- $this->assertTrue($acl->isAllowed('task', 'show', 1));
- $this->assertTrue($acl->isAllowed('task', 'update', 1));
- $this->assertTrue($acl->isAllowed('project', 'show', 1));
- $this->assertFalse($acl->isAllowed('config', 'application', 1));
- $this->assertFalse($acl->isAllowed('project', 'users', 1));
- $this->assertTrue($acl->isAllowed('task', 'remove', 1));
- $this->assertFalse($acl->isAllowed('task', 'remove', 2));
- $this->assertTrue($acl->isAllowed('app', 'index', 1));
- }
-
- public function testPageAccessNotMember()
- {
- $acl = new Acl($this->container);
- $p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
- $u = new User($this->container);
-
- // We create our user
- $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest')));
-
- // We create a project and set our user as member
- $this->assertEquals(1, $p->create(array('name' => 'UnitTest1')));
- $this->assertEquals(2, $p->create(array('name' => 'UnitTest2')));
- $this->assertFalse($pp->isMember(1, 2));
- $this->assertFalse($pp->isManager(1, 2));
-
- $this->container['sessionStorage']->user = array(
- 'id' => 2,
- 'is_admin' => false,
- );
-
- $this->assertFalse($acl->isAllowed('board', 'show', 2));
- $this->assertFalse($acl->isAllowed('board', 'show', 1));
- $this->assertFalse($acl->isAllowed('task', 'show', 1));
- $this->assertFalse($acl->isAllowed('task', 'update', 1));
- $this->assertFalse($acl->isAllowed('project', 'show', 1));
- $this->assertFalse($acl->isAllowed('config', 'application', 1));
- $this->assertFalse($acl->isAllowed('project', 'users', 1));
- $this->assertFalse($acl->isAllowed('task', 'remove', 1));
- $this->assertTrue($acl->isAllowed('app', 'index', 1));
- }
-
- public function testExtend()
- {
- $acl = new Acl($this->container);
-
- $this->assertFalse($acl->isProjectManagerAction('plop', 'show'));
-
- $acl->extend('project_manager_acl', array('plop' => '*'));
-
- $this->assertTrue($acl->isProjectManagerAction('plop', 'show'));
- $this->assertTrue($acl->isProjectManagerAction('swimlane', 'index'));
- }
-}
diff --git a/tests/units/Model/ActionTest.php b/tests/units/Model/ActionTest.php
index 30f6b22c..4a338707 100644
--- a/tests/units/Model/ActionTest.php
+++ b/tests/units/Model/ActionTest.php
@@ -11,9 +11,10 @@ use Kanboard\Model\TaskCreation;
use Kanboard\Model\TaskFinder;
use Kanboard\Model\Category;
use Kanboard\Model\User;
-use Kanboard\Model\ProjectPermission;
+use Kanboard\Model\ProjectUserRole;
use Kanboard\Integration\GithubWebhook;
use Kanboard\Integration\BitbucketWebhook;
+use Kanboard\Core\Security\Role;
class ActionTest extends Base
{
@@ -62,7 +63,7 @@ class ActionTest extends Base
public function testResolveDuplicatedParameters()
{
$p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
+ $pp = new ProjectUserRole($this->container);
$a = new Action($this->container);
$c = new Category($this->container);
$u = new User($this->container);
@@ -78,9 +79,9 @@ class ActionTest extends Base
$this->assertEquals(2, $u->create(array('username' => 'unittest1')));
$this->assertEquals(3, $u->create(array('username' => 'unittest2')));
- $this->assertTrue($pp->addMember(1, 2));
- $this->assertTrue($pp->addMember(1, 3));
- $this->assertTrue($pp->addMember(2, 3));
+ $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER));
+ $this->assertTrue($pp->addUser(1, 3, Role::PROJECT_MEMBER));
+ $this->assertTrue($pp->addUser(2, 3, Role::PROJECT_MEMBER));
// anything
$this->assertEquals('blah', $a->resolveParameters(array('name' => 'foobar', 'value' => 'blah'), 2));
@@ -113,7 +114,7 @@ class ActionTest extends Base
public function testDuplicateSuccess()
{
$p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
+ $pp = new ProjectUserRole($this->container);
$a = new Action($this->container);
$u = new User($this->container);
@@ -123,9 +124,9 @@ class ActionTest extends Base
$this->assertEquals(2, $u->create(array('username' => 'unittest1')));
$this->assertEquals(3, $u->create(array('username' => 'unittest2')));
- $this->assertTrue($pp->addMember(1, 2));
- $this->assertTrue($pp->addMember(1, 3));
- $this->assertTrue($pp->addMember(2, 3));
+ $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER));
+ $this->assertTrue($pp->addUser(1, 3, Role::PROJECT_MEMBER));
+ $this->assertTrue($pp->addUser(2, 3, Role::PROJECT_MEMBER));
$this->assertEquals(1, $a->create(array(
'project_id' => 1,
@@ -159,7 +160,7 @@ class ActionTest extends Base
public function testDuplicateUnableToResolveParams()
{
$p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
+ $pp = new ProjectUserRole($this->container);
$a = new Action($this->container);
$u = new User($this->container);
@@ -168,7 +169,7 @@ class ActionTest extends Base
$this->assertEquals(2, $u->create(array('username' => 'unittest1')));
- $this->assertTrue($pp->addMember(1, 2));
+ $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER));
$this->assertEquals(1, $a->create(array(
'project_id' => 1,
@@ -196,7 +197,7 @@ class ActionTest extends Base
public function testDuplicateMixedResults()
{
$p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
+ $pp = new ProjectUserRole($this->container);
$a = new Action($this->container);
$u = new User($this->container);
$c = new Category($this->container);
@@ -210,7 +211,7 @@ class ActionTest extends Base
$this->assertEquals(2, $u->create(array('username' => 'unittest1')));
- $this->assertTrue($pp->addMember(1, 2));
+ $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER));
$this->assertEquals(1, $a->create(array(
'project_id' => 1,
diff --git a/tests/units/Model/AuthenticationTest.php b/tests/units/Model/AuthenticationTest.php
deleted file mode 100644
index 6b48affe..00000000
--- a/tests/units/Model/AuthenticationTest.php
+++ /dev/null
@@ -1,39 +0,0 @@
-<?php
-
-require_once __DIR__.'/../Base.php';
-
-use Kanboard\Model\User;
-use Kanboard\Model\Authentication;
-
-class AuthenticationTest extends Base
-{
- public function testHasCaptcha()
- {
- $u = new User($this->container);
- $a = new Authentication($this->container);
-
- $this->assertFalse($a->hasCaptcha('not_found'));
- $this->assertFalse($a->hasCaptcha('admin'));
-
- $this->assertTrue($u->incrementFailedLogin('admin'));
- $this->assertTrue($u->incrementFailedLogin('admin'));
- $this->assertTrue($u->incrementFailedLogin('admin'));
-
- $this->assertFalse($a->hasCaptcha('not_found'));
- $this->assertTrue($a->hasCaptcha('admin'));
- }
-
- public function testHandleFailedLogin()
- {
- $u = new User($this->container);
- $a = new Authentication($this->container);
-
- $this->assertFalse($u->isLocked('admin'));
-
- for ($i = 0; $i <= 6; $i++) {
- $a->handleFailedLogin('admin');
- }
-
- $this->assertTrue($u->isLocked('admin'));
- }
-}
diff --git a/tests/units/Model/ProjectDuplicationTest.php b/tests/units/Model/ProjectDuplicationTest.php
index e3234dfe..8b74675b 100644
--- a/tests/units/Model/ProjectDuplicationTest.php
+++ b/tests/units/Model/ProjectDuplicationTest.php
@@ -5,13 +5,14 @@ require_once __DIR__.'/../Base.php';
use Kanboard\Model\Action;
use Kanboard\Model\Project;
use Kanboard\Model\Category;
-use Kanboard\Model\ProjectPermission;
+use Kanboard\Model\ProjectUserRole;
use Kanboard\Model\ProjectDuplication;
use Kanboard\Model\User;
use Kanboard\Model\Swimlane;
use Kanboard\Model\Task;
use Kanboard\Model\TaskCreation;
use Kanboard\Model\TaskFinder;
+use Kanboard\Core\Security\Role;
class ProjectDuplicationTest extends Base
{
@@ -72,10 +73,10 @@ class ProjectDuplicationTest extends Base
$this->assertEquals(0, $project['is_public']);
$this->assertEmpty($project['token']);
- $pp = new ProjectPermission($this->container);
+ $pp = new ProjectUserRole($this->container);
- $this->assertEquals(array(1 => 'admin'), $pp->getMembers(1));
- $this->assertEquals(array(1 => 'admin'), $pp->getMembers(2));
+ $this->assertEquals(array(1 => 'admin'), $pp->getAssignableUsers(1));
+ $this->assertEquals(array(1 => 'admin'), $pp->getAssignableUsers(2));
}
public function testCloneProjectWithCategories()
@@ -114,7 +115,7 @@ class ProjectDuplicationTest extends Base
{
$p = new Project($this->container);
$c = new Category($this->container);
- $pp = new ProjectPermission($this->container);
+ $pp = new ProjectUserRole($this->container);
$u = new User($this->container);
$pd = new ProjectDuplication($this->container);
@@ -123,15 +124,12 @@ class ProjectDuplicationTest extends Base
$this->assertEquals(4, $u->create(array('username' => 'unittest3', 'password' => 'unittest')));
$this->assertEquals(1, $p->create(array('name' => 'P1')));
- $this->assertTrue($pp->addMember(1, 2));
- $this->assertTrue($pp->addMember(1, 4));
- $this->assertTrue($pp->addManager(1, 3));
- $this->assertTrue($pp->isMember(1, 2));
- $this->assertTrue($pp->isMember(1, 3));
- $this->assertTrue($pp->isMember(1, 4));
- $this->assertFalse($pp->isManager(1, 2));
- $this->assertTrue($pp->isManager(1, 3));
- $this->assertFalse($pp->isManager(1, 4));
+ $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER));
+ $this->assertTrue($pp->addUser(1, 3, Role::PROJECT_MEMBER));
+ $this->assertTrue($pp->addUser(1, 4, Role::PROJECT_MANAGER));
+ $this->assertEquals(Role::PROJECT_MEMBER, $pp->getUserRole(1, 2));
+ $this->assertEquals(Role::PROJECT_MEMBER, $pp->getUserRole(1, 3));
+ $this->assertEquals(Role::PROJECT_MANAGER, $pp->getUserRole(1, 4));
$this->assertEquals(2, $pd->duplicate(1));
@@ -139,13 +137,10 @@ class ProjectDuplicationTest extends Base
$this->assertNotEmpty($project);
$this->assertEquals('P1 (Clone)', $project['name']);
- $this->assertEquals(3, count($pp->getMembers(2)));
- $this->assertTrue($pp->isMember(2, 2));
- $this->assertTrue($pp->isMember(2, 3));
- $this->assertTrue($pp->isMember(2, 4));
- $this->assertFalse($pp->isManager(2, 2));
- $this->assertTrue($pp->isManager(2, 3));
- $this->assertFalse($pp->isManager(2, 4));
+ $this->assertEquals(3, count($pp->getUsers(2)));
+ $this->assertEquals(Role::PROJECT_MEMBER, $pp->getUserRole(2, 2));
+ $this->assertEquals(Role::PROJECT_MEMBER, $pp->getUserRole(2, 3));
+ $this->assertEquals(Role::PROJECT_MANAGER, $pp->getUserRole(2, 4));
}
public function testCloneProjectWithActionTaskAssignCurrentUser()
diff --git a/tests/units/Model/ProjectGroupRoleTest.php b/tests/units/Model/ProjectGroupRoleTest.php
new file mode 100644
index 00000000..52b83082
--- /dev/null
+++ b/tests/units/Model/ProjectGroupRoleTest.php
@@ -0,0 +1,340 @@
+<?php
+
+require_once __DIR__.'/../Base.php';
+
+use Kanboard\Model\Project;
+use Kanboard\Model\User;
+use Kanboard\Model\Group;
+use Kanboard\Model\GroupMember;
+use Kanboard\Model\ProjectGroupRole;
+use Kanboard\Core\Security\Role;
+
+class ProjectGroupRoleTest extends Base
+{
+ public function testGetUserRole()
+ {
+ $projectModel = new Project($this->container);
+ $groupModel = new Group($this->container);
+ $groupRoleModel = new ProjectGroupRole($this->container);
+ $groupMemberModel = new GroupMember($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Test')));
+ $this->assertEquals(1, $groupModel->create('Group A'));
+
+ $this->assertTrue($groupMemberModel->addUser(1, 1));
+ $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER));
+
+ $this->assertEquals(Role::PROJECT_VIEWER, $groupRoleModel->getUserRole(1, 1));
+ $this->assertEquals('', $groupRoleModel->getUserRole(1, 2));
+ }
+
+ public function testAddGroup()
+ {
+ $projectModel = new Project($this->container);
+ $groupModel = new Group($this->container);
+ $groupRoleModel = new ProjectGroupRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Test')));
+ $this->assertEquals(1, $groupModel->create('Test'));
+
+ $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER));
+ $this->assertFalse($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER));
+
+ $groups = $groupRoleModel->getGroups(1);
+ $this->assertCount(1, $groups);
+ $this->assertEquals(1, $groups[0]['id']);
+ $this->assertEquals('Test', $groups[0]['name']);
+ $this->assertEquals(Role::PROJECT_VIEWER, $groups[0]['role']);
+ }
+
+ public function testRemoveGroup()
+ {
+ $projectModel = new Project($this->container);
+ $groupModel = new Group($this->container);
+ $groupRoleModel = new ProjectGroupRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Test')));
+ $this->assertEquals(1, $groupModel->create('Test'));
+
+ $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_MEMBER));
+ $this->assertTrue($groupRoleModel->removeGroup(1, 1));
+ $this->assertFalse($groupRoleModel->removeGroup(1, 1));
+
+ $this->assertEmpty($groupRoleModel->getGroups(1));
+ }
+
+ public function testChangeRole()
+ {
+ $projectModel = new Project($this->container);
+ $groupModel = new Group($this->container);
+ $groupRoleModel = new ProjectGroupRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Test')));
+ $this->assertEquals(1, $groupModel->create('Test'));
+
+ $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER));
+ $this->assertTrue($groupRoleModel->changeGroupRole(1, 1, Role::PROJECT_MANAGER));
+
+ $groups = $groupRoleModel->getGroups(1);
+ $this->assertCount(1, $groups);
+ $this->assertEquals(1, $groups[0]['id']);
+ $this->assertEquals('Test', $groups[0]['name']);
+ $this->assertEquals(Role::PROJECT_MANAGER, $groups[0]['role']);
+ }
+
+ public function testGetGroups()
+ {
+ $projectModel = new Project($this->container);
+ $groupModel = new Group($this->container);
+ $groupRoleModel = new ProjectGroupRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Test')));
+ $this->assertEquals(1, $groupModel->create('Group C'));
+ $this->assertEquals(2, $groupModel->create('Group B'));
+ $this->assertEquals(3, $groupModel->create('Group A'));
+
+ $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER));
+ $this->assertTrue($groupRoleModel->addGroup(1, 2, Role::PROJECT_MEMBER));
+ $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER));
+
+ $groups = $groupRoleModel->getGroups(1);
+ $this->assertCount(3, $groups);
+
+ $this->assertEquals(3, $groups[0]['id']);
+ $this->assertEquals('Group A', $groups[0]['name']);
+ $this->assertEquals(Role::PROJECT_MANAGER, $groups[0]['role']);
+
+ $this->assertEquals(2, $groups[1]['id']);
+ $this->assertEquals('Group B', $groups[1]['name']);
+ $this->assertEquals(Role::PROJECT_MEMBER, $groups[1]['role']);
+
+ $this->assertEquals(1, $groups[2]['id']);
+ $this->assertEquals('Group C', $groups[2]['name']);
+ $this->assertEquals(Role::PROJECT_VIEWER, $groups[2]['role']);
+ }
+
+ public function testGetUsers()
+ {
+ $userModel = new User($this->container);
+ $projectModel = new Project($this->container);
+ $groupModel = new Group($this->container);
+ $groupMemberModel = new GroupMember($this->container);
+ $groupRoleModel = new ProjectGroupRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1')));
+ $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2')));
+
+ $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1')));
+ $this->assertEquals(3, $userModel->create(array('username' => 'user 2')));
+ $this->assertEquals(4, $userModel->create(array('username' => 'user 3')));
+
+ $this->assertEquals(1, $groupModel->create('Group A'));
+ $this->assertEquals(2, $groupModel->create('Group B'));
+ $this->assertEquals(3, $groupModel->create('Group C'));
+
+ $this->assertTrue($groupMemberModel->addUser(1, 4));
+ $this->assertTrue($groupMemberModel->addUser(2, 3));
+ $this->assertTrue($groupMemberModel->addUser(3, 2));
+
+ $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER));
+ $this->assertTrue($groupRoleModel->addGroup(1, 2, Role::PROJECT_MEMBER));
+ $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER));
+
+ $users = $groupRoleModel->getUsers(2);
+ $this->assertCount(0, $users);
+
+ $users = $groupRoleModel->getUsers(1);
+ $this->assertCount(3, $users);
+
+ $this->assertEquals(2, $users[0]['id']);
+ $this->assertEquals('user 1', $users[0]['username']);
+ $this->assertEquals('User #1', $users[0]['name']);
+ $this->assertEquals(Role::PROJECT_MANAGER, $users[0]['role']);
+
+ $this->assertEquals(3, $users[1]['id']);
+ $this->assertEquals('user 2', $users[1]['username']);
+ $this->assertEquals('', $users[1]['name']);
+ $this->assertEquals(Role::PROJECT_MEMBER, $users[1]['role']);
+
+ $this->assertEquals(4, $users[2]['id']);
+ $this->assertEquals('user 3', $users[2]['username']);
+ $this->assertEquals('', $users[2]['name']);
+ $this->assertEquals(Role::PROJECT_VIEWER, $users[2]['role']);
+ }
+
+ public function testGetAssignableUsers()
+ {
+ $userModel = new User($this->container);
+ $projectModel = new Project($this->container);
+ $groupModel = new Group($this->container);
+ $groupMemberModel = new GroupMember($this->container);
+ $groupRoleModel = new ProjectGroupRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1')));
+ $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2')));
+
+ $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1')));
+ $this->assertEquals(3, $userModel->create(array('username' => 'user 2')));
+ $this->assertEquals(4, $userModel->create(array('username' => 'user 3')));
+
+ $this->assertEquals(1, $groupModel->create('Group A'));
+ $this->assertEquals(2, $groupModel->create('Group B'));
+ $this->assertEquals(3, $groupModel->create('Group C'));
+
+ $this->assertTrue($groupMemberModel->addUser(1, 4));
+ $this->assertTrue($groupMemberModel->addUser(2, 3));
+ $this->assertTrue($groupMemberModel->addUser(3, 2));
+
+ $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER));
+ $this->assertTrue($groupRoleModel->addGroup(1, 2, Role::PROJECT_MEMBER));
+ $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER));
+
+ $users = $groupRoleModel->getAssignableUsers(2);
+ $this->assertCount(0, $users);
+
+ $users = $groupRoleModel->getAssignableUsers(1);
+ $this->assertCount(2, $users);
+
+ $this->assertEquals(2, $users[0]['id']);
+ $this->assertEquals('user 1', $users[0]['username']);
+ $this->assertEquals('User #1', $users[0]['name']);
+
+ $this->assertEquals(3, $users[1]['id']);
+ $this->assertEquals('user 2', $users[1]['username']);
+ $this->assertEquals('', $users[1]['name']);
+ }
+
+ public function testGetProjectsByUser()
+ {
+ $userModel = new User($this->container);
+ $projectModel = new Project($this->container);
+ $groupModel = new Group($this->container);
+ $groupMemberModel = new GroupMember($this->container);
+ $groupRoleModel = new ProjectGroupRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1')));
+ $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2')));
+
+ $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1')));
+ $this->assertEquals(3, $userModel->create(array('username' => 'user 2')));
+ $this->assertEquals(4, $userModel->create(array('username' => 'user 3')));
+ $this->assertEquals(5, $userModel->create(array('username' => 'user 4')));
+
+ $this->assertEquals(1, $groupModel->create('Group C'));
+ $this->assertEquals(2, $groupModel->create('Group B'));
+ $this->assertEquals(3, $groupModel->create('Group A'));
+
+ $this->assertTrue($groupMemberModel->addUser(1, 4));
+ $this->assertTrue($groupMemberModel->addUser(2, 5));
+ $this->assertTrue($groupMemberModel->addUser(3, 3));
+ $this->assertTrue($groupMemberModel->addUser(3, 2));
+
+ $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER));
+ $this->assertTrue($groupRoleModel->addGroup(2, 2, Role::PROJECT_MEMBER));
+ $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER));
+
+ $projects = $groupRoleModel->getProjectsByUser(2);
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 1', $projects[1]);
+
+ $projects = $groupRoleModel->getProjectsByUser(3);
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 1', $projects[1]);
+
+ $projects = $groupRoleModel->getProjectsByUser(4);
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 1', $projects[1]);
+
+ $projects = $groupRoleModel->getProjectsByUser(5);
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 2', $projects[2]);
+ }
+
+ public function testGetActiveProjectsByUser()
+ {
+ $userModel = new User($this->container);
+ $projectModel = new Project($this->container);
+ $groupModel = new Group($this->container);
+ $groupMemberModel = new GroupMember($this->container);
+ $groupRoleModel = new ProjectGroupRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1', 'is_active' => 0)));
+ $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2')));
+
+ $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1')));
+ $this->assertEquals(3, $userModel->create(array('username' => 'user 2')));
+ $this->assertEquals(4, $userModel->create(array('username' => 'user 3')));
+ $this->assertEquals(5, $userModel->create(array('username' => 'user 4')));
+
+ $this->assertEquals(1, $groupModel->create('Group C'));
+ $this->assertEquals(2, $groupModel->create('Group B'));
+ $this->assertEquals(3, $groupModel->create('Group A'));
+
+ $this->assertTrue($groupMemberModel->addUser(1, 4));
+ $this->assertTrue($groupMemberModel->addUser(2, 5));
+ $this->assertTrue($groupMemberModel->addUser(3, 3));
+ $this->assertTrue($groupMemberModel->addUser(3, 2));
+
+ $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER));
+ $this->assertTrue($groupRoleModel->addGroup(2, 2, Role::PROJECT_MEMBER));
+ $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER));
+
+ $projects = $groupRoleModel->getProjectsByUser(2, array(Project::ACTIVE));
+ $this->assertCount(0, $projects);
+
+ $projects = $groupRoleModel->getProjectsByUser(3, array(Project::ACTIVE));
+ $this->assertCount(0, $projects);
+
+ $projects = $groupRoleModel->getProjectsByUser(4, array(Project::ACTIVE));
+ $this->assertCount(0, $projects);
+
+ $projects = $groupRoleModel->getProjectsByUser(5, array(Project::ACTIVE));
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 2', $projects[2]);
+ }
+
+ public function testGetInactiveProjectsByUser()
+ {
+ $userModel = new User($this->container);
+ $projectModel = new Project($this->container);
+ $groupModel = new Group($this->container);
+ $groupMemberModel = new GroupMember($this->container);
+ $groupRoleModel = new ProjectGroupRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1', 'is_active' => 0)));
+ $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2')));
+
+ $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1')));
+ $this->assertEquals(3, $userModel->create(array('username' => 'user 2')));
+ $this->assertEquals(4, $userModel->create(array('username' => 'user 3')));
+ $this->assertEquals(5, $userModel->create(array('username' => 'user 4')));
+
+ $this->assertEquals(1, $groupModel->create('Group C'));
+ $this->assertEquals(2, $groupModel->create('Group B'));
+ $this->assertEquals(3, $groupModel->create('Group A'));
+
+ $this->assertTrue($groupMemberModel->addUser(1, 4));
+ $this->assertTrue($groupMemberModel->addUser(2, 5));
+ $this->assertTrue($groupMemberModel->addUser(3, 3));
+ $this->assertTrue($groupMemberModel->addUser(3, 2));
+
+ $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER));
+ $this->assertTrue($groupRoleModel->addGroup(2, 2, Role::PROJECT_MEMBER));
+ $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER));
+
+ $projects = $groupRoleModel->getProjectsByUser(2, array(Project::INACTIVE));
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 1', $projects[1]);
+
+ $projects = $groupRoleModel->getProjectsByUser(3, array(Project::INACTIVE));
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 1', $projects[1]);
+
+ $projects = $groupRoleModel->getProjectsByUser(4, array(Project::INACTIVE));
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 1', $projects[1]);
+
+ $projects = $groupRoleModel->getProjectsByUser(5, array(Project::INACTIVE));
+ $this->assertCount(0, $projects);
+ }
+}
diff --git a/tests/units/Model/ProjectPermissionTest.php b/tests/units/Model/ProjectPermissionTest.php
index 1ee63a76..8f118cd9 100644
--- a/tests/units/Model/ProjectPermissionTest.php
+++ b/tests/units/Model/ProjectPermissionTest.php
@@ -2,286 +2,54 @@
require_once __DIR__.'/../Base.php';
-use Kanboard\Model\Project;
use Kanboard\Model\ProjectPermission;
+use Kanboard\Model\Project;
use Kanboard\Model\User;
+use Kanboard\Model\Group;
+use Kanboard\Model\GroupMember;
+use Kanboard\Model\ProjectGroupRole;
+use Kanboard\Model\ProjectUserRole;
+use Kanboard\Core\Security\Role;
class ProjectPermissionTest extends Base
{
- public function testAllowEverybody()
- {
- $user = new User($this->container);
- $this->assertNotFalse($user->create(array('username' => 'unittest#1', 'password' => 'unittest')));
- $this->assertNotFalse($user->create(array('username' => 'unittest#2', 'password' => 'unittest')));
-
- $p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
-
- $this->assertEquals(1, $p->create(array('name' => 'UnitTest')));
- $this->assertFalse($pp->isEverybodyAllowed(1));
- $this->assertTrue($pp->isUserAllowed(1, 1));
- $this->assertFalse($pp->isUserAllowed(1, 2));
- $this->assertFalse($pp->isUserAllowed(1, 3));
- $this->assertEquals(array(), $pp->getMembers(1));
- $this->assertEquals(array('Unassigned'), $pp->getMemberList(1));
-
- $this->assertEmpty($pp->getMemberProjects(1));
- $this->assertEmpty($pp->getMemberProjects(2));
- $this->assertEmpty($pp->getMemberProjects(3));
-
- $this->assertEmpty($pp->getMemberProjectIds(1));
- $this->assertEmpty($pp->getMemberProjectIds(2));
- $this->assertEmpty($pp->getMemberProjectIds(3));
-
- $this->assertEmpty($pp->getActiveMemberProjectIds(1));
- $this->assertEmpty($pp->getActiveMemberProjectIds(2));
- $this->assertEmpty($pp->getActiveMemberProjectIds(3));
-
- $this->assertEmpty($pp->getActiveMemberProjects(1));
- $this->assertEmpty($pp->getActiveMemberProjects(2));
- $this->assertEmpty($pp->getActiveMemberProjects(3));
-
- $this->assertTrue($p->update(array('id' => 1, 'is_everybody_allowed' => 1)));
- $this->assertTrue($pp->isEverybodyAllowed(1));
- $this->assertTrue($pp->isUserAllowed(1, 1));
- $this->assertTrue($pp->isUserAllowed(1, 2));
- $this->assertTrue($pp->isUserAllowed(1, 3));
- $this->assertEquals(array('1' => 'admin', '2' => 'unittest#1', '3' => 'unittest#2'), $pp->getMembers(1));
- $this->assertEquals(array('Unassigned', '1' => 'admin', '2' => 'unittest#1', '3' => 'unittest#2'), $pp->getMemberList(1));
-
- $this->assertNotEmpty($pp->getMemberProjects(1));
- $this->assertNotEmpty($pp->getMemberProjects(2));
- $this->assertNotEmpty($pp->getMemberProjects(3));
-
- $this->assertNotEmpty($pp->getMemberProjectIds(1));
- $this->assertNotEmpty($pp->getMemberProjectIds(2));
- $this->assertNotEmpty($pp->getMemberProjectIds(3));
-
- $this->assertNotEmpty($pp->getActiveMemberProjectIds(1));
- $this->assertNotEmpty($pp->getActiveMemberProjectIds(2));
- $this->assertNotEmpty($pp->getActiveMemberProjectIds(3));
-
- $this->assertNotEmpty($pp->getActiveMemberProjects(1));
- $this->assertNotEmpty($pp->getActiveMemberProjects(2));
- $this->assertNotEmpty($pp->getActiveMemberProjects(3));
-
- $this->assertTrue($p->disable(1));
-
- $this->assertEmpty($pp->getActiveMemberProjectIds(1));
- $this->assertEmpty($pp->getActiveMemberProjectIds(2));
- $this->assertEmpty($pp->getActiveMemberProjectIds(3));
-
- $this->assertEmpty($pp->getActiveMemberProjects(1));
- $this->assertEmpty($pp->getActiveMemberProjects(2));
- $this->assertEmpty($pp->getActiveMemberProjects(3));
- }
-
- public function testDisallowEverybody()
- {
- // We create a regular user
- $user = new User($this->container);
- $user->create(array('username' => 'unittest', 'password' => 'unittest'));
-
- $p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
-
- $this->assertEquals(1, $p->create(array('name' => 'UnitTest')));
-
- $this->assertEmpty($pp->getMembers(1)); // Nobody is specified for the given project
- $this->assertTrue($pp->isUserAllowed(1, 1)); // Admin should be allowed
- $this->assertFalse($pp->isUserAllowed(1, 2)); // Regular user should be denied
- }
-
- public function testAllowUser()
- {
- $p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
- $user = new User($this->container);
-
- $this->assertNotFalse($user->create(array('username' => 'unittest', 'password' => 'unittest')));
-
- // We create a project
- $this->assertEquals(1, $p->create(array('name' => 'UnitTest')));
-
- $this->assertEmpty($pp->getMemberProjects(1));
- $this->assertEmpty($pp->getMemberProjects(2));
-
- $this->assertEmpty($pp->getMemberProjectIds(1));
- $this->assertEmpty($pp->getMemberProjectIds(2));
-
- $this->assertEmpty($pp->getActiveMemberProjectIds(1));
- $this->assertEmpty($pp->getActiveMemberProjectIds(2));
-
- $this->assertEmpty($pp->getActiveMemberProjects(1));
- $this->assertEmpty($pp->getActiveMemberProjects(2));
-
- // We allow the admin user
- $this->assertTrue($pp->addMember(1, 1));
- $this->assertTrue($pp->addMember(1, 2));
-
- // Non-existant project
- $this->assertFalse($pp->addMember(50, 1));
-
- // Non-existant user
- $this->assertFalse($pp->addMember(1, 50));
-
- // Both users should be allowed
- $this->assertEquals(array('1' => 'admin', '2' => 'unittest'), $pp->getMembers(1));
- $this->assertTrue($pp->isUserAllowed(1, 1));
- $this->assertTrue($pp->isUserAllowed(1, 2));
-
- $this->assertNotEmpty($pp->getMemberProjects(1));
- $this->assertNotEmpty($pp->getMemberProjects(2));
-
- $this->assertNotEmpty($pp->getMemberProjectIds(1));
- $this->assertNotEmpty($pp->getMemberProjectIds(2));
-
- $this->assertNotEmpty($pp->getActiveMemberProjectIds(1));
- $this->assertNotEmpty($pp->getActiveMemberProjectIds(2));
-
- $this->assertNotEmpty($pp->getActiveMemberProjects(1));
- $this->assertNotEmpty($pp->getActiveMemberProjects(2));
- }
-
- public function testRevokeUser()
- {
- $p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
- $user = new User($this->container);
-
- $user->create(array('username' => 'unittest', 'password' => 'unittest'));
-
- // We create a project
- $this->assertEquals(1, $p->create(array('name' => 'UnitTest')));
-
- // We revoke our admin user (not existing row)
- $this->assertFalse($pp->revokeMember(1, 1));
-
- // We should have nobody in the users list
- $this->assertEmpty($pp->getMembers(1));
-
- // Only admin is allowed
- $this->assertTrue($pp->isUserAllowed(1, 1));
- $this->assertFalse($pp->isUserAllowed(1, 2));
-
- // We allow only the regular user
- $this->assertTrue($pp->addMember(1, 2));
-
- // All users should be allowed (admin and regular)
- $this->assertTrue($pp->isUserAllowed(1, 1));
- $this->assertTrue($pp->isUserAllowed(1, 2));
-
- // However, we should have only our regular user in the list
- $this->assertEquals(array('2' => 'unittest'), $pp->getMembers(1));
-
- // We allow our admin, we should have both in the list
- $this->assertTrue($pp->addMember(1, 1));
- $this->assertEquals(array('1' => 'admin', '2' => 'unittest'), $pp->getMembers(1));
- $this->assertTrue($pp->isUserAllowed(1, 1));
- $this->assertTrue($pp->isUserAllowed(1, 2));
-
- // We revoke the regular user
- $this->assertTrue($pp->revokeMember(1, 2));
-
- // Only admin should be allowed
- $this->assertTrue($pp->isUserAllowed(1, 1));
- $this->assertFalse($pp->isUserAllowed(1, 2));
-
- // We should have only admin in the list
- $this->assertEquals(array('1' => 'admin'), $pp->getMembers(1));
-
- // We revoke the admin user
- $this->assertTrue($pp->revokeMember(1, 1));
- $this->assertEmpty($pp->getMembers(1));
-
- // Only admin should be allowed again
- $this->assertTrue($pp->isUserAllowed(1, 1));
- $this->assertFalse($pp->isUserAllowed(1, 2));
- }
-
- public function testManager()
- {
- $p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
- $u = new User($this->container);
-
- $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest')));
-
- $this->assertEquals(1, $p->create(array('name' => 'UnitTest1')));
- $this->assertFalse($pp->isMember(1, 2));
- $this->assertFalse($pp->isManager(1, 2));
-
- $this->assertEquals(2, $p->create(array('name' => 'UnitTest2'), 1, true));
- $this->assertFalse($pp->isMember(2, 2));
- $this->assertFalse($pp->isManager(2, 2));
-
- $this->assertEquals(3, $p->create(array('name' => 'UnitTest3'), 2, true));
- $this->assertTrue($pp->isMember(3, 2));
- $this->assertTrue($pp->isManager(3, 2));
-
- $this->assertEquals(4, $p->create(array('name' => 'UnitTest4')));
-
- $this->assertTrue($pp->addManager(4, 2));
- $this->assertTrue($pp->isMember(4, 2));
- $this->assertTrue($pp->isManager(4, 2));
-
- $this->assertEquals(5, $p->create(array('name' => 'UnitTest5')));
- $this->assertTrue($pp->addMember(5, 2));
- $this->assertTrue($pp->changeRole(5, 2, 1));
- $this->assertTrue($pp->isMember(5, 2));
- $this->assertTrue($pp->isManager(5, 2));
- $this->assertTrue($pp->changeRole(5, 2, 0));
- $this->assertTrue($pp->isMember(5, 2));
- $this->assertFalse($pp->isManager(5, 2));
- }
-
- public function testUsersList()
+ public function testDuplicate()
{
- $p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
-
- $user = new User($this->container);
- $this->assertNotFalse($user->create(array('username' => 'unittest', 'password' => 'unittest')));
-
- // We create project
- $this->assertEquals(1, $p->create(array('name' => 'UnitTest')));
-
- // No restriction, we should have no body
- $this->assertEquals(
- array('Unassigned'),
- $pp->getMemberList(1)
- );
-
- // We allow only the regular user
- $this->assertTrue($pp->addMember(1, 2));
-
- $this->assertEquals(
- array(0 => 'Unassigned', 2 => 'unittest'),
- $pp->getMemberList(1)
- );
-
- // We allow the admin user
- $this->assertTrue($pp->addMember(1, 1));
-
- $this->assertEquals(
- array(0 => 'Unassigned', 1 => 'admin', 2 => 'unittest'),
- $pp->getMemberList(1)
- );
-
- // We revoke only the regular user
- $this->assertTrue($pp->revokeMember(1, 2));
-
- $this->assertEquals(
- array(0 => 'Unassigned', 1 => 'admin'),
- $pp->getMemberList(1)
- );
-
- // We revoke only the admin user, we should have everybody
- $this->assertTrue($pp->revokeMember(1, 1));
-
- $this->assertEquals(
- array(0 => 'Unassigned'),
- $pp->getMemberList(1)
- );
+ $userModel = new User($this->container);
+ $projectModel = new Project($this->container);
+ $groupModel = new Group($this->container);
+ $groupMemberModel = new GroupMember($this->container);
+ $groupRoleModel = new ProjectGroupRole($this->container);
+ $userRoleModel = new ProjectUserRole($this->container);
+ $projectPermission = new ProjectPermission($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1')));
+ $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2')));
+
+ $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1')));
+ $this->assertEquals(3, $userModel->create(array('username' => 'user 2')));
+ $this->assertEquals(4, $userModel->create(array('username' => 'user 3')));
+ $this->assertEquals(5, $userModel->create(array('username' => 'user 4')));
+ $this->assertEquals(6, $userModel->create(array('username' => 'user 5', 'name' => 'User #5')));
+
+ $this->assertEquals(1, $groupModel->create('Group C'));
+ $this->assertEquals(2, $groupModel->create('Group B'));
+ $this->assertEquals(3, $groupModel->create('Group A'));
+
+ $this->assertTrue($groupMemberModel->addUser(1, 4));
+ $this->assertTrue($groupMemberModel->addUser(2, 5));
+ $this->assertTrue($groupMemberModel->addUser(3, 3));
+ $this->assertTrue($groupMemberModel->addUser(3, 2));
+
+ $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER));
+ $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER));
+
+ $this->assertTrue($userRoleModel->addUser(1, 5, Role::PROJECT_MANAGER));
+ $this->assertTrue($userRoleModel->addUser(1, 6, Role::PROJECT_MEMBER));
+
+ $this->assertTrue($projectPermission->duplicate(1, 2));
+
+ $this->assertCount(2, $userRoleModel->getUsers(2));
+ $this->assertCount(3, $groupRoleModel->getUsers(2));
}
}
diff --git a/tests/units/Model/ProjectTest.php b/tests/units/Model/ProjectTest.php
index 56791700..4d8e6fc7 100644
--- a/tests/units/Model/ProjectTest.php
+++ b/tests/units/Model/ProjectTest.php
@@ -5,7 +5,6 @@ require_once __DIR__.'/../Base.php';
use Kanboard\Core\Translator;
use Kanboard\Subscriber\ProjectModificationDateSubscriber;
use Kanboard\Model\Project;
-use Kanboard\Model\ProjectPermission;
use Kanboard\Model\User;
use Kanboard\Model\Task;
use Kanboard\Model\TaskCreation;
diff --git a/tests/units/Model/ProjectUserRoleTest.php b/tests/units/Model/ProjectUserRoleTest.php
new file mode 100644
index 00000000..c6b4eb7c
--- /dev/null
+++ b/tests/units/Model/ProjectUserRoleTest.php
@@ -0,0 +1,400 @@
+<?php
+
+require_once __DIR__.'/../Base.php';
+
+use Kanboard\Model\Project;
+use Kanboard\Model\User;
+use Kanboard\Model\Group;
+use Kanboard\Model\GroupMember;
+use Kanboard\Model\ProjectGroupRole;
+use Kanboard\Model\ProjectUserRole;
+use Kanboard\Core\Security\Role;
+
+class ProjectUserRoleTest extends Base
+{
+ public function testAddUser()
+ {
+ $projectModel = new Project($this->container);
+ $userRoleModel = new ProjectUserRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Test')));
+
+ $this->assertTrue($userRoleModel->addUser(1, 1, Role::PROJECT_VIEWER));
+ $this->assertFalse($userRoleModel->addUser(1, 1, Role::PROJECT_VIEWER));
+
+ $users = $userRoleModel->getUsers(1);
+ $this->assertCount(1, $users);
+ $this->assertEquals(1, $users[0]['id']);
+ $this->assertEquals('admin', $users[0]['username']);
+ $this->assertEquals('', $users[0]['name']);
+ $this->assertEquals(Role::PROJECT_VIEWER, $users[0]['role']);
+ }
+
+ public function testRemoveUser()
+ {
+ $projectModel = new Project($this->container);
+ $userRoleModel = new ProjectUserRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Test')));
+
+ $this->assertTrue($userRoleModel->addUser(1, 1, Role::PROJECT_MEMBER));
+ $this->assertTrue($userRoleModel->removeUser(1, 1));
+ $this->assertFalse($userRoleModel->removeUser(1, 1));
+
+ $this->assertEmpty($userRoleModel->getUsers(1));
+ }
+
+ public function testChangeRole()
+ {
+ $projectModel = new Project($this->container);
+ $userRoleModel = new ProjectUserRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Test')));
+
+ $this->assertTrue($userRoleModel->addUser(1, 1, Role::PROJECT_VIEWER));
+ $this->assertTrue($userRoleModel->changeUserRole(1, 1, Role::PROJECT_MANAGER));
+
+ $users = $userRoleModel->getUsers(1);
+ $this->assertCount(1, $users);
+ $this->assertEquals(1, $users[0]['id']);
+ $this->assertEquals('admin', $users[0]['username']);
+ $this->assertEquals('', $users[0]['name']);
+ $this->assertEquals(Role::PROJECT_MANAGER, $users[0]['role']);
+ }
+
+ public function testGetRole()
+ {
+ $projectModel = new Project($this->container);
+ $userRoleModel = new ProjectUserRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Test')));
+ $this->assertEmpty($userRoleModel->getUserRole(1, 1));
+
+ $this->assertTrue($userRoleModel->addUser(1, 1, Role::PROJECT_VIEWER));
+ $this->assertEquals(Role::PROJECT_VIEWER, $userRoleModel->getUserRole(1, 1));
+
+ $this->assertTrue($userRoleModel->changeUserRole(1, 1, Role::PROJECT_MEMBER));
+ $this->assertEquals(Role::PROJECT_MEMBER, $userRoleModel->getUserRole(1, 1));
+
+ $this->assertTrue($userRoleModel->changeUserRole(1, 1, Role::PROJECT_MANAGER));
+ $this->assertEquals(Role::PROJECT_MANAGER, $userRoleModel->getUserRole(1, 1));
+
+ $this->assertEquals('', $userRoleModel->getUserRole(1, 2));
+ }
+
+ public function testGetRoleWithGroups()
+ {
+ $projectModel = new Project($this->container);
+ $groupModel = new Group($this->container);
+ $groupRoleModel = new ProjectGroupRole($this->container);
+ $groupMemberModel = new GroupMember($this->container);
+ $userRoleModel = new ProjectUserRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Test')));
+ $this->assertEquals(1, $groupModel->create('Group A'));
+
+ $this->assertTrue($groupMemberModel->addUser(1, 1));
+ $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER));
+
+ $this->assertEquals(Role::PROJECT_VIEWER, $userRoleModel->getUserRole(1, 1));
+ $this->assertEquals('', $userRoleModel->getUserRole(1, 2));
+ }
+
+ public function testGetAssignableUsersWithoutGroups()
+ {
+ $projectModel = new Project($this->container);
+ $userModel = new User($this->container);
+ $userRoleModel = new ProjectUserRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Test')));
+ $this->assertEquals(2, $userModel->create(array('username' => 'user1', 'name' => 'User1')));
+ $this->assertEquals(3, $userModel->create(array('username' => 'user2', 'name' => 'User2')));
+
+ $this->assertTrue($userRoleModel->addUser(1, 1, Role::PROJECT_MEMBER));
+ $this->assertTrue($userRoleModel->addUser(1, 2, Role::PROJECT_MANAGER));
+ $this->assertTrue($userRoleModel->addUser(1, 3, Role::PROJECT_VIEWER));
+
+ $users = $userRoleModel->getAssignableUsers(1);
+ $this->assertCount(2, $users);
+
+ $this->assertEquals('admin', $users[1]);
+ $this->assertEquals('User1', $users[2]);
+ }
+
+ public function testGetAssignableUsersWithGroups()
+ {
+ $projectModel = new Project($this->container);
+ $userModel = new User($this->container);
+ $groupModel = new Group($this->container);
+ $userRoleModel = new ProjectUserRole($this->container);
+ $groupRoleModel = new ProjectGroupRole($this->container);
+ $groupMemberModel = new GroupMember($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Test')));
+
+ $this->assertEquals(2, $userModel->create(array('username' => 'user1', 'name' => 'User1')));
+ $this->assertEquals(3, $userModel->create(array('username' => 'user2', 'name' => 'User2')));
+ $this->assertEquals(4, $userModel->create(array('username' => 'user3', 'name' => 'User3')));
+ $this->assertEquals(5, $userModel->create(array('username' => 'user4', 'name' => 'User4')));
+
+ $this->assertTrue($userRoleModel->addUser(1, 1, Role::PROJECT_MEMBER));
+ $this->assertTrue($userRoleModel->addUser(1, 2, Role::PROJECT_MANAGER));
+ $this->assertTrue($userRoleModel->addUser(1, 3, Role::PROJECT_VIEWER));
+
+ $this->assertEquals(1, $groupModel->create('Group A'));
+ $this->assertEquals(2, $groupModel->create('Group B'));
+
+ $this->assertTrue($groupMemberModel->addUser(1, 4));
+ $this->assertTrue($groupMemberModel->addUser(2, 5));
+
+ $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER));
+ $this->assertTrue($groupRoleModel->addGroup(1, 2, Role::PROJECT_MEMBER));
+
+ $users = $userRoleModel->getAssignableUsers(1);
+ $this->assertCount(3, $users);
+
+ $this->assertEquals('admin', $users[1]);
+ $this->assertEquals('User1', $users[2]);
+ $this->assertEquals('User4', $users[5]);
+ }
+
+ public function testGetAssignableUsersList()
+ {
+ $projectModel = new Project($this->container);
+ $userModel = new User($this->container);
+ $userRoleModel = new ProjectUserRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Test1')));
+ $this->assertEquals(2, $projectModel->create(array('name' => 'Test2')));
+
+ $this->assertEquals(2, $userModel->create(array('username' => 'user1', 'name' => 'User1')));
+ $this->assertEquals(3, $userModel->create(array('username' => 'user2', 'name' => 'User2')));
+
+ $this->assertTrue($userRoleModel->addUser(2, 1, Role::PROJECT_MEMBER));
+ $this->assertTrue($userRoleModel->addUser(1, 1, Role::PROJECT_MEMBER));
+ $this->assertTrue($userRoleModel->addUser(1, 2, Role::PROJECT_MANAGER));
+ $this->assertTrue($userRoleModel->addUser(1, 3, Role::PROJECT_VIEWER));
+
+ $users = $userRoleModel->getAssignableUsersList(1);
+ $this->assertCount(3, $users);
+
+ $this->assertEquals('Unassigned', $users[0]);
+ $this->assertEquals('admin', $users[1]);
+ $this->assertEquals('User1', $users[2]);
+
+ $users = $userRoleModel->getAssignableUsersList(1, true, true, true);
+ $this->assertCount(4, $users);
+
+ $this->assertEquals('Unassigned', $users[0]);
+ $this->assertEquals('Everybody', $users[-1]);
+ $this->assertEquals('admin', $users[1]);
+ $this->assertEquals('User1', $users[2]);
+
+ $users = $userRoleModel->getAssignableUsersList(2, true, true, true);
+ $this->assertCount(1, $users);
+
+ $this->assertEquals('admin', $users[1]);
+ }
+
+ public function testGetAssignableUsersWithEverybodyAllowed()
+ {
+ $projectModel = new Project($this->container);
+ $userModel = new User($this->container);
+ $userRoleModel = new ProjectUserRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Test', 'is_everybody_allowed' => 1)));
+
+ $this->assertEquals(2, $userModel->create(array('username' => 'user1', 'name' => 'User1')));
+ $this->assertEquals(3, $userModel->create(array('username' => 'user2', 'name' => 'User2')));
+ $this->assertEquals(4, $userModel->create(array('username' => 'user3', 'name' => 'User3')));
+ $this->assertEquals(5, $userModel->create(array('username' => 'user4', 'name' => 'User4')));
+
+ $users = $userRoleModel->getAssignableUsers(1);
+ $this->assertCount(5, $users);
+
+ $this->assertEquals('admin', $users[1]);
+ $this->assertEquals('User1', $users[2]);
+ $this->assertEquals('User2', $users[3]);
+ $this->assertEquals('User3', $users[4]);
+ $this->assertEquals('User4', $users[5]);
+ }
+
+ public function testGetProjectsByUser()
+ {
+ $userModel = new User($this->container);
+ $projectModel = new Project($this->container);
+ $groupModel = new Group($this->container);
+ $groupMemberModel = new GroupMember($this->container);
+ $groupRoleModel = new ProjectGroupRole($this->container);
+ $userRoleModel = new ProjectUserRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1')));
+ $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2')));
+
+ $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1')));
+ $this->assertEquals(3, $userModel->create(array('username' => 'user 2')));
+ $this->assertEquals(4, $userModel->create(array('username' => 'user 3')));
+ $this->assertEquals(5, $userModel->create(array('username' => 'user 4')));
+ $this->assertEquals(6, $userModel->create(array('username' => 'user 5', 'name' => 'User #5')));
+ $this->assertEquals(7, $userModel->create(array('username' => 'user 6')));
+
+ $this->assertEquals(1, $groupModel->create('Group C'));
+ $this->assertEquals(2, $groupModel->create('Group B'));
+ $this->assertEquals(3, $groupModel->create('Group A'));
+
+ $this->assertTrue($groupMemberModel->addUser(1, 4));
+ $this->assertTrue($groupMemberModel->addUser(2, 5));
+ $this->assertTrue($groupMemberModel->addUser(3, 3));
+ $this->assertTrue($groupMemberModel->addUser(3, 2));
+
+ $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER));
+ $this->assertTrue($groupRoleModel->addGroup(2, 2, Role::PROJECT_MEMBER));
+ $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER));
+
+ $this->assertTrue($userRoleModel->addUser(1, 6, Role::PROJECT_MANAGER));
+ $this->assertTrue($userRoleModel->addUser(2, 6, Role::PROJECT_MEMBER));
+ $this->assertTrue($userRoleModel->addUser(2, 7, Role::PROJECT_MEMBER));
+
+ $projects = $userRoleModel->getProjectsByUser(2);
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 1', $projects[1]);
+
+ $projects = $userRoleModel->getProjectsByUser(3);
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 1', $projects[1]);
+
+ $projects = $userRoleModel->getProjectsByUser(4);
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 1', $projects[1]);
+
+ $projects = $userRoleModel->getProjectsByUser(5);
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 2', $projects[2]);
+
+ $projects = $userRoleModel->getProjectsByUser(6);
+ $this->assertCount(2, $projects);
+ $this->assertEquals('Project 1', $projects[1]);
+ $this->assertEquals('Project 2', $projects[2]);
+
+ $projects = $userRoleModel->getProjectsByUser(7);
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 2', $projects[2]);
+ }
+
+ public function testGetActiveProjectsByUser()
+ {
+ $userModel = new User($this->container);
+ $projectModel = new Project($this->container);
+ $groupModel = new Group($this->container);
+ $groupMemberModel = new GroupMember($this->container);
+ $groupRoleModel = new ProjectGroupRole($this->container);
+ $userRoleModel = new ProjectUserRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1', 'is_active' => 0)));
+ $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2')));
+
+ $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1')));
+ $this->assertEquals(3, $userModel->create(array('username' => 'user 2')));
+ $this->assertEquals(4, $userModel->create(array('username' => 'user 3')));
+ $this->assertEquals(5, $userModel->create(array('username' => 'user 4')));
+ $this->assertEquals(6, $userModel->create(array('username' => 'user 5', 'name' => 'User #5')));
+ $this->assertEquals(7, $userModel->create(array('username' => 'user 6')));
+
+ $this->assertEquals(1, $groupModel->create('Group C'));
+ $this->assertEquals(2, $groupModel->create('Group B'));
+ $this->assertEquals(3, $groupModel->create('Group A'));
+
+ $this->assertTrue($groupMemberModel->addUser(1, 4));
+ $this->assertTrue($groupMemberModel->addUser(2, 5));
+ $this->assertTrue($groupMemberModel->addUser(3, 3));
+ $this->assertTrue($groupMemberModel->addUser(3, 2));
+
+ $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER));
+ $this->assertTrue($groupRoleModel->addGroup(2, 2, Role::PROJECT_MEMBER));
+ $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER));
+
+ $this->assertTrue($userRoleModel->addUser(1, 6, Role::PROJECT_MANAGER));
+ $this->assertTrue($userRoleModel->addUser(2, 6, Role::PROJECT_MEMBER));
+ $this->assertTrue($userRoleModel->addUser(2, 7, Role::PROJECT_MEMBER));
+
+ $projects = $userRoleModel->getProjectsByUser(2, array(Project::ACTIVE));
+ $this->assertCount(0, $projects);
+
+ $projects = $userRoleModel->getProjectsByUser(3, array(Project::ACTIVE));
+ $this->assertCount(0, $projects);
+
+ $projects = $userRoleModel->getProjectsByUser(4, array(Project::ACTIVE));
+ $this->assertCount(0, $projects);
+
+ $projects = $userRoleModel->getProjectsByUser(5, array(Project::ACTIVE));
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 2', $projects[2]);
+
+ $projects = $userRoleModel->getProjectsByUser(6, array(Project::ACTIVE));
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 2', $projects[2]);
+
+ $projects = $userRoleModel->getProjectsByUser(7, array(Project::ACTIVE));
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 2', $projects[2]);
+ }
+
+ public function testGetInactiveProjectsByUser()
+ {
+ $userModel = new User($this->container);
+ $projectModel = new Project($this->container);
+ $groupModel = new Group($this->container);
+ $groupMemberModel = new GroupMember($this->container);
+ $groupRoleModel = new ProjectGroupRole($this->container);
+ $userRoleModel = new ProjectUserRole($this->container);
+
+ $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1', 'is_active' => 0)));
+ $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2')));
+
+ $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1')));
+ $this->assertEquals(3, $userModel->create(array('username' => 'user 2')));
+ $this->assertEquals(4, $userModel->create(array('username' => 'user 3')));
+ $this->assertEquals(5, $userModel->create(array('username' => 'user 4')));
+ $this->assertEquals(6, $userModel->create(array('username' => 'user 5', 'name' => 'User #5')));
+ $this->assertEquals(7, $userModel->create(array('username' => 'user 6')));
+
+ $this->assertEquals(1, $groupModel->create('Group C'));
+ $this->assertEquals(2, $groupModel->create('Group B'));
+ $this->assertEquals(3, $groupModel->create('Group A'));
+
+ $this->assertTrue($groupMemberModel->addUser(1, 4));
+ $this->assertTrue($groupMemberModel->addUser(2, 5));
+ $this->assertTrue($groupMemberModel->addUser(3, 3));
+ $this->assertTrue($groupMemberModel->addUser(3, 2));
+
+ $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER));
+ $this->assertTrue($groupRoleModel->addGroup(2, 2, Role::PROJECT_MEMBER));
+ $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER));
+
+ $this->assertTrue($userRoleModel->addUser(1, 6, Role::PROJECT_MANAGER));
+ $this->assertTrue($userRoleModel->addUser(2, 6, Role::PROJECT_MEMBER));
+ $this->assertTrue($userRoleModel->addUser(2, 7, Role::PROJECT_MEMBER));
+
+ $projects = $userRoleModel->getProjectsByUser(2, array(Project::INACTIVE));
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 1', $projects[1]);
+
+ $projects = $userRoleModel->getProjectsByUser(3, array(Project::INACTIVE));
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 1', $projects[1]);
+
+ $projects = $userRoleModel->getProjectsByUser(4, array(Project::INACTIVE));
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 1', $projects[1]);
+
+ $projects = $userRoleModel->getProjectsByUser(5, array(Project::INACTIVE));
+ $this->assertCount(0, $projects);
+
+ $projects = $userRoleModel->getProjectsByUser(6, array(Project::INACTIVE));
+ $this->assertCount(1, $projects);
+ $this->assertEquals('Project 1', $projects[1]);
+
+ $projects = $userRoleModel->getProjectsByUser(7, array(Project::INACTIVE));
+ $this->assertCount(0, $projects);
+ }
+}
diff --git a/tests/units/Model/SubtaskTest.php b/tests/units/Model/SubtaskTest.php
index e446e104..9be2dff4 100644
--- a/tests/units/Model/SubtaskTest.php
+++ b/tests/units/Model/SubtaskTest.php
@@ -8,7 +8,7 @@ use Kanboard\Model\Subtask;
use Kanboard\Model\Project;
use Kanboard\Model\Category;
use Kanboard\Model\User;
-use Kanboard\Model\UserSession;
+use Kanboard\Core\User\UserSession;
class SubtaskTest extends Base
{
diff --git a/tests/units/Model/TaskCreationTest.php b/tests/units/Model/TaskCreationTest.php
index 5de0a5cc..e35f1bc7 100644
--- a/tests/units/Model/TaskCreationTest.php
+++ b/tests/units/Model/TaskCreationTest.php
@@ -8,7 +8,6 @@ use Kanboard\Model\TaskCreation;
use Kanboard\Model\TaskFinder;
use Kanboard\Model\TaskStatus;
use Kanboard\Model\Project;
-use Kanboard\Model\ProjectPermission;
class TaskCreationTest extends Base
{
diff --git a/tests/units/Model/TaskDuplicationTest.php b/tests/units/Model/TaskDuplicationTest.php
index d65e8f28..798b3835 100644
--- a/tests/units/Model/TaskDuplicationTest.php
+++ b/tests/units/Model/TaskDuplicationTest.php
@@ -8,10 +8,11 @@ use Kanboard\Model\TaskDuplication;
use Kanboard\Model\TaskFinder;
use Kanboard\Model\TaskStatus;
use Kanboard\Model\Project;
-use Kanboard\Model\ProjectPermission;
+use Kanboard\Model\ProjectUserRole;
use Kanboard\Model\Category;
use Kanboard\Model\User;
use Kanboard\Model\Swimlane;
+use Kanboard\Core\Security\Role;
class TaskDuplicationTest extends Base
{
@@ -127,7 +128,7 @@ class TaskDuplicationTest extends Base
// Check the values of the duplicated task
$task = $tf->getById(2);
$this->assertNotEmpty($task);
- $this->assertEquals(1, $task['owner_id']);
+ $this->assertEquals(0, $task['owner_id']);
$this->assertEquals(0, $task['category_id']);
$this->assertEquals(0, $task['swimlane_id']);
$this->assertEquals(6, $task['column_id']);
@@ -333,7 +334,7 @@ class TaskDuplicationTest extends Base
$tc = new TaskCreation($this->container);
$tf = new TaskFinder($this->container);
$p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
+ $pp = new ProjectUserRole($this->container);
// We create 2 projects
$this->assertEquals(1, $p->create(array('name' => 'test1')));
@@ -357,10 +358,8 @@ class TaskDuplicationTest extends Base
// We create a new user for our project
$user = new User($this->container);
$this->assertNotFalse($user->create(array('username' => 'unittest#1', 'password' => 'unittest')));
- $this->assertTrue($pp->addMember(1, 2));
- $this->assertTrue($pp->addMember(2, 2));
- $this->assertTrue($pp->isUserAllowed(1, 2));
- $this->assertTrue($pp->isUserAllowed(2, 2));
+ $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER));
+ $this->assertTrue($pp->addUser(2, 2, Role::PROJECT_MEMBER));
// We duplicate our task to the 2nd project
$this->assertEquals(3, $td->duplicateToProject(1, 2));
@@ -391,7 +390,7 @@ class TaskDuplicationTest extends Base
$tc = new TaskCreation($this->container);
$tf = new TaskFinder($this->container);
$p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
+ $pr = new ProjectUserRole($this->container);
// We create 2 projects
$this->assertEquals(1, $p->create(array('name' => 'test1')));
@@ -399,6 +398,7 @@ class TaskDuplicationTest extends Base
// We create a task
$this->assertEquals(1, $tc->create(array('title' => 'test', 'project_id' => 1, 'column_id' => 2, 'owner_id' => 2)));
+ $this->assertTrue($pr->addUser(2, 1, Role::PROJECT_MEMBER));
// We duplicate our task to the 2nd project
$this->assertEquals(2, $td->duplicateToProject(1, 2, null, null, null, 1));
@@ -425,7 +425,6 @@ class TaskDuplicationTest extends Base
$tc = new TaskCreation($this->container);
$tf = new TaskFinder($this->container);
$p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
$user = new User($this->container);
// We create 2 projects
@@ -446,7 +445,7 @@ class TaskDuplicationTest extends Base
// Check the values of the moved task
$task = $tf->getById(1);
$this->assertNotEmpty($task);
- $this->assertEquals(1, $task['owner_id']);
+ $this->assertEquals(0, $task['owner_id']);
$this->assertEquals(0, $task['category_id']);
$this->assertEquals(0, $task['swimlane_id']);
$this->assertEquals(2, $task['project_id']);
@@ -496,7 +495,7 @@ class TaskDuplicationTest extends Base
$tc = new TaskCreation($this->container);
$tf = new TaskFinder($this->container);
$p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
+ $pp = new ProjectUserRole($this->container);
$user = new User($this->container);
// We create 2 projects
@@ -505,10 +504,8 @@ class TaskDuplicationTest extends Base
// We create a new user for our project
$this->assertNotFalse($user->create(array('username' => 'unittest#1', 'password' => 'unittest')));
- $this->assertTrue($pp->addMember(1, 2));
- $this->assertTrue($pp->addMember(2, 2));
- $this->assertTrue($pp->isUserAllowed(1, 2));
- $this->assertTrue($pp->isUserAllowed(2, 2));
+ $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER));
+ $this->assertTrue($pp->addUser(2, 2, Role::PROJECT_MEMBER));
// We create a task
$this->assertEquals(1, $tc->create(array('title' => 'test', 'project_id' => 1, 'column_id' => 2, 'owner_id' => 2)));
@@ -531,7 +528,7 @@ class TaskDuplicationTest extends Base
$tc = new TaskCreation($this->container);
$tf = new TaskFinder($this->container);
$p = new Project($this->container);
- $pp = new ProjectPermission($this->container);
+ $pp = new ProjectUserRole($this->container);
$user = new User($this->container);
// We create 2 projects
@@ -540,10 +537,8 @@ class TaskDuplicationTest extends Base
// We create a new user for our project
$this->assertNotFalse($user->create(array('username' => 'unittest#1', 'password' => 'unittest')));
- $this->assertTrue($pp->addMember(1, 2));
- $this->assertTrue($pp->addMember(2, 2));
- $this->assertTrue($pp->isUserAllowed(1, 2));
- $this->assertTrue($pp->isUserAllowed(2, 2));
+ $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER));
+ $this->assertTrue($pp->addUser(2, 2, Role::PROJECT_MEMBER));
// We create a task
$this->assertEquals(1, $tc->create(array('title' => 'test', 'project_id' => 1, 'column_id' => 2, 'owner_id' => 3)));
diff --git a/tests/units/Model/TaskFinderTest.php b/tests/units/Model/TaskFinderTest.php
index e22f14e1..b21a4ea3 100644
--- a/tests/units/Model/TaskFinderTest.php
+++ b/tests/units/Model/TaskFinderTest.php
@@ -6,7 +6,6 @@ use Kanboard\Model\Task;
use Kanboard\Model\TaskCreation;
use Kanboard\Model\TaskFinder;
use Kanboard\Model\Project;
-use Kanboard\Model\ProjectPermission;
use Kanboard\Model\Category;
use Kanboard\Model\User;
diff --git a/tests/units/Model/TaskModificationTest.php b/tests/units/Model/TaskModificationTest.php
index 49b51f9b..25a4952e 100644
--- a/tests/units/Model/TaskModificationTest.php
+++ b/tests/units/Model/TaskModificationTest.php
@@ -8,7 +8,6 @@ use Kanboard\Model\TaskModification;
use Kanboard\Model\TaskFinder;
use Kanboard\Model\TaskStatus;
use Kanboard\Model\Project;
-use Kanboard\Model\ProjectPermission;
class TaskModificationTest extends Base
{
diff --git a/tests/units/Model/TaskPermissionTest.php b/tests/units/Model/TaskPermissionTest.php
index 56886ee7..0b093bbb 100644
--- a/tests/units/Model/TaskPermissionTest.php
+++ b/tests/units/Model/TaskPermissionTest.php
@@ -9,7 +9,7 @@ use Kanboard\Model\TaskPermission;
use Kanboard\Model\Project;
use Kanboard\Model\Category;
use Kanboard\Model\User;
-use Kanboard\Model\UserSession;
+use Kanboard\Core\User\UserSession;
class TaskPermissionTest extends Base
{
diff --git a/tests/units/Model/TaskStatusTest.php b/tests/units/Model/TaskStatusTest.php
index de08ffb3..612afd23 100644
--- a/tests/units/Model/TaskStatusTest.php
+++ b/tests/units/Model/TaskStatusTest.php
@@ -8,7 +8,6 @@ use Kanboard\Model\TaskCreation;
use Kanboard\Model\TaskFinder;
use Kanboard\Model\TaskStatus;
use Kanboard\Model\Project;
-use Kanboard\Model\ProjectPermission;
class TaskStatusTest extends Base
{
diff --git a/tests/units/Model/TaskTest.php b/tests/units/Model/TaskTest.php
index 192dc098..60e752e5 100644
--- a/tests/units/Model/TaskTest.php
+++ b/tests/units/Model/TaskTest.php
@@ -7,7 +7,6 @@ use Kanboard\Model\TaskCreation;
use Kanboard\Model\TaskFinder;
use Kanboard\Model\TaskStatus;
use Kanboard\Model\Project;
-use Kanboard\Model\ProjectPermission;
use Kanboard\Model\Category;
use Kanboard\Model\User;
diff --git a/tests/units/Model/UserLockingTest.php b/tests/units/Model/UserLockingTest.php
new file mode 100644
index 00000000..c743f8eb
--- /dev/null
+++ b/tests/units/Model/UserLockingTest.php
@@ -0,0 +1,43 @@
+<?php
+
+require_once __DIR__.'/../Base.php';
+
+use Kanboard\Model\UserLocking;
+
+class UserLockingTest extends Base
+{
+ public function testFailedLogin()
+ {
+ $u = new UserLocking($this->container);
+
+ $this->assertEquals(0, $u->getFailedLogin('admin'));
+ $this->assertEquals(0, $u->getFailedLogin('not_found'));
+
+ $this->assertTrue($u->incrementFailedLogin('admin'));
+ $this->assertTrue($u->incrementFailedLogin('admin'));
+
+ $this->assertEquals(2, $u->getFailedLogin('admin'));
+ $this->assertTrue($u->resetFailedLogin('admin'));
+ $this->assertEquals(0, $u->getFailedLogin('admin'));
+ }
+
+ public function testLocking()
+ {
+ $u = new UserLocking($this->container);
+
+ $this->assertFalse($u->isLocked('admin'));
+ $this->assertFalse($u->isLocked('not_found'));
+ $this->assertTrue($u->lock('admin', 1));
+ $this->assertTrue($u->isLocked('admin'));
+ }
+
+ public function testCaptcha()
+ {
+ $u = new UserLocking($this->container);
+ $this->assertTrue($u->incrementFailedLogin('admin'));
+ $this->assertFalse($u->hasCaptcha('admin', 2));
+
+ $this->assertTrue($u->incrementFailedLogin('admin'));
+ $this->assertTrue($u->hasCaptcha('admin', 2));
+ }
+}
diff --git a/tests/units/Model/UserNotificationTest.php b/tests/units/Model/UserNotificationTest.php
index 729667de..bf3b1b3f 100644
--- a/tests/units/Model/UserNotificationTest.php
+++ b/tests/units/Model/UserNotificationTest.php
@@ -9,12 +9,14 @@ use Kanboard\Model\Comment;
use Kanboard\Model\User;
use Kanboard\Model\File;
use Kanboard\Model\Project;
-use Kanboard\Model\Task;
use Kanboard\Model\ProjectPermission;
+use Kanboard\Model\Task;
+use Kanboard\Model\ProjectUserRole;
use Kanboard\Model\UserNotification;
use Kanboard\Model\UserNotificationFilter;
use Kanboard\Model\UserNotificationType;
use Kanboard\Subscriber\UserNotificationSubscriber;
+use Kanboard\Core\Security\Role;
class UserNotificationTest extends Base
{
@@ -23,11 +25,11 @@ class UserNotificationTest extends Base
$u = new User($this->container);
$p = new Project($this->container);
$n = new UserNotification($this->container);
- $pp = new ProjectPermission($this->container);
+ $pp = new ProjectUserRole($this->container);
$this->assertEquals(1, $p->create(array('name' => 'UnitTest1')));
$this->assertEquals(2, $u->create(array('username' => 'user1')));
- $this->assertTrue($pp->addMember(1, 2));
+ $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER));
$this->assertEmpty($n->getUsersWithNotificationEnabled(1));
$n->enableNotification(2);
@@ -101,7 +103,7 @@ class UserNotificationTest extends Base
$u = new User($this->container);
$p = new Project($this->container);
$n = new UserNotification($this->container);
- $pp = new ProjectPermission($this->container);
+ $pp = new ProjectUserRole($this->container);
$this->assertEquals(1, $p->create(array('name' => 'UnitTest1')));
@@ -118,16 +120,16 @@ class UserNotificationTest extends Base
$this->assertNotFalse($u->create(array('username' => 'user4')));
// Nobody is member of any projects
- $this->assertEmpty($pp->getMembers(1));
+ $this->assertEmpty($pp->getUsers(1));
$this->assertEmpty($n->getUsersWithNotificationEnabled(1));
// We allow all users to be member of our projects
- $this->assertTrue($pp->addMember(1, 1));
- $this->assertTrue($pp->addMember(1, 2));
- $this->assertTrue($pp->addMember(1, 3));
- $this->assertTrue($pp->addMember(1, 4));
+ $this->assertTrue($pp->addUser(1, 1, Role::PROJECT_MEMBER));
+ $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER));
+ $this->assertTrue($pp->addUser(1, 3, Role::PROJECT_MEMBER));
+ $this->assertTrue($pp->addUser(1, 4, Role::PROJECT_MEMBER));
- $this->assertNotEmpty($pp->getMembers(1));
+ $this->assertNotEmpty($pp->getUsers(1));
$users = $n->getUsersWithNotificationEnabled(1);
$this->assertNotEmpty($users);
diff --git a/tests/units/Model/UserTest.php b/tests/units/Model/UserTest.php
index 90a80954..1d381006 100644
--- a/tests/units/Model/UserTest.php
+++ b/tests/units/Model/UserTest.php
@@ -9,34 +9,10 @@ use Kanboard\Model\Task;
use Kanboard\Model\TaskCreation;
use Kanboard\Model\TaskFinder;
use Kanboard\Model\Project;
+use Kanboard\Core\Security\Role;
class UserTest extends Base
{
- public function testFailedLogin()
- {
- $u = new User($this->container);
-
- $this->assertEquals(0, $u->getFailedLogin('admin'));
- $this->assertEquals(0, $u->getFailedLogin('not_found'));
-
- $this->assertTrue($u->incrementFailedLogin('admin'));
- $this->assertTrue($u->incrementFailedLogin('admin'));
-
- $this->assertEquals(2, $u->getFailedLogin('admin'));
- $this->assertTrue($u->resetFailedLogin('admin'));
- $this->assertEquals(0, $u->getFailedLogin('admin'));
- }
-
- public function testLocking()
- {
- $u = new User($this->container);
-
- $this->assertFalse($u->isLocked('admin'));
- $this->assertFalse($u->isLocked('not_found'));
- $this->assertTrue($u->lock('admin', 1));
- $this->assertTrue($u->isLocked('admin'));
- }
-
public function testGetByEmail()
{
$u = new User($this->container);
@@ -47,33 +23,27 @@ class UserTest extends Base
$this->assertEmpty($u->getByEmail(''));
}
- public function testGetByGitlabId()
+ public function testGetByExternalId()
{
$u = new User($this->container);
$this->assertNotFalse($u->create(array('username' => 'user1', 'password' => '123456', 'gitlab_id' => '1234')));
- $this->assertNotEmpty($u->getByGitlabId('1234'));
- $this->assertEmpty($u->getByGitlabId(''));
- }
+ $this->assertNotEmpty($u->getByExternalId('gitlab_id', '1234'));
+ $this->assertEmpty($u->getByExternalId('gitlab_id', ''));
- public function testGetByGithubId()
- {
$u = new User($this->container);
- $this->assertNotFalse($u->create(array('username' => 'user1', 'password' => '123456', 'github_id' => 'plop')));
- $this->assertNotFalse($u->create(array('username' => 'user2', 'password' => '123456', 'github_id' => '')));
+ $this->assertNotFalse($u->create(array('username' => 'user2', 'password' => '123456', 'github_id' => 'plop')));
+ $this->assertNotFalse($u->create(array('username' => 'user3', 'password' => '123456', 'github_id' => '')));
- $this->assertNotEmpty($u->getByGithubId('plop'));
- $this->assertEmpty($u->getByGithubId(''));
- }
+ $this->assertNotEmpty($u->getByExternalId('github_id', 'plop'));
+ $this->assertEmpty($u->getByExternalId('github_id', ''));
- public function testGetByGoogleId()
- {
$u = new User($this->container);
- $this->assertNotFalse($u->create(array('username' => 'user1', 'password' => '123456', 'google_id' => '1234')));
- $this->assertNotFalse($u->create(array('username' => 'user2', 'password' => '123456', 'google_id' => '')));
+ $this->assertNotFalse($u->create(array('username' => 'user4', 'password' => '123456', 'google_id' => '1234')));
+ $this->assertNotFalse($u->create(array('username' => 'user5', 'password' => '123456', 'google_id' => '')));
- $this->assertNotEmpty($u->getByGoogleId('1234'));
- $this->assertEmpty($u->getByGoogleId(''));
+ $this->assertNotEmpty($u->getByExternalId('google_id', '1234'));
+ $this->assertEmpty($u->getByExternalId('google_id', ''));
}
public function testGetByToken()
@@ -197,7 +167,7 @@ class UserTest extends Base
'password' => '1234',
'confirmation' => '1234',
'name' => 'me',
- 'is_admin' => '',
+ 'role' => Role::APP_ADMIN,
);
$u->prepare($input);
@@ -207,9 +177,6 @@ class UserTest extends Base
$this->assertNotEquals('1234', $input['password']);
$this->assertNotEmpty($input['password']);
- $this->assertArrayHasKey('is_admin', $input);
- $this->assertInternalType('integer', $input['is_admin']);
-
$input = array(
'username' => 'user1',
'password' => '1234',
@@ -273,8 +240,8 @@ class UserTest extends Base
$u = new User($this->container);
$this->assertEquals(2, $u->create(array('username' => 'user #1', 'password' => '123456', 'name' => 'User')));
$this->assertEquals(3, $u->create(array('username' => 'user #2', 'is_ldap_user' => 1)));
- $this->assertEquals(4, $u->create(array('username' => 'user #3', 'is_project_admin' => 1)));
- $this->assertEquals(5, $u->create(array('username' => 'user #4', 'gitlab_id' => '')));
+ $this->assertEquals(4, $u->create(array('username' => 'user #3', 'role' => Role::APP_MANAGER)));
+ $this->assertEquals(5, $u->create(array('username' => 'user #4', 'gitlab_id' => '', 'role' => Role::APP_ADMIN)));
$this->assertEquals(6, $u->create(array('username' => 'user #5', 'gitlab_id' => '1234')));
$this->assertFalse($u->create(array('username' => 'user #1')));
@@ -283,7 +250,7 @@ class UserTest extends Base
$this->assertTrue(is_array($user));
$this->assertEquals('admin', $user['username']);
$this->assertEquals('', $user['name']);
- $this->assertEquals(1, $user['is_admin']);
+ $this->assertEquals(Role::APP_ADMIN, $user['role']);
$this->assertEquals(0, $user['is_ldap_user']);
$user = $u->getById(2);
@@ -291,7 +258,7 @@ class UserTest extends Base
$this->assertTrue(is_array($user));
$this->assertEquals('user #1', $user['username']);
$this->assertEquals('User', $user['name']);
- $this->assertEquals(0, $user['is_admin']);
+ $this->assertEquals(Role::APP_USER, $user['role']);
$this->assertEquals(0, $user['is_ldap_user']);
$user = $u->getById(3);
@@ -299,27 +266,28 @@ class UserTest extends Base
$this->assertTrue(is_array($user));
$this->assertEquals('user #2', $user['username']);
$this->assertEquals('', $user['name']);
- $this->assertEquals(0, $user['is_admin']);
+ $this->assertEquals(Role::APP_USER, $user['role']);
$this->assertEquals(1, $user['is_ldap_user']);
$user = $u->getById(4);
$this->assertNotFalse($user);
$this->assertTrue(is_array($user));
$this->assertEquals('user #3', $user['username']);
- $this->assertEquals(0, $user['is_admin']);
- $this->assertEquals(1, $user['is_project_admin']);
+ $this->assertEquals(Role::APP_MANAGER, $user['role']);
$user = $u->getById(5);
$this->assertNotFalse($user);
$this->assertTrue(is_array($user));
$this->assertEquals('user #4', $user['username']);
$this->assertEquals('', $user['gitlab_id']);
+ $this->assertEquals(Role::APP_ADMIN, $user['role']);
$user = $u->getById(6);
$this->assertNotFalse($user);
$this->assertTrue(is_array($user));
$this->assertEquals('user #5', $user['username']);
$this->assertEquals('1234', $user['gitlab_id']);
+ $this->assertEquals(Role::APP_USER, $user['role']);
}
public function testUpdate()
@@ -336,7 +304,7 @@ class UserTest extends Base
$this->assertTrue(is_array($user));
$this->assertEquals('biloute', $user['username']);
$this->assertEquals('Toto', $user['name']);
- $this->assertEquals(0, $user['is_admin']);
+ $this->assertEquals(Role::APP_USER, $user['role']);
$this->assertEquals(0, $user['is_ldap_user']);
$user = $u->getById(3);
@@ -423,4 +391,36 @@ class UserTest extends Base
$this->assertEquals('toto', $user['username']);
$this->assertEmpty($user['token']);
}
+
+ public function testValidatePasswordModification()
+ {
+ $u = new User($this->container);
+
+ $this->container['sessionStorage']->user = array(
+ 'id' => 1,
+ 'role' => Role::APP_ADMIN,
+ 'username' => 'admin',
+ );
+
+ $result = $u->validatePasswordModification(array());
+ $this->assertFalse($result[0]);
+
+ $result = $u->validatePasswordModification(array('id' => 1));
+ $this->assertFalse($result[0]);
+
+ $result = $u->validatePasswordModification(array('id' => 1, 'password' => '123456'));
+ $this->assertFalse($result[0]);
+
+ $result = $u->validatePasswordModification(array('id' => 1, 'password' => '123456', 'confirmation' => 'wrong'));
+ $this->assertFalse($result[0]);
+
+ $result = $u->validatePasswordModification(array('id' => 1, 'password' => '123456', 'confirmation' => '123456'));
+ $this->assertFalse($result[0]);
+
+ $result = $u->validatePasswordModification(array('id' => 1, 'password' => '123456', 'confirmation' => '123456', 'current_password' => 'wrong'));
+ $this->assertFalse($result[0]);
+
+ $result = $u->validatePasswordModification(array('id' => 1, 'password' => '123456', 'confirmation' => '123456', 'current_password' => 'admin'));
+ $this->assertTrue($result[0]);
+ }
}
diff --git a/tests/units/Notification/MailTest.php b/tests/units/Notification/MailTest.php
index 3aa1a39c..8f343ba3 100644
--- a/tests/units/Notification/MailTest.php
+++ b/tests/units/Notification/MailTest.php
@@ -10,7 +10,6 @@ use Kanboard\Model\User;
use Kanboard\Model\File;
use Kanboard\Model\Project;
use Kanboard\Model\Task;
-use Kanboard\Model\ProjectPermission;
use Kanboard\Notification\Mail;
use Kanboard\Subscriber\NotificationSubscriber;
diff --git a/tests/units/User/DatabaseUserProviderTest.php b/tests/units/User/DatabaseUserProviderTest.php
new file mode 100644
index 00000000..96c03667
--- /dev/null
+++ b/tests/units/User/DatabaseUserProviderTest.php
@@ -0,0 +1,14 @@
+<?php
+
+require_once __DIR__.'/../Base.php';
+
+use Kanboard\User\DatabaseUserProvider;
+
+class DatabaseUserProviderTest extends Base
+{
+ public function testGetInternalId()
+ {
+ $provider = new DatabaseUserProvider(array('id' => 123));
+ $this->assertEquals(123, $provider->getInternalId());
+ }
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-28 09:25:50 +0000