diff options
| author | Frederic Guillot <fred@kanboard.net> | 2016-07-02 17:44:45 -0400 |
|---|---|---|
| committer | Frederic Guillot <fred@kanboard.net> | 2016-07-02 17:44:45 -0400 |
| commit | 43337d58c0be097ca510f2abd1497f13f25bda5b (patch) | |
| tree | 8a4e941c2eae7b0b29ab1c0b4cd086aa853c5e87 /tests | |
| parent | 10d577ad9d1b2976cdb080a7d7df3944e0db170f (diff) | |
Preserve role for existing users when using ReverseProxy authentication
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/units/Auth/ReverseProxyAuthTest.php | 111 |
1 files changed, 111 insertions, 0 deletions
diff --git a/tests/units/Auth/ReverseProxyAuthTest.php b/tests/units/Auth/ReverseProxyAuthTest.php new file mode 100644 index 00000000..cdbc247d --- /dev/null +++ b/tests/units/Auth/ReverseProxyAuthTest.php @@ -0,0 +1,111 @@ +<?php + +use Kanboard\Auth\ReverseProxyAuth; +use Kanboard\Core\Security\Role; +use Kanboard\Model\UserModel; + +require_once __DIR__.'/../Base.php'; + +class ReverseProxyAuthTest extends Base +{ + public function setUp() + { + parent::setUp(); + + $this->container['request'] = $this + ->getMockBuilder('\Kanboard\Core\Http\Request') + ->setConstructorArgs(array($this->container)) + ->setMethods(array('getRemoteUser')) + ->getMock(); + } + + public function testGetName() + { + $provider = new ReverseProxyAuth($this->container); + $this->assertEquals('ReverseProxy', $provider->getName()); + } + + public function testAuthenticateSuccess() + { + $this->container['request'] + ->expects($this->once()) + ->method('getRemoteUser') + ->will($this->returnValue('admin')); + + $provider = new ReverseProxyAuth($this->container); + $this->assertTrue($provider->authenticate()); + } + + public function testAuthenticateFailure() + { + $this->container['request'] + ->expects($this->once()) + ->method('getRemoteUser') + ->will($this->returnValue('')); + + $provider = new ReverseProxyAuth($this->container); + $this->assertFalse($provider->authenticate()); + } + + public function testValidSession() + { + $this->container['request'] + ->expects($this->once()) + ->method('getRemoteUser') + ->will($this->returnValue('admin')); + + $this->container['sessionStorage']->user = array( + 'username' => 'admin' + ); + + $provider = new ReverseProxyAuth($this->container); + $this->assertTrue($provider->isValidSession()); + } + + public function testInvalidSession() + { + $this->container['request'] + ->expects($this->once()) + ->method('getRemoteUser') + ->will($this->returnValue('foobar')); + + $this->container['sessionStorage']->user = array( + 'username' => 'admin' + ); + + $provider = new ReverseProxyAuth($this->container); + $this->assertFalse($provider->isValidSession()); + } + + public function testRoleForNewUser() + { + $this->container['request'] + ->expects($this->once()) + ->method('getRemoteUser') + ->will($this->returnValue('someone')); + + $provider = new ReverseProxyAuth($this->container); + $this->assertTrue($provider->authenticate()); + + $user = $provider->getUser(); + $this->assertEquals(Role::APP_USER, $user->getRole()); + } + + public function testRoleIsPreservedForExistingUser() + { + $this->container['request'] + ->expects($this->once()) + ->method('getRemoteUser') + ->will($this->returnValue('someone')); + + $provider = new ReverseProxyAuth($this->container); + $userModel = new UserModel($this->container); + + $this->assertEquals(2, $userModel->create(array('username' => 'someone', 'role' => Role::APP_MANAGER))); + + $this->assertTrue($provider->authenticate()); + + $user = $provider->getUser(); + $this->assertEquals(Role::APP_MANAGER, $user->getRole()); + } +} |