diff options
| -rw-r--r-- | app/Core/Controller/BaseMiddleware.php | 2 | ||||
| -rw-r--r-- | app/Core/Helper.php | 2 | ||||
| -rw-r--r-- | app/Middleware/AuthenticationMiddleware.php | 6 | ||||
| -rw-r--r-- | app/Middleware/PostAuthenticationMiddleware.php | 2 | ||||
| -rw-r--r-- | tests/units/Middleware/ApplicationAuthorizationMiddlewareTest.php | 65 | ||||
| -rw-r--r-- | tests/units/Middleware/AuthenticationMiddlewareTest.php | 141 | ||||
| -rw-r--r-- | tests/units/Middleware/ProjectAuthorizationMiddlewareTest.php | 81 |
7 files changed, 293 insertions, 6 deletions
diff --git a/app/Core/Controller/BaseMiddleware.php b/app/Core/Controller/BaseMiddleware.php index 233843c9..e94ad95c 100644 --- a/app/Core/Controller/BaseMiddleware.php +++ b/app/Core/Controller/BaseMiddleware.php @@ -25,7 +25,7 @@ abstract class BaseMiddleware extends Base /** * Set next middleware * - * @param BaseMiddleware|null $nextMiddleware + * @param BaseMiddleware $nextMiddleware * @return BaseMiddleware */ public function setNextMiddleware(BaseMiddleware $nextMiddleware) diff --git a/app/Core/Helper.php b/app/Core/Helper.php index 66f8d429..f34b6190 100644 --- a/app/Core/Helper.php +++ b/app/Core/Helper.php @@ -94,7 +94,7 @@ class Helper { $container = $this->container; - $this->helpers[$property] = function() use($className, $container) { + $this->helpers[$property] = function() use ($className, $container) { return new $className($container); }; diff --git a/app/Middleware/AuthenticationMiddleware.php b/app/Middleware/AuthenticationMiddleware.php index a31198a5..c29b7ab6 100644 --- a/app/Middleware/AuthenticationMiddleware.php +++ b/app/Middleware/AuthenticationMiddleware.php @@ -33,7 +33,7 @@ class AuthenticationMiddleware extends BaseMiddleware protected function handleAuthentication() { if (! $this->userSession->isLogged() && ! $this->authenticationManager->preAuthentication()) { - $this->setNextMiddleware(null); + $this->nextMiddleware = null; if ($this->request->isAjax()) { $this->response->text('Not Authorized', 401); @@ -44,10 +44,10 @@ class AuthenticationMiddleware extends BaseMiddleware } } - private function isPublicAccess() + protected function isPublicAccess() { if ($this->applicationAuthorization->isAllowed($this->router->getController(), $this->router->getAction(), Role::APP_PUBLIC)) { - $this->setNextMiddleware(null); + $this->nextMiddleware = null; return true; } diff --git a/app/Middleware/PostAuthenticationMiddleware.php b/app/Middleware/PostAuthenticationMiddleware.php index 8287c10e..c1237f47 100644 --- a/app/Middleware/PostAuthenticationMiddleware.php +++ b/app/Middleware/PostAuthenticationMiddleware.php @@ -22,7 +22,7 @@ class PostAuthenticationMiddleware extends BaseMiddleware $ignore = ($controller === 'twofactor' && in_array($action, array('code', 'check'))) || ($controller === 'auth' && $action === 'logout'); if ($ignore === false && $this->userSession->hasPostAuthentication() && ! $this->userSession->isPostAuthenticationValidated()) { - $this->setNextMiddleware(null); + $this->nextMiddleware = null; if ($this->request->isAjax()) { $this->response->text('Not Authorized', 401); diff --git a/tests/units/Middleware/ApplicationAuthorizationMiddlewareTest.php b/tests/units/Middleware/ApplicationAuthorizationMiddlewareTest.php new file mode 100644 index 00000000..0a0c8783 --- /dev/null +++ b/tests/units/Middleware/ApplicationAuthorizationMiddlewareTest.php @@ -0,0 +1,65 @@ +<?php + +use Kanboard\Middleware\ApplicationAuthorizationMiddleware; + +require_once __DIR__.'/../Base.php'; + +class ApplicationAuthorizationMiddlewareMiddlewareTest extends Base +{ + /** + * @var ApplicationAuthorizationMiddleware + */ + private $middleware; + private $nextMiddleware; + + public function setUp() + { + parent::setUp(); + + $this->container['helper'] = new stdClass(); + + $this->container['helper']->user = $this + ->getMockBuilder('Kanboard\Helper\UserHelper') + ->setConstructorArgs(array($this->container)) + ->setMethods(array('hasAccess')) + ->getMock(); + + $this->nextMiddleware = $this + ->getMockBuilder('Kanboard\Middleware\ApplicationAuthorizationMiddleware') + ->setConstructorArgs(array($this->container)) + ->setMethods(array('execute')) + ->getMock(); + + $this->middleware = new ApplicationAuthorizationMiddleware($this->container); + $this->middleware->setNextMiddleware($this->nextMiddleware); + } + + public function testWithAccessDenied() + { + $this->container['helper']->user + ->expects($this->once()) + ->method('hasAccess') + ->will($this->returnValue(false)); + + $this->nextMiddleware + ->expects($this->never()) + ->method('execute'); + + $this->setExpectedException('Kanboard\Core\Controller\AccessForbiddenException'); + $this->middleware->execute(); + } + + public function testWithAccessGranted() + { + $this->container['helper']->user + ->expects($this->once()) + ->method('hasAccess') + ->will($this->returnValue(true)); + + $this->nextMiddleware + ->expects($this->once()) + ->method('execute'); + + $this->middleware->execute(); + } +} diff --git a/tests/units/Middleware/AuthenticationMiddlewareTest.php b/tests/units/Middleware/AuthenticationMiddlewareTest.php new file mode 100644 index 00000000..b6819adc --- /dev/null +++ b/tests/units/Middleware/AuthenticationMiddlewareTest.php @@ -0,0 +1,141 @@ +<?php + +use Kanboard\Middleware\AuthenticationMiddleware; + +require_once __DIR__.'/../Base.php'; + +class AuthenticationMiddlewareTest extends Base +{ + /** + * @var AuthenticationMiddleware + */ + private $middleware; + private $nextMiddleware; + + public function setUp() + { + parent::setUp(); + + $this->container['authenticationManager'] = $this + ->getMockBuilder('Kanboard\Core\Security\AuthenticationManager') + ->setConstructorArgs(array($this->container)) + ->setMethods(array('checkCurrentSession')) + ->getMock(); + + $this->container['applicationAuthorization'] = $this + ->getMockBuilder('Kanboard\Core\Security\AccessMap') + ->setMethods(array('isAllowed')) + ->getMock(); + + $this->container['response'] = $this + ->getMockBuilder('Kanboard\Core\Http\Response') + ->setConstructorArgs(array($this->container)) + ->setMethods(array('redirect')) + ->getMock(); + + $this->container['userSession'] = $this + ->getMockBuilder('Kanboard\Core\User\UserSession') + ->setConstructorArgs(array($this->container)) + ->setMethods(array('isLogged')) + ->getMock(); + + $this->nextMiddleware = $this + ->getMockBuilder('Kanboard\Middleware\AuthenticationMiddleware') + ->setConstructorArgs(array($this->container)) + ->setMethods(array('execute')) + ->getMock(); + + $this->middleware = new AuthenticationMiddleware($this->container); + $this->middleware->setNextMiddleware($this->nextMiddleware); + } + + public function testWithBadSession() + { + $this->container['authenticationManager'] + ->expects($this->once()) + ->method('checkCurrentSession') + ->will($this->returnValue(false)); + + $this->nextMiddleware + ->expects($this->never()) + ->method('execute'); + + $this->setExpectedException('Kanboard\Core\Controller\AccessForbiddenException'); + $this->middleware->execute(); + } + + public function testWithPublicAction() + { + $this->container['authenticationManager'] + ->expects($this->once()) + ->method('checkCurrentSession') + ->will($this->returnValue(true)); + + $this->container['applicationAuthorization'] + ->expects($this->once()) + ->method('isAllowed') + ->will($this->returnValue(true)); + + $this->nextMiddleware + ->expects($this->never()) + ->method('execute'); + + $this->middleware->execute(); + } + + public function testWithNotAuthenticatedUser() + { + $this->container['authenticationManager'] + ->expects($this->once()) + ->method('checkCurrentSession') + ->will($this->returnValue(true)); + + $this->container['applicationAuthorization'] + ->expects($this->once()) + ->method('isAllowed') + ->will($this->returnValue(false)); + + $this->container['userSession'] + ->expects($this->once()) + ->method('isLogged') + ->will($this->returnValue(false)); + + $this->container['response'] + ->expects($this->once()) + ->method('redirect'); + + $this->nextMiddleware + ->expects($this->never()) + ->method('execute'); + + $this->middleware->execute(); + } + + public function testWithAuthenticatedUser() + { + $this->container['authenticationManager'] + ->expects($this->once()) + ->method('checkCurrentSession') + ->will($this->returnValue(true)); + + $this->container['applicationAuthorization'] + ->expects($this->once()) + ->method('isAllowed') + ->will($this->returnValue(false)); + + $this->container['userSession'] + ->expects($this->once()) + ->method('isLogged') + ->will($this->returnValue(true)); + + $this->container['response'] + ->expects($this->never()) + ->method('redirect'); + + $this->nextMiddleware + ->expects($this->once()) + ->method('execute'); + + $this->middleware->execute(); + } +} diff --git a/tests/units/Middleware/ProjectAuthorizationMiddlewareTest.php b/tests/units/Middleware/ProjectAuthorizationMiddlewareTest.php new file mode 100644 index 00000000..256f0a4d --- /dev/null +++ b/tests/units/Middleware/ProjectAuthorizationMiddlewareTest.php @@ -0,0 +1,81 @@ +<?php + +use Kanboard\Middleware\ProjectAuthorizationMiddleware; + +require_once __DIR__.'/../Base.php'; + +class ProjectAuthorizationMiddlewareMiddlewareTest extends Base +{ + /** + * @var ProjectAuthorizationMiddleware + */ + private $middleware; + private $nextMiddleware; + + public function setUp() + { + parent::setUp(); + + $this->container['helper'] = new stdClass(); + + $this->container['helper']->user = $this + ->getMockBuilder('Kanboard\Helper\UserHelper') + ->setConstructorArgs(array($this->container)) + ->setMethods(array('hasProjectAccess')) + ->getMock(); + + $this->container['request'] = $this + ->getMockBuilder('Kanboard\Core\Http\Request') + ->setConstructorArgs(array($this->container)) + ->setMethods(array('getIntegerParam')) + ->getMock(); + + $this->nextMiddleware = $this + ->getMockBuilder('Kanboard\Middleware\ProjectAuthorizationMiddleware') + ->setConstructorArgs(array($this->container)) + ->setMethods(array('execute')) + ->getMock(); + + $this->middleware = new ProjectAuthorizationMiddleware($this->container); + $this->middleware->setNextMiddleware($this->nextMiddleware); + } + + public function testWithAccessDenied() + { + $this->container['request'] + ->expects($this->any()) + ->method('getIntegerParam') + ->will($this->returnValue(123)); + + $this->container['helper']->user + ->expects($this->once()) + ->method('hasProjectAccess') + ->will($this->returnValue(false)); + + $this->nextMiddleware + ->expects($this->never()) + ->method('execute'); + + $this->setExpectedException('Kanboard\Core\Controller\AccessForbiddenException'); + $this->middleware->execute(); + } + + public function testWithAccessGranted() + { + $this->container['request'] + ->expects($this->any()) + ->method('getIntegerParam') + ->will($this->returnValue(123)); + + $this->container['helper']->user + ->expects($this->once()) + ->method('hasProjectAccess') + ->will($this->returnValue(true)); + + $this->nextMiddleware + ->expects($this->once()) + ->method('execute'); + + $this->middleware->execute(); + } +} |