diff options
Diffstat (limited to 'tests/units')
49 files changed, 2692 insertions, 1761 deletions
diff --git a/tests/units/Action/TaskAssignCurrentUserTest.php b/tests/units/Action/TaskAssignCurrentUserTest.php index 08176b1c..e2d1c11a 100644 --- a/tests/units/Action/TaskAssignCurrentUserTest.php +++ b/tests/units/Action/TaskAssignCurrentUserTest.php @@ -7,7 +7,7 @@ use Kanboard\Model\Task; use Kanboard\Model\TaskCreation; use Kanboard\Model\TaskFinder; use Kanboard\Model\Project; -use Kanboard\Model\UserSession; +use Kanboard\Core\User\UserSession; use Kanboard\Action\TaskAssignCurrentUser; class TaskAssignCurrentUserTest extends Base diff --git a/tests/units/Auth/DatabaseAuthTest.php b/tests/units/Auth/DatabaseAuthTest.php new file mode 100644 index 00000000..a13b7fee --- /dev/null +++ b/tests/units/Auth/DatabaseAuthTest.php @@ -0,0 +1,52 @@ +<?php + +require_once __DIR__.'/../Base.php'; + +use Kanboard\Auth\DatabaseAuth; + +class DatabaseAuthTest extends Base +{ + public function testGetName() + { + $provider = new DatabaseAuth($this->container); + $this->assertEquals('Database', $provider->getName()); + } + + public function testAuthenticate() + { + $provider = new DatabaseAuth($this->container); + + $provider->setUsername('admin'); + $provider->setPassword('admin'); + $this->assertTrue($provider->authenticate()); + + $provider->setUsername('admin'); + $provider->setPassword('test'); + $this->assertFalse($provider->authenticate()); + } + + public function testGetUser() + { + $provider = new DatabaseAuth($this->container); + $this->assertEquals(null, $provider->getUser()); + + $provider = new DatabaseAuth($this->container); + $provider->setUsername('admin'); + $provider->setPassword('admin'); + + $this->assertTrue($provider->authenticate()); + $this->assertInstanceOf('Kanboard\User\DatabaseUserProvider', $provider->getUser()); + } + + public function testIsvalidSession() + { + $provider = new DatabaseAuth($this->container); + $this->assertFalse($provider->isValidSession()); + + $this->container['sessionStorage']->user = array('id' => 1); + $this->assertTrue($provider->isValidSession()); + + $this->container['sessionStorage']->user = array('id' => 2); + $this->assertFalse($provider->isValidSession()); + } +} diff --git a/tests/units/Auth/LdapTest.php b/tests/units/Auth/LdapTest.php deleted file mode 100644 index bf2cec35..00000000 --- a/tests/units/Auth/LdapTest.php +++ /dev/null @@ -1,697 +0,0 @@ -<?php - -namespace Kanboard\Auth; - -require_once __DIR__.'/../Base.php'; - -function ldap_connect($hostname, $port) -{ - return LdapTest::$functions->ldap_connect($hostname, $port); -} - -function ldap_set_option() -{ -} - -function ldap_bind($link_identifier, $bind_rdn, $bind_password) -{ - return LdapTest::$functions->ldap_bind($link_identifier, $bind_rdn, $bind_password); -} - -function ldap_search($link_identifier, $base_dn, $filter, array $attributes) -{ - return LdapTest::$functions->ldap_search($link_identifier, $base_dn, $filter, $attributes); -} - -function ldap_get_entries($link_identifier, $result_identifier) -{ - return LdapTest::$functions->ldap_get_entries($link_identifier, $result_identifier); -} - -class LdapTest extends \Base -{ - public static $functions; - private $ldap; - - public function setUp() - { - parent::setup(); - - self::$functions = $this - ->getMockBuilder('stdClass') - ->setMethods(array( - 'ldap_connect', - 'ldap_set_option', - 'ldap_bind', - 'ldap_search', - 'ldap_get_entries', - )) - ->getMock(); - } - - public function tearDown() - { - parent::tearDown(); - self::$functions = null; - } - - public function testGetAttributes() - { - $ldap = new Ldap($this->container); - $this->assertCount(3, $ldap->getProfileAttributes()); - $this->assertContains(LDAP_ACCOUNT_FULLNAME, $ldap->getProfileAttributes()); - $this->assertContains(LDAP_ACCOUNT_EMAIL, $ldap->getProfileAttributes()); - $this->assertContains(LDAP_ACCOUNT_MEMBEROF, $ldap->getProfileAttributes()); - } - - public function testConnectSuccess() - { - $ldap = $this - ->getMockBuilder('\Kanboard\Auth\Ldap') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('getLdapServer')) - ->getMock(); - - $ldap - ->expects($this->once()) - ->method('getLdapServer') - ->will($this->returnValue('my_ldap_server')); - - self::$functions - ->expects($this->once()) - ->method('ldap_connect') - ->with( - $this->equalTo('my_ldap_server'), - $this->equalTo($ldap->getLdapPort()) - ) - ->will($this->returnValue('my_ldap_resource')); - - $this->assertNotFalse($ldap->connect()); - } - - public function testConnectFailure() - { - $ldap = $this - ->getMockBuilder('\Kanboard\Auth\Ldap') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('getLdapServer')) - ->getMock(); - - $ldap - ->expects($this->once()) - ->method('getLdapServer') - ->will($this->returnValue('my_ldap_server')); - - self::$functions - ->expects($this->once()) - ->method('ldap_connect') - ->with( - $this->equalTo('my_ldap_server'), - $this->equalTo($ldap->getLdapPort()) - ) - ->will($this->returnValue(false)); - - $this->assertFalse($ldap->connect()); - } - - public function testBindAnonymous() - { - $ldap = $this - ->getMockBuilder('\Kanboard\Auth\Ldap') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('getLdapBindType')) - ->getMock(); - - $ldap - ->expects($this->any()) - ->method('getLdapBindType') - ->will($this->returnValue('anonymous')); - - self::$functions - ->expects($this->once()) - ->method('ldap_bind') - ->with( - $this->equalTo('my_ldap_connection'), - $this->equalTo(null), - $this->equalTo(null) - ) - ->will($this->returnValue(true)); - - $this->assertTrue($ldap->bind('my_ldap_connection', 'my_user', 'my_password')); - } - - public function testBindUser() - { - $ldap = $this - ->getMockBuilder('\Kanboard\Auth\Ldap') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('getLdapUsername', 'getLdapBindType')) - ->getMock(); - - $ldap - ->expects($this->once()) - ->method('getLdapUsername') - ->will($this->returnValue('uid=my_user')); - - $ldap - ->expects($this->any()) - ->method('getLdapBindType') - ->will($this->returnValue('user')); - - self::$functions - ->expects($this->once()) - ->method('ldap_bind') - ->with( - $this->equalTo('my_ldap_connection'), - $this->equalTo('uid=my_user'), - $this->equalTo('my_password') - ) - ->will($this->returnValue(true)); - - $this->assertTrue($ldap->bind('my_ldap_connection', 'my_user', 'my_password')); - } - - public function testBindProxy() - { - $ldap = $this - ->getMockBuilder('\Kanboard\Auth\Ldap') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('getLdapUsername', 'getLdapPassword', 'getLdapBindType')) - ->getMock(); - - $ldap - ->expects($this->once()) - ->method('getLdapUsername') - ->will($this->returnValue('someone')); - - $ldap - ->expects($this->once()) - ->method('getLdapPassword') - ->will($this->returnValue('something')); - - $ldap - ->expects($this->any()) - ->method('getLdapBindType') - ->will($this->returnValue('proxy')); - - self::$functions - ->expects($this->once()) - ->method('ldap_bind') - ->with( - $this->equalTo('my_ldap_connection'), - $this->equalTo('someone'), - $this->equalTo('something') - ) - ->will($this->returnValue(true)); - - $this->assertTrue($ldap->bind('my_ldap_connection', 'my_user', 'my_password')); - } - - public function testSearchSuccess() - { - $entries = array( - 'count' => 1, - 0 => array( - 'count' => 2, - 'dn' => 'uid=my_user,ou=People,dc=kanboard,dc=local', - 'displayname' => array( - 'count' => 1, - 0 => 'My user', - ), - 'mail' => array( - 'count' => 2, - 0 => 'user1@localhost', - 1 => 'user2@localhost', - ), - 0 => 'displayname', - 1 => 'mail', - ) - ); - - $expected = array( - 'username' => 'my_user', - 'name' => 'My user', - 'email' => 'user1@localhost', - 'is_admin' => 0, - 'is_project_admin' => 0, - 'is_ldap_user' => 1, - ); - - $ldap = $this - ->getMockBuilder('\Kanboard\Auth\Ldap') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('getLdapUserPattern', 'getLdapBaseDn')) - ->getMock(); - - $ldap - ->expects($this->once()) - ->method('getLdapUserPattern') - ->will($this->returnValue('uid=my_user')); - - $ldap - ->expects($this->once()) - ->method('getLdapBaseDn') - ->will($this->returnValue('ou=People,dc=kanboard,dc=local')); - - self::$functions - ->expects($this->at(0)) - ->method('ldap_search') - ->with( - $this->equalTo('my_ldap_connection'), - $this->equalTo('ou=People,dc=kanboard,dc=local'), - $this->equalTo('uid=my_user'), - $this->equalTo($ldap->getProfileAttributes()) - ) - ->will($this->returnValue('my_result_identifier')); - - self::$functions - ->expects($this->at(1)) - ->method('ldap_get_entries') - ->with( - $this->equalTo('my_ldap_connection'), - $this->equalTo('my_result_identifier') - ) - ->will($this->returnValue($entries)); - - self::$functions - ->expects($this->at(2)) - ->method('ldap_bind') - ->with( - $this->equalTo('my_ldap_connection'), - $this->equalTo('uid=my_user,ou=People,dc=kanboard,dc=local'), - $this->equalTo('my_password') - ) - ->will($this->returnValue(true)); - - $this->assertEquals($expected, $ldap->getProfile('my_ldap_connection', 'my_user', 'my_password')); - } - - public function testSearchWithBadPassword() - { - $entries = array( - 'count' => 1, - 0 => array( - 'count' => 2, - 'dn' => 'uid=my_user,ou=People,dc=kanboard,dc=local', - 'displayname' => array( - 'count' => 1, - 0 => 'My user', - ), - 'mail' => array( - 'count' => 2, - 0 => 'user1@localhost', - 1 => 'user2@localhost', - ), - 0 => 'displayname', - 1 => 'mail', - ) - ); - - $ldap = $this - ->getMockBuilder('\Kanboard\Auth\Ldap') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('getLdapUserPattern', 'getLdapBaseDn')) - ->getMock(); - - $ldap - ->expects($this->once()) - ->method('getLdapUserPattern') - ->will($this->returnValue('uid=my_user')); - - $ldap - ->expects($this->once()) - ->method('getLdapBaseDn') - ->will($this->returnValue('ou=People,dc=kanboard,dc=local')); - - self::$functions - ->expects($this->at(0)) - ->method('ldap_search') - ->with( - $this->equalTo('my_ldap_connection'), - $this->equalTo('ou=People,dc=kanboard,dc=local'), - $this->equalTo('uid=my_user'), - $this->equalTo($ldap->getProfileAttributes()) - ) - ->will($this->returnValue('my_result_identifier')); - - self::$functions - ->expects($this->at(1)) - ->method('ldap_get_entries') - ->with( - $this->equalTo('my_ldap_connection'), - $this->equalTo('my_result_identifier') - ) - ->will($this->returnValue($entries)); - - self::$functions - ->expects($this->at(2)) - ->method('ldap_bind') - ->with( - $this->equalTo('my_ldap_connection'), - $this->equalTo('uid=my_user,ou=People,dc=kanboard,dc=local'), - $this->equalTo('my_password') - ) - ->will($this->returnValue(false)); - - $this->assertFalse($ldap->getProfile('my_ldap_connection', 'my_user', 'my_password')); - } - - public function testSearchWithUserNotFound() - { - $ldap = $this - ->getMockBuilder('\Kanboard\Auth\Ldap') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('getLdapUserPattern', 'getLdapBaseDn')) - ->getMock(); - - $ldap - ->expects($this->once()) - ->method('getLdapUserPattern') - ->will($this->returnValue('uid=my_user')); - - $ldap - ->expects($this->once()) - ->method('getLdapBaseDn') - ->will($this->returnValue('ou=People,dc=kanboard,dc=local')); - - self::$functions - ->expects($this->at(0)) - ->method('ldap_search') - ->with( - $this->equalTo('my_ldap_connection'), - $this->equalTo('ou=People,dc=kanboard,dc=local'), - $this->equalTo('uid=my_user'), - $this->equalTo($ldap->getProfileAttributes()) - ) - ->will($this->returnValue('my_result_identifier')); - - self::$functions - ->expects($this->at(1)) - ->method('ldap_get_entries') - ->with( - $this->equalTo('my_ldap_connection'), - $this->equalTo('my_result_identifier') - ) - ->will($this->returnValue(array())); - - $this->assertFalse($ldap->getProfile('my_ldap_connection', 'my_user', 'my_password')); - } - - public function testSuccessfulAuthentication() - { - $this->container['userSession'] = $this - ->getMockBuilder('\Kanboard\Model\UserSession') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('initialize')) - ->getMock(); - - $this->container['user'] = $this - ->getMockBuilder('\Kanboard\Model\User') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('getByUsername')) - ->getMock(); - - $ldap = $this - ->getMockBuilder('\Kanboard\Auth\Ldap') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('findUser')) - ->getMock(); - - $ldap - ->expects($this->once()) - ->method('findUser') - ->with( - $this->equalTo('user'), - $this->equalTo('password') - ) - ->will($this->returnValue(array('username' => 'user', 'name' => 'My user', 'email' => 'user@here'))); - - $this->container['user'] - ->expects($this->once()) - ->method('getByUsername') - ->with( - $this->equalTo('user') - ) - ->will($this->returnValue(array('id' => 2, 'username' => 'user', 'is_ldap_user' => 1))); - - $this->container['userSession'] - ->expects($this->once()) - ->method('initialize'); - - $this->assertTrue($ldap->authenticate('user', 'password')); - } - - public function testAuthenticationWithExistingLocalUser() - { - $this->container['userSession'] = $this - ->getMockBuilder('\Kanboard\Model\UserSession') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('initialize')) - ->getMock(); - - $this->container['user'] = $this - ->getMockBuilder('\Kanboard\Model\User') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('getByUsername')) - ->getMock(); - - $ldap = $this - ->getMockBuilder('\Kanboard\Auth\Ldap') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('findUser')) - ->getMock(); - - $ldap - ->expects($this->once()) - ->method('findUser') - ->with( - $this->equalTo('user'), - $this->equalTo('password') - ) - ->will($this->returnValue(array('username' => 'user', 'name' => 'My user', 'email' => 'user@here'))); - - $this->container['user'] - ->expects($this->once()) - ->method('getByUsername') - ->with( - $this->equalTo('user') - ) - ->will($this->returnValue(array('id' => 2, 'username' => 'user', 'is_ldap_user' => 0))); - - $this->container['userSession'] - ->expects($this->never()) - ->method('initialize'); - - $this->assertFalse($ldap->authenticate('user', 'password')); - } - - public function testAuthenticationWithAutomaticAccountCreation() - { - $ldap_profile = array('username' => 'user', 'name' => 'My user', 'email' => 'user@here'); - - $this->container['userSession'] = $this - ->getMockBuilder('\Kanboard\Model\UserSession') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('initialize')) - ->getMock(); - - $this->container['user'] = $this - ->getMockBuilder('\Kanboard\Model\User') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('getByUsername', 'create')) - ->getMock(); - - $ldap = $this - ->getMockBuilder('\Kanboard\Auth\Ldap') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('findUser')) - ->getMock(); - - $ldap - ->expects($this->at(0)) - ->method('findUser') - ->with( - $this->equalTo('user'), - $this->equalTo('password') - ) - ->will($this->returnValue($ldap_profile)); - - $this->container['user'] - ->expects($this->at(0)) - ->method('getByUsername') - ->with( - $this->equalTo('user') - ) - ->will($this->returnValue(null)); - - $this->container['user'] - ->expects($this->at(1)) - ->method('create') - ->with( - $this->equalTo($ldap_profile) - ) - ->will($this->returnValue(true)); - - $this->container['user'] - ->expects($this->at(2)) - ->method('getByUsername') - ->with( - $this->equalTo('user') - ) - ->will($this->returnValue(array('id' => 2, 'username' => 'user', 'is_ldap_user' => 1))); - - $this->container['userSession'] - ->expects($this->once()) - ->method('initialize'); - - $this->assertTrue($ldap->authenticate('user', 'password')); - } - - public function testAuthenticationWithAutomaticAccountCreationFailed() - { - $ldap_profile = array('username' => 'user', 'name' => 'My user', 'email' => 'user@here'); - - $this->container['userSession'] = $this - ->getMockBuilder('\Kanboard\Model\UserSession') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('initialize')) - ->getMock(); - - $this->container['user'] = $this - ->getMockBuilder('\Kanboard\Model\User') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('getByUsername', 'create')) - ->getMock(); - - $ldap = $this - ->getMockBuilder('\Kanboard\Auth\Ldap') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('findUser')) - ->getMock(); - - $ldap - ->expects($this->at(0)) - ->method('findUser') - ->with( - $this->equalTo('user'), - $this->equalTo('password') - ) - ->will($this->returnValue($ldap_profile)); - - $this->container['user'] - ->expects($this->at(0)) - ->method('getByUsername') - ->with( - $this->equalTo('user') - ) - ->will($this->returnValue(null)); - - $this->container['user'] - ->expects($this->at(1)) - ->method('create') - ->with( - $this->equalTo($ldap_profile) - ) - ->will($this->returnValue(false)); - - $this->container['userSession'] - ->expects($this->never()) - ->method('initialize'); - - $this->assertFalse($ldap->authenticate('user', 'password')); - } - - public function testLookup() - { - $entries = array( - 'count' => 1, - 0 => array( - 'count' => 2, - 'dn' => 'uid=my_user,ou=People,dc=kanboard,dc=local', - 'displayname' => array( - 'count' => 1, - 0 => 'My LDAP user', - ), - 'mail' => array( - 'count' => 2, - 0 => 'user1@localhost', - 1 => 'user2@localhost', - ), - 'samaccountname' => array( - 'count' => 1, - 0 => 'my_ldap_user', - ), - 0 => 'displayname', - 1 => 'mail', - 2 => 'samaccountname', - ) - ); - - $expected = array( - 'username' => 'my_ldap_user', - 'name' => 'My LDAP user', - 'email' => 'user1@localhost', - 'is_admin' => 0, - 'is_project_admin' => 0, - 'is_ldap_user' => 1, - ); - - $ldap = $this - ->getMockBuilder('\Kanboard\Auth\Ldap') - ->setConstructorArgs(array($this->container)) - ->setMethods(array('connect', 'getLdapUserPattern', 'getLdapBaseDn', 'getLdapAccountId')) - ->getMock(); - - $ldap - ->expects($this->once()) - ->method('connect') - ->will($this->returnValue('my_ldap_connection')); - - $ldap - ->expects($this->once()) - ->method('getLdapUserPattern') - ->will($this->returnValue('sAMAccountName=my_user')); - - $ldap - ->expects($this->any()) - ->method('getLdapAccountId') - ->will($this->returnValue('samaccountname')); - - $ldap - ->expects($this->once()) - ->method('getLdapBaseDn') - ->will($this->returnValue('ou=People,dc=kanboard,dc=local')); - - self::$functions - ->expects($this->at(0)) - ->method('ldap_bind') - ->with( - $this->equalTo('my_ldap_connection'), - $this->equalTo(null), - $this->equalTo(null) - ) - ->will($this->returnValue(true)); - - self::$functions - ->expects($this->at(1)) - ->method('ldap_search') - ->with( - $this->equalTo('my_ldap_connection'), - $this->equalTo('ou=People,dc=kanboard,dc=local'), - $this->equalTo('(&(sAMAccountName=my_user)(mail=user@localhost))'), - $this->equalTo($ldap->getProfileAttributes()) - ) - ->will($this->returnValue('my_result_identifier')); - - self::$functions - ->expects($this->at(2)) - ->method('ldap_get_entries') - ->with( - $this->equalTo('my_ldap_connection'), - $this->equalTo('my_result_identifier') - ) - ->will($this->returnValue($entries)); - - $this->assertEquals($expected, $ldap->lookup('my_user', 'user@localhost')); - } -} diff --git a/tests/units/Auth/ReverseProxyTest.php b/tests/units/Auth/ReverseProxyTest.php deleted file mode 100644 index 6aaa5a67..00000000 --- a/tests/units/Auth/ReverseProxyTest.php +++ /dev/null @@ -1,37 +0,0 @@ -<?php - -require_once __DIR__.'/../Base.php'; - -use Kanboard\Auth\ReverseProxy; -use Kanboard\Model\User; - -class ReverseProxyTest extends Base -{ - public function setUp() - { - parent::setup(); - $_SERVER = array(); - } - - public function testFailedAuthentication() - { - $auth = new ReverseProxy($this->container); - $this->assertFalse($auth->authenticate()); - } - - public function testSuccessfulAuthentication() - { - $_SERVER[REVERSE_PROXY_USER_HEADER] = 'my_user'; - - $a = new ReverseProxy($this->container); - $u = new User($this->container); - - $this->assertTrue($a->authenticate()); - - $user = $u->getByUsername('my_user'); - $this->assertNotEmpty($user); - $this->assertEquals(0, $user['is_admin']); - $this->assertEquals(1, $user['is_ldap_user']); - $this->assertEquals(1, $user['disable_login_form']); - } -} diff --git a/tests/units/Auth/TotpAuthTest.php b/tests/units/Auth/TotpAuthTest.php new file mode 100644 index 00000000..fcb7ea31 --- /dev/null +++ b/tests/units/Auth/TotpAuthTest.php @@ -0,0 +1,63 @@ +<?php + +require_once __DIR__.'/../Base.php'; + +use Kanboard\Auth\TotpAuth; + +class TotpAuthTest extends Base +{ + public function testGetName() + { + $provider = new TotpAuth($this->container); + $this->assertEquals('Time-based One-time Password Algorithm', $provider->getName()); + } + + public function testGetSecret() + { + $provider = new TotpAuth($this->container); + $secret = $provider->getSecret(); + + $this->assertNotEmpty($secret); + $this->assertEquals($secret, $provider->getSecret()); + $this->assertEquals($secret, $provider->getSecret()); + } + + public function testSetSecret() + { + $provider = new TotpAuth($this->container); + $provider->setSecret('mySecret'); + $this->assertEquals('mySecret', $provider->getSecret()); + } + + public function testGetUrl() + { + $provider = new TotpAuth($this->container); + $this->assertEmpty($provider->getQrCodeUrl('me')); + $this->assertEmpty($provider->getKeyUrl('me')); + + $provider->setSecret('mySecret'); + $this->assertEquals( + 'https://chart.googleapis.com/chart?chs=200x200&cht=qr&chld=M|0&chl=otpauth%3A%2F%2Ftotp%2Fme%3Fsecret%3DmySecret', + $provider->getQrCodeUrl('me') + ); + + $this->assertEquals('otpauth://totp/me?secret=mySecret', $provider->getKeyUrl('me')); + } + + public function testAuthentication() + { + $provider = new TotpAuth($this->container); + + $secret = $provider->getSecret(); + $this->assertNotEmpty($secret); + + $provider->setCode('1234'); + $this->assertFalse($provider->authenticate()); + + if (!!`which oathtool`) { + $code = shell_exec('oathtool --totp -b '.$secret); + $provider->setCode(trim($code)); + $this->assertTrue($provider->authenticate()); + } + } +} diff --git a/tests/units/Base.php b/tests/units/Base.php index 6d7a97a3..4b54cdb0 100644 --- a/tests/units/Base.php +++ b/tests/units/Base.php @@ -75,8 +75,11 @@ abstract class Base extends PHPUnit_Framework_TestCase } $this->container = new Pimple\Container; + $this->container->register(new Kanboard\ServiceProvider\AuthenticationProvider); $this->container->register(new Kanboard\ServiceProvider\DatabaseProvider); $this->container->register(new Kanboard\ServiceProvider\ClassProvider); + $this->container->register(new Kanboard\ServiceProvider\NotificationProvider); + $this->container->register(new Kanboard\ServiceProvider\RouteProvider); $this->container['dispatcher'] = new TraceableEventDispatcher( new EventDispatcher, diff --git a/tests/units/Core/OAuth2Test.php b/tests/units/Core/Http/OAuth2Test.php index d5713608..d703dd7a 100644 --- a/tests/units/Core/OAuth2Test.php +++ b/tests/units/Core/Http/OAuth2Test.php @@ -1,8 +1,8 @@ <?php -require_once __DIR__.'/../Base.php'; +require_once __DIR__.'/../../Base.php'; -use Kanboard\Core\OAuth2; +use Kanboard\Core\Http\OAuth2; class OAuth2Test extends Base { diff --git a/tests/units/Core/Http/RememberMeCookieTest.php b/tests/units/Core/Http/RememberMeCookieTest.php new file mode 100644 index 00000000..ae5606ac --- /dev/null +++ b/tests/units/Core/Http/RememberMeCookieTest.php @@ -0,0 +1,108 @@ +<?php + +namespace Kanboard\Core\Http; + +require_once __DIR__.'/../../Base.php'; + +function setcookie($name, $value = "", $expire = 0, $path = "", $domain = "", $secure = false, $httponly = false) +{ + return RememberMeCookieTest::$functions->setcookie($name, $value, $expire, $path, $domain, $secure, $httponly); +} + +class RememberMeCookieTest extends \Base +{ + public static $functions; + + public function setUp() + { + parent::setup(); + + self::$functions = $this + ->getMockBuilder('stdClass') + ->setMethods(array( + 'setcookie', + )) + ->getMock(); + } + + public function tearDown() + { + parent::tearDown(); + self::$functions = null; + } + + public function testEncode() + { + $cookie = new RememberMeCookie($this->container); + $this->assertEquals('a|b', $cookie->encode('a', 'b')); + } + + public function testDecode() + { + $cookie = new RememberMeCookie($this->container); + $this->assertEquals(array('token' => 'a', 'sequence' => 'b'), $cookie->decode('a|b')); + } + + public function testHasCookie() + { + $this->container['request'] = new Request($this->container, array(), array(), array(), array(), array()); + + $cookie = new RememberMeCookie($this->container); + $this->assertFalse($cookie->hasCookie()); + + $this->container['request'] = new Request($this->container, array(), array(), array(), array(), array(RememberMeCookie::COOKIE_NAME => 'miam')); + $this->assertTrue($cookie->hasCookie()); + } + + public function testWrite() + { + self::$functions + ->expects($this->once()) + ->method('setcookie') + ->with( + RememberMeCookie::COOKIE_NAME, + 'myToken|mySequence', + 1234, + '', + '', + false, + true + ) + ->will($this->returnValue(true)); + + $cookie = new RememberMeCookie($this->container); + $this->assertTrue($cookie->write('myToken', 'mySequence', 1234)); + } + + public function testRead() + { + $this->container['request'] = new Request($this->container, array(), array(), array(), array(), array()); + + $cookie = new RememberMeCookie($this->container); + $this->assertFalse($cookie->read()); + + $this->container['request'] = new Request($this->container, array(), array(), array(), array(), array(RememberMeCookie::COOKIE_NAME => 'T|S')); + + $this->assertEquals(array('token' => 'T', 'sequence' => 'S'), $cookie->read()); + } + + public function testRemove() + { + self::$functions + ->expects($this->once()) + ->method('setcookie') + ->with( + RememberMeCookie::COOKIE_NAME, + '', + time() - 3600, + '', + '', + false, + true + ) + ->will($this->returnValue(true)); + + $cookie = new RememberMeCookie($this->container); + $this->assertTrue($cookie->remove()); + } +} diff --git a/tests/units/Core/Http/RequestTest.php b/tests/units/Core/Http/RequestTest.php new file mode 100644 index 00000000..217698f9 --- /dev/null +++ b/tests/units/Core/Http/RequestTest.php @@ -0,0 +1,175 @@ +<?php + +require_once __DIR__.'/../../Base.php'; + +use Kanboard\Core\Http\Request; + +class RequestTest extends Base +{ + public function testGetStringParam() + { + $request = new Request($this->container, array(), array(), array(), array(), array()); + $this->assertEquals('', $request->getStringParam('myvar')); + + $request = new Request($this->container, array(), array(), array(), array(), array()); + $this->assertEquals('default', $request->getStringParam('myvar', 'default')); + + $request = new Request($this->container, array(), array('myvar' => 'myvalue'), array(), array(), array()); + $this->assertEquals('myvalue', $request->getStringParam('myvar')); + } + + public function testGetIntegerParam() + { + $request = new Request($this->container, array(), array(), array(), array(), array()); + $this->assertEquals(0, $request->getIntegerParam('myvar')); + + $request = new Request($this->container, array(), array(), array(), array(), array()); + $this->assertEquals(5, $request->getIntegerParam('myvar', 5)); + + $request = new Request($this->container, array(), array('myvar' => 'myvalue'), array(), array(), array()); + $this->assertEquals(0, $request->getIntegerParam('myvar')); + + $request = new Request($this->container, array(), array('myvar' => '123'), array(), array(), array()); + $this->assertEquals(123, $request->getIntegerParam('myvar')); + } + + public function testGetValues() + { + $request = new Request($this->container, array(), array(), array('myvar' => 'myvalue'), array(), array()); + $this->assertEmpty($request->getValue('myvar')); + + $request = new Request($this->container, array(), array(), array('myvar' => 'myvalue', 'csrf_token' => $this->container['token']->getCSRFToken()), array(), array()); + $this->assertEquals('myvalue', $request->getValue('myvar')); + + $request = new Request($this->container, array(), array(), array('myvar' => 'myvalue', 'csrf_token' => $this->container['token']->getCSRFToken()), array(), array()); + $this->assertEquals(array('myvar' => 'myvalue'), $request->getValues()); + } + + public function testGetFileContent() + { + $request = new Request($this->container, array(), array(), array(), array(), array()); + $this->assertEmpty($request->getFileContent('myfile')); + + $filename = tempnam(sys_get_temp_dir(), 'UnitTest'); + file_put_contents($filename, 'something'); + + $request = new Request($this->container, array(), array(), array(), array('myfile' => array('tmp_name' => $filename)), array()); + $this->assertEquals('something', $request->getFileContent('myfile')); + + unlink($filename); + } + + public function testGetFilePath() + { + $request = new Request($this->container, array(), array(), array(), array(), array()); + $this->assertEmpty($request->getFilePath('myfile')); + + $request = new Request($this->container, array(), array(), array(), array('myfile' => array('tmp_name' => 'somewhere')), array()); + $this->assertEquals('somewhere', $request->getFilePath('myfile')); + } + + public function testIsPost() + { + $request = new Request($this->container, array(), array(), array(), array(), array()); + $this->assertFalse($request->isPost()); + + $request = new Request($this->container, array('REQUEST_METHOD' => 'POST'), array(), array(), array(), array()); + $this->assertTrue($request->isPost()); + } + + public function testIsAjax() + { + $request = new Request($this->container, array(), array(), array(), array(), array()); + $this->assertFalse($request->isAjax()); + + $request = new Request($this->container, array('HTTP_X_REQUESTED_WITH' => 'XMLHttpRequest'), array(), array(), array(), array()); + $this->assertTrue($request->isAjax()); + } + + public function testIsHTTPS() + { + $request = new Request($this->container, array(), array(), array(), array()); + $this->assertFalse($request->isHTTPS()); + + $request = new Request($this->container, array('HTTPS' => ''), array(), array(), array(), array()); + $this->assertFalse($request->isHTTPS()); + + $request = new Request($this->container, array('HTTPS' => 'off'), array(), array(), array(), array()); + $this->assertFalse($request->isHTTPS()); + + $request = new Request($this->container, array('HTTPS' => 'on'), array(), array(), array(), array()); + $this->assertTrue($request->isHTTPS()); + + $request = new Request($this->container, array('HTTPS' => '1'), array(), array(), array(), array()); + $this->assertTrue($request->isHTTPS()); + } + + public function testGetCookie() + { + $request = new Request($this->container, array(), array(), array(), array(), array()); + $this->assertEmpty($request->getCookie('mycookie')); + + $request = new Request($this->container, array(), array(), array(), array(), array('mycookie' => 'miam')); + $this->assertEquals('miam', $request->getCookie('mycookie')); + } + + public function testGetHeader() + { + $request = new Request($this->container, array(), array(), array(), array(), array()); + $this->assertEmpty($request->getHeader('X-Forwarded-For')); + + $request = new Request($this->container, array('HTTP_X_FORWARDED_FOR' => 'test'), array(), array(), array(), array()); + $this->assertEquals('test', $request->getHeader('X-Forwarded-For')); + } + + public function testGetRemoteUser() + { + $request = new Request($this->container, array(), array(), array(), array(), array()); + $this->assertEmpty($request->getRemoteUser()); + + $request = new Request($this->container, array(REVERSE_PROXY_USER_HEADER => 'test'), array(), array(), array(), array()); + $this->assertEquals('test', $request->getRemoteUser()); + } + + public function testGetQueryString() + { + $request = new Request($this->container, array(), array(), array(), array(), array()); + $this->assertEmpty($request->getQueryString()); + + $request = new Request($this->container, array('QUERY_STRING' => 'k=v'), array(), array(), array(), array()); + $this->assertEquals('k=v', $request->getQueryString()); + } + + public function testGetUri() + { + $request = new Request($this->container, array(), array(), array(), array(), array()); + $this->assertEmpty($request->getUri()); + + $request = new Request($this->container, array('REQUEST_URI' => '/blah'), array(), array(), array(), array()); + $this->assertEquals('/blah', $request->getUri()); + } + + public function testGetUserAgent() + { + $request = new Request($this->container, array(), array(), array(), array(), array()); + $this->assertEquals('Unknown', $request->getUserAgent()); + + $request = new Request($this->container, array('HTTP_USER_AGENT' => 'My browser'), array(), array(), array(), array()); + $this->assertEquals('My browser', $request->getUserAgent()); + } + + public function testGetIpAddress() + { + $request = new Request($this->container, array(), array(), array(), array(), array()); + $this->assertEquals('Unknown', $request->getIpAddress()); + + $request = new Request($this->container, array('HTTP_X_FORWARDED_FOR' => '192.168.0.1,127.0.0.1'), array(), array(), array(), array()); + $this->assertEquals('192.168.0.1', $request->getIpAddress()); + + $request = new Request($this->container, array('REMOTE_ADDR' => '192.168.0.1'), array(), array(), array(), array()); + $this->assertEquals('192.168.0.1', $request->getIpAddress()); + + $request = new Request($this->container, array('REMOTE_ADDR' => ''), array(), array(), array(), array()); + $this->assertEquals('Unknown', $request->getIpAddress()); + } +} diff --git a/tests/units/Core/Ldap/ClientTest.php b/tests/units/Core/Ldap/ClientTest.php index 7b6e983d..d149500e 100644 --- a/tests/units/Core/Ldap/ClientTest.php +++ b/tests/units/Core/Ldap/ClientTest.php @@ -49,6 +49,13 @@ class ClientTest extends \Base self::$functions = null; } + public function testGetLdapServerNotConfigured() + { + $this->setExpectedException('\LogicException'); + $ldap = new Client; + $ldap->getLdapServer(); + } + public function testConnectSuccess() { self::$functions @@ -61,7 +68,8 @@ class ClientTest extends \Base ->will($this->returnValue('my_ldap_resource')); $ldap = new Client; - $this->assertEquals('my_ldap_resource', $ldap->getConnection('my_ldap_server')); + $ldap->open('my_ldap_server'); + $this->assertEquals('my_ldap_resource', $ldap->getConnection()); } public function testConnectFailure() @@ -78,7 +86,8 @@ class ClientTest extends \Base $this->setExpectedException('\Kanboard\Core\Ldap\ClientException'); $ldap = new Client; - $this->assertNotEquals('my_ldap_resource', $ldap->getConnection('my_ldap_server')); + $ldap->open('my_ldap_server'); + $this->assertNotEquals('my_ldap_resource', $ldap->getConnection()); } public function testConnectSuccessWithTLS() @@ -101,7 +110,8 @@ class ClientTest extends \Base ->will($this->returnValue(true)); $ldap = new Client; - $this->assertEquals('my_ldap_resource', $ldap->getConnection('my_ldap_server', 389, true)); + $ldap->open('my_ldap_server', 389, true); + $this->assertEquals('my_ldap_resource', $ldap->getConnection()); } public function testConnectFailureWithTLS() @@ -126,7 +136,8 @@ class ClientTest extends \Base $this->setExpectedException('\Kanboard\Core\Ldap\ClientException'); $ldap = new Client; - $this->assertNotEquals('my_ldap_resource', $ldap->getConnection('my_ldap_server', 389, true)); + $ldap->open('my_ldap_server', 389, true); + $this->assertNotEquals('my_ldap_resource', $ldap->getConnection()); } public function testAnonymousAuthenticationSuccess() @@ -134,13 +145,10 @@ class ClientTest extends \Base self::$functions ->expects($this->once()) ->method('ldap_bind') - ->with( - $this->equalTo('my_ldap_resource') - ) ->will($this->returnValue(true)); $ldap = new Client; - $this->assertTrue($ldap->useAnonymousAuthentication('my_ldap_resource')); + $this->assertTrue($ldap->useAnonymousAuthentication()); } public function testAnonymousAuthenticationFailure() @@ -148,21 +156,27 @@ class ClientTest extends \Base self::$functions ->expects($this->once()) ->method('ldap_bind') - ->with( - $this->equalTo('my_ldap_resource') - ) ->will($this->returnValue(false)); $this->setExpectedException('\Kanboard\Core\Ldap\ClientException'); $ldap = new Client; - $ldap->useAnonymousAuthentication('my_ldap_resource'); + $ldap->useAnonymousAuthentication(); } public function testUserAuthenticationSuccess() { self::$functions ->expects($this->once()) + ->method('ldap_connect') + ->with( + $this->equalTo('my_ldap_server'), + $this->equalTo(389) + ) + ->will($this->returnValue('my_ldap_resource')); + + self::$functions + ->expects($this->once()) ->method('ldap_bind') ->with( $this->equalTo('my_ldap_resource'), @@ -172,13 +186,23 @@ class ClientTest extends \Base ->will($this->returnValue(true)); $ldap = new Client; - $this->assertTrue($ldap->authenticate('my_ldap_resource', 'my_ldap_user', 'my_ldap_password')); + $ldap->open('my_ldap_server'); + $this->assertTrue($ldap->authenticate('my_ldap_user', 'my_ldap_password')); } public function testUserAuthenticationFailure() { self::$functions ->expects($this->once()) + ->method('ldap_connect') + ->with( + $this->equalTo('my_ldap_server'), + $this->equalTo(389) + ) + ->will($this->returnValue('my_ldap_resource')); + + self::$functions + ->expects($this->once()) ->method('ldap_bind') ->with( $this->equalTo('my_ldap_resource'), @@ -190,6 +214,7 @@ class ClientTest extends \Base $this->setExpectedException('\Kanboard\Core\Ldap\ClientException'); $ldap = new Client; - $ldap->authenticate('my_ldap_resource', 'my_ldap_user', 'my_ldap_password'); + $ldap->open('my_ldap_server'); + $ldap->authenticate('my_ldap_user', 'my_ldap_password'); } } diff --git a/tests/units/Core/Ldap/EntriesTest.php b/tests/units/Core/Ldap/EntriesTest.php new file mode 100644 index 00000000..65025b6e --- /dev/null +++ b/tests/units/Core/Ldap/EntriesTest.php @@ -0,0 +1,55 @@ +<?php + +require_once __DIR__.'/../../Base.php'; + +use Kanboard\Core\Ldap\Entries; + +class EntriesTest extends Base +{ + private $entries = array( + 'count' => 2, + 0 => array( + 'cn' => array( + 'count' => 1, + 0 => 'Kanboard Other Group', + ), + 0 => 'cn', + 'count' => 1, + 'dn' => 'CN=Kanboard Other Group,CN=Users,DC=kanboard,DC=local', + ), + 1 => array( + 'cn' => array( + 'count' => 1, + 0 => 'Kanboard Users', + ), + 0 => 'cn', + 'count' => 1, + 'dn' => 'CN=Kanboard Users,CN=Users,DC=kanboard,DC=local', + ), + ); + + public function testGetAll() + { + $entries = new Entries(array()); + $this->assertEmpty($entries->getAll()); + + $entries = new Entries($this->entries); + $result = $entries->getAll(); + $this->assertCount(2, $result); + $this->assertInstanceOf('Kanboard\Core\Ldap\Entry', $result[0]); + $this->assertEquals('CN=Kanboard Users,CN=Users,DC=kanboard,DC=local', $result[1]->getDn()); + $this->assertEquals('Kanboard Users', $result[1]->getFirstValue('cn')); + } + + public function testGetFirst() + { + $entries = new Entries(array()); + $this->assertEquals('', $entries->getFirstEntry()->getDn()); + + $entries = new Entries($this->entries); + $result = $entries->getFirstEntry(); + $this->assertInstanceOf('Kanboard\Core\Ldap\Entry', $result); + $this->assertEquals('CN=Kanboard Other Group,CN=Users,DC=kanboard,DC=local', $result->getDn()); + $this->assertEquals('Kanboard Other Group', $result->getFirstValue('cn')); + } +} diff --git a/tests/units/Core/Ldap/EntryTest.php b/tests/units/Core/Ldap/EntryTest.php new file mode 100644 index 00000000..45585e77 --- /dev/null +++ b/tests/units/Core/Ldap/EntryTest.php @@ -0,0 +1,71 @@ +<?php + +require_once __DIR__.'/../../Base.php'; + +use Kanboard\Core\Ldap\Entry; + +class EntryTest extends Base +{ + private $entry = array( + 'count' => 2, + 'dn' => 'uid=my_user,ou=People,dc=kanboard,dc=local', + 'displayname' => array( + 'count' => 1, + 0 => 'My LDAP user', + ), + 'broken' => array( + ), + 'mail' => array( + 'count' => 2, + 0 => 'user1@localhost', + 1 => 'user2@localhost', + ), + 'samaccountname' => array( + 'count' => 1, + 0 => 'my_ldap_user', + ), + 0 => 'displayname', + 1 => 'mail', + 2 => 'samaccountname', + ); + + public function testGetAll() + { + $expected = array( + 'user1@localhost', + 'user2@localhost', + ); + + $entry = new Entry($this->entry); + $this->assertEquals($expected, $entry->getAll('mail')); + $this->assertEmpty($entry->getAll('not found')); + $this->assertEmpty($entry->getAll('broken')); + } + + public function testGetFirst() + { + $entry = new Entry($this->entry); + $this->assertEquals('user1@localhost', $entry->getFirstValue('mail')); + $this->assertEquals('', $entry->getFirstValue('not found')); + $this->assertEquals('default', $entry->getFirstValue('not found', 'default')); + $this->assertEquals('default', $entry->getFirstValue('broken', 'default')); + } + + public function testGetDn() + { + $entry = new Entry($this->entry); + $this->assertEquals('uid=my_user,ou=People,dc=kanboard,dc=local', $entry->getDn()); + + $entry = new Entry(array()); + $this->assertEquals('', $entry->getDn()); + } + + public function testHasValue() + { + $entry = new Entry($this->entry); + $this->assertTrue($entry->hasValue('mail', 'user2@localhost')); + $this->assertFalse($entry->hasValue('mail', 'user3@localhost')); + $this->assertTrue($entry->hasValue('displayname', 'My LDAP user')); + $this->assertFalse($entry->hasValue('displayname', 'Something else')); + } +} diff --git a/tests/units/Core/Ldap/LdapGroupTest.php b/tests/units/Core/Ldap/LdapGroupTest.php new file mode 100644 index 00000000..3f538249 --- /dev/null +++ b/tests/units/Core/Ldap/LdapGroupTest.php @@ -0,0 +1,160 @@ +<?php + +require_once __DIR__.'/../../Base.php'; + +use Kanboard\Core\Ldap\Group; +use Kanboard\Core\Ldap\Entries; +use Kanboard\Core\Security\Role; + +class LdapGroupTest extends Base +{ + private $query; + private $client; + private $group; + + public function setUp() + { + parent::setUp(); + + $this->client = $this + ->getMockBuilder('\Kanboard\Core\Ldap\Client') + ->setMethods(array( + 'getConnection', + )) + ->getMock(); + + $this->query = $this + ->getMockBuilder('\Kanboard\Core\Ldap\Query') + ->setConstructorArgs(array($this->client)) + ->setMethods(array( + 'execute', + 'hasResult', + 'getEntries', + )) + ->getMock(); + + $this->group = $this + ->getMockBuilder('\Kanboard\Core\Ldap\Group') + ->setConstructorArgs(array($this->query)) + ->setMethods(array( + 'getAttributeName', + 'getBasDn', + )) + ->getMock(); + } + + public function testGetGroups() + { + $entries = new Entries(array( + 'count' => 2, + 0 => array( + 'cn' => array( + 'count' => 1, + 0 => 'Kanboard Other Group', + ), + 0 => 'cn', + 'count' => 1, + 'dn' => 'CN=Kanboard Other Group,CN=Users,DC=kanboard,DC=local', + ), + 1 => array( + 'cn' => array( + 'count' => 1, + 0 => 'Kanboard Users', + ), + 0 => 'cn', + 'count' => 1, + 'dn' => 'CN=Kanboard Users,CN=Users,DC=kanboard,DC=local', + ), + )); + + $this->client + ->expects($this->any()) + ->method('getConnection') + ->will($this->returnValue('my_ldap_resource')); + + $this->query + ->expects($this->once()) + ->method('execute') + ->with( + $this->equalTo('CN=Users,DC=kanboard,DC=local'), + $this->equalTo('(&(objectClass=group)(sAMAccountName=Kanboard*))') + ); + + $this->query + ->expects($this->once()) + ->method('hasResult') + ->will($this->returnValue(true)); + + $this->query + ->expects($this->once()) + ->method('getEntries') + ->will($this->returnValue($entries)); + + $this->group + ->expects($this->any()) + ->method('getAttributeName') + ->will($this->returnValue('cn')); + + $this->group + ->expects($this->any()) + ->method('getBasDn') + ->will($this->returnValue('CN=Users,DC=kanboard,DC=local')); + + $groups = $this->group->find('(&(objectClass=group)(sAMAccountName=Kanboard*))'); + $this->assertCount(2, $groups); + $this->assertInstanceOf('Kanboard\Group\LdapGroupProvider', $groups[0]); + $this->assertInstanceOf('Kanboard\Group\LdapGroupProvider', $groups[1]); + $this->assertEquals('Kanboard Other Group', $groups[0]->getName()); + $this->assertEquals('Kanboard Users', $groups[1]->getName()); + $this->assertEquals('CN=Kanboard Other Group,CN=Users,DC=kanboard,DC=local', $groups[0]->getExternalId()); + $this->assertEquals('CN=Kanboard Users,CN=Users,DC=kanboard,DC=local', $groups[1]->getExternalId()); + } + + public function testGetGroupsWithNoResult() + { + $entries = new Entries(array()); + + $this->client + ->expects($this->any()) + ->method('getConnection') + ->will($this->returnValue('my_ldap_resource')); + + $this->query + ->expects($this->once()) + ->method('execute') + ->with( + $this->equalTo('CN=Users,DC=kanboard,DC=local'), + $this->equalTo('(&(objectClass=group)(sAMAccountName=Kanboard*))') + ); + + $this->query + ->expects($this->once()) + ->method('hasResult') + ->will($this->returnValue(false)); + + $this->query + ->expects($this->never()) + ->method('getEntries'); + + $this->group + ->expects($this->any()) + ->method('getAttributeName') + ->will($this->returnValue('cn')); + + $this->group + ->expects($this->any()) + ->method('getBasDn') + ->will($this->returnValue('CN=Users,DC=kanboard,DC=local')); + + $groups = $this->group->find('(&(objectClass=group)(sAMAccountName=Kanboard*))'); + $this->assertCount(0, $groups); + } + + public function testGetBaseDnNotConfigured() + { + $this->setExpectedException('\LogicException'); + + $group = new Group($this->query); + $group->getBasDn(); + } +} diff --git a/tests/units/Core/Ldap/LdapUserTest.php b/tests/units/Core/Ldap/LdapUserTest.php new file mode 100644 index 00000000..2b3db1e5 --- /dev/null +++ b/tests/units/Core/Ldap/LdapUserTest.php @@ -0,0 +1,379 @@ +<?php + +require_once __DIR__.'/../../Base.php'; + +use Kanboard\Core\Ldap\User; +use Kanboard\Core\Ldap\Entries; +use Kanboard\Core\Security\Role; + +class LdapUserTest extends Base +{ + private $query; + private $client; + private $user; + + public function setUp() + { + parent::setUp(); + + $this->client = $this + ->getMockBuilder('\Kanboard\Core\Ldap\Client') + ->setMethods(array( + 'getConnection', + )) + ->getMock(); + + $this->query = $this + ->getMockBuilder('\Kanboard\Core\Ldap\Query') + ->setConstructorArgs(array($this->client)) + ->setMethods(array( + 'execute', + 'hasResult', + 'getEntries', + )) + ->getMock(); + + $this->user = $this + ->getMockBuilder('\Kanboard\Core\Ldap\User') + ->setConstructorArgs(array($this->query)) + ->setMethods(array( + 'getAttributeUsername', + 'getAttributeEmail', + 'getAttributeName', + 'getAttributeGroup', + 'getGroupAdminDn', + 'getGroupManagerDn', + 'getBasDn', + )) + ->getMock(); + } + + public function testGetUser() + { + $entries = new Entries(array( + 'count' => 1, + 0 => array( + 'count' => 2, + 'dn' => 'uid=my_ldap_user,ou=People,dc=kanboard,dc=local', + 'displayname' => array( + 'count' => 1, + 0 => 'My LDAP user', + ), + 'mail' => array( + 'count' => 2, + 0 => 'user1@localhost', + 1 => 'user2@localhost', + ), + 'samaccountname' => array( + 'count' => 1, + 0 => 'my_ldap_user', + ), + 0 => 'displayname', + 1 => 'mail', + 2 => 'samaccountname', + ) + )); + + $this->client + ->expects($this->any()) + ->method('getConnection') + ->will($this->returnValue('my_ldap_resource')); + + $this->query + ->expects($this->once()) + ->method('execute') + ->with( + $this->equalTo('ou=People,dc=kanboard,dc=local'), + $this->equalTo('(uid=my_ldap_user)') + ); + + $this->query + ->expects($this->once()) + ->method('hasResult') + ->will($this->returnValue(true)); + + $this->query + ->expects($this->once()) + ->method('getEntries') + ->will($this->returnValue($entries)); + + $this->user + ->expects($this->any()) + ->method('getAttributeUsername') + ->will($this->returnValue('samaccountname')); + + $this->user + ->expects($this->any()) + ->method('getAttributeName') + ->will($this->returnValue('displayname')); + + $this->user + ->expects($this->any()) + ->method('getAttributeEmail') + ->will($this->returnValue('mail')); + + $this->user + ->expects($this->any()) + ->method('getBasDn') + ->will($this->returnValue('ou=People,dc=kanboard,dc=local')); + + $user = $this->user->find('(uid=my_ldap_user)'); + $this->assertInstanceOf('Kanboard\User\LdapUserProvider', $user); + $this->assertEquals('uid=my_ldap_user,ou=People,dc=kanboard,dc=local', $user->getDn()); + $this->assertEquals('my_ldap_user', $user->getUsername()); + $this->assertEquals('My LDAP user', $user->getName()); + $this->assertEquals('user1@localhost', $user->getEmail()); + $this->assertEquals(Role::APP_USER, $user->getRole()); + $this->assertEquals(array(), $user->getExternalGroupIds()); + $this->assertEquals(array('is_ldap_user' => 1), $user->getExtraAttributes()); + } + + public function testGetUserWithAdminRole() + { + $entries = new Entries(array( + 'count' => 1, + 0 => array( + 'count' => 2, + 'dn' => 'uid=my_ldap_user,ou=People,dc=kanboard,dc=local', + 'displayname' => array( + 'count' => 1, + 0 => 'My LDAP user', + ), + 'mail' => array( + 'count' => 2, + 0 => 'user1@localhost', + 1 => 'user2@localhost', + ), + 'samaccountname' => array( + 'count' => 1, + 0 => 'my_ldap_user', + ), + 'memberof' => array( + 'count' => 1, + 0 => 'CN=Kanboard-Admins,CN=Users,DC=kanboard,DC=local', + ), + 0 => 'displayname', + 1 => 'mail', + 2 => 'samaccountname', + 3 => 'memberof', + ) + )); + + $this->client + ->expects($this->any()) + ->method('getConnection') + ->will($this->returnValue('my_ldap_resource')); + + $this->query + ->expects($this->once()) + ->method('execute') + ->with( + $this->equalTo('ou=People,dc=kanboard,dc=local'), + $this->equalTo('(uid=my_ldap_user)') + ); + + $this->query + ->expects($this->once()) + ->method('hasResult') + ->will($this->returnValue(true)); + + $this->query + ->expects($this->once()) + ->method('getEntries') + ->will($this->returnValue($entries)); + + $this->user + ->expects($this->any()) + ->method('getAttributeUsername') + ->will($this->returnValue('samaccountname')); + + $this->user + ->expects($this->any()) + ->method('getAttributeName') + ->will($this->returnValue('displayname')); + + $this->user + ->expects($this->any()) + ->method('getAttributeEmail') + ->will($this->returnValue('mail')); + + $this->user + ->expects($this->any()) + ->method('getAttributeGroup') + ->will($this->returnValue('memberof')); + + $this->user + ->expects($this->any()) + ->method('getGroupAdminDn') + ->will($this->returnValue('CN=Kanboard-Admins,CN=Users,DC=kanboard,DC=local')); + + $this->user + ->expects($this->any()) + ->method('getBasDn') + ->will($this->returnValue('ou=People,dc=kanboard,dc=local')); + + $user = $this->user->find('(uid=my_ldap_user)'); + $this->assertInstanceOf('Kanboard\User\LdapUserProvider', $user); + $this->assertEquals('uid=my_ldap_user,ou=People,dc=kanboard,dc=local', $user->getDn()); + $this->assertEquals('my_ldap_user', $user->getUsername()); + $this->assertEquals('My LDAP user', $user->getName()); + $this->assertEquals('user1@localhost', $user->getEmail()); + $this->assertEquals(Role::APP_ADMIN, $user->getRole()); + $this->assertEquals(array('CN=Kanboard-Admins,CN=Users,DC=kanboard,DC=local'), $user->getExternalGroupIds()); + $this->assertEquals(array('is_ldap_user' => 1), $user->getExtraAttributes()); + } + + public function testGetUserWithManagerRole() + { + $entries = new Entries(array( + 'count' => 1, + 0 => array( + 'count' => 2, + 'dn' => 'uid=my_ldap_user,ou=People,dc=kanboard,dc=local', + 'displayname' => array( + 'count' => 1, + 0 => 'My LDAP user', + ), + 'mail' => array( + 'count' => 2, + 0 => 'user1@localhost', + 1 => 'user2@localhost', + ), + 'samaccountname' => array( + 'count' => 1, + 0 => 'my_ldap_user', + ), + 'memberof' => array( + 'count' => 2, + 0 => 'CN=Kanboard-Users,CN=Users,DC=kanboard,DC=local', + 1 => 'CN=Kanboard-Managers,CN=Users,DC=kanboard,DC=local', + ), + 0 => 'displayname', + 1 => 'mail', + 2 => 'samaccountname', + 3 => 'memberof', + ) + )); + + $this->client + ->expects($this->any()) + ->method('getConnection') + ->will($this->returnValue('my_ldap_resource')); + + $this->query + ->expects($this->once()) + ->method('execute') + ->with( + $this->equalTo('ou=People,dc=kanboard,dc=local'), + $this->equalTo('(uid=my_ldap_user)') + ); + + $this->query + ->expects($this->once()) + ->method('hasResult') + ->will($this->returnValue(true)); + + $this->query + ->expects($this->once()) + ->method('getEntries') + ->will($this->returnValue($entries)); + + $this->user + ->expects($this->any()) + ->method('getAttributeUsername') + ->will($this->returnValue('samaccountname')); + + $this->user + ->expects($this->any()) + ->method('getAttributeName') + ->will($this->returnValue('displayname')); + + $this->user + ->expects($this->any()) + ->method('getAttributeEmail') + ->will($this->returnValue('mail')); + + $this->user + ->expects($this->any()) + ->method('getAttributeGroup') + ->will($this->returnValue('memberof')); + + $this->user + ->expects($this->any()) + ->method('getGroupManagerDn') + ->will($this->returnValue('CN=Kanboard-Managers,CN=Users,DC=kanboard,DC=local')); + + $this->user + ->expects($this->any()) + ->method('getBasDn') + ->will($this->returnValue('ou=People,dc=kanboard,dc=local')); + + $user = $this->user->find('(uid=my_ldap_user)'); + $this->assertInstanceOf('Kanboard\User\LdapUserProvider', $user); + $this->assertEquals('uid=my_ldap_user,ou=People,dc=kanboard,dc=local', $user->getDn()); + $this->assertEquals('my_ldap_user', $user->getUsername()); + $this->assertEquals('My LDAP user', $user->getName()); + $this->assertEquals('user1@localhost', $user->getEmail()); + $this->assertEquals(Role::APP_MANAGER, $user->getRole()); + $this->assertEquals(array('CN=Kanboard-Users,CN=Users,DC=kanboard,DC=local', 'CN=Kanboard-Managers,CN=Users,DC=kanboard,DC=local'), $user->getExternalGroupIds()); + $this->assertEquals(array('is_ldap_user' => 1), $user->getExtraAttributes()); + } + + public function testGetUserNotFound() + { + $entries = new Entries(array()); + + $this->client + ->expects($this->any()) + ->method('getConnection') + ->will($this->returnValue('my_ldap_resource')); + + $this->query + ->expects($this->once()) + ->method('execute') + ->with( + $this->equalTo('ou=People,dc=kanboard,dc=local'), + $this->equalTo('(uid=my_ldap_user)') + ); + + $this->query + ->expects($this->once()) + ->method('hasResult') + ->will($this->returnValue(false)); + + $this->query + ->expects($this->never()) + ->method('getEntries'); + + $this->user + ->expects($this->any()) + ->method('getAttributeUsername') + ->will($this->returnValue('samaccountname')); + + $this->user + ->expects($this->any()) + ->method('getAttributeName') + ->will($this->returnValue('displayname')); + + $this->user + ->expects($this->any()) + ->method('getAttributeEmail') + ->will($this->returnValue('mail')); + + $this->user + ->expects($this->any()) + ->method('getBasDn') + ->will($this->returnValue('ou=People,dc=kanboard,dc=local')); + + $user = $this->user->find('(uid=my_ldap_user)'); + $this->assertEquals(null, $user); + } + + public function testGetBaseDnNotConfigured() + { + $this->setExpectedException('\LogicException'); + + $user = new User($this->query); + $user->getBasDn(); + } +} diff --git a/tests/units/Core/Ldap/QueryTest.php b/tests/units/Core/Ldap/QueryTest.php index 2eb3940f..b3987df0 100644 --- a/tests/units/Core/Ldap/QueryTest.php +++ b/tests/units/Core/Ldap/QueryTest.php @@ -17,6 +17,7 @@ function ldap_get_entries($link_identifier, $result_identifier) class QueryTest extends \Base { public static $functions; + private $client; public function setUp() { @@ -29,6 +30,13 @@ class QueryTest extends \Base 'ldap_get_entries', )) ->getMock(); + + $this->client = $this + ->getMockBuilder('\Kanboard\Core\Ldap\Client') + ->setMethods(array( + 'getConnection', + )) + ->getMock(); } public function tearDown() @@ -58,6 +66,11 @@ class QueryTest extends \Base ) ); + $this->client + ->expects($this->any()) + ->method('getConnection') + ->will($this->returnValue('my_ldap_resource')); + self::$functions ->expects($this->once()) ->method('ldap_search') @@ -78,20 +91,25 @@ class QueryTest extends \Base ) ->will($this->returnValue($entries)); - $query = new Query; - $query->execute('my_ldap_resource', 'ou=People,dc=kanboard,dc=local', 'uid=my_user', array('displayname')); + $query = new Query($this->client); + $query->execute('ou=People,dc=kanboard,dc=local', 'uid=my_user', array('displayname')); $this->assertTrue($query->hasResult()); - $this->assertEquals('My user', $query->getAttributeValue('displayname')); - $this->assertEquals('user1@localhost', $query->getAttributeValue('mail')); - $this->assertEquals('', $query->getAttributeValue('not_found')); + $this->assertEquals('My user', $query->getEntries()->getFirstEntry()->getFirstValue('displayname')); + $this->assertEquals('user1@localhost', $query->getEntries()->getFirstEntry()->getFirstValue('mail')); + $this->assertEquals('', $query->getEntries()->getFirstEntry()->getFirstValue('not_found')); - $this->assertEquals('uid=my_user,ou=People,dc=kanboard,dc=local', $query->getAttribute('dn')); - $this->assertEquals(null, $query->getAttribute('missing')); + $this->assertEquals('uid=my_user,ou=People,dc=kanboard,dc=local', $query->getEntries()->getFirstEntry()->getDn()); + $this->assertEquals('', $query->getEntries()->getFirstEntry()->getFirstValue('missing')); } public function testExecuteQueryNotFound() { + $this->client + ->expects($this->any()) + ->method('getConnection') + ->will($this->returnValue('my_ldap_resource')); + self::$functions ->expects($this->once()) ->method('ldap_search') @@ -112,13 +130,18 @@ class QueryTest extends \Base ) ->will($this->returnValue(array())); - $query = new Query; - $query->execute('my_ldap_resource', 'ou=People,dc=kanboard,dc=local', 'uid=my_user', array('displayname')); + $query = new Query($this->client); + $query->execute('ou=People,dc=kanboard,dc=local', 'uid=my_user', array('displayname')); $this->assertFalse($query->hasResult()); } public function testExecuteQueryFailed() { + $this->client + ->expects($this->once()) + ->method('getConnection') + ->will($this->returnValue('my_ldap_resource')); + self::$functions ->expects($this->once()) ->method('ldap_search') @@ -130,8 +153,8 @@ class QueryTest extends \Base ) ->will($this->returnValue(false)); - $query = new Query; - $query->execute('my_ldap_resource', 'ou=People,dc=kanboard,dc=local', 'uid=my_user', array('displayname')); + $query = new Query($this->client); + $query->execute('ou=People,dc=kanboard,dc=local', 'uid=my_user', array('displayname')); $this->assertFalse($query->hasResult()); } } diff --git a/tests/units/Core/Ldap/UserTest.php b/tests/units/Core/Ldap/UserTest.php deleted file mode 100644 index 56cc588c..00000000 --- a/tests/units/Core/Ldap/UserTest.php +++ /dev/null @@ -1,95 +0,0 @@ -<?php - -namespace Kanboard\Core\Ldap; - -require_once __DIR__.'/../../Base.php'; - -class UserTest extends \Base -{ - public function testGetProfile() - { - $entries = array( - 'count' => 1, - 0 => array( - 'count' => 2, - 'dn' => 'uid=my_user,ou=People,dc=kanboard,dc=local', - 'displayname' => array( - 'count' => 1, - 0 => 'My LDAP user', - ), - 'mail' => array( - 'count' => 2, - 0 => 'user1@localhost', - 1 => 'user2@localhost', - ), - 'samaccountname' => array( - 'count' => 1, - 0 => 'my_ldap_user', - ), - 0 => 'displayname', - 1 => 'mail', - 2 => 'samaccountname', - ) - ); - - $expected = array( - 'ldap_id' => 'uid=my_user,ou=People,dc=kanboard,dc=local', - 'username' => 'my_ldap_user', - 'name' => 'My LDAP user', - 'email' => 'user1@localhost', - 'is_admin' => 0, - 'is_project_admin' => 0, - 'is_ldap_user' => 1, - ); - - $query = $this - ->getMockBuilder('\Kanboard\Core\Ldap\Query') - ->setConstructorArgs(array($entries)) - ->setMethods(array( - 'execute', - 'hasResult', - )) - ->getMock(); - - $query - ->expects($this->once()) - ->method('execute') - ->with( - $this->equalTo('my_ldap_resource'), - $this->equalTo('ou=People,dc=kanboard,dc=local'), - $this->equalTo('(uid=my_user)') - ); - - $query - ->expects($this->once()) - ->method('hasResult') - ->will($this->returnValue(true)); - - $user = $this - ->getMockBuilder('\Kanboard\Core\Ldap\User') - ->setConstructorArgs(array($query)) - ->setMethods(array( - 'getAttributeUsername', - 'getAttributeEmail', - 'getAttributeName', - )) - ->getMock(); - - $user - ->expects($this->any()) - ->method('getAttributeUsername') - ->will($this->returnValue('samaccountname')); - - $user - ->expects($this->any()) - ->method('getAttributeName') - ->will($this->returnValue('displayname')); - - $user - ->expects($this->any()) - ->method('getAttributeEmail') - ->will($this->returnValue('mail')); - - $this->assertEquals($expected, $user->getProfile('my_ldap_resource', 'ou=People,dc=kanboard,dc=local', '(uid=my_user)')); - } -} diff --git a/tests/units/Core/Security/AccessMapTest.php b/tests/units/Core/Security/AccessMapTest.php index ab74e036..61693ce8 100644 --- a/tests/units/Core/Security/AccessMapTest.php +++ b/tests/units/Core/Security/AccessMapTest.php @@ -6,17 +6,34 @@ use Kanboard\Core\Security\AccessMap; class AccessMapTest extends Base { - public function testGetRoles() + public function testRoleHierarchy() + { + $acl = new AccessMap; + $acl->setRoleHierarchy('admin', array('manager', 'user')); + $acl->setRoleHierarchy('manager', array('user')); + + $this->assertEquals(array('admin'), $acl->getRoleHierarchy('admin')); + $this->assertEquals(array('manager', 'admin'), $acl->getRoleHierarchy('manager')); + $this->assertEquals(array('user', 'admin', 'manager'), $acl->getRoleHierarchy('user')); + } + + public function testAddRulesAndGetRoles() { $acl = new AccessMap; $acl->setDefaultRole('role3'); - $acl->add('MyController', 'myAction1', array('role1', 'role2')); - $acl->add('MyController', 'myAction2', array('role1')); - $acl->add('MyAdminController', '*', array('role2')); + $acl->setRoleHierarchy('role2', array('role1')); + + $acl->add('MyController', 'myAction1', 'role2'); + $acl->add('MyController', 'myAction2', 'role1'); + $acl->add('MyAdminController', '*', 'role2'); + $acl->add('SomethingElse', array('actionA', 'actionB'), 'role2'); - $this->assertEquals(array('role1', 'role2'), $acl->getRoles('mycontroller', 'MyAction1')); - $this->assertEquals(array('role1'), $acl->getRoles('mycontroller', 'MyAction2')); + $this->assertEquals(array('role2'), $acl->getRoles('mycontroller', 'MyAction1')); + $this->assertEquals(array('role1', 'role2'), $acl->getRoles('mycontroller', 'MyAction2')); $this->assertEquals(array('role2'), $acl->getRoles('Myadmincontroller', 'MyAction')); $this->assertEquals(array('role3'), $acl->getRoles('AnotherController', 'ActionNotFound')); + $this->assertEquals(array('role2'), $acl->getRoles('somethingelse', 'actiona')); + $this->assertEquals(array('role2'), $acl->getRoles('somethingelse', 'actionb')); + $this->assertEquals(array('role3'), $acl->getRoles('somethingelse', 'actionc')); } } diff --git a/tests/units/Core/Security/AuthenticationManagerTest.php b/tests/units/Core/Security/AuthenticationManagerTest.php new file mode 100644 index 00000000..c2369626 --- /dev/null +++ b/tests/units/Core/Security/AuthenticationManagerTest.php @@ -0,0 +1,150 @@ +<?php + +require_once __DIR__.'/../../Base.php'; + +use Kanboard\Core\Http\Request; +use Kanboard\Core\Security\AuthenticationManager; +use Kanboard\Auth\DatabaseAuth; +use Kanboard\Auth\TotpAuth; +use Kanboard\Auth\ReverseProxyAuth; + +class AuthenticationManagerTest extends Base +{ + public function testRegister() + { + $authManager = new AuthenticationManager($this->container); + $authManager->register(new DatabaseAuth($this->container)); + $provider = $authManager->getProvider('Database'); + + $this->assertInstanceOf('Kanboard\Core\Security\AuthenticationProviderInterface', $provider); + } + + public function testGetProviderNotFound() + { + $authManager = new AuthenticationManager($this->container); + $this->setExpectedException('LogicException'); + $authManager->getProvider('Dababase'); + } + + public function testGetPostProviderNotFound() + { + $authManager = new AuthenticationManager($this->container); + $this->setExpectedException('LogicException'); + $authManager->getPostAuthenticationProvider(); + } + + public function testGetPostProvider() + { + $authManager = new AuthenticationManager($this->container); + $authManager->register(new TotpAuth($this->container)); + $provider = $authManager->getPostAuthenticationProvider(); + + $this->assertInstanceOf('Kanboard\Core\Security\PostAuthenticationProviderInterface', $provider); + } + + public function testCheckSessionWhenNobodyIsLogged() + { + $authManager = new AuthenticationManager($this->container); + $authManager->register(new DatabaseAuth($this->container)); + + $this->assertFalse($this->container['userSession']->isLogged()); + $this->assertTrue($authManager->checkCurrentSession()); + } + + public function testCheckSessionWhenSomeoneIsLogged() + { + $authManager = new AuthenticationManager($this->container); + $authManager->register(new DatabaseAuth($this->container)); + + $this->container['sessionStorage']->user = array('id' => 1); + + $this->assertTrue($this->container['userSession']->isLogged()); + $this->assertTrue($authManager->checkCurrentSession()); + } + + public function testCheckSessionWhenNotValid() + { + $authManager = new AuthenticationManager($this->container); + $authManager->register(new DatabaseAuth($this->container)); + + $this->container['sessionStorage']->user = array('id' => 2); + + $this->assertTrue($this->container['userSession']->isLogged()); + $this->assertFalse($authManager->checkCurrentSession()); + $this->assertFalse($this->container['userSession']->isLogged()); + } + + public function testPreAuthenticationSuccessful() + { + $this->container['request'] = new Request($this->container, array(REVERSE_PROXY_USER_HEADER => 'admin')); + $this->container['dispatcher']->addListener(AuthenticationManager::EVENT_SUCCESS, array($this, 'onSuccess')); + $this->container['dispatcher']->addListener(AuthenticationManager::EVENT_FAILURE, array($this, 'onFailure')); + + $authManager = new AuthenticationManager($this->container); + $authManager->register(new ReverseProxyAuth($this->container)); + + $this->assertTrue($authManager->preAuthentication()); + + $called = $this->container['dispatcher']->getCalledListeners(); + $this->assertArrayHasKey(AuthenticationManager::EVENT_SUCCESS.'.AuthenticationManagerTest::onSuccess', $called); + $this->assertArrayNotHasKey(AuthenticationManager::EVENT_FAILURE.'.AuthenticationManagerTest::onFailure', $called); + } + + public function testPreAuthenticationFailed() + { + $this->container['request'] = new Request($this->container, array(REVERSE_PROXY_USER_HEADER => '')); + $this->container['dispatcher']->addListener(AuthenticationManager::EVENT_SUCCESS, array($this, 'onSuccess')); + $this->container['dispatcher']->addListener(AuthenticationManager::EVENT_FAILURE, array($this, 'onFailure')); + + $authManager = new AuthenticationManager($this->container); + $authManager->register(new ReverseProxyAuth($this->container)); + + $this->assertFalse($authManager->preAuthentication()); + + $called = $this->container['dispatcher']->getCalledListeners(); + $this->assertArrayNotHasKey(AuthenticationManager::EVENT_SUCCESS.'.AuthenticationManagerTest::onSuccess', $called); + $this->assertArrayNotHasKey(AuthenticationManager::EVENT_FAILURE.'.AuthenticationManagerTest::onFailure', $called); + } + + public function testPasswordAuthenticationSuccessful() + { + $this->container['dispatcher']->addListener(AuthenticationManager::EVENT_SUCCESS, array($this, 'onSuccess')); + $this->container['dispatcher']->addListener(AuthenticationManager::EVENT_FAILURE, array($this, 'onFailure')); + + $authManager = new AuthenticationManager($this->container); + $authManager->register(new DatabaseAuth($this->container)); + + $this->assertTrue($authManager->passwordAuthentication('admin', 'admin')); + + $called = $this->container['dispatcher']->getCalledListeners(); + $this->assertArrayHasKey(AuthenticationManager::EVENT_SUCCESS.'.AuthenticationManagerTest::onSuccess', $called); + $this->assertArrayNotHasKey(AuthenticationManager::EVENT_FAILURE.'.AuthenticationManagerTest::onFailure', $called); + } + + public function testPasswordAuthenticationFailed() + { + $this->container['dispatcher']->addListener(AuthenticationManager::EVENT_SUCCESS, array($this, 'onSuccess')); + $this->container['dispatcher']->addListener(AuthenticationManager::EVENT_FAILURE, array($this, 'onFailure')); + + $authManager = new AuthenticationManager($this->container); + $authManager->register(new DatabaseAuth($this->container)); + + $this->assertFalse($authManager->passwordAuthentication('admin', 'wrong password')); + + $called = $this->container['dispatcher']->getCalledListeners(); + $this->assertArrayNotHasKey(AuthenticationManager::EVENT_SUCCESS.'.AuthenticationManagerTest::onSuccess', $called); + $this->assertArrayHasKey(AuthenticationManager::EVENT_FAILURE.'.AuthenticationManagerTest::onFailure', $called); + } + + public function onSuccess($event) + { + $this->assertInstanceOf('Kanboard\Event\AuthSuccessEvent', $event); + $this->assertTrue(in_array($event->getAuthType(), array('Database', 'ReverseProxy'))); + } + + public function onFailure($event) + { + $this->assertInstanceOf('Kanboard\Event\AuthFailureEvent', $event); + $this->assertEquals('admin', $event->getUsername()); + } +} diff --git a/tests/units/Core/Security/AuthorizationTest.php b/tests/units/Core/Security/AuthorizationTest.php index ffeb3741..70561ad8 100644 --- a/tests/units/Core/Security/AuthorizationTest.php +++ b/tests/units/Core/Security/AuthorizationTest.php @@ -12,17 +12,28 @@ class AuthorizationTest extends Base { $acl = new AccessMap; $acl->setDefaultRole(Role::APP_USER); - $acl->add('MyController', 'myAction1', array(Role::APP_ADMIN, Role::APP_MANAGER)); - $acl->add('MyController', 'myAction2', array(Role::APP_ADMIN)); - $acl->add('MyAdminController', '*', array(Role::APP_MANAGER)); + $acl->setRoleHierarchy(Role::APP_ADMIN, array(Role::APP_MANAGER, Role::APP_USER)); + $acl->setRoleHierarchy(Role::APP_MANAGER, array(Role::APP_USER)); + + $acl->add('MyController', 'myAction1', Role::APP_MANAGER); + $acl->add('MyController', 'myAction2', Role::APP_ADMIN); + $acl->add('MyManagerController', '*', Role::APP_MANAGER); $authorization = new Authorization($acl); + $this->assertTrue($authorization->isAllowed('myController', 'myAction1', Role::APP_ADMIN)); $this->assertTrue($authorization->isAllowed('myController', 'myAction1', Role::APP_MANAGER)); $this->assertFalse($authorization->isAllowed('myController', 'myAction1', Role::APP_USER)); - $this->assertTrue($authorization->isAllowed('anotherController', 'anotherAction', Role::APP_USER)); - $this->assertTrue($authorization->isAllowed('MyAdminController', 'myAction', Role::APP_MANAGER)); - $this->assertFalse($authorization->isAllowed('MyAdminController', 'myAction', Role::APP_ADMIN)); - $this->assertFalse($authorization->isAllowed('MyAdminController', 'myAction', 'something else')); + $this->assertFalse($authorization->isAllowed('myController', 'myAction1', 'something else')); + + $this->assertTrue($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_ADMIN)); + $this->assertTrue($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_MANAGER)); + $this->assertFalse($authorization->isAllowed('MyManagerController', 'myAction', Role::APP_USER)); + $this->assertFalse($authorization->isAllowed('MyManagerController', 'myAction', 'something else')); + + $this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_ADMIN)); + $this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_MANAGER)); + $this->assertTrue($authorization->isAllowed('MyUserController', 'myAction', Role::APP_USER)); + $this->assertFalse($authorization->isAllowed('MyUserController', 'myAction', 'something else')); } } diff --git a/tests/units/Core/User/GroupSyncTest.php b/tests/units/Core/User/GroupSyncTest.php new file mode 100644 index 00000000..e22b86d4 --- /dev/null +++ b/tests/units/Core/User/GroupSyncTest.php @@ -0,0 +1,30 @@ +<?php + +require_once __DIR__.'/../../Base.php'; + +use Kanboard\Core\User\GroupSync; +use Kanboard\Model\Group; +use Kanboard\Model\GroupMember; + +class GroupSyncTest extends Base +{ + public function testSynchronize() + { + $group = new Group($this->container); + $groupMember = new GroupMember($this->container); + $groupSync = new GroupSync($this->container); + + $this->assertEquals(1, $group->create('My Group 1', 'externalId1')); + $this->assertEquals(2, $group->create('My Group 2', 'externalId2')); + + $this->assertTrue($groupMember->addUser(1, 1)); + + $this->assertTrue($groupMember->isMember(1, 1)); + $this->assertFalse($groupMember->isMember(2, 1)); + + $groupSync->synchronize(1, array('externalId1', 'externalId2', 'externalId3')); + + $this->assertTrue($groupMember->isMember(1, 1)); + $this->assertTrue($groupMember->isMember(2, 1)); + } +} diff --git a/tests/units/Core/User/UserProfileTest.php b/tests/units/Core/User/UserProfileTest.php new file mode 100644 index 00000000..4886a945 --- /dev/null +++ b/tests/units/Core/User/UserProfileTest.php @@ -0,0 +1,63 @@ +<?php + +require_once __DIR__.'/../../Base.php'; + +use Kanboard\Core\Security\Role; +use Kanboard\Core\User\UserProfile; +use Kanboard\User\LdapUserProvider; +use Kanboard\User\DatabaseUserProvider; + +class UserProfileTest extends Base +{ + public function testInitializeLocalUser() + { + $userProfile = new UserProfile($this->container); + $user = new DatabaseUserProvider(array('id' => 1)); + + $this->assertTrue($userProfile->initialize($user)); + $this->assertNotEmpty($this->container['sessionStorage']->user); + $this->assertEquals('admin', $this->container['sessionStorage']->user['username']); + } + + public function testInitializeLocalUserNotFound() + { + $userProfile = new UserProfile($this->container); + $user = new DatabaseUserProvider(array('id' => 2)); + + $this->assertFalse($userProfile->initialize($user)); + $this->assertFalse(isset($this->container['sessionStorage']->user)); + } + + public function testInitializeRemoteUser() + { + $userProfile = new UserProfile($this->container); + $user = new LdapUserProvider('ldapId', 'bob', 'Bob', '', Role::APP_MANAGER, array()); + + $this->assertTrue($userProfile->initialize($user)); + $this->assertNotEmpty($this->container['sessionStorage']->user); + $this->assertEquals(2, $this->container['sessionStorage']->user['id']); + $this->assertEquals('bob', $this->container['sessionStorage']->user['username']); + $this->assertEquals(Role::APP_MANAGER, $this->container['sessionStorage']->user['role']); + + $user = new LdapUserProvider('ldapId', 'bob', 'Bob', '', Role::APP_MANAGER, array()); + + $this->assertTrue($userProfile->initialize($user)); + $this->assertNotEmpty($this->container['sessionStorage']->user); + $this->assertEquals(2, $this->container['sessionStorage']->user['id']); + $this->assertEquals('bob', $this->container['sessionStorage']->user['username']); + } + + public function testAssignRemoteUser() + { + $userProfile = new UserProfile($this->container); + $user = new LdapUserProvider('ldapId', 'bob', 'Bob', '', Role::APP_MANAGER, array()); + + $this->assertTrue($userProfile->assign(1, $user)); + $this->assertNotEmpty($this->container['sessionStorage']->user); + $this->assertEquals(1, $this->container['sessionStorage']->user['id']); + $this->assertEquals('admin', $this->container['sessionStorage']->user['username']); + $this->assertEquals('Bob', $this->container['sessionStorage']->user['name']); + $this->assertEquals('', $this->container['sessionStorage']->user['email']); + $this->assertEquals(Role::APP_ADMIN, $this->container['sessionStorage']->user['role']); + } +} diff --git a/tests/units/Core/User/UserPropertyTest.php b/tests/units/Core/User/UserPropertyTest.php new file mode 100644 index 00000000..170eab4c --- /dev/null +++ b/tests/units/Core/User/UserPropertyTest.php @@ -0,0 +1,60 @@ +<?php + +require_once __DIR__.'/../../Base.php'; + +use Kanboard\Core\Security\Role; +use Kanboard\Core\User\UserProperty; +use Kanboard\User\LdapUserProvider; + +class UserPropertyTest extends Base +{ + public function testGetProperties() + { + $user = new LdapUserProvider('ldapId', 'bob', 'Bob', '', Role::APP_USER, array()); + + $expected = array( + 'username' => 'bob', + 'name' => 'Bob', + 'role' => Role::APP_USER, + 'is_ldap_user' => 1, + ); + + $this->assertEquals($expected, UserProperty::getProperties($user)); + + $user = new LdapUserProvider('ldapId', 'bob', '', '', '', array()); + + $expected = array( + 'username' => 'bob', + 'is_ldap_user' => 1, + ); + + $this->assertEquals($expected, UserProperty::getProperties($user)); + } + + public function testFilterProperties() + { + $profile = array( + 'id' => 123, + 'username' => 'bob', + 'name' => null, + 'email' => '', + 'other_column' => 'myvalue', + 'role' => Role::APP_ADMIN, + ); + + $properties = array( + 'external_id' => '456', + 'username' => 'bobby', + 'name' => 'Bobby', + 'email' => 'admin@localhost', + 'role' => '', + ); + + $expected = array( + 'name' => 'Bobby', + 'email' => 'admin@localhost', + ); + + $this->assertEquals($expected, UserProperty::filterProperties($profile, $properties)); + } +} diff --git a/tests/units/Model/UserSessionTest.php b/tests/units/Core/User/UserSessionTest.php index ba1f8aac..64413f98 100644 --- a/tests/units/Model/UserSessionTest.php +++ b/tests/units/Core/User/UserSessionTest.php @@ -1,8 +1,9 @@ <?php -require_once __DIR__.'/../Base.php'; +require_once __DIR__.'/../../Base.php'; -use Kanboard\Model\UserSession; +use Kanboard\Core\User\UserSession; +use Kanboard\Core\Security\Role; class UserSessionTest extends Base { @@ -19,6 +20,7 @@ class UserSessionTest extends Base 'is_project_admin' => '0', 'is_ldap_user' => '0', 'twofactor_activated' => '0', + 'role' => Role::APP_MANAGER, ); $us->initialize($user); @@ -28,12 +30,13 @@ class UserSessionTest extends Base $this->assertNotEmpty($session); $this->assertEquals(123, $session['user']['id']); $this->assertEquals('john', $session['user']['username']); - $this->assertTrue($session['user']['is_admin']); - $this->assertFalse($session['user']['is_project_admin']); + $this->assertEquals(Role::APP_MANAGER, $session['user']['role']); $this->assertFalse($session['user']['is_ldap_user']); $this->assertFalse($session['user']['twofactor_activated']); $this->assertArrayNotHasKey('password', $session['user']); $this->assertArrayNotHasKey('twofactor_secret', $session['user']); + $this->assertArrayNotHasKey('is_admin', $session['user']); + $this->assertArrayNotHasKey('is_project_admin', $session['user']); $this->assertEquals('john', $us->getUsername()); } @@ -70,30 +73,14 @@ class UserSessionTest extends Base $this->assertFalse($us->isAdmin()); - $this->container['sessionStorage']->user = array('is_admin' => '1'); - $this->assertFalse($us->isAdmin()); + $this->container['sessionStorage']->user = array('role' => Role::APP_ADMIN); + $this->assertTrue($us->isAdmin()); - $this->container['sessionStorage']->user = array('is_admin' => '2'); + $this->container['sessionStorage']->user = array('role' => Role::APP_USER); $this->assertFalse($us->isAdmin()); - $this->container['sessionStorage']->user = array('is_admin' => false); + $this->container['sessionStorage']->user = array('role' => ''); $this->assertFalse($us->isAdmin()); - - $this->container['sessionStorage']->user = array('is_admin' => true); - $this->assertTrue($us->isAdmin()); - } - - public function testIsProjectAdmin() - { - $us = new UserSession($this->container); - - $this->assertFalse($us->isProjectAdmin()); - - $this->container['sessionStorage']->user = array('is_project_admin' => false); - $this->assertFalse($us->isProjectAdmin()); - - $this->container['sessionStorage']->user = array('is_project_admin' => true); - $this->assertTrue($us->isProjectAdmin()); } public function testCommentSorting() @@ -131,28 +118,27 @@ class UserSessionTest extends Base $this->assertEquals('assignee:bob', $us->getFilters(2)); } - public function test2FA() + public function testPostAuthentication() { $us = new UserSession($this->container); + $this->assertFalse($us->isPostAuthenticationValidated()); - $this->assertFalse($us->check2FA()); - - $this->container['sessionStorage']->postAuth = array('validated' => false); - $this->assertFalse($us->check2FA()); + $this->container['sessionStorage']->postAuthenticationValidated = false; + $this->assertFalse($us->isPostAuthenticationValidated()); - $this->container['sessionStorage']->postAuth = array('validated' => true); - $this->assertTrue($us->check2FA()); + $us->validatePostAuthentication(); + $this->assertTrue($us->isPostAuthenticationValidated()); $this->container['sessionStorage']->user = array(); - $this->assertFalse($us->has2FA()); + $this->assertFalse($us->hasPostAuthentication()); $this->container['sessionStorage']->user = array('twofactor_activated' => false); - $this->assertFalse($us->has2FA()); + $this->assertFalse($us->hasPostAuthentication()); $this->container['sessionStorage']->user = array('twofactor_activated' => true); - $this->assertTrue($us->has2FA()); + $this->assertTrue($us->hasPostAuthentication()); - $us->disable2FA(); - $this->assertFalse($us->has2FA()); + $us->disablePostAuthentication(); + $this->assertFalse($us->hasPostAuthentication()); } } diff --git a/tests/units/Core/User/UserSyncTest.php b/tests/units/Core/User/UserSyncTest.php new file mode 100644 index 00000000..e7ce42b2 --- /dev/null +++ b/tests/units/Core/User/UserSyncTest.php @@ -0,0 +1,55 @@ +<?php + +require_once __DIR__.'/../../Base.php'; + +use Kanboard\Core\Security\Role; +use Kanboard\Core\User\UserSync; +use Kanboard\User\LdapUserProvider; + +class UserSyncTest extends Base +{ + public function testSynchronizeNewUser() + { + $user = new LdapUserProvider('ldapId', 'bob', 'Bob', '', Role::APP_MANAGER, array()); + $userSync = new UserSync($this->container); + + $profile = array( + 'id' => 2, + 'username' => 'bob', + 'name' => 'Bob', + 'email' => '', + 'role' => Role::APP_MANAGER, + 'is_ldap_user' => 1, + ); + + $this->assertArraySubset($profile, $userSync->synchronize($user)); + } + + public function testSynchronizeExistingUser() + { + $userSync = new UserSync($this->container); + $user = new LdapUserProvider('ldapId', 'admin', 'Admin', 'email@localhost', Role::APP_MANAGER, array()); + + $profile = array( + 'id' => 1, + 'username' => 'admin', + 'name' => 'Admin', + 'email' => 'email@localhost', + 'role' => Role::APP_MANAGER, + ); + + $this->assertArraySubset($profile, $userSync->synchronize($user)); + + $user = new LdapUserProvider('ldapId', 'admin', '', '', Role::APP_ADMIN, array()); + + $profile = array( + 'id' => 1, + 'username' => 'admin', + 'name' => 'Admin', + 'email' => 'email@localhost', + 'role' => Role::APP_ADMIN, + ); + + $this->assertArraySubset($profile, $userSync->synchronize($user)); + } +} diff --git a/tests/units/Helper/UserHelperTest.php b/tests/units/Helper/UserHelperTest.php index eba977ee..2b503157 100644 --- a/tests/units/Helper/UserHelperTest.php +++ b/tests/units/Helper/UserHelperTest.php @@ -4,172 +4,227 @@ require_once __DIR__.'/../Base.php'; use Kanboard\Helper\User; use Kanboard\Model\Project; -use Kanboard\Model\ProjectPermission; +use Kanboard\Model\ProjectUserRole; use Kanboard\Model\User as UserModel; +use Kanboard\Core\Security\Role; class UserHelperTest extends Base { public function testInitials() { - $h = new User($this->container); + $helper = new User($this->container); - $this->assertEquals('CN', $h->getInitials('chuck norris')); - $this->assertEquals('A', $h->getInitials('admin')); + $this->assertEquals('CN', $helper->getInitials('chuck norris')); + $this->assertEquals('A', $helper->getInitials('admin')); } - public function testIsProjectAdministrationAllowedForProjectAdmin() + public function testGetRoleName() { - $h = new User($this->container); - $p = new Project($this->container); - $pp = new ProjectPermission($this->container); - $u = new UserModel($this->container); - - // We create our user - $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest'))); + $helper = new User($this->container); + $this->assertEquals('Administrator', $helper->getRoleName(Role::APP_ADMIN)); + $this->assertEquals('Manager', $helper->getRoleName(Role::APP_MANAGER)); + $this->assertEquals('Project Viewer', $helper->getRoleName(Role::PROJECT_VIEWER)); + } - // We create a project and set our user as project manager - $this->assertEquals(1, $p->create(array('name' => 'UnitTest'))); - $this->assertTrue($pp->addMember(1, 2)); - $this->assertTrue($pp->isMember(1, 2)); - $this->assertFalse($pp->isManager(1, 2)); + public function testHasAccessForAdmins() + { + $helper = new User($this->container); - // We fake a session for him $this->container['sessionStorage']->user = array( 'id' => 2, - 'is_admin' => false, - 'is_project_admin' => true, + 'role' => Role::APP_ADMIN, ); - $this->assertTrue($h->isProjectAdministrationAllowed(1)); + $this->assertTrue($helper->hasAccess('user', 'create')); + $this->assertTrue($helper->hasAccess('project', 'create')); + $this->assertTrue($helper->hasAccess('project', 'createPrivate')); } - public function testIsProjectAdministrationAllowedForProjectMember() + public function testHasAccessForManagers() { - $h = new User($this->container); - $p = new Project($this->container); - $pp = new ProjectPermission($this->container); - $u = new UserModel($this->container); - - // We create our user - $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest'))); - - // We create a project and set our user as project member - $this->assertEquals(1, $p->create(array('name' => 'UnitTest'))); - $this->assertTrue($pp->addMember(1, 2)); - $this->assertTrue($pp->isMember(1, 2)); - $this->assertFalse($pp->isManager(1, 2)); + $helper = new User($this->container); - // We fake a session for him $this->container['sessionStorage']->user = array( 'id' => 2, - 'is_admin' => false, - 'is_project_admin' => false, + 'role' => Role::APP_MANAGER, ); - $this->assertFalse($h->isProjectAdministrationAllowed(1)); + $this->assertFalse($helper->hasAccess('user', 'create')); + $this->assertTrue($helper->hasAccess('project', 'create')); + $this->assertTrue($helper->hasAccess('project', 'createPrivate')); } - public function testIsProjectAdministrationAllowedForProjectManager() + public function testHasAccessForUsers() { - $h = new User($this->container); - $p = new Project($this->container); - $pp = new ProjectPermission($this->container); - $u = new UserModel($this->container); + $helper = new User($this->container); - // We create our user - $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest'))); + $this->container['sessionStorage']->user = array( + 'id' => 2, + 'role' => Role::APP_USER, + ); + + $this->assertFalse($helper->hasAccess('user', 'create')); + $this->assertFalse($helper->hasAccess('project', 'create')); + $this->assertTrue($helper->hasAccess('project', 'createPrivate')); + } - // We create a project and set our user as project member - $this->assertEquals(1, $p->create(array('name' => 'UnitTest'))); - $this->assertTrue($pp->addManager(1, 2)); - $this->assertTrue($pp->isMember(1, 2)); - $this->assertTrue($pp->isManager(1, 2)); + public function testHasProjectAccessForAdmins() + { + $helper = new User($this->container); + $project = new Project($this->container); - // We fake a session for him $this->container['sessionStorage']->user = array( 'id' => 2, - 'is_admin' => false, - 'is_project_admin' => false, + 'role' => Role::APP_ADMIN, ); - $this->assertFalse($h->isProjectAdministrationAllowed(1)); + $this->assertEquals(1, $project->create(array('name' => 'My project'))); + + $this->assertTrue($helper->hasProjectAccess('project', 'edit', 1)); + $this->assertTrue($helper->hasProjectAccess('board', 'show', 1)); } - public function testIsProjectManagementAllowedForProjectAdmin() + public function testHasProjectAccessForManagers() { - $h = new User($this->container); - $p = new Project($this->container); - $pp = new ProjectPermission($this->container); - $u = new UserModel($this->container); + $helper = new User($this->container); + $project = new Project($this->container); + + $this->container['sessionStorage']->user = array( + 'id' => 2, + 'role' => Role::APP_MANAGER, + ); - // We create our user - $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest'))); + $this->assertEquals(1, $project->create(array('name' => 'My project'))); - // We create a project and set our user as project manager - $this->assertEquals(1, $p->create(array('name' => 'UnitTest'))); - $this->assertTrue($pp->addMember(1, 2)); - $this->assertTrue($pp->isMember(1, 2)); - $this->assertFalse($pp->isManager(1, 2)); + $this->assertFalse($helper->hasProjectAccess('project', 'edit', 1)); + $this->assertFalse($helper->hasProjectAccess('board', 'show', 1)); + } + + public function testHasProjectAccessForUsers() + { + $helper = new User($this->container); + $project = new Project($this->container); - // We fake a session for him $this->container['sessionStorage']->user = array( 'id' => 2, - 'is_admin' => false, - 'is_project_admin' => true, + 'role' => Role::APP_USER, ); - $this->assertTrue($h->isProjectManagementAllowed(1)); + $this->assertEquals(1, $project->create(array('name' => 'My project'))); + + $this->assertFalse($helper->hasProjectAccess('project', 'edit', 1)); + $this->assertFalse($helper->hasProjectAccess('board', 'show', 1)); } - public function testIsProjectManagementAllowedForProjectMember() + public function testHasProjectAccessForAppManagerAndProjectManagers() { - $h = new User($this->container); - $p = new Project($this->container); - $pp = new ProjectPermission($this->container); - $u = new UserModel($this->container); + $helper = new User($this->container); + $user = new UserModel($this->container); + $project = new Project($this->container); + $projectUserRole = new ProjectUserRole($this->container); - // We create our user - $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest'))); + $this->container['sessionStorage']->user = array( + 'id' => 2, + 'role' => Role::APP_MANAGER, + ); + + $this->assertEquals(1, $project->create(array('name' => 'My project'))); + $this->assertEquals(2, $project->create(array('name' => 'My project'))); + $this->assertEquals(2, $user->create(array('username' => 'user'))); + $this->assertTrue($projectUserRole->addUser(1, 2, Role::PROJECT_MANAGER)); + + $this->assertTrue($helper->hasProjectAccess('project', 'edit', 1)); + $this->assertTrue($helper->hasProjectAccess('board', 'show', 1)); + $this->assertTrue($helper->hasProjectAccess('task', 'show', 1)); + $this->assertTrue($helper->hasProjectAccess('taskcreation', 'save', 1)); - // We create a project and set our user as project member - $this->assertEquals(1, $p->create(array('name' => 'UnitTest'))); - $this->assertTrue($pp->addMember(1, 2)); - $this->assertTrue($pp->isMember(1, 2)); - $this->assertFalse($pp->isManager(1, 2)); + $this->assertFalse($helper->hasProjectAccess('project', 'edit', 2)); + $this->assertFalse($helper->hasProjectAccess('board', 'show', 2)); + $this->assertFalse($helper->hasProjectAccess('task', 'show', 2)); + $this->assertFalse($helper->hasProjectAccess('taskcreation', 'save', 2)); + } + + public function testHasProjectAccessForProjectManagers() + { + $helper = new User($this->container); + $user = new UserModel($this->container); + $project = new Project($this->container); + $projectUserRole = new ProjectUserRole($this->container); - // We fake a session for him $this->container['sessionStorage']->user = array( 'id' => 2, - 'is_admin' => false, - 'is_project_admin' => false, + 'role' => Role::APP_USER, ); - $this->assertFalse($h->isProjectManagementAllowed(1)); + $this->assertEquals(1, $project->create(array('name' => 'My project'))); + $this->assertEquals(2, $project->create(array('name' => 'My project'))); + $this->assertEquals(2, $user->create(array('username' => 'user'))); + $this->assertTrue($projectUserRole->addUser(1, 2, Role::PROJECT_MANAGER)); + + $this->assertTrue($helper->hasProjectAccess('project', 'edit', 1)); + $this->assertTrue($helper->hasProjectAccess('board', 'show', 1)); + $this->assertTrue($helper->hasProjectAccess('task', 'show', 1)); + $this->assertTrue($helper->hasProjectAccess('taskcreation', 'save', 1)); + + $this->assertFalse($helper->hasProjectAccess('project', 'edit', 2)); + $this->assertFalse($helper->hasProjectAccess('board', 'show', 2)); + $this->assertFalse($helper->hasProjectAccess('task', 'show', 2)); + $this->assertFalse($helper->hasProjectAccess('taskcreation', 'save', 2)); } - public function testIsProjectManagementAllowedForProjectManager() + public function testHasProjectAccessForProjectMembers() { - $h = new User($this->container); - $p = new Project($this->container); - $pp = new ProjectPermission($this->container); - $u = new UserModel($this->container); + $helper = new User($this->container); + $user = new UserModel($this->container); + $project = new Project($this->container); + $projectUserRole = new ProjectUserRole($this->container); - // We create our user - $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest'))); + $this->container['sessionStorage']->user = array( + 'id' => 2, + 'role' => Role::APP_USER, + ); + + $this->assertEquals(1, $project->create(array('name' => 'My project'))); + $this->assertEquals(2, $project->create(array('name' => 'My project'))); + $this->assertEquals(2, $user->create(array('username' => 'user'))); + $this->assertTrue($projectUserRole->addUser(1, 2, Role::PROJECT_MEMBER)); + + $this->assertFalse($helper->hasProjectAccess('project', 'edit', 1)); + $this->assertTrue($helper->hasProjectAccess('board', 'show', 1)); + $this->assertTrue($helper->hasProjectAccess('task', 'show', 1)); + $this->assertTrue($helper->hasProjectAccess('taskcreation', 'save', 1)); - // We create a project and set our user as project member - $this->assertEquals(1, $p->create(array('name' => 'UnitTest'))); - $this->assertTrue($pp->addManager(1, 2)); - $this->assertTrue($pp->isMember(1, 2)); - $this->assertTrue($pp->isManager(1, 2)); + $this->assertFalse($helper->hasProjectAccess('project', 'edit', 2)); + $this->assertFalse($helper->hasProjectAccess('board', 'show', 2)); + $this->assertFalse($helper->hasProjectAccess('task', 'show', 2)); + $this->assertFalse($helper->hasProjectAccess('taskcreation', 'save', 2)); + } + + public function testHasProjectAccessForProjectViewers() + { + $helper = new User($this->container); + $user = new UserModel($this->container); + $project = new Project($this->container); + $projectUserRole = new ProjectUserRole($this->container); - // We fake a session for him $this->container['sessionStorage']->user = array( 'id' => 2, - 'is_admin' => false, - 'is_project_admin' => false, + 'role' => Role::APP_USER, ); - $this->assertTrue($h->isProjectManagementAllowed(1)); + $this->assertEquals(1, $project->create(array('name' => 'My project'))); + $this->assertEquals(2, $project->create(array('name' => 'My project'))); + $this->assertEquals(2, $user->create(array('username' => 'user'))); + $this->assertTrue($projectUserRole->addUser(1, 2, Role::PROJECT_VIEWER)); + + $this->assertFalse($helper->hasProjectAccess('project', 'edit', 1)); + $this->assertTrue($helper->hasProjectAccess('board', 'show', 1)); + $this->assertTrue($helper->hasProjectAccess('task', 'show', 1)); + $this->assertFalse($helper->hasProjectAccess('taskcreation', 'save', 1)); + + $this->assertFalse($helper->hasProjectAccess('project', 'edit', 2)); + $this->assertFalse($helper->hasProjectAccess('board', 'show', 2)); + $this->assertFalse($helper->hasProjectAccess('task', 'show', 2)); + $this->assertFalse($helper->hasProjectAccess('taskcreation', 'save', 2)); } } diff --git a/tests/units/Integration/BitbucketWebhookTest.php b/tests/units/Integration/BitbucketWebhookTest.php index 1a3b005b..40dbde2e 100644 --- a/tests/units/Integration/BitbucketWebhookTest.php +++ b/tests/units/Integration/BitbucketWebhookTest.php @@ -6,8 +6,9 @@ use Kanboard\Integration\BitbucketWebhook; use Kanboard\Model\TaskCreation; use Kanboard\Model\TaskFinder; use Kanboard\Model\Project; -use Kanboard\Model\ProjectPermission; +use Kanboard\Model\ProjectUserRole; use Kanboard\Model\User; +use Kanboard\Core\Security\Role; class BitbucketWebhookTest extends Base { @@ -108,8 +109,8 @@ class BitbucketWebhookTest extends Base $u = new User($this->container); $this->assertEquals(2, $u->create(array('username' => 'minicoders'))); - $pp = new ProjectPermission($this->container); - $this->assertTrue($pp->addMember(1, 2)); + $pp = new ProjectUserRole($this->container); + $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER)); $g = new BitbucketWebhook($this->container); $g->setProjectId(1); @@ -232,8 +233,8 @@ class BitbucketWebhookTest extends Base $u = new User($this->container); $this->assertEquals(2, $u->create(array('username' => 'minicoders'))); - $pp = new ProjectPermission($this->container); - $this->assertTrue($pp->addMember(1, 2)); + $pp = new ProjectUserRole($this->container); + $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER)); $g = new BitbucketWebhook($this->container); $g->setProjectId(1); diff --git a/tests/units/Integration/GithubWebhookTest.php b/tests/units/Integration/GithubWebhookTest.php index d64e783e..f00e5dde 100644 --- a/tests/units/Integration/GithubWebhookTest.php +++ b/tests/units/Integration/GithubWebhookTest.php @@ -6,8 +6,9 @@ use Kanboard\Integration\GithubWebhook; use Kanboard\Model\TaskCreation; use Kanboard\Model\TaskFinder; use Kanboard\Model\Project; -use Kanboard\Model\ProjectPermission; +use Kanboard\Model\ProjectUserRole; use Kanboard\Model\User; +use Kanboard\Core\Security\Role; class GithubWebhookTest extends Base { @@ -40,8 +41,8 @@ class GithubWebhookTest extends Base $u = new User($this->container); $this->assertEquals(2, $u->create(array('username' => 'fguillot'))); - $pp = new ProjectPermission($this->container); - $this->assertTrue($pp->addMember(1, 2)); + $pp = new ProjectUserRole($this->container); + $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER)); $g = new GithubWebhook($this->container); $g->setProjectId(1); @@ -111,8 +112,8 @@ class GithubWebhookTest extends Base $u = new User($this->container); $this->assertEquals(2, $u->create(array('username' => 'fguillot'))); - $pp = new ProjectPermission($this->container); - $this->assertTrue($pp->addMember(1, 2)); + $pp = new ProjectUserRole($this->container); + $this->assertTrue($pp->addUser(1, 2, ROLE::PROJECT_MANAGER)); $g = new GithubWebhook($this->container); $g->setProjectId(1); @@ -323,8 +324,8 @@ class GithubWebhookTest extends Base $u = new User($this->container); $this->assertEquals(2, $u->create(array('username' => 'fguillot'))); - $pp = new ProjectPermission($this->container); - $this->assertTrue($pp->addMember(1, 2)); + $pp = new ProjectUserRole($this->container); + $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER)); $g = new GithubWebhook($this->container); $g->setProjectId(1); diff --git a/tests/units/Integration/GitlabWebhookTest.php b/tests/units/Integration/GitlabWebhookTest.php index fa05f292..3e0e6d2c 100644 --- a/tests/units/Integration/GitlabWebhookTest.php +++ b/tests/units/Integration/GitlabWebhookTest.php @@ -6,8 +6,9 @@ use Kanboard\Integration\GitlabWebhook; use Kanboard\Model\TaskCreation; use Kanboard\Model\TaskFinder; use Kanboard\Model\Project; -use Kanboard\Model\ProjectPermission; +use Kanboard\Model\ProjectUserRole; use Kanboard\Model\User; +use Kanboard\Core\Security\Role; class GitlabWebhookTest extends Base { @@ -179,8 +180,8 @@ class GitlabWebhookTest extends Base $u = new User($this->container); $this->assertEquals(2, $u->create(array('username' => 'minicoders'))); - $pp = new ProjectPermission($this->container); - $this->assertTrue($pp->addMember(1, 2)); + $pp = new ProjectUserRole($this->container); + $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER)); $g = new GitlabWebhook($this->container); $g->setProjectId(1); diff --git a/tests/units/Model/AclTest.php b/tests/units/Model/AclTest.php deleted file mode 100644 index afda446b..00000000 --- a/tests/units/Model/AclTest.php +++ /dev/null @@ -1,296 +0,0 @@ -<?php - -require_once __DIR__.'/../Base.php'; - -use Kanboard\Model\Acl; -use Kanboard\Model\Project; -use Kanboard\Model\ProjectPermission; -use Kanboard\Model\User; - -class AclTest extends Base -{ - public function testMatchAcl() - { - $acl_rules = array( - 'controller1' => array('action1', 'action3'), - 'controller3' => '*', - 'controller5' => '-', - 'controller6' => array(), - 'controllera' => '*', - ); - - $acl = new Acl($this->container); - $this->assertTrue($acl->matchAcl($acl_rules, 'controller1', 'aCtiOn1')); - $this->assertTrue($acl->matchAcl($acl_rules, 'controller1', 'action1')); - $this->assertTrue($acl->matchAcl($acl_rules, 'controller1', 'action3')); - $this->assertFalse($acl->matchAcl($acl_rules, 'controller1', 'action2')); - $this->assertFalse($acl->matchAcl($acl_rules, 'controller2', 'action2')); - $this->assertFalse($acl->matchAcl($acl_rules, 'controller2', 'action3')); - $this->assertTrue($acl->matchAcl($acl_rules, 'controller3', 'anything')); - $this->assertFalse($acl->matchAcl($acl_rules, 'controller4', 'anything')); - $this->assertFalse($acl->matchAcl($acl_rules, 'controller5', 'anything')); - $this->assertFalse($acl->matchAcl($acl_rules, 'controller6', 'anything')); - $this->assertTrue($acl->matchAcl($acl_rules, 'ControllerA', 'anything')); - $this->assertTrue($acl->matchAcl($acl_rules, 'controllera', 'anything')); - } - - public function testPublicActions() - { - $acl = new Acl($this->container); - $this->assertTrue($acl->isPublicAction('task', 'readonly')); - $this->assertTrue($acl->isPublicAction('board', 'readonly')); - $this->assertFalse($acl->isPublicAction('board', 'show')); - $this->assertTrue($acl->isPublicAction('feed', 'project')); - $this->assertTrue($acl->isPublicAction('feed', 'user')); - $this->assertTrue($acl->isPublicAction('ical', 'project')); - $this->assertTrue($acl->isPublicAction('ical', 'user')); - $this->assertTrue($acl->isPublicAction('oauth', 'github')); - $this->assertTrue($acl->isPublicAction('oauth', 'google')); - $this->assertTrue($acl->isPublicAction('auth', 'login')); - $this->assertTrue($acl->isPublicAction('auth', 'check')); - $this->assertTrue($acl->isPublicAction('auth', 'captcha')); - } - - public function testAdminActions() - { - $acl = new Acl($this->container); - $this->assertFalse($acl->isAdminAction('board', 'show')); - $this->assertFalse($acl->isAdminAction('task', 'show')); - $this->assertTrue($acl->isAdminAction('config', 'api')); - $this->assertTrue($acl->isAdminAction('config', 'anything')); - $this->assertTrue($acl->isAdminAction('config', 'anything')); - $this->assertTrue($acl->isAdminAction('user', 'save')); - } - - public function testProjectAdminActions() - { - $acl = new Acl($this->container); - $this->assertFalse($acl->isProjectAdminAction('config', 'save')); - $this->assertFalse($acl->isProjectAdminAction('user', 'index')); - $this->assertTrue($acl->isProjectAdminAction('project', 'remove')); - } - - public function testProjectManagerActions() - { - $acl = new Acl($this->container); - $this->assertFalse($acl->isProjectManagerAction('board', 'readonly')); - $this->assertFalse($acl->isProjectManagerAction('project', 'remove')); - $this->assertFalse($acl->isProjectManagerAction('project', 'show')); - $this->assertTrue($acl->isProjectManagerAction('project', 'disable')); - $this->assertTrue($acl->isProjectManagerAction('category', 'index')); - $this->assertTrue($acl->isProjectManagerAction('project', 'users')); - $this->assertFalse($acl->isProjectManagerAction('app', 'index')); - } - - public function testPageAccessNoSession() - { - $acl = new Acl($this->container); - - $this->assertFalse($acl->isAllowed('board', 'readonly')); - $this->assertFalse($acl->isAllowed('task', 'show')); - $this->assertFalse($acl->isAllowed('config', 'application')); - $this->assertFalse($acl->isAllowed('project', 'users')); - $this->assertFalse($acl->isAllowed('task', 'remove')); - $this->assertTrue($acl->isAllowed('app', 'index')); - } - - public function testPageAccessEmptySession() - { - $acl = new Acl($this->container); - $this->container['sessionStorage']->user = array(); - - $this->assertFalse($acl->isAllowed('board', 'readonly')); - $this->assertFalse($acl->isAllowed('task', 'show')); - $this->assertFalse($acl->isAllowed('config', 'application')); - $this->assertFalse($acl->isAllowed('project', 'users')); - $this->assertFalse($acl->isAllowed('task', 'remove')); - $this->assertTrue($acl->isAllowed('app', 'index')); - } - - public function testPageAccessAdminUser() - { - $acl = new Acl($this->container); - $this->container['sessionStorage']->user = array( - 'is_admin' => true, - ); - - $this->assertTrue($acl->isAllowed('board', 'readonly')); - $this->assertTrue($acl->isAllowed('task', 'readonly')); - $this->assertTrue($acl->isAllowed('webhook', 'github')); - $this->assertTrue($acl->isAllowed('task', 'show')); - $this->assertTrue($acl->isAllowed('task', 'update')); - $this->assertTrue($acl->isAllowed('config', 'application')); - $this->assertTrue($acl->isAllowed('project', 'show')); - $this->assertTrue($acl->isAllowed('project', 'users')); - $this->assertTrue($acl->isAllowed('project', 'remove')); - $this->assertTrue($acl->isAllowed('category', 'edit')); - $this->assertTrue($acl->isAllowed('task', 'remove')); - $this->assertTrue($acl->isAllowed('app', 'index')); - } - - public function testPageAccessProjectAdmin() - { - $acl = new Acl($this->container); - $p = new Project($this->container); - $pp = new ProjectPermission($this->container); - $u = new User($this->container); - - // We create our user - $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest'))); - - // We create a project and set our user as project manager - $this->assertEquals(1, $p->create(array('name' => 'UnitTest'))); - $this->assertTrue($pp->addMember(1, 2)); - $this->assertTrue($pp->isMember(1, 2)); - $this->assertFalse($pp->isManager(1, 2)); - - // We fake a session for him - $this->container['sessionStorage']->user = array( - 'id' => 2, - 'is_admin' => false, - 'is_project_admin' => true, - ); - - $this->assertTrue($acl->isAllowed('board', 'readonly', 1)); - $this->assertTrue($acl->isAllowed('task', 'readonly', 1)); - $this->assertTrue($acl->isAllowed('webhook', 'github', 1)); - $this->assertTrue($acl->isAllowed('task', 'show', 1)); - $this->assertFalse($acl->isAllowed('task', 'show', 2)); - $this->assertTrue($acl->isAllowed('task', 'update', 1)); - $this->assertTrue($acl->isAllowed('project', 'show', 1)); - $this->assertFalse($acl->isAllowed('config', 'application', 1)); - - $this->assertTrue($acl->isAllowed('project', 'users', 1)); - $this->assertFalse($acl->isAllowed('project', 'users', 2)); - - $this->assertTrue($acl->isAllowed('project', 'remove', 1)); - $this->assertFalse($acl->isAllowed('project', 'remove', 2)); - - $this->assertTrue($acl->isAllowed('category', 'edit', 1)); - $this->assertTrue($acl->isAllowed('task', 'remove', 1)); - $this->assertTrue($acl->isAllowed('app', 'index', 1)); - } - - public function testPageAccessProjectManager() - { - $acl = new Acl($this->container); - $p = new Project($this->container); - $pp = new ProjectPermission($this->container); - $u = new User($this->container); - - // We create our user - $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest'))); - - // We create a project and set our user as project manager - $this->assertEquals(1, $p->create(array('name' => 'UnitTest'), 2, true)); - $this->assertTrue($pp->isMember(1, 2)); - $this->assertTrue($pp->isManager(1, 2)); - - // We fake a session for him - $this->container['sessionStorage']->user = array( - 'id' => 2, - 'is_admin' => false, - ); - - $this->assertTrue($acl->isAllowed('board', 'readonly', 1)); - $this->assertTrue($acl->isAllowed('task', 'readonly', 1)); - $this->assertTrue($acl->isAllowed('webhook', 'github', 1)); - $this->assertTrue($acl->isAllowed('task', 'show', 1)); - $this->assertFalse($acl->isAllowed('task', 'show', 2)); - $this->assertTrue($acl->isAllowed('task', 'update', 1)); - $this->assertTrue($acl->isAllowed('project', 'show', 1)); - $this->assertFalse($acl->isAllowed('config', 'application', 1)); - - $this->assertTrue($acl->isAllowed('project', 'users', 1)); - $this->assertFalse($acl->isAllowed('project', 'users', 2)); - - $this->assertFalse($acl->isAllowed('project', 'remove', 1)); - $this->assertFalse($acl->isAllowed('project', 'remove', 2)); - - $this->assertTrue($acl->isAllowed('category', 'edit', 1)); - $this->assertTrue($acl->isAllowed('task', 'remove', 1)); - $this->assertTrue($acl->isAllowed('app', 'index', 1)); - } - - public function testPageAccessMember() - { - $acl = new Acl($this->container); - $p = new Project($this->container); - $pp = new ProjectPermission($this->container); - $u = new User($this->container); - - // We create our user - $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest'))); - - // We create a project and set our user as member - $this->assertEquals(1, $p->create(array('name' => 'UnitTest1'))); - $this->assertEquals(2, $p->create(array('name' => 'UnitTest2'))); - $this->assertTrue($pp->addMember(1, 2)); - $this->assertTrue($pp->isMember(1, 2)); - $this->assertFalse($pp->isManager(1, 2)); - - $this->container['sessionStorage']->user = array( - 'id' => 2, - 'is_admin' => false, - ); - - $this->assertTrue($acl->isAllowed('board', 'readonly', 1)); - $this->assertTrue($acl->isAllowed('task', 'readonly', 1)); - $this->assertTrue($acl->isAllowed('webhook', 'github', 1)); - $this->assertFalse($acl->isAllowed('board', 'show', 2)); - $this->assertTrue($acl->isAllowed('board', 'show', 1)); - $this->assertFalse($acl->isAllowed('task', 'show', 2)); - $this->assertTrue($acl->isAllowed('task', 'show', 1)); - $this->assertTrue($acl->isAllowed('task', 'update', 1)); - $this->assertTrue($acl->isAllowed('project', 'show', 1)); - $this->assertFalse($acl->isAllowed('config', 'application', 1)); - $this->assertFalse($acl->isAllowed('project', 'users', 1)); - $this->assertTrue($acl->isAllowed('task', 'remove', 1)); - $this->assertFalse($acl->isAllowed('task', 'remove', 2)); - $this->assertTrue($acl->isAllowed('app', 'index', 1)); - } - - public function testPageAccessNotMember() - { - $acl = new Acl($this->container); - $p = new Project($this->container); - $pp = new ProjectPermission($this->container); - $u = new User($this->container); - - // We create our user - $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest'))); - - // We create a project and set our user as member - $this->assertEquals(1, $p->create(array('name' => 'UnitTest1'))); - $this->assertEquals(2, $p->create(array('name' => 'UnitTest2'))); - $this->assertFalse($pp->isMember(1, 2)); - $this->assertFalse($pp->isManager(1, 2)); - - $this->container['sessionStorage']->user = array( - 'id' => 2, - 'is_admin' => false, - ); - - $this->assertFalse($acl->isAllowed('board', 'show', 2)); - $this->assertFalse($acl->isAllowed('board', 'show', 1)); - $this->assertFalse($acl->isAllowed('task', 'show', 1)); - $this->assertFalse($acl->isAllowed('task', 'update', 1)); - $this->assertFalse($acl->isAllowed('project', 'show', 1)); - $this->assertFalse($acl->isAllowed('config', 'application', 1)); - $this->assertFalse($acl->isAllowed('project', 'users', 1)); - $this->assertFalse($acl->isAllowed('task', 'remove', 1)); - $this->assertTrue($acl->isAllowed('app', 'index', 1)); - } - - public function testExtend() - { - $acl = new Acl($this->container); - - $this->assertFalse($acl->isProjectManagerAction('plop', 'show')); - - $acl->extend('project_manager_acl', array('plop' => '*')); - - $this->assertTrue($acl->isProjectManagerAction('plop', 'show')); - $this->assertTrue($acl->isProjectManagerAction('swimlane', 'index')); - } -} diff --git a/tests/units/Model/ActionTest.php b/tests/units/Model/ActionTest.php index 30f6b22c..4a338707 100644 --- a/tests/units/Model/ActionTest.php +++ b/tests/units/Model/ActionTest.php @@ -11,9 +11,10 @@ use Kanboard\Model\TaskCreation; use Kanboard\Model\TaskFinder; use Kanboard\Model\Category; use Kanboard\Model\User; -use Kanboard\Model\ProjectPermission; +use Kanboard\Model\ProjectUserRole; use Kanboard\Integration\GithubWebhook; use Kanboard\Integration\BitbucketWebhook; +use Kanboard\Core\Security\Role; class ActionTest extends Base { @@ -62,7 +63,7 @@ class ActionTest extends Base public function testResolveDuplicatedParameters() { $p = new Project($this->container); - $pp = new ProjectPermission($this->container); + $pp = new ProjectUserRole($this->container); $a = new Action($this->container); $c = new Category($this->container); $u = new User($this->container); @@ -78,9 +79,9 @@ class ActionTest extends Base $this->assertEquals(2, $u->create(array('username' => 'unittest1'))); $this->assertEquals(3, $u->create(array('username' => 'unittest2'))); - $this->assertTrue($pp->addMember(1, 2)); - $this->assertTrue($pp->addMember(1, 3)); - $this->assertTrue($pp->addMember(2, 3)); + $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER)); + $this->assertTrue($pp->addUser(1, 3, Role::PROJECT_MEMBER)); + $this->assertTrue($pp->addUser(2, 3, Role::PROJECT_MEMBER)); // anything $this->assertEquals('blah', $a->resolveParameters(array('name' => 'foobar', 'value' => 'blah'), 2)); @@ -113,7 +114,7 @@ class ActionTest extends Base public function testDuplicateSuccess() { $p = new Project($this->container); - $pp = new ProjectPermission($this->container); + $pp = new ProjectUserRole($this->container); $a = new Action($this->container); $u = new User($this->container); @@ -123,9 +124,9 @@ class ActionTest extends Base $this->assertEquals(2, $u->create(array('username' => 'unittest1'))); $this->assertEquals(3, $u->create(array('username' => 'unittest2'))); - $this->assertTrue($pp->addMember(1, 2)); - $this->assertTrue($pp->addMember(1, 3)); - $this->assertTrue($pp->addMember(2, 3)); + $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER)); + $this->assertTrue($pp->addUser(1, 3, Role::PROJECT_MEMBER)); + $this->assertTrue($pp->addUser(2, 3, Role::PROJECT_MEMBER)); $this->assertEquals(1, $a->create(array( 'project_id' => 1, @@ -159,7 +160,7 @@ class ActionTest extends Base public function testDuplicateUnableToResolveParams() { $p = new Project($this->container); - $pp = new ProjectPermission($this->container); + $pp = new ProjectUserRole($this->container); $a = new Action($this->container); $u = new User($this->container); @@ -168,7 +169,7 @@ class ActionTest extends Base $this->assertEquals(2, $u->create(array('username' => 'unittest1'))); - $this->assertTrue($pp->addMember(1, 2)); + $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER)); $this->assertEquals(1, $a->create(array( 'project_id' => 1, @@ -196,7 +197,7 @@ class ActionTest extends Base public function testDuplicateMixedResults() { $p = new Project($this->container); - $pp = new ProjectPermission($this->container); + $pp = new ProjectUserRole($this->container); $a = new Action($this->container); $u = new User($this->container); $c = new Category($this->container); @@ -210,7 +211,7 @@ class ActionTest extends Base $this->assertEquals(2, $u->create(array('username' => 'unittest1'))); - $this->assertTrue($pp->addMember(1, 2)); + $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER)); $this->assertEquals(1, $a->create(array( 'project_id' => 1, diff --git a/tests/units/Model/AuthenticationTest.php b/tests/units/Model/AuthenticationTest.php deleted file mode 100644 index 6b48affe..00000000 --- a/tests/units/Model/AuthenticationTest.php +++ /dev/null @@ -1,39 +0,0 @@ -<?php - -require_once __DIR__.'/../Base.php'; - -use Kanboard\Model\User; -use Kanboard\Model\Authentication; - -class AuthenticationTest extends Base -{ - public function testHasCaptcha() - { - $u = new User($this->container); - $a = new Authentication($this->container); - - $this->assertFalse($a->hasCaptcha('not_found')); - $this->assertFalse($a->hasCaptcha('admin')); - - $this->assertTrue($u->incrementFailedLogin('admin')); - $this->assertTrue($u->incrementFailedLogin('admin')); - $this->assertTrue($u->incrementFailedLogin('admin')); - - $this->assertFalse($a->hasCaptcha('not_found')); - $this->assertTrue($a->hasCaptcha('admin')); - } - - public function testHandleFailedLogin() - { - $u = new User($this->container); - $a = new Authentication($this->container); - - $this->assertFalse($u->isLocked('admin')); - - for ($i = 0; $i <= 6; $i++) { - $a->handleFailedLogin('admin'); - } - - $this->assertTrue($u->isLocked('admin')); - } -} diff --git a/tests/units/Model/ProjectDuplicationTest.php b/tests/units/Model/ProjectDuplicationTest.php index e3234dfe..8b74675b 100644 --- a/tests/units/Model/ProjectDuplicationTest.php +++ b/tests/units/Model/ProjectDuplicationTest.php @@ -5,13 +5,14 @@ require_once __DIR__.'/../Base.php'; use Kanboard\Model\Action; use Kanboard\Model\Project; use Kanboard\Model\Category; -use Kanboard\Model\ProjectPermission; +use Kanboard\Model\ProjectUserRole; use Kanboard\Model\ProjectDuplication; use Kanboard\Model\User; use Kanboard\Model\Swimlane; use Kanboard\Model\Task; use Kanboard\Model\TaskCreation; use Kanboard\Model\TaskFinder; +use Kanboard\Core\Security\Role; class ProjectDuplicationTest extends Base { @@ -72,10 +73,10 @@ class ProjectDuplicationTest extends Base $this->assertEquals(0, $project['is_public']); $this->assertEmpty($project['token']); - $pp = new ProjectPermission($this->container); + $pp = new ProjectUserRole($this->container); - $this->assertEquals(array(1 => 'admin'), $pp->getMembers(1)); - $this->assertEquals(array(1 => 'admin'), $pp->getMembers(2)); + $this->assertEquals(array(1 => 'admin'), $pp->getAssignableUsers(1)); + $this->assertEquals(array(1 => 'admin'), $pp->getAssignableUsers(2)); } public function testCloneProjectWithCategories() @@ -114,7 +115,7 @@ class ProjectDuplicationTest extends Base { $p = new Project($this->container); $c = new Category($this->container); - $pp = new ProjectPermission($this->container); + $pp = new ProjectUserRole($this->container); $u = new User($this->container); $pd = new ProjectDuplication($this->container); @@ -123,15 +124,12 @@ class ProjectDuplicationTest extends Base $this->assertEquals(4, $u->create(array('username' => 'unittest3', 'password' => 'unittest'))); $this->assertEquals(1, $p->create(array('name' => 'P1'))); - $this->assertTrue($pp->addMember(1, 2)); - $this->assertTrue($pp->addMember(1, 4)); - $this->assertTrue($pp->addManager(1, 3)); - $this->assertTrue($pp->isMember(1, 2)); - $this->assertTrue($pp->isMember(1, 3)); - $this->assertTrue($pp->isMember(1, 4)); - $this->assertFalse($pp->isManager(1, 2)); - $this->assertTrue($pp->isManager(1, 3)); - $this->assertFalse($pp->isManager(1, 4)); + $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER)); + $this->assertTrue($pp->addUser(1, 3, Role::PROJECT_MEMBER)); + $this->assertTrue($pp->addUser(1, 4, Role::PROJECT_MANAGER)); + $this->assertEquals(Role::PROJECT_MEMBER, $pp->getUserRole(1, 2)); + $this->assertEquals(Role::PROJECT_MEMBER, $pp->getUserRole(1, 3)); + $this->assertEquals(Role::PROJECT_MANAGER, $pp->getUserRole(1, 4)); $this->assertEquals(2, $pd->duplicate(1)); @@ -139,13 +137,10 @@ class ProjectDuplicationTest extends Base $this->assertNotEmpty($project); $this->assertEquals('P1 (Clone)', $project['name']); - $this->assertEquals(3, count($pp->getMembers(2))); - $this->assertTrue($pp->isMember(2, 2)); - $this->assertTrue($pp->isMember(2, 3)); - $this->assertTrue($pp->isMember(2, 4)); - $this->assertFalse($pp->isManager(2, 2)); - $this->assertTrue($pp->isManager(2, 3)); - $this->assertFalse($pp->isManager(2, 4)); + $this->assertEquals(3, count($pp->getUsers(2))); + $this->assertEquals(Role::PROJECT_MEMBER, $pp->getUserRole(2, 2)); + $this->assertEquals(Role::PROJECT_MEMBER, $pp->getUserRole(2, 3)); + $this->assertEquals(Role::PROJECT_MANAGER, $pp->getUserRole(2, 4)); } public function testCloneProjectWithActionTaskAssignCurrentUser() diff --git a/tests/units/Model/ProjectGroupRoleTest.php b/tests/units/Model/ProjectGroupRoleTest.php new file mode 100644 index 00000000..52b83082 --- /dev/null +++ b/tests/units/Model/ProjectGroupRoleTest.php @@ -0,0 +1,340 @@ +<?php + +require_once __DIR__.'/../Base.php'; + +use Kanboard\Model\Project; +use Kanboard\Model\User; +use Kanboard\Model\Group; +use Kanboard\Model\GroupMember; +use Kanboard\Model\ProjectGroupRole; +use Kanboard\Core\Security\Role; + +class ProjectGroupRoleTest extends Base +{ + public function testGetUserRole() + { + $projectModel = new Project($this->container); + $groupModel = new Group($this->container); + $groupRoleModel = new ProjectGroupRole($this->container); + $groupMemberModel = new GroupMember($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Test'))); + $this->assertEquals(1, $groupModel->create('Group A')); + + $this->assertTrue($groupMemberModel->addUser(1, 1)); + $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER)); + + $this->assertEquals(Role::PROJECT_VIEWER, $groupRoleModel->getUserRole(1, 1)); + $this->assertEquals('', $groupRoleModel->getUserRole(1, 2)); + } + + public function testAddGroup() + { + $projectModel = new Project($this->container); + $groupModel = new Group($this->container); + $groupRoleModel = new ProjectGroupRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Test'))); + $this->assertEquals(1, $groupModel->create('Test')); + + $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER)); + $this->assertFalse($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER)); + + $groups = $groupRoleModel->getGroups(1); + $this->assertCount(1, $groups); + $this->assertEquals(1, $groups[0]['id']); + $this->assertEquals('Test', $groups[0]['name']); + $this->assertEquals(Role::PROJECT_VIEWER, $groups[0]['role']); + } + + public function testRemoveGroup() + { + $projectModel = new Project($this->container); + $groupModel = new Group($this->container); + $groupRoleModel = new ProjectGroupRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Test'))); + $this->assertEquals(1, $groupModel->create('Test')); + + $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_MEMBER)); + $this->assertTrue($groupRoleModel->removeGroup(1, 1)); + $this->assertFalse($groupRoleModel->removeGroup(1, 1)); + + $this->assertEmpty($groupRoleModel->getGroups(1)); + } + + public function testChangeRole() + { + $projectModel = new Project($this->container); + $groupModel = new Group($this->container); + $groupRoleModel = new ProjectGroupRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Test'))); + $this->assertEquals(1, $groupModel->create('Test')); + + $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER)); + $this->assertTrue($groupRoleModel->changeGroupRole(1, 1, Role::PROJECT_MANAGER)); + + $groups = $groupRoleModel->getGroups(1); + $this->assertCount(1, $groups); + $this->assertEquals(1, $groups[0]['id']); + $this->assertEquals('Test', $groups[0]['name']); + $this->assertEquals(Role::PROJECT_MANAGER, $groups[0]['role']); + } + + public function testGetGroups() + { + $projectModel = new Project($this->container); + $groupModel = new Group($this->container); + $groupRoleModel = new ProjectGroupRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Test'))); + $this->assertEquals(1, $groupModel->create('Group C')); + $this->assertEquals(2, $groupModel->create('Group B')); + $this->assertEquals(3, $groupModel->create('Group A')); + + $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER)); + $this->assertTrue($groupRoleModel->addGroup(1, 2, Role::PROJECT_MEMBER)); + $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER)); + + $groups = $groupRoleModel->getGroups(1); + $this->assertCount(3, $groups); + + $this->assertEquals(3, $groups[0]['id']); + $this->assertEquals('Group A', $groups[0]['name']); + $this->assertEquals(Role::PROJECT_MANAGER, $groups[0]['role']); + + $this->assertEquals(2, $groups[1]['id']); + $this->assertEquals('Group B', $groups[1]['name']); + $this->assertEquals(Role::PROJECT_MEMBER, $groups[1]['role']); + + $this->assertEquals(1, $groups[2]['id']); + $this->assertEquals('Group C', $groups[2]['name']); + $this->assertEquals(Role::PROJECT_VIEWER, $groups[2]['role']); + } + + public function testGetUsers() + { + $userModel = new User($this->container); + $projectModel = new Project($this->container); + $groupModel = new Group($this->container); + $groupMemberModel = new GroupMember($this->container); + $groupRoleModel = new ProjectGroupRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1'))); + $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2'))); + + $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1'))); + $this->assertEquals(3, $userModel->create(array('username' => 'user 2'))); + $this->assertEquals(4, $userModel->create(array('username' => 'user 3'))); + + $this->assertEquals(1, $groupModel->create('Group A')); + $this->assertEquals(2, $groupModel->create('Group B')); + $this->assertEquals(3, $groupModel->create('Group C')); + + $this->assertTrue($groupMemberModel->addUser(1, 4)); + $this->assertTrue($groupMemberModel->addUser(2, 3)); + $this->assertTrue($groupMemberModel->addUser(3, 2)); + + $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER)); + $this->assertTrue($groupRoleModel->addGroup(1, 2, Role::PROJECT_MEMBER)); + $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER)); + + $users = $groupRoleModel->getUsers(2); + $this->assertCount(0, $users); + + $users = $groupRoleModel->getUsers(1); + $this->assertCount(3, $users); + + $this->assertEquals(2, $users[0]['id']); + $this->assertEquals('user 1', $users[0]['username']); + $this->assertEquals('User #1', $users[0]['name']); + $this->assertEquals(Role::PROJECT_MANAGER, $users[0]['role']); + + $this->assertEquals(3, $users[1]['id']); + $this->assertEquals('user 2', $users[1]['username']); + $this->assertEquals('', $users[1]['name']); + $this->assertEquals(Role::PROJECT_MEMBER, $users[1]['role']); + + $this->assertEquals(4, $users[2]['id']); + $this->assertEquals('user 3', $users[2]['username']); + $this->assertEquals('', $users[2]['name']); + $this->assertEquals(Role::PROJECT_VIEWER, $users[2]['role']); + } + + public function testGetAssignableUsers() + { + $userModel = new User($this->container); + $projectModel = new Project($this->container); + $groupModel = new Group($this->container); + $groupMemberModel = new GroupMember($this->container); + $groupRoleModel = new ProjectGroupRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1'))); + $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2'))); + + $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1'))); + $this->assertEquals(3, $userModel->create(array('username' => 'user 2'))); + $this->assertEquals(4, $userModel->create(array('username' => 'user 3'))); + + $this->assertEquals(1, $groupModel->create('Group A')); + $this->assertEquals(2, $groupModel->create('Group B')); + $this->assertEquals(3, $groupModel->create('Group C')); + + $this->assertTrue($groupMemberModel->addUser(1, 4)); + $this->assertTrue($groupMemberModel->addUser(2, 3)); + $this->assertTrue($groupMemberModel->addUser(3, 2)); + + $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER)); + $this->assertTrue($groupRoleModel->addGroup(1, 2, Role::PROJECT_MEMBER)); + $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER)); + + $users = $groupRoleModel->getAssignableUsers(2); + $this->assertCount(0, $users); + + $users = $groupRoleModel->getAssignableUsers(1); + $this->assertCount(2, $users); + + $this->assertEquals(2, $users[0]['id']); + $this->assertEquals('user 1', $users[0]['username']); + $this->assertEquals('User #1', $users[0]['name']); + + $this->assertEquals(3, $users[1]['id']); + $this->assertEquals('user 2', $users[1]['username']); + $this->assertEquals('', $users[1]['name']); + } + + public function testGetProjectsByUser() + { + $userModel = new User($this->container); + $projectModel = new Project($this->container); + $groupModel = new Group($this->container); + $groupMemberModel = new GroupMember($this->container); + $groupRoleModel = new ProjectGroupRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1'))); + $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2'))); + + $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1'))); + $this->assertEquals(3, $userModel->create(array('username' => 'user 2'))); + $this->assertEquals(4, $userModel->create(array('username' => 'user 3'))); + $this->assertEquals(5, $userModel->create(array('username' => 'user 4'))); + + $this->assertEquals(1, $groupModel->create('Group C')); + $this->assertEquals(2, $groupModel->create('Group B')); + $this->assertEquals(3, $groupModel->create('Group A')); + + $this->assertTrue($groupMemberModel->addUser(1, 4)); + $this->assertTrue($groupMemberModel->addUser(2, 5)); + $this->assertTrue($groupMemberModel->addUser(3, 3)); + $this->assertTrue($groupMemberModel->addUser(3, 2)); + + $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER)); + $this->assertTrue($groupRoleModel->addGroup(2, 2, Role::PROJECT_MEMBER)); + $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER)); + + $projects = $groupRoleModel->getProjectsByUser(2); + $this->assertCount(1, $projects); + $this->assertEquals('Project 1', $projects[1]); + + $projects = $groupRoleModel->getProjectsByUser(3); + $this->assertCount(1, $projects); + $this->assertEquals('Project 1', $projects[1]); + + $projects = $groupRoleModel->getProjectsByUser(4); + $this->assertCount(1, $projects); + $this->assertEquals('Project 1', $projects[1]); + + $projects = $groupRoleModel->getProjectsByUser(5); + $this->assertCount(1, $projects); + $this->assertEquals('Project 2', $projects[2]); + } + + public function testGetActiveProjectsByUser() + { + $userModel = new User($this->container); + $projectModel = new Project($this->container); + $groupModel = new Group($this->container); + $groupMemberModel = new GroupMember($this->container); + $groupRoleModel = new ProjectGroupRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1', 'is_active' => 0))); + $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2'))); + + $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1'))); + $this->assertEquals(3, $userModel->create(array('username' => 'user 2'))); + $this->assertEquals(4, $userModel->create(array('username' => 'user 3'))); + $this->assertEquals(5, $userModel->create(array('username' => 'user 4'))); + + $this->assertEquals(1, $groupModel->create('Group C')); + $this->assertEquals(2, $groupModel->create('Group B')); + $this->assertEquals(3, $groupModel->create('Group A')); + + $this->assertTrue($groupMemberModel->addUser(1, 4)); + $this->assertTrue($groupMemberModel->addUser(2, 5)); + $this->assertTrue($groupMemberModel->addUser(3, 3)); + $this->assertTrue($groupMemberModel->addUser(3, 2)); + + $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER)); + $this->assertTrue($groupRoleModel->addGroup(2, 2, Role::PROJECT_MEMBER)); + $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER)); + + $projects = $groupRoleModel->getProjectsByUser(2, array(Project::ACTIVE)); + $this->assertCount(0, $projects); + + $projects = $groupRoleModel->getProjectsByUser(3, array(Project::ACTIVE)); + $this->assertCount(0, $projects); + + $projects = $groupRoleModel->getProjectsByUser(4, array(Project::ACTIVE)); + $this->assertCount(0, $projects); + + $projects = $groupRoleModel->getProjectsByUser(5, array(Project::ACTIVE)); + $this->assertCount(1, $projects); + $this->assertEquals('Project 2', $projects[2]); + } + + public function testGetInactiveProjectsByUser() + { + $userModel = new User($this->container); + $projectModel = new Project($this->container); + $groupModel = new Group($this->container); + $groupMemberModel = new GroupMember($this->container); + $groupRoleModel = new ProjectGroupRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1', 'is_active' => 0))); + $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2'))); + + $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1'))); + $this->assertEquals(3, $userModel->create(array('username' => 'user 2'))); + $this->assertEquals(4, $userModel->create(array('username' => 'user 3'))); + $this->assertEquals(5, $userModel->create(array('username' => 'user 4'))); + + $this->assertEquals(1, $groupModel->create('Group C')); + $this->assertEquals(2, $groupModel->create('Group B')); + $this->assertEquals(3, $groupModel->create('Group A')); + + $this->assertTrue($groupMemberModel->addUser(1, 4)); + $this->assertTrue($groupMemberModel->addUser(2, 5)); + $this->assertTrue($groupMemberModel->addUser(3, 3)); + $this->assertTrue($groupMemberModel->addUser(3, 2)); + + $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER)); + $this->assertTrue($groupRoleModel->addGroup(2, 2, Role::PROJECT_MEMBER)); + $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER)); + + $projects = $groupRoleModel->getProjectsByUser(2, array(Project::INACTIVE)); + $this->assertCount(1, $projects); + $this->assertEquals('Project 1', $projects[1]); + + $projects = $groupRoleModel->getProjectsByUser(3, array(Project::INACTIVE)); + $this->assertCount(1, $projects); + $this->assertEquals('Project 1', $projects[1]); + + $projects = $groupRoleModel->getProjectsByUser(4, array(Project::INACTIVE)); + $this->assertCount(1, $projects); + $this->assertEquals('Project 1', $projects[1]); + + $projects = $groupRoleModel->getProjectsByUser(5, array(Project::INACTIVE)); + $this->assertCount(0, $projects); + } +} diff --git a/tests/units/Model/ProjectPermissionTest.php b/tests/units/Model/ProjectPermissionTest.php index 1ee63a76..8f118cd9 100644 --- a/tests/units/Model/ProjectPermissionTest.php +++ b/tests/units/Model/ProjectPermissionTest.php @@ -2,286 +2,54 @@ require_once __DIR__.'/../Base.php'; -use Kanboard\Model\Project; use Kanboard\Model\ProjectPermission; +use Kanboard\Model\Project; use Kanboard\Model\User; +use Kanboard\Model\Group; +use Kanboard\Model\GroupMember; +use Kanboard\Model\ProjectGroupRole; +use Kanboard\Model\ProjectUserRole; +use Kanboard\Core\Security\Role; class ProjectPermissionTest extends Base { - public function testAllowEverybody() - { - $user = new User($this->container); - $this->assertNotFalse($user->create(array('username' => 'unittest#1', 'password' => 'unittest'))); - $this->assertNotFalse($user->create(array('username' => 'unittest#2', 'password' => 'unittest'))); - - $p = new Project($this->container); - $pp = new ProjectPermission($this->container); - - $this->assertEquals(1, $p->create(array('name' => 'UnitTest'))); - $this->assertFalse($pp->isEverybodyAllowed(1)); - $this->assertTrue($pp->isUserAllowed(1, 1)); - $this->assertFalse($pp->isUserAllowed(1, 2)); - $this->assertFalse($pp->isUserAllowed(1, 3)); - $this->assertEquals(array(), $pp->getMembers(1)); - $this->assertEquals(array('Unassigned'), $pp->getMemberList(1)); - - $this->assertEmpty($pp->getMemberProjects(1)); - $this->assertEmpty($pp->getMemberProjects(2)); - $this->assertEmpty($pp->getMemberProjects(3)); - - $this->assertEmpty($pp->getMemberProjectIds(1)); - $this->assertEmpty($pp->getMemberProjectIds(2)); - $this->assertEmpty($pp->getMemberProjectIds(3)); - - $this->assertEmpty($pp->getActiveMemberProjectIds(1)); - $this->assertEmpty($pp->getActiveMemberProjectIds(2)); - $this->assertEmpty($pp->getActiveMemberProjectIds(3)); - - $this->assertEmpty($pp->getActiveMemberProjects(1)); - $this->assertEmpty($pp->getActiveMemberProjects(2)); - $this->assertEmpty($pp->getActiveMemberProjects(3)); - - $this->assertTrue($p->update(array('id' => 1, 'is_everybody_allowed' => 1))); - $this->assertTrue($pp->isEverybodyAllowed(1)); - $this->assertTrue($pp->isUserAllowed(1, 1)); - $this->assertTrue($pp->isUserAllowed(1, 2)); - $this->assertTrue($pp->isUserAllowed(1, 3)); - $this->assertEquals(array('1' => 'admin', '2' => 'unittest#1', '3' => 'unittest#2'), $pp->getMembers(1)); - $this->assertEquals(array('Unassigned', '1' => 'admin', '2' => 'unittest#1', '3' => 'unittest#2'), $pp->getMemberList(1)); - - $this->assertNotEmpty($pp->getMemberProjects(1)); - $this->assertNotEmpty($pp->getMemberProjects(2)); - $this->assertNotEmpty($pp->getMemberProjects(3)); - - $this->assertNotEmpty($pp->getMemberProjectIds(1)); - $this->assertNotEmpty($pp->getMemberProjectIds(2)); - $this->assertNotEmpty($pp->getMemberProjectIds(3)); - - $this->assertNotEmpty($pp->getActiveMemberProjectIds(1)); - $this->assertNotEmpty($pp->getActiveMemberProjectIds(2)); - $this->assertNotEmpty($pp->getActiveMemberProjectIds(3)); - - $this->assertNotEmpty($pp->getActiveMemberProjects(1)); - $this->assertNotEmpty($pp->getActiveMemberProjects(2)); - $this->assertNotEmpty($pp->getActiveMemberProjects(3)); - - $this->assertTrue($p->disable(1)); - - $this->assertEmpty($pp->getActiveMemberProjectIds(1)); - $this->assertEmpty($pp->getActiveMemberProjectIds(2)); - $this->assertEmpty($pp->getActiveMemberProjectIds(3)); - - $this->assertEmpty($pp->getActiveMemberProjects(1)); - $this->assertEmpty($pp->getActiveMemberProjects(2)); - $this->assertEmpty($pp->getActiveMemberProjects(3)); - } - - public function testDisallowEverybody() - { - // We create a regular user - $user = new User($this->container); - $user->create(array('username' => 'unittest', 'password' => 'unittest')); - - $p = new Project($this->container); - $pp = new ProjectPermission($this->container); - - $this->assertEquals(1, $p->create(array('name' => 'UnitTest'))); - - $this->assertEmpty($pp->getMembers(1)); // Nobody is specified for the given project - $this->assertTrue($pp->isUserAllowed(1, 1)); // Admin should be allowed - $this->assertFalse($pp->isUserAllowed(1, 2)); // Regular user should be denied - } - - public function testAllowUser() - { - $p = new Project($this->container); - $pp = new ProjectPermission($this->container); - $user = new User($this->container); - - $this->assertNotFalse($user->create(array('username' => 'unittest', 'password' => 'unittest'))); - - // We create a project - $this->assertEquals(1, $p->create(array('name' => 'UnitTest'))); - - $this->assertEmpty($pp->getMemberProjects(1)); - $this->assertEmpty($pp->getMemberProjects(2)); - - $this->assertEmpty($pp->getMemberProjectIds(1)); - $this->assertEmpty($pp->getMemberProjectIds(2)); - - $this->assertEmpty($pp->getActiveMemberProjectIds(1)); - $this->assertEmpty($pp->getActiveMemberProjectIds(2)); - - $this->assertEmpty($pp->getActiveMemberProjects(1)); - $this->assertEmpty($pp->getActiveMemberProjects(2)); - - // We allow the admin user - $this->assertTrue($pp->addMember(1, 1)); - $this->assertTrue($pp->addMember(1, 2)); - - // Non-existant project - $this->assertFalse($pp->addMember(50, 1)); - - // Non-existant user - $this->assertFalse($pp->addMember(1, 50)); - - // Both users should be allowed - $this->assertEquals(array('1' => 'admin', '2' => 'unittest'), $pp->getMembers(1)); - $this->assertTrue($pp->isUserAllowed(1, 1)); - $this->assertTrue($pp->isUserAllowed(1, 2)); - - $this->assertNotEmpty($pp->getMemberProjects(1)); - $this->assertNotEmpty($pp->getMemberProjects(2)); - - $this->assertNotEmpty($pp->getMemberProjectIds(1)); - $this->assertNotEmpty($pp->getMemberProjectIds(2)); - - $this->assertNotEmpty($pp->getActiveMemberProjectIds(1)); - $this->assertNotEmpty($pp->getActiveMemberProjectIds(2)); - - $this->assertNotEmpty($pp->getActiveMemberProjects(1)); - $this->assertNotEmpty($pp->getActiveMemberProjects(2)); - } - - public function testRevokeUser() - { - $p = new Project($this->container); - $pp = new ProjectPermission($this->container); - $user = new User($this->container); - - $user->create(array('username' => 'unittest', 'password' => 'unittest')); - - // We create a project - $this->assertEquals(1, $p->create(array('name' => 'UnitTest'))); - - // We revoke our admin user (not existing row) - $this->assertFalse($pp->revokeMember(1, 1)); - - // We should have nobody in the users list - $this->assertEmpty($pp->getMembers(1)); - - // Only admin is allowed - $this->assertTrue($pp->isUserAllowed(1, 1)); - $this->assertFalse($pp->isUserAllowed(1, 2)); - - // We allow only the regular user - $this->assertTrue($pp->addMember(1, 2)); - - // All users should be allowed (admin and regular) - $this->assertTrue($pp->isUserAllowed(1, 1)); - $this->assertTrue($pp->isUserAllowed(1, 2)); - - // However, we should have only our regular user in the list - $this->assertEquals(array('2' => 'unittest'), $pp->getMembers(1)); - - // We allow our admin, we should have both in the list - $this->assertTrue($pp->addMember(1, 1)); - $this->assertEquals(array('1' => 'admin', '2' => 'unittest'), $pp->getMembers(1)); - $this->assertTrue($pp->isUserAllowed(1, 1)); - $this->assertTrue($pp->isUserAllowed(1, 2)); - - // We revoke the regular user - $this->assertTrue($pp->revokeMember(1, 2)); - - // Only admin should be allowed - $this->assertTrue($pp->isUserAllowed(1, 1)); - $this->assertFalse($pp->isUserAllowed(1, 2)); - - // We should have only admin in the list - $this->assertEquals(array('1' => 'admin'), $pp->getMembers(1)); - - // We revoke the admin user - $this->assertTrue($pp->revokeMember(1, 1)); - $this->assertEmpty($pp->getMembers(1)); - - // Only admin should be allowed again - $this->assertTrue($pp->isUserAllowed(1, 1)); - $this->assertFalse($pp->isUserAllowed(1, 2)); - } - - public function testManager() - { - $p = new Project($this->container); - $pp = new ProjectPermission($this->container); - $u = new User($this->container); - - $this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest'))); - - $this->assertEquals(1, $p->create(array('name' => 'UnitTest1'))); - $this->assertFalse($pp->isMember(1, 2)); - $this->assertFalse($pp->isManager(1, 2)); - - $this->assertEquals(2, $p->create(array('name' => 'UnitTest2'), 1, true)); - $this->assertFalse($pp->isMember(2, 2)); - $this->assertFalse($pp->isManager(2, 2)); - - $this->assertEquals(3, $p->create(array('name' => 'UnitTest3'), 2, true)); - $this->assertTrue($pp->isMember(3, 2)); - $this->assertTrue($pp->isManager(3, 2)); - - $this->assertEquals(4, $p->create(array('name' => 'UnitTest4'))); - - $this->assertTrue($pp->addManager(4, 2)); - $this->assertTrue($pp->isMember(4, 2)); - $this->assertTrue($pp->isManager(4, 2)); - - $this->assertEquals(5, $p->create(array('name' => 'UnitTest5'))); - $this->assertTrue($pp->addMember(5, 2)); - $this->assertTrue($pp->changeRole(5, 2, 1)); - $this->assertTrue($pp->isMember(5, 2)); - $this->assertTrue($pp->isManager(5, 2)); - $this->assertTrue($pp->changeRole(5, 2, 0)); - $this->assertTrue($pp->isMember(5, 2)); - $this->assertFalse($pp->isManager(5, 2)); - } - - public function testUsersList() + public function testDuplicate() { - $p = new Project($this->container); - $pp = new ProjectPermission($this->container); - - $user = new User($this->container); - $this->assertNotFalse($user->create(array('username' => 'unittest', 'password' => 'unittest'))); - - // We create project - $this->assertEquals(1, $p->create(array('name' => 'UnitTest'))); - - // No restriction, we should have no body - $this->assertEquals( - array('Unassigned'), - $pp->getMemberList(1) - ); - - // We allow only the regular user - $this->assertTrue($pp->addMember(1, 2)); - - $this->assertEquals( - array(0 => 'Unassigned', 2 => 'unittest'), - $pp->getMemberList(1) - ); - - // We allow the admin user - $this->assertTrue($pp->addMember(1, 1)); - - $this->assertEquals( - array(0 => 'Unassigned', 1 => 'admin', 2 => 'unittest'), - $pp->getMemberList(1) - ); - - // We revoke only the regular user - $this->assertTrue($pp->revokeMember(1, 2)); - - $this->assertEquals( - array(0 => 'Unassigned', 1 => 'admin'), - $pp->getMemberList(1) - ); - - // We revoke only the admin user, we should have everybody - $this->assertTrue($pp->revokeMember(1, 1)); - - $this->assertEquals( - array(0 => 'Unassigned'), - $pp->getMemberList(1) - ); + $userModel = new User($this->container); + $projectModel = new Project($this->container); + $groupModel = new Group($this->container); + $groupMemberModel = new GroupMember($this->container); + $groupRoleModel = new ProjectGroupRole($this->container); + $userRoleModel = new ProjectUserRole($this->container); + $projectPermission = new ProjectPermission($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1'))); + $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2'))); + + $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1'))); + $this->assertEquals(3, $userModel->create(array('username' => 'user 2'))); + $this->assertEquals(4, $userModel->create(array('username' => 'user 3'))); + $this->assertEquals(5, $userModel->create(array('username' => 'user 4'))); + $this->assertEquals(6, $userModel->create(array('username' => 'user 5', 'name' => 'User #5'))); + + $this->assertEquals(1, $groupModel->create('Group C')); + $this->assertEquals(2, $groupModel->create('Group B')); + $this->assertEquals(3, $groupModel->create('Group A')); + + $this->assertTrue($groupMemberModel->addUser(1, 4)); + $this->assertTrue($groupMemberModel->addUser(2, 5)); + $this->assertTrue($groupMemberModel->addUser(3, 3)); + $this->assertTrue($groupMemberModel->addUser(3, 2)); + + $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER)); + $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER)); + + $this->assertTrue($userRoleModel->addUser(1, 5, Role::PROJECT_MANAGER)); + $this->assertTrue($userRoleModel->addUser(1, 6, Role::PROJECT_MEMBER)); + + $this->assertTrue($projectPermission->duplicate(1, 2)); + + $this->assertCount(2, $userRoleModel->getUsers(2)); + $this->assertCount(3, $groupRoleModel->getUsers(2)); } } diff --git a/tests/units/Model/ProjectTest.php b/tests/units/Model/ProjectTest.php index 56791700..4d8e6fc7 100644 --- a/tests/units/Model/ProjectTest.php +++ b/tests/units/Model/ProjectTest.php @@ -5,7 +5,6 @@ require_once __DIR__.'/../Base.php'; use Kanboard\Core\Translator; use Kanboard\Subscriber\ProjectModificationDateSubscriber; use Kanboard\Model\Project; -use Kanboard\Model\ProjectPermission; use Kanboard\Model\User; use Kanboard\Model\Task; use Kanboard\Model\TaskCreation; diff --git a/tests/units/Model/ProjectUserRoleTest.php b/tests/units/Model/ProjectUserRoleTest.php new file mode 100644 index 00000000..c6b4eb7c --- /dev/null +++ b/tests/units/Model/ProjectUserRoleTest.php @@ -0,0 +1,400 @@ +<?php + +require_once __DIR__.'/../Base.php'; + +use Kanboard\Model\Project; +use Kanboard\Model\User; +use Kanboard\Model\Group; +use Kanboard\Model\GroupMember; +use Kanboard\Model\ProjectGroupRole; +use Kanboard\Model\ProjectUserRole; +use Kanboard\Core\Security\Role; + +class ProjectUserRoleTest extends Base +{ + public function testAddUser() + { + $projectModel = new Project($this->container); + $userRoleModel = new ProjectUserRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Test'))); + + $this->assertTrue($userRoleModel->addUser(1, 1, Role::PROJECT_VIEWER)); + $this->assertFalse($userRoleModel->addUser(1, 1, Role::PROJECT_VIEWER)); + + $users = $userRoleModel->getUsers(1); + $this->assertCount(1, $users); + $this->assertEquals(1, $users[0]['id']); + $this->assertEquals('admin', $users[0]['username']); + $this->assertEquals('', $users[0]['name']); + $this->assertEquals(Role::PROJECT_VIEWER, $users[0]['role']); + } + + public function testRemoveUser() + { + $projectModel = new Project($this->container); + $userRoleModel = new ProjectUserRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Test'))); + + $this->assertTrue($userRoleModel->addUser(1, 1, Role::PROJECT_MEMBER)); + $this->assertTrue($userRoleModel->removeUser(1, 1)); + $this->assertFalse($userRoleModel->removeUser(1, 1)); + + $this->assertEmpty($userRoleModel->getUsers(1)); + } + + public function testChangeRole() + { + $projectModel = new Project($this->container); + $userRoleModel = new ProjectUserRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Test'))); + + $this->assertTrue($userRoleModel->addUser(1, 1, Role::PROJECT_VIEWER)); + $this->assertTrue($userRoleModel->changeUserRole(1, 1, Role::PROJECT_MANAGER)); + + $users = $userRoleModel->getUsers(1); + $this->assertCount(1, $users); + $this->assertEquals(1, $users[0]['id']); + $this->assertEquals('admin', $users[0]['username']); + $this->assertEquals('', $users[0]['name']); + $this->assertEquals(Role::PROJECT_MANAGER, $users[0]['role']); + } + + public function testGetRole() + { + $projectModel = new Project($this->container); + $userRoleModel = new ProjectUserRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Test'))); + $this->assertEmpty($userRoleModel->getUserRole(1, 1)); + + $this->assertTrue($userRoleModel->addUser(1, 1, Role::PROJECT_VIEWER)); + $this->assertEquals(Role::PROJECT_VIEWER, $userRoleModel->getUserRole(1, 1)); + + $this->assertTrue($userRoleModel->changeUserRole(1, 1, Role::PROJECT_MEMBER)); + $this->assertEquals(Role::PROJECT_MEMBER, $userRoleModel->getUserRole(1, 1)); + + $this->assertTrue($userRoleModel->changeUserRole(1, 1, Role::PROJECT_MANAGER)); + $this->assertEquals(Role::PROJECT_MANAGER, $userRoleModel->getUserRole(1, 1)); + + $this->assertEquals('', $userRoleModel->getUserRole(1, 2)); + } + + public function testGetRoleWithGroups() + { + $projectModel = new Project($this->container); + $groupModel = new Group($this->container); + $groupRoleModel = new ProjectGroupRole($this->container); + $groupMemberModel = new GroupMember($this->container); + $userRoleModel = new ProjectUserRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Test'))); + $this->assertEquals(1, $groupModel->create('Group A')); + + $this->assertTrue($groupMemberModel->addUser(1, 1)); + $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER)); + + $this->assertEquals(Role::PROJECT_VIEWER, $userRoleModel->getUserRole(1, 1)); + $this->assertEquals('', $userRoleModel->getUserRole(1, 2)); + } + + public function testGetAssignableUsersWithoutGroups() + { + $projectModel = new Project($this->container); + $userModel = new User($this->container); + $userRoleModel = new ProjectUserRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Test'))); + $this->assertEquals(2, $userModel->create(array('username' => 'user1', 'name' => 'User1'))); + $this->assertEquals(3, $userModel->create(array('username' => 'user2', 'name' => 'User2'))); + + $this->assertTrue($userRoleModel->addUser(1, 1, Role::PROJECT_MEMBER)); + $this->assertTrue($userRoleModel->addUser(1, 2, Role::PROJECT_MANAGER)); + $this->assertTrue($userRoleModel->addUser(1, 3, Role::PROJECT_VIEWER)); + + $users = $userRoleModel->getAssignableUsers(1); + $this->assertCount(2, $users); + + $this->assertEquals('admin', $users[1]); + $this->assertEquals('User1', $users[2]); + } + + public function testGetAssignableUsersWithGroups() + { + $projectModel = new Project($this->container); + $userModel = new User($this->container); + $groupModel = new Group($this->container); + $userRoleModel = new ProjectUserRole($this->container); + $groupRoleModel = new ProjectGroupRole($this->container); + $groupMemberModel = new GroupMember($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Test'))); + + $this->assertEquals(2, $userModel->create(array('username' => 'user1', 'name' => 'User1'))); + $this->assertEquals(3, $userModel->create(array('username' => 'user2', 'name' => 'User2'))); + $this->assertEquals(4, $userModel->create(array('username' => 'user3', 'name' => 'User3'))); + $this->assertEquals(5, $userModel->create(array('username' => 'user4', 'name' => 'User4'))); + + $this->assertTrue($userRoleModel->addUser(1, 1, Role::PROJECT_MEMBER)); + $this->assertTrue($userRoleModel->addUser(1, 2, Role::PROJECT_MANAGER)); + $this->assertTrue($userRoleModel->addUser(1, 3, Role::PROJECT_VIEWER)); + + $this->assertEquals(1, $groupModel->create('Group A')); + $this->assertEquals(2, $groupModel->create('Group B')); + + $this->assertTrue($groupMemberModel->addUser(1, 4)); + $this->assertTrue($groupMemberModel->addUser(2, 5)); + + $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER)); + $this->assertTrue($groupRoleModel->addGroup(1, 2, Role::PROJECT_MEMBER)); + + $users = $userRoleModel->getAssignableUsers(1); + $this->assertCount(3, $users); + + $this->assertEquals('admin', $users[1]); + $this->assertEquals('User1', $users[2]); + $this->assertEquals('User4', $users[5]); + } + + public function testGetAssignableUsersList() + { + $projectModel = new Project($this->container); + $userModel = new User($this->container); + $userRoleModel = new ProjectUserRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Test1'))); + $this->assertEquals(2, $projectModel->create(array('name' => 'Test2'))); + + $this->assertEquals(2, $userModel->create(array('username' => 'user1', 'name' => 'User1'))); + $this->assertEquals(3, $userModel->create(array('username' => 'user2', 'name' => 'User2'))); + + $this->assertTrue($userRoleModel->addUser(2, 1, Role::PROJECT_MEMBER)); + $this->assertTrue($userRoleModel->addUser(1, 1, Role::PROJECT_MEMBER)); + $this->assertTrue($userRoleModel->addUser(1, 2, Role::PROJECT_MANAGER)); + $this->assertTrue($userRoleModel->addUser(1, 3, Role::PROJECT_VIEWER)); + + $users = $userRoleModel->getAssignableUsersList(1); + $this->assertCount(3, $users); + + $this->assertEquals('Unassigned', $users[0]); + $this->assertEquals('admin', $users[1]); + $this->assertEquals('User1', $users[2]); + + $users = $userRoleModel->getAssignableUsersList(1, true, true, true); + $this->assertCount(4, $users); + + $this->assertEquals('Unassigned', $users[0]); + $this->assertEquals('Everybody', $users[-1]); + $this->assertEquals('admin', $users[1]); + $this->assertEquals('User1', $users[2]); + + $users = $userRoleModel->getAssignableUsersList(2, true, true, true); + $this->assertCount(1, $users); + + $this->assertEquals('admin', $users[1]); + } + + public function testGetAssignableUsersWithEverybodyAllowed() + { + $projectModel = new Project($this->container); + $userModel = new User($this->container); + $userRoleModel = new ProjectUserRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Test', 'is_everybody_allowed' => 1))); + + $this->assertEquals(2, $userModel->create(array('username' => 'user1', 'name' => 'User1'))); + $this->assertEquals(3, $userModel->create(array('username' => 'user2', 'name' => 'User2'))); + $this->assertEquals(4, $userModel->create(array('username' => 'user3', 'name' => 'User3'))); + $this->assertEquals(5, $userModel->create(array('username' => 'user4', 'name' => 'User4'))); + + $users = $userRoleModel->getAssignableUsers(1); + $this->assertCount(5, $users); + + $this->assertEquals('admin', $users[1]); + $this->assertEquals('User1', $users[2]); + $this->assertEquals('User2', $users[3]); + $this->assertEquals('User3', $users[4]); + $this->assertEquals('User4', $users[5]); + } + + public function testGetProjectsByUser() + { + $userModel = new User($this->container); + $projectModel = new Project($this->container); + $groupModel = new Group($this->container); + $groupMemberModel = new GroupMember($this->container); + $groupRoleModel = new ProjectGroupRole($this->container); + $userRoleModel = new ProjectUserRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1'))); + $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2'))); + + $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1'))); + $this->assertEquals(3, $userModel->create(array('username' => 'user 2'))); + $this->assertEquals(4, $userModel->create(array('username' => 'user 3'))); + $this->assertEquals(5, $userModel->create(array('username' => 'user 4'))); + $this->assertEquals(6, $userModel->create(array('username' => 'user 5', 'name' => 'User #5'))); + $this->assertEquals(7, $userModel->create(array('username' => 'user 6'))); + + $this->assertEquals(1, $groupModel->create('Group C')); + $this->assertEquals(2, $groupModel->create('Group B')); + $this->assertEquals(3, $groupModel->create('Group A')); + + $this->assertTrue($groupMemberModel->addUser(1, 4)); + $this->assertTrue($groupMemberModel->addUser(2, 5)); + $this->assertTrue($groupMemberModel->addUser(3, 3)); + $this->assertTrue($groupMemberModel->addUser(3, 2)); + + $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER)); + $this->assertTrue($groupRoleModel->addGroup(2, 2, Role::PROJECT_MEMBER)); + $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER)); + + $this->assertTrue($userRoleModel->addUser(1, 6, Role::PROJECT_MANAGER)); + $this->assertTrue($userRoleModel->addUser(2, 6, Role::PROJECT_MEMBER)); + $this->assertTrue($userRoleModel->addUser(2, 7, Role::PROJECT_MEMBER)); + + $projects = $userRoleModel->getProjectsByUser(2); + $this->assertCount(1, $projects); + $this->assertEquals('Project 1', $projects[1]); + + $projects = $userRoleModel->getProjectsByUser(3); + $this->assertCount(1, $projects); + $this->assertEquals('Project 1', $projects[1]); + + $projects = $userRoleModel->getProjectsByUser(4); + $this->assertCount(1, $projects); + $this->assertEquals('Project 1', $projects[1]); + + $projects = $userRoleModel->getProjectsByUser(5); + $this->assertCount(1, $projects); + $this->assertEquals('Project 2', $projects[2]); + + $projects = $userRoleModel->getProjectsByUser(6); + $this->assertCount(2, $projects); + $this->assertEquals('Project 1', $projects[1]); + $this->assertEquals('Project 2', $projects[2]); + + $projects = $userRoleModel->getProjectsByUser(7); + $this->assertCount(1, $projects); + $this->assertEquals('Project 2', $projects[2]); + } + + public function testGetActiveProjectsByUser() + { + $userModel = new User($this->container); + $projectModel = new Project($this->container); + $groupModel = new Group($this->container); + $groupMemberModel = new GroupMember($this->container); + $groupRoleModel = new ProjectGroupRole($this->container); + $userRoleModel = new ProjectUserRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1', 'is_active' => 0))); + $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2'))); + + $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1'))); + $this->assertEquals(3, $userModel->create(array('username' => 'user 2'))); + $this->assertEquals(4, $userModel->create(array('username' => 'user 3'))); + $this->assertEquals(5, $userModel->create(array('username' => 'user 4'))); + $this->assertEquals(6, $userModel->create(array('username' => 'user 5', 'name' => 'User #5'))); + $this->assertEquals(7, $userModel->create(array('username' => 'user 6'))); + + $this->assertEquals(1, $groupModel->create('Group C')); + $this->assertEquals(2, $groupModel->create('Group B')); + $this->assertEquals(3, $groupModel->create('Group A')); + + $this->assertTrue($groupMemberModel->addUser(1, 4)); + $this->assertTrue($groupMemberModel->addUser(2, 5)); + $this->assertTrue($groupMemberModel->addUser(3, 3)); + $this->assertTrue($groupMemberModel->addUser(3, 2)); + + $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER)); + $this->assertTrue($groupRoleModel->addGroup(2, 2, Role::PROJECT_MEMBER)); + $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER)); + + $this->assertTrue($userRoleModel->addUser(1, 6, Role::PROJECT_MANAGER)); + $this->assertTrue($userRoleModel->addUser(2, 6, Role::PROJECT_MEMBER)); + $this->assertTrue($userRoleModel->addUser(2, 7, Role::PROJECT_MEMBER)); + + $projects = $userRoleModel->getProjectsByUser(2, array(Project::ACTIVE)); + $this->assertCount(0, $projects); + + $projects = $userRoleModel->getProjectsByUser(3, array(Project::ACTIVE)); + $this->assertCount(0, $projects); + + $projects = $userRoleModel->getProjectsByUser(4, array(Project::ACTIVE)); + $this->assertCount(0, $projects); + + $projects = $userRoleModel->getProjectsByUser(5, array(Project::ACTIVE)); + $this->assertCount(1, $projects); + $this->assertEquals('Project 2', $projects[2]); + + $projects = $userRoleModel->getProjectsByUser(6, array(Project::ACTIVE)); + $this->assertCount(1, $projects); + $this->assertEquals('Project 2', $projects[2]); + + $projects = $userRoleModel->getProjectsByUser(7, array(Project::ACTIVE)); + $this->assertCount(1, $projects); + $this->assertEquals('Project 2', $projects[2]); + } + + public function testGetInactiveProjectsByUser() + { + $userModel = new User($this->container); + $projectModel = new Project($this->container); + $groupModel = new Group($this->container); + $groupMemberModel = new GroupMember($this->container); + $groupRoleModel = new ProjectGroupRole($this->container); + $userRoleModel = new ProjectUserRole($this->container); + + $this->assertEquals(1, $projectModel->create(array('name' => 'Project 1', 'is_active' => 0))); + $this->assertEquals(2, $projectModel->create(array('name' => 'Project 2'))); + + $this->assertEquals(2, $userModel->create(array('username' => 'user 1', 'name' => 'User #1'))); + $this->assertEquals(3, $userModel->create(array('username' => 'user 2'))); + $this->assertEquals(4, $userModel->create(array('username' => 'user 3'))); + $this->assertEquals(5, $userModel->create(array('username' => 'user 4'))); + $this->assertEquals(6, $userModel->create(array('username' => 'user 5', 'name' => 'User #5'))); + $this->assertEquals(7, $userModel->create(array('username' => 'user 6'))); + + $this->assertEquals(1, $groupModel->create('Group C')); + $this->assertEquals(2, $groupModel->create('Group B')); + $this->assertEquals(3, $groupModel->create('Group A')); + + $this->assertTrue($groupMemberModel->addUser(1, 4)); + $this->assertTrue($groupMemberModel->addUser(2, 5)); + $this->assertTrue($groupMemberModel->addUser(3, 3)); + $this->assertTrue($groupMemberModel->addUser(3, 2)); + + $this->assertTrue($groupRoleModel->addGroup(1, 1, Role::PROJECT_VIEWER)); + $this->assertTrue($groupRoleModel->addGroup(2, 2, Role::PROJECT_MEMBER)); + $this->assertTrue($groupRoleModel->addGroup(1, 3, Role::PROJECT_MANAGER)); + + $this->assertTrue($userRoleModel->addUser(1, 6, Role::PROJECT_MANAGER)); + $this->assertTrue($userRoleModel->addUser(2, 6, Role::PROJECT_MEMBER)); + $this->assertTrue($userRoleModel->addUser(2, 7, Role::PROJECT_MEMBER)); + + $projects = $userRoleModel->getProjectsByUser(2, array(Project::INACTIVE)); + $this->assertCount(1, $projects); + $this->assertEquals('Project 1', $projects[1]); + + $projects = $userRoleModel->getProjectsByUser(3, array(Project::INACTIVE)); + $this->assertCount(1, $projects); + $this->assertEquals('Project 1', $projects[1]); + + $projects = $userRoleModel->getProjectsByUser(4, array(Project::INACTIVE)); + $this->assertCount(1, $projects); + $this->assertEquals('Project 1', $projects[1]); + + $projects = $userRoleModel->getProjectsByUser(5, array(Project::INACTIVE)); + $this->assertCount(0, $projects); + + $projects = $userRoleModel->getProjectsByUser(6, array(Project::INACTIVE)); + $this->assertCount(1, $projects); + $this->assertEquals('Project 1', $projects[1]); + + $projects = $userRoleModel->getProjectsByUser(7, array(Project::INACTIVE)); + $this->assertCount(0, $projects); + } +} diff --git a/tests/units/Model/SubtaskTest.php b/tests/units/Model/SubtaskTest.php index e446e104..9be2dff4 100644 --- a/tests/units/Model/SubtaskTest.php +++ b/tests/units/Model/SubtaskTest.php @@ -8,7 +8,7 @@ use Kanboard\Model\Subtask; use Kanboard\Model\Project; use Kanboard\Model\Category; use Kanboard\Model\User; -use Kanboard\Model\UserSession; +use Kanboard\Core\User\UserSession; class SubtaskTest extends Base { diff --git a/tests/units/Model/TaskCreationTest.php b/tests/units/Model/TaskCreationTest.php index 5de0a5cc..e35f1bc7 100644 --- a/tests/units/Model/TaskCreationTest.php +++ b/tests/units/Model/TaskCreationTest.php @@ -8,7 +8,6 @@ use Kanboard\Model\TaskCreation; use Kanboard\Model\TaskFinder; use Kanboard\Model\TaskStatus; use Kanboard\Model\Project; -use Kanboard\Model\ProjectPermission; class TaskCreationTest extends Base { diff --git a/tests/units/Model/TaskDuplicationTest.php b/tests/units/Model/TaskDuplicationTest.php index d65e8f28..798b3835 100644 --- a/tests/units/Model/TaskDuplicationTest.php +++ b/tests/units/Model/TaskDuplicationTest.php @@ -8,10 +8,11 @@ use Kanboard\Model\TaskDuplication; use Kanboard\Model\TaskFinder; use Kanboard\Model\TaskStatus; use Kanboard\Model\Project; -use Kanboard\Model\ProjectPermission; +use Kanboard\Model\ProjectUserRole; use Kanboard\Model\Category; use Kanboard\Model\User; use Kanboard\Model\Swimlane; +use Kanboard\Core\Security\Role; class TaskDuplicationTest extends Base { @@ -127,7 +128,7 @@ class TaskDuplicationTest extends Base // Check the values of the duplicated task $task = $tf->getById(2); $this->assertNotEmpty($task); - $this->assertEquals(1, $task['owner_id']); + $this->assertEquals(0, $task['owner_id']); $this->assertEquals(0, $task['category_id']); $this->assertEquals(0, $task['swimlane_id']); $this->assertEquals(6, $task['column_id']); @@ -333,7 +334,7 @@ class TaskDuplicationTest extends Base $tc = new TaskCreation($this->container); $tf = new TaskFinder($this->container); $p = new Project($this->container); - $pp = new ProjectPermission($this->container); + $pp = new ProjectUserRole($this->container); // We create 2 projects $this->assertEquals(1, $p->create(array('name' => 'test1'))); @@ -357,10 +358,8 @@ class TaskDuplicationTest extends Base // We create a new user for our project $user = new User($this->container); $this->assertNotFalse($user->create(array('username' => 'unittest#1', 'password' => 'unittest'))); - $this->assertTrue($pp->addMember(1, 2)); - $this->assertTrue($pp->addMember(2, 2)); - $this->assertTrue($pp->isUserAllowed(1, 2)); - $this->assertTrue($pp->isUserAllowed(2, 2)); + $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER)); + $this->assertTrue($pp->addUser(2, 2, Role::PROJECT_MEMBER)); // We duplicate our task to the 2nd project $this->assertEquals(3, $td->duplicateToProject(1, 2)); @@ -391,7 +390,7 @@ class TaskDuplicationTest extends Base $tc = new TaskCreation($this->container); $tf = new TaskFinder($this->container); $p = new Project($this->container); - $pp = new ProjectPermission($this->container); + $pr = new ProjectUserRole($this->container); // We create 2 projects $this->assertEquals(1, $p->create(array('name' => 'test1'))); @@ -399,6 +398,7 @@ class TaskDuplicationTest extends Base // We create a task $this->assertEquals(1, $tc->create(array('title' => 'test', 'project_id' => 1, 'column_id' => 2, 'owner_id' => 2))); + $this->assertTrue($pr->addUser(2, 1, Role::PROJECT_MEMBER)); // We duplicate our task to the 2nd project $this->assertEquals(2, $td->duplicateToProject(1, 2, null, null, null, 1)); @@ -425,7 +425,6 @@ class TaskDuplicationTest extends Base $tc = new TaskCreation($this->container); $tf = new TaskFinder($this->container); $p = new Project($this->container); - $pp = new ProjectPermission($this->container); $user = new User($this->container); // We create 2 projects @@ -446,7 +445,7 @@ class TaskDuplicationTest extends Base // Check the values of the moved task $task = $tf->getById(1); $this->assertNotEmpty($task); - $this->assertEquals(1, $task['owner_id']); + $this->assertEquals(0, $task['owner_id']); $this->assertEquals(0, $task['category_id']); $this->assertEquals(0, $task['swimlane_id']); $this->assertEquals(2, $task['project_id']); @@ -496,7 +495,7 @@ class TaskDuplicationTest extends Base $tc = new TaskCreation($this->container); $tf = new TaskFinder($this->container); $p = new Project($this->container); - $pp = new ProjectPermission($this->container); + $pp = new ProjectUserRole($this->container); $user = new User($this->container); // We create 2 projects @@ -505,10 +504,8 @@ class TaskDuplicationTest extends Base // We create a new user for our project $this->assertNotFalse($user->create(array('username' => 'unittest#1', 'password' => 'unittest'))); - $this->assertTrue($pp->addMember(1, 2)); - $this->assertTrue($pp->addMember(2, 2)); - $this->assertTrue($pp->isUserAllowed(1, 2)); - $this->assertTrue($pp->isUserAllowed(2, 2)); + $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER)); + $this->assertTrue($pp->addUser(2, 2, Role::PROJECT_MEMBER)); // We create a task $this->assertEquals(1, $tc->create(array('title' => 'test', 'project_id' => 1, 'column_id' => 2, 'owner_id' => 2))); @@ -531,7 +528,7 @@ class TaskDuplicationTest extends Base $tc = new TaskCreation($this->container); $tf = new TaskFinder($this->container); $p = new Project($this->container); - $pp = new ProjectPermission($this->container); + $pp = new ProjectUserRole($this->container); $user = new User($this->container); // We create 2 projects @@ -540,10 +537,8 @@ class TaskDuplicationTest extends Base // We create a new user for our project $this->assertNotFalse($user->create(array('username' => 'unittest#1', 'password' => 'unittest'))); - $this->assertTrue($pp->addMember(1, 2)); - $this->assertTrue($pp->addMember(2, 2)); - $this->assertTrue($pp->isUserAllowed(1, 2)); - $this->assertTrue($pp->isUserAllowed(2, 2)); + $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER)); + $this->assertTrue($pp->addUser(2, 2, Role::PROJECT_MEMBER)); // We create a task $this->assertEquals(1, $tc->create(array('title' => 'test', 'project_id' => 1, 'column_id' => 2, 'owner_id' => 3))); diff --git a/tests/units/Model/TaskFinderTest.php b/tests/units/Model/TaskFinderTest.php index e22f14e1..b21a4ea3 100644 --- a/tests/units/Model/TaskFinderTest.php +++ b/tests/units/Model/TaskFinderTest.php @@ -6,7 +6,6 @@ use Kanboard\Model\Task; use Kanboard\Model\TaskCreation; use Kanboard\Model\TaskFinder; use Kanboard\Model\Project; -use Kanboard\Model\ProjectPermission; use Kanboard\Model\Category; use Kanboard\Model\User; diff --git a/tests/units/Model/TaskModificationTest.php b/tests/units/Model/TaskModificationTest.php index 49b51f9b..25a4952e 100644 --- a/tests/units/Model/TaskModificationTest.php +++ b/tests/units/Model/TaskModificationTest.php @@ -8,7 +8,6 @@ use Kanboard\Model\TaskModification; use Kanboard\Model\TaskFinder; use Kanboard\Model\TaskStatus; use Kanboard\Model\Project; -use Kanboard\Model\ProjectPermission; class TaskModificationTest extends Base { diff --git a/tests/units/Model/TaskPermissionTest.php b/tests/units/Model/TaskPermissionTest.php index 56886ee7..0b093bbb 100644 --- a/tests/units/Model/TaskPermissionTest.php +++ b/tests/units/Model/TaskPermissionTest.php @@ -9,7 +9,7 @@ use Kanboard\Model\TaskPermission; use Kanboard\Model\Project; use Kanboard\Model\Category; use Kanboard\Model\User; -use Kanboard\Model\UserSession; +use Kanboard\Core\User\UserSession; class TaskPermissionTest extends Base { diff --git a/tests/units/Model/TaskStatusTest.php b/tests/units/Model/TaskStatusTest.php index de08ffb3..612afd23 100644 --- a/tests/units/Model/TaskStatusTest.php +++ b/tests/units/Model/TaskStatusTest.php @@ -8,7 +8,6 @@ use Kanboard\Model\TaskCreation; use Kanboard\Model\TaskFinder; use Kanboard\Model\TaskStatus; use Kanboard\Model\Project; -use Kanboard\Model\ProjectPermission; class TaskStatusTest extends Base { diff --git a/tests/units/Model/TaskTest.php b/tests/units/Model/TaskTest.php index 192dc098..60e752e5 100644 --- a/tests/units/Model/TaskTest.php +++ b/tests/units/Model/TaskTest.php @@ -7,7 +7,6 @@ use Kanboard\Model\TaskCreation; use Kanboard\Model\TaskFinder; use Kanboard\Model\TaskStatus; use Kanboard\Model\Project; -use Kanboard\Model\ProjectPermission; use Kanboard\Model\Category; use Kanboard\Model\User; diff --git a/tests/units/Model/UserLockingTest.php b/tests/units/Model/UserLockingTest.php new file mode 100644 index 00000000..c743f8eb --- /dev/null +++ b/tests/units/Model/UserLockingTest.php @@ -0,0 +1,43 @@ +<?php + +require_once __DIR__.'/../Base.php'; + +use Kanboard\Model\UserLocking; + +class UserLockingTest extends Base +{ + public function testFailedLogin() + { + $u = new UserLocking($this->container); + + $this->assertEquals(0, $u->getFailedLogin('admin')); + $this->assertEquals(0, $u->getFailedLogin('not_found')); + + $this->assertTrue($u->incrementFailedLogin('admin')); + $this->assertTrue($u->incrementFailedLogin('admin')); + + $this->assertEquals(2, $u->getFailedLogin('admin')); + $this->assertTrue($u->resetFailedLogin('admin')); + $this->assertEquals(0, $u->getFailedLogin('admin')); + } + + public function testLocking() + { + $u = new UserLocking($this->container); + + $this->assertFalse($u->isLocked('admin')); + $this->assertFalse($u->isLocked('not_found')); + $this->assertTrue($u->lock('admin', 1)); + $this->assertTrue($u->isLocked('admin')); + } + + public function testCaptcha() + { + $u = new UserLocking($this->container); + $this->assertTrue($u->incrementFailedLogin('admin')); + $this->assertFalse($u->hasCaptcha('admin', 2)); + + $this->assertTrue($u->incrementFailedLogin('admin')); + $this->assertTrue($u->hasCaptcha('admin', 2)); + } +} diff --git a/tests/units/Model/UserNotificationTest.php b/tests/units/Model/UserNotificationTest.php index 729667de..bf3b1b3f 100644 --- a/tests/units/Model/UserNotificationTest.php +++ b/tests/units/Model/UserNotificationTest.php @@ -9,12 +9,14 @@ use Kanboard\Model\Comment; use Kanboard\Model\User; use Kanboard\Model\File; use Kanboard\Model\Project; -use Kanboard\Model\Task; use Kanboard\Model\ProjectPermission; +use Kanboard\Model\Task; +use Kanboard\Model\ProjectUserRole; use Kanboard\Model\UserNotification; use Kanboard\Model\UserNotificationFilter; use Kanboard\Model\UserNotificationType; use Kanboard\Subscriber\UserNotificationSubscriber; +use Kanboard\Core\Security\Role; class UserNotificationTest extends Base { @@ -23,11 +25,11 @@ class UserNotificationTest extends Base $u = new User($this->container); $p = new Project($this->container); $n = new UserNotification($this->container); - $pp = new ProjectPermission($this->container); + $pp = new ProjectUserRole($this->container); $this->assertEquals(1, $p->create(array('name' => 'UnitTest1'))); $this->assertEquals(2, $u->create(array('username' => 'user1'))); - $this->assertTrue($pp->addMember(1, 2)); + $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER)); $this->assertEmpty($n->getUsersWithNotificationEnabled(1)); $n->enableNotification(2); @@ -101,7 +103,7 @@ class UserNotificationTest extends Base $u = new User($this->container); $p = new Project($this->container); $n = new UserNotification($this->container); - $pp = new ProjectPermission($this->container); + $pp = new ProjectUserRole($this->container); $this->assertEquals(1, $p->create(array('name' => 'UnitTest1'))); @@ -118,16 +120,16 @@ class UserNotificationTest extends Base $this->assertNotFalse($u->create(array('username' => 'user4'))); // Nobody is member of any projects - $this->assertEmpty($pp->getMembers(1)); + $this->assertEmpty($pp->getUsers(1)); $this->assertEmpty($n->getUsersWithNotificationEnabled(1)); // We allow all users to be member of our projects - $this->assertTrue($pp->addMember(1, 1)); - $this->assertTrue($pp->addMember(1, 2)); - $this->assertTrue($pp->addMember(1, 3)); - $this->assertTrue($pp->addMember(1, 4)); + $this->assertTrue($pp->addUser(1, 1, Role::PROJECT_MEMBER)); + $this->assertTrue($pp->addUser(1, 2, Role::PROJECT_MEMBER)); + $this->assertTrue($pp->addUser(1, 3, Role::PROJECT_MEMBER)); + $this->assertTrue($pp->addUser(1, 4, Role::PROJECT_MEMBER)); - $this->assertNotEmpty($pp->getMembers(1)); + $this->assertNotEmpty($pp->getUsers(1)); $users = $n->getUsersWithNotificationEnabled(1); $this->assertNotEmpty($users); diff --git a/tests/units/Model/UserTest.php b/tests/units/Model/UserTest.php index 90a80954..1d381006 100644 --- a/tests/units/Model/UserTest.php +++ b/tests/units/Model/UserTest.php @@ -9,34 +9,10 @@ use Kanboard\Model\Task; use Kanboard\Model\TaskCreation; use Kanboard\Model\TaskFinder; use Kanboard\Model\Project; +use Kanboard\Core\Security\Role; class UserTest extends Base { - public function testFailedLogin() - { - $u = new User($this->container); - - $this->assertEquals(0, $u->getFailedLogin('admin')); - $this->assertEquals(0, $u->getFailedLogin('not_found')); - - $this->assertTrue($u->incrementFailedLogin('admin')); - $this->assertTrue($u->incrementFailedLogin('admin')); - - $this->assertEquals(2, $u->getFailedLogin('admin')); - $this->assertTrue($u->resetFailedLogin('admin')); - $this->assertEquals(0, $u->getFailedLogin('admin')); - } - - public function testLocking() - { - $u = new User($this->container); - - $this->assertFalse($u->isLocked('admin')); - $this->assertFalse($u->isLocked('not_found')); - $this->assertTrue($u->lock('admin', 1)); - $this->assertTrue($u->isLocked('admin')); - } - public function testGetByEmail() { $u = new User($this->container); @@ -47,33 +23,27 @@ class UserTest extends Base $this->assertEmpty($u->getByEmail('')); } - public function testGetByGitlabId() + public function testGetByExternalId() { $u = new User($this->container); $this->assertNotFalse($u->create(array('username' => 'user1', 'password' => '123456', 'gitlab_id' => '1234'))); - $this->assertNotEmpty($u->getByGitlabId('1234')); - $this->assertEmpty($u->getByGitlabId('')); - } + $this->assertNotEmpty($u->getByExternalId('gitlab_id', '1234')); + $this->assertEmpty($u->getByExternalId('gitlab_id', '')); - public function testGetByGithubId() - { $u = new User($this->container); - $this->assertNotFalse($u->create(array('username' => 'user1', 'password' => '123456', 'github_id' => 'plop'))); - $this->assertNotFalse($u->create(array('username' => 'user2', 'password' => '123456', 'github_id' => ''))); + $this->assertNotFalse($u->create(array('username' => 'user2', 'password' => '123456', 'github_id' => 'plop'))); + $this->assertNotFalse($u->create(array('username' => 'user3', 'password' => '123456', 'github_id' => ''))); - $this->assertNotEmpty($u->getByGithubId('plop')); - $this->assertEmpty($u->getByGithubId('')); - } + $this->assertNotEmpty($u->getByExternalId('github_id', 'plop')); + $this->assertEmpty($u->getByExternalId('github_id', '')); - public function testGetByGoogleId() - { $u = new User($this->container); - $this->assertNotFalse($u->create(array('username' => 'user1', 'password' => '123456', 'google_id' => '1234'))); - $this->assertNotFalse($u->create(array('username' => 'user2', 'password' => '123456', 'google_id' => ''))); + $this->assertNotFalse($u->create(array('username' => 'user4', 'password' => '123456', 'google_id' => '1234'))); + $this->assertNotFalse($u->create(array('username' => 'user5', 'password' => '123456', 'google_id' => ''))); - $this->assertNotEmpty($u->getByGoogleId('1234')); - $this->assertEmpty($u->getByGoogleId('')); + $this->assertNotEmpty($u->getByExternalId('google_id', '1234')); + $this->assertEmpty($u->getByExternalId('google_id', '')); } public function testGetByToken() @@ -197,7 +167,7 @@ class UserTest extends Base 'password' => '1234', 'confirmation' => '1234', 'name' => 'me', - 'is_admin' => '', + 'role' => Role::APP_ADMIN, ); $u->prepare($input); @@ -207,9 +177,6 @@ class UserTest extends Base $this->assertNotEquals('1234', $input['password']); $this->assertNotEmpty($input['password']); - $this->assertArrayHasKey('is_admin', $input); - $this->assertInternalType('integer', $input['is_admin']); - $input = array( 'username' => 'user1', 'password' => '1234', @@ -273,8 +240,8 @@ class UserTest extends Base $u = new User($this->container); $this->assertEquals(2, $u->create(array('username' => 'user #1', 'password' => '123456', 'name' => 'User'))); $this->assertEquals(3, $u->create(array('username' => 'user #2', 'is_ldap_user' => 1))); - $this->assertEquals(4, $u->create(array('username' => 'user #3', 'is_project_admin' => 1))); - $this->assertEquals(5, $u->create(array('username' => 'user #4', 'gitlab_id' => ''))); + $this->assertEquals(4, $u->create(array('username' => 'user #3', 'role' => Role::APP_MANAGER))); + $this->assertEquals(5, $u->create(array('username' => 'user #4', 'gitlab_id' => '', 'role' => Role::APP_ADMIN))); $this->assertEquals(6, $u->create(array('username' => 'user #5', 'gitlab_id' => '1234'))); $this->assertFalse($u->create(array('username' => 'user #1'))); @@ -283,7 +250,7 @@ class UserTest extends Base $this->assertTrue(is_array($user)); $this->assertEquals('admin', $user['username']); $this->assertEquals('', $user['name']); - $this->assertEquals(1, $user['is_admin']); + $this->assertEquals(Role::APP_ADMIN, $user['role']); $this->assertEquals(0, $user['is_ldap_user']); $user = $u->getById(2); @@ -291,7 +258,7 @@ class UserTest extends Base $this->assertTrue(is_array($user)); $this->assertEquals('user #1', $user['username']); $this->assertEquals('User', $user['name']); - $this->assertEquals(0, $user['is_admin']); + $this->assertEquals(Role::APP_USER, $user['role']); $this->assertEquals(0, $user['is_ldap_user']); $user = $u->getById(3); @@ -299,27 +266,28 @@ class UserTest extends Base $this->assertTrue(is_array($user)); $this->assertEquals('user #2', $user['username']); $this->assertEquals('', $user['name']); - $this->assertEquals(0, $user['is_admin']); + $this->assertEquals(Role::APP_USER, $user['role']); $this->assertEquals(1, $user['is_ldap_user']); $user = $u->getById(4); $this->assertNotFalse($user); $this->assertTrue(is_array($user)); $this->assertEquals('user #3', $user['username']); - $this->assertEquals(0, $user['is_admin']); - $this->assertEquals(1, $user['is_project_admin']); + $this->assertEquals(Role::APP_MANAGER, $user['role']); $user = $u->getById(5); $this->assertNotFalse($user); $this->assertTrue(is_array($user)); $this->assertEquals('user #4', $user['username']); $this->assertEquals('', $user['gitlab_id']); + $this->assertEquals(Role::APP_ADMIN, $user['role']); $user = $u->getById(6); $this->assertNotFalse($user); $this->assertTrue(is_array($user)); $this->assertEquals('user #5', $user['username']); $this->assertEquals('1234', $user['gitlab_id']); + $this->assertEquals(Role::APP_USER, $user['role']); } public function testUpdate() @@ -336,7 +304,7 @@ class UserTest extends Base $this->assertTrue(is_array($user)); $this->assertEquals('biloute', $user['username']); $this->assertEquals('Toto', $user['name']); - $this->assertEquals(0, $user['is_admin']); + $this->assertEquals(Role::APP_USER, $user['role']); $this->assertEquals(0, $user['is_ldap_user']); $user = $u->getById(3); @@ -423,4 +391,36 @@ class UserTest extends Base $this->assertEquals('toto', $user['username']); $this->assertEmpty($user['token']); } + + public function testValidatePasswordModification() + { + $u = new User($this->container); + + $this->container['sessionStorage']->user = array( + 'id' => 1, + 'role' => Role::APP_ADMIN, + 'username' => 'admin', + ); + + $result = $u->validatePasswordModification(array()); + $this->assertFalse($result[0]); + + $result = $u->validatePasswordModification(array('id' => 1)); + $this->assertFalse($result[0]); + + $result = $u->validatePasswordModification(array('id' => 1, 'password' => '123456')); + $this->assertFalse($result[0]); + + $result = $u->validatePasswordModification(array('id' => 1, 'password' => '123456', 'confirmation' => 'wrong')); + $this->assertFalse($result[0]); + + $result = $u->validatePasswordModification(array('id' => 1, 'password' => '123456', 'confirmation' => '123456')); + $this->assertFalse($result[0]); + + $result = $u->validatePasswordModification(array('id' => 1, 'password' => '123456', 'confirmation' => '123456', 'current_password' => 'wrong')); + $this->assertFalse($result[0]); + + $result = $u->validatePasswordModification(array('id' => 1, 'password' => '123456', 'confirmation' => '123456', 'current_password' => 'admin')); + $this->assertTrue($result[0]); + } } diff --git a/tests/units/Notification/MailTest.php b/tests/units/Notification/MailTest.php index 3aa1a39c..8f343ba3 100644 --- a/tests/units/Notification/MailTest.php +++ b/tests/units/Notification/MailTest.php @@ -10,7 +10,6 @@ use Kanboard\Model\User; use Kanboard\Model\File; use Kanboard\Model\Project; use Kanboard\Model\Task; -use Kanboard\Model\ProjectPermission; use Kanboard\Notification\Mail; use Kanboard\Subscriber\NotificationSubscriber; diff --git a/tests/units/User/DatabaseUserProviderTest.php b/tests/units/User/DatabaseUserProviderTest.php new file mode 100644 index 00000000..96c03667 --- /dev/null +++ b/tests/units/User/DatabaseUserProviderTest.php @@ -0,0 +1,14 @@ +<?php + +require_once __DIR__.'/../Base.php'; + +use Kanboard\User\DatabaseUserProvider; + +class DatabaseUserProviderTest extends Base +{ + public function testGetInternalId() + { + $provider = new DatabaseUserProvider(array('id' => 123)); + $this->assertEquals(123, $provider->getInternalId()); + } +} |