1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
<?php
require_once __DIR__.'/../../Base.php';
use Kanboard\Core\User\UserSession;
use Kanboard\Core\Security\Role;
class UserSessionTest extends Base
{
public function testInitialize()
{
$userSession = new UserSession($this->container);
$user = array(
'id' => '123',
'username' => 'john',
'password' => 'something',
'twofactor_secret' => 'something else',
'is_admin' => '1',
'is_project_admin' => '0',
'is_ldap_user' => '0',
'twofactor_activated' => '0',
'role' => Role::APP_MANAGER,
);
$userSession->initialize($user);
$this->assertNotEmpty($_SESSION);
$this->assertEquals(123, $_SESSION['user']['id']);
$this->assertEquals('john', $_SESSION['user']['username']);
$this->assertEquals(Role::APP_MANAGER, $_SESSION['user']['role']);
$this->assertFalse($_SESSION['user']['is_ldap_user']);
$this->assertFalse($_SESSION['user']['twofactor_activated']);
$this->assertArrayNotHasKey('password', $_SESSION['user']);
$this->assertArrayNotHasKey('twofactor_secret', $_SESSION['user']);
$this->assertArrayNotHasKey('is_admin', $_SESSION['user']);
$this->assertArrayNotHasKey('is_project_admin', $_SESSION['user']);
$this->assertEquals('john', $userSession->getUsername());
}
public function testGetId()
{
$userSession = new UserSession($this->container);
$this->assertEquals(0, $userSession->getId());
$_SESSION['user'] = array('id' => 2);
$this->assertEquals(2, $userSession->getId());
$_SESSION['user'] = array('id' => '2');
$this->assertEquals(2, $userSession->getId());
}
public function testIsLogged()
{
$userSession = new UserSession($this->container);
$this->assertFalse($userSession->isLogged());
$_SESSION['user'] = array();
$this->assertFalse($userSession->isLogged());
$_SESSION['user'] = array('id' => 1);
$this->assertTrue($userSession->isLogged());
}
public function testIsAdmin()
{
$userSession = new UserSession($this->container);
$this->assertFalse($userSession->isAdmin());
$_SESSION['user'] = array('role' => Role::APP_ADMIN);
$this->assertTrue($userSession->isAdmin());
$_SESSION['user'] = array('role' => Role::APP_USER);
$this->assertFalse($userSession->isAdmin());
$_SESSION['user'] = array('role' => '');
$this->assertFalse($userSession->isAdmin());
}
public function testFilters()
{
$userSession = new UserSession($this->container);
$this->assertEquals('status:open', $userSession->getFilters(1));
$userSession->setFilters(1, 'assignee:me');
$this->assertEquals('assignee:me', $userSession->getFilters(1));
$this->assertEquals('status:open', $userSession->getFilters(2));
$userSession->setFilters(2, 'assignee:bob');
$this->assertEquals('assignee:bob', $userSession->getFilters(2));
}
public function testPostAuthentication()
{
$userSession = new UserSession($this->container);
$this->assertFalse($userSession->isPostAuthenticationValidated());
$_SESSION['postAuthenticationValidated'] = false;
$this->assertFalse($userSession->isPostAuthenticationValidated());
$userSession->validatePostAuthentication();
$this->assertTrue($userSession->isPostAuthenticationValidated());
$_SESSION['user'] = array();
$this->assertFalse($userSession->hasPostAuthentication());
$_SESSION['user'] = array('twofactor_activated' => false);
$this->assertFalse($userSession->hasPostAuthentication());
$_SESSION['user'] = array('twofactor_activated' => true);
$this->assertTrue($userSession->hasPostAuthentication());
$userSession->disablePostAuthentication();
$this->assertFalse($userSession->hasPostAuthentication());
}
}
|