summaryrefslogtreecommitdiff
path: root/tests/units/Core/User/UserSessionTest.php
blob: 5e7bab43d477e3cdd9c46570569b1975d2d3542a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
<?php

require_once __DIR__.'/../../Base.php';

use Kanboard\Core\User\UserSession;
use Kanboard\Core\Security\Role;

class UserSessionTest extends Base
{
    public function testInitialize()
    {
        $userSession = new UserSession($this->container);
        $user = array(
            'id' => '123',
            'username' => 'john',
            'password' => 'something',
            'twofactor_secret' => 'something else',
            'is_admin' => '1',
            'is_project_admin' => '0',
            'is_ldap_user' => '0',
            'twofactor_activated' => '0',
            'role' => Role::APP_MANAGER,
        );

        $userSession->initialize($user);

        $this->assertNotEmpty($_SESSION);
        $this->assertEquals(123, $_SESSION['user']['id']);
        $this->assertEquals('john', $_SESSION['user']['username']);
        $this->assertEquals(Role::APP_MANAGER, $_SESSION['user']['role']);
        $this->assertFalse($_SESSION['user']['is_ldap_user']);
        $this->assertFalse($_SESSION['user']['twofactor_activated']);
        $this->assertArrayNotHasKey('password', $_SESSION['user']);
        $this->assertArrayNotHasKey('twofactor_secret', $_SESSION['user']);
        $this->assertArrayNotHasKey('is_admin', $_SESSION['user']);
        $this->assertArrayNotHasKey('is_project_admin', $_SESSION['user']);

        $this->assertEquals('john', $userSession->getUsername());
    }

    public function testGetId()
    {
        $userSession = new UserSession($this->container);

        $this->assertEquals(0, $userSession->getId());

        $_SESSION['user'] = array('id' => 2);
        $this->assertEquals(2, $userSession->getId());

        $_SESSION['user'] = array('id' => '2');
        $this->assertEquals(2, $userSession->getId());
    }

    public function testIsLogged()
    {
        $userSession = new UserSession($this->container);
        $this->assertFalse($userSession->isLogged());

        $_SESSION['user'] = array();
        $this->assertFalse($userSession->isLogged());

        $_SESSION['user'] = array('id' => 1);
        $this->assertTrue($userSession->isLogged());
    }

    public function testIsAdmin()
    {
        $userSession = new UserSession($this->container);
        $this->assertFalse($userSession->isAdmin());

        $_SESSION['user'] = array('role' => Role::APP_ADMIN);
        $this->assertTrue($userSession->isAdmin());

        $_SESSION['user'] = array('role' => Role::APP_USER);
        $this->assertFalse($userSession->isAdmin());

        $_SESSION['user'] = array('role' => '');
        $this->assertFalse($userSession->isAdmin());
    }

    public function testFilters()
    {
        $userSession = new UserSession($this->container);
        $this->assertEquals('status:open', $userSession->getFilters(1));

        $userSession->setFilters(1, 'assignee:me');
        $this->assertEquals('assignee:me', $userSession->getFilters(1));

        $this->assertEquals('status:open', $userSession->getFilters(2));

        $userSession->setFilters(2, 'assignee:bob');
        $this->assertEquals('assignee:bob', $userSession->getFilters(2));
    }

    public function testPostAuthentication()
    {
        $userSession = new UserSession($this->container);
        $this->assertFalse($userSession->isPostAuthenticationValidated());

        $_SESSION['postAuthenticationValidated'] = false;
        $this->assertFalse($userSession->isPostAuthenticationValidated());

        $userSession->validatePostAuthentication();
        $this->assertTrue($userSession->isPostAuthenticationValidated());

        $_SESSION['user'] = array();
        $this->assertFalse($userSession->hasPostAuthentication());

        $_SESSION['user'] = array('twofactor_activated' => false);
        $this->assertFalse($userSession->hasPostAuthentication());

        $_SESSION['user'] = array('twofactor_activated' => true);
        $this->assertTrue($userSession->hasPostAuthentication());

        $userSession->disablePostAuthentication();
        $this->assertFalse($userSession->hasPostAuthentication());
    }
}