From 6d5ada252202bfb29eba884cf9567e969d798607 Mon Sep 17 00:00:00 2001 From: Igor Scheller Date: Tue, 9 Jul 2019 22:02:07 +0200 Subject: Added validation to AuthController --- tests/Unit/Controllers/AuthControllerTest.php | 61 ++++++++++++++++----------- 1 file changed, 37 insertions(+), 24 deletions(-) (limited to 'tests/Unit') diff --git a/tests/Unit/Controllers/AuthControllerTest.php b/tests/Unit/Controllers/AuthControllerTest.php index 0fad3b6d..d3dbfa4b 100644 --- a/tests/Unit/Controllers/AuthControllerTest.php +++ b/tests/Unit/Controllers/AuthControllerTest.php @@ -4,15 +4,21 @@ namespace Engelsystem\Test\Unit\Controllers; use Engelsystem\Controllers\AuthController; use Engelsystem\Helpers\Authenticator; +use Engelsystem\Http\Exceptions\ValidationException; use Engelsystem\Http\Request; use Engelsystem\Http\Response; use Engelsystem\Http\UrlGeneratorInterface; +use Engelsystem\Http\Validation\Validates; +use Engelsystem\Http\Validation\Validator; use Engelsystem\Models\User\Settings; use Engelsystem\Models\User\User; use Engelsystem\Test\Unit\HasDatabase; +use Illuminate\Support\Collection; use PHPUnit\Framework\MockObject\MockObject; use PHPUnit\Framework\TestCase; +use Symfony\Component\HttpFoundation\Session\Session; use Symfony\Component\HttpFoundation\Session\SessionInterface; +use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage; class AuthControllerTest extends TestCase { @@ -21,6 +27,7 @@ class AuthControllerTest extends TestCase /** * @covers \Engelsystem\Controllers\AuthController::__construct * @covers \Engelsystem\Controllers\AuthController::login + * @covers \Engelsystem\Controllers\AuthController::showLogin */ public function testLogin() { @@ -31,6 +38,10 @@ class AuthControllerTest extends TestCase /** @var Authenticator|MockObject $auth */ list(, $session, $url, $auth) = $this->getMocks(); + $session->expects($this->once()) + ->method('get') + ->with('errors', []) + ->willReturn(['foo' => 'bar']); $response->expects($this->once()) ->method('withView') ->with('pages/login') @@ -42,7 +53,6 @@ class AuthControllerTest extends TestCase /** * @covers \Engelsystem\Controllers\AuthController::postLogin - * @covers \Engelsystem\Controllers\AuthController::authenticateUser */ public function testPostLogin() { @@ -51,10 +61,12 @@ class AuthControllerTest extends TestCase $request = new Request(); /** @var Response|MockObject $response */ $response = $this->createMock(Response::class); - /** @var SessionInterface|MockObject $session */ /** @var UrlGeneratorInterface|MockObject $url */ /** @var Authenticator|MockObject $auth */ - list(, $session, $url, $auth) = $this->getMocks(); + list(, , $url, $auth) = $this->getMocks(); + $session = new Session(new MockArraySessionStorage()); + /** @var Validator|MockObject $validator */ + $validator = new Validator(new Validates()); $user = new User([ 'name' => 'foo', @@ -63,7 +75,7 @@ class AuthControllerTest extends TestCase 'api_key' => '', 'last_login_at' => null, ]); - $user->forceFill(['id' => 42,]); + $user->forceFill(['id' => 42]); $user->save(); $settings = new Settings(['language' => 'de_DE', 'theme' => '']); @@ -76,41 +88,42 @@ class AuthControllerTest extends TestCase ->with('foo', 'bar') ->willReturnOnConsecutiveCalls(null, $user); - $response->expects($this->exactly(3)) + $response->expects($this->once()) ->method('withView') - ->withConsecutive( - ['pages/login', ['errors' => ['auth.no-nickname'], 'show_password_recovery' => true]], - ['pages/login', ['errors' => ['auth.no-password'], 'show_password_recovery' => true]], - ['pages/login', ['errors' => ['auth.not-found'], 'show_password_recovery' => true]]) + ->with('pages/login', ['errors' => Collection::make(['auth.not-found']), 'show_password_recovery' => true]) ->willReturn($response); $response->expects($this->once()) ->method('redirectTo') ->with('news') ->willReturn($response); - $session->expects($this->once()) - ->method('invalidate'); - - $session->expects($this->exactly(2)) - ->method('set') - ->withConsecutive( - ['user_id', 42], - ['locale', 'de_DE'] - ); - + // No credentials $controller = new AuthController($response, $session, $url, $auth); - $controller->postLogin($request); + $controller->setValidator($validator); + try { + $controller->postLogin($request); + $this->fail('Login without credentials possible'); + } catch (ValidationException $e) { + } + + // Missing password + $request = new Request([], ['login' => 'foo']); + try { + $controller->postLogin($request); + $this->fail('Login without password possible'); + } catch (ValidationException $e) { + } - $request = new Request(['login' => 'foo']); - $controller->postLogin($request); - - $request = new Request(['login' => 'foo', 'password' => 'bar']); // No user found + $request = new Request([], ['login' => 'foo', 'password' => 'bar']); $controller->postLogin($request); + $this->assertEquals([], $session->all()); + // Authenticated user $controller->postLogin($request); $this->assertNotNull($user->last_login_at); + $this->assertEquals(['user_id' => 42, 'locale' => 'de_DE'], $session->all()); } /** -- cgit v1.2.3-70-g09d2