BookStack Code Mirror - bookstack/blobdiff

index c39ef68e56399740b3ace0965e2d3d29b67d61dc..f1f47696641ac4978f2dc33c87a93b5b8805a3e6 100644 (file)

--- a/tests/Auth/AuthTest.php

+++ b/tests/Auth/AuthTest.php

@@ -1,9 +1,15 @@

-<?php namespace Tests;

+<?php namespace Tests\Auth;

-use BookStack\Notifications\ConfirmEmail;

+use BookStack\Auth\Role;

use BookStack\Auth\User;

+use BookStack\Entities\Page;

+use BookStack\Notifications\ConfirmEmail;

+use BookStack\Notifications\ResetPassword;

use BookStack\Settings\SettingService;

+use DB;

+use Hash;

use Illuminate\Support\Facades\Notification;

+use Tests\BrowserKitTest;

class AuthTest extends BrowserKitTest

{

class AuthTest extends BrowserKitTest

{

@@ -80,7 +86,7 @@ class AuthTest extends BrowserKitTest

->press('Create Account')

->see('The name must be at least 2 characters.')

->see('The email must be a valid email address.')

->press('Create Account')

->see('The name must be at least 2 characters.')

->see('The email must be a valid email address.')

- ->see('The password must be at least 6 characters.')

+ ->see('The password must be at least 8 characters.')

->seePageIs('/register');

}

->seePageIs('/register');

}

@@ -127,7 +133,7 @@ class AuthTest extends BrowserKitTest

->press('Resend Confirmation Email');

// Get confirmation and confirm notification matches

->press('Resend Confirmation Email');

// Get confirmation and confirm notification matches

- $emailConfirmation = \DB::table('email_confirmations')->where('user_id', '=', $dbUser->id)->first();

+ $emailConfirmation = DB::table('email_confirmations')->where('user_id', '=', $dbUser->id)->first();

Notification::assertSentTo($dbUser, ConfirmEmail::class, function($notification, $channels) use ($emailConfirmation) {

return $notification->token === $emailConfirmation->token;

});

Notification::assertSentTo($dbUser, ConfirmEmail::class, function($notification, $channels) use ($emailConfirmation) {

return $notification->token === $emailConfirmation->token;

});

@@ -255,7 +261,7 @@ class AuthTest extends BrowserKitTest

->seePageIs('/settings/users');

$userPassword = User::find($user->id)->password;

->seePageIs('/settings/users');

$userPassword = User::find($user->id)->password;

- $this->assertTrue(\Hash::check('newpassword', $userPassword));

+ $this->assertTrue(Hash::check('newpassword', $userPassword));

}

public function test_user_deletion()

}

public function test_user_deletion()

@@ -274,7 +280,16 @@ class AuthTest extends BrowserKitTest

public function test_user_cannot_be_deleted_if_last_admin()

{

public function test_user_cannot_be_deleted_if_last_admin()

{

- $adminRole = \BookStack\Auth\Role::getRole('admin');

+ $adminRole = Role::getRole('admin');

+ // Delete all but one admin user if there are more than one

+ $adminUsers = $adminRole->users;

+ if (count($adminUsers) > 1) {

+ foreach ($adminUsers->splice(1) as $user) {

+ $user->delete();

+ }

// Ensure we currently only have 1 admin user

$this->assertEquals(1, $adminRole->users()->count());

$user = $adminRole->users->first();

// Ensure we currently only have 1 admin user

$this->assertEquals(1, $adminRole->users()->count());

$user = $adminRole->users->first();

@@ -298,14 +313,13 @@ class AuthTest extends BrowserKitTest

public function test_reset_password_flow()

{

public function test_reset_password_flow()

{

Notification::fake();

$this->visit('/login')->click('Forgot Password?')

->seePageIs('/password/email')

->type('[email protected]', 'email')

->press('Send Reset Link')

Notification::fake();

$this->visit('/login')->click('Forgot Password?')

->seePageIs('/password/email')

->type('[email protected]', 'email')

->press('Send Reset Link')

- ->see('A password reset link has been sent to [email protected]');

+ ->see('A password reset link will be sent to [email protected] if that email address is found in the system.');

$this->seeInDatabase('password_resets', [

'email' => '[email protected]'

$this->seeInDatabase('password_resets', [

'email' => '[email protected]'

@@ -313,8 +327,8 @@ class AuthTest extends BrowserKitTest

$user = User::where('email', '=', '[email protected]')->first();

- Notification::assertSentTo($user, \BookStack\Notifications\ResetPassword::class);

- $n = Notification::sent($user, \BookStack\Notifications\ResetPassword::class);

+ Notification::assertSentTo($user, ResetPassword::class);

+ $n = Notification::sent($user, ResetPassword::class);

$this->visit('/password/reset/' . $n->first()->token)

->see('Reset Password')

$this->visit('/password/reset/' . $n->first()->token)

->see('Reset Password')

@@ -326,6 +340,28 @@ class AuthTest extends BrowserKitTest

->see('Your password has been successfully reset');

}

->see('Your password has been successfully reset');

}

+ public function test_reset_password_flow_shows_success_message_even_if_wrong_password_to_prevent_user_discovery()

+ {

+ $this->visit('/login')->click('Forgot Password?')

+ ->seePageIs('/password/email')

+ ->type('[email protected]', 'email')

+ ->press('Send Reset Link')

+ ->see('A password reset link will be sent to [email protected] if that email address is found in the system.')

+ ->dontSee('We can\'t find a user');

+ $this->visit('/password/reset/arandometokenvalue')

+ ->see('Reset Password')

+ ->submitForm('Reset Password', [

+ 'email' => '[email protected]',

+ 'password' => 'randompass',

+ 'password_confirmation' => 'randompass'

+ ])->followRedirects()

+ ->seePageIs('/password/reset/arandometokenvalue')

+ ->dontSee('We can\'t find a user')

+ ->see('The password reset token is invalid for this email address.');

+ }

public function test_reset_password_page_shows_sign_links()

{

$this->setSettings(['registration-enabled' => 'true']);

public function test_reset_password_page_shows_sign_links()

{

$this->setSettings(['registration-enabled' => 'true']);

@@ -334,13 +370,41 @@ class AuthTest extends BrowserKitTest

->seeLink('Sign up');

}

->seeLink('Sign up');

}

+ public function test_login_redirects_to_initially_requested_url_correctly()

+ {

+ config()->set('app.url', 'http://localhost');

+ $page = Page::query()->first();

+ $this->visit($page->getUrl())

+ ->seePageUrlIs(url('/login'));

+ $this->login('[email protected]', 'password')

+ ->seePageUrlIs($page->getUrl());

+ }

+ public function test_login_authenticates_admins_on_all_guards()

+ {

+ $this->post('/login', ['email' => '[email protected]', 'password' => 'password']);

+ $this->assertTrue(auth()->check());

+ $this->assertTrue(auth('ldap')->check());

+ $this->assertTrue(auth('saml2')->check());

+ }

+ public function test_login_authenticates_nonadmins_on_default_guard_only()

+ {

+ $editor = $this->getEditor();

+ $editor->password = bcrypt('password');

+ $editor->save();

+ $this->post('/login', ['email' => $editor->email, 'password' => 'password']);

+ $this->assertTrue(auth()->check());

+ $this->assertFalse(auth('ldap')->check());

+ $this->assertFalse(auth('saml2')->check());

+ }

/**

* Perform a login

/**

* Perform a login

- * @param string $email

- * @param string $password

- * @return $this

- protected function login($email, $password)

+ protected function login(string $email, string $password): AuthTest

{

return $this->visit('/login')

->type($email, '#email')

{

return $this->visit('/login')

->type($email, '#email')