BookStack Code Mirror - bookstack/blobdiff

index b3e6bd41b94aae6a95d31447b7e03c20f86bd161..9a3d6d8ecabb27acedb25957d2bef56920913009 100644 (file)

@@ -73,7 +73,7 @@ class Saml2Test extends TestCase

$this->assertDatabaseHas('users', [

'email' => '[email protected]',

'external_auth_id' => 'user',

- 'email_confirmed' => true,

+ 'email_confirmed' => false,

'name' => 'Barry Scott'

]);

@@ -209,7 +209,7 @@ class Saml2Test extends TestCase

$acsPost = $this->post('/saml2/acs');

$acsPost->assertRedirect('/');

$errorMessage = session()->get('error');

- $this->assertEquals('Registration unsuccessful since a user already exists with email address "[email protected]"', $errorMessage);

+ $this->assertEquals('A user with the email [email protected] already exists but with different credentials.', $errorMessage);

});

}

@@ -271,6 +271,24 @@ class Saml2Test extends TestCase

$this->assertPermissionError($resp);

}

+ public function test_email_domain_restriction_active_on_new_saml_login()

+ {

+ $this->setSettings([

+ 'registration-restrict' => 'testing.com'

+ ]);

+ config()->set([

+ 'saml2.onelogin.strict' => false,

+ ]);

+

+ $this->withPost(['SAMLResponse' => $this->acsPostData], function () {

+ $acsPost = $this->post('/saml2/acs');

+ $acsPost->assertRedirect('/login');

+ $errorMessage = session()->get('error');

+ $this->assertStringContainsString('That email domain does not have access to this application', $errorMessage);

+ $this->assertDatabaseMissing('users', ['email' => '[email protected]']);

+ });

+ }

+

protected function withGet(array $options, callable $callback)

{

return $this->withGlobal($_GET, $options, $callback);