]> BookStack Code Mirror - bookstack/blobdiff - tests/Auth/AuthTest.php
Added ability to secure images behind auth
[bookstack] / tests / Auth / AuthTest.php
index 0affff799919c1e894f0c15dc9fe8254b7b1676c..87339344b9843ff317a2c03913ee2f77eb2563e6 100644 (file)
@@ -1,9 +1,9 @@
-<?php
+<?php namespace Tests;
 
 use BookStack\Notifications\ConfirmEmail;
 use Illuminate\Support\Facades\Notification;
 
-class AuthTest extends TestCase
+class AuthTest extends BrowserKitTest
 {
 
     public function test_auth_working()
@@ -24,7 +24,7 @@ class AuthTest extends TestCase
         $settings->put('app-public', 'true');
         $this->visit('/')
             ->seePageIs('/')
-            ->see('Sign In');
+            ->see('Log In');
     }
 
     public function test_registration_showing()
@@ -88,7 +88,7 @@ class AuthTest extends TestCase
             ->press('Resend Confirmation Email');
 
         // Get confirmation and confirm notification matches
-        $emailConfirmation = DB::table('email_confirmations')->where('user_id', '=', $dbUser->id)->first();
+        $emailConfirmation = \DB::table('email_confirmations')->where('user_id', '=', $dbUser->id)->first();
         Notification::assertSentTo($dbUser, ConfirmEmail::class, function($notification, $channels) use ($emailConfirmation) {
             return $notification->token === $emailConfirmation->token;
         });
@@ -124,6 +124,45 @@ class AuthTest extends TestCase
             ->press('Create Account')
             ->seePageIs('/register/confirm')
             ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
+
+        $this->visit('/')->seePageIs('/login')
+            ->type($user->email, '#email')
+            ->type($user->password, '#password')
+            ->press('Log In')
+            ->seePageIs('/register/confirm/awaiting')
+            ->seeText('Email Address Not Confirmed');
+    }
+
+    public function test_restricted_registration_with_confirmation_disabled()
+    {
+        $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'false', 'registration-restrict' => 'example.com']);
+        $user = factory(\BookStack\User::class)->make();
+        // Go through registration process
+        $this->visit('/register')
+            ->type($user->name, '#name')
+            ->type($user->email, '#email')
+            ->type($user->password, '#password')
+            ->press('Create Account')
+            ->seePageIs('/register')
+            ->dontSeeInDatabase('users', ['email' => $user->email])
+            ->see('That email domain does not have access to this application');
+
+        $user->email = '[email protected]';
+
+        $this->visit('/register')
+            ->type($user->name, '#name')
+            ->type($user->email, '#email')
+            ->type($user->password, '#password')
+            ->press('Create Account')
+            ->seePageIs('/register/confirm')
+            ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
+
+        $this->visit('/')->seePageIs('/login')
+            ->type($user->email, '#email')
+            ->type($user->password, '#password')
+            ->press('Log In')
+            ->seePageIs('/register/confirm/awaiting')
+            ->seeText('Email Address Not Confirmed');
     }
 
     public function test_user_creation()
@@ -132,7 +171,7 @@ class AuthTest extends TestCase
 
         $this->asAdmin()
             ->visit('/settings/users')
-            ->click('Add new user')
+            ->click('Add New User')
             ->type($user->name, '#name')
             ->type($user->email, '#email')
             ->check('roles[admin]')
@@ -146,7 +185,7 @@ class AuthTest extends TestCase
 
     public function test_user_updating()
     {
-        $user = \BookStack\User::all()->last();
+        $user = $this->getNormalUser();
         $password = $user->password;
         $this->asAdmin()
             ->visit('/settings/users')
@@ -162,7 +201,7 @@ class AuthTest extends TestCase
 
     public function test_user_password_update()
     {
-        $user = \BookStack\User::all()->last();
+        $user = $this->getNormalUser();
         $userProfilePage = '/settings/users/' . $user->id;
         $this->asAdmin()
             ->visit($userProfilePage)
@@ -177,7 +216,7 @@ class AuthTest extends TestCase
             ->seePageIs('/settings/users');
 
             $userPassword = \BookStack\User::find($user->id)->password;
-            $this->assertTrue(Hash::check('newpassword', $userPassword));
+            $this->assertTrue(\Hash::check('newpassword', $userPassword));
     }
 
     public function test_user_deletion()
@@ -218,6 +257,44 @@ class AuthTest extends TestCase
             ->seePageIs('/login');
     }
 
+    public function test_reset_password_flow()
+    {
+
+        Notification::fake();
+
+        $this->visit('/login')->click('Forgot Password?')
+            ->seePageIs('/password/email')
+            ->type('[email protected]', 'email')
+            ->press('Send Reset Link')
+            ->see('A password reset link has been sent to [email protected]');
+
+        $this->seeInDatabase('password_resets', [
+            'email' => '[email protected]'
+        ]);
+
+        $user = \BookStack\User::where('email', '=', '[email protected]')->first();
+
+        Notification::assertSentTo($user, \BookStack\Notifications\ResetPassword::class);
+        $n = Notification::sent($user, \BookStack\Notifications\ResetPassword::class);
+
+        $this->visit('/password/reset/' . $n->first()->token)
+            ->see('Reset Password')
+            ->submitForm('Reset Password', [
+                'email' => '[email protected]',
+                'password' => 'randompass',
+                'password_confirmation' => 'randompass'
+            ])->seePageIs('/')
+            ->see('Your password has been successfully reset');
+    }
+
+    public function test_reset_password_page_shows_sign_links()
+    {
+        $this->setSettings(['registration-enabled' => 'true']);
+        $this->visit('/password/email')
+            ->seeLink('Log in')
+            ->seeLink('Sign up');
+    }
+
     /**
      * Perform a login
      * @param string $email
@@ -229,6 +306,6 @@ class AuthTest extends TestCase
         return $this->visit('/login')
             ->type($email, '#email')
             ->type($password, '#password')
-            ->press('Sign In');
+            ->press('Log In');
     }
 }