X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/80865b30a5d6a82e86d21e272ae58977d4430a64..refs/pull/692/head:/tests/Auth/AuthTest.php diff --git a/tests/Auth/AuthTest.php b/tests/Auth/AuthTest.php index 067840841..b456de964 100644 --- a/tests/Auth/AuthTest.php +++ b/tests/Auth/AuthTest.php @@ -1,8 +1,10 @@ -put('app-public', 'true'); $this->visit('/') ->seePageIs('/') - ->see('Sign In'); + ->see('Log In'); } public function test_registration_showing() @@ -40,7 +42,7 @@ class AuthTest extends TestCase { // Set settings and get user instance $this->setSettings(['registration-enabled' => 'true']); - $user = factory(\BookStack\User::class)->make(); + $user = factory(User::class)->make(); // Test form and ensure user is created $this->visit('/register') @@ -54,17 +56,27 @@ class AuthTest extends TestCase ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email]); } + public function test_empty_registration_redirects_back_with_errors() + { + // Set settings and get user instance + $this->setSettings(['registration-enabled' => 'true']); + + // Test form and ensure user is created + $this->visit('/register') + ->press('Create Account') + ->see('The name field is required') + ->seePageIs('/register'); + } + public function test_confirmed_registration() { + // Fake notifications + Notification::fake(); + // Set settings and get user instance $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'true']); - $user = factory(\BookStack\User::class)->make(); - - // Mock Mailer to ensure mail is being sent - $mockMailer = Mockery::mock('Illuminate\Contracts\Mail\Mailer'); - $mockMailer->shouldReceive('send')->with('emails/email-confirmation', Mockery::type('array'), Mockery::type('callable'))->twice(); - $this->app->instance('mailer', $mockMailer); + $user = factory(User::class)->make(); // Go through registration process $this->visit('/register') @@ -76,6 +88,10 @@ class AuthTest extends TestCase ->seePageIs('/register/confirm') ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]); + // Ensure notification sent + $dbUser = User::where('email', '=', $user->email)->first(); + Notification::assertSentTo($dbUser, ConfirmEmail::class); + // Test access and resend confirmation email $this->login($user->email, $user->password) ->seePageIs('/register/confirm/awaiting') @@ -84,25 +100,56 @@ class AuthTest extends TestCase ->seePageIs('/register/confirm/awaiting') ->press('Resend Confirmation Email'); - // Get confirmation - $user = $user->where('email', '=', $user->email)->first(); - $emailConfirmation = EmailConfirmation::where('user_id', '=', $user->id)->first(); - - - // Check confirmation email button and confirmation activation. - $this->visit('/register/confirm/' . $emailConfirmation->token . '/email') - ->see('Email Confirmation') - ->click('Confirm Email') + // Get confirmation and confirm notification matches + $emailConfirmation = \DB::table('email_confirmations')->where('user_id', '=', $dbUser->id)->first(); + Notification::assertSentTo($dbUser, ConfirmEmail::class, function($notification, $channels) use ($emailConfirmation) { + return $notification->token === $emailConfirmation->token; + }); + + // Check confirmation email confirmation activation. + $this->visit('/register/confirm/' . $emailConfirmation->token) ->seePageIs('/') ->see($user->name) ->notSeeInDatabase('email_confirmations', ['token' => $emailConfirmation->token]) - ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => true]); + ->seeInDatabase('users', ['name' => $dbUser->name, 'email' => $dbUser->email, 'email_confirmed' => true]); } public function test_restricted_registration() { $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'true', 'registration-restrict' => 'example.com']); - $user = factory(\BookStack\User::class)->make(); + $user = factory(User::class)->make(); + // Go through registration process + $this->visit('/register') + ->type($user->name, '#name') + ->type($user->email, '#email') + ->type($user->password, '#password') + ->press('Create Account') + ->seePageIs('/register') + ->dontSeeInDatabase('users', ['email' => $user->email]) + ->see('That email domain does not have access to this application'); + + $user->email = 'barry@example.com'; + + $this->visit('/register') + ->type($user->name, '#name') + ->type($user->email, '#email') + ->type($user->password, '#password') + ->press('Create Account') + ->seePageIs('/register/confirm') + ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]); + + $this->visit('/')->seePageIs('/login') + ->type($user->email, '#email') + ->type($user->password, '#password') + ->press('Log In') + ->seePageIs('/register/confirm/awaiting') + ->seeText('Email Address Not Confirmed'); + } + + public function test_restricted_registration_with_confirmation_disabled() + { + $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'false', 'registration-restrict' => 'example.com']); + $user = factory(User::class)->make(); // Go through registration process $this->visit('/register') ->type($user->name, '#name') @@ -122,15 +169,22 @@ class AuthTest extends TestCase ->press('Create Account') ->seePageIs('/register/confirm') ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]); + + $this->visit('/')->seePageIs('/login') + ->type($user->email, '#email') + ->type($user->password, '#password') + ->press('Log In') + ->seePageIs('/register/confirm/awaiting') + ->seeText('Email Address Not Confirmed'); } public function test_user_creation() { - $user = factory(\BookStack\User::class)->make(); + $user = factory(User::class)->make(); $this->asAdmin() ->visit('/settings/users') - ->click('Add new user') + ->click('Add New User') ->type($user->name, '#name') ->type($user->email, '#email') ->check('roles[admin]') @@ -144,7 +198,7 @@ class AuthTest extends TestCase public function test_user_updating() { - $user = \BookStack\User::all()->last(); + $user = $this->getNormalUser(); $password = $user->password; $this->asAdmin() ->visit('/settings/users') @@ -160,7 +214,7 @@ class AuthTest extends TestCase public function test_user_password_update() { - $user = \BookStack\User::all()->last(); + $user = $this->getNormalUser(); $userProfilePage = '/settings/users/' . $user->id; $this->asAdmin() ->visit($userProfilePage) @@ -174,14 +228,14 @@ class AuthTest extends TestCase ->press('Save') ->seePageIs('/settings/users'); - $userPassword = \BookStack\User::find($user->id)->password; - $this->assertTrue(Hash::check('newpassword', $userPassword)); + $userPassword = User::find($user->id)->password; + $this->assertTrue(\Hash::check('newpassword', $userPassword)); } public function test_user_deletion() { - $userDetails = factory(\BookStack\User::class)->make(); - $user = $this->getNewUser($userDetails->toArray()); + $userDetails = factory(User::class)->make(); + $user = $this->getEditor($userDetails->toArray()); $this->asAdmin() ->visit('/settings/users/' . $user->id) @@ -216,6 +270,44 @@ class AuthTest extends TestCase ->seePageIs('/login'); } + public function test_reset_password_flow() + { + + Notification::fake(); + + $this->visit('/login')->click('Forgot Password?') + ->seePageIs('/password/email') + ->type('admin@admin.com', 'email') + ->press('Send Reset Link') + ->see('A password reset link has been sent to admin@admin.com'); + + $this->seeInDatabase('password_resets', [ + 'email' => 'admin@admin.com' + ]); + + $user = User::where('email', '=', 'admin@admin.com')->first(); + + Notification::assertSentTo($user, \BookStack\Notifications\ResetPassword::class); + $n = Notification::sent($user, \BookStack\Notifications\ResetPassword::class); + + $this->visit('/password/reset/' . $n->first()->token) + ->see('Reset Password') + ->submitForm('Reset Password', [ + 'email' => 'admin@admin.com', + 'password' => 'randompass', + 'password_confirmation' => 'randompass' + ])->seePageIs('/') + ->see('Your password has been successfully reset'); + } + + public function test_reset_password_page_shows_sign_links() + { + $this->setSettings(['registration-enabled' => 'true']); + $this->visit('/password/email') + ->seeLink('Log in') + ->seeLink('Sign up'); + } + /** * Perform a login * @param string $email @@ -227,6 +319,6 @@ class AuthTest extends TestCase return $this->visit('/login') ->type($email, '#email') ->type($password, '#password') - ->press('Sign In'); + ->press('Log In'); } }