X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/c32b315cd7d2d302e7f55706f8e69c99d736c66b..refs/pull/3598/head:/tests/Auth/AuthTest.php diff --git a/tests/Auth/AuthTest.php b/tests/Auth/AuthTest.php index d037b5701..106b71875 100644 --- a/tests/Auth/AuthTest.php +++ b/tests/Auth/AuthTest.php @@ -3,14 +3,15 @@ namespace Tests\Auth; use BookStack\Auth\Access\Mfa\MfaSession; +use BookStack\Auth\Role; use BookStack\Auth\User; use BookStack\Entities\Models\Page; use BookStack\Notifications\ConfirmEmail; use BookStack\Notifications\ResetPassword; use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\Notification; +use Illuminate\Testing\TestResponse; use Tests\TestCase; -use Tests\TestResponse; class AuthTest extends TestCase { @@ -36,20 +37,23 @@ class AuthTest extends TestCase { // Ensure registration form is showing $this->setSettings(['registration-enabled' => 'true']); - $this->get('/login') - ->assertElementContains('a[href="' . url('/http/source.bookstackapp.com/register') . '"]', 'Sign up'); + $resp = $this->get('/login'); + $this->withHtml($resp)->assertElementContains('a[href="' . url('/http/source.bookstackapp.com/register') . '"]', 'Sign up'); } public function test_normal_registration() { // Set settings and get user instance - $this->setSettings(['registration-enabled' => 'true']); - $user = factory(User::class)->make(); + /** @var Role $registrationRole */ + $registrationRole = Role::query()->first(); + $this->setSettings(['registration-enabled' => 'true', 'registration-role' => $registrationRole->id]); + /** @var User $user */ + $user = User::factory()->make(); // Test form and ensure user is created - $this->get('/register') - ->assertSee('Sign Up') - ->assertElementContains('form[action="' . url('/http/source.bookstackapp.com/register') . '"]', 'Create Account'); + $resp = $this->get('/register') + ->assertSee('Sign Up'); + $this->withHtml($resp)->assertElementContains('form[action="' . url('/http/source.bookstackapp.com/register') . '"]', 'Create Account'); $resp = $this->post('/register', $user->only('password', 'name', 'email')); $resp->assertRedirect('/'); @@ -57,7 +61,12 @@ class AuthTest extends TestCase $resp = $this->get('/'); $resp->assertOk(); $resp->assertSee($user->name); + $this->assertDatabaseHas('users', ['name' => $user->name, 'email' => $user->email]); + + $user = User::query()->where('email', '=', $user->email)->first(); + $this->assertEquals(1, $user->roles()->count()); + $this->assertEquals($registrationRole->id, $user->roles()->first()->id); } public function test_empty_registration_redirects_back_with_errors() @@ -102,7 +111,7 @@ class AuthTest extends TestCase // Set settings and get user instance $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'true']); - $user = factory(User::class)->make(); + $user = User::factory()->make(); // Go through registration process $resp = $this->post('/register', $user->only('name', 'email', 'password')); @@ -119,7 +128,7 @@ class AuthTest extends TestCase $resp->assertRedirect('/register/confirm/awaiting'); $resp = $this->get('/register/confirm/awaiting'); - $resp->assertElementContains('form[action="' . url('/http/source.bookstackapp.com/register/confirm/resend') . '"]', 'Resend'); + $this->withHtml($resp)->assertElementContains('form[action="' . url('/http/source.bookstackapp.com/register/confirm/resend') . '"]', 'Resend'); $this->get('/books')->assertRedirect('/login'); $this->post('/register/confirm/resend', $user->only('email')); @@ -131,8 +140,8 @@ class AuthTest extends TestCase }); // Check confirmation email confirmation activation. - $this->get('/register/confirm/' . $emailConfirmation->token)->assertRedirect('/'); - $this->get('/')->assertSee($user->name); + $this->get('/register/confirm/' . $emailConfirmation->token)->assertRedirect('/login'); + $this->get('/login')->assertSee('Your email has been confirmed! You should now be able to login using this email address.'); $this->assertDatabaseMissing('email_confirmations', ['token' => $emailConfirmation->token]); $this->assertDatabaseHas('users', ['name' => $dbUser->name, 'email' => $dbUser->email, 'email_confirmed' => true]); } @@ -140,7 +149,7 @@ class AuthTest extends TestCase public function test_restricted_registration() { $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'true', 'registration-restrict' => 'example.com']); - $user = factory(User::class)->make(); + $user = User::factory()->make(); // Go through registration process $this->post('/register', $user->only('name', 'email', 'password')) @@ -166,7 +175,7 @@ class AuthTest extends TestCase public function test_restricted_registration_with_confirmation_disabled() { $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'false', 'registration-restrict' => 'example.com']); - $user = factory(User::class)->make(); + $user = User::factory()->make(); // Go through registration process $this->post('/register', $user->only('name', 'email', 'password')) @@ -189,10 +198,18 @@ class AuthTest extends TestCase $this->assertNull(auth()->user()); } + public function test_registration_role_unset_by_default() + { + $this->assertFalse(setting('registration-role')); + + $resp = $this->asAdmin()->get('/settings/registration'); + $this->withHtml($resp)->assertElementContains('select[name="setting-registration-role"] option[value="0"][selected]', '-- None --'); + } + public function test_logout() { $this->asAdmin()->get('/')->assertOk(); - $this->get('/logout')->assertRedirect('/'); + $this->post('/logout')->assertRedirect('/'); $this->get('/')->assertRedirect('/login'); } @@ -204,7 +221,7 @@ class AuthTest extends TestCase $mfaSession->markVerifiedForUser($user); $this->assertTrue($mfaSession->isVerifiedForUser($user)); - $this->asAdmin()->get('/logout'); + $this->asAdmin()->post('/logout'); $this->assertFalse($mfaSession->isVerifiedForUser($user)); } @@ -212,11 +229,11 @@ class AuthTest extends TestCase { Notification::fake(); - $this->get('/login') - ->assertElementContains('a[href="' . url('/http/source.bookstackapp.com/password/email') . '"]', 'Forgot Password?'); + $resp = $this->get('/login'); + $this->withHtml($resp)->assertElementContains('a[href="' . url('/http/source.bookstackapp.com/password/email') . '"]', 'Forgot Password?'); - $this->get('/password/email') - ->assertElementContains('form[action="' . url('/http/source.bookstackapp.com/password/email') . '"]', 'Send Reset Link'); + $resp = $this->get('/password/email'); + $this->withHtml($resp)->assertElementContains('form[action="' . url('/http/source.bookstackapp.com/password/email') . '"]', 'Send Reset Link'); $resp = $this->post('/password/email', [ 'email' => 'admin@admin.com', @@ -277,11 +294,27 @@ class AuthTest extends TestCase public function test_reset_password_page_shows_sign_links() { $this->setSettings(['registration-enabled' => 'true']); - $this->get('/password/email') - ->assertElementContains('a', 'Log in') + $resp = $this->get('/password/email'); + $this->withHtml($resp)->assertElementContains('a', 'Log in') ->assertElementContains('a', 'Sign up'); } + public function test_reset_password_request_is_throttled() + { + $editor = $this->getEditor(); + Notification::fake(); + $this->get('/password/email'); + $this->followingRedirects()->post('/password/email', [ + 'email' => $editor->email, + ]); + + $resp = $this->followingRedirects()->post('/password/email', [ + 'email' => $editor->email, + ]); + Notification::assertTimesSent(1, ResetPassword::class); + $resp->assertSee('A password reset link will be sent to ' . $editor->email . ' if that email address is found in the system.'); + } + public function test_login_redirects_to_initially_requested_url_correctly() { config()->set('app.url', 'http://localhost'); @@ -318,6 +351,7 @@ class AuthTest extends TestCase $this->assertTrue(auth()->check()); $this->assertTrue(auth('ldap')->check()); $this->assertTrue(auth('saml2')->check()); + $this->assertTrue(auth('oidc')->check()); } public function test_login_authenticates_nonadmins_on_default_guard_only() @@ -330,6 +364,7 @@ class AuthTest extends TestCase $this->assertTrue(auth()->check()); $this->assertFalse(auth('ldap')->check()); $this->assertFalse(auth('saml2')->check()); + $this->assertFalse(auth('oidc')->check()); } public function test_failed_logins_are_logged_when_message_configured()