BookStack Code Mirror - bookstack/blob - tests/Auth/UserInviteTest.php

   1 <?php namespace Tests;
   2
   3
   4 use BookStack\Auth\Access\UserInviteService;
   5 use BookStack\Auth\User;
   6 use BookStack\Notifications\UserInvite;
   7 use Carbon\Carbon;
   8 use DB;
   9 use Illuminate\Support\Str;
  10 use Notification;
  11
  12 class UserInviteTest extends TestCase
  13 {
  14
  15     public function test_user_creation_creates_invite()
  16     {
  17         Notification::fake();
  18         $admin = $this->getAdmin();
  19
  20         $this->actingAs($admin)->post('/settings/users/create', [
  21             'name' => 'Barry',
  22             'email' => '[email protected]',
  23             'send_invite' => 'true',
  24         ]);
  25
  26         $newUser = User::query()->where('email', '=', '[email protected]')->orderBy('id', 'desc')->first();
  27
  28         Notification::assertSentTo($newUser, UserInvite::class);
  29         $this->assertDatabaseHas('user_invites', [
  30             'user_id' => $newUser->id
  31         ]);
  32     }
  33
  34     public function test_invite_set_password()
  35     {
  36         Notification::fake();
  37         $user = $this->getViewer();
  38         $inviteService = app(UserInviteService::class);
  39
  40         $inviteService->sendInvitation($user);
  41         $token = DB::table('user_invites')->where('user_id', '=', $user->id)->first()->token;
  42
  43         $setPasswordPageResp = $this->get('/register/invite/' . $token);
  44         $setPasswordPageResp->assertSuccessful();
  45         $setPasswordPageResp->assertSee('Welcome to BookStack!');
  46         $setPasswordPageResp->assertSee('Password');
  47         $setPasswordPageResp->assertSee('Confirm Password');
  48
  49         $setPasswordResp = $this->followingRedirects()->post('/register/invite/' . $token, [
  50             'password' => 'my test password',
  51         ]);
  52         $setPasswordResp->assertSee('Password set, you now have access to BookStack!');
  53         $newPasswordValid = auth()->validate([
  54             'email' => $user->email,
  55             'password' => 'my test password'
  56         ]);
  57         $this->assertTrue($newPasswordValid);
  58         $this->assertDatabaseMissing('user_invites', [
  59             'user_id' => $user->id
  60         ]);
  61     }
  62
  63     public function test_invite_set_has_password_validation()
  64     {
  65         Notification::fake();
  66         $user = $this->getViewer();
  67         $inviteService = app(UserInviteService::class);
  68
  69         $inviteService->sendInvitation($user);
  70         $token = DB::table('user_invites')->where('user_id', '=', $user->id)->first()->token;
  71
  72         $this->get('/register/invite/' . $token);
  73         $shortPassword = $this->followingRedirects()->post('/register/invite/' . $token, [
  74             'password' => 'mypassw',
  75         ]);
  76         $shortPassword->assertSee('The password must be at least 8 characters.');
  77
  78         $this->get('/register/invite/' . $token);
  79         $noPassword = $this->followingRedirects()->post('/register/invite/' . $token, [
  80             'password' => '',
  81         ]);
  82         $noPassword->assertSee('The password field is required.');
  83
  84         $this->assertDatabaseHas('user_invites', [
  85             'user_id' => $user->id
  86         ]);
  87     }
  88
  89     public function test_non_existent_invite_token_redirects_to_home()
  90     {
  91         $setPasswordPageResp = $this->get('/register/invite/' . Str::random(12));
  92         $setPasswordPageResp->assertRedirect('/');
  93
  94         $setPasswordResp = $this->post('/register/invite/' . Str::random(12), ['password' => 'Password Test']);
  95         $setPasswordResp->assertRedirect('/');
  96     }
  97
  98     public function test_token_expires_after_two_weeks()
  99     {
 100         Notification::fake();
 101         $user = $this->getViewer();
 102         $inviteService = app(UserInviteService::class);
 103
 104         $inviteService->sendInvitation($user);
 105         $tokenEntry = DB::table('user_invites')->where('user_id', '=', $user->id)->first();
 106         DB::table('user_invites')->update(['created_at' => Carbon::now()->subDays(14)->subHour(1)]);
 107
 108         $setPasswordPageResp = $this->get('/register/invite/' . $tokenEntry->token);
 109         $setPasswordPageResp->assertRedirect('/password/email');
 110         $setPasswordPageResp->assertSessionHas('error', 'This invitation link has expired. You can instead try to reset your account password.');
 111     }
 112
 113
 114 }