BookStack Code Mirror - bookstack/blob - tests/AuthTest.php

   1 <?php
   2
   3 use BookStack\EmailConfirmation;
   4
   5 class AuthTest extends TestCase
   6 {
   7
   8     public function testAuthWorking()
   9     {
  10         $this->visit('/')
  11             ->seePageIs('/login');
  12     }
  13
  14     public function testLogin()
  15     {
  16         $this->visit('/')
  17             ->seePageIs('/login');
  18
  19         $this->login('[email protected]', 'password')
  20             ->seePageIs('/')
  21             ->see('BookStack');
  22     }
  23
  24     public function testPublicViewing()
  25     {
  26         $settings = app('BookStack\Services\SettingService');
  27         $settings->put('app-public', 'true');
  28         $this->visit('/')
  29             ->seePageIs('/')
  30             ->see('Sign In');
  31     }
  32
  33     public function testRegistrationShowing()
  34     {
  35         // Ensure registration form is showing
  36         $this->setSettings(['registration-enabled' => 'true']);
  37         $this->visit('/login')
  38             ->see('Sign up')
  39             ->click('Sign up')
  40             ->seePageIs('/register');
  41     }
  42
  43     public function testNormalRegistration()
  44     {
  45         // Set settings and get user instance
  46         $this->setSettings(['registration-enabled' => 'true']);
  47         $user = factory(\BookStack\User::class)->make();
  48
  49         // Test form and ensure user is created
  50         $this->visit('/register')
  51             ->see('Sign Up')
  52             ->type($user->name, '#name')
  53             ->type($user->email, '#email')
  54             ->type($user->password, '#password')
  55             ->press('Create Account')
  56             ->seePageIs('/')
  57             ->see($user->name)
  58             ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email]);
  59     }
  60
  61     public function testConfirmedRegistration()
  62     {
  63         // Set settings and get user instance
  64         $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'true']);
  65         $user = factory(\BookStack\User::class)->make();
  66
  67         // Mock Mailer to ensure mail is being sent
  68         $mockMailer = Mockery::mock('Illuminate\Contracts\Mail\Mailer');
  69         $mockMailer->shouldReceive('send')->with('emails/email-confirmation', Mockery::type('array'), Mockery::type('callable'))->twice();
  70         $this->app->instance('mailer', $mockMailer);
  71
  72         // Go through registration process
  73         $this->visit('/register')
  74             ->see('Sign Up')
  75             ->type($user->name, '#name')
  76             ->type($user->email, '#email')
  77             ->type($user->password, '#password')
  78             ->press('Create Account')
  79             ->seePageIs('/register/confirm')
  80             ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
  81
  82         // Test access and resend confirmation email
  83         $this->login($user->email, $user->password)
  84             ->seePageIs('/register/confirm/awaiting')
  85             ->see('Resend')
  86             ->visit('/books')
  87             ->seePageIs('/register/confirm/awaiting')
  88             ->press('Resend Confirmation Email');
  89
  90         // Get confirmation
  91         $user = $user->where('email', '=', $user->email)->first();
  92         $emailConfirmation = EmailConfirmation::where('user_id', '=', $user->id)->first();
  93
  94
  95         // Check confirmation email button and confirmation activation.
  96         $this->visit('/register/confirm/' . $emailConfirmation->token . '/email')
  97             ->see('Email Confirmation')
  98             ->click('Confirm Email')
  99             ->seePageIs('/')
 100             ->see($user->name)
 101             ->notSeeInDatabase('email_confirmations', ['token' => $emailConfirmation->token])
 102             ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => true]);
 103     }
 104
 105     public function testUserCreation()
 106     {
 107         $user = factory(\BookStack\User::class)->make();
 108
 109         $this->asAdmin()
 110             ->visit('/users')
 111             ->click('Add new user')
 112             ->type($user->name, '#name')
 113             ->type($user->email, '#email')
 114             ->select(2, '#role')
 115             ->type($user->password, '#password')
 116             ->type($user->password, '#password-confirm')
 117             ->press('Save')
 118             ->seeInDatabase('users', $user->toArray())
 119             ->seePageIs('/users')
 120             ->see($user->name);
 121     }
 122
 123     public function testUserUpdating()
 124     {
 125         $user = \BookStack\User::all()->last();
 126         $password = $user->password;
 127         $this->asAdmin()
 128             ->visit('/users')
 129             ->click($user->name)
 130             ->seePageIs('/users/' . $user->id)
 131             ->see($user->email)
 132             ->type('Barry Scott', '#name')
 133             ->press('Save')
 134             ->seePageIs('/users')
 135             ->seeInDatabase('users', ['id' => $user->id, 'name' => 'Barry Scott', 'password' => $password])
 136             ->notSeeInDatabase('users', ['name' => $user->name]);
 137     }
 138
 139     public function testUserPasswordUpdate()
 140     {
 141         $user = \BookStack\User::all()->last();
 142         $userProfilePage = '/users/' . $user->id;
 143         $this->asAdmin()
 144             ->visit($userProfilePage)
 145             ->type('newpassword', '#password')
 146             ->press('Save')
 147             ->seePageIs($userProfilePage)
 148             ->see('Password confirmation required')
 149
 150             ->type('newpassword', '#password')
 151             ->type('newpassword', '#password-confirm')
 152             ->press('Save')
 153             ->seePageIs('/users');
 154
 155             $userPassword = \BookStack\User::find($user->id)->password;
 156             $this->assertTrue(Hash::check('newpassword', $userPassword));
 157     }
 158
 159     public function testUserDeletion()
 160     {
 161         $userDetails = factory(\BookStack\User::class)->make();
 162         $user = $this->getNewUser($userDetails->toArray());
 163
 164         $this->asAdmin()
 165             ->visit('/users/' . $user->id)
 166             ->click('Delete User')
 167             ->see($user->name)
 168             ->press('Confirm')
 169             ->seePageIs('/users')
 170             ->notSeeInDatabase('users', ['name' => $user->name]);
 171     }
 172
 173     public function testUserCannotBeDeletedIfLastAdmin()
 174     {
 175         $adminRole = \BookStack\Role::getRole('admin');
 176         // Ensure we currently only have 1 admin user
 177         $this->assertEquals(1, $adminRole->users()->count());
 178         $user = $adminRole->users->first();
 179
 180         $this->asAdmin()->visit('/users/' . $user->id)
 181             ->click('Delete User')
 182             ->press('Confirm')
 183             ->seePageIs('/users/' . $user->id)
 184             ->see('You cannot delete the only admin');
 185     }
 186
 187     public function testLogout()
 188     {
 189         $this->asAdmin()
 190             ->visit('/')
 191             ->seePageIs('/')
 192             ->visit('/logout')
 193             ->visit('/')
 194             ->seePageIs('/login');
 195     }
 196
 197     /**
 198      * Perform a login
 199      * @param string $email
 200      * @param string $password
 201      * @return $this
 202      */
 203     private function login($email, $password)
 204     {
 205         return $this->visit('/login')
 206             ->type($email, '#email')
 207             ->type($password, '#password')
 208             ->press('Sign In');
 209     }
 210 }