]> BookStack Code Mirror - bookstack/blob - tests/Auth/LdapTest.php
projects / bookstack / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Increased LDAP testing and fixed any Auth-based bugs found
[bookstack] / tests / Auth / LdapTest.php
1 <?php
2
3 use BookStack\Services\LdapService;
4 use BookStack\User;
5
6 class LdapTest extends \TestCase
7 {
8
9     protected $mockLdap;
10     protected $mockUser;
11     protected $resourceId = 'resource-test';
12
13     public function setUp()
14     {
15         parent::setUp();
16         app('config')->set(['auth.method' => 'ldap', 'services.ldap.base_dn' => 'dc=ldap,dc=local', 'auth.providers.users.driver' => 'ldap']);
17         $this->mockLdap = Mockery::mock(BookStack\Services\Ldap::class);
18         $this->app['BookStack\Services\Ldap'] = $this->mockLdap;
19         $this->mockUser = factory(User::class)->make();
20     }
21
22     public function test_login()
23     {
24         $this->mockLdap->shouldReceive('connect')->once()->andReturn($this->resourceId);
25         $this->mockLdap->shouldReceive('setOption')->once();
26         $this->mockLdap->shouldReceive('searchAndGetEntries')->times(4)
27             ->with($this->resourceId, config('services.ldap.base_dn'), Mockery::type('string'), Mockery::type('array'))
28             ->andReturn(['count' => 1, 0 => [
29                 'uid' => [$this->mockUser->name],
30                 'cn' => [$this->mockUser->name],
31                 'dn'    => ['dc=test'.config('services.ldap.base_dn')]
32             ]]);
33         $this->mockLdap->shouldReceive('bind')->times(6)->andReturn(true);
34
35         $this->visit('/login')
36             ->see('Username')
37             ->type($this->mockUser->name, '#username')
38             ->type($this->mockUser->password, '#password')
39             ->press('Sign In')
40             ->seePageIs('/login')->see('Please enter an email to use for this account.');
41
42         $this->type($this->mockUser->email, '#email')
43             ->press('Sign In')
44             ->seePageIs('/')
45             ->see($this->mockUser->name)
46             ->seeInDatabase('users', ['email' => $this->mockUser->email, 'email_confirmed' => 1, 'external_auth_id' => $this->mockUser->name]);
47     }
48
49     public function test_initial_incorrect_details()
50     {
51         $this->mockLdap->shouldReceive('connect')->once()->andReturn($this->resourceId);
52         $this->mockLdap->shouldReceive('setOption')->once();
53         $this->mockLdap->shouldReceive('searchAndGetEntries')->times(2)
54             ->with($this->resourceId, config('services.ldap.base_dn'), Mockery::type('string'), Mockery::type('array'))
55             ->andReturn(['count' => 1, 0 => [
56                 'uid' => [$this->mockUser->name],
57                 'cn' => [$this->mockUser->name],
58                 'dn'    => ['dc=test'.config('services.ldap.base_dn')]
59             ]]);
60         $this->mockLdap->shouldReceive('bind')->times(3)->andReturn(true, true, false);
61
62         $this->visit('/login')
63             ->see('Username')
64             ->type($this->mockUser->name, '#username')
65             ->type($this->mockUser->password, '#password')
66             ->press('Sign In')
67             ->seePageIs('/login')->see('These credentials do not match our records.')
68             ->dontSeeInDatabase('users', ['external_auth_id' => $this->mockUser->name]);
69     }
70
71     public function test_create_user_form()
72     {
73         $this->asAdmin()->visit('/users/create')
74             ->dontSee('Password')
75             ->type($this->mockUser->name, '#name')
76             ->type($this->mockUser->email, '#email')
77             ->press('Save')
78             ->see('The external auth id field is required.')
79             ->type($this->mockUser->name, '#external_auth_id')
80             ->press('Save')
81             ->seePageIs('/users')
82             ->seeInDatabase('users', ['email' => $this->mockUser->email, 'external_auth_id' => $this->mockUser->name, 'email_confirmed' => true]);
83     }
84
85     public function test_user_edit_form()
86     {
87         $editUser = User::all()->last();
88         $this->asAdmin()->visit('/users/' . $editUser->id)
89             ->see('Edit User')
90             ->dontSee('Password')
91             ->type('test_auth_id', '#external_auth_id')
92             ->press('Save')
93             ->seePageIs('/users')
94             ->seeInDatabase('users', ['email' => $editUser->email, 'external_auth_id' => 'test_auth_id']);
95     }
96
97     public function test_registration_disabled()
98     {
99         $this->visit('/register')
100             ->seePageIs('/login');
101     }
102
103     public function test_non_admins_cannot_change_auth_id()
104     {
105         $testUser = User::all()->last();
106         $this->actingAs($testUser)->visit('/users/' . $testUser->id)
107             ->dontSee('External Authentication');
108     }
109
110 }
The core source code for the BookStack project.