BookStack Code Mirror - bookstack/blob - tests/Auth/UserInviteTest.php

   1 <?php namespace Tests\Auth;
   2
   3
   4 use BookStack\Auth\Access\UserInviteService;
   5 use BookStack\Auth\User;
   6 use BookStack\Notifications\UserInvite;
   7 use Carbon\Carbon;
   8 use DB;
   9 use Illuminate\Support\Str;
  10 use Notification;
  11 use Tests\TestCase;
  12
  13 class UserInviteTest extends TestCase
  14 {
  15
  16     public function test_user_creation_creates_invite()
  17     {
  18         Notification::fake();
  19         $admin = $this->getAdmin();
  20
  21         $this->actingAs($admin)->post('/settings/users/create', [
  22             'name' => 'Barry',
  23             'email' => '[email protected]',
  24             'send_invite' => 'true',
  25         ]);
  26
  27         $newUser = User::query()->where('email', '=', '[email protected]')->orderBy('id', 'desc')->first();
  28
  29         Notification::assertSentTo($newUser, UserInvite::class);
  30         $this->assertDatabaseHas('user_invites', [
  31             'user_id' => $newUser->id
  32         ]);
  33     }
  34
  35     public function test_invite_set_password()
  36     {
  37         Notification::fake();
  38         $user = $this->getViewer();
  39         $inviteService = app(UserInviteService::class);
  40
  41         $inviteService->sendInvitation($user);
  42         $token = DB::table('user_invites')->where('user_id', '=', $user->id)->first()->token;
  43
  44         $setPasswordPageResp = $this->get('/register/invite/' . $token);
  45         $setPasswordPageResp->assertSuccessful();
  46         $setPasswordPageResp->assertSee('Welcome to BookStack!');
  47         $setPasswordPageResp->assertSee('Password');
  48         $setPasswordPageResp->assertSee('Confirm Password');
  49
  50         $setPasswordResp = $this->followingRedirects()->post('/register/invite/' . $token, [
  51             'password' => 'my test password',
  52         ]);
  53         $setPasswordResp->assertSee('Password set, you now have access to BookStack!');
  54         $newPasswordValid = auth()->validate([
  55             'email' => $user->email,
  56             'password' => 'my test password'
  57         ]);
  58         $this->assertTrue($newPasswordValid);
  59         $this->assertDatabaseMissing('user_invites', [
  60             'user_id' => $user->id
  61         ]);
  62     }
  63
  64     public function test_invite_set_has_password_validation()
  65     {
  66         Notification::fake();
  67         $user = $this->getViewer();
  68         $inviteService = app(UserInviteService::class);
  69
  70         $inviteService->sendInvitation($user);
  71         $token = DB::table('user_invites')->where('user_id', '=', $user->id)->first()->token;
  72
  73         $this->get('/register/invite/' . $token);
  74         $shortPassword = $this->followingRedirects()->post('/register/invite/' . $token, [
  75             'password' => 'mypassw',
  76         ]);
  77         $shortPassword->assertSee('The password must be at least 8 characters.');
  78
  79         $this->get('/register/invite/' . $token);
  80         $noPassword = $this->followingRedirects()->post('/register/invite/' . $token, [
  81             'password' => '',
  82         ]);
  83         $noPassword->assertSee('The password field is required.');
  84
  85         $this->assertDatabaseHas('user_invites', [
  86             'user_id' => $user->id
  87         ]);
  88     }
  89
  90     public function test_non_existent_invite_token_redirects_to_home()
  91     {
  92         $setPasswordPageResp = $this->get('/register/invite/' . Str::random(12));
  93         $setPasswordPageResp->assertRedirect('/');
  94
  95         $setPasswordResp = $this->post('/register/invite/' . Str::random(12), ['password' => 'Password Test']);
  96         $setPasswordResp->assertRedirect('/');
  97     }
  98
  99     public function test_token_expires_after_two_weeks()
 100     {
 101         Notification::fake();
 102         $user = $this->getViewer();
 103         $inviteService = app(UserInviteService::class);
 104
 105         $inviteService->sendInvitation($user);
 106         $tokenEntry = DB::table('user_invites')->where('user_id', '=', $user->id)->first();
 107         DB::table('user_invites')->update(['created_at' => Carbon::now()->subDays(14)->subHour(1)]);
 108
 109         $setPasswordPageResp = $this->get('/register/invite/' . $tokenEntry->token);
 110         $setPasswordPageResp->assertRedirect('/password/email');
 111         $setPasswordPageResp->assertSessionHas('error', 'This invitation link has expired. You can instead try to reset your account password.');
 112     }
 113
 114
 115 }