]> BookStack Code Mirror - bookstack/blob - tests/Auth/GroupSyncServiceTest.php
Copied over work from user_permissions branch
[bookstack] / tests / Auth / GroupSyncServiceTest.php
1 <?php
2
3 namespace Tests\Auth;
4
5 use BookStack\Auth\Access\GroupSyncService;
6 use BookStack\Auth\Role;
7 use BookStack\Auth\User;
8 use Tests\TestCase;
9
10 class GroupSyncServiceTest extends TestCase
11 {
12     public function test_user_is_assigned_to_matching_roles()
13     {
14         $user = $this->users->viewer();
15
16         $roleA = Role::factory()->create(['display_name' => 'Wizards']);
17         $roleB = Role::factory()->create(['display_name' => 'Gremlins']);
18         $roleC = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'sales']);
19         $roleD = Role::factory()->create(['display_name' => 'DEF456', 'external_auth_id' => 'admin-team']);
20
21         foreach ([$roleA, $roleB, $roleC, $roleD] as $role) {
22             $this->assertFalse($user->hasRole($role->id));
23         }
24
25         (new GroupSyncService())->syncUserWithFoundGroups($user, ['Wizards', 'Gremlinz', 'Sales', 'Admin Team'], false);
26
27         $user = User::query()->find($user->id);
28         $this->assertTrue($user->hasRole($roleA->id));
29         $this->assertFalse($user->hasRole($roleB->id));
30         $this->assertTrue($user->hasRole($roleC->id));
31         $this->assertTrue($user->hasRole($roleD->id));
32     }
33
34     public function test_multiple_values_in_role_external_auth_id_handled()
35     {
36         $user = $this->users->viewer();
37         $role = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'sales, engineering, developers, marketers']);
38         $this->assertFalse($user->hasRole($role->id));
39
40         (new GroupSyncService())->syncUserWithFoundGroups($user, ['Developers'], false);
41
42         $user = User::query()->find($user->id);
43         $this->assertTrue($user->hasRole($role->id));
44     }
45
46     public function test_commas_can_be_used_in_external_auth_id_if_escaped()
47     {
48         $user = $this->users->viewer();
49         $role = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'sales\,-developers, marketers']);
50         $this->assertFalse($user->hasRole($role->id));
51
52         (new GroupSyncService())->syncUserWithFoundGroups($user, ['Sales, Developers'], false);
53
54         $user = User::query()->find($user->id);
55         $this->assertTrue($user->hasRole($role->id));
56     }
57
58     public function test_external_auth_id_matches_ignoring_case()
59     {
60         $user = $this->users->viewer();
61         $role = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'WaRRioRs']);
62         $this->assertFalse($user->hasRole($role->id));
63
64         (new GroupSyncService())->syncUserWithFoundGroups($user, ['wArriors', 'penguiNs'], false);
65
66         $user = User::query()->find($user->id);
67         $this->assertTrue($user->hasRole($role->id));
68     }
69 }