BookStack Code Mirror - bookstack/blob - tests/Auth/GroupSyncServiceTest.php

   1 <?php
   2
   3 namespace Tests\Auth;
   4
   5 use BookStack\Access\GroupSyncService;
   6 use BookStack\Users\Models\Role;
   7 use BookStack\Users\Models\User;
   8 use Tests\TestCase;
   9
  10 class GroupSyncServiceTest extends TestCase
  11 {
  12     public function test_user_is_assigned_to_matching_roles()
  13     {
  14         $user = $this->users->viewer();
  15
  16         $roleA = Role::factory()->create(['display_name' => 'Wizards']);
  17         $roleB = Role::factory()->create(['display_name' => 'Gremlins']);
  18         $roleC = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'sales']);
  19         $roleD = Role::factory()->create(['display_name' => 'DEF456', 'external_auth_id' => 'admin-team']);
  20
  21         foreach ([$roleA, $roleB, $roleC, $roleD] as $role) {
  22             $this->assertFalse($user->hasRole($role->id));
  23         }
  24
  25         (new GroupSyncService())->syncUserWithFoundGroups($user, ['Wizards', 'Gremlinz', 'Sales', 'Admin Team'], false);
  26
  27         $user = User::query()->find($user->id);
  28         $this->assertTrue($user->hasRole($roleA->id));
  29         $this->assertFalse($user->hasRole($roleB->id));
  30         $this->assertTrue($user->hasRole($roleC->id));
  31         $this->assertTrue($user->hasRole($roleD->id));
  32     }
  33
  34     public function test_multiple_values_in_role_external_auth_id_handled()
  35     {
  36         $user = $this->users->viewer();
  37         $role = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'sales, engineering, developers, marketers']);
  38         $this->assertFalse($user->hasRole($role->id));
  39
  40         (new GroupSyncService())->syncUserWithFoundGroups($user, ['Developers'], false);
  41
  42         $user = User::query()->find($user->id);
  43         $this->assertTrue($user->hasRole($role->id));
  44     }
  45
  46     public function test_commas_can_be_used_in_external_auth_id_if_escaped()
  47     {
  48         $user = $this->users->viewer();
  49         $role = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'sales\,-developers, marketers']);
  50         $this->assertFalse($user->hasRole($role->id));
  51
  52         (new GroupSyncService())->syncUserWithFoundGroups($user, ['Sales, Developers'], false);
  53
  54         $user = User::query()->find($user->id);
  55         $this->assertTrue($user->hasRole($role->id));
  56     }
  57
  58     public function test_external_auth_id_matches_ignoring_case()
  59     {
  60         $user = $this->users->viewer();
  61         $role = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'WaRRioRs']);
  62         $this->assertFalse($user->hasRole($role->id));
  63
  64         (new GroupSyncService())->syncUserWithFoundGroups($user, ['wArriors', 'penguiNs'], false);
  65
  66         $user = User::query()->find($user->id);
  67         $this->assertTrue($user->hasRole($role->id));
  68     }
  69 }