BookStack Code Mirror - bookstack/blob - tests/Auth/RegistrationTest.php

1 <?php

2

3 namespace Tests\Auth;

4

5 use BookStack\Auth\Role;

6 use BookStack\Auth\User;

7 use BookStack\Notifications\ConfirmEmail;

8 use Illuminate\Support\Facades\DB;

9 use Illuminate\Support\Facades\Notification;

10 use Tests\TestCase;

11

12 class RegistrationTest extends TestCase

13 {

14 public function test_confirmed_registration()

15 {

16 // Fake notifications

17 Notification::fake();

18

19 // Set settings and get user instance

20 $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'true']);

21 $user = User::factory()->make();

22

23 // Go through registration process

24 $resp = $this->post('/register', $user->only('name', 'email', 'password'));

25 $resp->assertRedirect('/register/confirm');

26 $this->assertDatabaseHas('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);

27

28 // Ensure notification sent

29 /** @var User $dbUser */

30 $dbUser = User::query()->where('email', '=', $user->email)->first();

31 Notification::assertSentTo($dbUser, ConfirmEmail::class);

32

33 // Test access and resend confirmation email

34 $resp = $this->post('/login', ['email' => $user->email, 'password' => $user->password]);

35 $resp->assertRedirect('/register/confirm/awaiting');

36

37 $resp = $this->get('/register/confirm/awaiting');

38 $this->withHtml($resp)->assertElementContains('form[action="' . url('/register/confirm/resend') . '"]', 'Resend');

39

40 $this->get('/books')->assertRedirect('/login');

41 $this->post('/register/confirm/resend', $user->only('email'));

42

43 // Get confirmation and confirm notification matches

44 $emailConfirmation = DB::table('email_confirmations')->where('user_id', '=', $dbUser->id)->first();

45 Notification::assertSentTo($dbUser, ConfirmEmail::class, function ($notification, $channels) use ($emailConfirmation) {

46 return $notification->token === $emailConfirmation->token;

47 });

48

49 // Check confirmation email confirmation activation.

50 $this->get('/register/confirm/' . $emailConfirmation->token)->assertRedirect('/login');

51 $this->get('/login')->assertSee('Your email has been confirmed! You should now be able to login using this email address.');

52 $this->assertDatabaseMissing('email_confirmations', ['token' => $emailConfirmation->token]);

53 $this->assertDatabaseHas('users', ['name' => $dbUser->name, 'email' => $dbUser->email, 'email_confirmed' => true]);

54 }

55

56 public function test_restricted_registration()

57 {

58 $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'true', 'registration-restrict' => 'example.com']);

59 $user = User::factory()->make();

60

61 // Go through registration process

62 $this->post('/register', $user->only('name', 'email', 'password'))

63 ->assertRedirect('/register');

64 $resp = $this->get('/register');

65 $resp->assertSee('That email domain does not have access to this application');

66 $this->assertDatabaseMissing('users', $user->only('email'));

67

68 $user->email = '[email protected]';

69

70 $this->post('/register', $user->only('name', 'email', 'password'))

71 ->assertRedirect('/register/confirm');

72 $this->assertDatabaseHas('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);

73

74 $this->assertNull(auth()->user());

75

76 $this->get('/')->assertRedirect('/login');

77 $resp = $this->followingRedirects()->post('/login', $user->only('email', 'password'));

78 $resp->assertSee('Email Address Not Confirmed');

79 $this->assertNull(auth()->user());

80 }

81

82 public function test_restricted_registration_with_confirmation_disabled()

83 {

84 $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'false', 'registration-restrict' => 'example.com']);

85 $user = User::factory()->make();

86

87 // Go through registration process

88 $this->post('/register', $user->only('name', 'email', 'password'))

89 ->assertRedirect('/register');

90 $this->assertDatabaseMissing('users', $user->only('email'));

91 $this->get('/register')->assertSee('That email domain does not have access to this application');

92

93 $user->email = '[email protected]';

94

95 $this->post('/register', $user->only('name', 'email', 'password'))

96 ->assertRedirect('/register/confirm');

97 $this->assertDatabaseHas('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);

98

99 $this->assertNull(auth()->user());

100

101 $this->get('/')->assertRedirect('/login');

102 $resp = $this->post('/login', $user->only('email', 'password'));

103 $resp->assertRedirect('/register/confirm/awaiting');

104 $this->get('/register/confirm/awaiting')->assertSee('Email Address Not Confirmed');

105 $this->assertNull(auth()->user());

106 }

107

108 public function test_registration_role_unset_by_default()

109 {

110 $this->assertFalse(setting('registration-role'));

111

112 $resp = $this->asAdmin()->get('/settings/registration');

113 $this->withHtml($resp)->assertElementContains('select[name="setting-registration-role"] option[value="0"][selected]', '-- None --');

114 }

115

116 public function test_registration_showing()

117 {

118 // Ensure registration form is showing

119 $this->setSettings(['registration-enabled' => 'true']);

120 $resp = $this->get('/login');

121 $this->withHtml($resp)->assertElementContains('a[href="' . url('/register') . '"]', 'Sign up');

122 }

123

124 public function test_normal_registration()

125 {

126 // Set settings and get user instance

127 /** @var Role $registrationRole */

128 $registrationRole = Role::query()->first();

129 $this->setSettings(['registration-enabled' => 'true', 'registration-role' => $registrationRole->id]);

130 /** @var User $user */

131 $user = User::factory()->make();

132

133 // Test form and ensure user is created

134 $resp = $this->get('/register')

135 ->assertSee('Sign Up');

136 $this->withHtml($resp)->assertElementContains('form[action="' . url('/register') . '"]', 'Create Account');

137

138 $resp = $this->post('/register', $user->only('password', 'name', 'email'));

139 $resp->assertRedirect('/');

140

141 $resp = $this->get('/');

142 $resp->assertOk();

143 $resp->assertSee($user->name);

144

145 $this->assertDatabaseHas('users', ['name' => $user->name, 'email' => $user->email]);

146

147 $user = User::query()->where('email', '=', $user->email)->first();

148 $this->assertEquals(1, $user->roles()->count());

149 $this->assertEquals($registrationRole->id, $user->roles()->first()->id);

150 }

151

152 public function test_empty_registration_redirects_back_with_errors()

153 {

154 // Set settings and get user instance

155 $this->setSettings(['registration-enabled' => 'true']);

156

157 // Test form and ensure user is created

158 $this->get('/register');

159 $this->post('/register', [])->assertRedirect('/register');

160 $this->get('/register')->assertSee('The name field is required');

161 }

162

163 public function test_registration_validation()

164 {

165 $this->setSettings(['registration-enabled' => 'true']);

166

167 $this->get('/register');

168 $resp = $this->followingRedirects()->post('/register', [

169 'name' => '1',

170 'email' => '1',

171 'password' => '1',

172 ]);

173 $resp->assertSee('The name must be at least 2 characters.');

174 $resp->assertSee('The email must be a valid email address.');

175 $resp->assertSee('The password must be at least 8 characters.');

176 }

177 }