X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/444a23a419539b9236a3cf04cf5c76c2d216c49e..refs/pull/5280/head:/tests/Auth/UserInviteTest.php

diff --git a/tests/Auth/UserInviteTest.php b/tests/Auth/UserInviteTest.php
index 331262690..434de6aa6 100644
--- a/tests/Auth/UserInviteTest.php
+++ b/tests/Auth/UserInviteTest.php
@@ -1,39 +1,68 @@
-<?php namespace Tests;
+<?php
 
+namespace Tests\Auth;
 
-use BookStack\Auth\Access\UserInviteService;
-use BookStack\Auth\User;
-use BookStack\Notifications\UserInvite;
+use BookStack\Access\Notifications\UserInviteNotification;
+use BookStack\Access\UserInviteService;
+use BookStack\Users\Models\User;
 use Carbon\Carbon;
-use DB;
-use Notification;
+use Illuminate\Notifications\Messages\MailMessage;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Notification;
+use Illuminate\Support\Str;
+use Tests\TestCase;
 
 class UserInviteTest extends TestCase
 {
-
     public function test_user_creation_creates_invite()
     {
         Notification::fake();
-        $admin = $this->getAdmin();
+        $admin = $this->users->admin();
 
-        $this->actingAs($admin)->post('/settings/users/create', [
-            'name' => 'Barry',
-            'email' => 'tester@example.com',
+        $email = Str::random(16) . '@example.com';
+        $resp = $this->actingAs($admin)->post('/settings/users/create', [
+            'name'        => 'Barry',
+            'email'       => $email,
             'send_invite' => 'true',
         ]);
+        $resp->assertRedirect('/settings/users');
 
-        $newUser = User::query()->where('email', '=', 'tester@example.com')->orderBy('id', 'desc')->first();
+        $newUser = User::query()->where('email', '=', $email)->orderBy('id', 'desc')->first();
 
-        Notification::assertSentTo($newUser, UserInvite::class);
+        Notification::assertSentTo($newUser, UserInviteNotification::class);
         $this->assertDatabaseHas('user_invites', [
-            'user_id' => $newUser->id
+            'user_id' => $newUser->id,
         ]);
     }
 
+    public function test_user_invite_sent_in_selected_language()
+    {
+        Notification::fake();
+        $admin = $this->users->admin();
+
+        $email = Str::random(16) . '@example.com';
+        $resp = $this->actingAs($admin)->post('/settings/users/create', [
+            'name'        => 'Barry',
+            'email'       => $email,
+            'send_invite' => 'true',
+            'language'    => 'de',
+        ]);
+        $resp->assertRedirect('/settings/users');
+
+        $newUser = User::query()->where('email', '=', $email)->orderBy('id', 'desc')->first();
+        Notification::assertSentTo($newUser, UserInviteNotification::class, function ($notification, $channels, $notifiable) {
+            /** @var MailMessage $mail */
+            $mail = $notification->toMail($notifiable);
+
+            return 'Sie wurden eingeladen, BookStack beizutreten!' === $mail->subject &&
+                'Ein Konto wurde fÃ¼r Sie auf BookStack erstellt.' === $mail->greeting;
+        });
+    }
+
     public function test_invite_set_password()
     {
         Notification::fake();
-        $user = $this->getViewer();
+        $user = $this->users->viewer();
         $inviteService = app(UserInviteService::class);
 
         $inviteService->sendInvitation($user);
@@ -48,54 +77,56 @@ class UserInviteTest extends TestCase
         $setPasswordResp = $this->followingRedirects()->post('/register/invite/' . $token, [
             'password' => 'my test password',
         ]);
-        $setPasswordResp->assertSee('Password set, you now have access to BookStack!');
+        $setPasswordResp->assertSee('Password set, you should now be able to login using your set password to access BookStack!');
         $newPasswordValid = auth()->validate([
-            'email' => $user->email,
-            'password' => 'my test password'
+            'email'    => $user->email,
+            'password' => 'my test password',
         ]);
         $this->assertTrue($newPasswordValid);
         $this->assertDatabaseMissing('user_invites', [
-            'user_id' => $user->id
+            'user_id' => $user->id,
         ]);
     }
 
     public function test_invite_set_has_password_validation()
     {
         Notification::fake();
-        $user = $this->getViewer();
+        $user = $this->users->viewer();
         $inviteService = app(UserInviteService::class);
 
         $inviteService->sendInvitation($user);
         $token = DB::table('user_invites')->where('user_id', '=', $user->id)->first()->token;
 
+        $this->get('/register/invite/' . $token);
         $shortPassword = $this->followingRedirects()->post('/register/invite/' . $token, [
-            'password' => 'mypas',
+            'password' => 'mypassw',
         ]);
-        $shortPassword->assertSee('The password must be at least 6 characters.');
+        $shortPassword->assertSee('The password must be at least 8 characters.');
 
+        $this->get('/register/invite/' . $token);
         $noPassword = $this->followingRedirects()->post('/register/invite/' . $token, [
             'password' => '',
         ]);
         $noPassword->assertSee('The password field is required.');
 
         $this->assertDatabaseHas('user_invites', [
-            'user_id' => $user->id
+            'user_id' => $user->id,
         ]);
     }
 
     public function test_non_existent_invite_token_redirects_to_home()
     {
-        $setPasswordPageResp = $this->get('/register/invite/' . str_random(12));
+        $setPasswordPageResp = $this->get('/register/invite/' . Str::random(12));
         $setPasswordPageResp->assertRedirect('/');
 
-        $setPasswordResp = $this->post('/register/invite/' . str_random(12), ['password' => 'Password Test']);
+        $setPasswordResp = $this->post('/register/invite/' . Str::random(12), ['password' => 'Password Test']);
         $setPasswordResp->assertRedirect('/');
     }
 
     public function test_token_expires_after_two_weeks()
     {
         Notification::fake();
-        $user = $this->getViewer();
+        $user = $this->users->viewer();
         $inviteService = app(UserInviteService::class);
 
         $inviteService->sendInvitation($user);
@@ -107,5 +138,23 @@ class UserInviteTest extends TestCase
         $setPasswordPageResp->assertSessionHas('error', 'This invitation link has expired. You can instead try to reset your account password.');
     }
 
+    public function test_set_password_view_is_throttled()
+    {
+        for ($i = 0; $i < 11; $i++) {
+            $response = $this->get("/register/invite/tokenhere{$i}");
+        }
+
+        $response->assertStatus(429);
+    }
+
+    public function test_set_password_post_is_throttled()
+    {
+        for ($i = 0; $i < 11; $i++) {
+            $response = $this->post("/register/invite/tokenhere{$i}", [
+                'password' => 'my test password',
+            ]);
+        }
 
-}
\ No newline at end of file
+        $response->assertStatus(429);
+    }
+}