X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/cd6572b61af2165133468d2562d04dffdca8fca8..refs/pull/1973/head:/tests/Auth/AuthTest.php diff --git a/tests/Auth/AuthTest.php b/tests/Auth/AuthTest.php index 664ec297a..eb83faded 100644 --- a/tests/Auth/AuthTest.php +++ b/tests/Auth/AuthTest.php @@ -1,9 +1,12 @@ -put('app-public', 'true'); $this->visit('/') ->seePageIs('/') @@ -41,7 +44,7 @@ class AuthTest extends TestCase { // Set settings and get user instance $this->setSettings(['registration-enabled' => 'true']); - $user = factory(\BookStack\User::class)->make(); + $user = factory(User::class)->make(); // Test form and ensure user is created $this->visit('/register') @@ -55,6 +58,43 @@ class AuthTest extends TestCase ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email]); } + public function test_empty_registration_redirects_back_with_errors() + { + // Set settings and get user instance + $this->setSettings(['registration-enabled' => 'true']); + + // Test form and ensure user is created + $this->visit('/register') + ->press('Create Account') + ->see('The name field is required') + ->seePageIs('/register'); + } + + public function test_registration_validation() + { + $this->setSettings(['registration-enabled' => 'true']); + + $this->visit('/register') + ->type('1', '#name') + ->type('1', '#email') + ->type('1', '#password') + ->press('Create Account') + ->see('The name must be at least 2 characters.') + ->see('The email must be a valid email address.') + ->see('The password must be at least 8 characters.') + ->seePageIs('/register'); + } + + public function test_sign_up_link_on_login() + { + $this->visit('/login') + ->dontSee('Sign up'); + + $this->setSettings(['registration-enabled' => 'true']); + + $this->visit('/login') + ->see('Sign up'); + } public function test_confirmed_registration() { @@ -63,7 +103,7 @@ class AuthTest extends TestCase // Set settings and get user instance $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'true']); - $user = factory(\BookStack\User::class)->make(); + $user = factory(User::class)->make(); // Go through registration process $this->visit('/register') @@ -76,7 +116,7 @@ class AuthTest extends TestCase ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]); // Ensure notification sent - $dbUser = \BookStack\User::where('email', '=', $user->email)->first(); + $dbUser = User::where('email', '=', $user->email)->first(); Notification::assertSentTo($dbUser, ConfirmEmail::class); // Test access and resend confirmation email @@ -88,7 +128,7 @@ class AuthTest extends TestCase ->press('Resend Confirmation Email'); // Get confirmation and confirm notification matches - $emailConfirmation = DB::table('email_confirmations')->where('user_id', '=', $dbUser->id)->first(); + $emailConfirmation = \DB::table('email_confirmations')->where('user_id', '=', $dbUser->id)->first(); Notification::assertSentTo($dbUser, ConfirmEmail::class, function($notification, $channels) use ($emailConfirmation) { return $notification->token === $emailConfirmation->token; }); @@ -104,7 +144,7 @@ class AuthTest extends TestCase public function test_restricted_registration() { $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'true', 'registration-restrict' => 'example.com']); - $user = factory(\BookStack\User::class)->make(); + $user = factory(User::class)->make(); // Go through registration process $this->visit('/register') ->type($user->name, '#name') @@ -124,11 +164,50 @@ class AuthTest extends TestCase ->press('Create Account') ->seePageIs('/register/confirm') ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]); + + $this->visit('/')->seePageIs('/login') + ->type($user->email, '#email') + ->type($user->password, '#password') + ->press('Log In') + ->seePageIs('/register/confirm/awaiting') + ->seeText('Email Address Not Confirmed'); + } + + public function test_restricted_registration_with_confirmation_disabled() + { + $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'false', 'registration-restrict' => 'example.com']); + $user = factory(User::class)->make(); + // Go through registration process + $this->visit('/register') + ->type($user->name, '#name') + ->type($user->email, '#email') + ->type($user->password, '#password') + ->press('Create Account') + ->seePageIs('/register') + ->dontSeeInDatabase('users', ['email' => $user->email]) + ->see('That email domain does not have access to this application'); + + $user->email = 'barry@example.com'; + + $this->visit('/register') + ->type($user->name, '#name') + ->type($user->email, '#email') + ->type($user->password, '#password') + ->press('Create Account') + ->seePageIs('/register/confirm') + ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]); + + $this->visit('/')->seePageIs('/login') + ->type($user->email, '#email') + ->type($user->password, '#password') + ->press('Log In') + ->seePageIs('/register/confirm/awaiting') + ->seeText('Email Address Not Confirmed'); } public function test_user_creation() { - $user = factory(\BookStack\User::class)->make(); + $user = factory(User::class)->make(); $this->asAdmin() ->visit('/settings/users') @@ -176,13 +255,13 @@ class AuthTest extends TestCase ->press('Save') ->seePageIs('/settings/users'); - $userPassword = \BookStack\User::find($user->id)->password; - $this->assertTrue(Hash::check('newpassword', $userPassword)); + $userPassword = User::find($user->id)->password; + $this->assertTrue(\Hash::check('newpassword', $userPassword)); } public function test_user_deletion() { - $userDetails = factory(\BookStack\User::class)->make(); + $userDetails = factory(User::class)->make(); $user = $this->getEditor($userDetails->toArray()); $this->asAdmin() @@ -196,7 +275,16 @@ class AuthTest extends TestCase public function test_user_cannot_be_deleted_if_last_admin() { - $adminRole = \BookStack\Role::getRole('admin'); + $adminRole = \BookStack\Auth\Role::getRole('admin'); + + // Delete all but one admin user if there are more than one + $adminUsers = $adminRole->users; + if (count($adminUsers) > 1) { + foreach ($adminUsers->splice(1) as $user) { + $user->delete(); + } + } + // Ensure we currently only have 1 admin user $this->assertEquals(1, $adminRole->users()->count()); $user = $adminRole->users->first(); @@ -220,6 +308,9 @@ class AuthTest extends TestCase public function test_reset_password_flow() { + + Notification::fake(); + $this->visit('/login')->click('Forgot Password?') ->seePageIs('/password/email') ->type('admin@admin.com', 'email') @@ -230,8 +321,12 @@ class AuthTest extends TestCase 'email' => 'admin@admin.com' ]); - $reset = DB::table('password_resets')->where('email', '=', 'admin@admin.com')->first(); - $this->visit('/password/reset/' . $reset->token) + $user = User::where('email', '=', 'admin@admin.com')->first(); + + Notification::assertSentTo($user, \BookStack\Notifications\ResetPassword::class); + $n = Notification::sent($user, \BookStack\Notifications\ResetPassword::class); + + $this->visit('/password/reset/' . $n->first()->token) ->see('Reset Password') ->submitForm('Reset Password', [ 'email' => 'admin@admin.com', @@ -249,6 +344,17 @@ class AuthTest extends TestCase ->seeLink('Sign up'); } + public function test_login_redirects_to_initially_requested_url_correctly() + { + config()->set('app.url', 'http://localhost'); + $page = Page::query()->first(); + + $this->visit($page->getUrl()) + ->seePageUrlIs(url('/login')); + $this->login('admin@admin.com', 'password') + ->seePageUrlIs($page->getUrl()); + } + /** * Perform a login * @param string $email