2020-05-27 13:35:48 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
declare(strict_types=1);
|
|
|
|
|
|
|
|
|
|
namespace Shaarli\Front\Controller\Admin;
|
|
|
|
|
|
|
|
|
|
use Shaarli\Config\ConfigManager;
|
2020-05-27 14:18:07 +02:00
|
|
|
use Shaarli\Front\Exception\OpenShaarliPasswordException;
|
2020-05-27 13:35:48 +02:00
|
|
|
use Shaarli\Front\Exception\WrongTokenException;
|
|
|
|
|
use Shaarli\Security\SessionManager;
|
2020-09-29 14:41:40 +02:00
|
|
|
use Shaarli\TestCase;
|
2020-05-27 13:35:48 +02:00
|
|
|
use Slim\Http\Request;
|
|
|
|
|
use Slim\Http\Response;
|
|
|
|
|
|
|
|
|
|
class PasswordControllerTest extends TestCase
|
|
|
|
|
{
|
|
|
|
|
use FrontAdminControllerMockHelper;
|
|
|
|
|
|
|
|
|
|
/** @var PasswordController */
|
|
|
|
|
protected $controller;
|
|
|
|
|
|
|
|
|
|
/** @var mixed[] Variables assigned to the template */
|
|
|
|
|
protected $assignedVariables = [];
|
|
|
|
|
|
|
|
|
|
public function setUp(): void
|
|
|
|
|
{
|
|
|
|
|
$this->createContainer();
|
|
|
|
|
$this->assignTemplateVars($this->assignedVariables);
|
|
|
|
|
|
|
|
|
|
$this->controller = new PasswordController($this->container);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Test displaying the change password page.
|
|
|
|
|
*/
|
|
|
|
|
public function testGetPage(): void
|
|
|
|
|
{
|
|
|
|
|
$request = $this->createMock(Request::class);
|
|
|
|
|
$response = new Response();
|
|
|
|
|
|
|
|
|
|
$result = $this->controller->index($request, $response);
|
|
|
|
|
|
|
|
|
|
static::assertSame(200, $result->getStatusCode());
|
|
|
|
|
static::assertSame('changepassword', (string) $result->getBody());
|
|
|
|
|
static::assertSame('Change password - Shaarli', $this->assignedVariables['pagetitle']);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Change the password with valid parameters
|
|
|
|
|
*/
|
|
|
|
|
public function testPostNewPasswordDefault(): void
|
|
|
|
|
{
|
|
|
|
|
$request = $this->createMock(Request::class);
|
|
|
|
|
$request->method('getParam')->willReturnCallback(function (string $key): string {
|
|
|
|
|
if ('oldpassword' === $key) {
|
|
|
|
|
return 'old';
|
|
|
|
|
}
|
|
|
|
|
if ('setpassword' === $key) {
|
|
|
|
|
return 'new';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $key;
|
|
|
|
|
});
|
|
|
|
|
$response = new Response();
|
|
|
|
|
|
|
|
|
|
$this->container->conf = $this->createMock(ConfigManager::class);
|
|
|
|
|
$this->container->conf->method('get')->willReturnCallback(function (string $key, $default) {
|
|
|
|
|
if ('credentials.hash' === $key) {
|
|
|
|
|
return sha1('old' . 'credentials.login' . 'credentials.salt');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return strpos($key, 'credentials') !== false ? $key : $default;
|
|
|
|
|
});
|
|
|
|
|
$this->container->conf->expects(static::once())->method('write')->with(true);
|
|
|
|
|
|
|
|
|
|
$this->container->conf
|
|
|
|
|
->method('set')
|
|
|
|
|
->willReturnCallback(function (string $key, string $value) {
|
|
|
|
|
if ('credentials.hash' === $key) {
|
|
|
|
|
static::assertSame(sha1('new' . 'credentials.login' . 'credentials.salt'), $value);
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
$result = $this->controller->change($request, $response);
|
|
|
|
|
|
|
|
|
|
static::assertSame(200, $result->getStatusCode());
|
|
|
|
|
static::assertSame('changepassword', (string) $result->getBody());
|
|
|
|
|
static::assertSame('Change password - Shaarli', $this->assignedVariables['pagetitle']);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Change the password with a wrong existing password
|
|
|
|
|
*/
|
|
|
|
|
public function testPostNewPasswordWrongOldPassword(): void
|
|
|
|
|
{
|
|
|
|
|
$request = $this->createMock(Request::class);
|
|
|
|
|
$request->method('getParam')->willReturnCallback(function (string $key): string {
|
|
|
|
|
if ('oldpassword' === $key) {
|
|
|
|
|
return 'wrong';
|
|
|
|
|
}
|
|
|
|
|
if ('setpassword' === $key) {
|
|
|
|
|
return 'new';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $key;
|
|
|
|
|
});
|
|
|
|
|
$response = new Response();
|
|
|
|
|
|
|
|
|
|
$this->container->conf = $this->createMock(ConfigManager::class);
|
|
|
|
|
$this->container->conf->method('get')->willReturnCallback(function (string $key, $default) {
|
|
|
|
|
if ('credentials.hash' === $key) {
|
|
|
|
|
return sha1('old' . 'credentials.login' . 'credentials.salt');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return strpos($key, 'credentials') !== false ? $key : $default;
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
$this->container->conf->expects(static::never())->method('set');
|
|
|
|
|
$this->container->conf->expects(static::never())->method('write');
|
|
|
|
|
|
|
|
|
|
$this->container->sessionManager
|
|
|
|
|
->expects(static::once())
|
|
|
|
|
->method('setSessionParameter')
|
|
|
|
|
->with(SessionManager::KEY_ERROR_MESSAGES, ['The old password is not correct.'])
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
$result = $this->controller->change($request, $response);
|
|
|
|
|
|
|
|
|
|
static::assertSame(400, $result->getStatusCode());
|
|
|
|
|
static::assertSame('changepassword', (string) $result->getBody());
|
|
|
|
|
static::assertSame('Change password - Shaarli', $this->assignedVariables['pagetitle']);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Change the password with a wrong existing password
|
|
|
|
|
*/
|
|
|
|
|
public function testPostNewPasswordWrongToken(): void
|
|
|
|
|
{
|
|
|
|
|
$this->container->sessionManager = $this->createMock(SessionManager::class);
|
|
|
|
|
$this->container->sessionManager->method('checkToken')->willReturn(false);
|
|
|
|
|
|
|
|
|
|
$this->container->conf->expects(static::never())->method('set');
|
|
|
|
|
$this->container->conf->expects(static::never())->method('write');
|
|
|
|
|
|
|
|
|
|
$request = $this->createMock(Request::class);
|
|
|
|
|
$response = new Response();
|
|
|
|
|
|
|
|
|
|
$this->expectException(WrongTokenException::class);
|
|
|
|
|
|
|
|
|
|
$this->controller->change($request, $response);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Change the password with an empty new password
|
|
|
|
|
*/
|
|
|
|
|
public function testPostNewEmptyPassword(): void
|
|
|
|
|
{
|
|
|
|
|
$this->container->sessionManager
|
|
|
|
|
->expects(static::once())
|
|
|
|
|
->method('setSessionParameter')
|
|
|
|
|
->with(SessionManager::KEY_ERROR_MESSAGES, ['You must provide the current and new password to change it.'])
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
$this->container->conf->expects(static::never())->method('set');
|
|
|
|
|
$this->container->conf->expects(static::never())->method('write');
|
|
|
|
|
|
|
|
|
|
$request = $this->createMock(Request::class);
|
|
|
|
|
$request->method('getParam')->willReturnCallback(function (string $key): string {
|
|
|
|
|
if ('oldpassword' === $key) {
|
|
|
|
|
return 'old';
|
|
|
|
|
}
|
|
|
|
|
if ('setpassword' === $key) {
|
|
|
|
|
return '';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $key;
|
|
|
|
|
});
|
|
|
|
|
$response = new Response();
|
|
|
|
|
|
|
|
|
|
$result = $this->controller->change($request, $response);
|
|
|
|
|
|
|
|
|
|
static::assertSame(400, $result->getStatusCode());
|
|
|
|
|
static::assertSame('changepassword', (string) $result->getBody());
|
|
|
|
|
static::assertSame('Change password - Shaarli', $this->assignedVariables['pagetitle']);
|
|
|
|
|
}
|
2020-05-27 14:18:07 +02:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Change the password on an open shaarli
|
|
|
|
|
*/
|
|
|
|
|
public function testPostNewPasswordOnOpenShaarli(): void
|
|
|
|
|
{
|
|
|
|
|
$this->container->conf = $this->createMock(ConfigManager::class);
|
|
|
|
|
$this->container->conf->method('get')->with('security.open_shaarli')->willReturn(true);
|
|
|
|
|
|
|
|
|
|
$request = $this->createMock(Request::class);
|
|
|
|
|
$response = new Response();
|
|
|
|
|
|
|
|
|
|
$this->expectException(OpenShaarliPasswordException::class);
|
|
|
|
|
|
|
|
|
|
$this->controller->change($request, $response);
|
|
|
|
|
}
|
2020-05-27 13:35:48 +02:00
|
|
|
}
|
