Render login page through Slim controller (#1401)

Render login page through Slim controller
2020-01-26 11:41:10 +01:00 · 2020-01-26 11:41:10 +01:00 · c653ae3bfb
commit c653ae3bfb
parent 1410dce2db 27ceea2aee
26 changed files with 926 additions and 131 deletions
--- a/application/Utils.php
+++ b/application/Utils.php
@ -159,7 +159,7 @@ function checkDateFormat($format, $string)
 */
 function generateLocation($referer, $host, $loopTerms = array())
 {
-    $finalReferer = '?';
+    $finalReferer = './?';
    // No referer if it contains any value in $loopCriteria.
    foreach (array_filter($loopTerms) as $value) {
--- a/application/container/ContainerBuilder.php
+++ b/application/container/ContainerBuilder.php
@ -0,0 +1,81 @@
 <?php
 declare(strict_types=1);
 namespace Shaarli\Container;
 use Shaarli\Bookmark\BookmarkFileService;
 use Shaarli\Bookmark\BookmarkServiceInterface;
 use Shaarli\Config\ConfigManager;
 use Shaarli\History;
 use Shaarli\Plugin\PluginManager;
 use Shaarli\Render\PageBuilder;
 use Shaarli\Security\LoginManager;
 use Shaarli\Security\SessionManager;
 /**
 * Class ContainerBuilder
 *
 * Helper used to build a Slim container instance with Shaarli's object dependencies.
 * Note that most injected objects MUST be added as closures, to let the container instantiate
 * only the objects it requires during the execution.
 *
 * @package Container
 */
 class ContainerBuilder
 {
    /** @var ConfigManager */
    protected $conf;
    /** @var SessionManager */
    protected $session;
    /** @var LoginManager */
    protected $login;
    public function __construct(ConfigManager $conf, SessionManager $session, LoginManager $login)
    {
        $this->conf = $conf;
        $this->session = $session;
        $this->login = $login;
    }
    public function build(): ShaarliContainer
    {
        $container = new ShaarliContainer();
        $container['conf'] = $this->conf;
        $container['sessionManager'] = $this->session;
        $container['loginManager'] = $this->login;
        $container['plugins'] = function (ShaarliContainer $container): PluginManager {
            return new PluginManager($container->conf);
        };
        $container['history'] = function (ShaarliContainer $container): History {
            return new History($container->conf->get('resource.history'));
        };
        $container['bookmarkService'] = function (ShaarliContainer $container): BookmarkServiceInterface {
            return new BookmarkFileService(
                $container->conf,
                $container->history,
                $container->loginManager->isLoggedIn()
            );
        };
        $container['pageBuilder'] = function (ShaarliContainer $container): PageBuilder {
            return new PageBuilder(
                $container->conf,
                $container->sessionManager->getSession(),
                $container->bookmarkService,
                $container->sessionManager->generateToken(),
                $container->loginManager->isLoggedIn()
            );
        };
        $container['pluginManager'] = function (ShaarliContainer $container): PluginManager {
            return new PluginManager($container->conf);
        };
        return $container;
    }
 }
--- a/application/container/ShaarliContainer.php
+++ b/application/container/ShaarliContainer.php
@ -0,0 +1,30 @@
 <?php
 declare(strict_types=1);
 namespace Shaarli\Container;
 use Shaarli\Bookmark\BookmarkServiceInterface;
 use Shaarli\Config\ConfigManager;
 use Shaarli\History;
 use Shaarli\Plugin\PluginManager;
 use Shaarli\Render\PageBuilder;
 use Shaarli\Security\LoginManager;
 use Shaarli\Security\SessionManager;
 use Slim\Container;
 /**
 * Extension of Slim container to document the injected objects.
 *
 * @property ConfigManager            $conf
 * @property SessionManager           $sessionManager
 * @property LoginManager             $loginManager
 * @property History                  $history
 * @property BookmarkServiceInterface $bookmarkService
 * @property PageBuilder              $pageBuilder
 * @property PluginManager            $pluginManager
 */
 class ShaarliContainer extends Container
 {
 }
--- a/application/front/ShaarliMiddleware.php
+++ b/application/front/ShaarliMiddleware.php
@ -0,0 +1,57 @@
 <?php
 namespace Shaarli\Front;
 use Shaarli\Container\ShaarliContainer;
 use Shaarli\Front\Exception\ShaarliException;
 use Slim\Http\Request;
 use Slim\Http\Response;
 /**
 * Class ShaarliMiddleware
 *
 * This will be called before accessing any Shaarli controller.
 */
 class ShaarliMiddleware
 {
    /** @var ShaarliContainer contains all Shaarli DI */
    protected $container;
    public function __construct(ShaarliContainer $container)
    {
        $this->container = $container;
    }
    /**
     * Middleware execution:
     *   - execute the controller
     *   - return the response
     *
     * In case of error, the error template will be displayed with the exception message.
     *
     * @param  Request  $request  Slim request
     * @param  Response $response Slim response
     * @param  callable $next     Next action
     *
     * @return Response response.
     */
    public function __invoke(Request $request, Response $response, callable $next)
    {
        try {
            $response = $next($request, $response);
        } catch (ShaarliException $e) {
            $this->container->pageBuilder->assign('message', $e->getMessage());
            if ($this->container->conf->get('dev.debug', false)) {
                $this->container->pageBuilder->assign(
                    'stacktrace',
                    nl2br(get_class($this) .': '. $e->getTraceAsString())
                );
            }
            $response = $response->withStatus($e->getCode());
            $response = $response->write($this->container->pageBuilder->render('error'));
        }
        return $response;
    }
 }
--- a/application/front/controllers/LoginController.php
+++ b/application/front/controllers/LoginController.php
@ -0,0 +1,48 @@
 <?php
 declare(strict_types=1);
 namespace Shaarli\Front\Controller;
 use Shaarli\Front\Exception\LoginBannedException;
 use Slim\Http\Request;
 use Slim\Http\Response;
 /**
 * Class LoginController
 *
 * Slim controller used to render the login page.
 *
 * The login page is not available if the user is banned
 * or if open shaarli setting is enabled.
 *
 * @package Front\Controller
 */
 class LoginController extends ShaarliController
 {
    public function index(Request $request, Response $response): Response
    {
        if ($this->container->loginManager->isLoggedIn()
            || $this->container->conf->get('security.open_shaarli', false)
        ) {
            return $response->withRedirect('./');
        }
        $userCanLogin = $this->container->loginManager->canLogin($request->getServerParams());
        if ($userCanLogin !== true) {
            throw new LoginBannedException();
        }
        if ($request->getParam('username') !== null) {
            $this->assignView('username', escape($request->getParam('username')));
        }
        $this
            ->assignView('returnurl', escape($request->getServerParam('HTTP_REFERER')))
            ->assignView('remember_user_default', $this->container->conf->get('privacy.remember_user_default', true))
            ->assignView('pagetitle', t('Login') .' - '. $this->container->conf->get('general.title', 'Shaarli'))
        ;
        return $response->write($this->render('loginform'));
    }
 }
--- a/application/front/controllers/ShaarliController.php
+++ b/application/front/controllers/ShaarliController.php
@ -0,0 +1,69 @@
 <?php
 declare(strict_types=1);
 namespace Shaarli\Front\Controller;
 use Shaarli\Bookmark\BookmarkFilter;
 use Shaarli\Container\ShaarliContainer;
 abstract class ShaarliController
 {
    /** @var ShaarliContainer */
    protected $container;
    /** @param ShaarliContainer $container Slim container (extended for attribute completion). */
    public function __construct(ShaarliContainer $container)
    {
        $this->container = $container;
    }
    /**
     * Assign variables to RainTPL template through the PageBuilder.
     *
     * @param mixed $value Value to assign to the template
     */
    protected function assignView(string $name, $value): self
    {
        $this->container->pageBuilder->assign($name, $value);
        return $this;
    }
    protected function render(string $template): string
    {
        $this->assignView('linkcount', $this->container->bookmarkService->count(BookmarkFilter::$ALL));
        $this->assignView('privateLinkcount', $this->container->bookmarkService->count(BookmarkFilter::$PRIVATE));
        $this->assignView('plugin_errors', $this->container->pluginManager->getErrors());
        $this->executeDefaultHooks($template);
        return $this->container->pageBuilder->render($template);
    }
    /**
     * Call plugin hooks for header, footer and includes, specifying which page will be rendered.
     * Then assign generated data to RainTPL.
     */
    protected function executeDefaultHooks(string $template): void
    {
        $common_hooks = [
            'includes',
            'header',
            'footer',
        ];
        foreach ($common_hooks as $name) {
            $plugin_data = [];
            $this->container->pluginManager->executeHooks(
                'render_' . $name,
                $plugin_data,
                [
                    'target' => $template,
                    'loggedin' => $this->container->loginManager->isLoggedIn()
                ]
            );
            $this->assignView('plugins_' . $name, $plugin_data);
        }
    }
 }
--- a/application/front/exceptions/LoginBannedException.php
+++ b/application/front/exceptions/LoginBannedException.php
@ -0,0 +1,15 @@
 <?php
 declare(strict_types=1);
 namespace Shaarli\Front\Exception;
 class LoginBannedException extends ShaarliException
 {
    public function __construct()
    {
        $message = t('You have been banned after too many failed login attempts. Try again later.');
        parent::__construct($message, 401);
    }
 }
--- a/application/front/exceptions/ShaarliException.php
+++ b/application/front/exceptions/ShaarliException.php
@ -0,0 +1,23 @@
 <?php
 declare(strict_types=1);
 namespace Shaarli\Front\Exception;
 use Throwable;
 /**
 * Class ShaarliException
 *
 * Abstract exception class used to defined any custom exception thrown during front rendering.
 *
 * @package Front\Exception
 */
 abstract class ShaarliException extends \Exception
 {
    /** Override parent constructor to force $message and $httpCode parameters to be set. */
    public function __construct(string $message, int $httpCode, Throwable $previous = null)
    {
        parent::__construct($message, $httpCode, $previous);
    }
 }
--- a/application/render/PageBuilder.php
+++ b/application/render/PageBuilder.php
@ -199,6 +199,23 @@ public function renderPage($page)
        $this->tpl->draw($page);
    }
    /**
     * Render a specific page as string (using a template file).
     * e.g. $pb->render('picwall');
     *
     * @param string $page Template filename (without extension).
     *
     * @return string Processed template content
     */
    public function render(string $page): string
    {
        if ($this->tpl === false) {
            $this->initialize();
        }
        return $this->tpl->draw($page, true);
    }
    /**
     * Render a 404 page (uses the template : tpl/404.tpl)
     * usage: $PAGE->render404('The link was deleted')
--- a/application/security/SessionManager.php
+++ b/application/security/SessionManager.php
@ -196,4 +196,10 @@ public function hasClientIpChanged($clientIpId)
        }
        return true;
    }
    /** @return array Local reference to the global $_SESSION array */
    public function getSession(): array
    {
        return $this->session;
    }
 }
--- a/assets/default/scss/shaarli.scss
+++ b/assets/default/scss/shaarli.scss
@ -1236,8 +1236,19 @@ form {
  color: $dark-grey;
 }
-.page404-container {
+.page-error-container {
  color: $dark-grey;
  h2 {
    margin: 70px 0 25px;
  }
  pre {
    margin: 0 20%;
    padding: 20px 0;
    text-align: left;
    line-height: .7em;
  }
 }
 // EDIT LINK
--- a/composer.json
+++ b/composer.json
@ -48,9 +48,13 @@
            "Shaarli\\Bookmark\\Exception\\": "application/bookmark/exception",
            "Shaarli\\Config\\": "application/config/",
            "Shaarli\\Config\\Exception\\": "application/config/exception",
            "Shaarli\\Container\\": "application/container",
            "Shaarli\\Exceptions\\": "application/exceptions",
            "Shaarli\\Feed\\": "application/feed",
            "Shaarli\\Formatter\\": "application/formatter",
            "Shaarli\\Front\\": "application/front",
            "Shaarli\\Front\\Controller\\": "application/front/controllers",
            "Shaarli\\Front\\Exception\\": "application/front/exceptions",
            "Shaarli\\Http\\": "application/http",
            "Shaarli\\Legacy\\": "application/legacy",
            "Shaarli\\Netscape\\": "application/netscape",
--- a/doc/md/Translations.md
+++ b/doc/md/Translations.md
@ -41,7 +41,7 @@ http://<replace_domain>/?do=daily
 http://<replace_domain>/?post
 http://<replace_domain>/?do=export
 http://<replace_domain>/?do=import
-http://<replace_domain>/?do=login
+http://<replace_domain>/login
 http://<replace_domain>/?do=picwall
 http://<replace_domain>/?do=pluginadmin
 http://<replace_domain>/?do=tagcloud
--- a/index.php
+++ b/index.php
@ -61,29 +61,31 @@
 require_once 'application/TimeZone.php';
 require_once 'application/Utils.php';
-use \Shaarli\ApplicationUtils;
+use Shaarli\ApplicationUtils;
 use Shaarli\Bookmark\BookmarkServiceInterface;
 use \Shaarli\Bookmark\Exception\BookmarkNotFoundException;
 use Shaarli\Bookmark\Bookmark;
 use Shaarli\Bookmark\BookmarkFilter;
 use Shaarli\Bookmark\BookmarkFileService;
-use \Shaarli\Config\ConfigManager;
+use Shaarli\Bookmark\BookmarkFilter;
-use \Shaarli\Feed\CachedPage;
+use Shaarli\Bookmark\BookmarkServiceInterface;
-use \Shaarli\Feed\FeedBuilder;
+use Shaarli\Bookmark\Exception\BookmarkNotFoundException;
 use Shaarli\Config\ConfigManager;
 use Shaarli\Container\ContainerBuilder;
 use Shaarli\Feed\CachedPage;
 use Shaarli\Feed\FeedBuilder;
 use Shaarli\Formatter\BookmarkMarkdownFormatter;
 use Shaarli\Formatter\FormatterFactory;
-use \Shaarli\History;
+use Shaarli\History;
-use \Shaarli\Languages;
+use Shaarli\Languages;
-use \Shaarli\Netscape\NetscapeBookmarkUtils;
+use Shaarli\Netscape\NetscapeBookmarkUtils;
-use \Shaarli\Plugin\PluginManager;
+use Shaarli\Plugin\PluginManager;
-use \Shaarli\Render\PageBuilder;
+use Shaarli\Render\PageBuilder;
-use \Shaarli\Render\ThemeUtils;
+use Shaarli\Render\ThemeUtils;
-use \Shaarli\Router;
+use Shaarli\Router;
-use \Shaarli\Security\LoginManager;
+use Shaarli\Security\LoginManager;
-use \Shaarli\Security\SessionManager;
+use Shaarli\Security\SessionManager;
-use \Shaarli\Thumbnailer;
+use Shaarli\Thumbnailer;
-use \Shaarli\Updater\Updater;
+use Shaarli\Updater\Updater;
-use \Shaarli\Updater\UpdaterUtils;
+use Shaarli\Updater\UpdaterUtils;
 use Slim\App;
 // Ensure the PHP version is supported
 try {
@ -250,7 +252,7 @@ function isLoggedIn()
        // Optional redirect after login:
        if (isset($_GET['post'])) {
-            $uri = '?post='. urlencode($_GET['post']);
+            $uri = './?post='. urlencode($_GET['post']);
            foreach (array('description', 'source', 'title', 'tags') as $param) {
                if (!empty($_GET[$param])) {
                    $uri .= '&'.$param.'='.urlencode($_GET[$param]);
@ -261,22 +263,22 @@ function isLoggedIn()
        }
        if (isset($_GET['edit_link'])) {
-            header('Location: ?edit_link='. escape($_GET['edit_link']));
+            header('Location: ./?edit_link='. escape($_GET['edit_link']));
            exit;
        }
        if (isset($_POST['returnurl'])) {
            // Prevent loops over login screen.
-            if (strpos($_POST['returnurl'], 'do=login') === false) {
+            if (strpos($_POST['returnurl'], '/login') === false) {
                header('Location: '. generateLocation($_POST['returnurl'], $_SERVER['HTTP_HOST']));
                exit;
            }
        }
-        header('Location: ?');
+        header('Location: ./?');
        exit;
    } else {
        $loginManager->handleFailedLogin($_SERVER);
-        $redir = '&username='. urlencode($_POST['login']);
+        $redir = '?username='. urlencode($_POST['login']);
        if (isset($_GET['post'])) {
            $redir .= '&post=' . urlencode($_GET['post']);
            foreach (array('description', 'source', 'title', 'tags') as $param) {
@ -286,7 +288,7 @@ function isLoggedIn()
            }
        }
        // Redirect to login screen.
-        echo '<script>alert("'. t("Wrong login/password.") .'");document.location=\'?do=login'.$redir.'\';</script>';
+        echo '<script>alert("'. t("Wrong login/password.") .'");document.location=\'./login'.$redir.'\';</script>';
        exit;
    }
 }
@ -594,19 +596,7 @@ function renderPage($conf, $pluginManager, $bookmarkService, $history, $sessionM
    // -------- Display login form.
    if ($targetPage == Router::$PAGE_LOGIN) {
-        if ($conf->get('security.open_shaarli')) {
+        header('Location: ./login');
            header('Location: ?');
            exit;
        }  // No need to login for open Shaarli
        if (isset($_GET['username'])) {
            $PAGE->assign('username', escape($_GET['username']));
        }
        $PAGE->assign('returnurl', (isset($_SERVER['HTTP_REFERER']) ? escape($_SERVER['HTTP_REFERER']):''));
        // add default state of the 'remember me' checkbox
        $PAGE->assign('remember_user_default', $conf->get('privacy.remember_user_default'));
        $PAGE->assign('user_can_login', $loginManager->canLogin($_SERVER));
        $PAGE->assign('pagetitle', t('Login') .' - '. $conf->get('general.title', 'Shaarli'));
        $PAGE->renderPage('loginform');
        exit;
    }
    // -------- User wants to logout.
@ -933,7 +923,7 @@ function renderPage($conf, $pluginManager, $bookmarkService, $history, $sessionM
        // Show login screen, then redirect to ?post=...
        if (isset($_GET['post'])) {
            header( // Redirect to login page, then back to post link.
-                'Location: ?do=login&post='.urlencode($_GET['post']).
+                'Location: /login?post='.urlencode($_GET['post']).
                (!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').
                (!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').
                (!empty($_GET['tags'])?'&tags='.urlencode($_GET['tags']):'').
@ -944,7 +934,7 @@ function renderPage($conf, $pluginManager, $bookmarkService, $history, $sessionM
        showLinkList($PAGE, $bookmarkService, $conf, $pluginManager, $loginManager);
        if (isset($_GET['edit_link'])) {
-            header('Location: ?do=login&edit_link='. escape($_GET['edit_link']));
+            header('Location: /login?edit_link='. escape($_GET['edit_link']));
            exit;
        }
@ -1900,7 +1890,7 @@ function install($conf, $sessionManager, $loginManager)
        echo '<script>alert('
            .'"Shaarli is now configured. '
            .'Please enter your login/password and start shaaring your bookmarks!"'
-            .');document.location=\'?do=login\';</script>';
+            .');document.location=\'./login\';</script>';
        exit;
    }
@ -1930,11 +1920,9 @@ function install($conf, $sessionManager, $loginManager)
    exit;
 }
-$container = new \Slim\Container();
+$containerBuilder = new ContainerBuilder($conf, $sessionManager, $loginManager);
-$container['conf'] = $conf;
+$container = $containerBuilder->build();
-$container['plugins'] = $pluginManager;
+$app = new App($container);
 $container['history'] = $history;
 $app = new \Slim\App($container);
 // REST API routes
 $app->group('/api/v1', function () {
@ -1953,6 +1941,10 @@ function install($conf, $sessionManager, $loginManager)
    $this->get('/history', '\Shaarli\Api\Controllers\HistoryController:getHistory')->setName('getHistory');
 })->add('\Shaarli\Api\ApiMiddleware');
 $app->group('', function () {
    $this->get('/login', '\Shaarli\Front\Controller\LoginController:index')->setName('login');
 })->add('\Shaarli\Front\ShaarliMiddleware');
 $response = $app->run(true);
 // Hack to make Slim and Shaarli router work together:
--- a/tests/UtilsTest.php
+++ b/tests/UtilsTest.php
@ -203,7 +203,7 @@ public function testGenerateLocation()
    public function testGenerateLocationLoop()
    {
        $ref = 'http://localhost/?test';
-        $this->assertEquals('?', generateLocation($ref, 'localhost', array('test')));
+        $this->assertEquals('./?', generateLocation($ref, 'localhost', array('test')));
    }
    /**
@ -212,7 +212,7 @@ public function testGenerateLocationLoop()
    public function testGenerateLocationOut()
    {
        $ref = 'http://somewebsite.com/?test';
-        $this->assertEquals('?', generateLocation($ref, 'localhost'));
+        $this->assertEquals('./?', generateLocation($ref, 'localhost'));
    }
--- a/tests/container/ContainerBuilderTest.php
+++ b/tests/container/ContainerBuilderTest.php
@ -0,0 +1,49 @@
 <?php
 declare(strict_types=1);
 namespace Shaarli\Container;
 use PHPUnit\Framework\TestCase;
 use Shaarli\Bookmark\BookmarkServiceInterface;
 use Shaarli\Config\ConfigManager;
 use Shaarli\History;
 use Shaarli\Render\PageBuilder;
 use Shaarli\Security\LoginManager;
 use Shaarli\Security\SessionManager;
 class ContainerBuilderTest extends TestCase
 {
    /** @var ConfigManager */
    protected $conf;
    /** @var SessionManager */
    protected $sessionManager;
    /** @var LoginManager */
    protected $loginManager;
    /** @var ContainerBuilder */
    protected $containerBuilder;
    public function setUp(): void
    {
        $this->conf = new ConfigManager('tests/utils/config/configJson');
        $this->sessionManager = $this->createMock(SessionManager::class);
        $this->loginManager = $this->createMock(LoginManager::class);
        $this->containerBuilder = new ContainerBuilder($this->conf, $this->sessionManager, $this->loginManager);
    }
    public function testBuildContainer(): void
    {
        $container = $this->containerBuilder->build();
        static::assertInstanceOf(ConfigManager::class, $container->conf);
        static::assertInstanceOf(SessionManager::class, $container->sessionManager);
        static::assertInstanceOf(LoginManager::class, $container->loginManager);
        static::assertInstanceOf(History::class, $container->history);
        static::assertInstanceOf(BookmarkServiceInterface::class, $container->bookmarkService);
        static::assertInstanceOf(PageBuilder::class, $container->pageBuilder);
    }
 }
--- a/tests/front/ShaarliMiddlewareTest.php
+++ b/tests/front/ShaarliMiddlewareTest.php
@ -0,0 +1,70 @@
 <?php
 declare(strict_types=1);
 namespace Shaarli\Front;
 use PHPUnit\Framework\TestCase;
 use Shaarli\Config\ConfigManager;
 use Shaarli\Container\ShaarliContainer;
 use Shaarli\Front\Exception\LoginBannedException;
 use Shaarli\Render\PageBuilder;
 use Slim\Http\Request;
 use Slim\Http\Response;
 class ShaarliMiddlewareTest extends TestCase
 {
    /** @var ShaarliContainer */
    protected $container;
    /** @var ShaarliMiddleware  */
    protected $middleware;
    public function setUp(): void
    {
        $this->container = $this->createMock(ShaarliContainer::class);
        $this->middleware = new ShaarliMiddleware($this->container);
    }
    public function testMiddlewareExecution(): void
    {
        $request = $this->createMock(Request::class);
        $response = new Response();
        $controller = function (Request $request, Response $response): Response {
            return $response->withStatus(418); // I'm a tea pot
        };
        /** @var Response $result */
        $result = $this->middleware->__invoke($request, $response, $controller);
        static::assertInstanceOf(Response::class, $result);
        static::assertSame(418, $result->getStatusCode());
    }
    public function testMiddlewareExecutionWithException(): void
    {
        $request = $this->createMock(Request::class);
        $response = new Response();
        $controller = function (): void {
            $exception = new LoginBannedException();
            throw new $exception;
        };
        $pageBuilder = $this->createMock(PageBuilder::class);
        $pageBuilder->method('render')->willReturnCallback(function (string $message): string {
            return $message;
        });
        $this->container->pageBuilder = $pageBuilder;
        $conf = $this->createMock(ConfigManager::class);
        $this->container->conf = $conf;
        /** @var Response $result */
        $result = $this->middleware->__invoke($request, $response, $controller);
        static::assertInstanceOf(Response::class, $result);
        static::assertSame(401, $result->getStatusCode());
        static::assertContains('error', (string) $result->getBody());
    }
 }
--- a/tests/front/controller/LoginControllerTest.php
+++ b/tests/front/controller/LoginControllerTest.php
@ -0,0 +1,178 @@
 <?php
 declare(strict_types=1);
 namespace Shaarli\Front\Controller;
 use PHPUnit\Framework\TestCase;
 use Shaarli\Bookmark\BookmarkServiceInterface;
 use Shaarli\Config\ConfigManager;
 use Shaarli\Container\ShaarliContainer;
 use Shaarli\Front\Exception\LoginBannedException;
 use Shaarli\Plugin\PluginManager;
 use Shaarli\Render\PageBuilder;
 use Shaarli\Security\LoginManager;
 use Slim\Http\Request;
 use Slim\Http\Response;
 class LoginControllerTest extends TestCase
 {
    /** @var ShaarliContainer */
    protected $container;
    /** @var LoginController */
    protected $controller;
    public function setUp(): void
    {
        $this->container = $this->createMock(ShaarliContainer::class);
        $this->controller = new LoginController($this->container);
    }
    public function testValidControllerInvoke(): void
    {
        $this->createValidContainerMockSet();
        $request = $this->createMock(Request::class);
        $request->expects(static::once())->method('getServerParam')->willReturn('> referer');
        $response = new Response();
        $assignedVariables = [];
        $this->container->pageBuilder
            ->method('assign')
            ->willReturnCallback(function ($key, $value) use (&$assignedVariables) {
                $assignedVariables[$key] = $value;
                return $this;
            })
        ;
        $result = $this->controller->index($request, $response);
        static::assertInstanceOf(Response::class, $result);
        static::assertSame(200, $result->getStatusCode());
        static::assertSame('loginform', (string) $result->getBody());
        static::assertSame('&gt; referer', $assignedVariables['returnurl']);
        static::assertSame(true, $assignedVariables['remember_user_default']);
        static::assertSame('Login - Shaarli', $assignedVariables['pagetitle']);
    }
    public function testValidControllerInvokeWithUserName(): void
    {
        $this->createValidContainerMockSet();
        $request = $this->createMock(Request::class);
        $request->expects(static::once())->method('getServerParam')->willReturn('> referer');
        $request->expects(static::exactly(2))->method('getParam')->willReturn('myUser>');
        $response = new Response();
        $assignedVariables = [];
        $this->container->pageBuilder
            ->method('assign')
            ->willReturnCallback(function ($key, $value) use (&$assignedVariables) {
                $assignedVariables[$key] = $value;
                return $this;
            })
        ;
        $result = $this->controller->index($request, $response);
        static::assertInstanceOf(Response::class, $result);
        static::assertSame(200, $result->getStatusCode());
        static::assertSame('loginform', (string) $result->getBody());
        static::assertSame('myUser&gt;', $assignedVariables['username']);
        static::assertSame('&gt; referer', $assignedVariables['returnurl']);
        static::assertSame(true, $assignedVariables['remember_user_default']);
        static::assertSame('Login - Shaarli', $assignedVariables['pagetitle']);
    }
    public function testLoginControllerWhileLoggedIn(): void
    {
        $request = $this->createMock(Request::class);
        $response = new Response();
        $loginManager = $this->createMock(LoginManager::class);
        $loginManager->expects(static::once())->method('isLoggedIn')->willReturn(true);
        $this->container->loginManager = $loginManager;
        $result = $this->controller->index($request, $response);
        static::assertInstanceOf(Response::class, $result);
        static::assertSame(302, $result->getStatusCode());
        static::assertSame(['./'], $result->getHeader('Location'));
    }
    public function testLoginControllerOpenShaarli(): void
    {
        $this->createValidContainerMockSet();
        $request = $this->createMock(Request::class);
        $response = new Response();
        $conf = $this->createMock(ConfigManager::class);
        $conf->method('get')->willReturnCallback(function (string $parameter, $default) {
            if ($parameter === 'security.open_shaarli') {
                return true;
            }
            return $default;
        });
        $this->container->conf = $conf;
        $result = $this->controller->index($request, $response);
        static::assertInstanceOf(Response::class, $result);
        static::assertSame(302, $result->getStatusCode());
        static::assertSame(['./'], $result->getHeader('Location'));
    }
    public function testLoginControllerWhileBanned(): void
    {
        $this->createValidContainerMockSet();
        $request = $this->createMock(Request::class);
        $response = new Response();
        $loginManager = $this->createMock(LoginManager::class);
        $loginManager->method('isLoggedIn')->willReturn(false);
        $loginManager->method('canLogin')->willReturn(false);
        $this->container->loginManager = $loginManager;
        $this->expectException(LoginBannedException::class);
        $this->controller->index($request, $response);
    }
    protected function createValidContainerMockSet(): void
    {
        // User logged out
        $loginManager = $this->createMock(LoginManager::class);
        $loginManager->method('isLoggedIn')->willReturn(false);
        $loginManager->method('canLogin')->willReturn(true);
        $this->container->loginManager = $loginManager;
        // Config
        $conf = $this->createMock(ConfigManager::class);
        $conf->method('get')->willReturnCallback(function (string $parameter, $default) {
            return $default;
        });
        $this->container->conf = $conf;
        // PageBuilder
        $pageBuilder = $this->createMock(PageBuilder::class);
        $pageBuilder
            ->method('render')
            ->willReturnCallback(function (string $template): string {
                return $template;
            })
        ;
        $this->container->pageBuilder = $pageBuilder;
        $pluginManager = $this->createMock(PluginManager::class);
        $this->container->pluginManager = $pluginManager;
        $bookmarkService = $this->createMock(BookmarkServiceInterface::class);
        $this->container->bookmarkService = $bookmarkService;
    }
 }
--- a/tests/front/controller/ShaarliControllerTest.php
+++ b/tests/front/controller/ShaarliControllerTest.php
@ -0,0 +1,116 @@
 <?php
 declare(strict_types=1);
 namespace Shaarli\Front\Controller;
 use PHPUnit\Framework\TestCase;
 use Shaarli\Bookmark\BookmarkFilter;
 use Shaarli\Bookmark\BookmarkServiceInterface;
 use Shaarli\Container\ShaarliContainer;
 use Shaarli\Plugin\PluginManager;
 use Shaarli\Render\PageBuilder;
 use Shaarli\Security\LoginManager;
 /**
 * Class ShaarliControllerTest
 *
 * This class is used to test default behavior of ShaarliController abstract class.
 * It uses a dummy non abstract controller.
 */
 class ShaarliControllerTest extends TestCase
 {
    /** @var ShaarliContainer */
    protected $container;
    /** @var LoginController */
    protected $controller;
    /** @var mixed[] List of variable assigned to the template */
    protected $assignedValues;
    public function setUp(): void
    {
        $this->container = $this->createMock(ShaarliContainer::class);
        $this->controller = new class($this->container) extends ShaarliController
        {
            public function assignView(string $key, $value): ShaarliController
            {
                return parent::assignView($key, $value);
            }
            public function render(string $template): string
            {
                return parent::render($template);
            }
        };
        $this->assignedValues = [];
    }
    public function testAssignView(): void
    {
        $this->createValidContainerMockSet();
        $self = $this->controller->assignView('variableName', 'variableValue');
        static::assertInstanceOf(ShaarliController::class, $self);
        static::assertSame('variableValue', $this->assignedValues['variableName']);
    }
    public function testRender(): void
    {
        $this->createValidContainerMockSet();
        $render = $this->controller->render('templateName');
        static::assertSame('templateName', $render);
        static::assertSame(10, $this->assignedValues['linkcount']);
        static::assertSame(5, $this->assignedValues['privateLinkcount']);
        static::assertSame(['error'], $this->assignedValues['plugin_errors']);
        static::assertSame('templateName', $this->assignedValues['plugins_includes']['render_includes']['target']);
        static::assertTrue($this->assignedValues['plugins_includes']['render_includes']['loggedin']);
        static::assertSame('templateName', $this->assignedValues['plugins_header']['render_header']['target']);
        static::assertTrue($this->assignedValues['plugins_header']['render_header']['loggedin']);
        static::assertSame('templateName', $this->assignedValues['plugins_footer']['render_footer']['target']);
        static::assertTrue($this->assignedValues['plugins_footer']['render_footer']['loggedin']);
    }
    protected function createValidContainerMockSet(): void
    {
        $pageBuilder = $this->createMock(PageBuilder::class);
        $pageBuilder
            ->method('assign')
            ->willReturnCallback(function (string $key, $value): void {
                $this->assignedValues[$key] = $value;
            });
        $pageBuilder
            ->method('render')
            ->willReturnCallback(function (string $template): string {
                return $template;
            });
        $this->container->pageBuilder = $pageBuilder;
        $bookmarkService = $this->createMock(BookmarkServiceInterface::class);
        $bookmarkService
            ->method('count')
            ->willReturnCallback(function (string $visibility): int {
                return $visibility === BookmarkFilter::$PRIVATE ? 5 : 10;
            });
        $this->container->bookmarkService = $bookmarkService;
        $pluginManager = $this->createMock(PluginManager::class);
        $pluginManager
            ->method('executeHooks')
            ->willReturnCallback(function (string $hook, array &$data, array $params): array {
                return $data[$hook] = $params;
            });
        $pluginManager->method('getErrors')->willReturn(['error']);
        $this->container->pluginManager = $pluginManager;
        $loginManager = $this->createMock(LoginManager::class);
        $loginManager->method('isLoggedIn')->willReturn(true);
        $this->container->loginManager = $loginManager;
    }
 }
--- a/tpl/default/404.html
+++ b/tpl/default/404.html
@ -6,7 +6,7 @@
 <body>
 <div id="pageheader">
  {include="page.header"}
-<div class="center" id="page404" class="page404-container">
+<div id="pageError" class="page-error-container center">
  <h2>{'Sorry, nothing to see here.'|t}</h2>
  <img src="img/sad_star.png" alt="">
  <p>{$error_message}</p>
--- a/tpl/default/error.html
+++ b/tpl/default/error.html
@ -0,0 +1,22 @@
 <!DOCTYPE html>
 <html{if="$language !== 'auto'"} lang="{$language}"{/if}>
 <head>
  {include="includes"}
 </head>
 <body>
 <div id="pageheader">
  {include="page.header"}
 <div id="pageError" class="page-error-container center">
  <h2>{$message}</h2>
  {if="!empty($stacktrace)"}
      <pre>
        {$stacktrace}
      </pre>
  {/if}
  <img src="img/sad_star.png" alt="">
 </div>
 {include="page.footer"}
 </body>
 </html>
--- a/tpl/default/loginform.html
+++ b/tpl/default/loginform.html
@ -5,18 +5,7 @@
 </head>
 <body>
 {include="page.header"}
-{if="!$user_can_login"}
+<div class="pure-g">
 <div class="pure-g pure-alert pure-alert-error pure-alert-closable center">
  <div class="pure-u-2-24"></div>
  <div class="pure-u-20-24">
    <p>{'You have been banned after too many failed login attempts. Try again later.'|t}</p>
  </div>
  <div class="pure-u-2-24">
    <i class="fa fa-times pure-alert-close"></i>
  </div>
 </div>
 {else}
  <div class="pure-g">
  <div class="pure-u-lg-1-3 pure-u-1-24"></div>
  <div id="login-form" class="page-form page-form-light pure-u-lg-1-3 pure-u-22-24 login-form-container">
    <form method="post" name="loginform">
@ -41,8 +30,7 @@ <h2 class="window-title">{'Login'|t}</h2>
    </form>
  </div>
  <div class="pure-u-lg-1-3 pure-u-1-8"></div>
-  </div>
+</div>
 {/if}
 {include="page.footer"}
 </body>
--- a/tpl/default/page.header.html
+++ b/tpl/default/page.header.html
@ -60,7 +60,7 @@
          </li>
        {else}
          <li class="pure-menu-item pure-u-lg-0 shaarli-menu-mobile" id="shaarli-menu-mobile-login">
-            <a href="?do=login" class="pure-menu-link">{'Login'|t}</a>
+            <a href="/login" class="pure-menu-link">{'Login'|t}</a>
          </li>
        {/if}
      </ul>
@ -80,7 +80,7 @@
          </li>
          {if="!$is_logged_in"}
            <li class="pure-menu-item" id="shaarli-menu-desktop-login">
-              <a href="?do=login" class="pure-menu-link"
+              <a href="/login" class="pure-menu-link"
                 data-open-id="header-login-form"
                 id="login-button" aria-label="{'Login'|t}" title="{'Login'|t}">
                <i class="fa fa-user" aria-hidden="true"></i>
--- a/tpl/vintage/error.html
+++ b/tpl/vintage/error.html
@ -0,0 +1,25 @@
 <!DOCTYPE html>
 <html>
 <head>
    {include="includes"}
 </head>
 <body>
 <div id="pageheader">
    {include="page.header"}
 </div>
 <div class="error-container">
    <h1>Error</h1>
    <p>{$message}</p>
    {if="!empty($stacktrace)"}
        <br>
        <pre>
            {$stacktrace}
        </pre>
    {/if}
    <p>Would you mind <a href="?">clicking here</a>?</p>
 </div>
 {include="page.footer"}
 </body>
 </html>
--- a/tpl/vintage/loginform.html
+++ b/tpl/vintage/loginform.html
@ -2,20 +2,15 @@
 <html>
 <head>{include="includes"}</head>
 <body
-{if="$user_can_login"}
+{if="empty($username)"}
  {if="empty($username)"}
  onload="document.loginform.login.focus();"
-  {else}
+{else}
  onload="document.loginform.password.focus();"
  {/if}
 {/if}>
 <div id="pageheader">
  {include="page.header"}
  <div id="headerform">
    {if="!$user_can_login"}
      You have been banned from login after too many failed attempts. Try later.
    {else}
    <form method="post" name="loginform">
      <label for="login">Login: <input type="text" id="login" name="login" tabindex="1"
         {if="!empty($username)"}value="{$username}"{/if}>
@ -31,7 +26,6 @@
      <input type="hidden" name="token" value="{$token}">
      {if="$returnurl"}<input type="hidden" name="returnurl" value="{$returnurl}">{/if}
    </form>
    {/if}
  </div>
 </div>
--- a/tpl/vintage/page.header.html
+++ b/tpl/vintage/page.header.html
@ -25,7 +25,7 @@
    <li><a href="?do=tools">Tools</a></li>
    <li><a href="?do=addlink">Add link</a></li>
    {else}
-    <li><a href="?do=login">Login</a></li>
+    <li><a href="/login">Login</a></li>
    {/if}
    <li><a href="{$feedurl}?do=rss{$searchcrits}" class="nomobile">RSS Feed</a></li>
    {if="$showatom"}