forked from GNUsocial/gnu-social
[TESTS] Raise test coverage for Controller/Security to 100%
This commit is contained in:
parent
dc2b9f940e
commit
dfc97d2607
@ -17,6 +17,7 @@ use app\Util\Common;
|
||||
use App\Util\Exception\EmailTakenException;
|
||||
use App\Util\Exception\NicknameTakenException;
|
||||
use App\Util\Exception\ServerException;
|
||||
use App\Util\FormFields;
|
||||
use App\Util\Nickname;
|
||||
use Doctrine\DBAL\Exception\UniqueConstraintViolationException;
|
||||
use Symfony\Component\Form\Extension\Core\Type\EmailType;
|
||||
@ -84,7 +85,7 @@ class Security extends Controller
|
||||
'label' => _m('Email'),
|
||||
'constraints' => [ new NotBlank(['message' => _m('Please enter an email') ])],
|
||||
]],
|
||||
FormFields::password(),
|
||||
FormFields::repeated_password(),
|
||||
['register', SubmitType::class, ['label' => _m('Register')]],
|
||||
]);
|
||||
|
||||
@ -123,16 +124,20 @@ class Security extends Controller
|
||||
fn (int $id) => DB::persist(Follow::create(['follower' => $id, 'followed' => $id]))
|
||||
);
|
||||
DB::flush();
|
||||
// @codeCoverageIgnoreStart
|
||||
} catch (UniqueConstraintViolationException $e) {
|
||||
// _something_ was duplicated, but since we already check if nickname is in use, we can't tell what went wrong
|
||||
$e = 'An error occurred while trying to register';
|
||||
Log::critical($e . " with nickname: '{$valid_nickname}' and email '{$data['email']}'");
|
||||
throw new ServerException(_m($e));
|
||||
}
|
||||
// @codeCoverageIgnoreEnd
|
||||
|
||||
// generate a signed url and email it to the user
|
||||
if ($_ENV['APP_ENV'] === 'dev' || Common::config('site', 'use_email')) {
|
||||
// @codeCoverageIgnoreStart
|
||||
Common::sendVerificationEmail();
|
||||
// @codeCoverageIgnoreEnd
|
||||
} else {
|
||||
$user->setIsEmailVerified(true);
|
||||
}
|
||||
|
188
tests/Controller/SecurityTest.php
Normal file
188
tests/Controller/SecurityTest.php
Normal file
@ -0,0 +1,188 @@
|
||||
<?php
|
||||
|
||||
// {{{ License
|
||||
|
||||
// This file is part of GNU social - https://www.gnu.org/software/social
|
||||
//
|
||||
// GNU social is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU Affero General Public License as published by
|
||||
// the Free Software Foundation, either version 3 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// GNU social is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU Affero General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU Affero General Public License
|
||||
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
// }}}
|
||||
|
||||
namespace App\Tests\Core;
|
||||
|
||||
use App\Util\GNUsocialTestCase;
|
||||
|
||||
class SecurityTest extends GNUsocialTestCase
|
||||
{
|
||||
// --------- Login --------------
|
||||
|
||||
private function testLogin(string $nickname, string $password)
|
||||
{
|
||||
// This calls static::bootKernel(), and creates a "client" that is acting as the browser
|
||||
$client = static::createClient();
|
||||
$crawler = $client->request('GET', '/login');
|
||||
$this->assertResponseIsSuccessful();
|
||||
// $form = $crawler->selectButton('Sign in')->form();
|
||||
$crawler = $client->submitForm('Sign in', [
|
||||
'nickname' => $nickname,
|
||||
'password' => $password,
|
||||
]);
|
||||
$this->assertResponseStatusCodeSame(302);
|
||||
$crawler = $client->followRedirect();
|
||||
return [$client, $crawler];
|
||||
}
|
||||
|
||||
public function testLoginSuccess()
|
||||
{
|
||||
[, $crawler] = self::testLogin($nickname = 'taken_user', 'foobar');
|
||||
$this->assertResponseIsSuccessful();
|
||||
$this->assertSelectorNotExists('.alert');
|
||||
$this->assertRouteSame('main_all');
|
||||
$this->assertSelectorTextContains('.info b', $nickname);
|
||||
}
|
||||
|
||||
public function testLoginAttemptAlreadyLoggedIn()
|
||||
{
|
||||
[$client] = self::testLogin('taken_user', 'foobar'); // Normal login
|
||||
$crawler = $client->request('GET', '/login'); // attempt to login again
|
||||
$client->followRedirect();
|
||||
$this->assertRouteSame('main_all');
|
||||
}
|
||||
|
||||
public function testLoginFailure()
|
||||
{
|
||||
self::testLogin('taken_user', 'wrong password');
|
||||
$this->assertResponseIsSuccessful();
|
||||
$this->assertSelectorTextContains('.alert', 'Invalid login credentials');
|
||||
$this->assertRouteSame('login');
|
||||
}
|
||||
|
||||
public function testLoginEmail()
|
||||
{
|
||||
self::testLogin('email@provider', 'foobar');
|
||||
$this->assertResponseIsSuccessful();
|
||||
$this->assertSelectorNotExists('.alert');
|
||||
$this->assertRouteSame('main_all');
|
||||
$this->assertSelectorTextContains('.info b', 'taken_user');
|
||||
}
|
||||
|
||||
// --------- Register --------------
|
||||
|
||||
private function testRegister(string $nickname, string $email, string $password)
|
||||
{
|
||||
$client = static::createClient();
|
||||
$crawler = $client->request('GET', '/register');
|
||||
$this->assertResponseIsSuccessful();
|
||||
$crawler = $client->submitForm('Register', [
|
||||
'register[nickname]' => $nickname,
|
||||
'register[email]' => $email,
|
||||
'register[password][first]' => $password,
|
||||
'register[password][second]' => $password,
|
||||
]);
|
||||
return [$client, $crawler];
|
||||
}
|
||||
|
||||
public function testRegisterSuccess()
|
||||
{
|
||||
[$client,] = self::testRegister('new_nickname', 'new_email@email_provider', 'foobar');
|
||||
$this->assertResponseStatusCodeSame(302);
|
||||
$client->followRedirect();
|
||||
$this->assertResponseIsSuccessful();
|
||||
$this->assertSelectorNotExists('.alert');
|
||||
$this->assertRouteSame('main_all');
|
||||
$this->assertSelectorTextContains('.info b', 'new_nickname');
|
||||
}
|
||||
|
||||
public function testRegisterDifferentPassword()
|
||||
{
|
||||
$client = static::createClient();
|
||||
$crawler = $client->request('GET', '/register');
|
||||
$this->assertResponseIsSuccessful();
|
||||
$crawler = $client->submitForm('Register', [
|
||||
'register[nickname]' => 'new_user',
|
||||
'register[email]' => 'new_email@provider',
|
||||
'register[password][first]' => 'fooobar',
|
||||
'register[password][second]' => 'barquux',
|
||||
]);
|
||||
$this->assertSelectorTextContains('form[name=register] ul li', 'The password fields must match');
|
||||
$this->assertResponseStatusCodeSame(200);
|
||||
$this->assertRouteSame('register');
|
||||
}
|
||||
|
||||
private function testRegisterPasswordLength(string $password, string $error)
|
||||
{
|
||||
self::testRegister('new_nickname', 'email@provider', $password);
|
||||
$this->assertResponseIsSuccessful();
|
||||
$this->assertSelectorTextContains('#register > div:nth-child(3) > ul > li', $error);
|
||||
$this->assertRouteSame('register');
|
||||
}
|
||||
|
||||
public function testRegisterPassowrdEmpty()
|
||||
{
|
||||
self::testRegisterPasswordLength('', error: 'Please enter a password');
|
||||
}
|
||||
|
||||
public function testRegisterPasswordShort()
|
||||
{
|
||||
self::testRegisterPasswordLength('f', error: 'Your password should be at least');
|
||||
}
|
||||
|
||||
public function testRegisterPasswordLong()
|
||||
{
|
||||
self::testRegisterPasswordLength(str_repeat('f', 128), error: 'Your password should be at most');
|
||||
}
|
||||
|
||||
private function testRegisterNoEmail()
|
||||
{
|
||||
self::testRegister('new_nickname', '', 'foobar');
|
||||
$this->assertResponseIsSuccessful();
|
||||
$this->assertSelectorTextContains('#register > div:nth-child(2) > ul > li', 'Please enter an email');
|
||||
$this->assertRouteSame('register');
|
||||
}
|
||||
|
||||
private function testRegisterNicknameLength(string $nickname, string $error)
|
||||
{
|
||||
self::testRegister($nickname, 'email@provider', 'foobar');
|
||||
$this->assertResponseIsSuccessful();
|
||||
$this->assertSelectorTextContains('#register > div:nth-child(1) > ul > li', $error);
|
||||
$this->assertRouteSame('register');
|
||||
}
|
||||
|
||||
public function testRegisterNicknameEmpty()
|
||||
{
|
||||
self::testRegisterNicknameLength('', error: 'Please enter a nickname');
|
||||
}
|
||||
|
||||
public function testRegisterNicknameShort()
|
||||
{
|
||||
self::testRegisterNicknameLength('f', error: 'Your nickname must be at least');
|
||||
}
|
||||
|
||||
public function testRegisterNicknameLong()
|
||||
{
|
||||
self::testRegisterNicknameLength(str_repeat('f', 128), error: 'Your nickname must be at most');
|
||||
}
|
||||
|
||||
public function testRegisterExistingNickname()
|
||||
{
|
||||
[$client, $crawler] = self::testRegister('taken_user', 'new_new_email@email_provider', 'foobar');
|
||||
$this->assertSelectorTextContains('.stacktrace', 'App\Util\Exception\NicknameTakenException');
|
||||
}
|
||||
|
||||
public function testRegisterExistingEmail()
|
||||
{
|
||||
[$client, $crawler] = self::testRegister('other_new_nickname', 'email@provider', 'foobar');
|
||||
$this->assertSelectorTextContains('.stacktrace', 'App\Util\Exception\EmailTakenException');
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user