Changeset View
Changeset View
Standalone View
Standalone View
src/tests/Feature/Controller/UsersTest.php
Show All 14 Lines | class UsersTest extends TestCase | ||||
* {@inheritDoc} | * {@inheritDoc} | ||||
*/ | */ | ||||
public function setUp(): void | public function setUp(): void | ||||
{ | { | ||||
parent::setUp(); | parent::setUp(); | ||||
$this->deleteTestUser('UsersControllerTest1@userscontroller.com'); | $this->deleteTestUser('UsersControllerTest1@userscontroller.com'); | ||||
$this->deleteTestUser('UserEntitlement2A@UserEntitlement.com'); | $this->deleteTestUser('UserEntitlement2A@UserEntitlement.com'); | ||||
$this->deleteTestUser('john2.doe2@kolab.org'); | |||||
$this->deleteTestDomain('userscontroller.com'); | $this->deleteTestDomain('userscontroller.com'); | ||||
} | } | ||||
/** | /** | ||||
* {@inheritDoc} | * {@inheritDoc} | ||||
*/ | */ | ||||
public function tearDown(): void | public function tearDown(): void | ||||
{ | { | ||||
$this->deleteTestUser('UsersControllerTest1@userscontroller.com'); | $this->deleteTestUser('UsersControllerTest1@userscontroller.com'); | ||||
$this->deleteTestUser('UserEntitlement2A@UserEntitlement.com'); | $this->deleteTestUser('UserEntitlement2A@UserEntitlement.com'); | ||||
$this->deleteTestUser('john2.doe2@kolab.org'); | |||||
$this->deleteTestDomain('userscontroller.com'); | $this->deleteTestDomain('userscontroller.com'); | ||||
parent::tearDown(); | parent::tearDown(); | ||||
} | } | ||||
/** | /** | ||||
* Test fetching current user info (/api/auth/info) | * Test fetching current user info (/api/auth/info) | ||||
*/ | */ | ||||
Show All 9 Lines | public function testInfo(): void | ||||
$response->assertStatus(200); | $response->assertStatus(200); | ||||
$json = $response->json(); | $json = $response->json(); | ||||
$this->assertEquals($user->id, $json['id']); | $this->assertEquals($user->id, $json['id']); | ||||
$this->assertEquals($user->email, $json['email']); | $this->assertEquals($user->email, $json['email']); | ||||
$this->assertEquals(User::STATUS_NEW, $json['status']); | $this->assertEquals(User::STATUS_NEW, $json['status']); | ||||
$this->assertTrue(is_array($json['statusInfo'])); | $this->assertTrue(is_array($json['statusInfo'])); | ||||
$this->assertEquals($user->getSetting('country'), $json['settings']['country']); | $this->assertTrue(is_array($json['settings'])); | ||||
$this->assertEquals($user->getSetting('currency'), $json['settings']['currency']); | $this->assertTrue(is_array($json['aliases'])); | ||||
// Note: Details of the content are tested in testUserResponse() | |||||
} | } | ||||
public function testIndex(): void | public function testIndex(): void | ||||
{ | { | ||||
// TODO | // TODO | ||||
$this->markTestIncomplete(); | $this->markTestIncomplete(); | ||||
} | } | ||||
▲ Show 20 Lines • Show All 135 Lines • ▼ Show 20 Lines | public function testStatusInfo(): void | ||||
$user->save(); | $user->save(); | ||||
$result = UsersController::statusInfo($user); | $result = UsersController::statusInfo($user); | ||||
$this->assertSame('deleted', $result['status']); | $this->assertSame('deleted', $result['status']); | ||||
} | } | ||||
/** | /** | ||||
* Test user data response used in show and info actions | |||||
*/ | |||||
public function testUserResponse(): void | |||||
{ | |||||
$user = $this->getTestUser('john@kolab.org'); | |||||
$result = $this->invokeMethod(new UsersController(), 'userResponse', [$user]); | |||||
$this->assertEquals($user->id, $result['id']); | |||||
$this->assertEquals($user->email, $result['email']); | |||||
$this->assertEquals($user->status, $result['status']); | |||||
vanmeeuwen: This assertion fails for me stating;
```
1) Tests\Feature\Controller\UsersTest… | |||||
$this->assertTrue(is_array($result['statusInfo'])); | |||||
$this->assertTrue(is_array($result['aliases'])); | |||||
$this->assertCount(1, $result['aliases']); | |||||
$this->assertSame('john.doe@kolab.org', $result['aliases'][0]); | |||||
$this->assertTrue(is_array($result['settings'])); | |||||
$this->assertSame('US', $result['settings']['country']); | |||||
$this->assertSame('USD', $result['settings']['currency']); | |||||
} | |||||
/** | |||||
* Test fetching user data/profile (GET /api/v4/users/<user-id>) | * Test fetching user data/profile (GET /api/v4/users/<user-id>) | ||||
*/ | */ | ||||
public function testShow(): void | public function testShow(): void | ||||
{ | { | ||||
$userA = $this->getTestUser('UserEntitlement2A@UserEntitlement.com'); | $userA = $this->getTestUser('UserEntitlement2A@UserEntitlement.com'); | ||||
// Test getting profile of self | // Test getting profile of self | ||||
$response = $this->actingAs($userA, 'api')->get("/api/v4/users/{$userA->id}"); | $response = $this->actingAs($userA, 'api')->get("/api/v4/users/{$userA->id}"); | ||||
$json = $response->json(); | |||||
$response->assertStatus(200); | $response->assertStatus(200); | ||||
$response->assertJson(['id' => $userA->id]); | $this->assertEquals($userA->id, $json['id']); | ||||
$this->assertEquals($userA->email, $json['email']); | |||||
$this->assertTrue(is_array($json['statusInfo'])); | |||||
$this->assertTrue(is_array($json['settings'])); | |||||
$this->assertTrue(is_array($json['aliases'])); | |||||
// Test unauthorized access to a profile of other user | // Test unauthorized access to a profile of other user | ||||
$user = $this->getTestUser('jack@kolab.org'); | $user = $this->getTestUser('jack@kolab.org'); | ||||
$response = $this->actingAs($user)->get("/api/v4/users/{$userA->id}"); | $response = $this->actingAs($user)->get("/api/v4/users/{$userA->id}"); | ||||
$response->assertStatus(403); | $response->assertStatus(403); | ||||
// TODO: Test authorized access to a profile of other user | // TODO: Test authorized access to a profile of other user | ||||
$this->markTestIncomplete(); | $this->markTestIncomplete(); | ||||
} | } | ||||
/** | /** | ||||
* Test user creation (POST /api/v4/users) | * Test user creation (POST /api/v4/users) | ||||
*/ | */ | ||||
public function testStore(): void | public function testStore(): void | ||||
{ | { | ||||
// TODO | $jack = $this->getTestUser('jack@kolab.org'); | ||||
$this->markTestIncomplete(); | $john = $this->getTestUser('john@kolab.org'); | ||||
// Test empty request | |||||
$response = $this->actingAs($john)->post("/api/v4/users", []); | |||||
$response->assertStatus(422); | |||||
$json = $response->json(); | |||||
$this->assertSame('error', $json['status']); | |||||
$this->assertSame("The email field is required.", $json['errors']['email']); | |||||
$this->assertSame("The password field is required.", $json['errors']['password'][0]); | |||||
$this->assertCount(2, $json); | |||||
// Test access by user not being a wallet controller | |||||
$post = ['first_name' => 'Test']; | |||||
$response = $this->actingAs($jack)->post("/api/v4/users", $post); | |||||
$json = $response->json(); | |||||
$response->assertStatus(403); | |||||
$this->assertSame('error', $json['status']); | |||||
$this->assertSame("Access denied", $json['message']); | |||||
$this->assertCount(2, $json); | |||||
// Test some invalid data | |||||
$post = ['password' => '12345678', 'email' => 'invalid']; | |||||
$response = $this->actingAs($john)->post("/api/v4/users", $post); | |||||
$response->assertStatus(422); | |||||
$json = $response->json(); | |||||
$this->assertSame('error', $json['status']); | |||||
$this->assertCount(2, $json); | |||||
$this->assertSame('The password confirmation does not match.', $json['errors']['password'][0]); | |||||
$this->assertSame('The specified email is invalid.', $json['errors']['email']); | |||||
// Test existing user email | |||||
$post = [ | |||||
'password' => 'simple', | |||||
'password_confirmation' => 'simple', | |||||
'first_name' => 'John2', | |||||
'last_name' => 'Doe2', | |||||
'email' => 'jack.daniels@kolab.org', | |||||
]; | |||||
$response = $this->actingAs($john)->post("/api/v4/users", $post); | |||||
$response->assertStatus(422); | |||||
$json = $response->json(); | |||||
$this->assertSame('error', $json['status']); | |||||
$this->assertCount(2, $json); | |||||
$this->assertSame('The specified email is not available.', $json['errors']['email']); | |||||
// Test full user data | |||||
$post = [ | |||||
'password' => 'simple', | |||||
'password_confirmation' => 'simple', | |||||
'first_name' => 'John2', | |||||
'last_name' => 'Doe2', | |||||
'email' => 'john2.doe2@kolab.org', | |||||
'aliases' => ['useralias1@kolab.org', 'useralias2@kolab.org'] | |||||
]; | |||||
$response = $this->actingAs($john)->post("/api/v4/users", $post); | |||||
$json = $response->json(); | |||||
$response->assertStatus(200); | |||||
$this->assertSame('success', $json['status']); | |||||
$this->assertSame("User created successfully", $json['message']); | |||||
$this->assertCount(2, $json); | |||||
$user = User::where('email', 'john2.doe2@kolab.org')->first(); | |||||
$this->assertInstanceOf(User::class, $user); | |||||
$this->assertSame('John2', $user->getSetting('first_name')); | |||||
$this->assertSame('Doe2', $user->getSetting('last_name')); | |||||
$aliases = $user->aliases()->orderBy('alias')->get(); | |||||
$this->assertCount(2, $aliases); | |||||
$this->assertSame('useralias1@kolab.org', $aliases[0]->alias); | |||||
$this->assertSame('useralias2@kolab.org', $aliases[1]->alias); | |||||
// TODO: Test assigning a package to new user | |||||
} | } | ||||
/** | /** | ||||
* Test user update (PUT /api/v4/users/<user-id>) | * Test user update (PUT /api/v4/users/<user-id>) | ||||
*/ | */ | ||||
public function testUpdate(): void | public function testUpdate(): void | ||||
{ | { | ||||
$userA = $this->getTestUser('UsersControllerTest1@userscontroller.com'); | $userA = $this->getTestUser('UsersControllerTest1@userscontroller.com'); | ||||
$userB = $this->getTestUser('jack@kolab.org'); | $jack = $this->getTestUser('jack@kolab.org'); | ||||
$domain = $this->getTestDomain( | |||||
'userscontroller.com', | |||||
['status' => Domain::STATUS_NEW, 'type' => Domain::TYPE_EXTERNAL] | |||||
); | |||||
// Test unauthorized update of other user profile | // Test unauthorized update of other user profile | ||||
$response = $this->actingAs($userB)->get("/api/v4/users/{$userA->id}", []); | $response = $this->actingAs($jack)->get("/api/v4/users/{$userA->id}", []); | ||||
$response->assertStatus(403); | $response->assertStatus(403); | ||||
// Test updating of self | // Test updating of self (empty request) | ||||
$response = $this->actingAs($userA)->put("/api/v4/users/{$userA->id}", []); | $response = $this->actingAs($userA)->put("/api/v4/users/{$userA->id}", []); | ||||
$response->assertStatus(200); | $response->assertStatus(200); | ||||
$json = $response->json(); | $json = $response->json(); | ||||
$this->assertSame('success', $json['status']); | $this->assertSame('success', $json['status']); | ||||
$this->assertSame("User data updated successfully", $json['message']); | $this->assertSame("User data updated successfully", $json['message']); | ||||
$this->assertCount(2, $json); | $this->assertCount(2, $json); | ||||
Show All 16 Lines | public function testUpdate(): void | ||||
'password_confirmation' => 'simple', | 'password_confirmation' => 'simple', | ||||
'first_name' => 'John2', | 'first_name' => 'John2', | ||||
'last_name' => 'Doe2', | 'last_name' => 'Doe2', | ||||
'phone' => '+123 123 123', | 'phone' => '+123 123 123', | ||||
'external_email' => 'external@gmail.com', | 'external_email' => 'external@gmail.com', | ||||
'billing_address' => 'billing', | 'billing_address' => 'billing', | ||||
'country' => 'CH', | 'country' => 'CH', | ||||
'currency' => 'CHF', | 'currency' => 'CHF', | ||||
'aliases' => ['useralias1@' . \config('app.domain'), 'useralias2@' . \config('app.domain')] | |||||
]; | ]; | ||||
$response = $this->actingAs($userA)->put("/api/v4/users/{$userA->id}", $post); | $response = $this->actingAs($userA)->put("/api/v4/users/{$userA->id}", $post); | ||||
$json = $response->json(); | $json = $response->json(); | ||||
$response->assertStatus(200); | $response->assertStatus(200); | ||||
$this->assertSame('success', $json['status']); | $this->assertSame('success', $json['status']); | ||||
$this->assertSame("User data updated successfully", $json['message']); | $this->assertSame("User data updated successfully", $json['message']); | ||||
$this->assertCount(2, $json); | $this->assertCount(2, $json); | ||||
$this->assertTrue($userA->password != $userA->fresh()->password); | $this->assertTrue($userA->password != $userA->fresh()->password); | ||||
unset($post['password'], $post['password_confirmation']); | unset($post['password'], $post['password_confirmation'], $post['aliases']); | ||||
foreach ($post as $key => $value) { | foreach ($post as $key => $value) { | ||||
$this->assertSame($value, $userA->getSetting($key)); | $this->assertSame($value, $userA->getSetting($key)); | ||||
} | } | ||||
$aliases = $userA->aliases()->orderBy('alias')->get(); | |||||
$this->assertCount(2, $aliases); | |||||
$this->assertSame('useralias1@' . \config('app.domain'), $aliases[0]->alias); | |||||
$this->assertSame('useralias2@' . \config('app.domain'), $aliases[1]->alias); | |||||
// Test unsetting values | // Test unsetting values | ||||
$post = [ | $post = [ | ||||
'first_name' => '', | 'first_name' => '', | ||||
'last_name' => '', | 'last_name' => '', | ||||
'phone' => '', | 'phone' => '', | ||||
'external_email' => '', | 'external_email' => '', | ||||
'billing_address' => '', | 'billing_address' => '', | ||||
'country' => '', | 'country' => '', | ||||
'currency' => '', | 'currency' => '', | ||||
'aliases' => ['useralias2@' . \config('app.domain')] | |||||
]; | ]; | ||||
$response = $this->actingAs($userA)->put("/api/v4/users/{$userA->id}", $post); | $response = $this->actingAs($userA)->put("/api/v4/users/{$userA->id}", $post); | ||||
$json = $response->json(); | $json = $response->json(); | ||||
$response->assertStatus(200); | $response->assertStatus(200); | ||||
$this->assertSame('success', $json['status']); | $this->assertSame('success', $json['status']); | ||||
$this->assertSame("User data updated successfully", $json['message']); | $this->assertSame("User data updated successfully", $json['message']); | ||||
$this->assertCount(2, $json); | $this->assertCount(2, $json); | ||||
unset($post['aliases']); | |||||
foreach ($post as $key => $value) { | foreach ($post as $key => $value) { | ||||
$this->assertNull($userA->getSetting($key)); | $this->assertNull($userA->getSetting($key)); | ||||
} | } | ||||
$aliases = $userA->aliases()->get(); | |||||
$this->assertCount(1, $aliases); | |||||
$this->assertSame('useralias2@' . \config('app.domain'), $aliases[0]->alias); | |||||
// Test error on setting an alias to other user's domain | |||||
// and missing password confirmation | |||||
$post = [ | |||||
'password' => 'simple123', | |||||
'aliases' => ['useralias2@' . \config('app.domain'), 'useralias1@kolab.org'] | |||||
]; | |||||
$response = $this->actingAs($userA)->put("/api/v4/users/{$userA->id}", $post); | |||||
$json = $response->json(); | |||||
$response->assertStatus(422); | |||||
$this->assertSame('error', $json['status']); | |||||
$this->assertCount(2, $json['errors']); | |||||
$this->assertCount(1, $json['errors']['aliases']); | |||||
$this->assertSame("The specified domain is not available.", $json['errors']['aliases'][1]); | |||||
$this->assertSame("The password confirmation does not match.", $json['errors']['password'][0]); | |||||
// TODO: Test error on aliases with invalid/non-existing/other-user's domain | |||||
// TODO: Test authorized update of other user | // TODO: Test authorized update of other user | ||||
$this->markTestIncomplete(); | $this->markTestIncomplete(); | ||||
} | } | ||||
/** | |||||
* List of alias validation cases for testValidateEmail() | |||||
* | |||||
* @return array Arguments for testValidateEmail() | |||||
*/ | |||||
public function dataValidateEmail(): array | |||||
{ | |||||
$this->refreshApplication(); | |||||
$public_domains = Domain::getPublicDomains(); | |||||
$domain = reset($public_domains); | |||||
$john = $this->getTestUser('john@kolab.org'); | |||||
$jack = $this->getTestUser('jack@kolab.org'); | |||||
$user = $this->getTestUser('UsersControllerTest1@userscontroller.com'); | |||||
return [ | |||||
// Invalid format | |||||
["$domain", $john, true, 'The specified alias is invalid.'], | |||||
[".@$domain", $john, true, 'The specified alias is invalid.'], | |||||
["test123456@localhost", $john, true, 'The specified domain is invalid.'], | |||||
["test123456@unknown-domain.org", $john, true, 'The specified domain is invalid.'], | |||||
["$domain", $john, false, 'The specified email is invalid.'], | |||||
[".@$domain", $john, false, 'The specified email is invalid.'], | |||||
// forbidden local part on public domains | |||||
["admin@$domain", $john, true, 'The specified alias is not available.'], | |||||
["administrator@$domain", $john, true, 'The specified alias is not available.'], | |||||
// forbidden (other user's domain) | |||||
["testtest@kolab.org", $user, true, 'The specified domain is not available.'], | |||||
// existing alias of other user | |||||
["jack.daniels@kolab.org", $john, true, 'The specified alias is not available.'], | |||||
// existing user | |||||
["jack@kolab.org", $john, true, 'The specified alias is not available.'], | |||||
// valid (user domain) | |||||
["admin@kolab.org", $john, true, null], | |||||
// valid (public domain) | |||||
["test.test@$domain", $john, true, null], | |||||
]; | |||||
} | |||||
/** | |||||
* User email/alias validation. | |||||
* | |||||
* Note: Technically these include unit tests, but let's keep it here for now. | |||||
* FIXME: Shall we do a http request for each case? | |||||
* | |||||
* @dataProvider dataValidateEmail | |||||
*/ | |||||
public function testValidateEmail($alias, $user, $is_alias, $expected_result): void | |||||
{ | |||||
$result = $this->invokeMethod(new UsersController(), 'validateEmail', [$alias, $user, $is_alias]); | |||||
$this->assertSame($expected_result, $result); | |||||
} | |||||
} | } |
This assertion fails for me stating;
and later;