Changeset View
Changeset View
Standalone View
Standalone View
src/tests/Feature/Controller/AuthAttemptsTest.php
- This file was added.
<?php | |||||
namespace Tests\Feature\Controller; | |||||
use App\User; | |||||
use App\AuthAttempt; | |||||
use Tests\TestCase; | |||||
class AuthAttemptsTest extends TestCase | |||||
{ | |||||
/** | |||||
* {@inheritDoc} | |||||
*/ | |||||
public function setUp(): void | |||||
{ | |||||
parent::setUp(); | |||||
$this->deleteTestUser('UsersControllerTest1@userscontroller.com'); | |||||
$this->deleteTestDomain('userscontroller.com'); | |||||
} | |||||
/** | |||||
* {@inheritDoc} | |||||
*/ | |||||
public function tearDown(): void | |||||
{ | |||||
$this->deleteTestUser('UsersControllerTest1@userscontroller.com'); | |||||
$this->deleteTestDomain('userscontroller.com'); | |||||
parent::tearDown(); | |||||
} | |||||
/** | |||||
* Test cofirm (POST /api/v4/auth-attempts/<authAttempt>/confirm) | |||||
machniak: This is not a controller test. Should be in src/tests/Feature/AuthAttemptTest.php, imo. | |||||
*/ | |||||
public function testAccept(): void | |||||
{ | |||||
$user = $this->getTestUser('UsersControllerTest1@userscontroller.com'); | |||||
$authAttempt = \App\AuthAttempt::recordAuthAttempt($user, "10.0.0.1"); | |||||
$response = $this->actingAs($user)->post("api/v4/auth-attempts/{$authAttempt->id}/confirm"); | |||||
$response->assertStatus(200); | |||||
$authAttempt->refresh(); | |||||
$this->assertTrue($authAttempt->isAccepted()); | |||||
// wrong user | |||||
$user2 = $this->getTestUser('UsersControllerTest2@userscontroller.com'); | |||||
$response = $this->actingAs($user2)->post("api/v4/auth-attempts/{$authAttempt->id}/confirm"); | |||||
$response->assertStatus(403); | |||||
// wrong id | |||||
Done Inline ActionsI used to comment controller tests with something like this: /** * Test domain config update (POST /api/v4/domains/<domain>/config) */ machniak: I used to comment controller tests with something like this:
```
/**
* Test domain config… | |||||
$response = $this->actingAs($user)->post("api/v4/auth-attempts/9999/confirm"); | |||||
$response->assertStatus(404); | |||||
} | |||||
/** | |||||
* Test deny (POST /api/v4/auth-attempts/<authAttempt>/deny) | |||||
*/ | |||||
public function testDeny(): void | |||||
{ | |||||
$user = $this->getTestUser('UsersControllerTest1@userscontroller.com'); | |||||
$authAttempt = \App\AuthAttempt::recordAuthAttempt($user, "10.0.0.1"); | |||||
$response = $this->actingAs($user)->post("api/v4/auth-attempts/{$authAttempt->id}/deny"); | |||||
$response->assertStatus(200); | |||||
$authAttempt->refresh(); | |||||
$this->assertTrue($authAttempt->isDenied()); | |||||
// wrong user | |||||
$user2 = $this->getTestUser('UsersControllerTest2@userscontroller.com'); | |||||
$response = $this->actingAs($user2)->post("api/v4/auth-attempts/{$authAttempt->id}/deny"); | |||||
$response->assertStatus(403); | |||||
Done Inline ActionsAll controller tests should include tests for all 403/404 conditions. machniak: All controller tests should include tests for all 403/404 conditions. | |||||
// wrong id | |||||
$response = $this->actingAs($user)->post("api/v4/auth-attempts/9999/deny"); | |||||
$response->assertStatus(404); | |||||
} | |||||
/** | |||||
* Test details (GET /api/v4/auth-attempts/<authAttempt>/details) | |||||
*/ | |||||
public function testDetails(): void | |||||
{ | |||||
$user = $this->getTestUser('UsersControllerTest1@userscontroller.com'); | |||||
$authAttempt = \App\AuthAttempt::recordAuthAttempt($user, "10.0.0.1"); | |||||
$response = $this->actingAs($user)->get("api/v4/auth-attempts/{$authAttempt->id}/details"); | |||||
$response->assertStatus(200); | |||||
$json = $response->json(); | |||||
$authAttempt->refresh(); | |||||
$this->assertEquals($user->email, $json['username']); | |||||
$this->assertEquals($authAttempt->ip, $json['entry']['ip']); | |||||
$this->assertEquals(json_encode($authAttempt->updated_at), "\"" . $json['entry']['updated_at'] . "\""); | |||||
Done Inline ActionsThis can be removed. machniak: This can be removed. | |||||
$this->assertEquals("CH", $json['country']); | |||||
Done Inline ActionsThis can be $this->assertCount(2, $json); machniak: This can be `$this->assertCount(2, $json);` | |||||
// wrong user | |||||
Done Inline ActionsThis assertion sometimes fail. It's because there's orderBy('updated_at', 'desc'), so I think the order of assertions needs to be reverted here. machniak: This assertion sometimes fail. It's because there's `orderBy('updated_at', 'desc')`, so I think… | |||||
Done Inline ActionsThe timestamp is sometimes the same, so I changed it so the order doesn't matter). mollekopf: The timestamp is sometimes the same, so I changed it so the order doesn't matter). | |||||
$user2 = $this->getTestUser('UsersControllerTest2@userscontroller.com'); | |||||
$response = $this->actingAs($user2)->get("api/v4/auth-attempts/{$authAttempt->id}/details"); | |||||
$response->assertStatus(403); | |||||
// wrong id | |||||
$response = $this->actingAs($user)->get("api/v4/auth-attempts/9999/details"); | |||||
$response->assertStatus(404); | |||||
} | |||||
/** | |||||
* Test list (GET /api/v4/auth-attempts) | |||||
*/ | |||||
public function testList(): void | |||||
{ | |||||
$user = $this->getTestUser('UsersControllerTest1@userscontroller.com'); | |||||
$authAttempt = \App\AuthAttempt::recordAuthAttempt($user, "10.0.0.1"); | |||||
$authAttempt2 = \App\AuthAttempt::recordAuthAttempt($user, "10.0.0.2"); | |||||
$response = $this->actingAs($user)->get("api/v4/auth-attempts"); | |||||
$response->assertStatus(200); | |||||
$json = $response->json(); | |||||
$this->assertCount(2, $json); | |||||
$this->assertTrue(in_array($json[0]['id'], [$authAttempt->id, $authAttempt2->id])); | |||||
$this->assertTrue(in_array($json[1]['id'], [$authAttempt->id, $authAttempt2->id])); | |||||
$this->assertTrue($json[0]['id'] != $json[1]['id']); | |||||
Done Inline ActionsThis however will also pass if $json[0][id] == $json[1][id] ;) so, it could be more precise. machniak: This however will also pass if $json[0][id] == $json[1][id] ;) so, it could be more precise. | |||||
} | |||||
} |
This is not a controller test. Should be in src/tests/Feature/AuthAttemptTest.php, imo.