Differential D2674 Diff 7933 src/tests/Feature/Controller/AuthAttemptsTest.php

Changeset View

Standalone View

src/tests/Feature/Controller/AuthAttemptsTest.php

This file was added.

				<?php

				namespace Tests\Feature\Controller;

				use App\User;
				use App\AuthAttempt;
				use Tests\TestCase;

				class AuthAttemptsTest extends TestCase
				{
				/**
				* {@inheritDoc}
				*/
				public function setUp(): void
				{
				parent::setUp();

				$this->deleteTestUser('UsersControllerTest1@userscontroller.com');
				$this->deleteTestDomain('userscontroller.com');
				}

				/**
				* {@inheritDoc}
				*/
				public function tearDown(): void
				{
				$this->deleteTestUser('UsersControllerTest1@userscontroller.com');
				$this->deleteTestDomain('userscontroller.com');

				parent::tearDown();
				}

				/**
				* Test cofirm (POST /api/v4/auth-attempts/<authAttempt>/confirm)
				machniakUnsubmitted Done Inline Actions This is not a controller test. Should be in src/tests/Feature/AuthAttemptTest.php, imo. machniak: This is not a controller test. Should be in src/tests/Feature/AuthAttemptTest.php, imo.
				*/
				public function testAccept(): void
				{
				$user = $this->getTestUser('UsersControllerTest1@userscontroller.com');
				$authAttempt = \App\AuthAttempt::recordAuthAttempt($user, "10.0.0.1");

				$response = $this->actingAs($user)->post("api/v4/auth-attempts/{$authAttempt->id}/confirm");
				$response->assertStatus(200);
				$authAttempt->refresh();
				$this->assertTrue($authAttempt->isAccepted());

				// wrong user
				$user2 = $this->getTestUser('UsersControllerTest2@userscontroller.com');
				$response = $this->actingAs($user2)->post("api/v4/auth-attempts/{$authAttempt->id}/confirm");
				$response->assertStatus(403);

				// wrong id
				machniakUnsubmitted Done Inline Actions I used to comment controller tests with something like this: /** * Test domain config update (POST /api/v4/domains/<domain>/config) / machniak:* I used to comment controller tests with something like this: ``` /** * Test domain config…
				$response = $this->actingAs($user)->post("api/v4/auth-attempts/9999/confirm");
				$response->assertStatus(404);
				}


				/**
				* Test deny (POST /api/v4/auth-attempts/<authAttempt>/deny)
				*/
				public function testDeny(): void
				{
				$user = $this->getTestUser('UsersControllerTest1@userscontroller.com');
				$authAttempt = \App\AuthAttempt::recordAuthAttempt($user, "10.0.0.1");

				$response = $this->actingAs($user)->post("api/v4/auth-attempts/{$authAttempt->id}/deny");
				$response->assertStatus(200);
				$authAttempt->refresh();
				$this->assertTrue($authAttempt->isDenied());

				// wrong user
				$user2 = $this->getTestUser('UsersControllerTest2@userscontroller.com');
				$response = $this->actingAs($user2)->post("api/v4/auth-attempts/{$authAttempt->id}/deny");
				$response->assertStatus(403);

				machniakUnsubmitted Done Inline Actions All controller tests should include tests for all 403/404 conditions. machniak: All controller tests should include tests for all 403/404 conditions.
				// wrong id
				$response = $this->actingAs($user)->post("api/v4/auth-attempts/9999/deny");
				$response->assertStatus(404);
				}


				/**
				* Test details (GET /api/v4/auth-attempts/<authAttempt>/details)
				*/
				public function testDetails(): void
				{
				$user = $this->getTestUser('UsersControllerTest1@userscontroller.com');
				$authAttempt = \App\AuthAttempt::recordAuthAttempt($user, "10.0.0.1");

				$response = $this->actingAs($user)->get("api/v4/auth-attempts/{$authAttempt->id}/details");
				$response->assertStatus(200);

				$json = $response->json();

				$authAttempt->refresh();

				$this->assertEquals($user->email, $json['username']);
				$this->assertEquals($authAttempt->ip, $json['entry']['ip']);
				$this->assertEquals(json_encode($authAttempt->updated_at), "\"" . $json['entry']['updated_at'] . "\"");
				machniakUnsubmitted Done Inline Actions This can be removed. machniak: This can be removed.
				$this->assertEquals("CH", $json['country']);

				machniakUnsubmitted Done Inline Actions This can be `$this->assertCount(2, $json);` machniak: This can be `$this->assertCount(2, $json);`
				// wrong user
				machniakUnsubmitted Done Inline Actions This assertion sometimes fail. It's because there's `orderBy('updated_at', 'desc')`, so I think the order of assertions needs to be reverted here. machniak: This assertion sometimes fail. It's because there's `orderBy('updated_at', 'desc')`, so I think…
				mollekopfAuthorUnsubmitted Done Inline Actions The timestamp is sometimes the same, so I changed it so the order doesn't matter). mollekopf: The timestamp is sometimes the same, so I changed it so the order doesn't matter).
				$user2 = $this->getTestUser('UsersControllerTest2@userscontroller.com');
				$response = $this->actingAs($user2)->get("api/v4/auth-attempts/{$authAttempt->id}/details");
				$response->assertStatus(403);

				// wrong id
				$response = $this->actingAs($user)->get("api/v4/auth-attempts/9999/details");
				$response->assertStatus(404);
				}


				/**
				* Test list (GET /api/v4/auth-attempts)
				*/
				public function testList(): void
				{
				$user = $this->getTestUser('UsersControllerTest1@userscontroller.com');
				$authAttempt = \App\AuthAttempt::recordAuthAttempt($user, "10.0.0.1");
				$authAttempt2 = \App\AuthAttempt::recordAuthAttempt($user, "10.0.0.2");

				$response = $this->actingAs($user)->get("api/v4/auth-attempts");
				$response->assertStatus(200);

				$json = $response->json();

				$this->assertCount(2, $json);
				$this->assertTrue(in_array($json[0]['id'], [$authAttempt->id, $authAttempt2->id]));
				$this->assertTrue(in_array($json[1]['id'], [$authAttempt->id, $authAttempt2->id]));
				$this->assertTrue($json[0]['id'] != $json[1]['id']);
				machniakUnsubmitted Done Inline Actions This however will also pass if $json[0][id] == $json[1][id] ;) so, it could be more precise. machniak: This however will also pass if $json[0][id] == $json[1][id] ;) so, it could be more precise.
				}
				}