1<?php 2 3/** 4 * webtrees: online genealogy 5 * Copyright (C) 2023 webtrees development team 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation, either version 3 of the License, or 9 * (at your option) any later version. 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * You should have received a copy of the GNU General Public License 15 * along with this program. If not, see <https://www.gnu.org/licenses/>. 16 */ 17 18declare(strict_types=1); 19 20namespace Fisharebest\Webtrees\Http\Middleware; 21 22use Fig\Http\Message\StatusCodeInterface; 23use Fisharebest\Webtrees\Contracts\UserInterface; 24use Fisharebest\Webtrees\GuestUser; 25use Fisharebest\Webtrees\Http\Exceptions\HttpAccessDeniedException; 26use Fisharebest\Webtrees\TestCase; 27use Fisharebest\Webtrees\User; 28use Psr\Http\Server\RequestHandlerInterface; 29 30use function response; 31 32/** 33 * Test the AuthAdministrator middleware. 34 * 35 * @covers \Fisharebest\Webtrees\Http\Middleware\AuthAdministrator 36 */ 37class AuthAdministratorTest extends TestCase 38{ 39 public function testAllowed(): void 40 { 41 $handler = $this->createMock(RequestHandlerInterface::class); 42 $handler->method('handle')->willReturn(response('lorem ipsum')); 43 44 $user = $this->createMock(User::class); 45 $user->method('getPreference')->with(UserInterface::PREF_IS_ADMINISTRATOR)->willReturn('1'); 46 47 $request = self::createRequest()->withAttribute('user', $user); 48 $middleware = new AuthAdministrator(); 49 $response = $middleware->process($request, $handler); 50 51 self::assertSame(StatusCodeInterface::STATUS_OK, $response->getStatusCode()); 52 self::assertSame('lorem ipsum', (string) $response->getBody()); 53 } 54 55 public function testNotAllowed(): void 56 { 57 $this->expectException(HttpAccessDeniedException::class); 58 $this->expectExceptionMessage('You do not have permission to view this page.'); 59 60 $handler = $this->createMock(RequestHandlerInterface::class); 61 $handler->method('handle')->willReturn(response('lorem ipsum')); 62 63 $user = $this->createMock(User::class); 64 $user->method('getPreference')->with(UserInterface::PREF_IS_ADMINISTRATOR)->willReturn(''); 65 66 $request = self::createRequest()->withAttribute('user', $user); 67 $middleware = new AuthAdministrator(); 68 69 $middleware->process($request, $handler); 70 } 71 72 public function testNotLoggedIn(): void 73 { 74 $handler = $this->createMock(RequestHandlerInterface::class); 75 $handler->method('handle')->willReturn(response('lorem ipsum')); 76 77 $request = self::createRequest()->withAttribute('user', new GuestUser()); 78 $middleware = new AuthAdministrator(); 79 $response = $middleware->process($request, $handler); 80 81 self::assertSame(StatusCodeInterface::STATUS_FOUND, $response->getStatusCode()); 82 } 83} 84