1<?php 2 3/** 4 * webtrees: online genealogy 5 * 'Copyright (C) 2023 webtrees development team 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation, either version 3 of the License, or 9 * (at your option) any later version. 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * You should have received a copy of the GNU General Public License 15 * along with this program. If not, see <https://www.gnu.org/licenses/>. 16 */ 17 18declare(strict_types=1); 19 20namespace Fisharebest\Webtrees\Http\Middleware; 21 22use Fig\Http\Message\StatusCodeInterface; 23use Fisharebest\Webtrees\Contracts\UserInterface; 24use Fisharebest\Webtrees\GuestUser; 25use Fisharebest\Webtrees\Http\Exceptions\HttpAccessDeniedException; 26use Fisharebest\Webtrees\TestCase; 27use Fisharebest\Webtrees\User; 28use Psr\Http\Server\RequestHandlerInterface; 29 30use function response; 31 32/** 33 * Test the AuthAdministrator middleware. 34 * 35 * @covers \Fisharebest\Webtrees\Http\Middleware\AuthAdministrator 36 */ 37class AuthAdministratorTest extends TestCase 38{ 39 /** 40 * @return void 41 */ 42 public function testAllowed(): void 43 { 44 $handler = $this->createMock(RequestHandlerInterface::class); 45 $handler->method('handle')->willReturn(response('lorem ipsum')); 46 47 $user = $this->createMock(User::class); 48 $user->method('getPreference')->with(UserInterface::PREF_IS_ADMINISTRATOR)->willReturn('1'); 49 50 $request = self::createRequest()->withAttribute('user', $user); 51 $middleware = new AuthAdministrator(); 52 $response = $middleware->process($request, $handler); 53 54 self::assertSame(StatusCodeInterface::STATUS_OK, $response->getStatusCode()); 55 self::assertSame('lorem ipsum', (string) $response->getBody()); 56 } 57 58 /** 59 * @return void 60 */ 61 public function testNotAllowed(): void 62 { 63 $this->expectException(HttpAccessDeniedException::class); 64 $this->expectExceptionMessage('You do not have permission to view this page.'); 65 66 $handler = $this->createMock(RequestHandlerInterface::class); 67 $handler->method('handle')->willReturn(response('lorem ipsum')); 68 69 $user = $this->createMock(User::class); 70 $user->method('getPreference')->with(UserInterface::PREF_IS_ADMINISTRATOR)->willReturn(''); 71 72 $request = self::createRequest()->withAttribute('user', $user); 73 $middleware = new AuthAdministrator(); 74 75 $middleware->process($request, $handler); 76 } 77 78 /** 79 * @return void 80 */ 81 public function testNotLoggedIn(): void 82 { 83 $handler = $this->createMock(RequestHandlerInterface::class); 84 $handler->method('handle')->willReturn(response('lorem ipsum')); 85 86 $request = self::createRequest()->withAttribute('user', new GuestUser()); 87 $middleware = new AuthAdministrator(); 88 $response = $middleware->process($request, $handler); 89 90 self::assertSame(StatusCodeInterface::STATUS_FOUND, $response->getStatusCode()); 91 } 92} 93