1<?php 2 3/** 4 * webtrees: online genealogy 5 * Copyright (C) 2020 webtrees development team 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation, either version 3 of the License, or 9 * (at your option) any later version. 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * You should have received a copy of the GNU General Public License 15 * along with this program. If not, see <http://www.gnu.org/licenses/>. 16 */ 17 18declare(strict_types=1); 19 20namespace Fisharebest\Webtrees\Http\Middleware; 21 22use Fig\Http\Message\StatusCodeInterface; 23use Fisharebest\Webtrees\Contracts\UserInterface; 24use Fisharebest\Webtrees\Exceptions\HttpAccessDeniedException; 25use Fisharebest\Webtrees\GuestUser; 26use Fisharebest\Webtrees\TestCase; 27use Fisharebest\Webtrees\Tree; 28use Fisharebest\Webtrees\User; 29use Psr\Http\Server\RequestHandlerInterface; 30 31use function response; 32 33/** 34 * Test the AuthEditor middleware. 35 * 36 * @covers \Fisharebest\Webtrees\Http\Middleware\AuthEditor 37 */ 38class AuthEditorTest extends TestCase 39{ 40 /** 41 * @return void 42 */ 43 public function testAllowed(): void 44 { 45 $handler = self::createMock(RequestHandlerInterface::class); 46 $handler->method('handle')->willReturn(response('lorem ipsum')); 47 48 $user = self::createMock(User::class); 49 $user->method('getPreference')->with(UserInterface::PREF_IS_ADMINISTRATOR)->willReturn(''); 50 51 $tree = self::createMock(Tree::class); 52 $tree->method('getUserPreference')->with($user, UserInterface::PREF_TREE_ROLE)->willReturn(UserInterface::ROLE_EDITOR); 53 54 $request = self::createRequest()->withAttribute('tree', $tree)->withAttribute('user', $user); 55 $middleware = new AuthEditor(); 56 $response = $middleware->process($request, $handler); 57 58 self::assertSame(StatusCodeInterface::STATUS_OK, $response->getStatusCode()); 59 self::assertSame('lorem ipsum', (string) $response->getBody()); 60 } 61 62 /** 63 * @return void 64 */ 65 public function testNotAllowed(): void 66 { 67 $this->expectException(HttpAccessDeniedException::class); 68 $this->expectExceptionMessage('You do not have permission to view this page.'); 69 70 $handler = self::createMock(RequestHandlerInterface::class); 71 $handler->method('handle')->willReturn(response('lorem ipsum')); 72 73 $user = self::createMock(User::class); 74 $user->method('getPreference')->with(UserInterface::PREF_IS_ADMINISTRATOR)->willReturn(''); 75 76 $tree = self::createMock(Tree::class); 77 $tree->method('getUserPreference')->with($user, UserInterface::PREF_TREE_ROLE)->willReturn(UserInterface::ROLE_MEMBER); 78 79 $request = self::createRequest()->withAttribute('tree', $tree)->withAttribute('user', $user); 80 $middleware = new AuthEditor(); 81 82 $middleware->process($request, $handler); 83 } 84 85 /** 86 * @return void 87 */ 88 public function testNotLoggedIn(): void 89 { 90 $handler = self::createMock(RequestHandlerInterface::class); 91 $handler->method('handle')->willReturn(response('lorem ipsum')); 92 93 $tree = self::createMock(Tree::class); 94 95 $request = self::createRequest()->withAttribute('tree', $tree)->withAttribute('user', new GuestUser()); 96 $middleware = new AuthEditor(); 97 $response = $middleware->process($request, $handler); 98 99 self::assertSame(StatusCodeInterface::STATUS_FOUND, $response->getStatusCode()); 100 } 101} 102