1<?php 2 3/** 4 * webtrees: online genealogy 5 * Copyright (C) 2020 webtrees development team 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation, either version 3 of the License, or 9 * (at your option) any later version. 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * You should have received a copy of the GNU General Public License 15 * along with this program. If not, see <http://www.gnu.org/licenses/>. 16 */ 17 18declare(strict_types=1); 19 20namespace Fisharebest\Webtrees\Http\Middleware; 21 22use Fig\Http\Message\StatusCodeInterface; 23use Fisharebest\Webtrees\Exceptions\HttpAccessDeniedException; 24use Fisharebest\Webtrees\GuestUser; 25use Fisharebest\Webtrees\TestCase; 26use Fisharebest\Webtrees\Tree; 27use Fisharebest\Webtrees\User; 28use Psr\Http\Server\RequestHandlerInterface; 29 30use function response; 31 32/** 33 * Test the AuthManager middleware. 34 * 35 * @covers \Fisharebest\Webtrees\Http\Middleware\AuthManager 36 */ 37class AuthManagerTest extends TestCase 38{ 39 /** 40 * @return void 41 */ 42 public function testAllowed(): void 43 { 44 $handler = self::createMock(RequestHandlerInterface::class); 45 $handler->method('handle')->willReturn(response('lorem ipsum')); 46 47 $user = self::createMock(User::class); 48 $user->method('getPreference')->with(User::PREF_IS_ADMINISTRATOR)->willReturn(''); 49 50 $tree = self::createMock(Tree::class); 51 $tree->method('getUserPreference')->with($user, User::PREF_TREE_ROLE)->willReturn(User::ROLE_MANAGER); 52 53 $request = self::createRequest()->withAttribute('tree', $tree)->withAttribute('user', $user); 54 $middleware = new AuthManager(); 55 $response = $middleware->process($request, $handler); 56 57 self::assertSame(StatusCodeInterface::STATUS_OK, $response->getStatusCode()); 58 self::assertSame('lorem ipsum', (string) $response->getBody()); 59 } 60 61 /** 62 * @return void 63 */ 64 public function testNotAllowed(): void 65 { 66 $this->expectException(HttpAccessDeniedException::class); 67 $this->expectExceptionMessage('You do not have permission to view this page.'); 68 69 $handler = self::createMock(RequestHandlerInterface::class); 70 $handler->method('handle')->willReturn(response('lorem ipsum')); 71 72 $user = self::createMock(User::class); 73 $user->method('getPreference')->with(User::PREF_IS_ADMINISTRATOR)->willReturn(''); 74 75 $tree = self::createMock(Tree::class); 76 $tree->method('getUserPreference')->with($user, User::PREF_TREE_ROLE)->willReturn(User::ROLE_MODERATOR); 77 78 $request = self::createRequest()->withAttribute('tree', $tree)->withAttribute('user', $user); 79 $middleware = new AuthManager(); 80 81 $middleware->process($request, $handler); 82 } 83 84 /** 85 * @return void 86 */ 87 public function testNotLoggedIn(): void 88 { 89 $handler = self::createMock(RequestHandlerInterface::class); 90 $handler->method('handle')->willReturn(response('lorem ipsum')); 91 92 $tree = self::createMock(Tree::class); 93 94 $request = self::createRequest()->withAttribute('tree', $tree)->withAttribute('user', new GuestUser()); 95 $middleware = new AuthManager(); 96 $response = $middleware->process($request, $handler); 97 98 self::assertSame(StatusCodeInterface::STATUS_FOUND, $response->getStatusCode()); 99 } 100} 101