]> BookStack Code Mirror - bookstack/blob - tests/Auth/AuthTest.php
projects / bookstack / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Updated the Swedish language files
[bookstack] / tests / Auth / AuthTest.php
1 <?php namespace Tests;
2
3 use BookStack\Notifications\ConfirmEmail;
4 use BookStack\Auth\User;
5 use BookStack\Settings\SettingService;
6 use Illuminate\Support\Facades\Notification;
7
8 class AuthTest extends BrowserKitTest
9 {
10
11     public function test_auth_working()
12     {
13         $this->visit('/')
14             ->seePageIs('/login');
15     }
16
17     public function test_login()
18     {
19         $this->login('admin@admin.com', 'password')
20             ->seePageIs('/');
21     }
22
23     public function test_public_viewing()
24     {
25         $settings = app(SettingService::class);
26         $settings->put('app-public', 'true');
27         $this->visit('/')
28             ->seePageIs('/')
29             ->see('Log In');
30     }
31
32     public function test_registration_showing()
33     {
34         // Ensure registration form is showing
35         $this->setSettings(['registration-enabled' => 'true']);
36         $this->visit('/login')
37             ->see('Sign up')
38             ->click('Sign up')
39             ->seePageIs('/register');
40     }
41
42     public function test_normal_registration()
43     {
44         // Set settings and get user instance
45         $this->setSettings(['registration-enabled' => 'true']);
46         $user = factory(User::class)->make();
47
48         // Test form and ensure user is created
49         $this->visit('/register')
50             ->see('Sign Up')
51             ->type($user->name, '#name')
52             ->type($user->email, '#email')
53             ->type($user->password, '#password')
54             ->press('Create Account')
55             ->seePageIs('/')
56             ->see($user->name)
57             ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email]);
58     }
59
60     public function test_empty_registration_redirects_back_with_errors()
61     {
62         // Set settings and get user instance
63         $this->setSettings(['registration-enabled' => 'true']);
64
65         // Test form and ensure user is created
66         $this->visit('/register')
67             ->press('Create Account')
68             ->see('The name field is required')
69             ->seePageIs('/register');
70     }
71
72     public function test_registration_validation()
73     {
74         $this->setSettings(['registration-enabled' => 'true']);
75
76         $this->visit('/register')
77             ->type('1', '#name')
78             ->type('1', '#email')
79             ->type('1', '#password')
80             ->press('Create Account')
81             ->see('The name must be at least 2 characters.')
82             ->see('The email must be a valid email address.')
83             ->see('The password must be at least 6 characters.')
84             ->seePageIs('/register');
85     }
86
87     public function test_sign_up_link_on_login()
88     {
89         $this->visit('/login')
90             ->dontSee('Sign up');
91
92         $this->setSettings(['registration-enabled' => 'true']);
93
94         $this->visit('/login')
95             ->see('Sign up');
96     }
97
98     public function test_confirmed_registration()
99     {
100         // Fake notifications
101         Notification::fake();
102
103         // Set settings and get user instance
104         $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'true']);
105         $user = factory(User::class)->make();
106
107         // Go through registration process
108         $this->visit('/register')
109             ->see('Sign Up')
110             ->type($user->name, '#name')
111             ->type($user->email, '#email')
112             ->type($user->password, '#password')
113             ->press('Create Account')
114             ->seePageIs('/register/confirm')
115             ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
116
117         // Ensure notification sent
118         $dbUser = User::where('email', '=', $user->email)->first();
119         Notification::assertSentTo($dbUser, ConfirmEmail::class);
120
121         // Test access and resend confirmation email
122         $this->login($user->email, $user->password)
123             ->seePageIs('/register/confirm/awaiting')
124             ->see('Resend')
125             ->visit('/books')
126             ->seePageIs('/register/confirm/awaiting')
127             ->press('Resend Confirmation Email');
128
129         // Get confirmation and confirm notification matches
130         $emailConfirmation = \DB::table('email_confirmations')->where('user_id', '=', $dbUser->id)->first();
131         Notification::assertSentTo($dbUser, ConfirmEmail::class, function($notification, $channels) use ($emailConfirmation) {
132             return $notification->token === $emailConfirmation->token;
133         });
134         
135         // Check confirmation email confirmation activation.
136         $this->visit('/register/confirm/' . $emailConfirmation->token)
137             ->seePageIs('/')
138             ->see($user->name)
139             ->notSeeInDatabase('email_confirmations', ['token' => $emailConfirmation->token])
140             ->seeInDatabase('users', ['name' => $dbUser->name, 'email' => $dbUser->email, 'email_confirmed' => true]);
141     }
142
143     public function test_restricted_registration()
144     {
145         $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'true', 'registration-restrict' => 'example.com']);
146         $user = factory(User::class)->make();
147         // Go through registration process
148         $this->visit('/register')
149             ->type($user->name, '#name')
150             ->type($user->email, '#email')
151             ->type($user->password, '#password')
152             ->press('Create Account')
153             ->seePageIs('/register')
154             ->dontSeeInDatabase('users', ['email' => $user->email])
155             ->see('That email domain does not have access to this application');
156
157         $user->email = 'barry@example.com';
158
159         $this->visit('/register')
160             ->type($user->name, '#name')
161             ->type($user->email, '#email')
162             ->type($user->password, '#password')
163             ->press('Create Account')
164             ->seePageIs('/register/confirm')
165             ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
166
167         $this->visit('/')->seePageIs('/login')
168             ->type($user->email, '#email')
169             ->type($user->password, '#password')
170             ->press('Log In')
171             ->seePageIs('/register/confirm/awaiting')
172             ->seeText('Email Address Not Confirmed');
173     }
174
175     public function test_restricted_registration_with_confirmation_disabled()
176     {
177         $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'false', 'registration-restrict' => 'example.com']);
178         $user = factory(User::class)->make();
179         // Go through registration process
180         $this->visit('/register')
181             ->type($user->name, '#name')
182             ->type($user->email, '#email')
183             ->type($user->password, '#password')
184             ->press('Create Account')
185             ->seePageIs('/register')
186             ->dontSeeInDatabase('users', ['email' => $user->email])
187             ->see('That email domain does not have access to this application');
188
189         $user->email = 'barry@example.com';
190
191         $this->visit('/register')
192             ->type($user->name, '#name')
193             ->type($user->email, '#email')
194             ->type($user->password, '#password')
195             ->press('Create Account')
196             ->seePageIs('/register/confirm')
197             ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
198
199         $this->visit('/')->seePageIs('/login')
200             ->type($user->email, '#email')
201             ->type($user->password, '#password')
202             ->press('Log In')
203             ->seePageIs('/register/confirm/awaiting')
204             ->seeText('Email Address Not Confirmed');
205     }
206
207     public function test_user_creation()
208     {
209         $user = factory(User::class)->make();
210
211         $this->asAdmin()
212             ->visit('/settings/users')
213             ->click('Add New User')
214             ->type($user->name, '#name')
215             ->type($user->email, '#email')
216             ->check('roles[admin]')
217             ->type($user->password, '#password')
218             ->type($user->password, '#password-confirm')
219             ->press('Save')
220             ->seePageIs('/settings/users')
221             ->seeInDatabase('users', $user->toArray())
222             ->see($user->name);
223     }
224
225     public function test_user_updating()
226     {
227         $user = $this->getNormalUser();
228         $password = $user->password;
229         $this->asAdmin()
230             ->visit('/settings/users')
231             ->click($user->name)
232             ->seePageIs('/settings/users/' . $user->id)
233             ->see($user->email)
234             ->type('Barry Scott', '#name')
235             ->press('Save')
236             ->seePageIs('/settings/users')
237             ->seeInDatabase('users', ['id' => $user->id, 'name' => 'Barry Scott', 'password' => $password])
238             ->notSeeInDatabase('users', ['name' => $user->name]);
239     }
240
241     public function test_user_password_update()
242     {
243         $user = $this->getNormalUser();
244         $userProfilePage = '/settings/users/' . $user->id;
245         $this->asAdmin()
246             ->visit($userProfilePage)
247             ->type('newpassword', '#password')
248             ->press('Save')
249             ->seePageIs($userProfilePage)
250             ->see('Password confirmation required')
251
252             ->type('newpassword', '#password')
253             ->type('newpassword', '#password-confirm')
254             ->press('Save')
255             ->seePageIs('/settings/users');
256
257             $userPassword = User::find($user->id)->password;
258             $this->assertTrue(\Hash::check('newpassword', $userPassword));
259     }
260
261     public function test_user_deletion()
262     {
263         $userDetails = factory(User::class)->make();
264         $user = $this->getEditor($userDetails->toArray());
265
266         $this->asAdmin()
267             ->visit('/settings/users/' . $user->id)
268             ->click('Delete User')
269             ->see($user->name)
270             ->press('Confirm')
271             ->seePageIs('/settings/users')
272             ->notSeeInDatabase('users', ['name' => $user->name]);
273     }
274
275     public function test_user_cannot_be_deleted_if_last_admin()
276     {
277         $adminRole = \BookStack\Auth\Role::getRole('admin');
278         // Ensure we currently only have 1 admin user
279         $this->assertEquals(1, $adminRole->users()->count());
280         $user = $adminRole->users->first();
281
282         $this->asAdmin()->visit('/settings/users/' . $user->id)
283             ->click('Delete User')
284             ->press('Confirm')
285             ->seePageIs('/settings/users/' . $user->id)
286             ->see('You cannot delete the only admin');
287     }
288
289     public function test_logout()
290     {
291         $this->asAdmin()
292             ->visit('/')
293             ->seePageIs('/')
294             ->visit('/logout')
295             ->visit('/')
296             ->seePageIs('/login');
297     }
298
299     public function test_reset_password_flow()
300     {
301
302         Notification::fake();
303
304         $this->visit('/login')->click('Forgot Password?')
305             ->seePageIs('/password/email')
306             ->type('admin@admin.com', 'email')
307             ->press('Send Reset Link')
308             ->see('A password reset link has been sent to admin@admin.com');
309
310         $this->seeInDatabase('password_resets', [
311             'email' => 'admin@admin.com'
312         ]);
313
314         $user = User::where('email', '=', 'admin@admin.com')->first();
315
316         Notification::assertSentTo($user, \BookStack\Notifications\ResetPassword::class);
317         $n = Notification::sent($user, \BookStack\Notifications\ResetPassword::class);
318
319         $this->visit('/password/reset/' . $n->first()->token)
320             ->see('Reset Password')
321             ->submitForm('Reset Password', [
322                 'email' => 'admin@admin.com',
323                 'password' => 'randompass',
324                 'password_confirmation' => 'randompass'
325             ])->seePageIs('/')
326             ->see('Your password has been successfully reset');
327     }
328
329     public function test_reset_password_page_shows_sign_links()
330     {
331         $this->setSettings(['registration-enabled' => 'true']);
332         $this->visit('/password/email')
333             ->seeLink('Log in')
334             ->seeLink('Sign up');
335     }
336
337     /**
338      * Perform a login
339      * @param string $email
340      * @param string $password
341      * @return $this
342      */
343     protected function login($email, $password)
344     {
345         return $this->visit('/login')
346             ->type($email, '#email')
347             ->type($password, '#password')
348             ->press('Log In');
349     }
350 }
The core source code for the BookStack project.
Morty Proxy This is a proxified and sanitized view of the page, visit original site.