]> BookStack Code Mirror - bookstack/blob - tests/Auth/AuthTest.php
projects / bookstack / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
add missing polish translations for comments
[bookstack] / tests / Auth / AuthTest.php
1 <?php namespace Tests;
2
3 use BookStack\Notifications\ConfirmEmail;
4 use BookStack\User;
5 use Illuminate\Support\Facades\Notification;
6
7 class AuthTest extends BrowserKitTest
8 {
9
10     public function test_auth_working()
11     {
12         $this->visit('/')
13             ->seePageIs('/login');
14     }
15
16     public function test_login()
17     {
18         $this->login('admin@admin.com', 'password')
19             ->seePageIs('/');
20     }
21
22     public function test_public_viewing()
23     {
24         $settings = app('BookStack\Services\SettingService');
25         $settings->put('app-public', 'true');
26         $this->visit('/')
27             ->seePageIs('/')
28             ->see('Log In');
29     }
30
31     public function test_registration_showing()
32     {
33         // Ensure registration form is showing
34         $this->setSettings(['registration-enabled' => 'true']);
35         $this->visit('/login')
36             ->see('Sign up')
37             ->click('Sign up')
38             ->seePageIs('/register');
39     }
40
41     public function test_normal_registration()
42     {
43         // Set settings and get user instance
44         $this->setSettings(['registration-enabled' => 'true']);
45         $user = factory(User::class)->make();
46
47         // Test form and ensure user is created
48         $this->visit('/register')
49             ->see('Sign Up')
50             ->type($user->name, '#name')
51             ->type($user->email, '#email')
52             ->type($user->password, '#password')
53             ->press('Create Account')
54             ->seePageIs('/')
55             ->see($user->name)
56             ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email]);
57     }
58
59     public function test_empty_registration_redirects_back_with_errors()
60     {
61         // Set settings and get user instance
62         $this->setSettings(['registration-enabled' => 'true']);
63
64         // Test form and ensure user is created
65         $this->visit('/register')
66             ->press('Create Account')
67             ->see('The name field is required')
68             ->seePageIs('/register');
69     }
70
71
72     public function test_confirmed_registration()
73     {
74         // Fake notifications
75         Notification::fake();
76
77         // Set settings and get user instance
78         $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'true']);
79         $user = factory(User::class)->make();
80
81         // Go through registration process
82         $this->visit('/register')
83             ->see('Sign Up')
84             ->type($user->name, '#name')
85             ->type($user->email, '#email')
86             ->type($user->password, '#password')
87             ->press('Create Account')
88             ->seePageIs('/register/confirm')
89             ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
90
91         // Ensure notification sent
92         $dbUser = User::where('email', '=', $user->email)->first();
93         Notification::assertSentTo($dbUser, ConfirmEmail::class);
94
95         // Test access and resend confirmation email
96         $this->login($user->email, $user->password)
97             ->seePageIs('/register/confirm/awaiting')
98             ->see('Resend')
99             ->visit('/books')
100             ->seePageIs('/register/confirm/awaiting')
101             ->press('Resend Confirmation Email');
102
103         // Get confirmation and confirm notification matches
104         $emailConfirmation = \DB::table('email_confirmations')->where('user_id', '=', $dbUser->id)->first();
105         Notification::assertSentTo($dbUser, ConfirmEmail::class, function($notification, $channels) use ($emailConfirmation) {
106             return $notification->token === $emailConfirmation->token;
107         });
108         
109         // Check confirmation email confirmation activation.
110         $this->visit('/register/confirm/' . $emailConfirmation->token)
111             ->seePageIs('/')
112             ->see($user->name)
113             ->notSeeInDatabase('email_confirmations', ['token' => $emailConfirmation->token])
114             ->seeInDatabase('users', ['name' => $dbUser->name, 'email' => $dbUser->email, 'email_confirmed' => true]);
115     }
116
117     public function test_restricted_registration()
118     {
119         $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'true', 'registration-restrict' => 'example.com']);
120         $user = factory(User::class)->make();
121         // Go through registration process
122         $this->visit('/register')
123             ->type($user->name, '#name')
124             ->type($user->email, '#email')
125             ->type($user->password, '#password')
126             ->press('Create Account')
127             ->seePageIs('/register')
128             ->dontSeeInDatabase('users', ['email' => $user->email])
129             ->see('That email domain does not have access to this application');
130
131         $user->email = 'barry@example.com';
132
133         $this->visit('/register')
134             ->type($user->name, '#name')
135             ->type($user->email, '#email')
136             ->type($user->password, '#password')
137             ->press('Create Account')
138             ->seePageIs('/register/confirm')
139             ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
140
141         $this->visit('/')->seePageIs('/login')
142             ->type($user->email, '#email')
143             ->type($user->password, '#password')
144             ->press('Log In')
145             ->seePageIs('/register/confirm/awaiting')
146             ->seeText('Email Address Not Confirmed');
147     }
148
149     public function test_restricted_registration_with_confirmation_disabled()
150     {
151         $this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'false', 'registration-restrict' => 'example.com']);
152         $user = factory(User::class)->make();
153         // Go through registration process
154         $this->visit('/register')
155             ->type($user->name, '#name')
156             ->type($user->email, '#email')
157             ->type($user->password, '#password')
158             ->press('Create Account')
159             ->seePageIs('/register')
160             ->dontSeeInDatabase('users', ['email' => $user->email])
161             ->see('That email domain does not have access to this application');
162
163         $user->email = 'barry@example.com';
164
165         $this->visit('/register')
166             ->type($user->name, '#name')
167             ->type($user->email, '#email')
168             ->type($user->password, '#password')
169             ->press('Create Account')
170             ->seePageIs('/register/confirm')
171             ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
172
173         $this->visit('/')->seePageIs('/login')
174             ->type($user->email, '#email')
175             ->type($user->password, '#password')
176             ->press('Log In')
177             ->seePageIs('/register/confirm/awaiting')
178             ->seeText('Email Address Not Confirmed');
179     }
180
181     public function test_user_creation()
182     {
183         $user = factory(User::class)->make();
184
185         $this->asAdmin()
186             ->visit('/settings/users')
187             ->click('Add New User')
188             ->type($user->name, '#name')
189             ->type($user->email, '#email')
190             ->check('roles[admin]')
191             ->type($user->password, '#password')
192             ->type($user->password, '#password-confirm')
193             ->press('Save')
194             ->seePageIs('/settings/users')
195             ->seeInDatabase('users', $user->toArray())
196             ->see($user->name);
197     }
198
199     public function test_user_updating()
200     {
201         $user = $this->getNormalUser();
202         $password = $user->password;
203         $this->asAdmin()
204             ->visit('/settings/users')
205             ->click($user->name)
206             ->seePageIs('/settings/users/' . $user->id)
207             ->see($user->email)
208             ->type('Barry Scott', '#name')
209             ->press('Save')
210             ->seePageIs('/settings/users')
211             ->seeInDatabase('users', ['id' => $user->id, 'name' => 'Barry Scott', 'password' => $password])
212             ->notSeeInDatabase('users', ['name' => $user->name]);
213     }
214
215     public function test_user_password_update()
216     {
217         $user = $this->getNormalUser();
218         $userProfilePage = '/settings/users/' . $user->id;
219         $this->asAdmin()
220             ->visit($userProfilePage)
221             ->type('newpassword', '#password')
222             ->press('Save')
223             ->seePageIs($userProfilePage)
224             ->see('Password confirmation required')
225
226             ->type('newpassword', '#password')
227             ->type('newpassword', '#password-confirm')
228             ->press('Save')
229             ->seePageIs('/settings/users');
230
231             $userPassword = User::find($user->id)->password;
232             $this->assertTrue(\Hash::check('newpassword', $userPassword));
233     }
234
235     public function test_user_deletion()
236     {
237         $userDetails = factory(User::class)->make();
238         $user = $this->getEditor($userDetails->toArray());
239
240         $this->asAdmin()
241             ->visit('/settings/users/' . $user->id)
242             ->click('Delete User')
243             ->see($user->name)
244             ->press('Confirm')
245             ->seePageIs('/settings/users')
246             ->notSeeInDatabase('users', ['name' => $user->name]);
247     }
248
249     public function test_user_cannot_be_deleted_if_last_admin()
250     {
251         $adminRole = \BookStack\Role::getRole('admin');
252         // Ensure we currently only have 1 admin user
253         $this->assertEquals(1, $adminRole->users()->count());
254         $user = $adminRole->users->first();
255
256         $this->asAdmin()->visit('/settings/users/' . $user->id)
257             ->click('Delete User')
258             ->press('Confirm')
259             ->seePageIs('/settings/users/' . $user->id)
260             ->see('You cannot delete the only admin');
261     }
262
263     public function test_logout()
264     {
265         $this->asAdmin()
266             ->visit('/')
267             ->seePageIs('/')
268             ->visit('/logout')
269             ->visit('/')
270             ->seePageIs('/login');
271     }
272
273     public function test_reset_password_flow()
274     {
275
276         Notification::fake();
277
278         $this->visit('/login')->click('Forgot Password?')
279             ->seePageIs('/password/email')
280             ->type('admin@admin.com', 'email')
281             ->press('Send Reset Link')
282             ->see('A password reset link has been sent to admin@admin.com');
283
284         $this->seeInDatabase('password_resets', [
285             'email' => 'admin@admin.com'
286         ]);
287
288         $user = User::where('email', '=', 'admin@admin.com')->first();
289
290         Notification::assertSentTo($user, \BookStack\Notifications\ResetPassword::class);
291         $n = Notification::sent($user, \BookStack\Notifications\ResetPassword::class);
292
293         $this->visit('/password/reset/' . $n->first()->token)
294             ->see('Reset Password')
295             ->submitForm('Reset Password', [
296                 'email' => 'admin@admin.com',
297                 'password' => 'randompass',
298                 'password_confirmation' => 'randompass'
299             ])->seePageIs('/')
300             ->see('Your password has been successfully reset');
301     }
302
303     public function test_reset_password_page_shows_sign_links()
304     {
305         $this->setSettings(['registration-enabled' => 'true']);
306         $this->visit('/password/email')
307             ->seeLink('Log in')
308             ->seeLink('Sign up');
309     }
310
311     /**
312      * Perform a login
313      * @param string $email
314      * @param string $password
315      * @return $this
316      */
317     protected function login($email, $password)
318     {
319         return $this->visit('/login')
320             ->type($email, '#email')
321             ->type($password, '#password')
322             ->press('Log In');
323     }
324 }
The core source code for the BookStack project.
Morty Proxy This is a proxified and sanitized view of the page, visit original site.