123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186 |
- <?php
- declare(strict_types = 1);
- // {{{ License
- // This file is part of GNU social - https://www.gnu.org/software/social
- //
- // GNU social is free software: you can redistribute it and/or modify
- // it under the terms of the GNU Affero General Public License as published by
- // the Free Software Foundation, either version 3 of the License, or
- // (at your option) any later version.
- //
- // GNU social is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- // GNU Affero General Public License for more details.
- //
- // You should have received a copy of the GNU Affero General Public License
- // along with GNU social. If not, see <http://www.gnu.org/licenses/>.
- // }}}
- namespace App\Tests\Controller;
- use App\Util\GNUsocialTestCase;
- class SecurityTest extends GNUsocialTestCase
- {
- // --------- Login --------------
- private function testLogin(string $nickname, string $password)
- {
- // This calls static::bootKernel(), and creates a "client" that is acting as the browser
- $client = static::createClient();
- $crawler = $client->request('GET', '/main/login');
- $this->assertResponseIsSuccessful();
- // $form = $crawler->selectButton('Sign in')->form();
- $crawler = $client->submitForm('Sign in', [
- '_username' => $nickname,
- '_password' => $password,
- ]);
- $this->assertResponseStatusCodeSame(302);
- $crawler = $client->followRedirect();
- return [$client, $crawler];
- }
- public function testLoginSuccess()
- {
- [, $crawler] = self::testLogin($nickname = 'taken_user', 'foobar');
- $this->assertResponseIsSuccessful();
- $this->assertSelectorNotExists('.alert');
- $this->assertRouteSame('main_all');
- $this->assertSelectorTextContains('.profile-info .profile-info-nickname', $nickname);
- }
- public function testLoginAttemptAlreadyLoggedIn()
- {
- [$client] = self::testLogin('taken_user', 'foobar'); // Normal login
- $crawler = $client->request('GET', '/main/login'); // attempt to login again
- $client->followRedirect();
- $this->assertRouteSame('main_all');
- }
- public function testLoginFailure()
- {
- self::testLogin('taken_user', 'wrong password');
- $this->assertResponseIsSuccessful();
- $this->assertSelectorTextContains('.alert', 'Invalid login credentials');
- $this->assertRouteSame('security_login');
- }
- public function testLoginEmail()
- {
- self::testLogin('email@provider', 'foobar');
- $this->assertResponseIsSuccessful();
- $this->assertSelectorNotExists('.alert');
- $this->assertRouteSame('main_all');
- $this->assertSelectorTextContains('.profile-info .profile-info-nickname', 'taken_user');
- }
- // --------- Register --------------
- private function testRegister(string $nickname, string $email, string $password)
- {
- $client = static::createClient();
- $crawler = $client->request('GET', '/main/register');
- $this->assertResponseIsSuccessful();
- $crawler = $client->submitForm('Register', [
- 'register[nickname]' => $nickname,
- 'register[email]' => $email,
- 'register[password][first]' => $password,
- 'register[password][second]' => $password,
- ]);
- return [$client, $crawler];
- }
- public function testRegisterSuccess()
- {
- [$client,] = self::testRegister('new_nickname', 'new_email@email_provider', 'foobar');
- $this->assertResponseStatusCodeSame(302);
- $client->followRedirect();
- $this->assertResponseIsSuccessful();
- $this->assertSelectorNotExists('.alert');
- $this->assertRouteSame('main_all');
- $this->assertSelectorTextContains('.profile-info .profile-info-nickname', 'new_nickname');
- }
- public function testRegisterDifferentPassword()
- {
- $client = static::createClient();
- $crawler = $client->request('GET', '/main/register');
- $this->assertResponseIsSuccessful();
- $crawler = $client->submitForm('Register', [
- 'register[nickname]' => 'new_user',
- 'register[email]' => 'new_email@provider',
- 'register[password][first]' => 'fooobar',
- 'register[password][second]' => 'barquux',
- ]);
- $this->assertSelectorTextContains('form[name=register] ul li', 'The password fields must match');
- $this->assertResponseStatusCodeSame(200);
- $this->assertRouteSame('security_register');
- }
- private function testRegisterPasswordLength(string $password, string $error)
- {
- self::testRegister('new_nickname', 'email@provider', $password);
- $this->assertResponseIsSuccessful();
- $this->assertSelectorTextContains('.help-block > ul > li', $error);
- $this->assertRouteSame('security_register');
- }
- public function testRegisterPasswordEmpty()
- {
- self::testRegisterPasswordLength('', error: 'Please enter a password');
- }
- public function testRegisterPasswordShort()
- {
- self::testRegisterPasswordLength('f', error: 'Your password should be at least');
- }
- public function testRegisterPasswordLong()
- {
- self::testRegisterPasswordLength(str_repeat('f', 128), error: 'Your password should be at most');
- }
- private function testRegisterNoEmail()
- {
- self::testRegister('new_nickname', '', 'foobar');
- $this->assertResponseIsSuccessful();
- $this->assertSelectorTextContains('.help-block > ul > li', 'Please enter an email');
- $this->assertRouteSame('security_register');
- }
- private function testRegisterNicknameLength(string $nickname, string $error)
- {
- self::testRegister($nickname, 'email@provider', 'foobar');
- $this->assertResponseIsSuccessful();
- $this->assertSelectorTextContains('.help-block > ul > li', $error);
- $this->assertRouteSame('security_register');
- }
- public function testRegisterNicknameEmpty()
- {
- self::testRegisterNicknameLength('', error: 'Please enter a nickname');
- }
- public function testRegisterNicknameLong()
- {
- self::testRegisterNicknameLength(str_repeat('f', 128), error: 'Your nickname must be at most');
- }
- public function testRegisterExistingNickname()
- {
- [$client, $crawler] = self::testRegister('taken_user', 'new_new_email@email_provider', 'foobar');
- $this->assertSelectorTextContains('.stacktrace', 'App\Util\Exception\NicknameTakenException');
- }
- public function testRegisterExistingEmail()
- {
- [$client, $crawler] = self::testRegister('other_new_nickname', 'email@provider', 'foobar');
- $this->assertSelectorTextContains('.stacktrace', 'App\Util\Exception\EmailTakenException');
- }
- }
|