opensourcemirror
/
dokuwiki
mirror of https://github.com/splitbrain/dokuwiki.git
1
0
Fork 0
Code Issues Releases Wiki Activity

API: move user related tests to usermanager plugin

This commit is contained in:
Andreas Gohr 2024-01-06 17:22:33 +01:00
parent d1f06eb4f0
commit cad27e80a9
6 changed files with 306 additions and 233 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
_test/mock/AuthCreatePlugin.php
View File

@ -1,36 +0,0 @@
<?php
namespace dokuwiki\test\mock;
/**
* Class dokuwiki\Plugin\DokuWiki_Auth_Plugin
*/
class AuthCreatePlugin extends AuthPlugin {
public $loggedOff = false;
/** @var array user cache */
protected $users = null;
public function __construct($canAddUser = true) {
$this->cando['addUser'] = $canAddUser;
}
public function checkPass($user, $pass) {
return $pass == 'password';
}
public function createUser($user, $pwd, $name, $mail, $grps = null) {
if (isset($this->users[$user])) {
return false;
}
$pass = md5($pwd);
$this->users[$user] = compact('pass', 'name', 'mail', 'grps');
return true;
}
public function logoff() {
$this->loggedOff = true;
}
}

193
_test/tests/Remote/ApiCoreCreateUserTest.php
View File

@ -1,193 +0,0 @@
<?php
namespace dokuwiki\test\Remote;
use dokuwiki\Remote\AccessDeniedException;
use dokuwiki\Remote\Api;
use dokuwiki\Remote\RemoteException;
use dokuwiki\test\mock\AuthCreatePlugin;
use dokuwiki\test\mock\AuthPlugin;
/**
* Class remoteapicore_test
*/
class ApiCoreCreateUserTest extends \DokuWikiTest
{
protected $userinfo;
protected $oldAuthAcl;
/** @var Api */
protected $remote;
public function setUp(): void
{
// we need a clean setup before each single test:
\DokuWikiTest::setUpBeforeClass();
parent::setUp();
global $conf;
global $USERINFO;
global $AUTH_ACL;
global $auth;
$this->oldAuthAcl = $AUTH_ACL;
$this->userinfo = $USERINFO;
$auth = new AuthPlugin();
$conf['remote'] = 1;
$conf['remoteuser'] = '@user';
$conf['useacl'] = 0;
$this->remote = new Api();
}
public function tearDown(): void
{
parent::tearDown();
global $USERINFO;
global $AUTH_ACL;
$USERINFO = $this->userinfo;
$AUTH_ACL = $this->oldAuthAcl;
}
public function testCreateUser()
{
global $conf, $auth;
$conf['remote'] = 1;
$conf['remoteuser'] = 'testuser';
$_SERVER['REMOTE_USER'] = 'testuser';
$auth = new AuthCreatePlugin();
// $user, $pwd, $name, $mail, $grps = null
$params = [
[
'user' => 'user1',
'password' => 'password1',
'name' => 'user1',
'mail' => 'user1@localhost',
'groups' => [
'user',
'test'
],
'notify' => false
]
];
$actualCallResult = $this->remote->call('dokuwiki.createUser', $params);
$this->assertTrue($actualCallResult);
// if the user exists, no data is overwritten
$actualCallResult = $this->remote->call('dokuwiki.createUser', $params);
$this->assertFalse($actualCallResult);
}
public function testCreateUserAuthPlain()
{
global $conf, $auth;
$conf['remote'] = 1;
$conf['remoteuser'] = 'testuser';
$_SERVER['REMOTE_USER'] = 'testuser';
$auth = new \auth_plugin_authplain();
$params = [
[
'user' => 'user1',
'password' => 'password1',
'name' => 'user1',
'mail' => 'user1@localhost',
'groups' => [
'user',
'test'
],
'notify' => false
]
];
$callResult = $this->remote->call('dokuwiki.createUser', $params);
$this->assertTrue($callResult);
}
public function testCreateUserAuthPlainUndefinedUser()
{
global $conf, $auth;
$conf['remote'] = 1;
$conf['remoteuser'] = 'testuser';
$_SERVER['REMOTE_USER'] = 'testuser';
$auth = new \auth_plugin_authplain();
$params = [
[
'user' => ''
],
];
$this->expectException(RemoteException::class);
$this->expectExceptionCode(401);
$this->remote->call('dokuwiki.createUser', $params);
}
public function testCreateUserAuthPlainUndefinedName()
{
global $conf, $auth;
$conf['remote'] = 1;
$conf['remoteuser'] = 'testuser';
$_SERVER['REMOTE_USER'] = 'testuser';
$auth = new \auth_plugin_authplain();
$params = [
[
'user' => 'hello'
],
];
$this->expectException(RemoteException::class);
$this->expectExceptionCode(402);
$this->remote->call('dokuwiki.createUser', $params);
}
public function testCreateUserAuthPlainBadEmail()
{
global $conf, $auth;
$conf['remote'] = 1;
$conf['remoteuser'] = 'testuser';
$_SERVER['REMOTE_USER'] = 'testuser';
$auth = new \auth_plugin_authplain();
$params = [
[
'user' => 'hello',
'name' => 'A new user',
'mail' => 'this is not an email address'
],
];
$this->expectException(RemoteException::class);
$this->expectExceptionCode(403);
$this->remote->call('dokuwiki.createUser', $params);
}
public function testCreateUserAuthCanNotDoAddUser()
{
$this->expectException(AccessDeniedException::class);
$this->expectExceptionMessageMatches('/can\'t do addUser/');
global $conf, $auth;
$conf['remote'] = 1;
$conf['remoteuser'] = 'testuser';
$_SERVER['REMOTE_USER'] = 'testuser';
$auth = new AuthCreatePlugin(false);
$params = [
[
'user' => 'user1',
'password' => 'password1',
'name' => 'user1',
'mail' => 'user1@localhost',
'groups' => [
'user',
'test'
],
'notify' => false
],
];
$this->remote->call('dokuwiki.createUser', $params);
}
}

2
_test/tests/Remote/ApiCoreTest.php
View File

@ -2,12 +2,10 @@
namespace dokuwiki\test\Remote;
use dokuwiki\Extension\Event;
use dokuwiki\Remote\AccessDeniedException;
use dokuwiki\Remote\Api;
use dokuwiki\Remote\ApiCore;
use dokuwiki\Remote\RemoteException;
use dokuwiki\test\mock\AuthDeletePlugin;
use dokuwiki\test\mock\AuthPlugin;

54
lib/plugins/usermanager/_test/AuthPlugin.php Normal file
View File

@ -0,0 +1,54 @@
<?php
namespace dokuwiki\plugin\usermanager\test;
/**
* Simple Auth Plugin for testing
*
* All users are stored in a simple array
* @todo This might be useful for other tests and could replace the remaining mock auth plugins
*/
class AuthPlugin extends \dokuwiki\Extension\AuthPlugin {
public $loggedOff = false;
/** @var array user storage */
public $users = [];
/** @inheritdoc */
public function __construct($cando = []) {
parent::__construct(); // for compatibility
// our own default capabilities
$this->cando['addUser'] = true;
$this->cando['delUser'] = true;
// merge in given capabilities for testing
$this->cando = array_merge($this->cando, $cando);
}
/** @inheritdoc */
public function createUser($user, $pwd, $name, $mail, $grps = null) {
if (isset($this->users[$user])) {
return false;
}
$pass = md5($pwd);
$grps = (array) $grps;
$this->users[$user] = compact('pass', 'name', 'mail', 'grps');
return true;
}
/** @inheritdoc */
public function deleteUsers($users)
{
$deleted = 0;
foreach ($users as $user) {
if (isset($this->users[$user])) {
unset($this->users[$user]);
$deleted++;
}
}
return $deleted;
}
}

241
lib/plugins/usermanager/_test/RemoteApiTest.php Normal file
View File

@ -0,0 +1,241 @@
<?php
namespace dokuwiki\plugin\usermanager\test;
use dokuwiki\Remote\AccessDeniedException;
use dokuwiki\Remote\Api;
use dokuwiki\Remote\RemoteException;
use DokuWikiTest;
/**
* Remote API tests for the usermanager plugin
*
* @group plugin_usermanager
* @group plugins
*/
class RemoteApiTest extends DokuWikiTest
{
/** @var Api */
protected $remote;
public function __construct()
{
parent::__construct();
$this->remote = new Api();
}
public function setUp(): void
{
parent::setUp();
global $conf;
$conf['remote'] = 1;
$conf['remoteuser'] = 'testuser, admin';
$conf['superuser'] = 'admin';
}
public function testCreateUserSuccess()
{
global $auth;
$auth = new AuthPlugin();
$params = [
'user' => 'user1',
'password' => 'password1',
'name' => 'user one',
'mail' => 'user1@localhost',
'groups' => [
'user',
'test'
],
'notify' => false
];
$_SERVER['REMOTE_USER'] = 'admin';
$this->assertTrue(
$this->remote->call('plugin.usermanager.createUser', $params)
);
$this->assertArrayHasKey('user1', $auth->users);
// try again should fail, because user already exists
$this->assertFalse(
$this->remote->call('plugin.usermanager.createUser', $params)
);
}
public function testCreateUserFailAccess()
{
global $auth;
$auth = new AuthPlugin();
$params = [
'user' => 'user1',
'password' => 'password1',
'name' => 'user one',
'mail' => 'user1@localhost',
'groups' => [
'user',
'test'
],
'notify' => false
];
$_SERVER['REMOTE_USER'] = 'testuser';
$this->expectException(AccessDeniedException::class);
$this->expectExceptionCode(114);
$this->remote->call('plugin.usermanager.createUser', $params);
}
public function testCreateUserFailMissingUser()
{
global $auth;
$auth = new AuthPlugin();
$params = [
'user' => '',
'password' => 'password1',
'name' => 'user one',
'mail' => 'user1@localhost',
'groups' => [
'user',
'test'
],
'notify' => false
];
$_SERVER['REMOTE_USER'] = 'admin';
$this->expectException(RemoteException::class);
$this->expectExceptionCode(401);
$this->remote->call('plugin.usermanager.createUser', $params);
}
public function testCreateUserFailMissingName()
{
global $auth;
$auth = new AuthPlugin();
$params = [
'user' => 'user1',
'password' => 'password1',
'name' => '',
'mail' => 'user1@localhost',
'groups' => [
'user',
'test'
],
'notify' => false
];
$_SERVER['REMOTE_USER'] = 'admin';
$this->expectException(RemoteException::class);
$this->expectExceptionCode(402);
$this->remote->call('plugin.usermanager.createUser', $params);
}
public function testCreateUserFailBadEmail()
{
global $auth;
$auth = new AuthPlugin();
$params = [
'user' => 'user1',
'password' => 'password1',
'name' => 'user one',
'mail' => 'This is not an email',
'groups' => [
'user',
'test'
],
'notify' => false
];
$_SERVER['REMOTE_USER'] = 'admin';
$this->expectException(RemoteException::class);
$this->expectExceptionCode(403);
$this->remote->call('plugin.usermanager.createUser', $params);
}
public function testCreateUserFailAuthCapability()
{
global $auth;
$auth = new AuthPlugin(['addUser' => false]);
$params = [
'user' => 'user1',
'password' => 'password1',
'name' => 'user one',
'mail' => 'user1@localhost',
'groups' => [
'user',
'test'
],
'notify' => false
];
$_SERVER['REMOTE_USER'] = 'admin';
$this->expectException(AccessDeniedException::class);
$this->expectExceptionCode(404);
$this->expectExceptionMessageMatches('/can\'t do addUser/');
$this->remote->call('plugin.usermanager.createUser', $params);
}
public function testDeleteUserSuccess()
{
global $auth;
$auth = new AuthPlugin();
$auth->users = [
'user1' => [
'pass' => 'password1',
'name' => 'user one',
'mail' => 'user1@localhost',
'grps' => [
'user',
'test'
]
],
'user2' => [
'pass' => 'password2',
'name' => 'user two',
'mail' => 'user2@localhost',
'grps' => [
'user',
'test'
]
],
];
$_SERVER['REMOTE_USER'] = 'admin';
$this->assertTrue($this->remote->call('plugin.usermanager.deleteUser', ['user' => 'user1']));
$this->assertArrayNotHasKey('user1', $auth->users);
$this->assertArrayHasKey('user2', $auth->users);
}
public function testDeleteUserFailNoExist()
{
global $auth;
$auth = new AuthPlugin();
$_SERVER['REMOTE_USER'] = 'admin';
$this->assertFalse($this->remote->call('plugin.usermanager.deleteUser', ['user' => 'user1']));
}
public function testDeleteUserFailAuthCapability()
{
global $auth;
$auth = new AuthPlugin(['delUser' => false]);
$_SERVER['REMOTE_USER'] = 'admin';
$this->expectException(AccessDeniedException::class);
$this->expectExceptionCode(404);
$this->expectExceptionMessageMatches('/can\'t do delUser/');
$this->remote->call('plugin.usermanager.deleteUser', ['user' => 'user1']);
}
}

13
lib/plugins/usermanager/remote.php
View File

@ -46,7 +46,7 @@ class remote_plugin_usermanager extends RemotePlugin
if (!$auth->canDo('addUser')) {
throw new AccessDeniedException(
sprintf('Authentication backend %s can\'t do addUser', $auth->getPluginName()),
114
404
);
}
@ -62,7 +62,7 @@ class remote_plugin_usermanager extends RemotePlugin
try {
$password = auth_pwgen($user);
} catch (\Exception $e) {
throw new RemoteException('Could not generate password', 404); // FIXME adjust code
throw new RemoteException('Could not generate password', 405);
}
}
@ -95,6 +95,15 @@ class remote_plugin_usermanager extends RemotePlugin
if (!auth_isadmin()) {
throw new AccessDeniedException('Only admins are allowed to delete users', 114);
}
global $auth;
if (!$auth->canDo('delUser')) {
throw new AccessDeniedException(
sprintf('Authentication backend %s can\'t do delUser', $auth->getPluginName()),
404
);
}
/** @var AuthPlugin $auth */
global $auth;
return (bool)$auth->triggerUserMod('delete', [[$user]]);