1cad27e80SAndreas Gohr<?php 2cad27e80SAndreas Gohr 3cad27e80SAndreas Gohrnamespace dokuwiki\plugin\usermanager\test; 4cad27e80SAndreas Gohr 5cad27e80SAndreas Gohruse dokuwiki\Remote\AccessDeniedException; 6cad27e80SAndreas Gohruse dokuwiki\Remote\Api; 7cad27e80SAndreas Gohruse dokuwiki\Remote\RemoteException; 8cad27e80SAndreas Gohruse DokuWikiTest; 9cad27e80SAndreas Gohr 10cad27e80SAndreas Gohr/** 11cad27e80SAndreas Gohr * Remote API tests for the usermanager plugin 12cad27e80SAndreas Gohr * 13cad27e80SAndreas Gohr * @group plugin_usermanager 14cad27e80SAndreas Gohr * @group plugins 15cad27e80SAndreas Gohr */ 16cad27e80SAndreas Gohrclass RemoteApiTest extends DokuWikiTest 17cad27e80SAndreas Gohr{ 18cad27e80SAndreas Gohr /** @var Api */ 19cad27e80SAndreas Gohr protected $remote; 20cad27e80SAndreas Gohr 21cad27e80SAndreas Gohr public function __construct() 22cad27e80SAndreas Gohr { 23cad27e80SAndreas Gohr parent::__construct(); 24cad27e80SAndreas Gohr $this->remote = new Api(); 25cad27e80SAndreas Gohr } 26cad27e80SAndreas Gohr 27cad27e80SAndreas Gohr public function setUp(): void 28cad27e80SAndreas Gohr { 29cad27e80SAndreas Gohr parent::setUp(); 30cad27e80SAndreas Gohr 31cad27e80SAndreas Gohr global $conf; 32cad27e80SAndreas Gohr $conf['remote'] = 1; 33*9866f251SAndreas Gohr $conf['useacl'] = 1; 34*9866f251SAndreas Gohr $conf['remoteuser'] = 'umtestuser, admin'; 35cad27e80SAndreas Gohr $conf['superuser'] = 'admin'; 36*9866f251SAndreas Gohr $_SERVER['REMOTE_USER'] = ''; 37cad27e80SAndreas Gohr } 38cad27e80SAndreas Gohr 39cad27e80SAndreas Gohr public function testCreateUserSuccess() 40cad27e80SAndreas Gohr { 41cad27e80SAndreas Gohr global $auth; 42cad27e80SAndreas Gohr $auth = new AuthPlugin(); 43cad27e80SAndreas Gohr 44cad27e80SAndreas Gohr $params = [ 45cad27e80SAndreas Gohr 'user' => 'user1', 46cad27e80SAndreas Gohr 'password' => 'password1', 47cad27e80SAndreas Gohr 'name' => 'user one', 48cad27e80SAndreas Gohr 'mail' => 'user1@localhost', 49cad27e80SAndreas Gohr 'groups' => [ 50cad27e80SAndreas Gohr 'user', 51cad27e80SAndreas Gohr 'test' 52cad27e80SAndreas Gohr ], 53cad27e80SAndreas Gohr 'notify' => false 54cad27e80SAndreas Gohr ]; 55cad27e80SAndreas Gohr 56cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'admin'; 57cad27e80SAndreas Gohr $this->assertTrue( 58cad27e80SAndreas Gohr $this->remote->call('plugin.usermanager.createUser', $params) 59cad27e80SAndreas Gohr ); 60cad27e80SAndreas Gohr $this->assertArrayHasKey('user1', $auth->users); 61cad27e80SAndreas Gohr 62cad27e80SAndreas Gohr // try again should fail, because user already exists 63cad27e80SAndreas Gohr $this->assertFalse( 64cad27e80SAndreas Gohr $this->remote->call('plugin.usermanager.createUser', $params) 65cad27e80SAndreas Gohr ); 66cad27e80SAndreas Gohr } 67cad27e80SAndreas Gohr 68cad27e80SAndreas Gohr public function testCreateUserFailAccess() 69cad27e80SAndreas Gohr { 70cad27e80SAndreas Gohr global $auth; 71cad27e80SAndreas Gohr $auth = new AuthPlugin(); 72cad27e80SAndreas Gohr 73cad27e80SAndreas Gohr $params = [ 74cad27e80SAndreas Gohr 'user' => 'user1', 75cad27e80SAndreas Gohr 'password' => 'password1', 76cad27e80SAndreas Gohr 'name' => 'user one', 77cad27e80SAndreas Gohr 'mail' => 'user1@localhost', 78cad27e80SAndreas Gohr 'groups' => [ 79cad27e80SAndreas Gohr 'user', 80cad27e80SAndreas Gohr 'test' 81cad27e80SAndreas Gohr ], 82cad27e80SAndreas Gohr 'notify' => false 83cad27e80SAndreas Gohr ]; 84cad27e80SAndreas Gohr 85*9866f251SAndreas Gohr $_SERVER['REMOTE_USER'] = 'umtestuser'; 86cad27e80SAndreas Gohr 87cad27e80SAndreas Gohr $this->expectException(AccessDeniedException::class); 88cad27e80SAndreas Gohr $this->expectExceptionCode(114); 89cad27e80SAndreas Gohr $this->remote->call('plugin.usermanager.createUser', $params); 90cad27e80SAndreas Gohr } 91cad27e80SAndreas Gohr 92cad27e80SAndreas Gohr public function testCreateUserFailMissingUser() 93cad27e80SAndreas Gohr { 94cad27e80SAndreas Gohr global $auth; 95cad27e80SAndreas Gohr $auth = new AuthPlugin(); 96cad27e80SAndreas Gohr 97cad27e80SAndreas Gohr $params = [ 98cad27e80SAndreas Gohr 'user' => '', 99cad27e80SAndreas Gohr 'password' => 'password1', 100cad27e80SAndreas Gohr 'name' => 'user one', 101cad27e80SAndreas Gohr 'mail' => 'user1@localhost', 102cad27e80SAndreas Gohr 'groups' => [ 103cad27e80SAndreas Gohr 'user', 104cad27e80SAndreas Gohr 'test' 105cad27e80SAndreas Gohr ], 106cad27e80SAndreas Gohr 'notify' => false 107cad27e80SAndreas Gohr ]; 108cad27e80SAndreas Gohr 109cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'admin'; 110cad27e80SAndreas Gohr 111cad27e80SAndreas Gohr $this->expectException(RemoteException::class); 112cad27e80SAndreas Gohr $this->expectExceptionCode(401); 113cad27e80SAndreas Gohr $this->remote->call('plugin.usermanager.createUser', $params); 114cad27e80SAndreas Gohr } 115cad27e80SAndreas Gohr 116cad27e80SAndreas Gohr public function testCreateUserFailMissingName() 117cad27e80SAndreas Gohr { 118cad27e80SAndreas Gohr global $auth; 119cad27e80SAndreas Gohr $auth = new AuthPlugin(); 120cad27e80SAndreas Gohr 121cad27e80SAndreas Gohr $params = [ 122cad27e80SAndreas Gohr 'user' => 'user1', 123cad27e80SAndreas Gohr 'password' => 'password1', 124cad27e80SAndreas Gohr 'name' => '', 125cad27e80SAndreas Gohr 'mail' => 'user1@localhost', 126cad27e80SAndreas Gohr 'groups' => [ 127cad27e80SAndreas Gohr 'user', 128cad27e80SAndreas Gohr 'test' 129cad27e80SAndreas Gohr ], 130cad27e80SAndreas Gohr 'notify' => false 131cad27e80SAndreas Gohr ]; 132cad27e80SAndreas Gohr 133cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'admin'; 134cad27e80SAndreas Gohr 135cad27e80SAndreas Gohr $this->expectException(RemoteException::class); 136cad27e80SAndreas Gohr $this->expectExceptionCode(402); 137cad27e80SAndreas Gohr $this->remote->call('plugin.usermanager.createUser', $params); 138cad27e80SAndreas Gohr } 139cad27e80SAndreas Gohr 140cad27e80SAndreas Gohr public function testCreateUserFailBadEmail() 141cad27e80SAndreas Gohr { 142cad27e80SAndreas Gohr global $auth; 143cad27e80SAndreas Gohr $auth = new AuthPlugin(); 144cad27e80SAndreas Gohr 145cad27e80SAndreas Gohr $params = [ 146cad27e80SAndreas Gohr 'user' => 'user1', 147cad27e80SAndreas Gohr 'password' => 'password1', 148cad27e80SAndreas Gohr 'name' => 'user one', 149cad27e80SAndreas Gohr 'mail' => 'This is not an email', 150cad27e80SAndreas Gohr 'groups' => [ 151cad27e80SAndreas Gohr 'user', 152cad27e80SAndreas Gohr 'test' 153cad27e80SAndreas Gohr ], 154cad27e80SAndreas Gohr 'notify' => false 155cad27e80SAndreas Gohr ]; 156cad27e80SAndreas Gohr 157cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'admin'; 158cad27e80SAndreas Gohr 159cad27e80SAndreas Gohr $this->expectException(RemoteException::class); 160cad27e80SAndreas Gohr $this->expectExceptionCode(403); 161cad27e80SAndreas Gohr $this->remote->call('plugin.usermanager.createUser', $params); 162cad27e80SAndreas Gohr } 163cad27e80SAndreas Gohr 164cad27e80SAndreas Gohr public function testCreateUserFailAuthCapability() 165cad27e80SAndreas Gohr { 166cad27e80SAndreas Gohr global $auth; 167cad27e80SAndreas Gohr $auth = new AuthPlugin(['addUser' => false]); 168cad27e80SAndreas Gohr 169cad27e80SAndreas Gohr $params = [ 170cad27e80SAndreas Gohr 'user' => 'user1', 171cad27e80SAndreas Gohr 'password' => 'password1', 172cad27e80SAndreas Gohr 'name' => 'user one', 173cad27e80SAndreas Gohr 'mail' => 'user1@localhost', 174cad27e80SAndreas Gohr 'groups' => [ 175cad27e80SAndreas Gohr 'user', 176cad27e80SAndreas Gohr 'test' 177cad27e80SAndreas Gohr ], 178cad27e80SAndreas Gohr 'notify' => false 179cad27e80SAndreas Gohr ]; 180cad27e80SAndreas Gohr 181cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'admin'; 182cad27e80SAndreas Gohr 183cad27e80SAndreas Gohr $this->expectException(AccessDeniedException::class); 184cad27e80SAndreas Gohr $this->expectExceptionCode(404); 185cad27e80SAndreas Gohr $this->expectExceptionMessageMatches('/can\'t do addUser/'); 186cad27e80SAndreas Gohr $this->remote->call('plugin.usermanager.createUser', $params); 187cad27e80SAndreas Gohr } 188cad27e80SAndreas Gohr 189cad27e80SAndreas Gohr public function testDeleteUserSuccess() 190cad27e80SAndreas Gohr { 191cad27e80SAndreas Gohr global $auth; 192cad27e80SAndreas Gohr $auth = new AuthPlugin(); 193cad27e80SAndreas Gohr $auth->users = [ 194cad27e80SAndreas Gohr 'user1' => [ 195cad27e80SAndreas Gohr 'pass' => 'password1', 196cad27e80SAndreas Gohr 'name' => 'user one', 197cad27e80SAndreas Gohr 'mail' => 'user1@localhost', 198cad27e80SAndreas Gohr 'grps' => [ 199cad27e80SAndreas Gohr 'user', 200cad27e80SAndreas Gohr 'test' 201cad27e80SAndreas Gohr ] 202cad27e80SAndreas Gohr ], 203cad27e80SAndreas Gohr 'user2' => [ 204cad27e80SAndreas Gohr 'pass' => 'password2', 205cad27e80SAndreas Gohr 'name' => 'user two', 206cad27e80SAndreas Gohr 'mail' => 'user2@localhost', 207cad27e80SAndreas Gohr 'grps' => [ 208cad27e80SAndreas Gohr 'user', 209cad27e80SAndreas Gohr 'test' 210cad27e80SAndreas Gohr ] 211cad27e80SAndreas Gohr ], 212cad27e80SAndreas Gohr ]; 213cad27e80SAndreas Gohr 214cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'admin'; 215cad27e80SAndreas Gohr 216cad27e80SAndreas Gohr $this->assertTrue($this->remote->call('plugin.usermanager.deleteUser', ['user' => 'user1'])); 217cad27e80SAndreas Gohr $this->assertArrayNotHasKey('user1', $auth->users); 218cad27e80SAndreas Gohr $this->assertArrayHasKey('user2', $auth->users); 219cad27e80SAndreas Gohr } 220cad27e80SAndreas Gohr 221*9866f251SAndreas Gohr public function testDeleteUserFailAccess() 222*9866f251SAndreas Gohr { 223*9866f251SAndreas Gohr global $auth; 224*9866f251SAndreas Gohr $auth = new AuthPlugin(); 225*9866f251SAndreas Gohr 226*9866f251SAndreas Gohr $_SERVER['REMOTE_USER'] = 'umtestuser'; 227*9866f251SAndreas Gohr 228*9866f251SAndreas Gohr $this->expectException(AccessDeniedException::class); 229*9866f251SAndreas Gohr $this->expectExceptionCode(114); 230*9866f251SAndreas Gohr $this->remote->call('plugin.usermanager.deleteUser', ['user' => 'user1']); 231*9866f251SAndreas Gohr } 232*9866f251SAndreas Gohr 233*9866f251SAndreas Gohr 234cad27e80SAndreas Gohr public function testDeleteUserFailNoExist() 235cad27e80SAndreas Gohr { 236cad27e80SAndreas Gohr global $auth; 237cad27e80SAndreas Gohr $auth = new AuthPlugin(); 238cad27e80SAndreas Gohr 239cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'admin'; 240cad27e80SAndreas Gohr 241cad27e80SAndreas Gohr $this->assertFalse($this->remote->call('plugin.usermanager.deleteUser', ['user' => 'user1'])); 242cad27e80SAndreas Gohr } 243cad27e80SAndreas Gohr 244cad27e80SAndreas Gohr public function testDeleteUserFailAuthCapability() 245cad27e80SAndreas Gohr { 246cad27e80SAndreas Gohr global $auth; 247cad27e80SAndreas Gohr $auth = new AuthPlugin(['delUser' => false]); 248cad27e80SAndreas Gohr 249cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'admin'; 250cad27e80SAndreas Gohr 251cad27e80SAndreas Gohr $this->expectException(AccessDeniedException::class); 252cad27e80SAndreas Gohr $this->expectExceptionCode(404); 253cad27e80SAndreas Gohr $this->expectExceptionMessageMatches('/can\'t do delUser/'); 254cad27e80SAndreas Gohr $this->remote->call('plugin.usermanager.deleteUser', ['user' => 'user1']); 255cad27e80SAndreas Gohr } 256cad27e80SAndreas Gohr} 257