1*cad27e80SAndreas Gohr<?php 2*cad27e80SAndreas Gohr 3*cad27e80SAndreas Gohrnamespace dokuwiki\plugin\usermanager\test; 4*cad27e80SAndreas Gohr 5*cad27e80SAndreas Gohruse dokuwiki\Remote\AccessDeniedException; 6*cad27e80SAndreas Gohruse dokuwiki\Remote\Api; 7*cad27e80SAndreas Gohruse dokuwiki\Remote\RemoteException; 8*cad27e80SAndreas Gohruse DokuWikiTest; 9*cad27e80SAndreas Gohr 10*cad27e80SAndreas Gohr/** 11*cad27e80SAndreas Gohr * Remote API tests for the usermanager plugin 12*cad27e80SAndreas Gohr * 13*cad27e80SAndreas Gohr * @group plugin_usermanager 14*cad27e80SAndreas Gohr * @group plugins 15*cad27e80SAndreas Gohr */ 16*cad27e80SAndreas Gohrclass RemoteApiTest extends DokuWikiTest 17*cad27e80SAndreas Gohr{ 18*cad27e80SAndreas Gohr /** @var Api */ 19*cad27e80SAndreas Gohr protected $remote; 20*cad27e80SAndreas Gohr 21*cad27e80SAndreas Gohr public function __construct() 22*cad27e80SAndreas Gohr { 23*cad27e80SAndreas Gohr parent::__construct(); 24*cad27e80SAndreas Gohr $this->remote = new Api(); 25*cad27e80SAndreas Gohr } 26*cad27e80SAndreas Gohr 27*cad27e80SAndreas Gohr public function setUp(): void 28*cad27e80SAndreas Gohr { 29*cad27e80SAndreas Gohr parent::setUp(); 30*cad27e80SAndreas Gohr 31*cad27e80SAndreas Gohr global $conf; 32*cad27e80SAndreas Gohr $conf['remote'] = 1; 33*cad27e80SAndreas Gohr $conf['remoteuser'] = 'testuser, admin'; 34*cad27e80SAndreas Gohr $conf['superuser'] = 'admin'; 35*cad27e80SAndreas Gohr } 36*cad27e80SAndreas Gohr 37*cad27e80SAndreas Gohr public function testCreateUserSuccess() 38*cad27e80SAndreas Gohr { 39*cad27e80SAndreas Gohr global $auth; 40*cad27e80SAndreas Gohr $auth = new AuthPlugin(); 41*cad27e80SAndreas Gohr 42*cad27e80SAndreas Gohr $params = [ 43*cad27e80SAndreas Gohr 'user' => 'user1', 44*cad27e80SAndreas Gohr 'password' => 'password1', 45*cad27e80SAndreas Gohr 'name' => 'user one', 46*cad27e80SAndreas Gohr 'mail' => 'user1@localhost', 47*cad27e80SAndreas Gohr 'groups' => [ 48*cad27e80SAndreas Gohr 'user', 49*cad27e80SAndreas Gohr 'test' 50*cad27e80SAndreas Gohr ], 51*cad27e80SAndreas Gohr 'notify' => false 52*cad27e80SAndreas Gohr ]; 53*cad27e80SAndreas Gohr 54*cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'admin'; 55*cad27e80SAndreas Gohr $this->assertTrue( 56*cad27e80SAndreas Gohr $this->remote->call('plugin.usermanager.createUser', $params) 57*cad27e80SAndreas Gohr ); 58*cad27e80SAndreas Gohr $this->assertArrayHasKey('user1', $auth->users); 59*cad27e80SAndreas Gohr 60*cad27e80SAndreas Gohr // try again should fail, because user already exists 61*cad27e80SAndreas Gohr $this->assertFalse( 62*cad27e80SAndreas Gohr $this->remote->call('plugin.usermanager.createUser', $params) 63*cad27e80SAndreas Gohr ); 64*cad27e80SAndreas Gohr } 65*cad27e80SAndreas Gohr 66*cad27e80SAndreas Gohr public function testCreateUserFailAccess() 67*cad27e80SAndreas Gohr { 68*cad27e80SAndreas Gohr global $auth; 69*cad27e80SAndreas Gohr $auth = new AuthPlugin(); 70*cad27e80SAndreas Gohr 71*cad27e80SAndreas Gohr $params = [ 72*cad27e80SAndreas Gohr 'user' => 'user1', 73*cad27e80SAndreas Gohr 'password' => 'password1', 74*cad27e80SAndreas Gohr 'name' => 'user one', 75*cad27e80SAndreas Gohr 'mail' => 'user1@localhost', 76*cad27e80SAndreas Gohr 'groups' => [ 77*cad27e80SAndreas Gohr 'user', 78*cad27e80SAndreas Gohr 'test' 79*cad27e80SAndreas Gohr ], 80*cad27e80SAndreas Gohr 'notify' => false 81*cad27e80SAndreas Gohr ]; 82*cad27e80SAndreas Gohr 83*cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'testuser'; 84*cad27e80SAndreas Gohr 85*cad27e80SAndreas Gohr $this->expectException(AccessDeniedException::class); 86*cad27e80SAndreas Gohr $this->expectExceptionCode(114); 87*cad27e80SAndreas Gohr $this->remote->call('plugin.usermanager.createUser', $params); 88*cad27e80SAndreas Gohr } 89*cad27e80SAndreas Gohr 90*cad27e80SAndreas Gohr public function testCreateUserFailMissingUser() 91*cad27e80SAndreas Gohr { 92*cad27e80SAndreas Gohr global $auth; 93*cad27e80SAndreas Gohr $auth = new AuthPlugin(); 94*cad27e80SAndreas Gohr 95*cad27e80SAndreas Gohr $params = [ 96*cad27e80SAndreas Gohr 'user' => '', 97*cad27e80SAndreas Gohr 'password' => 'password1', 98*cad27e80SAndreas Gohr 'name' => 'user one', 99*cad27e80SAndreas Gohr 'mail' => 'user1@localhost', 100*cad27e80SAndreas Gohr 'groups' => [ 101*cad27e80SAndreas Gohr 'user', 102*cad27e80SAndreas Gohr 'test' 103*cad27e80SAndreas Gohr ], 104*cad27e80SAndreas Gohr 'notify' => false 105*cad27e80SAndreas Gohr ]; 106*cad27e80SAndreas Gohr 107*cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'admin'; 108*cad27e80SAndreas Gohr 109*cad27e80SAndreas Gohr $this->expectException(RemoteException::class); 110*cad27e80SAndreas Gohr $this->expectExceptionCode(401); 111*cad27e80SAndreas Gohr $this->remote->call('plugin.usermanager.createUser', $params); 112*cad27e80SAndreas Gohr } 113*cad27e80SAndreas Gohr 114*cad27e80SAndreas Gohr public function testCreateUserFailMissingName() 115*cad27e80SAndreas Gohr { 116*cad27e80SAndreas Gohr global $auth; 117*cad27e80SAndreas Gohr $auth = new AuthPlugin(); 118*cad27e80SAndreas Gohr 119*cad27e80SAndreas Gohr $params = [ 120*cad27e80SAndreas Gohr 'user' => 'user1', 121*cad27e80SAndreas Gohr 'password' => 'password1', 122*cad27e80SAndreas Gohr 'name' => '', 123*cad27e80SAndreas Gohr 'mail' => 'user1@localhost', 124*cad27e80SAndreas Gohr 'groups' => [ 125*cad27e80SAndreas Gohr 'user', 126*cad27e80SAndreas Gohr 'test' 127*cad27e80SAndreas Gohr ], 128*cad27e80SAndreas Gohr 'notify' => false 129*cad27e80SAndreas Gohr ]; 130*cad27e80SAndreas Gohr 131*cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'admin'; 132*cad27e80SAndreas Gohr 133*cad27e80SAndreas Gohr $this->expectException(RemoteException::class); 134*cad27e80SAndreas Gohr $this->expectExceptionCode(402); 135*cad27e80SAndreas Gohr $this->remote->call('plugin.usermanager.createUser', $params); 136*cad27e80SAndreas Gohr } 137*cad27e80SAndreas Gohr 138*cad27e80SAndreas Gohr public function testCreateUserFailBadEmail() 139*cad27e80SAndreas Gohr { 140*cad27e80SAndreas Gohr global $auth; 141*cad27e80SAndreas Gohr $auth = new AuthPlugin(); 142*cad27e80SAndreas Gohr 143*cad27e80SAndreas Gohr $params = [ 144*cad27e80SAndreas Gohr 'user' => 'user1', 145*cad27e80SAndreas Gohr 'password' => 'password1', 146*cad27e80SAndreas Gohr 'name' => 'user one', 147*cad27e80SAndreas Gohr 'mail' => 'This is not an email', 148*cad27e80SAndreas Gohr 'groups' => [ 149*cad27e80SAndreas Gohr 'user', 150*cad27e80SAndreas Gohr 'test' 151*cad27e80SAndreas Gohr ], 152*cad27e80SAndreas Gohr 'notify' => false 153*cad27e80SAndreas Gohr ]; 154*cad27e80SAndreas Gohr 155*cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'admin'; 156*cad27e80SAndreas Gohr 157*cad27e80SAndreas Gohr $this->expectException(RemoteException::class); 158*cad27e80SAndreas Gohr $this->expectExceptionCode(403); 159*cad27e80SAndreas Gohr $this->remote->call('plugin.usermanager.createUser', $params); 160*cad27e80SAndreas Gohr } 161*cad27e80SAndreas Gohr 162*cad27e80SAndreas Gohr public function testCreateUserFailAuthCapability() 163*cad27e80SAndreas Gohr { 164*cad27e80SAndreas Gohr global $auth; 165*cad27e80SAndreas Gohr $auth = new AuthPlugin(['addUser' => false]); 166*cad27e80SAndreas Gohr 167*cad27e80SAndreas Gohr $params = [ 168*cad27e80SAndreas Gohr 'user' => 'user1', 169*cad27e80SAndreas Gohr 'password' => 'password1', 170*cad27e80SAndreas Gohr 'name' => 'user one', 171*cad27e80SAndreas Gohr 'mail' => 'user1@localhost', 172*cad27e80SAndreas Gohr 'groups' => [ 173*cad27e80SAndreas Gohr 'user', 174*cad27e80SAndreas Gohr 'test' 175*cad27e80SAndreas Gohr ], 176*cad27e80SAndreas Gohr 'notify' => false 177*cad27e80SAndreas Gohr ]; 178*cad27e80SAndreas Gohr 179*cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'admin'; 180*cad27e80SAndreas Gohr 181*cad27e80SAndreas Gohr $this->expectException(AccessDeniedException::class); 182*cad27e80SAndreas Gohr $this->expectExceptionCode(404); 183*cad27e80SAndreas Gohr $this->expectExceptionMessageMatches('/can\'t do addUser/'); 184*cad27e80SAndreas Gohr $this->remote->call('plugin.usermanager.createUser', $params); 185*cad27e80SAndreas Gohr } 186*cad27e80SAndreas Gohr 187*cad27e80SAndreas Gohr public function testDeleteUserSuccess() 188*cad27e80SAndreas Gohr { 189*cad27e80SAndreas Gohr global $auth; 190*cad27e80SAndreas Gohr $auth = new AuthPlugin(); 191*cad27e80SAndreas Gohr $auth->users = [ 192*cad27e80SAndreas Gohr 'user1' => [ 193*cad27e80SAndreas Gohr 'pass' => 'password1', 194*cad27e80SAndreas Gohr 'name' => 'user one', 195*cad27e80SAndreas Gohr 'mail' => 'user1@localhost', 196*cad27e80SAndreas Gohr 'grps' => [ 197*cad27e80SAndreas Gohr 'user', 198*cad27e80SAndreas Gohr 'test' 199*cad27e80SAndreas Gohr ] 200*cad27e80SAndreas Gohr ], 201*cad27e80SAndreas Gohr 'user2' => [ 202*cad27e80SAndreas Gohr 'pass' => 'password2', 203*cad27e80SAndreas Gohr 'name' => 'user two', 204*cad27e80SAndreas Gohr 'mail' => 'user2@localhost', 205*cad27e80SAndreas Gohr 'grps' => [ 206*cad27e80SAndreas Gohr 'user', 207*cad27e80SAndreas Gohr 'test' 208*cad27e80SAndreas Gohr ] 209*cad27e80SAndreas Gohr ], 210*cad27e80SAndreas Gohr ]; 211*cad27e80SAndreas Gohr 212*cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'admin'; 213*cad27e80SAndreas Gohr 214*cad27e80SAndreas Gohr $this->assertTrue($this->remote->call('plugin.usermanager.deleteUser', ['user' => 'user1'])); 215*cad27e80SAndreas Gohr $this->assertArrayNotHasKey('user1', $auth->users); 216*cad27e80SAndreas Gohr $this->assertArrayHasKey('user2', $auth->users); 217*cad27e80SAndreas Gohr } 218*cad27e80SAndreas Gohr 219*cad27e80SAndreas Gohr public function testDeleteUserFailNoExist() 220*cad27e80SAndreas Gohr { 221*cad27e80SAndreas Gohr global $auth; 222*cad27e80SAndreas Gohr $auth = new AuthPlugin(); 223*cad27e80SAndreas Gohr 224*cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'admin'; 225*cad27e80SAndreas Gohr 226*cad27e80SAndreas Gohr $this->assertFalse($this->remote->call('plugin.usermanager.deleteUser', ['user' => 'user1'])); 227*cad27e80SAndreas Gohr } 228*cad27e80SAndreas Gohr 229*cad27e80SAndreas Gohr public function testDeleteUserFailAuthCapability() 230*cad27e80SAndreas Gohr { 231*cad27e80SAndreas Gohr global $auth; 232*cad27e80SAndreas Gohr $auth = new AuthPlugin(['delUser' => false]); 233*cad27e80SAndreas Gohr 234*cad27e80SAndreas Gohr $_SERVER['REMOTE_USER'] = 'admin'; 235*cad27e80SAndreas Gohr 236*cad27e80SAndreas Gohr $this->expectException(AccessDeniedException::class); 237*cad27e80SAndreas Gohr $this->expectExceptionCode(404); 238*cad27e80SAndreas Gohr $this->expectExceptionMessageMatches('/can\'t do delUser/'); 239*cad27e80SAndreas Gohr $this->remote->call('plugin.usermanager.deleteUser', ['user' => 'user1']); 240*cad27e80SAndreas Gohr } 241*cad27e80SAndreas Gohr} 242