xref: /dokuwiki/lib/plugins/usermanager/_test/RemoteApiTest.php (revision cad27e80a983b270a13cd79a42d90d4e82d90c83) 
1<?php
2
3namespace dokuwiki\plugin\usermanager\test;
4
5use dokuwiki\Remote\AccessDeniedException;
6use dokuwiki\Remote\Api;
7use dokuwiki\Remote\RemoteException;
8use DokuWikiTest;
9
10/**
11 * Remote API tests for the usermanager plugin
12 *
13 * @group plugin_usermanager
14 * @group plugins
15 */
16class RemoteApiTest extends DokuWikiTest
17{
18    /** @var  Api */
19    protected $remote;
20
21    public function __construct()
22    {
23        parent::__construct();
24        $this->remote = new Api();
25    }
26
27    public function setUp(): void
28    {
29        parent::setUp();
30
31        global $conf;
32        $conf['remote'] = 1;
33        $conf['remoteuser'] = 'testuser, admin';
34        $conf['superuser'] = 'admin';
35    }
36
37    public function testCreateUserSuccess()
38    {
39        global $auth;
40        $auth = new AuthPlugin();
41
42        $params = [
43            'user' => 'user1',
44            'password' => 'password1',
45            'name' => 'user one',
46            'mail' => 'user1@localhost',
47            'groups' => [
48                'user',
49                'test'
50            ],
51            'notify' => false
52        ];
53
54        $_SERVER['REMOTE_USER'] = 'admin';
55        $this->assertTrue(
56            $this->remote->call('plugin.usermanager.createUser', $params)
57        );
58        $this->assertArrayHasKey('user1', $auth->users);
59
60        // try again should fail, because user already exists
61        $this->assertFalse(
62            $this->remote->call('plugin.usermanager.createUser', $params)
63        );
64    }
65
66    public function testCreateUserFailAccess()
67    {
68        global $auth;
69        $auth = new AuthPlugin();
70
71        $params = [
72            'user' => 'user1',
73            'password' => 'password1',
74            'name' => 'user one',
75            'mail' => 'user1@localhost',
76            'groups' => [
77                'user',
78                'test'
79            ],
80            'notify' => false
81        ];
82
83        $_SERVER['REMOTE_USER'] = 'testuser';
84
85        $this->expectException(AccessDeniedException::class);
86        $this->expectExceptionCode(114);
87        $this->remote->call('plugin.usermanager.createUser', $params);
88    }
89
90    public function testCreateUserFailMissingUser()
91    {
92        global $auth;
93        $auth = new AuthPlugin();
94
95        $params = [
96            'user' => '',
97            'password' => 'password1',
98            'name' => 'user one',
99            'mail' => 'user1@localhost',
100            'groups' => [
101                'user',
102                'test'
103            ],
104            'notify' => false
105        ];
106
107        $_SERVER['REMOTE_USER'] = 'admin';
108
109        $this->expectException(RemoteException::class);
110        $this->expectExceptionCode(401);
111        $this->remote->call('plugin.usermanager.createUser', $params);
112    }
113
114    public function testCreateUserFailMissingName()
115    {
116        global $auth;
117        $auth = new AuthPlugin();
118
119        $params = [
120            'user' => 'user1',
121            'password' => 'password1',
122            'name' => '',
123            'mail' => 'user1@localhost',
124            'groups' => [
125                'user',
126                'test'
127            ],
128            'notify' => false
129        ];
130
131        $_SERVER['REMOTE_USER'] = 'admin';
132
133        $this->expectException(RemoteException::class);
134        $this->expectExceptionCode(402);
135        $this->remote->call('plugin.usermanager.createUser', $params);
136    }
137
138    public function testCreateUserFailBadEmail()
139    {
140        global $auth;
141        $auth = new AuthPlugin();
142
143        $params = [
144            'user' => 'user1',
145            'password' => 'password1',
146            'name' => 'user one',
147            'mail' => 'This is not an email',
148            'groups' => [
149                'user',
150                'test'
151            ],
152            'notify' => false
153        ];
154
155        $_SERVER['REMOTE_USER'] = 'admin';
156
157        $this->expectException(RemoteException::class);
158        $this->expectExceptionCode(403);
159        $this->remote->call('plugin.usermanager.createUser', $params);
160    }
161
162    public function testCreateUserFailAuthCapability()
163    {
164        global $auth;
165        $auth = new AuthPlugin(['addUser' => false]);
166
167        $params = [
168            'user' => 'user1',
169            'password' => 'password1',
170            'name' => 'user one',
171            'mail' => 'user1@localhost',
172            'groups' => [
173                'user',
174                'test'
175            ],
176            'notify' => false
177        ];
178
179        $_SERVER['REMOTE_USER'] = 'admin';
180
181        $this->expectException(AccessDeniedException::class);
182        $this->expectExceptionCode(404);
183        $this->expectExceptionMessageMatches('/can\'t do addUser/');
184        $this->remote->call('plugin.usermanager.createUser', $params);
185    }
186
187    public function testDeleteUserSuccess()
188    {
189        global $auth;
190        $auth = new AuthPlugin();
191        $auth->users = [
192            'user1' => [
193                'pass' => 'password1',
194                'name' => 'user one',
195                'mail' => 'user1@localhost',
196                'grps' => [
197                    'user',
198                    'test'
199                ]
200            ],
201            'user2' => [
202                'pass' => 'password2',
203                'name' => 'user two',
204                'mail' => 'user2@localhost',
205                'grps' => [
206                    'user',
207                    'test'
208                ]
209            ],
210        ];
211
212        $_SERVER['REMOTE_USER'] = 'admin';
213
214        $this->assertTrue($this->remote->call('plugin.usermanager.deleteUser', ['user' => 'user1']));
215        $this->assertArrayNotHasKey('user1', $auth->users);
216        $this->assertArrayHasKey('user2', $auth->users);
217    }
218
219    public function testDeleteUserFailNoExist()
220    {
221        global $auth;
222        $auth = new AuthPlugin();
223
224        $_SERVER['REMOTE_USER'] = 'admin';
225
226        $this->assertFalse($this->remote->call('plugin.usermanager.deleteUser', ['user' => 'user1']));
227    }
228
229    public function testDeleteUserFailAuthCapability()
230    {
231        global $auth;
232        $auth = new AuthPlugin(['delUser' => false]);
233
234        $_SERVER['REMOTE_USER'] = 'admin';
235
236        $this->expectException(AccessDeniedException::class);
237        $this->expectExceptionCode(404);
238        $this->expectExceptionMessageMatches('/can\'t do delUser/');
239        $this->remote->call('plugin.usermanager.deleteUser', ['user' => 'user1']);
240    }
241}
242