0
0
Fork 0
mirror of https://github.com/kevinpapst/kimai2.git synced 2025-01-26 17:58:54 +00:00
kevinpapst_kimai2/tests/Controller/Security/SelfRegistrationControllerTest.php
2024-12-22 01:25:30 +01:00

225 lines
9 KiB
PHP
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
/*
* This file is part of the Kimai time-tracking app.
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace App\Tests\Controller\Security;
use App\Entity\User;
use App\Tests\Controller\AbstractControllerBaseTestCase;
use Symfony\Bundle\FrameworkBundle\KernelBrowser;
/**
* @group integration
*/
class SelfRegistrationControllerTest extends AbstractControllerBaseTestCase
{
private function assertRegisterActionWithDeactivatedFeature(string $route): void
{
$client = self::createClient();
$this->setSystemConfiguration('user.registration', false);
$this->request($client, $route);
$this->assertRouteNotFound($client);
}
public function testRegisterWithDeactivatedFeature(): void
{
$this->assertRegisterActionWithDeactivatedFeature('/register/');
}
public function testCheckEmailWithDeactivatedFeature(): void
{
$this->assertRegisterActionWithDeactivatedFeature('/register/check-email');
}
public function testConfirmWithDeactivatedFeature(): void
{
$this->assertRegisterActionWithDeactivatedFeature('/register/confirm/123123');
}
public function testConfirmedWithDeactivatedFeature(): void
{
$this->assertRegisterActionWithDeactivatedFeature('/register/confirmed');
}
public function testRegisterAccountPageIsRendered(): void
{
$client = self::createClient();
$this->setSystemConfiguration('user.registration', true);
$this->request($client, '/register/');
$response = $client->getResponse();
self::assertTrue($response->isSuccessful());
$content = $response->getContent();
self::assertStringContainsString('<title>Kimai Time Tracking</title>', $content);
self::assertStringContainsString('Register a new account', $content);
self::assertStringContainsString('<form name="user_registration_form" method="post" action="/en/register/"', $content);
self::assertStringContainsString('<input type="email"', $content);
self::assertStringContainsString('id="user_registration_form_email" name="user_registration_form[email]" required="required"', $content);
self::assertStringContainsString('<input type="text"', $content);
self::assertStringContainsString('id="user_registration_form_username" name="user_registration_form[username]" required="required" maxlength="64" pattern="', $content);
self::assertStringContainsString('<input type="password"', $content);
self::assertStringContainsString('id="user_registration_form_plainPassword_first" name="user_registration_form[plainPassword][first]" required="required"', $content);
self::assertStringContainsString('id="user_registration_form_plainPassword_second" name="user_registration_form[plainPassword][second]" required="required"', $content);
self::assertStringContainsString('<input type="hidden"', $content);
self::assertStringContainsString('id="user_registration_form__token" name="user_registration_form[_token]"', $content);
self::assertStringContainsString('>Register</button>', $content);
}
private function createUser(KernelBrowser $client, string $username, string $email, string $password): User
{
$this->setSystemConfiguration('user.registration', true);
$this->request($client, '/register/');
$response = $client->getResponse();
self::assertTrue($response->isSuccessful());
$form = $client->getCrawler()->filter('form[name=user_registration_form]')->form();
$client->submit($form, [
'user_registration_form' => [
'email' => $email,
'username' => $username,
'plainPassword' => [
'first' => $password,
'second' => $password,
],
]
]);
$this->assertIsRedirect($client, $this->createUrl('/register/check-email'));
$client->followRedirect();
self::assertTrue($client->getResponse()->isSuccessful());
return $this->loadUserFromDatabase($username);
}
public function testCheckEmailWithoutEmail(): void
{
$client = self::createClient();
$this->setSystemConfiguration('user.registration', true);
$this->request($client, '/register/check-email');
$this->assertIsRedirect($client, $this->createUrl('/register/'));
$client->followRedirect();
self::assertTrue($client->getResponse()->isSuccessful());
}
public function testRegisterAccount(): void
{
$client = self::createClient();
$this->createUser($client, 'example', 'register@example.com', 'test1234');
$content = $client->getResponse()->getContent();
self::assertStringContainsString('<title>Kimai Time Tracking</title>', $content);
self::assertStringContainsString('An e-mail has been sent to register@example.com. It contains a link you must click to activate your account.', $content);
self::assertStringContainsString('<a href="/en/login">', $content);
}
public function testConfirmWithInvalidToken(): void
{
$client = self::createClient();
$this->setSystemConfiguration('user.registration', true);
$this->request($client, '/register/confirm/1234567890');
$this->assertIsRedirect($client, $this->createUrl('/login'));
$client->followRedirect();
self::assertTrue($client->getResponse()->isSuccessful());
}
public function testConfirmAccount(): void
{
$client = self::createClient();
$user = $this->createUser($client, 'example', 'register@example.com', 'test1234');
$token = $user->getConfirmationToken();
self::assertNotEmpty($token);
self::assertFalse($user->isEnabled());
$this->request($client, '/register/confirm/' . $token);
$this->assertIsRedirect($client, $this->createUrl('/register/confirmed'));
$client->followRedirect();
self::assertTrue($client->getResponse()->isSuccessful());
$content = $client->getResponse()->getContent();
self::assertStringContainsString('Congratulations example, your account is now activated.', $content);
$user = $this->loadUserFromDatabase('example');
self::assertTrue($user->isEnabled());
}
public function testConfirmedAnonymousRedirectsToLogin(): void
{
$client = self::createClient();
$this->setSystemConfiguration('user.registration', true);
$this->request($client, '/register/confirmed');
// AccessDeniedException redirects to login
$this->assertIsRedirect($client, $this->createUrl('/login'));
$client->followRedirect();
self::assertTrue($client->getResponse()->isSuccessful());
}
/**
* @dataProvider getValidationTestData
*/
public function testRegisterActionWithValidationProblems(array $formData, array $validationFields): void
{
$client = self::createClient();
$this->setSystemConfiguration('user.registration', true);
$this->assertHasValidationError($client, '/register/', 'form[name=user_registration_form]', $formData, $validationFields);
}
public static function getValidationTestData(): array // @phpstan-ignore missingType.iterableValue
{
return [
[
// invalid fields: username, password_second, email
[
'user_registration_form' => [
'username' => '',
'plainPassword' => ['first' => 'sdfsdf123'],
'email' => '',
]
],
[
'#user_registration_form_username',
'#user_registration_form_plainPassword_first',
'#user_registration_form_email',
]
],
// invalid fields: username, password, email
[
[
'user_registration_form' => [
'username' => 'x',
'plainPassword' => ['first' => 'sdfsdf123', 'second' => 'sdfxxxxxxx'],
'email' => 'ydfbvsdfgs',
]
],
[
'#user_registration_form_username',
'#user_registration_form_plainPassword_first',
'#user_registration_form_email',
]
],
// invalid fields: password (too short)
[
[
'user_registration_form' => [
'username' => 'test123',
'plainPassword' => ['first' => 'test123', 'second' => 'test123'],
'email' => 'ydfbvsdfgs@example.com',
]
],
[
'#user_registration_form_plainPassword_first',
]
],
];
}
}