Added tests on some security related classes.

2025-06-23 10:18:56 +02:00 · 2019-11-10 14:49:09 +01:00 · 2019-11-10 14:49:09 +01:00 · bf8455fa42
commit bf8455fa42
parent 6ddc937ec5
6 changed files with 169 additions and 38 deletions
--- a/src/Repository/UserRepository.php
+++ b/src/Repository/UserRepository.php
@ -49,33 +49,4 @@ class UserRepository extends ServiceEntityRepository
                'id' => User::ID_ANONYMOUS,
            ]);
    }
    // /**
    //  * @return User[] Returns an array of User objects
    //  */
    /*
    public function findByExampleField($value)
    {
        return $this->createQueryBuilder('u')
            ->andWhere('u.exampleField = :val')
            ->setParameter('val', $value)
            ->orderBy('u.id', 'ASC')
            ->setMaxResults(10)
            ->getQuery()
            ->getResult()
        ;
    }
    */
    /*
    public function findOneBySomeField($value): ?User
    {
        return $this->createQueryBuilder('u')
            ->andWhere('u.exampleField = :val')
            ->setParameter('val', $value)
            ->getQuery()
            ->getOneOrNullResult()
        ;
    }
    */
 }
--- a/src/Security/Annotations/ColumnSecurity.php
+++ b/src/Security/Annotations/ColumnSecurity.php
@ -89,9 +89,10 @@ class ColumnSecurity
            if ($object instanceof NamedDBElement) {
                if (\is_string($this->placeholder) && '' !== $this->placeholder) {
                    $object->setName($this->placeholder);
-                }
+                } else {
                    $object->setName('???');
                }
            }
            return $object;
        }
@ -99,6 +100,7 @@ class ColumnSecurity
        if (null === $this->placeholder) {
            switch ($this->type) {
                case 'integer':
                case 'int':
                    return 0;
                case 'float':
                    return 0.0;
@ -109,11 +111,10 @@ class ColumnSecurity
                case 'collection':
                    return new ArrayCollection();
                case 'boolean':
                case 'bool':
                    return false;
                case 'datetime':
-                    $date = new \DateTime();
+                    return (new \DateTime())->setTimestamp(0);
                    return $date->setTimestamp(0);
                default:
                    throw new InvalidArgumentException('Unknown type! You have to specify a placeholder!');
            }
--- a/src/Security/UserChecker.php
+++ b/src/Security/UserChecker.php
@ -30,11 +30,9 @@ use Symfony\Contracts\Translation\TranslatorInterface;
 class UserChecker implements UserCheckerInterface
 {
-    protected $translator;
+    public function __construct()
    public function __construct(TranslatorInterface $translator)
    {
-        $this->translator = $translator;
+
    }
    /**
--- a/src/Security/Voter/ExtendedVoter.php
+++ b/src/Security/Voter/ExtendedVoter.php
@ -56,7 +56,8 @@ abstract class ExtendedVoter extends Voter
        // if the user is anonymous, we use the anonymous user.
        if (!$user instanceof User) {
-            $user = $this->entityManager->find(User::class, User::ID_ANONYMOUS);
+            $repo = $this->entityManager->getRepository(User::class);
            $user = $repo->getAnonymousUser();
            if (null === $user) {
                return false;
            }
@ -71,6 +72,7 @@ abstract class ExtendedVoter extends Voter
     *
     * @param $attribute
     * @param $subject
     * @return bool
     */
    abstract protected function voteOnUser($attribute, $subject, User $user): bool;
 }
--- a/tests/Security/Annotations/ColumnSecurityTest.php
+++ b/tests/Security/Annotations/ColumnSecurityTest.php
@ -0,0 +1,107 @@
 <?php
 /**
 * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
 *
 * Copyright (C) 2019 Jan Böhmer (https://github.com/jbtronics)
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
 */
 namespace App\Tests\Security\Annotations;
 use App\Entity\Attachments\AttachmentType;
 use App\Security\Annotations\ColumnSecurity;
 use PHPUnit\Framework\TestCase;
 class ColumnSecurityTest extends TestCase
 {
    public function testGetReadOperation()
    {
        $annotation = new ColumnSecurity();
        $this->assertEquals('read', $annotation->getReadOperationName(), 'A new annotation must return read');
        $annotation->read = 'overwritten';
        $this->assertEquals('overwritten', $annotation->getReadOperationName());
        $annotation->prefix = 'prefix';
        $this->assertEquals('prefix.overwritten', $annotation->getReadOperationName());
    }
    public function testGetEditOperation()
    {
        $annotation = new ColumnSecurity();
        $this->assertEquals('edit', $annotation->getEditOperationName(), 'A new annotation must return read');
        $annotation->edit = 'overwritten';
        $this->assertEquals('overwritten', $annotation->getEditOperationName());
        $annotation->prefix = 'prefix';
        $this->assertEquals('prefix.overwritten', $annotation->getEditOperationName());
    }
    public function placeholderScalarDataProvider() : array
    {
        return [
            ['string', '???'],
            ['integer', 0],
            ['int', 0],
            ['float', 0.0],
            ['object', null],
            ['bool', false],
            ['boolean', false],
            //['datetime', (new \DateTime())->setTimestamp(0)]
        ];
    }
    /**
     * @dataProvider placeholderScalarDataProvider
     * @param string $type
     * @param $expected_value
     */
    public function testGetPlaceholderScalar(string $type, $expected_value)
    {
        $annotation = new ColumnSecurity();
        $annotation->type = $type;
        $this->assertEquals($expected_value, $annotation->getPlaceholder());
    }
    public function testGetPlaceholderSpecifiedValue()
    {
        $annotation = new ColumnSecurity();
        $annotation->placeholder = 3434;
        $this->assertEquals(3434, $annotation->getPlaceholder());
        $annotation->placeholder = [323];
        $this->assertCount(1, $annotation->getPlaceholder());
        //If a placeholder is specified we allow every type
        $annotation->type = "type2";
        $annotation->placeholder = 'invalid';
        $this->assertEquals('invalid', $annotation->getPlaceholder());
    }
    public function testGetPlaceholderDBElement()
    {
        $annotation = new ColumnSecurity();
        $annotation->type = AttachmentType::class;
        /** @var AttachmentType $placeholder */
        $placeholder = $annotation->getPlaceholder();
        $this->assertInstanceOf(AttachmentType::class, $placeholder);
        $this->assertEquals('???', $placeholder->getName());
        $annotation->placeholder = 'test';
        $placeholder = $annotation->getPlaceholder();
        $this->assertInstanceOf(AttachmentType::class, $placeholder);
        $this->assertEquals('test', $placeholder->getName());
    }
 }
--- a/tests/Security/UserCheckerTest.php
+++ b/tests/Security/UserCheckerTest.php
@ -0,0 +1,52 @@
 <?php
 /**
 * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
 *
 * Copyright (C) 2019 Jan Böhmer (https://github.com/jbtronics)
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
 */
 namespace App\Tests\Security;
 use App\Entity\UserSystem\User;
 use App\Security\UserChecker;
 use PHPUnit\Framework\TestCase;
 use Symfony\Component\Security\Core\Exception\DisabledException;
 class UserCheckerTest extends TestCase
 {
    protected $service;
    public function setUp()
    {
        $this->service = new UserChecker();
    }
    public function testThrowDisabledException()
    {
        $user = new User();
        $user->setDisabled(false);
        //An user that is not disabled should not throw an exception
        $this->service->checkPostAuth($user);
        //An disabled user must throw an exception
        $user->setDisabled(true);
        $this->expectException(DisabledException::class);
        $this->service->checkPostAuth($user);
    }
 }