Rewrite of session management
This commit is contained in:
Frederic Guillot
@@ -2,7 +2,6 @@
|
||||
|
||||
require_once __DIR__.'/../Base.php';
|
||||
|
||||
use Kanboard\Core\Session;
|
||||
use Kanboard\Model\Acl;
|
||||
use Kanboard\Model\Project;
|
||||
use Kanboard\Model\ProjectPermission;
|
||||
@@ -86,8 +85,6 @@ class AclTest extends Base
|
||||
public function testPageAccessNoSession()
|
||||
{
|
||||
$acl = new Acl($this->container);
|
||||
$session = new Session;
|
||||
$session = array();
|
||||
|
||||
$this->assertFalse($acl->isAllowed('board', 'readonly'));
|
||||
$this->assertFalse($acl->isAllowed('task', 'show'));
|
||||
@@ -100,8 +97,7 @@ class AclTest extends Base
|
||||
public function testPageAccessEmptySession()
|
||||
{
|
||||
$acl = new Acl($this->container);
|
||||
$session = new Session;
|
||||
$session['user'] = array();
|
||||
$this->container['sessionStorage']->user = array();
|
||||
|
||||
$this->assertFalse($acl->isAllowed('board', 'readonly'));
|
||||
$this->assertFalse($acl->isAllowed('task', 'show'));
|
||||
@@ -114,9 +110,7 @@ class AclTest extends Base
|
||||
public function testPageAccessAdminUser()
|
||||
{
|
||||
$acl = new Acl($this->container);
|
||||
$session = new Session;
|
||||
|
||||
$session['user'] = array(
|
||||
$this->container['sessionStorage']->user = array(
|
||||
'is_admin' => true,
|
||||
);
|
||||
|
||||
@@ -140,7 +134,6 @@ class AclTest extends Base
|
||||
$p = new Project($this->container);
|
||||
$pp = new ProjectPermission($this->container);
|
||||
$u = new User($this->container);
|
||||
$session = new Session;
|
||||
|
||||
// We create our user
|
||||
$this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest')));
|
||||
@@ -152,7 +145,7 @@ class AclTest extends Base
|
||||
$this->assertFalse($pp->isManager(1, 2));
|
||||
|
||||
// We fake a session for him
|
||||
$session['user'] = array(
|
||||
$this->container['sessionStorage']->user = array(
|
||||
'id' => 2,
|
||||
'is_admin' => false,
|
||||
'is_project_admin' => true,
|
||||
@@ -184,7 +177,6 @@ class AclTest extends Base
|
||||
$p = new Project($this->container);
|
||||
$pp = new ProjectPermission($this->container);
|
||||
$u = new User($this->container);
|
||||
$session = new Session;
|
||||
|
||||
// We create our user
|
||||
$this->assertEquals(2, $u->create(array('username' => 'unittest', 'password' => 'unittest')));
|
||||
@@ -195,7 +187,7 @@ class AclTest extends Base
|
||||
$this->assertTrue($pp->isManager(1, 2));
|
||||
|
||||
// We fake a session for him
|
||||
$session['user'] = array(
|
||||
$this->container['sessionStorage']->user = array(
|
||||
'id' => 2,
|
||||
'is_admin' => false,
|
||||
);
|
||||
@@ -237,9 +229,7 @@ class AclTest extends Base
|
||||
$this->assertTrue($pp->isMember(1, 2));
|
||||
$this->assertFalse($pp->isManager(1, 2));
|
||||
|
||||
$session = new Session;
|
||||
|
||||
$session['user'] = array(
|
||||
$this->container['sessionStorage']->user = array(
|
||||
'id' => 2,
|
||||
'is_admin' => false,
|
||||
);
|
||||
@@ -276,9 +266,7 @@ class AclTest extends Base
|
||||
$this->assertFalse($pp->isMember(1, 2));
|
||||
$this->assertFalse($pp->isManager(1, 2));
|
||||
|
||||
$session = new Session;
|
||||
|
||||
$session['user'] = array(
|
||||
$this->container['sessionStorage']->user = array(
|
||||
'id' => 2,
|
||||
'is_admin' => false,
|
||||
);
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
require_once __DIR__.'/../Base.php';
|
||||
|
||||
use Kanboard\Model\Config;
|
||||
use Kanboard\Core\Session;
|
||||
use Kanboard\Core\Session\SessionManager;
|
||||
|
||||
class ConfigTest extends Base
|
||||
{
|
||||
@@ -73,17 +73,15 @@ class ConfigTest extends Base
|
||||
|
||||
public function testGetWithSession()
|
||||
{
|
||||
$this->container['session'] = new Session;
|
||||
$c = new Config($this->container);
|
||||
|
||||
session_id('test');
|
||||
|
||||
$this->assertTrue(Session::isOpen());
|
||||
$this->assertTrue(SessionManager::isOpen());
|
||||
|
||||
$this->assertEquals('', $c->get('board_columns'));
|
||||
$this->assertEquals('test', $c->get('board_columns', 'test'));
|
||||
|
||||
$this->container['session']['config'] = array(
|
||||
$this->container['sessionStorage']->config = array(
|
||||
'board_columns' => 'foo',
|
||||
'empty_value' => 0
|
||||
);
|
||||
@@ -93,6 +91,6 @@ class ConfigTest extends Base
|
||||
$this->assertEquals('test', $c->get('empty_value', 'test'));
|
||||
|
||||
session_id('');
|
||||
unset($this->container['session']);
|
||||
$this->assertFalse(SessionManager::isOpen());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -8,7 +8,6 @@ use Kanboard\Model\Subtask;
|
||||
use Kanboard\Model\Project;
|
||||
use Kanboard\Model\Category;
|
||||
use Kanboard\Model\User;
|
||||
use Kanboard\Core\Session;
|
||||
use Kanboard\Model\UserSession;
|
||||
|
||||
class SubtaskTest extends Base
|
||||
@@ -190,7 +189,6 @@ class SubtaskTest extends Base
|
||||
$tc = new TaskCreation($this->container);
|
||||
$s = new Subtask($this->container);
|
||||
$p = new Project($this->container);
|
||||
$ss = new Session;
|
||||
$us = new UserSession($this->container);
|
||||
|
||||
$this->assertEquals(1, $p->create(array('name' => 'test1')));
|
||||
@@ -205,7 +203,7 @@ class SubtaskTest extends Base
|
||||
$this->assertEquals(1, $subtask['task_id']);
|
||||
|
||||
// Set the current logged user
|
||||
$ss['user'] = array('id' => 1);
|
||||
$this->container['sessionStorage']->user = array('id' => 1);
|
||||
|
||||
$this->assertTrue($s->toggleStatus(1));
|
||||
|
||||
|
||||
@@ -9,7 +9,6 @@ use Kanboard\Model\SubtaskTimeTracking;
|
||||
use Kanboard\Model\Project;
|
||||
use Kanboard\Model\Category;
|
||||
use Kanboard\Model\User;
|
||||
use Kanboard\Core\Session;
|
||||
|
||||
class SubtaskTimeTrackingTest extends Base
|
||||
{
|
||||
@@ -38,9 +37,8 @@ class SubtaskTimeTrackingTest extends Base
|
||||
$s = new Subtask($this->container);
|
||||
$st = new SubtaskTimeTracking($this->container);
|
||||
$p = new Project($this->container);
|
||||
$ss = new Session;
|
||||
|
||||
$ss['user'] = array('id' => 1);
|
||||
$this->container['sessionStorage']->user = array('id' => 1);
|
||||
|
||||
$this->assertEquals(1, $p->create(array('name' => 'test1')));
|
||||
$this->assertEquals(1, $tc->create(array('title' => 'test 1', 'project_id' => 1, 'column_id' => 1, 'owner_id' => 1)));
|
||||
|
||||
@@ -182,8 +182,7 @@ class TaskCreationTest extends Base
|
||||
$tc = new TaskCreation($this->container);
|
||||
$tf = new TaskFinder($this->container);
|
||||
|
||||
$_SESSION = array();
|
||||
$_SESSION['user']['id'] = 1;
|
||||
$this->container['sessionStorage']->user = array('id' => 1);
|
||||
|
||||
$this->assertEquals(1, $p->create(array('name' => 'test')));
|
||||
$this->assertEquals(1, $tc->create(array('project_id' => 1, 'title' => 'test')));
|
||||
@@ -194,8 +193,6 @@ class TaskCreationTest extends Base
|
||||
|
||||
$this->assertEquals(1, $task['id']);
|
||||
$this->assertEquals(1, $task['creator_id']);
|
||||
|
||||
$_SESSION = array();
|
||||
}
|
||||
|
||||
public function testColumnId()
|
||||
|
||||
@@ -31,8 +31,7 @@ class TaskDuplicationTest extends Base
|
||||
$this->assertEquals(1, $task['project_id']);
|
||||
$this->assertEquals(0, $task['creator_id']);
|
||||
|
||||
$_SESSION = array();
|
||||
$_SESSION['user']['id'] = 1;
|
||||
$this->container['sessionStorage']->user = array('id' => 1);
|
||||
|
||||
// We duplicate our task
|
||||
$this->assertEquals(2, $td->duplicate(1));
|
||||
@@ -41,8 +40,6 @@ class TaskDuplicationTest extends Base
|
||||
$task = $tf->getById(2);
|
||||
$this->assertNotEmpty($task);
|
||||
$this->assertEquals(1, $task['creator_id']);
|
||||
|
||||
$_SESSION = array();
|
||||
}
|
||||
|
||||
public function testDuplicateSameProject()
|
||||
|
||||
@@ -33,7 +33,7 @@ class TaskPermissionTest extends Base
|
||||
// User #1 can remove everything
|
||||
$user = $u->getbyId(1);
|
||||
$this->assertNotEmpty($user);
|
||||
$us->refresh($user);
|
||||
$us->initialize($user);
|
||||
|
||||
$task = $tf->getbyId(1);
|
||||
$this->assertNotEmpty($task);
|
||||
@@ -42,7 +42,7 @@ class TaskPermissionTest extends Base
|
||||
// User #2 can't remove the task #1
|
||||
$user = $u->getbyId(2);
|
||||
$this->assertNotEmpty($user);
|
||||
$us->refresh($user);
|
||||
$us->initialize($user);
|
||||
|
||||
$task = $tf->getbyId(1);
|
||||
$this->assertNotEmpty($task);
|
||||
@@ -51,7 +51,7 @@ class TaskPermissionTest extends Base
|
||||
// User #1 can remove everything
|
||||
$user = $u->getbyId(1);
|
||||
$this->assertNotEmpty($user);
|
||||
$us->refresh($user);
|
||||
$us->initialize($user);
|
||||
|
||||
$task = $tf->getbyId(2);
|
||||
$this->assertNotEmpty($task);
|
||||
@@ -60,7 +60,7 @@ class TaskPermissionTest extends Base
|
||||
// User #2 can remove his own task
|
||||
$user = $u->getbyId(2);
|
||||
$this->assertNotEmpty($user);
|
||||
$us->refresh($user);
|
||||
$us->initialize($user);
|
||||
|
||||
$task = $tf->getbyId(2);
|
||||
$this->assertNotEmpty($task);
|
||||
@@ -69,7 +69,7 @@ class TaskPermissionTest extends Base
|
||||
// User #1 can remove everything
|
||||
$user = $u->getbyId(1);
|
||||
$this->assertNotEmpty($user);
|
||||
$us->refresh($user);
|
||||
$us->initialize($user);
|
||||
|
||||
$task = $tf->getbyId(3);
|
||||
$this->assertNotEmpty($task);
|
||||
@@ -78,7 +78,7 @@ class TaskPermissionTest extends Base
|
||||
// User #2 can't remove the task #3
|
||||
$user = $u->getbyId(2);
|
||||
$this->assertNotEmpty($user);
|
||||
$us->refresh($user);
|
||||
$us->initialize($user);
|
||||
|
||||
$task = $tf->getbyId(3);
|
||||
$this->assertNotEmpty($task);
|
||||
@@ -87,7 +87,7 @@ class TaskPermissionTest extends Base
|
||||
// User #1 can remove everything
|
||||
$user = $u->getbyId(1);
|
||||
$this->assertNotEmpty($user);
|
||||
$us->refresh($user);
|
||||
$us->initialize($user);
|
||||
|
||||
$task = $tf->getbyId(4);
|
||||
$this->assertNotEmpty($task);
|
||||
@@ -96,7 +96,7 @@ class TaskPermissionTest extends Base
|
||||
// User #2 can't remove the task #4
|
||||
$user = $u->getbyId(2);
|
||||
$this->assertNotEmpty($user);
|
||||
$us->refresh($user);
|
||||
$us->initialize($user);
|
||||
|
||||
$task = $tf->getbyId(4);
|
||||
$this->assertNotEmpty($task);
|
||||
|
||||
@@ -2,31 +2,157 @@
|
||||
|
||||
require_once __DIR__.'/../Base.php';
|
||||
|
||||
use Kanboard\Core\Session;
|
||||
use Kanboard\Model\UserSession;
|
||||
|
||||
class UserSessionTest extends Base
|
||||
{
|
||||
public function testInitialize()
|
||||
{
|
||||
$us = new UserSession($this->container);
|
||||
|
||||
$user = array(
|
||||
'id' => '123',
|
||||
'username' => 'john',
|
||||
'password' => 'something',
|
||||
'twofactor_secret' => 'something else',
|
||||
'is_admin' => '1',
|
||||
'is_project_admin' => '0',
|
||||
'is_ldap_user' => '0',
|
||||
'twofactor_activated' => '0',
|
||||
);
|
||||
|
||||
$us->initialize($user);
|
||||
|
||||
$session = $this->container['sessionStorage']->getAll();
|
||||
|
||||
$this->assertNotEmpty($session);
|
||||
$this->assertEquals(123, $session['user']['id']);
|
||||
$this->assertEquals('john', $session['user']['username']);
|
||||
$this->assertTrue($session['user']['is_admin']);
|
||||
$this->assertFalse($session['user']['is_project_admin']);
|
||||
$this->assertFalse($session['user']['is_ldap_user']);
|
||||
$this->assertFalse($session['user']['twofactor_activated']);
|
||||
$this->assertArrayNotHasKey('password', $session['user']);
|
||||
$this->assertArrayNotHasKey('twofactor_secret', $session['user']);
|
||||
|
||||
$this->assertEquals('john', $us->getUsername());
|
||||
}
|
||||
|
||||
public function testGetId()
|
||||
{
|
||||
$us = new UserSession($this->container);
|
||||
|
||||
$this->assertEquals(0, $us->getId());
|
||||
|
||||
$this->container['sessionStorage']->user = array('id' => 2);
|
||||
$this->assertEquals(2, $us->getId());
|
||||
|
||||
$this->container['sessionStorage']->user = array('id' => '2');
|
||||
$this->assertEquals(2, $us->getId());
|
||||
}
|
||||
|
||||
public function testIsLogged()
|
||||
{
|
||||
$us = new UserSession($this->container);
|
||||
|
||||
$this->assertFalse($us->isLogged());
|
||||
|
||||
$this->container['sessionStorage']->user = array();
|
||||
$this->assertFalse($us->isLogged());
|
||||
|
||||
$this->container['sessionStorage']->user = array('id' => 1);
|
||||
$this->assertTrue($us->isLogged());
|
||||
}
|
||||
|
||||
public function testIsAdmin()
|
||||
{
|
||||
$s = new Session;
|
||||
$us = new UserSession($this->container);
|
||||
|
||||
$this->assertFalse($us->isAdmin());
|
||||
|
||||
$s['user'] = array();
|
||||
$this->container['sessionStorage']->user = array('is_admin' => '1');
|
||||
$this->assertFalse($us->isAdmin());
|
||||
|
||||
$s['user'] = array('is_admin' => '1');
|
||||
$this->container['sessionStorage']->user = array('is_admin' => '2');
|
||||
$this->assertFalse($us->isAdmin());
|
||||
|
||||
$s['user'] = array('is_admin' => false);
|
||||
$this->container['sessionStorage']->user = array('is_admin' => false);
|
||||
$this->assertFalse($us->isAdmin());
|
||||
|
||||
$s['user'] = array('is_admin' => '2');
|
||||
$this->assertFalse($us->isAdmin());
|
||||
|
||||
$s['user'] = array('is_admin' => true);
|
||||
$this->container['sessionStorage']->user = array('is_admin' => true);
|
||||
$this->assertTrue($us->isAdmin());
|
||||
}
|
||||
|
||||
public function testIsProjectAdmin()
|
||||
{
|
||||
$us = new UserSession($this->container);
|
||||
|
||||
$this->assertFalse($us->isProjectAdmin());
|
||||
|
||||
$this->container['sessionStorage']->user = array('is_project_admin' => false);
|
||||
$this->assertFalse($us->isProjectAdmin());
|
||||
|
||||
$this->container['sessionStorage']->user = array('is_project_admin' => true);
|
||||
$this->assertTrue($us->isProjectAdmin());
|
||||
}
|
||||
|
||||
public function testCommentSorting()
|
||||
{
|
||||
$us = new UserSession($this->container);
|
||||
$this->assertEquals('ASC', $us->getCommentSorting());
|
||||
|
||||
$us->setCommentSorting('DESC');
|
||||
$this->assertEquals('DESC', $us->getCommentSorting());
|
||||
}
|
||||
|
||||
public function testBoardCollapseMode()
|
||||
{
|
||||
$us = new UserSession($this->container);
|
||||
$this->assertFalse($us->isBoardCollapsed(2));
|
||||
|
||||
$us->setBoardDisplayMode(3, false);
|
||||
$this->assertFalse($us->isBoardCollapsed(3));
|
||||
|
||||
$us->setBoardDisplayMode(3, true);
|
||||
$this->assertTrue($us->isBoardCollapsed(3));
|
||||
}
|
||||
|
||||
public function testFilters()
|
||||
{
|
||||
$us = new UserSession($this->container);
|
||||
$this->assertEquals('status:open', $us->getFilters(1));
|
||||
|
||||
$us->setFilters(1, 'assignee:me');
|
||||
$this->assertEquals('assignee:me', $us->getFilters(1));
|
||||
|
||||
$this->assertEquals('status:open', $us->getFilters(2));
|
||||
|
||||
$us->setFilters(2, 'assignee:bob');
|
||||
$this->assertEquals('assignee:bob', $us->getFilters(2));
|
||||
}
|
||||
|
||||
public function test2FA()
|
||||
{
|
||||
$us = new UserSession($this->container);
|
||||
|
||||
$this->assertFalse($us->check2FA());
|
||||
|
||||
$this->container['sessionStorage']->postAuth = array('validated' => false);
|
||||
$this->assertFalse($us->check2FA());
|
||||
|
||||
$this->container['sessionStorage']->postAuth = array('validated' => true);
|
||||
$this->assertTrue($us->check2FA());
|
||||
|
||||
$this->container['sessionStorage']->user = array();
|
||||
$this->assertFalse($us->has2FA());
|
||||
|
||||
$this->container['sessionStorage']->user = array('twofactor_activated' => false);
|
||||
$this->assertFalse($us->has2FA());
|
||||
|
||||
$this->container['sessionStorage']->user = array('twofactor_activated' => true);
|
||||
$this->assertTrue($us->has2FA());
|
||||
|
||||
$us->disable2FA();
|
||||
$this->assertFalse($us->has2FA());
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user