aboutsummaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
authorHarald Eilertsen <haraldei@anduin.net>2024-06-05 07:59:42 +0000
committerMario <mario@mariovavti.com>2024-06-05 07:59:42 +0000
commit350f84913a9390ac67f800a51f6c4d319331149c (patch)
tree426afa3f952456ddbbc1eb1db3a4d28c39cfb735 /tests
parent9d56bb952e162dddd24d3bcdc50b2957ef0e0b97 (diff)
downloadvolse-hubzilla-350f84913a9390ac67f800a51f6c4d319331149c.tar.gz
volse-hubzilla-350f84913a9390ac67f800a51f6c4d319331149c.tar.bz2
volse-hubzilla-350f84913a9390ac67f800a51f6c4d319331149c.zip
Skip checking MFA status for WebDAV and CardDAV requests.
Diffstat (limited to 'tests')
-rw-r--r--tests/unit/UnitTestCase.php1
-rw-r--r--tests/unit/includes/AuthTest.php81
-rw-r--r--tests/unit/includes/dba/_files/account.yml2
3 files changed, 84 insertions, 0 deletions
diff --git a/tests/unit/UnitTestCase.php b/tests/unit/UnitTestCase.php
index 844746a51..afc309205 100644
--- a/tests/unit/UnitTestCase.php
+++ b/tests/unit/UnitTestCase.php
@@ -31,6 +31,7 @@ use PHPUnit\Framework\TestCase;
*/
require_once __DIR__ . '/../../boot.php';
require_once 'include/dba/dba_driver.php' ;
+require_once 'include/dba/dba_transaction.php';
/**
* Base class for our Unit Tests.
diff --git a/tests/unit/includes/AuthTest.php b/tests/unit/includes/AuthTest.php
new file mode 100644
index 000000000..fa9726fe8
--- /dev/null
+++ b/tests/unit/includes/AuthTest.php
@@ -0,0 +1,81 @@
+<?php
+/**
+ * Tests for the authentication code used in Hubzilla.
+ *
+ * SPDX-FileCopyrightText: 2024 Hubzilla Community
+ * SPDX-FileContributor: Harald Eilertsen
+ *
+ * SPDX-License-Identifier: MIT
+ */
+
+namespace Zotlabs\Tests\Unit\Includes;
+
+use App;
+use Zotlabs\Lib\AConfig;
+use Zotlabs\Tests\Unit\UnitTestCase;
+use PHPUnit\Framework\Attributes\{DataProvider, RunTestsInSeparateProcesses};
+
+/**
+ * Test class containing the test for the Hubzilla authentication code.
+ *
+ * Since the main authentication code is executed in the global scope on
+ * inclusion of the `includes/auth.php` file, we need to run each test in a
+ * separate process to make sure we can excersize the code as we need.
+ */
+#[RunTestsInSeparateProcesses]
+class AuthTest extends UnitTestCase {
+
+ /**
+ * Check that mfa status is not checked for certain modules.
+ *
+ * This causes issues with things like WebDAV and CardDAV, as there's
+ * currently no way for these modules to signal that a TOTP code is needed
+ * back to the connecting client.
+ */
+ #[DataProvider('modules_excluded_from_mfa')]
+ public function test_mfa_is_not_checked_for_excluded_modules(string $module, array $args): void {
+ $account_id = $this->fixtures['account']['0']['account_id'];
+
+ $_SESSION = [
+ 'authenticated' => true,
+ 'account_id' => $account_id,
+
+ // Trick the code to not warn that $_SESSION['uid'] is not set,
+ // but also not trigger the code that tries to change to the
+ // given channel. *Remove when code is fixed!*
+ 'uid' => 0,
+ ];
+
+ $_SERVER['REMOTE_ADDR'] = '127.0.0.1';
+
+ App::$session = $this->create_session_stub();
+ App::$module = $module;
+ App::$argv = $args;
+ App::$argc = count($args);
+
+ // Enable multi factor authentication for this account
+ AConfig::Set($account_id, 'system', 'mfa_enabled', true);
+
+ require 'include/auth.php';
+
+ $this->assertEquals(1, $_SESSION['authenticated']);
+ }
+
+ /**
+ * Data provider for testing modules excluded from mfa
+ * @SuppressWarnings(PHPMD.UnusedPrivateMethod)
+ */
+ public static function modules_excluded_from_mfa(): array {
+ return [
+ ['totp_check', []],
+ ['cdav', []],
+ ['cdav', ['calendar']],
+ ['cdav', ['addressbook']],
+ ['dav', []],
+ ];
+ }
+
+ private function create_session_stub(): \Zotlabs\Web\Session {
+ return $this->createStub('Zotlabs\Web\Session');
+ }
+}
diff --git a/tests/unit/includes/dba/_files/account.yml b/tests/unit/includes/dba/_files/account.yml
index 344bdb799..88e59056e 100644
--- a/tests/unit/includes/dba/_files/account.yml
+++ b/tests/unit/includes/dba/_files/account.yml
@@ -3,7 +3,9 @@ account:
account_id: 42
account_email: "hubzilla@example.com"
account_language: "no"
+ account_flags: 0
-
account_id: 43
account_email: "hubzilla@example.org"
account_language: "de"
+ account_flags: 1