EnforcementManagerTest - Code Metrics - Inspection of "DOC Update for compliance to new userhelp site" - Firesphere/silverstripe-bootstrapmfa - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#63)

unknown

created 2019-12-18 23:54 UTC

EnforcementManagerTest A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	172
Duplicated Lines	0 %

Importance

Changes	6
Bugs	0	Features	2

Metric	Value
eloc	68
c	6
b	0
f	2
dl	0
loc	172
rs	10
wmc	17

17 Methods

Rating	Name	Size	Complexity
A	testCannotSkipWhenMemberHasRegisteredAuthenticationMethodsSetUp()	9	1
A	testShouldRedirectToMFAWhenUserHasRegisteredMFAMethod()	6	1
A	testCanSkipWhenMFAIsRequiredWithGracePeriodExpiringInFuture()	6	1
A	testShouldRedirectToMFAWhenUserHasAccessToReportsOnly()	6	1
A	testShouldNotRedirectToMFAWhenConfigIsDisabled()	7	1
A	setSiteConfig()	5	1
A	testShouldRedirectToMFAWhenMFAIsOptionalAndHasNotBeenSkipped()	11	1
A	testCanSkipWhenMFAIsOptional()	9	1
A	testCannotSkipWhenMFAIsRequiredWithGracePeriodExpiringInPast()	6	1
A	testShouldNotRedirectToMFAWhenMFAIsOptionalAndHasBeenSkipped()	11	1
A	setUp()	11	1
A	testShouldRedirectToMFAForContentAuthors()	6	1
A	testShouldNotRedirectToMFAWhenUserDoesNotHaveCMSAccess()	6	1
A	testShouldRedirectToMFAWhenMFAIsRequired()	8	1
A	testCannotSkipWhenMFAIsRequiredWithNoGracePeriod()	6	1
A	testShouldNotRedirectToMFAWhenNoMethodsAreRegisteredInTheSystem()	10	1
A	testShouldRedirectToMFAWhenUserDoesNotHaveCMSAccessButTheCheckIsDisabledWithConfig()	8	1

<?php

namespace SilverStripe\MFA\Tests\Service;

use SilverStripe\Dev\SapphireTest;
use SilverStripe\MFA\Extension\MemberExtension;
use SilverStripe\MFA\Service\EnforcementManager;
use SilverStripe\MFA\Service\MethodRegistry;
use SilverStripe\MFA\Tests\Stub\BasicMath\Method as BasicMathMethod;
use SilverStripe\ORM\FieldType\DBDatetime;
use SilverStripe\Security\Member;
use SilverStripe\SiteConfig\SiteConfig;

class EnforcementManagerTest extends SapphireTest
{
    protected static $fixture_file = 'EnforcementManagerTest.yml';

    protected function setUp()
    {
        parent::setUp();

        DBDatetime::set_mock_now('2019-01-25 12:00:00');

        MethodRegistry::config()->set('methods', [
            BasicMathMethod::class,
        ]);

        EnforcementManager::config()->set('requires_admin_access', true);
    }

    public function testCannotSkipWhenMFAIsRequiredWithNoGracePeriod()
    {
        $this->setSiteConfig(['MFARequired' => true]);

        $member = new Member();
        $this->assertFalse(EnforcementManager::create()->canSkipMFA($member));
    }

    public function testCanSkipWhenMFAIsRequiredWithGracePeriodExpiringInFuture()
    {
        $this->setSiteConfig(['MFARequired' => true, 'MFAGracePeriodExpires' => '2019-01-30']);

        $member = new Member();
        $this->assertTrue(EnforcementManager::create()->canSkipMFA($member));
    }

    public function testCannotSkipWhenMFAIsRequiredWithGracePeriodExpiringInPast()
    {
        $this->setSiteConfig(['MFARequired' => true, 'MFAGracePeriodExpires' => '2018-12-25']);

        $member = new Member();
        $this->assertFalse(EnforcementManager::create()->canSkipMFA($member));
    }

    public function testCannotSkipWhenMemberHasRegisteredAuthenticationMethodsSetUp()
    {
        $this->setSiteConfig(['MFARequired' => false]);
        // Sally has "backup codes" as a registered authentication method already
        /** @var Member $member */
        $member = $this->objFromFixture(Member::class, 'sally_smith');
        $this->logInAs($member);

        $this->assertFalse(EnforcementManager::create()->canSkipMFA($member));
    }

    public function testCanSkipWhenMFAIsOptional()
    {
        $this->setSiteConfig(['MFARequired' => false]);
        // Anonymous admin user
        $memberId = $this->logInWithPermission();
        /** @var Member $member */
        $member = Member::get()->byID($memberId);

        $this->assertTrue(EnforcementManager::create()->canSkipMFA($member));
    }

    public function testShouldNotRedirectToMFAWhenUserDoesNotHaveCMSAccess()
    {
        /** @var Member $member */
        $member = $this->objFromFixture(Member::class, 'sammy_smith');
        $this->logInAs($member);
        $this->assertFalse(EnforcementManager::create()->shouldRedirectToMFA($member));
    }

    public function testShouldRedirectToMFAWhenUserDoesNotHaveCMSAccessButTheCheckIsDisabledWithConfig()
    {
        EnforcementManager::config()->set('requires_admin_access', false);

        /** @var Member $member */
        $member = $this->objFromFixture(Member::class, 'sammy_smith');
        $this->logInAs($member);
        $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member));
    }

    public function testShouldRedirectToMFAWhenUserHasAccessToReportsOnly()
    {
        /** @var Member $member */
        $member = $this->objFromFixture(Member::class, 'reports_user');
        $this->logInAs($member);
        $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member));
    }

    public function testShouldRedirectToMFAForContentAuthors()
    {
        $memberID = $this->logInWithPermission('CMS_ACCESS_CMSMain');
        /** @var Member $member */
        $member = Member::get()->byID($memberID);
        $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member));
    }

    public function testShouldRedirectToMFAWhenUserHasRegisteredMFAMethod()
    {
        /** @var Member $member */
        $member = $this->objFromFixture(Member::class, 'sally_smith');
        $shouldRedirect = EnforcementManager::create()->shouldRedirectToMFA($member);
        $this->assertTrue($shouldRedirect);
    }

    public function testShouldRedirectToMFAWhenMFAIsRequired()
    {
        $this->setSiteConfig(['MFARequired' => true]);
        /** @var Member $member */
        $member = $this->objFromFixture(Member::class, 'sally_smith');
        $this->logInAs($member);

        $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member));
    }

    public function testShouldRedirectToMFAWhenMFAIsOptionalAndHasNotBeenSkipped()
    {
        $this->setSiteConfig(['MFARequired' => false]);

        /** @var Member|MemberExtension $member */
        $member = $this->objFromFixture(Member::class, 'sally_smith');
        $member->HasSkippedMFARegistration = false;
        $member->write();
        $this->logInAs($member);

        $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member));
    }

    public function testShouldNotRedirectToMFAWhenMFAIsOptionalAndHasBeenSkipped()
    {
        $this->setSiteConfig(['MFARequired' => false]);

        /** @var Member&MemberExtension $member */
        $member = $this->objFromFixture(Member::class, 'sammy_smith');
        $member->HasSkippedMFARegistration = true;
        $member->write();
        $this->logInAs($member);

        $this->assertFalse(EnforcementManager::create()->shouldRedirectToMFA($member));
    }

    public function testShouldNotRedirectToMFAWhenConfigIsDisabled()
    {
        EnforcementManager::config()->set('enabled', false);
        /** @var Member $member */
        $member = $this->objFromFixture(Member::class, 'sally_smith');
        $shouldRedirect = EnforcementManager::create()->shouldRedirectToMFA($member);
        $this->assertFalse($shouldRedirect);
    }

    public function testShouldNotRedirectToMFAWhenNoMethodsAreRegisteredInTheSystem()
    {
        $this->setSiteConfig(['MFARequired' => true]);
        MethodRegistry::config()->set('methods', []);

        /** @var Member $member */
        $member = $this->objFromFixture(Member::class, 'sally_smith');
        $this->logInAs($member);

        $this->assertFalse(EnforcementManager::create()->shouldRedirectToMFA($member));
    }

    /**
     * Helper method for changing the current SiteConfig values
     *
     * @param array $data
     */
    protected function setSiteConfig(array $data)
    {
        $siteConfig = SiteConfig::current_site_config();
        $siteConfig->update($data);
        $siteConfig->write();
    }
}


1			<?php
2
3			namespace SilverStripe\MFA\Tests\Service;
4
5			use SilverStripe\Dev\SapphireTest;
6			use SilverStripe\MFA\Extension\MemberExtension;
7			use SilverStripe\MFA\Service\EnforcementManager;
8			use SilverStripe\MFA\Service\MethodRegistry;
9			use SilverStripe\MFA\Tests\Stub\BasicMath\Method as BasicMathMethod;
10			use SilverStripe\ORM\FieldType\DBDatetime;
11			use SilverStripe\Security\Member;
12			use SilverStripe\SiteConfig\SiteConfig;
13
14			class EnforcementManagerTest extends SapphireTest
15			{
16			protected static $fixture_file = 'EnforcementManagerTest.yml';
17
18			protected function setUp()
19			{
20			parent::setUp();
21
22			DBDatetime::set_mock_now('2019-01-25 12:00:00');
23
24			MethodRegistry::config()->set('methods', [
25			BasicMathMethod::class,
26			]);
27
28			EnforcementManager::config()->set('requires_admin_access', true);
29			}
30
31			public function testCannotSkipWhenMFAIsRequiredWithNoGracePeriod()
32			{
33			$this->setSiteConfig(['MFARequired' => true]);
34
35			$member = new Member();
36			$this->assertFalse(EnforcementManager::create()->canSkipMFA($member));
37			}
38
39			public function testCanSkipWhenMFAIsRequiredWithGracePeriodExpiringInFuture()
40			{
41			$this->setSiteConfig(['MFARequired' => true, 'MFAGracePeriodExpires' => '2019-01-30']);
42
43			$member = new Member();
44			$this->assertTrue(EnforcementManager::create()->canSkipMFA($member));
45			}
46
47			public function testCannotSkipWhenMFAIsRequiredWithGracePeriodExpiringInPast()
48			{
49			$this->setSiteConfig(['MFARequired' => true, 'MFAGracePeriodExpires' => '2018-12-25']);
50
51			$member = new Member();
52			$this->assertFalse(EnforcementManager::create()->canSkipMFA($member));
53			}
54
55			public function testCannotSkipWhenMemberHasRegisteredAuthenticationMethodsSetUp()
56			{
57			$this->setSiteConfig(['MFARequired' => false]);
58			// Sally has "backup codes" as a registered authentication method already
59			/** @var Member $member */
60			$member = $this->objFromFixture(Member::class, 'sally_smith');
61			$this->logInAs($member);
62
63			$this->assertFalse(EnforcementManager::create()->canSkipMFA($member));
64			}
65
66			public function testCanSkipWhenMFAIsOptional()
67			{
68			$this->setSiteConfig(['MFARequired' => false]);
69			// Anonymous admin user
70			$memberId = $this->logInWithPermission();
71			/** @var Member $member */
72			$member = Member::get()->byID($memberId);
73
74			$this->assertTrue(EnforcementManager::create()->canSkipMFA($member));
75			}
76
77			public function testShouldNotRedirectToMFAWhenUserDoesNotHaveCMSAccess()
78			{
79			/** @var Member $member */
80			$member = $this->objFromFixture(Member::class, 'sammy_smith');
81			$this->logInAs($member);
82			$this->assertFalse(EnforcementManager::create()->shouldRedirectToMFA($member));
83			}
84
85			public function testShouldRedirectToMFAWhenUserDoesNotHaveCMSAccessButTheCheckIsDisabledWithConfig()
86			{
87			EnforcementManager::config()->set('requires_admin_access', false);
88
89			/** @var Member $member */
90			$member = $this->objFromFixture(Member::class, 'sammy_smith');
91			$this->logInAs($member);
92			$this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member));
93			}
94
95			public function testShouldRedirectToMFAWhenUserHasAccessToReportsOnly()
96			{
97			/** @var Member $member */
98			$member = $this->objFromFixture(Member::class, 'reports_user');
99			$this->logInAs($member);
100			$this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member));
101			}
102
103			public function testShouldRedirectToMFAForContentAuthors()
104			{
105			$memberID = $this->logInWithPermission('CMS_ACCESS_CMSMain');
106			/** @var Member $member */
107			$member = Member::get()->byID($memberID);
108			$this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member));
109			}
110
111			public function testShouldRedirectToMFAWhenUserHasRegisteredMFAMethod()
112			{
113			/** @var Member $member */
114			$member = $this->objFromFixture(Member::class, 'sally_smith');
115			$shouldRedirect = EnforcementManager::create()->shouldRedirectToMFA($member);
116			$this->assertTrue($shouldRedirect);
117			}
118
119			public function testShouldRedirectToMFAWhenMFAIsRequired()
120			{
121			$this->setSiteConfig(['MFARequired' => true]);
122			/** @var Member $member */
123			$member = $this->objFromFixture(Member::class, 'sally_smith');
124			$this->logInAs($member);
125
126			$this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member));
127			}
128
129			public function testShouldRedirectToMFAWhenMFAIsOptionalAndHasNotBeenSkipped()
130			{
131			$this->setSiteConfig(['MFARequired' => false]);
132
133			/** @var Member\|MemberExtension $member */
134			$member = $this->objFromFixture(Member::class, 'sally_smith');
135			$member->HasSkippedMFARegistration = false;
136			$member->write();
137			$this->logInAs($member);
138
139			$this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member));
140			}
141
142			public function testShouldNotRedirectToMFAWhenMFAIsOptionalAndHasBeenSkipped()
143			{
144			$this->setSiteConfig(['MFARequired' => false]);
145
146			/** @var Member&MemberExtension $member */
147			$member = $this->objFromFixture(Member::class, 'sammy_smith');
148			$member->HasSkippedMFARegistration = true;
149			$member->write();
150			$this->logInAs($member);
151
152			$this->assertFalse(EnforcementManager::create()->shouldRedirectToMFA($member));
153			}
154
155			public function testShouldNotRedirectToMFAWhenConfigIsDisabled()
156			{
157			EnforcementManager::config()->set('enabled', false);
158			/** @var Member $member */
159			$member = $this->objFromFixture(Member::class, 'sally_smith');
160			$shouldRedirect = EnforcementManager::create()->shouldRedirectToMFA($member);
161			$this->assertFalse($shouldRedirect);
162			}
163
164			public function testShouldNotRedirectToMFAWhenNoMethodsAreRegisteredInTheSystem()
165			{
166			$this->setSiteConfig(['MFARequired' => true]);
167			MethodRegistry::config()->set('methods', []);
168
169			/** @var Member $member */
170			$member = $this->objFromFixture(Member::class, 'sally_smith');
171			$this->logInAs($member);
172
173			$this->assertFalse(EnforcementManager::create()->shouldRedirectToMFA($member));
174			}
175
176			/**
177			* Helper method for changing the current SiteConfig values
178			*
179			* @param array $data
180			*/
181			protected function setSiteConfig(array $data)
182			{
183			$siteConfig = SiteConfig::current_site_config();
184			$siteConfig->update($data);
185			$siteConfig->write();
186			}
187			}
188

Firesphere / silverstripe-bootstrapmfa

Pull Request — master (#63)

EnforcementManagerTest A

Complexity

Size/Duplication

Importance

17 Methods

Duplication Side-by-Side

Filter issues like