|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
App::uses('Controller', 'Controller'); |
|
4
|
|
|
App::uses('UsersController', 'Controller'); |
|
5
|
|
|
|
|
6
|
|
|
class UsersControllerTestCase extends \Saito\Test\ControllerTestCase { |
|
7
|
|
|
|
|
8
|
|
|
use \Saito\Test\SecurityMockTrait; |
|
9
|
|
|
|
|
10
|
|
|
public $fixtures = array( |
|
11
|
|
|
'app.bookmark', |
|
12
|
|
|
'app.user', |
|
13
|
|
|
'app.user_block', |
|
14
|
|
|
'app.user_ignore', |
|
15
|
|
|
'app.user_online', |
|
16
|
|
|
'app.user_read', |
|
17
|
|
|
'app.entry', |
|
18
|
|
|
'app.category', |
|
19
|
|
|
'app.smiley', |
|
20
|
|
|
'app.smiley_code', |
|
21
|
|
|
'app.shout', |
|
22
|
|
|
'app.setting', |
|
23
|
|
|
'app.upload', |
|
24
|
|
|
'app.esnotification', |
|
25
|
|
|
'app.esevent', |
|
26
|
|
|
); |
|
27
|
|
|
|
|
28
|
|
|
const MAPQUEST = 'mapquestapi.com/sdk'; |
|
29
|
|
|
|
|
30
|
|
|
public function testAdminAdd() { |
|
31
|
|
|
$data = [ |
|
32
|
|
|
'User' => [ |
|
33
|
|
|
'username' => 'foo', |
|
34
|
|
|
'user_email' => '[email protected]', |
|
35
|
|
|
'user_password' => 'test', |
|
36
|
|
|
'password_confirm' => 'test', |
|
37
|
|
|
] |
|
38
|
|
|
]; |
|
39
|
|
|
$expected = [ |
|
40
|
|
|
'User' => [ |
|
41
|
|
|
'username' => 'foo', |
|
42
|
|
|
'user_email' => '[email protected]', |
|
43
|
|
|
'password' => 'test', |
|
44
|
|
|
'password_confirm' => 'test' |
|
45
|
|
|
] |
|
46
|
|
|
]; |
|
47
|
|
|
|
|
48
|
|
|
$Users = $this->generate('Users', ['models' => ['User' => ['register']]]); |
|
49
|
|
|
$this->_loginUser(1); |
|
50
|
|
|
|
|
51
|
|
|
$Users->User->expects($this->once()) |
|
52
|
|
|
->method('register') |
|
53
|
|
|
->with($expected, true); |
|
54
|
|
|
|
|
55
|
|
|
$this->testAction('/admin/users/add', |
|
|
|
|
|
|
56
|
|
|
['data' => $data, 'method' => 'post']); |
|
57
|
|
|
} |
|
58
|
|
|
|
|
59
|
|
|
public function testAdminAddNoAccess() { |
|
60
|
|
|
$data = [ |
|
61
|
|
|
'User' => [ |
|
62
|
|
|
'username' => 'foo', |
|
63
|
|
|
'user_email' => '[email protected]', |
|
64
|
|
|
'user_password' => 'test', |
|
65
|
|
|
'password_confirm' => 'test', |
|
66
|
|
|
] |
|
67
|
|
|
]; |
|
68
|
|
|
$Users = $this->generate('Users', ['models' => ['User' => ['register']]]); |
|
69
|
|
|
|
|
70
|
|
|
$Users->User->expects($this->never()) |
|
71
|
|
|
->method('register'); |
|
72
|
|
|
$this->setExpectedException('ForbiddenException'); |
|
73
|
|
|
|
|
74
|
|
|
$this->testAction('/admin/users/add', |
|
|
|
|
|
|
75
|
|
|
['data' => $data, 'method' => 'post']); |
|
76
|
|
|
} |
|
77
|
|
|
|
|
78
|
|
|
public function testLogin() { |
|
79
|
|
|
$data = [ |
|
80
|
|
|
'User' => [ |
|
81
|
|
|
'username' => 'Ulysses', |
|
82
|
|
|
'password' => 'test' |
|
83
|
|
|
] |
|
84
|
|
|
]; |
|
85
|
|
|
$this->testAction('/users/login', ['data' => $data]); |
|
|
|
|
|
|
86
|
|
|
|
|
87
|
|
|
$this->assertTrue($this->controller->CurrentUser->isLoggedIn()); |
|
88
|
|
|
|
|
89
|
|
|
//# successful login redirects |
|
90
|
|
|
$this->assertRedirectedTo(); |
|
91
|
|
|
|
|
92
|
|
|
//# last login time should be set |
|
93
|
|
|
$this->controller->User->id = 3; |
|
94
|
|
|
$user = $this->controller->User->read(); |
|
95
|
|
|
$this->assertWithinMargin(time($user['User']['last_login']), time(), 1); |
|
96
|
|
|
} |
|
97
|
|
|
|
|
98
|
|
|
public function testLoginShowForm() { |
|
99
|
|
|
//# show login form |
|
100
|
|
|
$results = $this->testAction('/users/login', |
|
|
|
|
|
|
101
|
|
|
['method' => 'GET', 'return' => 'view']); |
|
102
|
|
|
$this->assertFalse(isset($this->headers['Location'])); |
|
103
|
|
|
|
|
104
|
|
|
//## test username field |
|
105
|
|
|
$username = [ |
|
106
|
|
|
'tag' => 'input', |
|
107
|
|
|
'attributes' => [ |
|
108
|
|
|
'autocomplete' => 'username', |
|
109
|
|
|
'name' => 'data[User][username]', |
|
110
|
|
|
'required' => 'required', |
|
111
|
|
|
'tabindex' => '100', |
|
112
|
|
|
'type' => 'text' |
|
113
|
|
|
] |
|
114
|
|
|
]; |
|
115
|
|
|
$this->assertTag($username, $results); |
|
116
|
|
|
|
|
117
|
|
|
//## test password field |
|
118
|
|
|
$password = [ |
|
119
|
|
|
'tag' => 'input', |
|
120
|
|
|
'attributes' => [ |
|
121
|
|
|
'autocomplete' => 'current-password', |
|
122
|
|
|
'name' => 'data[User][password]', |
|
123
|
|
|
'required' => 'required', |
|
124
|
|
|
'tabindex' => '101', |
|
125
|
|
|
'type' => 'password' |
|
126
|
|
|
] |
|
127
|
|
|
]; |
|
128
|
|
|
$this->assertTag($password, $results); |
|
129
|
|
|
|
|
130
|
|
|
//# test logout on form show |
|
131
|
|
|
$this->assertFalse($this->controller->CurrentUser->isLoggedIn()); |
|
132
|
|
|
$this->_loginUser(3); |
|
133
|
|
|
$user = $this->controller->Session->read('Auth.User'); |
|
134
|
|
|
$this->controller->CurrentUser->setSettings($user); |
|
135
|
|
|
$this->assertTrue($this->controller->CurrentUser->isLoggedIn()); |
|
136
|
|
|
$this->testAction('/users/login', ['method' => 'GET']); |
|
|
|
|
|
|
137
|
|
|
$this->assertFalse($this->controller->CurrentUser->isLoggedIn()); |
|
138
|
|
|
} |
|
139
|
|
|
|
|
140
|
|
|
public function testLoginUserNotActivated() { |
|
141
|
|
|
$data = ['User' => ['username' => 'Diane', 'password' => 'test']]; |
|
142
|
|
|
$result = $this->testAction('/users/login', |
|
|
|
|
|
|
143
|
|
|
['data' => $data, 'return' => 'contents']); |
|
144
|
|
|
$this->assertContains('is not activated yet.', $result); |
|
145
|
|
|
} |
|
146
|
|
|
|
|
147
|
|
|
public function testLoginUserLocked() { |
|
148
|
|
|
$Users = $this->generate('Users'); |
|
149
|
|
|
$UserBlock = $this->getMockForModel('UserBlock', ['getBlockEndsForUser']); |
|
150
|
|
|
$UserBlock |
|
151
|
|
|
->expects($this->once()) |
|
152
|
|
|
->method('getBlockEndsForUser') |
|
153
|
|
|
->with('8') |
|
154
|
|
|
->will($this->returnValue(false)); |
|
155
|
|
|
$Users->User->UserBlock = $UserBlock; |
|
156
|
|
|
$data = ['User' => ['username' => 'Walt', 'password' => 'test']]; |
|
157
|
|
|
$result = $this->testAction('/users/login', |
|
|
|
|
|
|
158
|
|
|
['data' => $data, 'return' => 'contents']); |
|
159
|
|
|
$this->assertContains('is locked.', $result); |
|
160
|
|
|
} |
|
161
|
|
|
|
|
162
|
|
View Code Duplication |
public function testLogout() { |
|
163
|
|
|
$this->generate('Users'); |
|
164
|
|
|
$this->_loginUser(3); |
|
165
|
|
|
$result = $this->testAction('/users/logout', |
|
|
|
|
|
|
166
|
|
|
['method' => 'GET', 'return' => 'contents']); |
|
167
|
|
|
$this->assertTag([ |
|
168
|
|
|
'tag' => 'meta', |
|
169
|
|
|
'attributes' => [ |
|
170
|
|
|
'http-equiv' => 'refresh', |
|
171
|
|
|
'content' => 'regexp:/1;\s/' |
|
172
|
|
|
] |
|
173
|
|
|
], $result); |
|
174
|
|
|
} |
|
175
|
|
|
|
|
176
|
|
|
/** |
|
177
|
|
|
* Registration fails if Terms of Serice checkbox is not set in register form |
|
178
|
|
|
*/ |
|
179
|
|
View Code Duplication |
public function testRegisterTosNotSet() { |
|
180
|
|
|
$data = array( |
|
181
|
|
|
'User' => array( |
|
182
|
|
|
'username' => 'NewUser1', |
|
183
|
|
|
'user_email' => '[email protected]', |
|
184
|
|
|
'user_password' => 'NewUser1spassword', |
|
185
|
|
|
'password_confirm' => 'NewUser1spassword', |
|
186
|
|
|
'tos_confirm' => '0' |
|
187
|
|
|
) |
|
188
|
|
|
); |
|
189
|
|
|
|
|
190
|
|
|
$Users = $this->generate('Users', |
|
191
|
|
|
array( |
|
192
|
|
|
'models' => array('User' => array('register')) |
|
193
|
|
|
)); |
|
194
|
|
|
$Users->User->expects($this->never()) |
|
195
|
|
|
->method('register'); |
|
196
|
|
|
|
|
197
|
|
|
$result = $this->testAction('users/register', |
|
|
|
|
|
|
198
|
|
|
array('data' => $data, 'method' => 'post') |
|
199
|
|
|
); |
|
200
|
|
|
} |
|
201
|
|
|
|
|
202
|
|
|
public function testRegisterEmailFailed() { |
|
203
|
|
|
Configure::write('Saito.Settings.tos_enabled', false); |
|
204
|
|
|
$data = array( |
|
205
|
|
|
'User' => array( |
|
206
|
|
|
'username' => 'NewUser1', |
|
207
|
|
|
'user_email' => '[email protected]', |
|
208
|
|
|
'user_password' => 'NewUser1spassword', |
|
209
|
|
|
'password_confirm' => 'NewUser1spassword', |
|
210
|
|
|
) |
|
211
|
|
|
); |
|
212
|
|
|
|
|
213
|
|
|
$Users = $this->generate('Users', |
|
214
|
|
|
[ |
|
215
|
|
|
'components' => ['SaitoEmail' => ['email']], |
|
216
|
|
|
'methods' => ['email'], |
|
217
|
|
|
'models' => ['User' => ['register']] |
|
218
|
|
|
]); |
|
219
|
|
|
$Users->User->expects($this->once()) |
|
220
|
|
|
->method('register') |
|
221
|
|
|
->will($this->returnValue(true)); |
|
222
|
|
|
$Users->SaitoEmail->expects($this->once()) |
|
223
|
|
|
->method('email') |
|
224
|
|
|
->will($this->throwException(new Exception)); |
|
225
|
|
|
|
|
226
|
|
|
$result = $this->testAction('users/register', |
|
|
|
|
|
|
227
|
|
|
['data' => $data, 'method' => 'post', 'return' => 'view'] |
|
228
|
|
|
); |
|
229
|
|
|
|
|
230
|
|
|
$this->assertContains('Sending Confirmation Email Failed', $result); |
|
231
|
|
|
} |
|
232
|
|
|
|
|
233
|
|
|
/** |
|
234
|
|
|
* No TOS flag is send, but it's also not necessary |
|
235
|
|
|
*/ |
|
236
|
|
View Code Duplication |
public function testRegisterTosNotNecessary() { |
|
237
|
|
|
Configure::write('Saito.Settings.tos_enabled', false); |
|
238
|
|
|
|
|
239
|
|
|
$data = array( |
|
240
|
|
|
'User' => array( |
|
241
|
|
|
'username' => 'NewUser1', |
|
242
|
|
|
'user_email' => '[email protected]', |
|
243
|
|
|
'user_password' => 'NewUser1spassword', |
|
244
|
|
|
'password_confirm' => 'NewUser1spassword', |
|
245
|
|
|
) |
|
246
|
|
|
); |
|
247
|
|
|
|
|
248
|
|
|
$Users = $this->generate('Users', |
|
249
|
|
|
array( |
|
250
|
|
|
'models' => array('User' => array('register')) |
|
251
|
|
|
)); |
|
252
|
|
|
$Users->User->expects($this->once()) |
|
253
|
|
|
->method('register'); |
|
254
|
|
|
|
|
255
|
|
|
$result = $this->testAction('users/register', |
|
|
|
|
|
|
256
|
|
|
array('data' => $data, 'method' => 'post') |
|
257
|
|
|
); |
|
258
|
|
|
} |
|
259
|
|
|
|
|
260
|
|
|
public function testRegisterViewForm() { |
|
261
|
|
|
$results = $this->testAction('/users/register', |
|
|
|
|
|
|
262
|
|
|
['method' => 'GET', 'return' => 'view']); |
|
263
|
|
|
$this->assertFalse(isset($this->headers['Location'])); |
|
264
|
|
|
|
|
265
|
|
|
$fields = [ |
|
266
|
|
|
'username' => [ |
|
267
|
|
|
'tag' => 'input', |
|
268
|
|
|
'attributes' => [ |
|
269
|
|
|
'autocomplete' => 'username', |
|
270
|
|
|
'name' => 'data[User][username]', |
|
271
|
|
|
'required' => 'required', |
|
272
|
|
|
'tabindex' => '1', |
|
273
|
|
|
'type' => 'text' |
|
274
|
|
|
] |
|
275
|
|
|
], |
|
276
|
|
|
'email' => [ |
|
277
|
|
|
'tag' => 'input', |
|
278
|
|
|
'attributes' => [ |
|
279
|
|
|
'autocomplete' => 'email', |
|
280
|
|
|
'name' => 'data[User][user_email]', |
|
281
|
|
|
'required' => 'required', |
|
282
|
|
|
'tabindex' => '2', |
|
283
|
|
|
'type' => 'text' |
|
284
|
|
|
] |
|
285
|
|
|
], |
|
286
|
|
|
'password' => [ |
|
287
|
|
|
'tag' => 'input', |
|
288
|
|
|
'attributes' => [ |
|
289
|
|
|
'autocomplete' => 'new-password', |
|
290
|
|
|
'name' => 'data[User][user_password]', |
|
291
|
|
|
'tabindex' => '3', |
|
292
|
|
|
'type' => 'password' |
|
293
|
|
|
] |
|
294
|
|
|
], |
|
295
|
|
|
'password_confirm' => [ |
|
296
|
|
|
'tag' => 'input', |
|
297
|
|
|
'attributes' => [ |
|
298
|
|
|
'autocomplete' => 'new-password', |
|
299
|
|
|
'name' => 'data[User][password_confirm]', |
|
300
|
|
|
'tabindex' => '4', |
|
301
|
|
|
'type' => 'password' |
|
302
|
|
|
] |
|
303
|
|
|
] |
|
304
|
|
|
]; |
|
305
|
|
|
foreach ($fields as $field) { |
|
306
|
|
|
$this->assertTag($field, $results); |
|
307
|
|
|
} |
|
308
|
|
|
} |
|
309
|
|
|
|
|
310
|
|
|
public function testRegisterCheckboxNotOnPage() { |
|
311
|
|
|
Configure::write('Saito.Settings.tos_enabled', false); |
|
312
|
|
|
$result = $this->testAction('users/register', array('return' => 'view')); |
|
|
|
|
|
|
313
|
|
|
$this->assertNotContains('data[User][tos_confirm]', $result); |
|
314
|
|
|
$this->assertNotContains('http://example.com/tos-url.html/', $result); |
|
315
|
|
|
$this->assertNotContains('disabled', $result); |
|
316
|
|
|
} |
|
317
|
|
|
|
|
318
|
|
View Code Duplication |
public function testRegisterCheckboxOnPage() { |
|
319
|
|
|
$result = $this->testAction('users/register', array('return' => 'view')); |
|
|
|
|
|
|
320
|
|
|
$this->assertContains('data[User][tos_confirm]', $result); |
|
321
|
|
|
$this->assertContains('http://example.com/tos-url.html/', $result); |
|
322
|
|
|
$this->assertContains('disabled="disabled"', $result); |
|
323
|
|
|
} |
|
324
|
|
|
|
|
325
|
|
|
public function testRegisterCheckboxOnPageCustomTosUrl() { |
|
326
|
|
|
Configure::write('Saito.Settings.tos_url', ''); |
|
327
|
|
|
$result = $this->testAction('users/register', array('return' => 'view')); |
|
|
|
|
|
|
328
|
|
|
$this->assertContains($this->controller->request->webroot . 'pages/eng/tos', $result); |
|
329
|
|
|
} |
|
330
|
|
|
|
|
331
|
|
|
/** |
|
332
|
|
|
* Registration succeeds if Terms of Service checkbox is set in register form |
|
333
|
|
|
*/ |
|
334
|
|
|
public function testRegisterTosSet() { |
|
335
|
|
|
$data = array( |
|
336
|
|
|
'User' => array( |
|
337
|
|
|
'username' => 'NewUser1', |
|
338
|
|
|
'user_email' => '[email protected]', |
|
339
|
|
|
'user_password' => 'NewUser1spassword', |
|
340
|
|
|
'password_confirm' => 'NewUser1spassword', |
|
341
|
|
|
'tos_confirm' => '1' |
|
342
|
|
|
) |
|
343
|
|
|
); |
|
344
|
|
|
Configure::write('Saito.Settings.email_register', '[email protected]'); |
|
345
|
|
|
|
|
346
|
|
|
$Users = $this->generate('Users', ['models' => ['User' => ['register']]]); |
|
347
|
|
|
|
|
348
|
|
|
$user = $data; |
|
349
|
|
|
$user['User'] += [ |
|
350
|
|
|
'id' => 48, |
|
351
|
|
|
'activate_code' => 151623 |
|
352
|
|
|
]; |
|
353
|
|
|
$Users->User->expects($this->once()) |
|
354
|
|
|
->method('register') |
|
355
|
|
|
->will($this->returnValue($user)); |
|
356
|
|
|
|
|
357
|
|
|
$result = $this->testAction('users/register', |
|
|
|
|
|
|
358
|
|
|
['data' => $data, 'method' => 'post', 'return' => 'vars'] |
|
359
|
|
|
); |
|
360
|
|
|
|
|
361
|
|
|
//# test registration email |
|
362
|
|
|
$email = $result['email']; |
|
363
|
|
|
// test sender |
|
364
|
|
|
$this->assertContains('From: macnemo <[email protected]>', |
|
365
|
|
|
$email['headers']); |
|
366
|
|
|
// test registration link |
|
367
|
|
|
$this->assertContains('/users/rs/48?c=151623', $email['message']); |
|
368
|
|
|
} |
|
369
|
|
|
|
|
370
|
|
|
/** |
|
371
|
|
|
* There's already an test for validation errors in UserTest, but registration |
|
372
|
|
|
* is seldom used and so we make sure with this test that validation error |
|
373
|
|
|
* message are really shown. |
|
374
|
|
|
*/ |
|
375
|
|
|
public function testRegisterValidation() { |
|
376
|
|
|
Configure::write('Saito.Settings.tos_enabled', false); |
|
377
|
|
|
|
|
378
|
|
|
$data = array( |
|
379
|
|
|
'User' => array( |
|
380
|
|
|
'username' => "mITch", |
|
381
|
|
|
'user_email' => '[email protected]', |
|
382
|
|
|
'user_password' => 'NewUserspassword', |
|
383
|
|
|
'password_confirm' => 'NewUser1spassword', |
|
384
|
|
|
) |
|
385
|
|
|
); |
|
386
|
|
|
|
|
387
|
|
|
$Users = $this->generate('Users'); |
|
|
|
|
|
|
388
|
|
|
$result = $this->testAction('users/register', |
|
|
|
|
|
|
389
|
|
|
array('data' => $data, 'method' => 'post', 'return' => 'view') |
|
390
|
|
|
); |
|
391
|
|
|
|
|
392
|
|
|
// Test that error strings are shown |
|
393
|
|
|
$this->assertContains('Email address is already used.', $result); |
|
394
|
|
|
$this->assertContains('Passwords don't match.', $result); |
|
395
|
|
|
$this->assertContains('Name is already used.', $result); |
|
396
|
|
|
} |
|
397
|
|
|
|
|
398
|
|
View Code Duplication |
public function testRs() { |
|
399
|
|
|
$Users = $this->generate('Users', ['models' => ['User' => ['activate']]]); |
|
400
|
|
|
$Users->User->expects($this->once()) |
|
401
|
|
|
->method('activate') |
|
402
|
|
|
->with(4, '1548') |
|
403
|
|
|
->will($this->returnValue(['status' => 'activated', 'User' => []])); |
|
404
|
|
|
$result = $this->testAction('/users/rs/4/?c=1548', ['return' => 'vars']); |
|
|
|
|
|
|
405
|
|
|
$this->assertEquals('activated', $result['status']); |
|
406
|
|
|
} |
|
407
|
|
|
|
|
408
|
|
|
public function testSetcategoryNotLoggedIn() { |
|
409
|
|
|
$this->setExpectedException('ForbiddenException'); |
|
410
|
|
|
$this->testAction('/users/setcategory/all'); |
|
|
|
|
|
|
411
|
|
|
} |
|
412
|
|
|
|
|
413
|
|
View Code Duplication |
public function testSetcategoryAll() { |
|
414
|
|
|
$Users = $this->generate( |
|
415
|
|
|
'Users', |
|
416
|
|
|
array('models' => array('User' => array('setCategory'))) |
|
417
|
|
|
); |
|
418
|
|
|
|
|
419
|
|
|
$this->_loginUser(3); |
|
420
|
|
|
|
|
421
|
|
|
$Users->User->expects($this->once()) |
|
422
|
|
|
->method('setCategory') |
|
423
|
|
|
->with('all'); |
|
424
|
|
|
|
|
425
|
|
|
$this->testAction('/users/setcategory/all'); |
|
|
|
|
|
|
426
|
|
|
} |
|
427
|
|
|
|
|
428
|
|
View Code Duplication |
public function testSetcategoryCategory() { |
|
429
|
|
|
$Users = $this->generate( |
|
430
|
|
|
'Users', |
|
431
|
|
|
array('models' => array('User' => array('setCategory'))) |
|
432
|
|
|
); |
|
433
|
|
|
$this->_loginUser(3); |
|
434
|
|
|
$Users->User->expects($this->once()) |
|
435
|
|
|
->method('setCategory') |
|
436
|
|
|
->with(5); |
|
437
|
|
|
$this->testAction('/users/setcategory/5'); |
|
|
|
|
|
|
438
|
|
|
} |
|
439
|
|
|
|
|
440
|
|
|
public function testSetcategoryCategories() { |
|
441
|
|
|
$Users = $this->generate( |
|
442
|
|
|
'Users', |
|
443
|
|
|
array('models' => array('User' => array('setCategory'))) |
|
444
|
|
|
); |
|
445
|
|
|
|
|
446
|
|
|
$this->_loginUser(3); |
|
447
|
|
|
|
|
448
|
|
|
$data = array( |
|
449
|
|
|
'CatChooser' => array( |
|
450
|
|
|
'4' => '0', |
|
451
|
|
|
'7' => '1', |
|
452
|
|
|
'9' => '0', |
|
453
|
|
|
), |
|
454
|
|
|
'CatMeta' => array( |
|
455
|
|
|
'All' => '1', |
|
456
|
|
|
) |
|
457
|
|
|
); |
|
458
|
|
|
|
|
459
|
|
|
$Users->User->expects($this->once()) |
|
460
|
|
|
->method('setCategory') |
|
461
|
|
|
->with($data['CatChooser']); |
|
462
|
|
|
$this->testAction( |
|
463
|
|
|
'/users/setcategory/', |
|
|
|
|
|
|
464
|
|
|
array('data' => $data, 'method' => 'post') |
|
465
|
|
|
); |
|
466
|
|
|
} |
|
467
|
|
|
|
|
468
|
|
|
public function testSlidetabOrderSet() { |
|
469
|
|
|
$Controller = $this->generate('Users', ['models' => ['User' => ['saveField']]]); |
|
470
|
|
|
$this->_loginUser(3); |
|
471
|
|
|
|
|
472
|
|
|
$validData = ['slidetab_userlist', 'slidetab_shoutbox']; |
|
473
|
|
|
$Controller->User->expects($this->once())->method('saveField') |
|
474
|
|
|
->with('slidetab_order', serialize($validData)); |
|
475
|
|
|
|
|
476
|
|
|
$data = $validData; |
|
477
|
|
|
$data[] = ['slidetab_foo']; |
|
478
|
|
|
$this->_setAjax(); |
|
479
|
|
|
$this->testAction('/users/slidetab_order', ['method' => 'POST', |
|
|
|
|
|
|
480
|
|
|
'data' => ['slidetabOrder' => $data]]); |
|
481
|
|
|
} |
|
482
|
|
|
|
|
483
|
|
View Code Duplication |
public function testSlidetabToggleSuccess() { |
|
484
|
|
|
$Controller = $this->generate('Users', ['models' => ['User' => ['toggle']]]); |
|
485
|
|
|
$this->_loginUser(3); |
|
486
|
|
|
|
|
487
|
|
|
$data = 'show_userlist'; |
|
488
|
|
|
$Controller->User->expects($this->once())->method('toggle') |
|
489
|
|
|
->with($data); |
|
490
|
|
|
|
|
491
|
|
|
$this->_setAjax(); |
|
492
|
|
|
$this->testAction('/users/slidetab_toggle', ['method' => 'POST', |
|
|
|
|
|
|
493
|
|
|
'data' => ['slidetabKey' => $data]]); |
|
494
|
|
|
} |
|
495
|
|
|
|
|
496
|
|
View Code Duplication |
public function testSlidetabToggleFailure() { |
|
497
|
|
|
$this->generate('Users'); |
|
498
|
|
|
$this->_loginUser(3); |
|
499
|
|
|
|
|
500
|
|
|
$data = 'show_foo'; |
|
501
|
|
|
$this->setExpectedException('BadRequestException', null, 1412949882); |
|
502
|
|
|
|
|
503
|
|
|
$this->_setAjax(); |
|
504
|
|
|
$this->testAction('/users/slidetab_toggle', ['method' => 'POST', |
|
|
|
|
|
|
505
|
|
|
'data' => ['slidetabKey' => $data]]); |
|
506
|
|
|
} |
|
507
|
|
|
|
|
508
|
|
|
public function testViewProfileRequestByUsername() { |
|
509
|
|
|
$this->testAction('/users/view/Mitch'); |
|
|
|
|
|
|
510
|
|
|
$this->assertContains('/users/name/Mitch', $this->headers['Location']); |
|
511
|
|
|
} |
|
512
|
|
|
|
|
513
|
|
|
public function testViewProfileForbiddenForAnon() { |
|
514
|
|
|
$this->testAction('/users/view/1'); |
|
|
|
|
|
|
515
|
|
|
$this->assertContains('/login', $this->headers['Location']); |
|
516
|
|
|
} |
|
517
|
|
|
|
|
518
|
|
|
public function testViewProfileDoesNotExist() { |
|
519
|
|
|
$this->generate('Users'); |
|
520
|
|
|
$this->_loginUser(3); |
|
521
|
|
|
$this->testAction('/users/view/9999'); |
|
|
|
|
|
|
522
|
|
|
$this->assertRedirectedTo(); |
|
523
|
|
|
} |
|
524
|
|
|
|
|
525
|
|
|
public function testView() { |
|
526
|
|
|
$userId = 3; |
|
527
|
|
|
$C = $this->generate('Users', ['models' => ['User' => ['countSolved']]]); |
|
528
|
|
|
$C->User->expects($this->once()) |
|
529
|
|
|
->method('countSolved') |
|
530
|
|
|
->with($userId) |
|
531
|
|
|
->will($this->returnValue(16)); |
|
532
|
|
|
$this->_loginUser(1); |
|
533
|
|
|
|
|
534
|
|
|
$result = $this->testAction("/users/view/$userId", ['return' => 'vars']); |
|
|
|
|
|
|
535
|
|
|
$this->assertFalse(isset($this->headers['Location'])); |
|
536
|
|
|
$this->assertEquals($result['user']['User']['id'], 3); |
|
537
|
|
|
$this->assertEquals($result['user']['User']['username'], 'Ulysses'); |
|
538
|
|
|
$this->assertEquals($result['user']['User']['solves_count'], '16'); |
|
539
|
|
|
} |
|
540
|
|
|
|
|
541
|
|
|
public function testViewSanitation() { |
|
542
|
|
|
$this->generate('Users'); |
|
543
|
|
|
$this->_loginUser(3); |
|
544
|
|
|
$result = $this->testAction('/users/view/7', ['return' => 'view']); |
|
|
|
|
|
|
545
|
|
|
|
|
546
|
|
|
$this->assertTextContains('&<Username', $result); |
|
547
|
|
|
$this->assertTextContains('&<RealName', $result); |
|
548
|
|
|
$this->assertTextContains('&<Homepage', $result); |
|
549
|
|
|
$this->assertTextContains('&<Place', $result); |
|
550
|
|
|
$this->assertTextContains('&<Profile', $result); |
|
551
|
|
|
$this->assertTextContains('&<Signature', $result); |
|
552
|
|
|
$this->assertTextNotContains('<&Username', $result); |
|
553
|
|
|
} |
|
554
|
|
|
|
|
555
|
|
|
public function testMapLinkInMenu() { |
|
556
|
|
|
$this->generate('Users'); |
|
557
|
|
|
$this->_loginUser(3); |
|
558
|
|
|
|
|
559
|
|
|
// not enabled, no link |
|
560
|
|
|
$result = $this->testAction('/users/view/2', ['return' => 'contents']); |
|
|
|
|
|
|
561
|
|
|
$this->assertTextNotContains('/users/map', $result); |
|
562
|
|
|
$result = $this->testAction('/users/index', ['return' => 'contents']); |
|
|
|
|
|
|
563
|
|
|
$this->assertTextNotContains('/users/map', $result); |
|
564
|
|
|
|
|
565
|
|
|
// not enabled, link |
|
566
|
|
|
Configure::write('Saito.Settings.map_enabled', 1); |
|
567
|
|
|
$result = $this->testAction('/users/view/2', ['return' => 'contents']); |
|
|
|
|
|
|
568
|
|
|
$this->assertTextContains('/users/map', $result); |
|
569
|
|
|
$result = $this->testAction('/users/index', ['return' => 'contents']); |
|
|
|
|
|
|
570
|
|
|
$this->assertTextContains('/users/map', $result); |
|
571
|
|
|
} |
|
572
|
|
|
|
|
573
|
|
|
public function testMapDisabled() { |
|
574
|
|
|
$this->generate('Users'); |
|
575
|
|
|
$this->_loginUser(3); |
|
576
|
|
|
$result = $this->testAction('/users/edit/3', ['return' => 'contents']); |
|
|
|
|
|
|
577
|
|
|
$this->assertTextNotContains('class="saito-usermap"', $result); |
|
578
|
|
|
$this->assertTextNotContains(static::MAPQUEST, $result); |
|
579
|
|
|
|
|
580
|
|
|
$result = $this->testAction('/users/view/3', ['return' => 'contents']); |
|
|
|
|
|
|
581
|
|
|
$this->assertTextNotContains('class="saito-usermap"', $result); |
|
582
|
|
|
$this->assertTextNotContains(static::MAPQUEST, $result); |
|
583
|
|
|
|
|
584
|
|
|
$result = $this->testAction('/users/map', ['return' => 'view']); |
|
|
|
|
|
|
585
|
|
|
$this->assertTextNotContains('class="saito-usermap"', $result); |
|
586
|
|
|
$this->assertRedirectedTo(); |
|
587
|
|
|
} |
|
588
|
|
|
|
|
589
|
|
|
public function testMapActivated() { |
|
590
|
|
|
Configure::write('Saito.Settings.map_enabled', 1); |
|
591
|
|
|
|
|
592
|
|
|
$this->generate('Users'); |
|
593
|
|
|
$this->_loginUser(3); |
|
594
|
|
|
$result = $this->testAction('/users/edit/3', ['return' => 'contents']); |
|
|
|
|
|
|
595
|
|
|
$this->assertTextContains('class="saito-usermap"', $result); |
|
596
|
|
|
$this->assertTextContains(static::MAPQUEST, $result); |
|
597
|
|
|
|
|
598
|
|
|
$result = $this->testAction('/users/view/2', ['return' => 'view']); |
|
|
|
|
|
|
599
|
|
|
$this->assertTextNotContains('class="saito-usermap"', $result); |
|
600
|
|
|
$result = $this->testAction('/users/view/3', ['return' => 'view']); |
|
|
|
|
|
|
601
|
|
|
$this->assertTextContains('class="saito-usermap"', $result); |
|
602
|
|
|
|
|
603
|
|
|
$result = $this->testAction('/users/map', ['return' => 'view']); |
|
|
|
|
|
|
604
|
|
|
$this->assertTextContains('class="saito-usermap"', $result); |
|
605
|
|
|
|
|
606
|
|
|
// Map CSS and JS should only be included on page if necessary |
|
607
|
|
|
$result = $this->testAction('/users/index', ['return' => 'contents']); |
|
|
|
|
|
|
608
|
|
|
$this->assertTextNotContains(static::MAPQUEST, $result); |
|
609
|
|
|
} |
|
610
|
|
|
|
|
611
|
|
|
public function testMapsNotLoggedIn() { |
|
612
|
|
|
$this->setExpectedException('MissingActionException'); |
|
613
|
|
|
$this->testAction('/users/maps'); |
|
|
|
|
|
|
614
|
|
|
} |
|
615
|
|
|
|
|
616
|
|
|
public function testName() { |
|
617
|
|
|
$this->generate('Users'); |
|
618
|
|
|
$this->_loginUser(3); |
|
619
|
|
|
$this->testAction('/users/name/Mitch'); |
|
|
|
|
|
|
620
|
|
|
$this->assertContains('/users/view/2', $this->headers['Location']); |
|
621
|
|
|
} |
|
622
|
|
|
|
|
623
|
|
|
public function testEditNotLoggedIn() { |
|
624
|
|
|
$this->setExpectedException('\Saito\Exception\SaitoForbiddenException'); |
|
625
|
|
|
$this->testAction('/users/edit/3'); |
|
|
|
|
|
|
626
|
|
|
} |
|
627
|
|
|
|
|
628
|
|
View Code Duplication |
public function testEditNotUsersEntryGet() { |
|
629
|
|
|
$this->generate('Users'); |
|
630
|
|
|
$this->_loginUser(2); // mod |
|
631
|
|
|
$this->setExpectedException('Saito\Exception\SaitoForbiddenException'); |
|
632
|
|
|
$this->testAction('/users/edit/3', ['method' => 'GET']); |
|
|
|
|
|
|
633
|
|
|
} |
|
634
|
|
|
|
|
635
|
|
View Code Duplication |
public function testEditNotUsersEntryPost() { |
|
636
|
|
|
$this->generate('Users'); |
|
637
|
|
|
$this->_loginUser(2); // mod |
|
638
|
|
|
$this->setExpectedException('Saito\Exception\SaitoForbiddenException'); |
|
639
|
|
|
$this->testAction('/users/edit/3', ['method' => 'POST']); |
|
|
|
|
|
|
640
|
|
|
} |
|
641
|
|
|
|
|
642
|
|
|
public function testEditNotUsersEntryButAdmin() { |
|
643
|
|
|
$this->generate('Users'); |
|
644
|
|
|
$this->_loginUser(1); // mod |
|
645
|
|
|
$this->testAction('/users/edit/3', ['method' => 'POST']); |
|
|
|
|
|
|
646
|
|
|
} |
|
647
|
|
|
|
|
648
|
|
|
public function testIndex() { |
|
649
|
|
|
$this->generate('Users'); |
|
650
|
|
|
$this->_loginUser(1); |
|
651
|
|
|
// basic test: creating view should not throw error |
|
652
|
|
|
$this->testAction('/users/index', ['return' => 'view']); |
|
|
|
|
|
|
653
|
|
|
} |
|
654
|
|
|
|
|
655
|
|
|
public function testLock() { |
|
656
|
|
|
/* not logged in should'nt be allowed */ |
|
657
|
|
|
$this->testAction('/users/lock', |
|
|
|
|
|
|
658
|
|
|
['data' => ['User' => ['lockUserId' => 3]]]); |
|
659
|
|
|
$this->assertRedirectedTo(); |
|
660
|
|
|
|
|
661
|
|
|
// user can't lock other users |
|
662
|
|
|
$this->_loginUser(3); |
|
663
|
|
|
$this->testAction('/users/lock', |
|
|
|
|
|
|
664
|
|
|
['data' => ['User' => ['lockUserId' => 4]]]); |
|
665
|
|
|
$this->controller->User->contain(); |
|
666
|
|
|
$result = $this->controller->User->read('user_lock', 4); |
|
667
|
|
|
$this->assertTrue($result['User']['user_lock'] == false); |
|
668
|
|
|
|
|
669
|
|
|
// mod locks user |
|
670
|
|
|
$this->_loginUser(2); |
|
671
|
|
|
$this->testAction('/users/lock', |
|
|
|
|
|
|
672
|
|
|
['data' => ['User' => ['lockUserId' => 4]]]); |
|
673
|
|
|
$this->controller->User->contain(); |
|
674
|
|
|
$result = $this->controller->User->read('user_lock', 4); |
|
675
|
|
|
$this->assertTrue($result['User']['user_lock'] == true); |
|
676
|
|
|
|
|
677
|
|
|
// mod unlocks user |
|
678
|
|
|
$this->testAction('/users/lock', |
|
|
|
|
|
|
679
|
|
|
['data' => ['User' => ['lockUserId' => 4]]]); |
|
680
|
|
|
$this->controller->User->contain(); |
|
681
|
|
|
$result = $this->controller->User->read('user_lock', 4); |
|
682
|
|
|
$this->assertTrue($result['User']['user_lock'] == false); |
|
683
|
|
|
|
|
684
|
|
|
// you can't lock yourself out |
|
685
|
|
|
$this->testAction('/users/lock', |
|
|
|
|
|
|
686
|
|
|
['data' => ['User' => ['lockUserId' => 2]]]); |
|
687
|
|
|
$this->controller->User->contain(); |
|
688
|
|
|
$result = $this->controller->User->read('user_lock', 2); |
|
689
|
|
|
$this->assertTrue($result['User']['user_lock'] == false); |
|
690
|
|
|
|
|
691
|
|
|
// mod can't lock admin |
|
692
|
|
|
$this->testAction('/users/lock', |
|
|
|
|
|
|
693
|
|
|
['data' => ['User' => ['lockUserId' => 1]]]); |
|
694
|
|
|
$this->controller->User->contain(); |
|
695
|
|
|
$result = $this->controller->User->read('user_lock', 1); |
|
696
|
|
|
$this->assertTrue($result['User']['user_lock'] == false); |
|
697
|
|
|
|
|
698
|
|
|
// user does not exit |
|
699
|
|
|
$this->testAction('/users/lock', |
|
|
|
|
|
|
700
|
|
|
['data' => ['User' => ['lockUserId' => 9999]]]); |
|
701
|
|
|
$this->assertRedirectedTo(); |
|
702
|
|
|
|
|
703
|
|
|
// locked user are thrown out |
|
704
|
|
|
$this->testAction('/users/lock', |
|
|
|
|
|
|
705
|
|
|
['data' => ['User' => ['lockUserId' => 5]]]); |
|
706
|
|
|
$this->controller->User->contain(); |
|
707
|
|
|
$result = $this->controller->User->read('user_lock', 5); |
|
708
|
|
|
$this->assertTrue($result['User']['user_lock'] == true); |
|
709
|
|
|
$this->_logoutUser(); |
|
710
|
|
|
|
|
711
|
|
|
$this->_loginUser(5); |
|
712
|
|
|
$this->testAction('/entries/index'); |
|
|
|
|
|
|
713
|
|
|
$this->assertContains('users/logout', $this->headers['Location']); |
|
714
|
|
|
|
|
715
|
|
|
// locked user can't relogin |
|
716
|
|
|
$this->_logoutUser(); |
|
717
|
|
|
$data = array( |
|
718
|
|
|
'User' => array( |
|
719
|
|
|
'username' => 'Uma', |
|
720
|
|
|
'password' => 'test', |
|
721
|
|
|
) |
|
722
|
|
|
); |
|
723
|
|
|
$this->testAction( |
|
724
|
|
|
'/users/login', |
|
|
|
|
|
|
725
|
|
|
array('data' => $data, 'method' => 'post') |
|
726
|
|
|
); |
|
727
|
|
|
$this->assertNull($this->controller->Session->read('Auth.User')); |
|
728
|
|
|
} |
|
729
|
|
|
|
|
730
|
|
|
public function testDelete() { |
|
731
|
|
|
/* |
|
732
|
|
|
* not logged in can't delete |
|
733
|
|
|
*/ |
|
734
|
|
|
try { |
|
735
|
|
|
$this->testAction('/admin/users/delete/3'); |
|
|
|
|
|
|
736
|
|
|
} catch (ForbiddenException $exc) { |
|
737
|
|
|
$this->controller->User->contain(); |
|
738
|
|
|
$result = $this->controller->User->findById(3); |
|
739
|
|
|
$this->assertTrue($result != false); |
|
740
|
|
|
} |
|
741
|
|
|
|
|
742
|
|
|
/* |
|
743
|
|
|
* user can't delete admin/users |
|
744
|
|
|
*/ |
|
745
|
|
|
$this->_loginUser(3); |
|
746
|
|
|
try { |
|
747
|
|
|
$this->testAction('/admin/users/delete/4'); |
|
|
|
|
|
|
748
|
|
|
} catch (ForbiddenException $exc) { |
|
749
|
|
|
$this->controller->User->contain(); |
|
750
|
|
|
$result = $this->controller->User->findById(4); |
|
751
|
|
|
$this->assertTrue($result != false); |
|
752
|
|
|
} |
|
753
|
|
|
|
|
754
|
|
|
/* |
|
755
|
|
|
* mods can't delete admin/users |
|
756
|
|
|
*/ |
|
757
|
|
|
$this->_loginUser(2); |
|
758
|
|
|
try { |
|
759
|
|
|
$this->testAction('/admin/users/delete/4'); |
|
|
|
|
|
|
760
|
|
|
} catch (ForbiddenException $exc) { |
|
761
|
|
|
$this->controller->User->contain(); |
|
762
|
|
|
$result = $this->controller->User->findById(4); |
|
763
|
|
|
$this->assertTrue($result != false); |
|
764
|
|
|
} |
|
765
|
|
|
|
|
766
|
|
|
/* |
|
767
|
|
|
* admin can access delete ui |
|
768
|
|
|
*/ |
|
769
|
|
|
$this->_loginUser(6); |
|
770
|
|
|
$this->testAction('/admin/users/delete/4'); |
|
|
|
|
|
|
771
|
|
|
$this->assertFalse(isset($this->headers['location'])); |
|
772
|
|
|
|
|
773
|
|
|
/* |
|
774
|
|
|
* you can't delete non existing users |
|
775
|
|
|
*/ |
|
776
|
|
|
$countBeforeDelete = $this->controller->User->find('count'); |
|
777
|
|
|
$data = array('User' => array('modeDelete' => 1)); |
|
778
|
|
|
$this->_loginUser(6); |
|
779
|
|
|
$this->testAction('/admin/users/delete/9999', array('data' => $data)); |
|
|
|
|
|
|
780
|
|
|
$countAfterDelete = $this->controller->User->find('count'); |
|
781
|
|
|
$this->assertEquals($countBeforeDelete, $countAfterDelete); |
|
782
|
|
|
$this->assertRedirectedTo(); |
|
783
|
|
|
|
|
784
|
|
|
/* |
|
785
|
|
|
* you can't delete yourself |
|
786
|
|
|
*/ |
|
787
|
|
|
$data = array('User' => array('modeDelete' => 1)); |
|
788
|
|
|
$this->_loginUser(6); |
|
789
|
|
|
$this->testAction('/admin/users/delete/6', array('data' => $data)); |
|
|
|
|
|
|
790
|
|
|
$this->controller->User->contain(); |
|
791
|
|
|
$result = $this->controller->User->findById(6); |
|
792
|
|
|
$this->assertTrue($result != false); |
|
793
|
|
|
|
|
794
|
|
|
/* |
|
795
|
|
|
* you can't delete the root user |
|
796
|
|
|
*/ |
|
797
|
|
|
$this->_loginUser(6); |
|
798
|
|
|
$this->testAction('/admin/users/delete/1', array('data' => $data)); |
|
|
|
|
|
|
799
|
|
|
$this->controller->User->contain(); |
|
800
|
|
|
$result = $this->controller->User->findById(1); |
|
801
|
|
|
$this->assertTrue($result != false); |
|
802
|
|
|
|
|
803
|
|
|
/* |
|
804
|
|
|
* admin deletes user |
|
805
|
|
|
*/ |
|
806
|
|
|
$this->_loginUser(6); |
|
807
|
|
|
$this->testAction('/admin/users/delete/5', array('data' => $data)); |
|
|
|
|
|
|
808
|
|
|
$this->controller->User->contain(); |
|
809
|
|
|
$result = $this->controller->User->findById(5); |
|
810
|
|
|
$this->assertEmpty($result); |
|
811
|
|
|
$this->assertRedirectedTo(); |
|
812
|
|
|
} |
|
813
|
|
|
|
|
814
|
|
|
public function testChangePasswordNotLoggedIn() { |
|
815
|
|
|
$this->setExpectedException('Saito\Exception\SaitoForbiddenException'); |
|
816
|
|
|
$this->testAction('/users/changepassword/5'); |
|
|
|
|
|
|
817
|
|
|
$this->assertRedirectedTo(); |
|
818
|
|
|
} |
|
819
|
|
|
|
|
820
|
|
View Code Duplication |
public function testChangePasswordWrongUser() { |
|
821
|
|
|
$this->generate('Users'); |
|
822
|
|
|
$this->_loginUser(4); |
|
823
|
|
|
|
|
824
|
|
|
$this->setExpectedException('Saito\Exception\SaitoForbiddenException'); |
|
825
|
|
|
|
|
826
|
|
|
$data = [ |
|
827
|
|
|
'User' => [ |
|
828
|
|
|
'password_old' => 'test', |
|
829
|
|
|
'user_password' => 'test_new', |
|
830
|
|
|
'password_confirm' => 'test_new', |
|
831
|
|
|
] |
|
832
|
|
|
]; |
|
833
|
|
|
$this->testAction('/users/changepassword/1', |
|
|
|
|
|
|
834
|
|
|
['data' => $data, 'method' => 'post']); |
|
835
|
|
|
} |
|
836
|
|
|
|
|
837
|
|
|
public function testChangePasswordViewFormWrongUser() { |
|
838
|
|
|
$this->generate('Users'); |
|
839
|
|
|
$this->setExpectedException('Saito\Exception\SaitoForbiddenException'); |
|
840
|
|
|
$this->_loginUser(4); |
|
841
|
|
|
$this->testAction('/users/changepassword/5'); |
|
|
|
|
|
|
842
|
|
|
} |
|
843
|
|
|
|
|
844
|
|
|
public function testChangePasswordViewForm() { |
|
845
|
|
|
$this->generate('Users'); |
|
846
|
|
|
$this->_loginUser(4); |
|
847
|
|
|
$this->testAction('/users/changepassword/4'); |
|
|
|
|
|
|
848
|
|
|
$this->assertFalse(isset($this->headers['location'])); |
|
849
|
|
|
} |
|
850
|
|
|
|
|
851
|
|
View Code Duplication |
public function testChangePasswordConfirmationFailed() { |
|
852
|
|
|
$this->generate('Users'); |
|
853
|
|
|
$this->_loginUser(4); |
|
854
|
|
|
|
|
855
|
|
|
$data = [ |
|
856
|
|
|
'User' => [ |
|
857
|
|
|
'password_old' => 'test', |
|
858
|
|
|
'user_password' => 'test_new_foo', |
|
859
|
|
|
'password_confirm' => 'test_new_bar' |
|
860
|
|
|
] |
|
861
|
|
|
]; |
|
862
|
|
|
$this->testAction('/users/changepassword/4', |
|
|
|
|
|
|
863
|
|
|
['data' => $data, 'method' => 'post']); |
|
864
|
|
|
$this->assertFalse($this->controller->User->validates()); |
|
865
|
|
|
|
|
866
|
|
|
$expected = '098f6bcd4621d373cade4e832627b4f6'; |
|
867
|
|
|
$this->controller->User->id = 4; |
|
868
|
|
|
$this->controller->User->contain(); |
|
869
|
|
|
$result = $this->controller->User->read(); |
|
870
|
|
|
$this->assertEquals($result['User']['password'], $expected); |
|
871
|
|
|
$this->assertFalse(isset($this->headers['Location'])); |
|
872
|
|
|
} |
|
873
|
|
|
|
|
874
|
|
View Code Duplication |
public function testChangePasswordOldPasswordNotCorrect() { |
|
875
|
|
|
$this->generate('Users'); |
|
876
|
|
|
$this->_loginUser(4); |
|
877
|
|
|
|
|
878
|
|
|
$data = [ |
|
879
|
|
|
'User' => [ |
|
880
|
|
|
'password_old' => 'test_something', |
|
881
|
|
|
'user_password' => 'test_new_foo', |
|
882
|
|
|
'password_confirm' => 'test_new_foo', |
|
883
|
|
|
] |
|
884
|
|
|
]; |
|
885
|
|
|
$this->testAction('/users/changepassword/4', |
|
|
|
|
|
|
886
|
|
|
['data' => $data, 'method' => 'post']); |
|
887
|
|
|
$this->assertFalse($this->controller->User->validates()); |
|
888
|
|
|
|
|
889
|
|
|
$expected = '098f6bcd4621d373cade4e832627b4f6'; |
|
890
|
|
|
$this->controller->User->id = 4; |
|
891
|
|
|
$this->controller->User->contain(); |
|
892
|
|
|
$result = $this->controller->User->read(); |
|
893
|
|
|
$this->assertEquals($result['User']['password'], $expected); |
|
894
|
|
|
$this->assertFalse(isset($this->headers['Location'])); |
|
895
|
|
|
} |
|
896
|
|
|
|
|
897
|
|
|
public function testChangePassword() { |
|
898
|
|
|
$this->generate('Users'); |
|
899
|
|
|
|
|
900
|
|
|
$this->_loginUser(5); |
|
901
|
|
|
$data = [ |
|
902
|
|
|
'User' => [ |
|
903
|
|
|
'password_old' => 'test', |
|
904
|
|
|
'user_password' => 'test_new', |
|
905
|
|
|
'password_confirm' => 'test_new', |
|
906
|
|
|
] |
|
907
|
|
|
]; |
|
908
|
|
|
$this->testAction('/users/changepassword/5', |
|
|
|
|
|
|
909
|
|
|
['data' => $data, 'method' => 'post']); |
|
910
|
|
|
|
|
911
|
|
|
$this->controller->User->contain(); |
|
912
|
|
|
$result = $this->controller->User->findById(5); |
|
913
|
|
|
|
|
914
|
|
|
App::uses('BlowfishPasswordHasher', 'Controller/Component/Auth'); |
|
915
|
|
|
$pwH = new BlowfishPasswordHasher(); |
|
916
|
|
|
|
|
917
|
|
|
$this->assertTrue($pwH->check('test_new', $result['User']['password'])); |
|
918
|
|
|
$this->assertContains('users/edit', $this->headers['Location']); |
|
919
|
|
|
} |
|
920
|
|
|
|
|
921
|
|
|
/** |
|
922
|
|
|
* Checks that the mod-button is in-/visible |
|
923
|
|
|
*/ |
|
924
|
|
|
public function testViewModButton() { |
|
925
|
|
|
$Users = $this->generate('Users'); |
|
|
|
|
|
|
926
|
|
|
|
|
927
|
|
|
/** |
|
928
|
|
|
* Mod Button is not visible for anon users |
|
929
|
|
|
*/ |
|
930
|
|
|
$result = $this->testAction('users/view/5', array( |
|
|
|
|
|
|
931
|
|
|
'return' => 'view' |
|
932
|
|
|
)); |
|
933
|
|
|
$this->assertTextNotContains('dropdown', $result); |
|
934
|
|
|
|
|
935
|
|
|
/** |
|
936
|
|
|
* Mod Button is not visible for normal users |
|
937
|
|
|
*/ |
|
938
|
|
|
$this->_loginUser(3); |
|
939
|
|
|
$result = $this->testAction('users/view/5', array( |
|
|
|
|
|
|
940
|
|
|
'return' => 'view' |
|
941
|
|
|
)); |
|
942
|
|
|
$this->assertTextNotContains('dropdown', $result); |
|
943
|
|
|
|
|
944
|
|
|
/** |
|
945
|
|
|
* Mod Button is visible for admin |
|
946
|
|
|
*/ |
|
947
|
|
|
$this->_loginUser(1); |
|
948
|
|
|
$result = $this->testAction('users/view/5', array( |
|
|
|
|
|
|
949
|
|
|
'return' => 'view' |
|
950
|
|
|
)); |
|
951
|
|
|
$this->assertTextContains('dropdown', $result); |
|
952
|
|
|
|
|
953
|
|
|
/** |
|
954
|
|
|
* Mod Button is currently visible for mod |
|
955
|
|
|
*/ |
|
956
|
|
|
$this->_loginUser(1); |
|
957
|
|
|
$result = $this->testAction('users/view/5', array( |
|
|
|
|
|
|
958
|
|
|
'return' => 'view' |
|
959
|
|
|
)); |
|
960
|
|
|
$this->assertTextContains('dropdown', $result); |
|
961
|
|
|
} |
|
962
|
|
|
|
|
963
|
|
View Code Duplication |
public function testViewModButtonEmpty() { |
|
964
|
|
|
/** |
|
965
|
|
|
* Mod menu is currently empty for mod |
|
966
|
|
|
*/ |
|
967
|
|
|
Configure::write('Saito.Settings.block_user_ui', false); |
|
968
|
|
|
|
|
969
|
|
|
$Users = $this->generate('Users'); |
|
|
|
|
|
|
970
|
|
|
|
|
971
|
|
|
$this->_loginUser(2); |
|
972
|
|
|
$result = $this->testAction('users/view/5', array( |
|
|
|
|
|
|
973
|
|
|
'return' => 'view' |
|
974
|
|
|
)); |
|
975
|
|
|
$this->assertTextNotContains('dropdown', $result); |
|
976
|
|
|
} |
|
977
|
|
|
|
|
978
|
|
View Code Duplication |
public function testViewModButtonBlockUiTrue() { |
|
979
|
|
|
Configure::write('Saito.Settings.block_user_ui', true); |
|
980
|
|
|
|
|
981
|
|
|
$Users = $this->generate('Users'); |
|
|
|
|
|
|
982
|
|
|
|
|
983
|
|
|
$this->_loginUser(2); |
|
984
|
|
|
$result = $this->testAction('users/view/5', array( |
|
|
|
|
|
|
985
|
|
|
'return' => 'view' |
|
986
|
|
|
)); |
|
987
|
|
|
$this->assertXPath($result, '//input[@value=5][@id="UserLockUserId"]'); |
|
988
|
|
|
} |
|
989
|
|
|
|
|
990
|
|
View Code Duplication |
public function testViewModButtonBlockUiFalse() { |
|
991
|
|
|
Configure::write('Saito.Settings.block_user_ui', false); |
|
992
|
|
|
|
|
993
|
|
|
$Users = $this->generate('Users'); |
|
|
|
|
|
|
994
|
|
|
|
|
995
|
|
|
$this->_loginUser(2); |
|
996
|
|
|
$result = $this->testAction('users/view/5', array( |
|
|
|
|
|
|
997
|
|
|
'return' => 'view' |
|
998
|
|
|
)); |
|
999
|
|
|
$this->assertTextNotContains('users/lock/5', $result); |
|
1000
|
|
|
} |
|
1001
|
|
|
|
|
1002
|
|
|
} |
|
1003
|
|
|
|
Schlaefer /
Saito
Loading history...
This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.
If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.
In this case you can add the
@ignorePhpDoc annotation to the duplicate definition and it will be ignored.