UsersModuleTest::setUp() - Code Metrics - Inspection of "make it possible to run tests with mariadb" - eduVPN/vpn-server-api - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 392d49...015953 )

by François

created 2016-12-22 14:56 UTC

UsersModuleTest::setUp() A

↳ Parent: UsersModuleTest

Complexity

Conditions	1
Paths	1

Size

Total Lines	47
Code Lines	28

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
c	0
b	0
f	0
dl	0
loc	47
rs	9.0303
cc	1
eloc	28
nc	1
nop	0

<?php
/**
 *  Copyright (C) 2016 SURFnet.
 *
 *  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU Affero General Public License as
 *  published by the Free Software Foundation, either version 3 of the
 *  License, or (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU Affero General Public License for more details.
 *
 *  You should have received a copy of the GNU Affero General Public License
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

namespace SURFnet\VPN\Server\Api;

use Base32\Base32;
use DateTime;
use Otp\Otp;
use PDO;
use PHPUnit_Framework_TestCase;
use SURFnet\VPN\Common\Config;
use SURFnet\VPN\Common\Http\BasicAuthenticationHook;
use SURFnet\VPN\Common\Http\Request;
use SURFnet\VPN\Common\Http\Service;
use SURFnet\VPN\Server\Acl\Provider\StaticProvider;
use SURFnet\VPN\Server\Storage;

class UsersModuleTest extends PHPUnit_Framework_TestCase
{
    /** @var \SURFnet\VPN\Common\Http\Service */
    private $service;

    public function setUp()
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
    {
        $storage = new Storage(
            new PDO(
                $GLOBALS['DB_DSN'],
                $GLOBALS['DB_USER'],
                $GLOBALS['DB_PASSWD']
            )
        );
        $storage->drop(); // drop for MariaDB
        $storage->init();

        $storage->addCertificate('foo', 'abcd1234', 'ABCD1234', new DateTime('@12345678'), new DateTime('@23456789'));

        $storage->disableUser('bar');
        $storage->setTotpSecret('bar', 'CN2XAL23SIFTDFXZ');
        $storage->setVootToken('bar', '123456');

        // user "baz" has a secret, and already used a key for replay testing
        $storage->setTotpSecret('baz', 'SWIXJ4V7VYALWH6E');
        $otp = new Otp();
        $storage->recordTotpKey('baz', $otp->totp(Base32::decode('SWIXJ4V7VYALWH6E')), new DateTime('now'));

        $config = Config::fromFile(sprintf('%s/data/user_groups_config.yaml', __DIR__));
        $groupProviders = [
            new StaticProvider(
                new Config($config->v('groupProviders', 'StaticProvider'))
            ),
        ];

        $this->service = new Service();
        $this->service->addModule(
            new UsersModule(
                $storage,
                $groupProviders
            )
        );

        $bearerAuthentication = new BasicAuthenticationHook(
            [
                'vpn-user-portal' => 'aabbcc',
                'vpn-admin-portal' => 'bbccdd',
            ]
        );

        $this->service->addBeforeHook('auth', $bearerAuthentication);
    }

    public function testListUsers()
    {
        $this->assertSame(
            [
                [
                    'user_id' => 'foo',
                    'is_disabled' => false,
                ],
                [
                    'user_id' => 'bar',
                    'is_disabled' => true,
                ],
                [
                    'user_id' => 'baz',
                    'is_disabled' => false,
                ],
            ],
            $this->makeRequest(
                ['vpn-admin-portal', 'bbccdd'],
                'GET',
                'user_list',
                ['profile_id' => 'internet'],
                []
            )
        );
    }

    public function testSetTotpSecret()

    {
        $otp = new Otp();
        $totpSecret = 'MM7TTLHPA7WZOJFB';
        $totpKey = $otp->totp(Base32::decode($totpSecret));

        $this->assertTrue(
            $this->makeRequest(
                ['vpn-user-portal', 'aabbcc'],
                'POST',
                'set_totp_secret',
                [],
                [
                    'user_id' => 'foo',
                    'totp_secret' => $totpSecret,
                    'totp_key' => $totpKey,
                ]
            )
        );
    }

    public function testVerifyOtpKey()

    {
        $otp = new Otp();
        $totpSecret = 'CN2XAL23SIFTDFXZ';
        $totpKey = $otp->totp(Base32::decode($totpSecret));

        $this->assertTrue(
            $this->makeRequest(
                ['vpn-user-portal', 'aabbcc'],
                'POST',
                'verify_totp_key',
                [],
                [
                    'user_id' => 'bar',
                    'totp_key' => $totpKey,
                ]
            )
        );
    }

    public function testVerifyOtpKeyWrong()
    {
        $otp = new Otp();
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
        $totpSecret = 'CN2XAL23SIFTDFXZ';
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}

        // in theory this totp_key, 123456 could be correct at one point in
        // time... then this test will fail!
        $this->assertSame(
            [
                'ok' => false,
                'error' => 'invalid TOTP key',
            ],
            $this->makeRequest(
                ['vpn-user-portal', 'aabbcc'],
                'POST',
                'verify_totp_key',
                [],
                [
                    'user_id' => 'bar',
                    'totp_key' => '123456',
                ]
            )
        );
    }

    public function testVerifyOtpKeyReplay()
    {
        $otp = new Otp();
        $totpKey = $otp->totp(Base32::decode('SWIXJ4V7VYALWH6E'));

        $this->assertSame(
            [
                'ok' => false,
                'error' => 'TOTP key replay',
            ],
            $this->makeRequest(
                ['vpn-user-portal', 'aabbcc'],
                'POST',
                'verify_totp_key',
                [],
                [
                    'user_id' => 'baz',
                    'totp_key' => $totpKey,
                ]
            )
        );
    }

    public function testHasTotpSecret()
    {
        $this->assertTrue(
            $this->makeRequest(
                ['vpn-user-portal', 'aabbcc'],
                'GET',
                'has_totp_secret',
                [
                    'user_id' => 'bar',
                ],
                []
            )
        );
    }

    public function testDeleteTotpSecret()

    {
        $this->assertTrue(
            $this->makeRequest(
                ['vpn-admin-portal', 'bbccdd'],
                'POST',
                'delete_totp_secret',
                [],
                [
                    'user_id' => 'bar',
                ]
            )
        );
    }

    public function testSetVootToken()
    {
        $this->assertTrue(
            $this->makeRequest(
                ['vpn-user-portal', 'aabbcc'],
                'POST',
                'set_voot_token',
                [],
                [
                    'user_id' => 'foo',
                    'voot_token' => 'bar',
                ]
            )
        );
    }

    public function testDeleteVootToken()

    {
        $this->assertTrue(
            $this->makeRequest(
                ['vpn-admin-portal', 'bbccdd'],
                'POST',
                'delete_voot_token',
                [],
                [
                    'user_id' => 'bar',
                ]
            )
        );
    }

    public function testDisableUser()

    {
        $this->assertTrue(
            $this->makeRequest(
                ['vpn-admin-portal', 'bbccdd'],
                'POST',
                'disable_user',
                [],
                [
                    'user_id' => 'foo',
                ]
            )
        );
    }

    public function testEnableUser()

    {
        $this->assertTrue(
            $this->makeRequest(
                ['vpn-admin-portal', 'bbccdd'],
                'POST',
                'enable_user',
                [],
                [
                    'user_id' => 'bar',
                ]
            )
        );
    }

    public function testDeleteUser()

    {
        $this->assertTrue(
            $this->makeRequest(
                ['vpn-admin-portal', 'bbccdd'],
                'POST',
                'delete_user',
                [],
                [
                    'user_id' => 'foo',
                ]
            )
        );
    }

    public function testUserGroups()
    {
        $this->assertSame(
            [
                [
                    'id' => 'all',
                    'displayName' => 'All',
                ],
                [
                    'id' => 'employees',
                    'displayName' => 'Employees',
                ],
            ],
            $this->makeRequest(
                ['vpn-user-portal', 'aabbcc'],
                'GET',
                'user_groups',
                [
                    'user_id' => 'bar',
                ],
                []
            )
        );
    }

    private function makeRequest(array $basicAuth, $requestMethod, $pathInfo, array $getData = [], array $postData = [])

    {
        $response = $this->service->run(
            new Request(
                [
                    'SERVER_PORT' => 80,
                    'SERVER_NAME' => 'vpn.example',
                    'REQUEST_METHOD' => $requestMethod,
                    'SCRIPT_NAME' => '/index.php',
                    'REQUEST_URI' => sprintf('/%s', $pathInfo),
                    'PHP_AUTH_USER' => $basicAuth[0],
                    'PHP_AUTH_PW' => $basicAuth[1],
                ],
                $getData,
                $postData
            )
        );

        $responseArray = json_decode($response->getBody(), true)[$pathInfo];
        if ($responseArray['ok']) {
            if (array_key_exists('data', $responseArray)) {
                return $responseArray['data'];
            }

            return true;
        }

        // in case of errors...
        return $responseArray;
    }
}


1		<?php
2		/**
3		* Copyright (C) 2016 SURFnet.
4		*
5		* This program is free software: you can redistribute it and/or modify
6		* it under the terms of the GNU Affero General Public License as
7		* published by the Free Software Foundation, either version 3 of the
8		* License, or (at your option) any later version.
9		*
10		* This program is distributed in the hope that it will be useful,
11		* but WITHOUT ANY WARRANTY; without even the implied warranty of
12		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13		* GNU Affero General Public License for more details.
14		*
15		* You should have received a copy of the GNU Affero General Public License
16		* along with this program. If not, see <http://www.gnu.org/licenses/>.
17		*/
18
19		namespace SURFnet\VPN\Server\Api;
20
21		use Base32\Base32;
22		use DateTime;
23		use Otp\Otp;
24		use PDO;
25		use PHPUnit_Framework_TestCase;
26		use SURFnet\VPN\Common\Config;
27		use SURFnet\VPN\Common\Http\BasicAuthenticationHook;
28		use SURFnet\VPN\Common\Http\Request;
29		use SURFnet\VPN\Common\Http\Service;
30		use SURFnet\VPN\Server\Acl\Provider\StaticProvider;
31		use SURFnet\VPN\Server\Storage;
32
33		class UsersModuleTest extends PHPUnit_Framework_TestCase
34		{
35		/** @var \SURFnet\VPN\Common\Http\Service */
36		private $service;
37
38		public function setUp()
		0 ignored issues – show Coding Style introduced 2016-12-22 14:58 UTC by Report Bug Copy Issue Report `setUp` uses the super-global variable `$GLOBALS` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
39		{
40		$storage = new Storage(
41		new PDO(
42		$GLOBALS['DB_DSN'],
43		$GLOBALS['DB_USER'],
44		$GLOBALS['DB_PASSWD']
45		)
46		);
47		$storage->drop(); // drop for MariaDB
48		$storage->init();
49
50		$storage->addCertificate('foo', 'abcd1234', 'ABCD1234', new DateTime('@12345678'), new DateTime('@23456789'));
51
52		$storage->disableUser('bar');
53		$storage->setTotpSecret('bar', 'CN2XAL23SIFTDFXZ');
54		$storage->setVootToken('bar', '123456');
55
56		// user "baz" has a secret, and already used a key for replay testing
57		$storage->setTotpSecret('baz', 'SWIXJ4V7VYALWH6E');
58		$otp = new Otp();
59		$storage->recordTotpKey('baz', $otp->totp(Base32::decode('SWIXJ4V7VYALWH6E')), new DateTime('now'));
60
61		$config = Config::fromFile(sprintf('%s/data/user_groups_config.yaml', __DIR__));
62		$groupProviders = [
63		new StaticProvider(
64		new Config($config->v('groupProviders', 'StaticProvider'))
65		),
66		];
67
68		$this->service = new Service();
69		$this->service->addModule(
70		new UsersModule(
71		$storage,
72		$groupProviders
73		)
74		);
75
76		$bearerAuthentication = new BasicAuthenticationHook(
77		[
78		'vpn-user-portal' => 'aabbcc',
79		'vpn-admin-portal' => 'bbccdd',
80		]
81		);
82
83		$this->service->addBeforeHook('auth', $bearerAuthentication);
84		}
85
86		public function testListUsers()
87		{
88		$this->assertSame(
89		[
90		[
91		'user_id' => 'foo',
92		'is_disabled' => false,
93		],
94		[
95		'user_id' => 'bar',
96		'is_disabled' => true,
97		],
98		[
99		'user_id' => 'baz',
100		'is_disabled' => false,
101		],
102		],
103		$this->makeRequest(
104		['vpn-admin-portal', 'bbccdd'],
105		'GET',
106		'user_list',
107		['profile_id' => 'internet'],
108		[]
109		)
110		);
111		}
112
113	View Code Duplication	public function testSetTotpSecret()
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
114		{
115		$otp = new Otp();
116		$totpSecret = 'MM7TTLHPA7WZOJFB';
117		$totpKey = $otp->totp(Base32::decode($totpSecret));
118
119		$this->assertTrue(
120		$this->makeRequest(
121		['vpn-user-portal', 'aabbcc'],
122		'POST',
123		'set_totp_secret',
124		[],
125		[
126		'user_id' => 'foo',
127		'totp_secret' => $totpSecret,
128		'totp_key' => $totpKey,
129		]
130		)
131		);
132		}
133
134	View Code Duplication	public function testVerifyOtpKey()
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
135		{
136		$otp = new Otp();
137		$totpSecret = 'CN2XAL23SIFTDFXZ';
138		$totpKey = $otp->totp(Base32::decode($totpSecret));
139
140		$this->assertTrue(
141		$this->makeRequest(
142		['vpn-user-portal', 'aabbcc'],
143		'POST',
144		'verify_totp_key',
145		[],
146		[
147		'user_id' => 'bar',
148		'totp_key' => $totpKey,
149		]
150		)
151		);
152		}
153
154		public function testVerifyOtpKeyWrong()
155		{
156		$otp = new Otp();
		0 ignored issues – show Unused Code introduced 2016-12-06 22:41 UTC by Report Bug Copy Issue Report `$otp` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
157		$totpSecret = 'CN2XAL23SIFTDFXZ';
		0 ignored issues – show Unused Code introduced 2016-12-06 22:41 UTC by Report Bug Copy Issue Report `$totpSecret` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
158
159		// in theory this totp_key, 123456 could be correct at one point in
160		// time... then this test will fail!
161		$this->assertSame(
162		[
163		'ok' => false,
164		'error' => 'invalid TOTP key',
165		],
166		$this->makeRequest(
167		['vpn-user-portal', 'aabbcc'],
168		'POST',
169		'verify_totp_key',
170		[],
171		[
172		'user_id' => 'bar',
173		'totp_key' => '123456',
174		]
175		)
176		);
177		}
178
179		public function testVerifyOtpKeyReplay()
180		{
181		$otp = new Otp();
182		$totpKey = $otp->totp(Base32::decode('SWIXJ4V7VYALWH6E'));
183
184		$this->assertSame(
185		[
186		'ok' => false,
187		'error' => 'TOTP key replay',
188		],
189		$this->makeRequest(
190		['vpn-user-portal', 'aabbcc'],
191		'POST',
192		'verify_totp_key',
193		[],
194		[
195		'user_id' => 'baz',
196		'totp_key' => $totpKey,
197		]
198		)
199		);
200		}
201
202		public function testHasTotpSecret()
203		{
204		$this->assertTrue(
205		$this->makeRequest(
206		['vpn-user-portal', 'aabbcc'],
207		'GET',
208		'has_totp_secret',
209		[
210		'user_id' => 'bar',
211		],
212		[]
213		)
214		);
215		}
216
217	View Code Duplication	public function testDeleteTotpSecret()
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
218		{
219		$this->assertTrue(
220		$this->makeRequest(
221		['vpn-admin-portal', 'bbccdd'],
222		'POST',
223		'delete_totp_secret',
224		[],
225		[
226		'user_id' => 'bar',
227		]
228		)
229		);
230		}
231
232		public function testSetVootToken()
233		{
234		$this->assertTrue(
235		$this->makeRequest(
236		['vpn-user-portal', 'aabbcc'],
237		'POST',
238		'set_voot_token',
239		[],
240		[
241		'user_id' => 'foo',
242		'voot_token' => 'bar',
243		]
244		)
245		);
246		}
247
248	View Code Duplication	public function testDeleteVootToken()
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
249		{
250		$this->assertTrue(
251		$this->makeRequest(
252		['vpn-admin-portal', 'bbccdd'],
253		'POST',
254		'delete_voot_token',
255		[],
256		[
257		'user_id' => 'bar',
258		]
259		)
260		);
261		}
262
263	View Code Duplication	public function testDisableUser()
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
264		{
265		$this->assertTrue(
266		$this->makeRequest(
267		['vpn-admin-portal', 'bbccdd'],
268		'POST',
269		'disable_user',
270		[],
271		[
272		'user_id' => 'foo',
273		]
274		)
275		);
276		}
277
278	View Code Duplication	public function testEnableUser()
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
279		{
280		$this->assertTrue(
281		$this->makeRequest(
282		['vpn-admin-portal', 'bbccdd'],
283		'POST',
284		'enable_user',
285		[],
286		[
287		'user_id' => 'bar',
288		]
289		)
290		);
291		}
292
293	View Code Duplication	public function testDeleteUser()
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
294		{
295		$this->assertTrue(
296		$this->makeRequest(
297		['vpn-admin-portal', 'bbccdd'],
298		'POST',
299		'delete_user',
300		[],
301		[
302		'user_id' => 'foo',
303		]
304		)
305		);
306		}
307
308		public function testUserGroups()
309		{
310		$this->assertSame(
311		[
312		[
313		'id' => 'all',
314		'displayName' => 'All',
315		],
316		[
317		'id' => 'employees',
318		'displayName' => 'Employees',
319		],
320		],
321		$this->makeRequest(
322		['vpn-user-portal', 'aabbcc'],
323		'GET',
324		'user_groups',
325		[
326		'user_id' => 'bar',
327		],
328		[]
329		)
330		);
331		}
332
333	View Code Duplication	private function makeRequest(array $basicAuth, $requestMethod, $pathInfo, array $getData = [], array $postData = [])
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
334		{
335		$response = $this->service->run(
336		new Request(
337		[
338		'SERVER_PORT' => 80,
339		'SERVER_NAME' => 'vpn.example',
340		'REQUEST_METHOD' => $requestMethod,
341		'SCRIPT_NAME' => '/index.php',
342		'REQUEST_URI' => sprintf('/%s', $pathInfo),
343		'PHP_AUTH_USER' => $basicAuth[0],
344		'PHP_AUTH_PW' => $basicAuth[1],
345		],
346		$getData,
347		$postData
348		)
349		);
350
351		$responseArray = json_decode($response->getBody(), true)[$pathInfo];
352		if ($responseArray['ok']) {
353		if (array_key_exists('data', $responseArray)) {
354		return $responseArray['data'];
355		}
356
357		return true;
358		}
359
360		// in case of errors...
361		return $responseArray;
362		}
363		}
364

eduVPN / vpn-server-api

GitHub Access Token became invalid

Push — master ( 392d49...015953 )

UsersModuleTest::setUp() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like