MemberAuthenticatorTest - Code Metrics - Inspection of "Merge pull request #7067 from open-sausages/pulls/..." - silverstripe/silverstripe-framework - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( f024a0...d4b41b )

unknown

created 2017-06-29 03:35 UTC

MemberAuthenticatorTest B

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	246
Duplicated Lines	0 %

Coupling/Cohesion

Components	2
Dependencies	17

Importance

Changes

Metric	Value
dl	0
loc	246
rs	7.8571
c	0
b	0
f	0
wmc	12
lcom	2
cbo	17

10 Methods

Rating	Name	Size	Complexity
A	setUp()	15	2
A	tearDown()	8	2
A	testCustomIdentifierField()	9	1
A	testGenerateLoginForm()	15	1
A	testGenerateCMSLoginForm()	11	1
A	testAuthenticateByTempID()	51	1
B	testDefaultAdmin()	34	1
A	testDefaultAdminLockOut()	22	1
B	testNonExistantMemberGetsLoginAttemptRecorded()	27	1
B	testNonExistantMemberGetsLockedOut()	29	1

<?php

namespace SilverStripe\Security\Tests;

use SilverStripe\Control\Controller;
use SilverStripe\Core\Config\Config;
use SilverStripe\Core\Injector\Injector;
use SilverStripe\Dev\SapphireTest;
use SilverStripe\ORM\FieldType\DBDatetime;
use SilverStripe\ORM\ValidationResult;
use SilverStripe\Security\Authenticator;
use SilverStripe\Security\DefaultAdminService;
use SilverStripe\Security\IdentityStore;
use SilverStripe\Security\LoginAttempt;
use SilverStripe\Security\Member;
use SilverStripe\Security\MemberAuthenticator\CMSMemberAuthenticator;
use SilverStripe\Security\MemberAuthenticator\CMSMemberLoginForm;
use SilverStripe\Security\MemberAuthenticator\MemberAuthenticator;
use SilverStripe\Security\MemberAuthenticator\MemberLoginForm;
use SilverStripe\Security\Security;

class MemberAuthenticatorTest extends SapphireTest
{

    protected $usesDatabase = true;

    protected $defaultUsername = null;
    protected $defaultPassword = null;

    protected function setUp()
    {
        parent::setUp();

        if (DefaultAdminService::hasDefaultAdmin()) {
            $this->defaultUsername = DefaultAdminService::getDefaultAdminUsername();
            $this->defaultPassword = DefaultAdminService::getDefaultAdminPassword();
            DefaultAdminService::clearDefaultAdmin();
        } else {
            $this->defaultUsername = null;
            $this->defaultPassword = null;
        }
        DefaultAdminService::clearDefaultAdmin();
        DefaultAdminService::setDefaultAdmin('admin', 'password');
    }

    protected function tearDown()
    {
        DefaultAdminService::clearDefaultAdmin();
        if ($this->defaultUsername) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
            DefaultAdminService::setDefaultAdmin($this->defaultUsername, $this->defaultPassword);
        }
        parent::tearDown();
    }

    public function testCustomIdentifierField()
    {
        Member::config()->set('unique_identifier_field', 'Username');

        $label = Member::singleton()
            ->fieldLabel(Member::config()->get('unique_identifier_field'));

        $this->assertEquals($label, 'Username');
    }

    public function testGenerateLoginForm()
    {
        $authenticator = new MemberAuthenticator();

        $controller = new Security();

        // Create basic login form
        $frontendResponse = $authenticator
            ->getLoginHandler($controller->link())
            ->handleRequest(Controller::curr()->getRequest());

        $this->assertTrue(is_array($frontendResponse));
        $this->assertTrue(isset($frontendResponse['Form']));
        $this->assertTrue($frontendResponse['Form'] instanceof MemberLoginForm);
    }

    public function testGenerateCMSLoginForm()
    {
        /** @var CMSMemberAuthenticator $authenticator */
        $authenticator = new CMSMemberAuthenticator();

        // Supports cms login form
        $this->assertGreaterThan(0, ($authenticator->supportedServices() & Authenticator::CMS_LOGIN));
        $cmsHandler = $authenticator->getLoginHandler('/');
        $cmsForm = $cmsHandler->loginForm();
        $this->assertTrue($cmsForm instanceof CMSMemberLoginForm);
    }


    /**
     * Test that a member can be authenticated via their temp id
     */
    public function testAuthenticateByTempID()
    {
        $authenticator = new CMSMemberAuthenticator();

        $member = new Member();
        $member->Email = '[email protected]';
        $member->PasswordEncryption = "sha1";
        $member->Password = "mypassword";
        $member->write();

        // If the user has never logged in, then the tempid should be empty
        $tempID = $member->TempIDHash;
        $this->assertEmpty($tempID);

        // If the user logs in then they have a temp id
        Injector::inst()->get(IdentityStore::class)->logIn($member, true);
        $tempID = $member->TempIDHash;
        $this->assertNotEmpty($tempID);

        // Test correct login
        /** @var ValidationResult $message */
        $result = $authenticator->authenticate(
            [
            'tempid' => $tempID,
            'Password' => 'mypassword'
            ],
            Controller::curr()->getRequest(),
            $message
        );

        $this->assertNotEmpty($result);
        $this->assertEquals($result->ID, $member->ID);
        $this->assertTrue($message->isValid());

        // Test incorrect login
        $result = $authenticator->authenticate(
            [
            'tempid' => $tempID,
            'Password' => 'notmypassword'
            ],
            Controller::curr()->getRequest(),
            $message
        );

        $this->assertEmpty($result);
        $messages = $message->getMessages();
        $this->assertEquals(
            _t('SilverStripe\\Security\\Member.ERRORWRONGCRED', 'The provided details don\'t seem to be correct. Please try again.'),
            $messages[0]['message']
        );
    }

    /**
     * Test that the default admin can be authenticated
     */
    public function testDefaultAdmin()
    {
        $authenticator = new MemberAuthenticator();

        // Test correct login
        /** @var ValidationResult $message */
        $result = $authenticator->authenticate(
            [
            'Email' => 'admin',
            'Password' => 'password'
            ],
            Controller::curr()->getRequest(),
            $message
        );
        $this->assertNotEmpty($result);
        $this->assertEquals($result->Email, DefaultAdminService::getDefaultAdminUsername());
        $this->assertTrue($message->isValid());

        // Test incorrect login
        $result = $authenticator->authenticate(
            [
            'Email' => 'admin',
            'Password' => 'notmypassword'
            ],
            Controller::curr()->getRequest(),
            $message
        );
        $messages = $message->getMessages();
        $this->assertEmpty($result);
        $this->assertEquals(
            'The provided details don\'t seem to be correct. Please try again.',
            $messages[0]['message']
        );
    }

    public function testDefaultAdminLockOut()
    {
        $authenticator = new MemberAuthenticator();

        Config::modify()->set(Member::class, 'lock_out_after_incorrect_logins', 1);
        Config::modify()->set(Member::class, 'lock_out_delay_mins', 10);
        DBDatetime::set_mock_now('2016-04-18 00:00:00');

        // Test correct login
        $authenticator->authenticate(
            [
                'Email' => 'admin',
                'Password' => 'wrongpassword'
            ],
            Controller::curr()->getRequest()
        );

        $defaultAdmin = DefaultAdminService::singleton()->findOrCreateDefaultAdmin();
        $this->assertNotNull($defaultAdmin);
        $this->assertFalse($defaultAdmin->canLogin());
        $this->assertEquals('2016-04-18 00:10:00', $defaultAdmin->LockedOutUntil);
    }

    public function testNonExistantMemberGetsLoginAttemptRecorded()
    {
        Security::config()->set('login_recording', true);
        Member::config()
            ->set('lock_out_after_incorrect_logins', 1)
            ->set('lock_out_delay_mins', 10);

        $email = '[email protected]';
        $this->assertFalse(Member::get()->filter(array('Email' => $email))->exists());
        $this->assertCount(0, LoginAttempt::get());
        $authenticator = new MemberAuthenticator();
        $result = new ValidationResult();
        $member = $authenticator->authenticate(
            [
                'Email' => $email,
                'Password' => 'password',
            ],
            Controller::curr()->getRequest(),
            $result
        );
        $this->assertFalse($result->isValid());
        $this->assertNull($member);
        $this->assertCount(1, LoginAttempt::get());
        $attempt = LoginAttempt::get()->first();
        $this->assertEquals($email, $attempt->Email);
        $this->assertEquals(LoginAttempt::FAILURE, $attempt->Status);
    }

    public function testNonExistantMemberGetsLockedOut()
    {
        Security::config()->set('login_recording', true);
        Member::config()
            ->set('lock_out_after_incorrect_logins', 1)
            ->set('lock_out_delay_mins', 10);

        $email = '[email protected]';
        $this->assertFalse(Member::get()->filter(array('Email' => $email))->exists());

        $authenticator = new MemberAuthenticator();
        $result = new ValidationResult();
        $member = $authenticator->authenticate(
            [
                'Email' => $email,
                'Password' => 'password',
            ],
            Controller::curr()->getRequest(),
            $result
        );

        $this->assertNull($member);
        $this->assertFalse($result->isValid());
        $member = new Member();
        $member->Email = $email;

        $this->assertTrue($member->isLockedOut());
        $this->assertFalse($member->canLogIn());
    }
}


1			<?php
2
3			namespace SilverStripe\Security\Tests;
4
5			use SilverStripe\Control\Controller;
6			use SilverStripe\Core\Config\Config;
7			use SilverStripe\Core\Injector\Injector;
8			use SilverStripe\Dev\SapphireTest;
9			use SilverStripe\ORM\FieldType\DBDatetime;
10			use SilverStripe\ORM\ValidationResult;
11			use SilverStripe\Security\Authenticator;
12			use SilverStripe\Security\DefaultAdminService;
13			use SilverStripe\Security\IdentityStore;
14			use SilverStripe\Security\LoginAttempt;
15			use SilverStripe\Security\Member;
16			use SilverStripe\Security\MemberAuthenticator\CMSMemberAuthenticator;
17			use SilverStripe\Security\MemberAuthenticator\CMSMemberLoginForm;
18			use SilverStripe\Security\MemberAuthenticator\MemberAuthenticator;
19			use SilverStripe\Security\MemberAuthenticator\MemberLoginForm;
20			use SilverStripe\Security\Security;
21
22			class MemberAuthenticatorTest extends SapphireTest
23			{
24
25			protected $usesDatabase = true;
26
27			protected $defaultUsername = null;
28			protected $defaultPassword = null;
29
30			protected function setUp()
31			{
32			parent::setUp();
33
34			if (DefaultAdminService::hasDefaultAdmin()) {
35			$this->defaultUsername = DefaultAdminService::getDefaultAdminUsername();
36			$this->defaultPassword = DefaultAdminService::getDefaultAdminPassword();
37			DefaultAdminService::clearDefaultAdmin();
38			} else {
39			$this->defaultUsername = null;
40			$this->defaultPassword = null;
41			}
42			DefaultAdminService::clearDefaultAdmin();
43			DefaultAdminService::setDefaultAdmin('admin', 'password');
44			}
45
46			protected function tearDown()
47			{
48			DefaultAdminService::clearDefaultAdmin();
49			if ($this->defaultUsername) {
			0 ignored issues – show Bug Best Practice introduced 2017-06-15 02:29 UTC by Report Bug Copy Issue Report The expression `$this->defaultUsername` of type `string\|null` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
50			DefaultAdminService::setDefaultAdmin($this->defaultUsername, $this->defaultPassword);
51			}
52			parent::tearDown();
53			}
54
55			public function testCustomIdentifierField()
56			{
57			Member::config()->set('unique_identifier_field', 'Username');
58
59			$label = Member::singleton()
60			->fieldLabel(Member::config()->get('unique_identifier_field'));
61
62			$this->assertEquals($label, 'Username');
63			}
64
65			public function testGenerateLoginForm()
66			{
67			$authenticator = new MemberAuthenticator();
68
69			$controller = new Security();
70
71			// Create basic login form
72			$frontendResponse = $authenticator
73			->getLoginHandler($controller->link())
74			->handleRequest(Controller::curr()->getRequest());
75
76			$this->assertTrue(is_array($frontendResponse));
77			$this->assertTrue(isset($frontendResponse['Form']));
78			$this->assertTrue($frontendResponse['Form'] instanceof MemberLoginForm);
79			}
80
81			public function testGenerateCMSLoginForm()
82			{
83			/** @var CMSMemberAuthenticator $authenticator */
84			$authenticator = new CMSMemberAuthenticator();
85
86			// Supports cms login form
87			$this->assertGreaterThan(0, ($authenticator->supportedServices() & Authenticator::CMS_LOGIN));
88			$cmsHandler = $authenticator->getLoginHandler('/');
89			$cmsForm = $cmsHandler->loginForm();
90			$this->assertTrue($cmsForm instanceof CMSMemberLoginForm);
91			}
92
93
94			/**
95			* Test that a member can be authenticated via their temp id
96			*/
97			public function testAuthenticateByTempID()
98			{
99			$authenticator = new CMSMemberAuthenticator();
100
101			$member = new Member();
102			$member->Email = '[email protected]';
103			$member->PasswordEncryption = "sha1";
104			$member->Password = "mypassword";
105			$member->write();
106
107			// If the user has never logged in, then the tempid should be empty
108			$tempID = $member->TempIDHash;
109			$this->assertEmpty($tempID);
110
111			// If the user logs in then they have a temp id
112			Injector::inst()->get(IdentityStore::class)->logIn($member, true);
113			$tempID = $member->TempIDHash;
114			$this->assertNotEmpty($tempID);
115
116			// Test correct login
117			/** @var ValidationResult $message */
118			$result = $authenticator->authenticate(
119			[
120			'tempid' => $tempID,
121			'Password' => 'mypassword'
122			],
123			Controller::curr()->getRequest(),
124			$message
125			);
126
127			$this->assertNotEmpty($result);
128			$this->assertEquals($result->ID, $member->ID);
129			$this->assertTrue($message->isValid());
130
131			// Test incorrect login
132			$result = $authenticator->authenticate(
133			[
134			'tempid' => $tempID,
135			'Password' => 'notmypassword'
136			],
137			Controller::curr()->getRequest(),
138			$message
139			);
140
141			$this->assertEmpty($result);
142			$messages = $message->getMessages();
143			$this->assertEquals(
144			_t('SilverStripe\\Security\\Member.ERRORWRONGCRED', 'The provided details don\'t seem to be correct. Please try again.'),
145			$messages[0]['message']
146			);
147			}
148
149			/**
150			* Test that the default admin can be authenticated
151			*/
152			public function testDefaultAdmin()
153			{
154			$authenticator = new MemberAuthenticator();
155
156			// Test correct login
157			/** @var ValidationResult $message */
158			$result = $authenticator->authenticate(
159			[
160			'Email' => 'admin',
161			'Password' => 'password'
162			],
163			Controller::curr()->getRequest(),
164			$message
165			);
166			$this->assertNotEmpty($result);
167			$this->assertEquals($result->Email, DefaultAdminService::getDefaultAdminUsername());
168			$this->assertTrue($message->isValid());
169
170			// Test incorrect login
171			$result = $authenticator->authenticate(
172			[
173			'Email' => 'admin',
174			'Password' => 'notmypassword'
175			],
176			Controller::curr()->getRequest(),
177			$message
178			);
179			$messages = $message->getMessages();
180			$this->assertEmpty($result);
181			$this->assertEquals(
182			'The provided details don\'t seem to be correct. Please try again.',
183			$messages[0]['message']
184			);
185			}
186
187			public function testDefaultAdminLockOut()
188			{
189			$authenticator = new MemberAuthenticator();
190
191			Config::modify()->set(Member::class, 'lock_out_after_incorrect_logins', 1);
192			Config::modify()->set(Member::class, 'lock_out_delay_mins', 10);
193			DBDatetime::set_mock_now('2016-04-18 00:00:00');
194
195			// Test correct login
196			$authenticator->authenticate(
197			[
198			'Email' => 'admin',
199			'Password' => 'wrongpassword'
200			],
201			Controller::curr()->getRequest()
202			);
203
204			$defaultAdmin = DefaultAdminService::singleton()->findOrCreateDefaultAdmin();
205			$this->assertNotNull($defaultAdmin);
206			$this->assertFalse($defaultAdmin->canLogin());
207			$this->assertEquals('2016-04-18 00:10:00', $defaultAdmin->LockedOutUntil);
208			}
209
210			public function testNonExistantMemberGetsLoginAttemptRecorded()
211			{
212			Security::config()->set('login_recording', true);
213			Member::config()
214			->set('lock_out_after_incorrect_logins', 1)
215			->set('lock_out_delay_mins', 10);
216
217			$email = '[email protected]';
218			$this->assertFalse(Member::get()->filter(array('Email' => $email))->exists());
219			$this->assertCount(0, LoginAttempt::get());
220			$authenticator = new MemberAuthenticator();
221			$result = new ValidationResult();
222			$member = $authenticator->authenticate(
223			[
224			'Email' => $email,
225			'Password' => 'password',
226			],
227			Controller::curr()->getRequest(),
228			$result
229			);
230			$this->assertFalse($result->isValid());
231			$this->assertNull($member);
232			$this->assertCount(1, LoginAttempt::get());
233			$attempt = LoginAttempt::get()->first();
234			$this->assertEquals($email, $attempt->Email);
235			$this->assertEquals(LoginAttempt::FAILURE, $attempt->Status);
236			}
237
238			public function testNonExistantMemberGetsLockedOut()
239			{
240			Security::config()->set('login_recording', true);
241			Member::config()
242			->set('lock_out_after_incorrect_logins', 1)
243			->set('lock_out_delay_mins', 10);
244
245			$email = '[email protected]';
246			$this->assertFalse(Member::get()->filter(array('Email' => $email))->exists());
247
248			$authenticator = new MemberAuthenticator();
249			$result = new ValidationResult();
250			$member = $authenticator->authenticate(
251			[
252			'Email' => $email,
253			'Password' => 'password',
254			],
255			Controller::curr()->getRequest(),
256			$result
257			);
258
259			$this->assertNull($member);
260			$this->assertFalse($result->isValid());
261			$member = new Member();
262			$member->Email = $email;
263
264			$this->assertTrue($member->isLockedOut());
265			$this->assertFalse($member->canLogIn());
266			}
267			}
268

silverstripe / silverstripe-framework

Push — master ( f024a0...d4b41b )

MemberAuthenticatorTest B

Complexity

Size/Duplication

Coupling/Cohesion

Importance

10 Methods

Duplication Side-by-Side

Filter issues like