SecurityExtensionTest - Code Metrics - Inspection of "Group AccountReset extensions, implement full Acco..." - silverstripe/silverstripe-mfa - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#165)

by Garion

created 2019-06-10 02:38 UTC

SecurityExtensionTest A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	92
Duplicated Lines	0 %

Importance

Changes

Metric	Value
eloc	45
dl	0
loc	92
rs	10
c	0
b	0
f	0
wmc	5

5 Methods

Rating	Name	Size	Complexity
A	testResetAccountFailsWithInvalidToken()	11	1
A	testResetAccountFailsWithExpiredToken()	15	1
A	testResetAccountSubmissionFailsWithExpiredSession()	21	1
A	testResetAccountFailsWhenAlreadyAuthenticated()	13	1
A	testResetAccountSubmissionPasses()	20	1

<?php

namespace SilverStripe\MFA\Tests\Extension\AccountReset;

use SilverStripe\Control\HTTPRequest;
use SilverStripe\Dev\FunctionalTest;
use SilverStripe\MFA\Extension\AccountReset\MemberExtension;
use SilverStripe\MFA\Extension\AccountReset\SecurityAdminExtension;
use SilverStripe\ORM\FieldType\DBDatetime;
use SilverStripe\Security\Member;

/**
 * Class SecurityExtensionTest
 *
 * @package SilverStripe\MFA\Tests\Extension\AccountReset
 */
class SecurityExtensionTest extends FunctionalTest
{
    protected static $fixture_file = 'SecurityExtensionTest.yml';

    public function testResetAccountFailsWhenAlreadyAuthenticated()
    {
        /** @var Member&MemberExtension $member */
        $member = $this->objFromFixture(Member::class, 'user');
        $this->logInAs($member);

        $token = $member->generateAccountResetTokenAndStoreHash();

        $url = (new SecurityAdminExtension())->getAccountResetLink($member, $token);
        $response = $this->get($url);

        $this->assertEquals(400, $response->getStatusCode());
        $this->assertContains('Already authenticated', $response->getBody());
    }

    public function testResetAccountFailsWithInvalidToken()
    {
        /** @var Member&MemberExtension $member */
        $member = $this->objFromFixture(Member::class, 'user');
        $member->generateAccountResetTokenAndStoreHash();

        $url = (new SecurityAdminExtension())->getAccountResetLink($member, 'not-actually-the-token');
        $response = $this->get($url);

        $this->assertEquals(400, $response->getStatusCode());
        $this->assertContains('Invalid member or token', $response->getBody());
    }

    public function testResetAccountFailsWithExpiredToken()
    {
        /** @var Member&MemberExtension $member */
        $member = $this->objFromFixture(Member::class, 'user');

        // Wrap token generation in old timestamp to guarantee token expiry
        DBDatetime::set_mock_now('2011-11-26 17:00');
        $token = $member->generateAccountResetTokenAndStoreHash();
        DBDatetime::clear_mock_now();

        $url = (new SecurityAdminExtension())->getAccountResetLink($member, $token);
        $response = $this->get($url);

        $this->assertEquals(400, $response->getStatusCode());
        $this->assertContains('Invalid member or token', $response->getBody());
    }

    public function testResetAccountSubmissionFailsWithExpiredSession()
    {
        /** @var Member&MemberExtension $member */
        $member = $this->objFromFixture(Member::class, 'user');
        $token = $member->generateAccountResetTokenAndStoreHash();

        $url = (new SecurityAdminExtension())->getAccountResetLink($member, $token);
        $response = $this->get($url);

        $this->assertEquals(200, $response->getStatusCode(), $response->getBody());

        // Simulate expired session (can't call destroy() due to issue in SilverStripe 4.1
        $this->session()->restart(new HTTPRequest('GET', '/'));

        $response = $this->submitForm(
            'Form_ResetAccountForm',
            null,
            ['NewPassword1' => 'testtest', 'NewPassword2' => 'testtest']
        );

        $this->assertContains('The account reset process timed out', $response->getBody());
    }

    public function testResetAccountSubmissionPasses()
    {
        /** @var Member&MemberExtension $member */
        $member = $this->objFromFixture(Member::class, 'user');
        $token = $member->generateAccountResetTokenAndStoreHash();

        $url = (new SecurityAdminExtension())->getAccountResetLink($member, $token);
        $response = $this->get($url);

        $this->assertEquals(200, $response->getStatusCode(), $response->getBody());

        $response = $this->submitForm(
            'Form_ResetAccountForm',
            null,
            ['NewPassword1' => 'testtest', 'NewPassword2' => 'testtest']
        );

        // User should have been redirected to Login form with session message
        $this->assertContains('Login', $response->getBody());
        $this->assertContains('Reset complete', $response->getBody());
    }
}


1			<?php
2
3			namespace SilverStripe\MFA\Tests\Extension\AccountReset;
4
5			use SilverStripe\Control\HTTPRequest;
6			use SilverStripe\Dev\FunctionalTest;
7			use SilverStripe\MFA\Extension\AccountReset\MemberExtension;
8			use SilverStripe\MFA\Extension\AccountReset\SecurityAdminExtension;
9			use SilverStripe\ORM\FieldType\DBDatetime;
10			use SilverStripe\Security\Member;
11
12			/**
13			* Class SecurityExtensionTest
14			*
15			* @package SilverStripe\MFA\Tests\Extension\AccountReset
16			*/
17			class SecurityExtensionTest extends FunctionalTest
18			{
19			protected static $fixture_file = 'SecurityExtensionTest.yml';
20
21			public function testResetAccountFailsWhenAlreadyAuthenticated()
22			{
23			/** @var Member&MemberExtension $member */
24			$member = $this->objFromFixture(Member::class, 'user');
25			$this->logInAs($member);
26
27			$token = $member->generateAccountResetTokenAndStoreHash();
28
29			$url = (new SecurityAdminExtension())->getAccountResetLink($member, $token);
30			$response = $this->get($url);
31
32			$this->assertEquals(400, $response->getStatusCode());
33			$this->assertContains('Already authenticated', $response->getBody());
34			}
35
36			public function testResetAccountFailsWithInvalidToken()
37			{
38			/** @var Member&MemberExtension $member */
39			$member = $this->objFromFixture(Member::class, 'user');
40			$member->generateAccountResetTokenAndStoreHash();
41
42			$url = (new SecurityAdminExtension())->getAccountResetLink($member, 'not-actually-the-token');
43			$response = $this->get($url);
44
45			$this->assertEquals(400, $response->getStatusCode());
46			$this->assertContains('Invalid member or token', $response->getBody());
47			}
48
49			public function testResetAccountFailsWithExpiredToken()
50			{
51			/** @var Member&MemberExtension $member */
52			$member = $this->objFromFixture(Member::class, 'user');
53
54			// Wrap token generation in old timestamp to guarantee token expiry
55			DBDatetime::set_mock_now('2011-11-26 17:00');
56			$token = $member->generateAccountResetTokenAndStoreHash();
57			DBDatetime::clear_mock_now();
58
59			$url = (new SecurityAdminExtension())->getAccountResetLink($member, $token);
60			$response = $this->get($url);
61
62			$this->assertEquals(400, $response->getStatusCode());
63			$this->assertContains('Invalid member or token', $response->getBody());
64			}
65
66			public function testResetAccountSubmissionFailsWithExpiredSession()
67			{
68			/** @var Member&MemberExtension $member */
69			$member = $this->objFromFixture(Member::class, 'user');
70			$token = $member->generateAccountResetTokenAndStoreHash();
71
72			$url = (new SecurityAdminExtension())->getAccountResetLink($member, $token);
73			$response = $this->get($url);
74
75			$this->assertEquals(200, $response->getStatusCode(), $response->getBody());
76
77			// Simulate expired session (can't call destroy() due to issue in SilverStripe 4.1
78			$this->session()->restart(new HTTPRequest('GET', '/'));
79
80			$response = $this->submitForm(
81			'Form_ResetAccountForm',
82			null,
83			['NewPassword1' => 'testtest', 'NewPassword2' => 'testtest']
84			);
85
86			$this->assertContains('The account reset process timed out', $response->getBody());
87			}
88
89			public function testResetAccountSubmissionPasses()
90			{
91			/** @var Member&MemberExtension $member */
92			$member = $this->objFromFixture(Member::class, 'user');
93			$token = $member->generateAccountResetTokenAndStoreHash();
94
95			$url = (new SecurityAdminExtension())->getAccountResetLink($member, $token);
96			$response = $this->get($url);
97
98			$this->assertEquals(200, $response->getStatusCode(), $response->getBody());
99
100			$response = $this->submitForm(
101			'Form_ResetAccountForm',
102			null,
103			['NewPassword1' => 'testtest', 'NewPassword2' => 'testtest']
104			);
105
106			// User should have been redirected to Login form with session message
107			$this->assertContains('Login', $response->getBody());
108			$this->assertContains('Reset complete', $response->getBody());
109			}
110			}
111

silverstripe / silverstripe-mfa

Pull Request — master (#165)

SecurityExtensionTest A

Complexity

Size/Duplication

Importance

5 Methods

Duplication Side-by-Side

Filter issues like