EnforcementManagerTest::testCanSkipWhenMFAIsOptional() - Code Metrics - Inspection of "NEW Only redirect to MFA when the current member h..." - silverstripe/silverstripe-mfa - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#197)

by Robbie

created 2019-06-18 22:02 UTC

testCanSkipWhenMFAIsOptional() A

↳ Parent: EnforcementManagerTest

Complexity

Conditions	1
Paths	1

Size

Total Lines	9
Code Lines	4

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	1
eloc	4
nc	1
nop	0
dl	0
loc	9
rs	10
c	0
b	0
f	0

<?php

namespace SilverStripe\MFA\Tests\Service;

use SilverStripe\Dev\SapphireTest;
use SilverStripe\MFA\Extension\MemberExtension;
use SilverStripe\MFA\Service\EnforcementManager;
use SilverStripe\MFA\Service\MethodRegistry;
use SilverStripe\MFA\Tests\Stub\BasicMath\Method as BasicMathMethod;
use SilverStripe\ORM\FieldType\DBDatetime;
use SilverStripe\Security\Member;
use SilverStripe\SiteConfig\SiteConfig;

class EnforcementManagerTest extends SapphireTest
{
    protected static $fixture_file = 'EnforcementManagerTest.yml';

    protected function setUp()
    {
        parent::setUp();

        DBDatetime::set_mock_now('2019-01-25 12:00:00');

        MethodRegistry::config()->set('methods', [
            BasicMathMethod::class,
        ]);
    }

    public function testCannotSkipWhenMFAIsRequiredWithNoGracePeriod()
    {
        $this->setSiteConfig(['MFARequired' => true]);

        $member = new Member();
        $this->assertFalse(EnforcementManager::create()->canSkipMFA($member));
    }

    public function testCanSkipWhenMFAIsRequiredWithGracePeriodExpiringInFuture()
    {
        $this->setSiteConfig(['MFARequired' => true, 'MFAGracePeriodExpires' => '2019-01-30']);

        $member = new Member();
        $this->assertTrue(EnforcementManager::create()->canSkipMFA($member));
    }

    public function testCannotSkipWhenMFAIsRequiredWithGracePeriodExpiringInPast()
    {
        $this->setSiteConfig(['MFARequired' => true, 'MFAGracePeriodExpires' => '2018-12-25']);

        $member = new Member();
        $this->assertFalse(EnforcementManager::create()->canSkipMFA($member));
    }

    public function testCannotSkipWhenMemberHasRegisteredAuthenticationMethodsSetUp()
    {
        $this->setSiteConfig(['MFARequired' => false]);
        // Sally has "backup codes" as a registered authentication method already
        /** @var Member $member */
        $member = $this->objFromFixture(Member::class, 'sally_smith');
        $this->logInAs($member);

        $this->assertFalse(EnforcementManager::create()->canSkipMFA($member));
    }

    public function testCanSkipWhenMFAIsOptional()
    {
        $this->setSiteConfig(['MFARequired' => false]);
        // Anonymous admin user
        $memberId = $this->logInWithPermission();
        /** @var Member $member */
        $member = Member::get()->byID($memberId);

        $this->assertTrue(EnforcementManager::create()->canSkipMFA($member));
    }

    public function testShouldNotRedirectToMFAWhenUserDoesNotHaveCMSAccess()
    {
        /** @var Member $member */
        $member = $this->objFromFixture(Member::class, 'sammy_smith');
        $this->logInAs($member);
        $this->assertFalse(EnforcementManager::create()->shouldRedirectToMFA($member));
    }

    public function testShouldRedirectToMFAWhenUserDoesNotHaveCMSAccessButTheCheckIsDisabledWithConfig()
    {
        EnforcementManager::config()->set('requires_admin_access', false);

        /** @var Member $member */
        $member = $this->objFromFixture(Member::class, 'sammy_smith');
        $this->logInAs($member);
        $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member));
    }

    public function testShouldRedirectToMFAWhenUserHasRegisteredMFAMethod()
    {
        /** @var Member $member */
        $member = $this->objFromFixture(Member::class, 'sally_smith');
        $shouldRedirect = EnforcementManager::create()->shouldRedirectToMFA($member);
        $this->assertTrue($shouldRedirect);
    }

    public function testShouldRedirectToMFAWhenMFAIsRequired()
    {
        $this->setSiteConfig(['MFARequired' => true]);
        /** @var Member $member */
        $member = $this->objFromFixture(Member::class, 'sally_smith');
        $this->logInAs($member);

        $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member));
    }

    public function testShouldRedirectToMFAWhenMFAIsOptionalAndHasNotBeenSkipped()
    {
        $this->setSiteConfig(['MFARequired' => false]);

        /** @var Member|MemberExtension $member */
        $member = $this->objFromFixture(Member::class, 'sally_smith');
        $member->HasSkippedMFARegistration = false;
        $member->write();
        $this->logInAs($member);

        $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member));
    }

    public function testShouldNotRedirectToMFAWhenMFAIsOptionalAndHasBeenSkipped()
    {
        $this->setSiteConfig(['MFARequired' => false]);

        /** @var Member&MemberExtension $member */
        $member = $this->objFromFixture(Member::class, 'sammy_smith');
        $member->HasSkippedMFARegistration = true;
        $member->write();
        $this->logInAs($member);

        $this->assertFalse(EnforcementManager::create()->shouldRedirectToMFA($member));
    }

    /**
     * Helper method for changing the current SiteConfig values
     *
     * @param array $data
     */
    protected function setSiteConfig(array $data)
    {
        $siteConfig = SiteConfig::current_site_config();
        $siteConfig->update($data);
        $siteConfig->write();
    }
}


1			<?php
2
3			namespace SilverStripe\MFA\Tests\Service;
4
5			use SilverStripe\Dev\SapphireTest;
6			use SilverStripe\MFA\Extension\MemberExtension;
7			use SilverStripe\MFA\Service\EnforcementManager;
8			use SilverStripe\MFA\Service\MethodRegistry;
9			use SilverStripe\MFA\Tests\Stub\BasicMath\Method as BasicMathMethod;
10			use SilverStripe\ORM\FieldType\DBDatetime;
11			use SilverStripe\Security\Member;
12			use SilverStripe\SiteConfig\SiteConfig;
13
14			class EnforcementManagerTest extends SapphireTest
15			{
16			protected static $fixture_file = 'EnforcementManagerTest.yml';
17
18			protected function setUp()
19			{
20			parent::setUp();
21
22			DBDatetime::set_mock_now('2019-01-25 12:00:00');
23
24			MethodRegistry::config()->set('methods', [
25			BasicMathMethod::class,
26			]);
27			}
28
29			public function testCannotSkipWhenMFAIsRequiredWithNoGracePeriod()
30			{
31			$this->setSiteConfig(['MFARequired' => true]);
32
33			$member = new Member();
34			$this->assertFalse(EnforcementManager::create()->canSkipMFA($member));
35			}
36
37			public function testCanSkipWhenMFAIsRequiredWithGracePeriodExpiringInFuture()
38			{
39			$this->setSiteConfig(['MFARequired' => true, 'MFAGracePeriodExpires' => '2019-01-30']);
40
41			$member = new Member();
42			$this->assertTrue(EnforcementManager::create()->canSkipMFA($member));
43			}
44
45			public function testCannotSkipWhenMFAIsRequiredWithGracePeriodExpiringInPast()
46			{
47			$this->setSiteConfig(['MFARequired' => true, 'MFAGracePeriodExpires' => '2018-12-25']);
48
49			$member = new Member();
50			$this->assertFalse(EnforcementManager::create()->canSkipMFA($member));
51			}
52
53			public function testCannotSkipWhenMemberHasRegisteredAuthenticationMethodsSetUp()
54			{
55			$this->setSiteConfig(['MFARequired' => false]);
56			// Sally has "backup codes" as a registered authentication method already
57			/** @var Member $member */
58			$member = $this->objFromFixture(Member::class, 'sally_smith');
59			$this->logInAs($member);
60
61			$this->assertFalse(EnforcementManager::create()->canSkipMFA($member));
62			}
63
64			public function testCanSkipWhenMFAIsOptional()
65			{
66			$this->setSiteConfig(['MFARequired' => false]);
67			// Anonymous admin user
68			$memberId = $this->logInWithPermission();
69			/** @var Member $member */
70			$member = Member::get()->byID($memberId);
71
72			$this->assertTrue(EnforcementManager::create()->canSkipMFA($member));
73			}
74
75			public function testShouldNotRedirectToMFAWhenUserDoesNotHaveCMSAccess()
76			{
77			/** @var Member $member */
78			$member = $this->objFromFixture(Member::class, 'sammy_smith');
79			$this->logInAs($member);
80			$this->assertFalse(EnforcementManager::create()->shouldRedirectToMFA($member));
81			}
82
83			public function testShouldRedirectToMFAWhenUserDoesNotHaveCMSAccessButTheCheckIsDisabledWithConfig()
84			{
85			EnforcementManager::config()->set('requires_admin_access', false);
86
87			/** @var Member $member */
88			$member = $this->objFromFixture(Member::class, 'sammy_smith');
89			$this->logInAs($member);
90			$this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member));
91			}
92
93			public function testShouldRedirectToMFAWhenUserHasRegisteredMFAMethod()
94			{
95			/** @var Member $member */
96			$member = $this->objFromFixture(Member::class, 'sally_smith');
97			$shouldRedirect = EnforcementManager::create()->shouldRedirectToMFA($member);
98			$this->assertTrue($shouldRedirect);
99			}
100
101			public function testShouldRedirectToMFAWhenMFAIsRequired()
102			{
103			$this->setSiteConfig(['MFARequired' => true]);
104			/** @var Member $member */
105			$member = $this->objFromFixture(Member::class, 'sally_smith');
106			$this->logInAs($member);
107
108			$this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member));
109			}
110
111			public function testShouldRedirectToMFAWhenMFAIsOptionalAndHasNotBeenSkipped()
112			{
113			$this->setSiteConfig(['MFARequired' => false]);
114
115			/** @var Member\|MemberExtension $member */
116			$member = $this->objFromFixture(Member::class, 'sally_smith');
117			$member->HasSkippedMFARegistration = false;
118			$member->write();
119			$this->logInAs($member);
120
121			$this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member));
122			}
123
124			public function testShouldNotRedirectToMFAWhenMFAIsOptionalAndHasBeenSkipped()
125			{
126			$this->setSiteConfig(['MFARequired' => false]);
127
128			/** @var Member&MemberExtension $member */
129			$member = $this->objFromFixture(Member::class, 'sammy_smith');
130			$member->HasSkippedMFARegistration = true;
131			$member->write();
132			$this->logInAs($member);
133
134			$this->assertFalse(EnforcementManager::create()->shouldRedirectToMFA($member));
135			}
136
137			/**
138			* Helper method for changing the current SiteConfig values
139			*
140			* @param array $data
141			*/
142			protected function setSiteConfig(array $data)
143			{
144			$siteConfig = SiteConfig::current_site_config();
145			$siteConfig->update($data);
146			$siteConfig->write();
147			}
148			}
149

silverstripe / silverstripe-mfa

Pull Request — master (#197)

testCanSkipWhenMFAIsOptional() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like