Merge pull request #25276 from owncloud/delete-own-session-token

prevent users from deleting their own session token
author: Vincent Petry <pvince81@owncloud.com> 2016-07-01 16:15:31 +0200
committer: GitHub <noreply@github.com> 2016-07-01 16:15:31 +0200
commit: 6f92aef2657c17dd7cbe5eecfd0a4c508c2424f1 (patch)
tree: b9d39fc33b855c8ea1cae3d3b9dbd2c7152c0078 /tests
parent: 7d95cde37d8e26e1187a828f612addd8bba251a1 (diff)
parent: c9a2790893a160a5967a672051e15142fe5f779e (diff)
download: nextcloud-server-6f92aef2657c17dd7cbe5eecfd0a4c508c2424f1.tar.gz
nextcloud-server-6f92aef2657c17dd7cbe5eecfd0a4c508c2424f1.zip
1 files changed, 36 insertions, 5 deletions
diff --git a/tests/Settings/Controller/AuthSettingsControllerTest.php b/tests/Settings/Controller/AuthSettingsControllerTest.php
index ee67b221022..1705cb5ddf1 100644
--- a/tests/Settings/Controller/AuthSettingsControllerTest.php
+++ b/tests/Settings/Controller/AuthSettingsControllerTest.php
@@ -24,6 +24,7 @@ namespace Test\Settings\Controller;
 
 use OC\AppFramework\Http;
 use OC\Authentication\Exceptions\InvalidTokenException;
+use OC\Authentication\Token\DefaultToken;
 use OC\Authentication\Token\IToken;
 use OC\Settings\Controller\AuthSettingsController;
 use OCP\AppFramework\Http\JSONResponse;
@@ -56,10 +57,17 @@ class AuthSettingsControllerTest extends TestCase {
 	}
 
 	public function testIndex() {
-		$result = [
-			'token1',
-			'token2',
+		$token1 = new DefaultToken();
+		$token1->setId(100);
+		$token2 = new DefaultToken();
+		$token2->setId(200);
+		$tokens = [
+			$token1,
+			$token2,
 		];
+		$sessionToken = new DefaultToken();
+		$sessionToken->setId(100);
+
 		$this->userManager->expects($this->once())
 			->method('get')
 			->with($this->uid)
@@ -67,9 +75,31 @@ class AuthSettingsControllerTest extends TestCase {
 		$this->tokenProvider->expects($this->once())
 			->method('getTokenByUser')
 			->with($this->user)
-			->will($this->returnValue($result));
+			->will($this->returnValue($tokens));
+		$this->session->expects($this->once())
+			->method('getId')
+			->will($this->returnValue('session123'));
+		$this->tokenProvider->expects($this->once())
+			->method('getToken')
+			->with('session123')
+			->will($this->returnValue($sessionToken));
 
-		$this->assertEquals($result, $this->controller->index());
+		$this->assertEquals([
+			[
+				'id' => 100,
+				'name' => null,
+				'lastActivity' => null,
+				'type' => null,
+				'canDelete' => false,
+			],
+			[
+				'id' => 200,
+				'name' => null,
+				'lastActivity' => null,
+				'type' => null,
+				'canDelete' => true,
+			]
+		], $this->controller->index());
 	}
 
 	public function testCreate() {
@@ -107,6 +137,7 @@ class AuthSettingsControllerTest extends TestCase {
 		$expected = [
 			'token' => $newToken,
 			'deviceToken' => $deviceToken,
+			'loginName' => 'User13',
 		];
 		$this->assertEquals($expected, $this->controller->create($name));
 	}
author	Vincent Petry <pvince81@owncloud.com>	2016-07-01 16:15:31 +0200
committer	GitHub <noreply@github.com>	2016-07-01 16:15:31 +0200
commit	6f92aef2657c17dd7cbe5eecfd0a4c508c2424f1 (patch)
tree	b9d39fc33b855c8ea1cae3d3b9dbd2c7152c0078 /tests
parent	7d95cde37d8e26e1187a828f612addd8bba251a1 (diff)
parent	c9a2790893a160a5967a672051e15142fe5f779e (diff)
download	nextcloud-server-6f92aef2657c17dd7cbe5eecfd0a4c508c2424f1.tar.gz nextcloud-server-6f92aef2657c17dd7cbe5eecfd0a4c508c2424f1.zip