diff options
Diffstat (limited to 'tests/lib/Authentication/TwoFactorAuth/MandatoryTwoFactorTest.php')
| -rw-r--r-- | tests/lib/Authentication/TwoFactorAuth/MandatoryTwoFactorTest.php | 142 |
1 files changed, 126 insertions, 16 deletions
diff --git a/tests/lib/Authentication/TwoFactorAuth/MandatoryTwoFactorTest.php b/tests/lib/Authentication/TwoFactorAuth/MandatoryTwoFactorTest.php index 1cacbd5f787..61ffb404dd9 100644 --- a/tests/lib/Authentication/TwoFactorAuth/MandatoryTwoFactorTest.php +++ b/tests/lib/Authentication/TwoFactorAuth/MandatoryTwoFactorTest.php @@ -26,8 +26,11 @@ declare(strict_types=1); namespace Tests\Authentication\TwoFactorAuth; +use OC\Authentication\TwoFactorAuth\EnforcementState; use OC\Authentication\TwoFactorAuth\MandatoryTwoFactor; use OCP\IConfig; +use OCP\IGroupManager; +use OCP\IUser; use PHPUnit\Framework\MockObject\MockObject; use Test\TestCase; @@ -36,6 +39,9 @@ class MandatoryTwoFactorTest extends TestCase { /** @var IConfig|MockObject */ private $config; + /** @var IGroupManager|MockObject */ + private $groupManager; + /** @var MandatoryTwoFactor */ private $mandatoryTwoFactor; @@ -43,46 +49,150 @@ class MandatoryTwoFactorTest extends TestCase { parent::setUp(); $this->config = $this->createMock(IConfig::class); + $this->groupManager = $this->createMock(IGroupManager::class); - $this->mandatoryTwoFactor = new MandatoryTwoFactor($this->config); + $this->mandatoryTwoFactor = new MandatoryTwoFactor($this->config, $this->groupManager); } public function testIsNotEnforced() { - $this->config->expects($this->once()) + $this->config ->method('getSystemValue') - ->with('twofactor_enforced', 'false') - ->willReturn('false'); + ->willReturnMap([ + ['twofactor_enforced', 'false', 'false'], + ['twofactor_enforced_groups', [], []], + ['twofactor_enforced_excluded_groups', [], []], + ]); - $isEnforced = $this->mandatoryTwoFactor->isEnforced(); + $state = $this->mandatoryTwoFactor->getState(); - $this->assertFalse($isEnforced); + $this->assertFalse($state->isEnforced()); } public function testIsEnforced() { - $this->config->expects($this->once()) + $this->config + ->method('getSystemValue') + ->willReturnMap([ + ['twofactor_enforced', 'false', 'true'], + ['twofactor_enforced_groups', [], []], + ['twofactor_enforced_excluded_groups', [], []], + ]); + + $state = $this->mandatoryTwoFactor->getState(); + + $this->assertTrue($state->isEnforced()); + } + + public function testIsNotEnforcedForAnybody() { + $user = $this->createMock(IUser::class); + $user->method('getUID')->willReturn('user123'); + $this->config ->method('getSystemValue') - ->with('twofactor_enforced', 'false') - ->willReturn('true'); + ->willReturnMap([ + ['twofactor_enforced', 'false', 'false'], + ['twofactor_enforced_groups', [], []], + ['twofactor_enforced_excluded_groups', [], []], + ]); - $isEnforced = $this->mandatoryTwoFactor->isEnforced(); + $isEnforced = $this->mandatoryTwoFactor->isEnforcedFor($user); + + $this->assertFalse($isEnforced); + } + + public function testIsEnforcedForAGroupMember() { + $user = $this->createMock(IUser::class); + $user->method('getUID')->willReturn('user123'); + $this->config + ->method('getSystemValue') + ->willReturnMap([ + ['twofactor_enforced', 'false', 'true'], + ['twofactor_enforced_groups', [], ['twofactorers']], + ['twofactor_enforced_excluded_groups', [], []], + ]); + $this->groupManager->method('isInGroup') + ->willReturnCallback(function($user, $group) { + return $user === 'user123' && $group ==='twofactorers'; + }); + + $isEnforced = $this->mandatoryTwoFactor->isEnforcedFor($user); $this->assertTrue($isEnforced); } + public function testIsEnforcedForOtherGroups() { + $user = $this->createMock(IUser::class); + $user->method('getUID')->willReturn('user123'); + $this->config + ->method('getSystemValue') + ->willReturnMap([ + ['twofactor_enforced', 'false', 'true'], + ['twofactor_enforced_groups', [], ['twofactorers']], + ['twofactor_enforced_excluded_groups', [], []], + ]); + $this->groupManager->method('isInGroup') + ->willReturn(false); + + $isEnforced = $this->mandatoryTwoFactor->isEnforcedFor($user); + + $this->assertFalse($isEnforced); + } + + public function testIsEnforcedButMemberOfExcludedGroup() { + $user = $this->createMock(IUser::class); + $user->method('getUID')->willReturn('user123'); + $this->config + ->method('getSystemValue') + ->willReturnMap([ + ['twofactor_enforced', 'false', 'true'], + ['twofactor_enforced_groups', [], []], + ['twofactor_enforced_excluded_groups', [], ['yoloers']], + ]); + $this->groupManager->method('isInGroup') + ->willReturnCallback(function($user, $group) { + return $user === 'user123' && $group ==='yoloers'; + }); + + $isEnforced = $this->mandatoryTwoFactor->isEnforcedFor($user); + + $this->assertFalse($isEnforced); + } + public function testSetEnforced() { - $this->config->expects($this->once()) + $this->config + ->expects($this->exactly(3)) + ->method('setSystemValue') + ->willReturnMap([ + ['twofactor_enforced', 'true'], + ['twofactor_enforced_groups', []], + ['twofactor_enforced_excluded_groups', []], + ]); + + $this->mandatoryTwoFactor->setState(new EnforcementState(true)); + } + + public function testSetEnforcedForGroups() { + $this->config + ->expects($this->exactly(3)) ->method('setSystemValue') - ->with('twofactor_enforced', 'true'); + ->willReturnMap([ + ['twofactor_enforced', 'true'], + ['twofactor_enforced_groups', ['twofactorers']], + ['twofactor_enforced_excluded_groups', ['yoloers']], + ]); - $this->mandatoryTwoFactor->setEnforced(true); + $this->mandatoryTwoFactor->setState(new EnforcementState(true, ['twofactorers'], ['yoloers'])); } public function testSetNotEnforced() { - $this->config->expects($this->once()) + $this->config + ->expects($this->exactly(3)) ->method('setSystemValue') - ->with('twofactor_enforced', 'false'); + ->willReturnMap([ + ['twofactor_enforced', 'false'], + ['twofactor_enforced_groups', []], + ['twofactor_enforced_excluded_groups', []], + ]); - $this->mandatoryTwoFactor->setEnforced(false); + $this->mandatoryTwoFactor->setState(new EnforcementState(false)); } } |