upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-02-20 00:12:30 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 38

fix LoginController unit tests

Browse source
This commit is contained in:
Christoph Wurst 2016-04-27 16:44:51 +02:00 committed by Thomas Müller
parent 7aa16e1559
commit aafd660b97
No known key found for this signature in database
GPG key ID: A943788A3BBEC44C
2 changed files with 70 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
core/Controller/LoginController.php
View file

@ -181,7 +181,7 @@ class LoginController extends Controller {
}
$this->userSession->createSessionToken($this->request, $user, $password);
if (!is_null($redirect_url) && $this->userSession->isLoggedIn()) {
$location = OC::$server->getURLGenerator()->getAbsoluteURL(urldecode($redirect_url));
$location = $this->urlGenerator->getAbsoluteURL(urldecode($redirect_url));
// Deny the redirect if the URL contains a @
// This prevents unvalidated redirects like ?redirect_url=:user@domain.com
if (strpos($location, '@') === false) {

70
tests/core/controller/LoginControllerTest.php
View file

@ -53,7 +53,9 @@ class LoginControllerTest extends TestCase {
$this->userManager = $this->getMock('\\OCP\\IUserManager');
$this->config = $this->getMock('\\OCP\\IConfig');
$this->session = $this->getMock('\\OCP\\ISession');
$this->userSession = $this->getMock('\\OCP\\IUserSession');
$this->userSession = $this->getMockBuilder('\\OC\\User\\Session')
->disableOriginalConstructor()
->getMock();
$this->urlGenerator = $this->getMock('\\OCP\\IURLGenerator');
$this->loginController = new LoginController(
@ -264,4 +266,70 @@ class LoginControllerTest extends TestCase {
);
$this->assertEquals($expectedResponse, $this->loginController->showLoginForm('0', '', ''));
}
public function testLoginWithInvalidCredentials() {
$user = 'jane';
$password = 'secret';
$loginPageUrl = 'some url';
$this->userManager->expects($this->once())
->method('checkPassword')
->will($this->returnValue(false));
$this->urlGenerator->expects($this->once())
->method('linkToRoute')
->with('login#showLoginForm')
->will($this->returnValue($loginPageUrl));
$this->userSession->expects($this->never())
->method('createSessionToken');
$expected = new \OCP\AppFramework\Http\RedirectResponse($loginPageUrl);
$this->assertEquals($expected, $this->loginController->tryLogin($user, $password, ''));
}
public function testLoginWithValidCredentials() {
$user = 'jane';
$password = 'secret';
$indexPageUrl = 'some url';
$this->userManager->expects($this->once())
->method('checkPassword')
->will($this->returnValue(true));
$this->userSession->expects($this->once())
->method('createSessionToken')
->with($this->request, $user, $password);
$this->urlGenerator->expects($this->once())
->method('linkTo')
->with('files', 'index')
->will($this->returnValue($indexPageUrl));
$expected = new \OCP\AppFramework\Http\RedirectResponse($indexPageUrl);
$this->assertEquals($expected, $this->loginController->tryLogin($user, $password, null));
}
public function testLoginWithValidCredentialsAndRedirectUrl() {
$user = 'jane';
$password = 'secret';
$originalUrl = 'another%20url';
$redirectUrl = 'http://localhost/another url';
$this->userManager->expects($this->once())
->method('checkPassword')
->will($this->returnValue(true));
$this->userSession->expects($this->once())
->method('createSessionToken')
->with($this->request, $user, $password);
$this->userSession->expects($this->once())
->method('isLoggedIn')
->with()
->will($this->returnValue(true));
$this->urlGenerator->expects($this->once())
->method('getAbsoluteURL')
->with(urldecode($originalUrl))
->will($this->returnValue($redirectUrl));
$expected = new \OCP\AppFramework\Http\RedirectResponse(urldecode($redirectUrl));
$this->assertEquals($expected, $this->loginController->tryLogin($user, $password, $originalUrl));
}
}