update user checker
This commit is contained in:
parent
df9f102ecf
commit
940361ab4b
|
|
@ -1,7 +0,0 @@
|
|||
# define your env variables for the test env here
|
||||
KERNEL_CLASS='App\Kernel'
|
||||
APP_SECRET='$ecretf0rt3st'
|
||||
SYMFONY_DEPRECATIONS_HELPER=999999
|
||||
PANTHER_APP_ENV=panther
|
||||
PANTHER_ERROR_SCREENSHOT_DIR=./var/error-screenshots
|
||||
DATABASE_URL="postgresql://postgres:12345@127.0.0.1:5432/Easy_solution?serverVersion=17charset=utf8"
|
||||
|
|
@ -22,8 +22,6 @@ class UserChecker implements UserCheckerInterface
|
|||
public function checkPostAuth(UserInterface $user): void
|
||||
{
|
||||
//if not Super admin, perform checks
|
||||
if (!in_array('ROLE_SUPER_ADMIN', $user->getRoles(), true))
|
||||
{
|
||||
// runs after credentials are validated
|
||||
if (method_exists($user, 'isDeleted') && $user->isDeleted()) {
|
||||
throw new CustomUserMessageAccountStatusException('Votre compte a été supprimé.');
|
||||
|
|
@ -33,6 +31,8 @@ class UserChecker implements UserCheckerInterface
|
|||
if (method_exists($user, 'isActive') && !$user->isActive()) {
|
||||
throw new CustomUserMessageAccountStatusException('Votre compte est désactivé.');
|
||||
}
|
||||
if (!in_array('ROLE_SUPER_ADMIN', $user->getRoles(), true))
|
||||
{
|
||||
|
||||
//check if the user is in an organization
|
||||
$uo = $this->entityManager->getRepository(UsersOrganizations::class)->findOneBy(['users' => $user, 'isActive' => true]);
|
||||
|
|
|
|||
|
|
@ -1,113 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace App\Tests\Controller;
|
||||
|
||||
|
||||
use App\Tests\Functional\AbstractFunctionalTest;
|
||||
use PHPUnit\Framework\Attributes\Test;
|
||||
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
|
||||
|
||||
class SecurityControllerTest extends AbstractFunctionalTest{
|
||||
|
||||
//region login tests
|
||||
|
||||
#[Test]
|
||||
public function test_login_page_is_accessible(): void
|
||||
{
|
||||
$this->client->request('GET', '/login');
|
||||
self::assertResponseIsSuccessful();
|
||||
}
|
||||
|
||||
#[Test]
|
||||
public function test_login_page_contains_login_form(): void
|
||||
{
|
||||
$this->client->request('GET', '/login');
|
||||
$crawler = $this->client->getCrawler();
|
||||
self::assertGreaterThanOrEqual(
|
||||
0,
|
||||
$crawler->filter('form[name="login_form"]')->count(),
|
||||
'The login page does not contain a login form.'
|
||||
);
|
||||
}
|
||||
|
||||
#[Test]
|
||||
public function test_login_with_invalid_credentials_shows_error(): void
|
||||
{
|
||||
$this->client->request('GET', '/login');
|
||||
// dd($this->client->getResponse()->getContent());
|
||||
$this->client->submitForm('Connexion', [
|
||||
'_username' => 'l@l.com',
|
||||
'_password' => 'invalid_password',
|
||||
]);
|
||||
|
||||
self::assertResponseStatusCodeSame(302);
|
||||
$crawler = $this->client->getCrawler();
|
||||
self::assertGreaterThanOrEqual(
|
||||
0,
|
||||
$crawler->filter('.alert-danger')->count(),
|
||||
|
||||
);
|
||||
}
|
||||
|
||||
// PHPLeague OAuth2 Server causes issues with functional tests involving authentication.
|
||||
// #[Test]
|
||||
// public function test_login_with_valid_credentials_redirects(): void
|
||||
// {
|
||||
// /** @var UserPasswordHasherInterface $passwordHasher */
|
||||
// $passwordHasher = $this->client->getContainer()->get('security.user_password_hasher');
|
||||
//
|
||||
// $userEmail = 'user@email.com';
|
||||
// $plainPassword = 'valid_password';
|
||||
//
|
||||
// $user = $this->createUser($userEmail);
|
||||
//
|
||||
// $hashedPassword = $passwordHasher->hashPassword($user, $plainPassword);
|
||||
// $user->setPassword($hashedPassword);
|
||||
// $organization = $this->createOrganization("orga");
|
||||
// $uo = $this->createUOLink($user, $organization);
|
||||
// $app = $this->createApp("app");
|
||||
// $role = $this->createRole("USER");
|
||||
// $uoa = $this->createUOALink($uo, $app, $role);
|
||||
//
|
||||
// $this->entityManager->persist($user);
|
||||
// $this->entityManager->flush();
|
||||
//
|
||||
// // 3. Attempt login
|
||||
// $this->client->request('GET', '/login');
|
||||
//
|
||||
// $this->client->submitForm('Connexion', [
|
||||
// '_username' => $userEmail,
|
||||
// '_password' => $plainPassword,
|
||||
// ]);
|
||||
//
|
||||
// self::assertResponseRedirects('/application/');
|
||||
// $this->client->followRedirect();
|
||||
//
|
||||
//
|
||||
// self::assertResponseIsSuccessful();
|
||||
// }
|
||||
|
||||
//endregion
|
||||
|
||||
//region logout tests
|
||||
//
|
||||
// #[Test]
|
||||
// public function test_logout_redirects_to_login(): void
|
||||
// {
|
||||
// $user = $this->createUser('user@user.com');
|
||||
// $this->client->loginUser($user);
|
||||
// // 1. Generate a valid CSRF token for the 'logout' intent
|
||||
// $container = $this->client->getContainer();
|
||||
// $token = $container->get('security.csrf.token_manager')->getToken('logout')->getValue();
|
||||
//
|
||||
// // 2. Pass the token as a parameter named '_csrf_token'
|
||||
// $this->client->request('POST', '/sso_logout', [
|
||||
// '_csrf_token' => $token
|
||||
// ]);
|
||||
//
|
||||
// $this->client->followRedirect();
|
||||
//
|
||||
// self::assertResponseRedirects('/login');
|
||||
// self::assertResponseIsSuccessful();
|
||||
// }
|
||||
}
|
||||
Loading…
Reference in New Issue