bookstack/tests/Auth/GroupSyncServiceTest.php

<?php

namespace Tests\Auth;

use BookStack\Auth\Access\GroupSyncService;
use BookStack\Auth\Role;
use BookStack\Auth\User;
use Tests\TestCase;

class GroupSyncServiceTest extends TestCase
{
    public function test_user_is_assigned_to_matching_roles()
    {
        $user = $this->getViewer();

        $roleA = Role::factory()->create(['display_name' => 'Wizards']);
        $roleB = Role::factory()->create(['display_name' => 'Gremlins']);
        $roleC = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'sales']);
        $roleD = Role::factory()->create(['display_name' => 'DEF456', 'external_auth_id' => 'admin-team']);

        foreach ([$roleA, $roleB, $roleC, $roleD] as $role) {
            $this->assertFalse($user->hasRole($role->id));
        }

        (new GroupSyncService())->syncUserWithFoundGroups($user, ['Wizards', 'Gremlinz', 'Sales', 'Admin Team'], false);

        $user = User::query()->find($user->id);
        $this->assertTrue($user->hasRole($roleA->id));
        $this->assertFalse($user->hasRole($roleB->id));
        $this->assertTrue($user->hasRole($roleC->id));
        $this->assertTrue($user->hasRole($roleD->id));
    }

    public function test_multiple_values_in_role_external_auth_id_handled()
    {
        $user = $this->getViewer();
        $role = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'sales, engineering, developers, marketers']);
        $this->assertFalse($user->hasRole($role->id));

        (new GroupSyncService())->syncUserWithFoundGroups($user, ['Developers'], false);

        $user = User::query()->find($user->id);
        $this->assertTrue($user->hasRole($role->id));
    }

    public function test_commas_can_be_used_in_external_auth_id_if_escaped()
    {
        $user = $this->getViewer();
        $role = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'sales\,-developers, marketers']);
        $this->assertFalse($user->hasRole($role->id));

        (new GroupSyncService())->syncUserWithFoundGroups($user, ['Sales, Developers'], false);

        $user = User::query()->find($user->id);
        $this->assertTrue($user->hasRole($role->id));
    }

    public function test_external_auth_id_matches_ignoring_case()
    {
        $user = $this->getViewer();
        $role = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'WaRRioRs']);
        $this->assertFalse($user->hasRole($role->id));

        (new GroupSyncService())->syncUserWithFoundGroups($user, ['wArriors', 'penguiNs'], false);

        $user = User::query()->find($user->id);
        $this->assertTrue($user->hasRole($role->id));
    }
}
Added ability to escape role "External Auth ID" commas - Using a backslash in this field before a comma. - Could potentially (Although unlikely) be a breaking change. For #3405 2022-05-05 04:03:13 +08:00			`<?php`

			`namespace Tests\Auth;`

			`use BookStack\Auth\Access\GroupSyncService;`
			`use BookStack\Auth\Role;`
			`use BookStack\Auth\User;`
			`use Tests\TestCase;`

			`class GroupSyncServiceTest extends TestCase`
			`{`
			`public function test_user_is_assigned_to_matching_roles()`
			`{`
			`$user = $this->getViewer();`

			`$roleA = Role::factory()->create(['display_name' => 'Wizards']);`
			`$roleB = Role::factory()->create(['display_name' => 'Gremlins']);`
			`$roleC = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'sales']);`
			`$roleD = Role::factory()->create(['display_name' => 'DEF456', 'external_auth_id' => 'admin-team']);`

Updated composer deps, applied styleci changes 2022-06-09 01:00:30 +08:00			`foreach ([$roleA, $roleB, $roleC, $roleD] as $role) {`
Added ability to escape role "External Auth ID" commas - Using a backslash in this field before a comma. - Could potentially (Although unlikely) be a breaking change. For #3405 2022-05-05 04:03:13 +08:00			`$this->assertFalse($user->hasRole($role->id));`
			`}`

			`(new GroupSyncService())->syncUserWithFoundGroups($user, ['Wizards', 'Gremlinz', 'Sales', 'Admin Team'], false);`

			`$user = User::query()->find($user->id);`
			`$this->assertTrue($user->hasRole($roleA->id));`
			`$this->assertFalse($user->hasRole($roleB->id));`
			`$this->assertTrue($user->hasRole($roleC->id));`
			`$this->assertTrue($user->hasRole($roleD->id));`
			`}`

			`public function test_multiple_values_in_role_external_auth_id_handled()`
			`{`
			`$user = $this->getViewer();`
			`$role = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'sales, engineering, developers, marketers']);`
			`$this->assertFalse($user->hasRole($role->id));`

			`(new GroupSyncService())->syncUserWithFoundGroups($user, ['Developers'], false);`

			`$user = User::query()->find($user->id);`
			`$this->assertTrue($user->hasRole($role->id));`
			`}`

			`public function test_commas_can_be_used_in_external_auth_id_if_escaped()`
			`{`
			`$user = $this->getViewer();`
			`$role = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'sales\,-developers, marketers']);`
			`$this->assertFalse($user->hasRole($role->id));`

			`(new GroupSyncService())->syncUserWithFoundGroups($user, ['Sales, Developers'], false);`

			`$user = User::query()->find($user->id);`
			`$this->assertTrue($user->hasRole($role->id));`
			`}`
Auth group sync: Fixed unintential mapping behaviour change Due to change in how casing was handled when used in the "External Auth ID" role field. Likely related to #3535. Added test to cover. 2022-06-27 21:17:42 +08:00
			`public function test_external_auth_id_matches_ignoring_case()`
			`{`
			`$user = $this->getViewer();`
			`$role = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'WaRRioRs']);`
			`$this->assertFalse($user->hasRole($role->id));`

			`(new GroupSyncService())->syncUserWithFoundGroups($user, ['wArriors', 'penguiNs'], false);`

			`$user = User::query()->find($user->id);`
			`$this->assertTrue($user->hasRole($role->id));`
			`}`
Updated composer deps, applied styleci changes 2022-06-09 01:00:30 +08:00			`}`