colin
/
bookstack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Quick test of email confirmation routes and fix of tests

This commit is contained in:
Dan Brown 2021-08-07 21:18:59 +01:00
parent 70f39757b1
commit 39a205ed28
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
10 changed files with 146 additions and 141 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
app/Auth/Access/EmailConfirmationService.php
View File

@ -14,9 +14,6 @@ class EmailConfirmationService extends UserTokenService
/** /**
* Create new confirmation for a user, * Create new confirmation for a user,
* Also removes any existing old ones. * Also removes any existing old ones.
*
* @param User $user
*
* @throws ConfirmationEmailException * @throws ConfirmationEmailException
*/ */
public function sendConfirmation(User $user) public function sendConfirmation(User $user)
@ -33,8 +30,6 @@ class EmailConfirmationService extends UserTokenService
/** /**
* Check if confirmation is required in this instance. * Check if confirmation is required in this instance.
*
* @return bool
*/ */
public function confirmationRequired(): bool public function confirmationRequired(): bool
{ {

8
app/Auth/Access/LoginService.php
View File

@ -10,7 +10,6 @@ use BookStack\Facades\Activity;
use BookStack\Facades\Theme; use BookStack\Facades\Theme;
use BookStack\Theming\ThemeEvents; use BookStack\Theming\ThemeEvents;
use Exception; use Exception;
use phpDocumentor\Reflection\DocBlock\Tags\Method;
class LoginService class LoginService
{ {
@ -18,10 +17,12 @@ class LoginService
protected const LAST_LOGIN_ATTEMPTED_SESSION_KEY = 'auth-login-last-attempted'; protected const LAST_LOGIN_ATTEMPTED_SESSION_KEY = 'auth-login-last-attempted';
protected $mfaSession; protected $mfaSession;
protected $emailConfirmationService;
public function __construct(MfaSession $mfaSession) public function __construct(MfaSession $mfaSession, EmailConfirmationService $emailConfirmationService)
{ {
$this->mfaSession = $mfaSession; $this->mfaSession = $mfaSession;
$this->emailConfirmationService = $emailConfirmationService;
} }
/** /**
@ -149,8 +150,7 @@ class LoginService
*/ */
public function awaitingEmailConfirmation(User $user): bool public function awaitingEmailConfirmation(User $user): bool
{ {
$requireConfirmation = (setting('registration-confirmation') || setting('registration-restrict')); return $this->emailConfirmationService->confirmationRequired() && !$user->email_confirmed;
return $requireConfirmation && !$user->email_confirmed;
} }
/** /**

1
app/Auth/Access/RegistrationService.php
View File

@ -88,7 +88,6 @@ class RegistrationService
session()->flash('sent-email-confirmation', true); session()->flash('sent-email-confirmation', true);
} catch (Exception $e) { } catch (Exception $e) {
$message = trans('auth.email_confirm_send_error'); $message = trans('auth.email_confirm_send_error');
throw new UserRegistrationException($message, '/register/confirm'); throw new UserRegistrationException($message, '/register/confirm');
} }
} }

2
app/Auth/Access/Saml2Service.php
View File

@ -6,6 +6,7 @@ use BookStack\Actions\ActivityType;
use BookStack\Auth\User; use BookStack\Auth\User;
use BookStack\Exceptions\JsonDebugException; use BookStack\Exceptions\JsonDebugException;
use BookStack\Exceptions\SamlException; use BookStack\Exceptions\SamlException;
use BookStack\Exceptions\StoppedAuthenticationException;
use BookStack\Exceptions\UserRegistrationException; use BookStack\Exceptions\UserRegistrationException;
use BookStack\Facades\Activity; use BookStack\Facades\Activity;
use BookStack\Facades\Theme; use BookStack\Facades\Theme;
@ -357,6 +358,7 @@ class Saml2Service extends ExternalAuthService
* @throws SamlException * @throws SamlException
* @throws JsonDebugException * @throws JsonDebugException
* @throws UserRegistrationException * @throws UserRegistrationException
* @throws StoppedAuthenticationException
*/ */
public function processLoginCallback(string $samlID, array $samlAttributes): User public function processLoginCallback(string $samlID, array $samlAttributes): User
{ {

29
app/Exceptions/StoppedAuthenticationException.php
View File

@ -5,6 +5,7 @@ namespace BookStack\Exceptions;
use BookStack\Auth\Access\LoginService; use BookStack\Auth\Access\LoginService;
use BookStack\Auth\User; use BookStack\Auth\User;
use Illuminate\Contracts\Support\Responsable; use Illuminate\Contracts\Support\Responsable;
use Illuminate\Http\Request;
class StoppedAuthenticationException extends \Exception implements Responsable class StoppedAuthenticationException extends \Exception implements Responsable
{ {
@ -30,11 +31,35 @@ class StoppedAuthenticationException extends \Exception implements Responsable
$redirect = '/login'; $redirect = '/login';
if ($this->loginService->awaitingEmailConfirmation($this->user)) { if ($this->loginService->awaitingEmailConfirmation($this->user)) {
$redirect = '/register/confirm/awaiting'; return $this->awaitingEmailConfirmationResponse($request);
} else if ($this->loginService->needsMfaVerification($this->user)) { }
if ($this->loginService->needsMfaVerification($this->user)) {
$redirect = '/mfa/verify'; $redirect = '/mfa/verify';
} }
return redirect($redirect); return redirect($redirect);
} }
/**
* Provide an error response for when the current user's email is not confirmed
* in a system which requires it.
*/
protected function awaitingEmailConfirmationResponse(Request $request)
{
if ($request->wantsJson()) {
return response()->json([
'error' => [
'code' => 401,
'message' => trans('errors.email_confirmation_awaiting'),
],
], 401);
}
if (session()->get('sent-email-confirmation') === true) {
return redirect('/register/confirm');
}
return redirect('/register/confirm/awaiting');
}
} }

2
app/Http/Controllers/Auth/RegisterController.php
View File

@ -6,6 +6,7 @@ use BookStack\Auth\Access\LoginService;
use BookStack\Auth\Access\RegistrationService; use BookStack\Auth\Access\RegistrationService;
use BookStack\Auth\Access\SocialAuthService; use BookStack\Auth\Access\SocialAuthService;
use BookStack\Auth\User; use BookStack\Auth\User;
use BookStack\Exceptions\StoppedAuthenticationException;
use BookStack\Exceptions\UserRegistrationException; use BookStack\Exceptions\UserRegistrationException;
use BookStack\Http\Controllers\Controller; use BookStack\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\RegistersUsers; use Illuminate\Foundation\Auth\RegistersUsers;
@ -93,6 +94,7 @@ class RegisterController extends Controller
* Handle a registration request for the application. * Handle a registration request for the application.
* *
* @throws UserRegistrationException * @throws UserRegistrationException
* @throws StoppedAuthenticationException
*/ */
public function postRegister(Request $request) public function postRegister(Request $request)
{ {

22
app/Http/Middleware/Authenticate.php
View File

@ -21,26 +21,4 @@ class Authenticate
return $next($request); return $next($request);
} }
/**
* Provide an error response for when the current user's email is not confirmed
* in a system which requires it.
*/
protected function emailConfirmationErrorResponse(Request $request)
{
if ($request->wantsJson()) {
return response()->json([
'error' => [
'code' => 401,
'message' => trans('errors.email_confirmation_awaiting'),
],
], 401);
}
if (session()->get('sent-email-confirmation') === true) {
return redirect('/register/confirm');
}
return redirect('/register/confirm/awaiting');
}
} }

12
tests/Auth/AuthTest.php
View File

@ -131,7 +131,8 @@ class AuthTest extends BrowserKitTest
->seePageIs('/register/confirm/awaiting') ->seePageIs('/register/confirm/awaiting')
->see('Resend') ->see('Resend')
->visit('/books') ->visit('/books')
->seePageIs('/register/confirm/awaiting') ->seePageIs('/login')
->visit('/register/confirm/awaiting')
->press('Resend Confirmation Email'); ->press('Resend Confirmation Email');
// Get confirmation and confirm notification matches // Get confirmation and confirm notification matches
@ -172,10 +173,7 @@ class AuthTest extends BrowserKitTest
->seePageIs('/register/confirm') ->seePageIs('/register/confirm')
->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]); ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
$this->visit('/') $this->assertNull(auth()->user());
->seePageIs('/register/confirm/awaiting');
auth()->logout();
$this->visit('/')->seePageIs('/login') $this->visit('/')->seePageIs('/login')
->type($user->email, '#email') ->type($user->email, '#email')
@ -209,10 +207,8 @@ class AuthTest extends BrowserKitTest
->seePageIs('/register/confirm') ->seePageIs('/register/confirm')
->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]); ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
$this->visit('/') $this->assertNull(auth()->user());
->seePageIs('/register/confirm/awaiting');
auth()->logout();
$this->visit('/')->seePageIs('/login') $this->visit('/')->seePageIs('/login')
->type($user->email, '#email') ->type($user->email, '#email')
->type($user->password, '#password') ->type($user->password, '#password')

14
tests/Auth/LdapTest.php
View File

@ -651,9 +651,9 @@ class LdapTest extends TestCase
'services.ldap.remove_from_groups' => true, 'services.ldap.remove_from_groups' => true,
]); ]);
$this->commonLdapMocks(1, 1, 3, 4, 3, 2); $this->commonLdapMocks(1, 1, 6, 8, 6, 4);
$this->mockLdap->shouldReceive('searchAndGetEntries') $this->mockLdap->shouldReceive('searchAndGetEntries')
->times(3) ->times(6)
->andReturn(['count' => 1, 0 => [ ->andReturn(['count' => 1, 0 => [
'uid' => [$user->name], 'uid' => [$user->name],
'cn' => [$user->name], 'cn' => [$user->name],
@ -665,7 +665,8 @@ class LdapTest extends TestCase
], ],
]]); ]]);
$this->followingRedirects()->mockUserLogin()->assertSee('Thanks for registering!'); $login = $this->followingRedirects()->mockUserLogin();
$login->assertSee('Thanks for registering!');
$this->assertDatabaseHas('users', [ $this->assertDatabaseHas('users', [
'email' => $user->email, 'email' => $user->email,
'email_confirmed' => false, 'email_confirmed' => false,
@ -677,8 +678,13 @@ class LdapTest extends TestCase
'role_id' => $roleToReceive->id, 'role_id' => $roleToReceive->id,
]); ]);
$this->assertNull(auth()->user());
$homePage = $this->get('/'); $homePage = $this->get('/');
$homePage->assertRedirect('/register/confirm/awaiting'); $homePage->assertRedirect('/login');
$login = $this->followingRedirects()->mockUserLogin();
$login->assertSee('Email Address Not Confirmed');
} }
public function test_failed_logins_are_logged_when_message_configured() public function test_failed_logins_are_logged_when_message_configured()

6
tests/Auth/Saml2Test.php
View File

@ -289,16 +289,18 @@ class Saml2Test extends TestCase
$this->assertEquals('http://localhost/register/confirm', url()->current()); $this->assertEquals('http://localhost/register/confirm', url()->current());
$acsPost->assertSee('Please check your email and click the confirmation button to access BookStack.'); $acsPost->assertSee('Please check your email and click the confirmation button to access BookStack.');
/** @var User $user */
$user = User::query()->where('external_auth_id', '=', 'user')->first(); $user = User::query()->where('external_auth_id', '=', 'user')->first();
$userRoleIds = $user->roles()->pluck('id'); $userRoleIds = $user->roles()->pluck('id');
$this->assertContains($memberRole->id, $userRoleIds, 'User was assigned to member role'); $this->assertContains($memberRole->id, $userRoleIds, 'User was assigned to member role');
$this->assertContains($adminRole->id, $userRoleIds, 'User was assigned to admin role'); $this->assertContains($adminRole->id, $userRoleIds, 'User was assigned to admin role');
$this->assertTrue($user->email_confirmed == false, 'User email remains unconfirmed'); $this->assertFalse(boolval($user->email_confirmed), 'User email remains unconfirmed');
}); });
$this->assertNull(auth()->user());
$homeGet = $this->get('/'); $homeGet = $this->get('/');
$homeGet->assertRedirect('/register/confirm/awaiting'); $homeGet->assertRedirect('/login');
} }
public function test_login_where_existing_non_saml_user_shows_warning() public function test_login_where_existing_non_saml_user_shows_warning()