Skip to content
Snippets Groups Projects
Commit ad497a0a authored by andrew-sereda's avatar andrew-sereda
Browse files

Reworked test to be Kernel test

parent 4822c605
No related branches found
No related tags found
No related merge requests found
Pipeline #344661 failed with stages
in 55 seconds
services:
simple_oauth_test.user_update_subscriber:
class: Drupal\simple_oauth_test\EventSubscriber\SimpleOauthTestUserUpdateSubscriber
tags:
- { name: event_subscriber }
<?php
namespace Drupal\simple_oauth_test\EventSubscriber;
use Drupal\simple_oauth\Event\UserUpdateTokenInvalidationEvent;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
/**
* Event subscriber for user update event.
*/
class SimpleOauthTestUserUpdateSubscriber implements EventSubscriberInterface {
/**
* {@inheritdoc}
*/
public static function getSubscribedEvents() {
return [
'Drupal\simple_oauth\Event\UserUpdateTokenInvalidationEvent' => 'onUserUpdateTokenInvalidationEvent',
];
}
/**
* Handle invalidation of tokens secondary to entity update.
*/
public function onUserUpdateTokenInvalidationEvent(UserUpdateTokenInvalidationEvent $event) {
if ($event->getUser()->getAccountName() === 'test_user_no_invalidation') {
$event->setInvalidateAccessTokens(FALSE);
$event->setInvalidateRefreshTokens(FALSE);
}
elseif ($event->getUser()->getAccountName() === 'test_user_change_access') {
$event->setInvalidateAccessTokens($event->haveUserAccessCharacteristicsChanged());
$event->setInvalidateRefreshTokens($event->haveUserAccessCharacteristicsChanged());
}
}
}
<?php
namespace Drupal\Tests\simple_oauth\Kernel;
use Drupal\consumers\Entity\Consumer;
use Drupal\KernelTests\KernelTestBase;
use Drupal\simple_oauth\Entity\Oauth2Token;
use Drupal\user\Entity\Role;
use Drupal\user\Entity\User;
/**
* Kernel test for the entity update handler event.
*
* @coversDefaultClass \Drupal\simple_oauth\EntityUpdateHookHandler
* @group simple_oauth
*/
class EntityUpdateHandlerTest extends KernelTestBase {
/**
* {@inheritdoc}
*/
protected static $modules = [
'consumers',
'file',
'image',
'serialization',
'simple_oauth',
'simple_oauth_test',
'system',
'user',
];
/**
* First test user.
*
* @var \Drupal\Core\Session\AccountInterface
*/
protected $testUser;
/**
* Second test user with event subscriber to avoid token invalidation.
*
* @var \Drupal\Core\Session\AccountInterface
*/
protected $testUserNoInvalidation;
/**
* Third test user with event subscriber to invalidate tokens only if
* access characteristics have changed.
*
* @var \Drupal\Core\Session\AccountInterface
*/
protected $testUserChangeAccess;
/**
* Expired collector service.
*
* @var \Drupal\simple_oauth\ExpiredCollector
*/
protected $expiredCollector;
/**
* {@inheritdoc}
*/
protected function setUp(): void {
parent::setUp();
$this->installConfig(['simple_oauth']);
$this->installSchema('user', ['users_data']);
$this->installEntitySchema('user');
$this->installEntitySchema('user_role');
$this->installEntitySchema('consumer');
$this->installEntitySchema('oauth2_token');
$this->installEntitySchema('file');
// Create few test roles.
Role::create([
'id' => 'role1',
'label' => 'Role 1',
])->save();
Role::create([
'id' => 'role2',
'label' => 'Role 2',
])->save();
// Regular test user.
$this->testUser = User::create([
'name' => 'test',
'pass' => 'password',
'status' => 1,
]);
$this->testUser->addRole('role1');
$this->testUser->save();
// Test user with event subscriber to avoid token invalidation.
// @see \Drupal\simple_oauth_test\EventSubscriber\SimpleOauthTestUserUpdateSubscriber
$this->testUserNoInvalidation = User::create([
'name' => 'test_user_no_invalidation',
'pass' => 'password',
'status' => 1,
]);
$this->testUserNoInvalidation->addRole('role1');
$this->testUserNoInvalidation->save();
// Test user with event subscriber to onlt invalidate tokens if access
// characteristics have changed.
// @see \Drupal\simple_oauth_test\EventSubscriber\SimpleOauthTestUserUpdateSubscriber
$this->testUserChangeAccess = User::create([
'name' => 'test_user_change_access',
'pass' => 'password',
'status' => 1,
]);
$this->testUserChangeAccess->addRole('role1');
$this->testUserChangeAccess->save();
// Create a few OAuth2 tokens and add them to the users.
Consumer::create([
'label' => 'Test consumer',
'client_id' => 'test',
])->save();
Oauth2Token::create([
'bundle' => 'access_token',
'auth_user_id' => $this->testUser->id(),
'client' => '1',
'value' => 'token1',
])->save();
Oauth2Token::create([
'bundle' => 'refresh_token',
'auth_user_id' => $this->testUser->id(),
'client' => '1',
'value' => 'token2',
])->save();
Oauth2Token::create([
'bundle' => 'access_token',
'auth_user_id' => $this->testUserNoInvalidation->id(),
'client' => '1',
'value' => 'token3',
])->save();
Oauth2Token::create([
'bundle' => 'refresh_token',
'auth_user_id' => $this->testUserNoInvalidation->id(),
'client' => '1',
'value' => 'token4',
])->save();
Oauth2Token::create([
'bundle' => 'access_token',
'auth_user_id' => $this->testUserChangeAccess->id(),
'client' => '1',
'value' => 'token3',
])->save();
Oauth2Token::create([
'bundle' => 'refresh_token',
'auth_user_id' => $this->testUserChangeAccess->id(),
'client' => '1',
'value' => 'token4',
])->save();
$this->expiredCollector = $this->container->get('simple_oauth.expired_collector');
}
/**
* Check tokens invalidation when user roles change.
*/
public function testEntityUpdateHandlerRoleChange() {
$user = User::load($this->testUser->id());
$user->addRole('role2');
$user->save();
$this->assertEmpty($this->expiredCollector->collectForAccount($user));
$user = User::load($this->testUserChangeAccess->id());
$user->addRole('role2');
$user->save();
$this->assertEmpty($this->expiredCollector->collectForAccount($user));
$user = User::load($this->testUserNoInvalidation->id());
$user->addRole('role2');
$user->save();
$this->assertNotEmpty($this->expiredCollector->collectForAccount($user));
}
/**
* Check tokens invalidation when user password changes.
*/
public function testEntityUpdateHandlerPasswordChange() {
$user = User::load($this->testUser->id());
$user->setPassword('new_password');
$user->save();
$this->assertEmpty($this->expiredCollector->collectForAccount($user));
$user = User::load($this->testUserChangeAccess->id());
$user->setPassword('new_password');
$user->save();
$this->assertEmpty($this->expiredCollector->collectForAccount($user));
$user = User::load($this->testUserNoInvalidation->id());
$user->setPassword('new_password');
$user->save();
$this->assertNotEmpty($this->expiredCollector->collectForAccount($user));
}
/**
* Check tokens invalidation when user status changes.
*/
public function testEntityUpdateHandlerStatusChange() {
$user = User::load($this->testUser->id());
$user->block();
$user->save();
$this->assertEmpty($this->expiredCollector->collectForAccount($user));
$user = User::load($this->testUserChangeAccess->id());
$user->block();
$user->save();
$this->assertEmpty($this->expiredCollector->collectForAccount($user));
$user = User::load($this->testUserNoInvalidation->id());
$user->block();
$user->save();
$this->assertNotEmpty($this->expiredCollector->collectForAccount($user));
}
/**
* Check tokens invalidation when no changes are made.
*/
public function testEntityUpdateHandlerNoChange() {
$user = User::load($this->testUser->id());
$user->save();
$this->assertEmpty($this->expiredCollector->collectForAccount($user));
$user = User::load($this->testUserChangeAccess->id());
$user->save();
$this->assertNotEmpty($this->expiredCollector->collectForAccount($user));
$user = User::load($this->testUserNoInvalidation->id());
$user->save();
$this->assertNotEmpty($this->expiredCollector->collectForAccount($user));
}
}
<?php
namespace Drupal\Tests\simple_oauth\Unit;
use Drupal\Component\EventDispatcher\Event;
use Drupal\simple_oauth\EntityUpdateHookHandler;
use Drupal\simple_oauth\Event\UserUpdateTokenInvalidationEvent;
use Drupal\simple_oauth\ExpiredCollector;
use Drupal\Tests\UnitTestCase;
use Drupal\user\UserInterface;
use Prophecy\Argument;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
/**
* @coversDefaultClass \Drupal\simple_oauth\EntityUpdateHookHandler
* @group simple_oauth
*/
class EntityUpdateHandlerTest extends UnitTestCase {
/**
* The expired collector prophecy.
*
* @var \Drupal\simple_oauth\ExpiredCollector
*/
protected $expiredCollector;
/**
* The entity update handler prophecy.
*
* @var \Drupal\simple_oauth\EntityUpdateHookHandler
*/
protected $updateHandler;
/**
* {@inheritdoc}
*/
protected function setUp(): void {
parent::setUp();
$this->expiredCollector = $this->prophesize(ExpiredCollector::class);
$this->expiredCollector
->collectForAccount(Argument::type(UserInterface::class), Argument::type('bool'))
->willReturn([]);
$event_dispatcher = $this->prophesize(EventDispatcherInterface::class);
$event_dispatcher
->dispatch(Argument::type(UserUpdateTokenInvalidationEvent::class))
->willReturn(new Event());
$this->updateHandler = new EntityUpdateHookHandler(
$this->expiredCollector->reveal(),
$event_dispatcher->reveal()
);
}
/**
* Tokens should be invalidated when user roles change.
*
* @covers ::entityUpdateHandler
*/
public function testEntityUpdateHandlerRoleChange() {
$user = $this->prophesize(UserInterface::class);
$user->getRoles()->willReturn(['role1']);
$user->pass = (object) ['value' => 'password'];
$user->isActive()->willReturn(TRUE);
$user_original = $this->prophesize(UserInterface::class);
$user_original->getRoles()->willReturn(['role1', 'role2']);
$user_original->pass = (object) ['value' => 'password'];
$user_original->isActive()->willReturn(TRUE);
$user->original = $user_original->reveal();
$this->updateHandler->handleEntityUpdate($user->reveal());
$this->expiredCollector->deleteMultipleTokens([])->shouldBeCalled();
}
/**
* Tokens should be invalidated when user password changes.
*
* @covers ::entityUpdateHandler
*/
public function testEntityUpdateHandlerPasswordChange() {
$user = $this->prophesize(UserInterface::class);
$user->getRoles()->willReturn(['role1']);
$user->pass = (object) ['value' => 'new_password'];
$user->isActive()->willReturn(TRUE);
$user_original = $this->prophesize(UserInterface::class);
$user_original->getRoles()->willReturn(['role1']);
$user_original->pass = (object) ['value' => 'password'];
$user_original->isActive()->willReturn(TRUE);
$user->original = $user_original->reveal();
$this->updateHandler->handleEntityUpdate($user->reveal());
$this->expiredCollector->deleteMultipleTokens([])->shouldBeCalled();
}
/**
* Tokens should be invalidated when user status changes.
*
* @covers ::entityUpdateHandler
*/
public function testEntityUpdateHandlerStatusChange() {
$user = $this->prophesize(UserInterface::class);
$user->getRoles()->willReturn(['role1']);
$user->pass = (object) ['value' => 'password'];
$user->isActive()->willReturn(FALSE);
$user_original = $this->prophesize(UserInterface::class);
$user_original->getRoles()->willReturn(['role1']);
$user_original->pass = (object) ['value' => 'password'];
$user_original->isActive()->willReturn(TRUE);
$user->original = $user_original->reveal();
$this->updateHandler->handleEntityUpdate($user->reveal());
$this->expiredCollector->deleteMultipleTokens([])->shouldBeCalled();
}
/**
* Tokens should be invalidated when user roles, status and pass are same.
*
* @covers ::entityUpdateHandler
*/
public function testEntityUpdateHandlerNoChange() {
$user = $this->prophesize(UserInterface::class);
$user->getRoles()->willReturn(['role1']);
$user->pass = (object) ['value' => 'password'];
$user->isActive()->willReturn(TRUE);
$user_original = $this->prophesize(UserInterface::class);
$user_original->getRoles()->willReturn(['role1']);
$user_original->pass = (object) ['value' => 'password'];
$user_original->isActive()->willReturn(TRUE);
$user->original = $user_original->reveal();
$this->updateHandler->handleEntityUpdate($user->reveal());
$this->expiredCollector->deleteMultipleTokens([])->shouldBeCalled();
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment