Add security tests

ArmaForces · Jan 7, 2024 · cee3115 · cee3115
1 parent 624a38f
commit cee3115
Show file tree

Hide file tree

Showing 31 changed files with 98 additions and 31 deletions.
diff --git a/src/Controller/Security/ConnectCheckAction.php b/src/Controller/Security/ConnectCheckAction.php
@@ -4,15 +4,14 @@
 
 namespace App\Controller\Security;
 
-use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\Routing\Annotation\Route;
 
 class ConnectCheckAction extends AbstractController
 {
     #[Route('/security/connect/discord/check', name: 'app_security_connect_discord_check')]
-    public function __invoke(ClientRegistry $clientRegistry): RedirectResponse
+    public function __invoke(): RedirectResponse
     {
         throw new \RuntimeException('This should never be executed!');
     }

diff --git a/src/Controller/Security/LogoutAction.php b/src/Controller/Security/LogoutAction.php
@@ -4,15 +4,14 @@
 
 namespace App\Controller\Security;
 
-use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\Routing\Annotation\Route;
 
 class LogoutAction extends AbstractController
 {
     #[Route('/security/logout', name: 'app_security_logout')]
-    public function __invoke(ClientRegistry $clientRegistry): RedirectResponse
+    public function __invoke(): RedirectResponse
     {
         throw new \RuntimeException('This should never be executed!');
     }

diff --git a/tests/_support/FunctionalTester.php b/tests/_support/FunctionalTester.php
@@ -50,11 +50,18 @@ public function seeResponseRedirectsTo(string $url): void
         $this->seeHttpHeader('Location', $url);
     }
 
-    public function seeResponseRedirectsToDiscordAuth(): void
+    public function seeResponseRedirectsToLogInAction(): void
     {
         $this->seeResponseRedirectsTo('/security/connect/discord');
     }
 
+    public function seeResponseRedirectsToDiscordOauth(): void
+    {
+        $this->seeResponseCodeIsRedirection();
+        $redirect = $this->grabHttpHeader('Location');
+        $this->assertTrue(str_starts_with($redirect, 'https://discord.com/oauth2/authorize'));
+    }
+
     public function seeActionButton(string $tooltip, string $url = null): void
     {
         $selector = sprintf('a i[title="%s"]', $tooltip);

diff --git a/tests/functional/Web/Dlc/CreateDlcCest.php b/tests/functional/Web/Dlc/CreateDlcCest.php
@@ -22,7 +22,7 @@ public function _before(FunctionalTester $I): void
     public function createDlcAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage('/dlc/create');
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function createDlcAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/Dlc/DeleteDlcCest.php b/tests/functional/Web/Dlc/DeleteDlcCest.php
@@ -22,7 +22,7 @@ public function deleteDlcAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $id = SogPrairieFireDlcFixture::ID;
         $I->amOnPage(sprintf('/dlc/%s/delete', $id));
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
 
         $I->seeInRepository(Dlc::class, ['id' => $id]);
     }

diff --git a/tests/functional/Web/Dlc/ListDlcsCest.php b/tests/functional/Web/Dlc/ListDlcsCest.php
@@ -19,7 +19,7 @@ public function _before(FunctionalTester $I): void
     public function listDlcsAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage('/dlc/list');
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function listDlcsAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/Dlc/UpdateDlcCest.php b/tests/functional/Web/Dlc/UpdateDlcCest.php
@@ -24,7 +24,7 @@ public function _before(FunctionalTester $I): void
     public function updateDlcAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage(sprintf('/dlc/%s/update', SogPrairieFireDlcFixture::ID));
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function updateDlcAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/Mod/CreateDirectoryModCest.php b/tests/functional/Web/Mod/CreateDirectoryModCest.php
@@ -23,7 +23,7 @@ public function _before(FunctionalTester $I): void
     public function createDirectoryModAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage('/mod/create');
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function createDirectoryModAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/Mod/CreateSteamWorkshopModCest.php b/tests/functional/Web/Mod/CreateSteamWorkshopModCest.php
@@ -25,7 +25,7 @@ public function _before(FunctionalTester $I): void
     public function createSteamWorkshopModAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage('/mod/create');
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function createSteamWorkshopModAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/Mod/DeleteModCest.php b/tests/functional/Web/Mod/DeleteModCest.php
@@ -22,7 +22,7 @@ public function deleteModAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $id = ArmaForcesMedicalModFixture::ID;
         $I->amOnPage(sprintf('/mod/%s/delete', $id));
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
 
         $I->seeInRepository(AbstractMod::class, ['id' => $id]);
     }

diff --git a/tests/functional/Web/Mod/ListModsCest.php b/tests/functional/Web/Mod/ListModsCest.php
@@ -19,7 +19,7 @@ public function _before(FunctionalTester $I): void
     public function listModsAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage('/mod/list');
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function listModsAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/Mod/UpdateDirectoryModCest.php b/tests/functional/Web/Mod/UpdateDirectoryModCest.php
@@ -24,7 +24,7 @@ public function _before(FunctionalTester $I): void
     public function updateDirectoryModAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage(sprintf('/mod/%s/update', ArmaScriptProfilerModFixture::ID));
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function updateDirectoryModAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/Mod/UpdateSteamWorkshopModCest.php b/tests/functional/Web/Mod/UpdateSteamWorkshopModCest.php
@@ -26,7 +26,7 @@ public function _before(FunctionalTester $I): void
     public function updateSteamWorkshopModAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage(sprintf('/mod/%s/update', ArmaForcesMedicalModFixture::ID));
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function updateSteamWorkshopModAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/ModGroup/CreateModGroupCest.php b/tests/functional/Web/ModGroup/CreateModGroupCest.php
@@ -24,7 +24,7 @@ public function _before(FunctionalTester $I): void
     public function createModGroupAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage('/mod-group/create');
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function createModGroupAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/ModGroup/DeleteModGroupCest.php b/tests/functional/Web/ModGroup/DeleteModGroupCest.php
@@ -22,7 +22,7 @@ public function deleteModGroupAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $name = CupModGroupFixture::NAME;
         $I->amOnPage(sprintf('/mod-group/%s/delete', $name));
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
 
         $I->seeInRepository(ModGroup::class, ['name' => $name]);
     }

diff --git a/tests/functional/Web/ModGroup/ListModGroupsCest.php b/tests/functional/Web/ModGroup/ListModGroupsCest.php
@@ -19,7 +19,7 @@ public function _before(FunctionalTester $I): void
     public function listModGroupsAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage('/mod-group/list');
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function listModGroupsAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/ModGroup/UpdateModGroupCest.php b/tests/functional/Web/ModGroup/UpdateModGroupCest.php
@@ -28,7 +28,7 @@ public function _before(FunctionalTester $I): void
     public function updateModGroupAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage(sprintf('/mod-group/%s/update', RhsModGroupFixture::NAME));
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function updateModGroupAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/ModList/CopyModListCest.php b/tests/functional/Web/ModList/CopyModListCest.php
@@ -38,7 +38,7 @@ public function _before(FunctionalTester $I): void
     public function copyModListAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage(sprintf('/mod-list/%s/copy', RhsModListFixture::NAME));
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function copyModListAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/ModList/CreateModListCest.php b/tests/functional/Web/ModList/CreateModListCest.php
@@ -29,7 +29,7 @@ public function _before(FunctionalTester $I): void
     public function createModListAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage('/mod-list/create');
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function createModListAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/ModList/DeleteModListCest.php b/tests/functional/Web/ModList/DeleteModListCest.php
@@ -23,7 +23,7 @@ public function deleteModListAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $name = DefaultModListFixture::NAME;
         $I->amOnPage(sprintf('/mod-list/%s/delete', $name));
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
 
         $I->seeInRepository(ModList::class, ['name' => $name]);
     }

diff --git a/tests/functional/Web/ModList/ListModListsCest.php b/tests/functional/Web/ModList/ListModListsCest.php
@@ -20,7 +20,7 @@ public function _before(FunctionalTester $I): void
     public function listModListsAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage('/mod-list/list');
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function listModListsAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/ModList/UpdateModListCest.php b/tests/functional/Web/ModList/UpdateModListCest.php
@@ -39,7 +39,7 @@ public function _before(FunctionalTester $I): void
     public function updateModListAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage(sprintf('/mod-list/%s/update', RhsModListFixture::NAME));
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function updateModListAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/Security/ConnectCest.php b/tests/functional/Web/Security/ConnectCest.php
@@ -0,0 +1,30 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Functional\Web\Security;
+
+use App\DataFixtures\User\User1Fixture;
+use App\Tests\FunctionalTester;
+
+class ConnectCest
+{
+    public function _before(FunctionalTester $I): void
+    {
+        $I->stopFollowingRedirects();
+    }
+
+    public function logInAsUnauthenticatedUser(FunctionalTester $I): void
+    {
+        $I->amOnPage('/security/connect/discord');
+        $I->seeResponseRedirectsToDiscordOauth();
+    }
+
+    public function logInAsRegisteredUser(FunctionalTester $I): void
+    {
+        $I->amDiscordAuthenticatedAs(User1Fixture::ID);
+
+        $I->amOnPage('/security/connect/discord');
+        $I->seeResponseRedirectsTo('/');
+    }
+}
diff --git a/tests/functional/Web/Security/LogoutCest.php b/tests/functional/Web/Security/LogoutCest.php
@@ -0,0 +1,32 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Functional\Web\Security;
+
+use App\DataFixtures\User\User1Fixture;
+use App\Tests\FunctionalTester;
+
+class LogoutCest
+{
+    public function _before(FunctionalTester $I): void
+    {
+        $I->stopFollowingRedirects();
+    }
+
+    public function logOutAsUnauthenticatedUser(FunctionalTester $I): void
+    {
+        $I->amOnPage('/security/logout');
+        $I->seeResponseRedirectsTo('http://localhost/');
+    }
+
+    public function logOutAsRegisteredUser(FunctionalTester $I): void
+    {
+        $I->amDiscordAuthenticatedAs(User1Fixture::ID);
+
+        $I->amOnPage('/security/logout');
+        $I->seeResponseRedirectsTo('http://localhost/');
+
+        $I->dontSeeAuthentication();
+    }
+}
diff --git a/tests/functional/Web/User/DeleteUserCest.php b/tests/functional/Web/User/DeleteUserCest.php
@@ -21,7 +21,7 @@ public function deleteUserAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $id = User2Fixture::ID;
         $I->amOnPage(sprintf('/user/%s/delete', $id));
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
 
         $I->seeInRepository(User::class, ['id' => $id]);
     }

diff --git a/tests/functional/Web/User/ListUsersCest.php b/tests/functional/Web/User/ListUsersCest.php
@@ -19,7 +19,7 @@ public function _before(FunctionalTester $I): void
     public function listUsersAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage('/user/list');
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function listUsersAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/User/UpdateUserCest.php b/tests/functional/Web/User/UpdateUserCest.php
@@ -22,7 +22,7 @@ public function _before(FunctionalTester $I): void
     public function updateUserAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage(sprintf('/user/%s/update', User2Fixture::ID));
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function updateUserAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/UserGroup/CreateUserGroupCest.php b/tests/functional/Web/UserGroup/CreateUserGroupCest.php
@@ -25,7 +25,7 @@ public function _before(FunctionalTester $I): void
     public function createUserGroupAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage('/user-group/create');
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function createUserGroupAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/UserGroup/DeleteUserGroupCest.php b/tests/functional/Web/UserGroup/DeleteUserGroupCest.php
@@ -22,7 +22,7 @@ public function deleteUserGroupAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $name = UsersGroupFixture::NAME;
         $I->amOnPage(sprintf('/user-group/%s/delete', $name));
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
 
         $I->seeInRepository(UserGroup::class, ['name' => $name]);
     }

diff --git a/tests/functional/Web/UserGroup/ListUserGroupsCest.php b/tests/functional/Web/UserGroup/ListUserGroupsCest.php
@@ -19,7 +19,7 @@ public function _before(FunctionalTester $I): void
     public function listUserGroupsAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage('/user-group/list');
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function listUserGroupsAsUnauthorizedUser(FunctionalTester $I): void

diff --git a/tests/functional/Web/UserGroup/UpdateUserGroupCest.php b/tests/functional/Web/UserGroup/UpdateUserGroupCest.php
@@ -26,7 +26,7 @@ public function _before(FunctionalTester $I): void
     public function updateUserGroupAsUnauthenticatedUser(FunctionalTester $I): void
     {
         $I->amOnPage(sprintf('/user-group/%s/update', UsersGroupFixture::NAME));
-        $I->seeResponseRedirectsToDiscordAuth();
+        $I->seeResponseRedirectsToLogInAction();
     }
 
     public function updateUserGroupAsUnauthorizedUser(FunctionalTester $I): void