SubadminMiddlewareTest.php 3.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104
  1. <?php
  2. /**
  3. * SPDX-FileCopyrightText: 2019-2024 Nextcloud GmbH and Nextcloud contributors
  4. * SPDX-FileCopyrightText: 2014 ownCloud, Inc.
  5. * SPDX-License-Identifier: AGPL-3.0-or-later
  6. */
  7. namespace OCA\Settings\Tests\Middleware;
  8. use OC\AppFramework\Middleware\Security\Exceptions\NotAdminException;
  9. use OC\AppFramework\Utility\ControllerMethodReflector;
  10. use OCA\Settings\Middleware\SubadminMiddleware;
  11. use OCP\AppFramework\Controller;
  12. use OCP\AppFramework\Http\TemplateResponse;
  13. use OCP\IL10N;
  14. /**
  15. * Verifies whether an user has at least subadmin rights.
  16. * To bypass use the `@NoSubAdminRequired` annotation
  17. *
  18. * @package Tests\Settings\Middleware
  19. */
  20. class SubadminMiddlewareTest extends \Test\TestCase {
  21. /** @var SubadminMiddleware */
  22. private $subadminMiddlewareAsSubAdmin;
  23. /** @var SubadminMiddleware */
  24. private $subadminMiddleware;
  25. /** @var ControllerMethodReflector */
  26. private $reflector;
  27. /** @var Controller */
  28. private $controller;
  29. /** @var IL10N */
  30. private $l10n;
  31. protected function setUp(): void {
  32. parent::setUp();
  33. $this->reflector = $this->getMockBuilder(ControllerMethodReflector::class)
  34. ->disableOriginalConstructor()->getMock();
  35. $this->controller = $this->getMockBuilder(Controller::class)
  36. ->disableOriginalConstructor()->getMock();
  37. $this->l10n = $this->createMock(IL10N::class);
  38. $this->subadminMiddlewareAsSubAdmin = new SubadminMiddleware($this->reflector, true, $this->l10n);
  39. $this->subadminMiddleware = new SubadminMiddleware($this->reflector, false, $this->l10n);
  40. }
  41. public function testBeforeControllerAsUserWithExemption() {
  42. $this->expectException(\OC\AppFramework\Middleware\Security\Exceptions\NotAdminException::class);
  43. $this->reflector
  44. ->expects($this->exactly(2))
  45. ->method('hasAnnotation')
  46. ->withConsecutive(
  47. ['NoSubAdminRequired'],
  48. ['AuthorizedAdminSetting'],
  49. )->willReturn(false);
  50. $this->subadminMiddleware->beforeController($this->controller, 'foo');
  51. }
  52. public function testBeforeControllerAsUserWithoutExemption() {
  53. $this->reflector
  54. ->expects($this->once())
  55. ->method('hasAnnotation')
  56. ->with('NoSubAdminRequired')
  57. ->willReturn(true);
  58. $this->subadminMiddleware->beforeController($this->controller, 'foo');
  59. }
  60. public function testBeforeControllerAsSubAdminWithoutExemption() {
  61. $this->reflector
  62. ->expects($this->exactly(2))
  63. ->method('hasAnnotation')
  64. ->withConsecutive(
  65. ['NoSubAdminRequired'],
  66. ['AuthorizedAdminSetting'],
  67. )->willReturn(false);
  68. $this->subadminMiddlewareAsSubAdmin->beforeController($this->controller, 'foo');
  69. }
  70. public function testBeforeControllerAsSubAdminWithExemption() {
  71. $this->reflector
  72. ->expects($this->once())
  73. ->method('hasAnnotation')
  74. ->with('NoSubAdminRequired')
  75. ->willReturn(true);
  76. $this->subadminMiddlewareAsSubAdmin->beforeController($this->controller, 'foo');
  77. }
  78. public function testAfterNotAdminException() {
  79. $expectedResponse = new TemplateResponse('core', '403', [], 'guest');
  80. $expectedResponse->setStatus(403);
  81. $this->assertEquals($expectedResponse, $this->subadminMiddleware->afterException($this->controller, 'foo', new NotAdminException('')));
  82. }
  83. public function testAfterRegularException() {
  84. $this->expectException(\Exception::class);
  85. $expectedResponse = new TemplateResponse('core', '403', [], 'guest');
  86. $expectedResponse->setStatus(403);
  87. $this->subadminMiddleware->afterException($this->controller, 'foo', new \Exception());
  88. }
  89. }