composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/support/3.0' into develop

Browse Source 
# Conflicts:
#	application/loginwebpage.class.inc.php
#	composer.json
#	lib/composer/installed.json
#	lib/guzzlehttp/psr7/.github/workflows/ci.yml
#	lib/guzzlehttp/psr7/.github/workflows/integration.yml
#	lib/guzzlehttp/psr7/.github/workflows/static.yml
#	lib/guzzlehttp/psr7/CHANGELOG.md
#	lib/guzzlehttp/psr7/composer.json
#	lib/guzzlehttp/psr7/src/MessageTrait.php
#	tests/php-unit-tests/ItopDataTestCase.php
This commit is contained in:
Eric Espie
2023-06-07 17:45:50 +02:00
parent 120b8b55ed 0fbd41a884
commit 62ed5adbc5
12 changed files with 399 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

257
tests/php-unit-tests/unitary-tests/webservices/CliResetSessionTest.php Normal file
View File

@@ -0,0 +1,257 @@
<?php
namespace Combodo\iTop\Test\UnitTest\Webservices;
use Combodo\iTop\Test\UnitTest\ItopDataTestCase;
use Config;
use Exception;
use MetaModel;
/**
* @runTestsInSeparateProcesses
* @preserveGlobalState disabled
* @backupGlobals disabled
*/
class CliResetSessionTest extends ItopDataTestCase
{
const USE_TRANSACTION = false;
private $sCookieFile = "";
private $sUrl;
private $sLogin;
private $sUserId;
private $sPassword = "Iuytrez9876543ç_è-(";
protected $sConfigTmpBackupFile;
/**
* @throws Exception
*/
protected function setUp(): void
{
parent::setUp();
$this->sConfigTmpBackupFile = tempnam(sys_get_temp_dir(), "config_");
MetaModel::GetConfig()->WriteToFile($this->sConfigTmpBackupFile);
$this->sLogin = "rest-user-".date('dmYHis');
$this->CreateTestOrganization();
$this->sCookieFile = tempnam(sys_get_temp_dir(), 'jsondata_');
$this->sUrl = \MetaModel::GetConfig()->Get('app_root_url');
$oRestProfile = \MetaModel::GetObjectFromOQL("SELECT URP_Profiles WHERE name = :name", array('name' => 'REST Services User'), true);
$oAdminProfile = \MetaModel::GetObjectFromOQL("SELECT URP_Profiles WHERE name = :name", array('name' => 'Administrator'), true);
if (is_object($oRestProfile) && is_object($oAdminProfile)) {
$oUser = $this->CreateUser($this->sLogin, $oRestProfile->GetKey(), $this->sPassword);
$this->sUserId = $oUser->GetKey();
$this->AddProfileToUser($oUser, $oAdminProfile->GetKey());
}
}
protected function tearDown(): void {
parent::tearDown();
if (! is_null($this->sConfigTmpBackupFile) && is_file($this->sConfigTmpBackupFile)){
//put config back
$sConfigPath = MetaModel::GetConfig()->GetLoadedFile();
@chmod($sConfigPath, 0770);
$oConfig = new Config($this->sConfigTmpBackupFile);
$oConfig->WriteToFile($sConfigPath);
@chmod($sConfigPath, 0440);
unlink($this->sConfigTmpBackupFile);
}
if (!empty($this->sCookieFile)) {
unlink($this->sCookieFile);
}
}
protected function AddLoginMode($sLoginMode){
@chmod(MetaModel::GetConfig()->GetLoadedFile(), 0770);
$aAllowedLoginTypes = MetaModel::GetConfig()->GetAllowedLoginTypes();
if (! in_array($sLoginMode, $aAllowedLoginTypes)){
$aAllowedLoginTypes[] = $sLoginMode;
MetaModel::GetConfig()->SetAllowedLoginTypes($aAllowedLoginTypes);
MetaModel::GetConfig()->WriteToFile();
}
@chmod(MetaModel::GetConfig()->GetLoadedFile(), 0440);
}
protected function SetLoginModes($aAllowedLoginTypes){
@chmod(MetaModel::GetConfig()->GetLoadedFile(), 0770);
MetaModel::GetConfig()->SetAllowedLoginTypes($aAllowedLoginTypes);
MetaModel::GetConfig()->WriteToFile();
@chmod(MetaModel::GetConfig()->GetLoadedFile(), 0440);
}
public function RestProvider(){
return [
'nominal / no login_mode forced' => [
'sConfiguredLoginModes' => 'form|external|basic',
'sForcedLoginMode' => null,
],
'nominal / form forced' => [
'sConfiguredLoginModes' => 'form|external|basic',
'sForcedLoginMode' => 'form',
],
'nominal / external forced' => [
'sConfiguredLoginModes' => 'form|external|basic',
'sForcedLoginMode' => 'external',
],
'nominal / basic forced' => [
'sConfiguredLoginModes' => 'form|external|basic',
'sForcedLoginMode' => 'basic',
],
'nominal / url forced' => [
'sConfiguredLoginModes' => 'form|external|basic|url',
'sForcedLoginMode' => 'url',
],
'nominal / cas forced' => [
'sConfiguredLoginModes' => 'form|external|basic|cas',
'sForcedLoginMode' => 'cas',
],
];
}
/**
* @dataProvider RestProvider
* @param $aLoginModes
* @param $sForcedLoginMode
*
* @return void
*/
public function testRest($sConfiguredLoginModes=null, $sForcedLoginMode=null, $sExpectedFailHttpCode="200"){
if (! is_null($sConfiguredLoginModes)){
$this->SetLoginModes(explode('|', $sConfiguredLoginModes));
}
$sJsonGetContent = <<<JSON
{
"operation": "core/get",
"class": "User",
"key": $this->sUserId,
"output_fields": "id"
}
JSON;
$aPostFields = [
'version' => '1.2',
'auth_user' => $this->sLogin,
'auth_pwd' => $this->sPassword,
'json_data' => $sJsonGetContent,
];
list($iHttpCode, $sJson) = $this->CallRestApi($aPostFields);
$this->assertEquals(200, $iHttpCode);
$aJson = json_decode($sJson, true);
$this->assertTrue(is_array($aJson), $sJson);
$this->assertEquals("0", $aJson['code'], $sJson);
//2nd call to REST API made with previous session cookie
//no need to pass auth_user/auth_pwd
$aPostFields = [
'version' => '1.2',
'json_data' => $sJsonGetContent,
];
list($iHttpCode, $sJson) = $this->CallRestApi($aPostFields, $sForcedLoginMode);
$this->debug($sJson);
$this->assertEquals($sExpectedFailHttpCode, $iHttpCode);
if ($iHttpCode === "200") {
$this->assertEquals('{"code":1,"message":"Error: Invalid login"}', $sJson);
}
}
public function OtherCliProvider(){
return [
'import' => [ 'webservices/import.php' ],
'synchro_exec' => [ 'synchro/synchro_exec.php' ],
'synchro_import' => [ 'synchro/synchro_import.php' ],
];
}
/**
* @dataProvider OtherCliProvider
*/
public function testImport($sUri){
$sJsonGetContent = <<<JSON
{
"operation": "core/get",
"class": "User",
"key": $this->sUserId,
"output_fields": "id"
}
JSON;
$aPostFields = [
'version' => '1.2',
'auth_user' => $this->sLogin,
'auth_pwd' => $this->sPassword,
'json_data' => $sJsonGetContent,
];
list($iHttpCode, $sOutput) = $this->CallRestApi($aPostFields);
$this->assertEquals(200, $iHttpCode);
$aJson = json_decode($sOutput, true);
$this->assertTrue(is_array($aJson), $sOutput);
$this->assertEquals("0", $aJson['code'], $sOutput);
//2nd call to REST API made with previous session cookie
//no need to pass auth_user/auth_pwd
$aPostFields = [
'version' => '1.2',
'json_data' => $sJsonGetContent,
];
list($iHttpCode, $sOutput) = $this->CallRestApi($aPostFields, null, $sUri);
$this->debug($sOutput);
$this->assertEquals("200", $iHttpCode);
$this->assertContains("Invalid login", $sOutput);
}
/**
* @param $aPostFields
*
* @return array($iHttpCode, $sBody)
*/
private function CallRestApi($aPostFields, $sForcedLoginMode=null, $sUri='webservices/rest.php'): array {
$ch = curl_init();
curl_setopt ($ch, CURLOPT_COOKIEJAR, $this->sCookieFile);
curl_setopt ($ch, CURLOPT_COOKIEFILE, $this->sCookieFile);
$sUrl = "$this->sUrl/$sUri";
if (!is_null($sForcedLoginMode)){
$sUrl .= "?login_mode=$sForcedLoginMode";
}
curl_setopt($ch, CURLOPT_URL, $sUrl);
curl_setopt($ch, CURLOPT_POST, 1);// set post data to true
curl_setopt($ch, CURLOPT_POSTFIELDS, $aPostFields);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
// Force disable of certificate check as most of dev / test env have a self-signed certificate
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$sResponse = curl_exec($ch);
/** $sResponse example
* "HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 05:00:40 GMT
Server: Apache/2.4.29 (Ubuntu)
Set-Cookie: itop-2e83d2e9b00e354fdc528621cac532ac=q7ldcjq0rvbn33ccr9q8u8e953; path=/
*/
//var_dump($sResponse);
$iHeaderSize = curl_getinfo($ch,CURLINFO_HEADER_SIZE);
$sBody = substr($sResponse, $iHeaderSize);
//$iHttpCode = intval(curl_getinfo($ch, CURLINFO_HTTP_CODE));
if (preg_match('/HTTP.* (\d*) /', $sResponse, $aMatches)){
$sHttpCode = $aMatches[1];
} else {
$sHttpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
}
curl_close ($ch);
return array($sHttpCode, $sBody);
}
}