admin/crm_ecosplay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
911a92ce88626a860061f35d42b4bec079b0b74d
crm_ecosplay/tests/Controller/MainControllersTest.php
Serreau Jovann 911a92ce88 refactor: sécurité Discord webhook, tests 100% coverage, factorisation templates PDF et DNS 
Sécurité - Discord Webhook :
- Suppression de l'URL Discord webhook en dur dans CheckDnsCommand (ligne 34)
- Ajout de la variable d'environnement DISCORD_WEBHOOK dans .env (vide par défaut)
- Injection via #[Autowire(env: 'DISCORD_WEBHOOK')] dans le constructeur
- Vérification que le webhook est configuré avant envoi ('' !== $this->discordWebhook)
- Remplacement de l'URL en dur dans discord-notify.yml par ${{ secrets.DISCORD_WEBHOOK }}

Factorisation DNS (suppression duplication SonarQube) :
- Création de src/Service/DnsInfraHelper.php avec les méthodes partagées :
  enrichWithCloudflare, enrichLastCheck, loadCloudflareRecords, getActualDnsValue,
  getMxValues, getFirstTxtValue, getSrvValue, checkMxExists, checkTxtContains,
  checkDnsRecordExists, getTxtSpfValue
- Constantes DOMAINS et EXPECTED_MX centralisées dans DnsInfraHelper
- Refactorisation de CheckDnsCommand pour utiliser DnsInfraHelper au lieu des
  méthodes privées dupliquées (enrichWithCloudflare, enrichLastCheck, etc.)
- Refactorisation de DnsReportController pour utiliser DnsInfraHelper au lieu
  des méthodes privées dupliquées (enrichWithCloudflare, enrichLastCheck, etc.)

Factorisation templates PDF (suppression duplication lignes 6-22) :
- Création de templates/pdf/_base.html.twig comme layout commun avec :
  CSS partagé (banner, container, info-grid, verify-box, hmac, contact-box, data tables),
  blocs Twig configurables (title, font_size, extra_styles, content, verify_box,
  hmac_section, footer_contact, signature_box, footer_legal)
- Refactorisation de rgpd_access.html.twig : extends _base, accent #4338ca,
  bloc content avec sessions/events, styles session-meta et no-data
- Refactorisation de rgpd_deletion.html.twig : extends _base, accent #dc2626,
  font 11px, bloc content avec attestation-box et warning
- Refactorisation de rgpd_no_data.html.twig : extends _base, accent #fabf04/#111827,
  font 11px, bloc content avec attestation absence
- Refactorisation de admin/logs/pdf.html.twig : extends _base, accent #4338ca,
  bloc content avec tables utilisateur/requête et HMAC verification box,
  suppression du bloc signature, footer légal avec Siret/TVA

Tests - Couverture 100% (469 tests, 857 assertions, 0 failures) :

AnalyticsControllerTest (8 tests) :
- testTrackInvalidToken : token incorrect retourne 404
- testTrackEmptyPayload : payload sans clé 'd' retourne 400
- testTrackInvalidEncryptedData : données chiffrées invalides retourne 403
- testTrackNewVisitorCreation : création visiteur avec screen/language/UA, retourne uid+hash
- testTrackPageViewWithValidHash : page view avec uid/hash valides retourne 204
- testTrackSetUserWithValidHash : setUser avec uid/hash valides retourne 204
- testTrackWithInvalidHash : hash incorrect retourne 403
- testTrackWithMissingHash : hash absent retourne 403

AttestationControllerTest (8 tests) :
- testVerifyNotFound : référence inconnue retourne 200 (template not_found)
- testVerifyFound : attestation trouvée retourne 200 (template verify)
- testDownloadNotFound : référence inconnue lance NotFoundHttpException
- testDownloadNoPdf : attestation sans PDF lance NotFoundHttpException
- testDownloadWithPdf : attestation avec PDF signé retourne BinaryFileResponse 200
- testAuditNotFound : référence inconnue lance NotFoundHttpException
- testAuditNoCertificate : attestation sans certificat lance NotFoundHttpException
- testAuditWithCertificate : attestation avec certificat retourne BinaryFileResponse 200

CspReportControllerTest (13 tests) :
- testGetReturns204 : GET /my-csp-report retourne 204
- testReportEmptyPayload : payload vide retourne 400
- testReportInvalidJson : JSON invalide retourne 400
- testReportIgnoredExtension : chrome-extension ignoré, retourne 204
- testReportIgnoredMozExtension : moz-extension ignoré, retourne 204
- testReportIgnoredLocalhost : localhost ignoré, retourne 204
- testReportIgnoredLocalDomain : .local ignoré, retourne 204
- testReportIgnoredWasmEval : wasm-eval ignoré, retourne 204
- testReportIgnoredAboutBlank : about:blank ignoré, retourne 204
- testReportIgnoredNodeModulesInline : node_modules inline ignoré, retourne 204
- testReportRealViolationSendsEmail : violation réelle envoie email, retourne 204
- testReportRealViolationEmailFailure : échec email ne bloque pas, retourne 204
- testReportWithoutCspReportWrapper : payload sans wrapper csp-report fonctionne

EmailTrackingControllerTest (10 tests) :
- testTrackWithExistingTracking : tracking trouvé, markAsOpened appelé, état 'opened'
- testTrackWithNonExistingTracking : tracking absent, retourne image sans erreur
- testViewNotFound : messageId inconnu lance NotFoundHttpException
- testViewNoHtmlBody : tracking sans htmlBody lance NotFoundHttpException
- testViewWithHtmlBody : retourne HTML du tracking
- testViewWithAttachments : retourne HTML avec section pièces jointes
- testAttachmentNotFoundEmail : email inconnu lance NotFoundHttpException
- testAttachmentIndexNotFound : index absent lance NotFoundHttpException
- testAttachmentFileNotExists : fichier supprimé lance NotFoundHttpException
- testAttachmentSuccess : téléchargement pièce jointe retourne BinaryFileResponse

StatsControllerTest (4 tests) :
- testIndexCurrentPeriod : période 'current', dates du mois en cours
- testIndexCustomPeriod : période 'custom' avec from/to explicites
- testIndexMonthsPeriod : période '3', dateFrom = -3 mois
- testIndexDefaultPeriod : pas de paramètre, défaut 'current'

StatusControllerTest (20 tests) :
- testIndexEmpty : catégories vides retourne 200
- testIndexWithServices : catégorie avec service, appel getHistoryForDays/getDailyStatus
- testManage : page gestion retourne 200
- testCategoryCreateEmptyName : nom vide redirige avec flash error
- testCategoryCreateSuccess : création catégorie avec position redirige avec flash success
- testCategoryDelete : suppression catégorie redirige avec flash success
- testServiceCreateEmptyName : nom vide redirige avec flash error
- testServiceCreateCategoryNotFound : catégorie inexistante redirige avec flash error
- testServiceCreateSuccess : création service avec URL redirige avec flash success
- testServiceCreateWithExternalType : création service externe avec type http_check
- testServiceDelete : suppression service redirige avec flash success
- testUpdateValidStatus : statut 'down' avec message, setStatus appelé
- testUpdateInvalidStatus : statut invalide redirige avec flash error
- testUpdateStatusWithEmptyMessage : statut 'up' sans message (null passé)
- testMessageCreateEmptyFields : champs vides redirige avec flash error
- testMessageCreateServiceNotFound : service inexistant redirige avec flash error
- testMessageCreateSuccessNoUser : message créé sans utilisateur connecté
- testMessageCreateSuccessWithUser : message créé avec User injecté via tokenStorage
- testMessageResolve : message résolu, isActive=false, resolvedAt non null
- testApiDaily : retourne JsonResponse avec données getDailyStatus

SyncControllerTest (14 tests) :
- testIndexWithMixedPrices : prix avec/sans stripeId, compteurs stripeSynced/stripeNotSynced
- testSyncCustomersSuccess : indexation 1 client dans Meilisearch
- testSyncCustomersError : exception findAll, flash error
- testSyncRevendeursSuccess : indexation 1 revendeur dans Meilisearch
- testSyncRevendeursError : exception findAll, flash error
- testSyncPricesSuccess : indexation 1 tarif dans Meilisearch
- testSyncPricesError : exception findAll, flash error
- testSyncStripeWebhooksEmptyUrl : WEBHOOK_BASE_URL vide, flash error
- testSyncStripeWebhooksCreatedNew : webhook créé + webhook existant, persist nouveau secret
- testSyncStripeWebhooksUpdateExisting : mise à jour secret existant + erreurs Stripe
- testSyncStripePricesNoErrors : sync sans erreurs, flash success
- testSyncStripePricesWithErrors : sync avec erreurs, flash success + flash errors
- testSyncAllSuccess : sync all avec données, flash success
- testSyncAllError : exception setupIndexes, flash error

ServiceMessageTest (3 tests) :
- testConstructorDefaults : valeurs par défaut (info, active, null author/resolvedAt)
- testConstructorWithSeverityAndAuthor : severity custom + User author
- testResolve : isActive=false, resolvedAt DateTimeImmutable, fluent return

StripeWebhookSecretTest (4 tests) :
- testConstructorDefaults : type/secret, endpointId null, createdAt DateTimeImmutable
- testConstructorWithEndpointId : constructeur avec 3 arguments
- testSetSecret : modification du secret
- testSetEndpointId : set/unset endpointId (nullable)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-03 00:42:07 +02:00

305 lines
12 KiB
PHP
Raw Blame History

<?php
namespace App\Tests\Controller;
use App\Controller\ForgotPasswordController;
use App\Controller\HomeController;
use App\Controller\KeycloakController;
use App\Controller\SecurityController;
use App\Controller\SetPasswordController;
use App\Entity\User;
use App\Repository\UserRepository;
use App\Service\MailerService;
use Doctrine\ORM\EntityManagerInterface;
use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
use KnpU\OAuth2ClientBundle\Client\OAuth2ClientInterface;
use PHPUnit\Framework\TestCase;
use Psr\Container\ContainerInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage;
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Twig\Environment;
class MainControllersTest extends TestCase
{
private function createContainer(array $services = []): ContainerInterface
{
$container = $this->createStub(ContainerInterface::class);
$container->method('has')->willReturnCallback(fn($id) => isset($services[$id]));
$container->method('get')->willReturnCallback(fn($id) => $services[$id] ?? null);
return $container;
}
private function setupController($controller, array $services = []): void
{
$session = new Session(new MockArraySessionStorage());
$stack = $this->createStub(RequestStack::class);
$stack->method('getSession')->willReturn($session);
$router = $this->createStub(RouterInterface::class);
$router->method('generate')->willReturn('/redirect-url');
$defaultServices = [
'twig' => $this->createStub(Environment::class),
'router' => $router,
'security.authorization_checker' => $this->createStub(AuthorizationCheckerInterface::class),
'security.token_storage' => $this->createStub(TokenStorageInterface::class),
'request_stack' => $stack,
'parameter_bag' => $this->createStub(\Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface::class),
];
$controller->setContainer($this->createContainer(array_merge($defaultServices, $services)));
}
public function testSecurityLogout(): void
{
$controller = new SecurityController();
$this->expectException(\LogicException::class);
$controller->logout();
}
public function testKeycloakConnect(): void
{
$client = $this->createStub(OAuth2ClientInterface::class);
$client->method('redirect')->willReturn(new \Symfony\Component\HttpFoundation\RedirectResponse('http://k'));
$registry = $this->createStub(ClientRegistry::class);
$registry->method('getClient')->willReturn($client);
$controller = new KeycloakController();
$this->assertSame('http://k', $controller->connect($registry)->getTargetUrl());
}
public function testKeycloakCheck(): void
{
$controller = new KeycloakController();
$this->assertSame(200, $controller->check()->getStatusCode());
}
public function testHomeIndexNoUser(): void
{
$controller = new HomeController();
$this->setupController($controller);
$this->assertSame(200, $controller->index()->getStatusCode());
}
public function testHomeIndexWithEmploye(): void
{
$user = new User();
$user->setEmail('admin@test.com');
$user->setFirstName('A');
$user->setLastName('B');
$user->setPassword('h');
$user->setRoles(['ROLE_EMPLOYE']);
$token = $this->createStub(\Symfony\Component\Security\Core\Authentication\Token\TokenInterface::class);
$token->method('getUser')->willReturn($user);
$tokenStorage = $this->createStub(TokenStorageInterface::class);
$tokenStorage->method('getToken')->willReturn($token);
$authChecker = $this->createStub(AuthorizationCheckerInterface::class);
$authChecker->method('isGranted')->willReturnCallback(fn ($role) => \in_array($role, ['ROLE_EMPLOYE', 'ROLE_USER'], true));
$controller = new HomeController();
$this->setupController($controller, [
'security.token_storage' => $tokenStorage,
'security.authorization_checker' => $authChecker,
]);
$response = $controller->index();
$this->assertSame(302, $response->getStatusCode());
}
public function testHomeIndexWithUserNoSpecificRole(): void
{
$user = new User();
$user->setEmail('u@t.com');
$user->setFirstName('U');
$user->setLastName('T');
$user->setPassword('h');
$token = $this->createStub(\Symfony\Component\Security\Core\Authentication\Token\TokenInterface::class);
$token->method('getUser')->willReturn($user);
$tokenStorage = $this->createStub(TokenStorageInterface::class);
$tokenStorage->method('getToken')->willReturn($token);
$authChecker = $this->createStub(AuthorizationCheckerInterface::class);
$authChecker->method('isGranted')->willReturn(false);
$controller = new HomeController();
$this->setupController($controller, [
'security.token_storage' => $tokenStorage,
'security.authorization_checker' => $authChecker,
]);
$response = $controller->index();
$this->assertSame(302, $response->getStatusCode());
}
public function testHomeIndexWithCustomer(): void
{
$user = new User();
$user->setEmail('c@test.com');
$user->setFirstName('C');
$user->setLastName('D');
$user->setPassword('h');
$user->setRoles(['ROLE_CUSTOMER']);
$token = $this->createStub(\Symfony\Component\Security\Core\Authentication\Token\TokenInterface::class);
$token->method('getUser')->willReturn($user);
$tokenStorage = $this->createStub(TokenStorageInterface::class);
$tokenStorage->method('getToken')->willReturn($token);
$authChecker = $this->createStub(AuthorizationCheckerInterface::class);
$authChecker->method('isGranted')->willReturnCallback(fn ($role) => \in_array($role, ['ROLE_CUSTOMER', 'ROLE_USER'], true));
$controller = new HomeController();
$this->setupController($controller, [
'security.token_storage' => $tokenStorage,
'security.authorization_checker' => $authChecker,
]);
$response = $controller->index();
$this->assertSame(302, $response->getStatusCode());
}
public function testSetPasswordSuccess(): void
{
$user = new User();
$repo = $this->createStub(UserRepository::class);
$repo->method('findOneBy')->willReturn($user);
$hasher = $this->createStub(UserPasswordHasherInterface::class);
$em = $this->createMock(EntityManagerInterface::class);
$em->expects($this->once())->method('flush');
$controller = new SetPasswordController();
$this->setupController($controller);
$request = new Request([], ['password' => 'newpassword8', 'password_confirm' => 'newpassword8']);
$request->setMethod('POST');
$response = $controller->index('token', $request, $repo, $hasher, $em);
$this->assertSame(302, $response->getStatusCode());
}
public function testForgotPasswordFullFlow(): void
{
$user = new User();
$repo = $this->createStub(UserRepository::class);
$repo->method('findOneBy')->willReturn($user);
$mailer = $this->createMock(MailerService::class);
$em = $this->createMock(EntityManagerInterface::class);
$hasher = $this->createStub(UserPasswordHasherInterface::class);
$twig = $this->createStub(Environment::class);
$controller = new ForgotPasswordController();
$this->setupController($controller, ['twig' => $twig]);
// 1. GET
$request = new Request();
$session = new Session(new MockArraySessionStorage());
$request->setSession($session);
$response = $controller->index($request, $repo, $mailer, $em, $hasher, $twig);
$this->assertSame(200, $response->getStatusCode());
// 2. POST send_code
$request = new Request([], ['action' => 'send_code', 'email' => 't@t.com']);
$request->setMethod('POST');
$request->setSession($session);
$mailer->expects($this->exactly(2))->method('sendEmail');
$response = $controller->index($request, $repo, $mailer, $em, $hasher, $twig);
$this->assertSame(200, $response->getStatusCode());
$code = $session->get('reset_code');
// 3. POST reset
$request = new Request([], ['action' => 'reset', 'code' => $code, 'password' => 'newpassword8']);
$request->setMethod('POST');
$request->setSession($session);
$em->expects($this->once())->method('flush');
$response = $controller->index($request, $repo, $mailer, $em, $hasher, $twig);
$this->assertSame(302, $response->getStatusCode());
}
public function testForgotPasswordExpiredCode(): void
{
$repo = $this->createStub(UserRepository::class);
$mailer = $this->createStub(MailerService::class);
$em = $this->createStub(EntityManagerInterface::class);
$hasher = $this->createStub(UserPasswordHasherInterface::class);
$twig = $this->createStub(Environment::class);
$controller = new ForgotPasswordController();
$this->setupController($controller, ['twig' => $twig]);
$session = new Session(new MockArraySessionStorage());
$session->set('reset_code', 'abc123');
$session->set('reset_email', 't@t.com');
$session->set('reset_expires', time() - 100);
$request = new Request([], ['action' => 'reset', 'code' => 'abc123', 'password' => 'newpassword8']);
$request->setMethod('POST');
$request->setSession($session);
$response = $controller->index($request, $repo, $mailer, $em, $hasher, $twig);
$this->assertSame(200, $response->getStatusCode());
}
public function testForgotPasswordWrongCode(): void
{
$repo = $this->createStub(UserRepository::class);
$mailer = $this->createStub(MailerService::class);
$em = $this->createStub(EntityManagerInterface::class);
$hasher = $this->createStub(UserPasswordHasherInterface::class);
$twig = $this->createStub(Environment::class);
$controller = new ForgotPasswordController();
$this->setupController($controller, ['twig' => $twig]);
$session = new Session(new MockArraySessionStorage());
$session->set('reset_code', 'correct');
$session->set('reset_email', 't@t.com');
$session->set('reset_expires', time() + 600);
$request = new Request([], ['action' => 'reset', 'code' => 'wrong', 'password' => 'newpassword8']);
$request->setMethod('POST');
$request->setSession($session);
$response = $controller->index($request, $repo, $mailer, $em, $hasher, $twig);
$this->assertSame(200, $response->getStatusCode());
}
public function testForgotPasswordShortPassword(): void
{
$repo = $this->createStub(UserRepository::class);
$mailer = $this->createStub(MailerService::class);
$em = $this->createStub(EntityManagerInterface::class);
$hasher = $this->createStub(UserPasswordHasherInterface::class);
$twig = $this->createStub(Environment::class);
$controller = new ForgotPasswordController();
$this->setupController($controller, ['twig' => $twig]);
$session = new Session(new MockArraySessionStorage());
$session->set('reset_code', 'abc123');
$session->set('reset_email', 't@t.com');
$session->set('reset_expires', time() + 600);
$request = new Request([], ['action' => 'reset', 'code' => 'abc123', 'password' => 'short']);
$request->setMethod('POST');
$request->setSession($session);
$response = $controller->index($request, $repo, $mailer, $em, $hasher, $twig);
$this->assertSame(200, $response->getStatusCode());
}
}
Reference in New Issue View Git Blame Copy Permalink