120 lines
4.3 KiB
PHP
120 lines
4.3 KiB
PHP
|
<?php
|
||
|
|
|
||
|
|
namespace App\Tests\Security;
|
||
|
|
|
||
|
|
use App\Entity\Account;
|
||
|
|
use App\Entity\Customer;
|
||
|
|
use App\Security\AuthenticationEntryPoint;
|
||
|
|
use PHPUnit\Framework\Attributes\AllowMockObjectsWithoutExpectations;
|
||
|
|
use PHPUnit\Framework\TestCase;
|
||
|
|
use Symfony\Component\HttpFoundation\JsonResponse;
|
||
|
|
use Symfony\Component\HttpFoundation\RedirectResponse;
|
||
|
|
use Symfony\Component\HttpFoundation\Request;
|
||
|
|
use Symfony\Component\HttpFoundation\Response;
|
||
|
|
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
|
||
|
|
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
|
||
|
|
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||
|
|
|
||
|
|
#[AllowMockObjectsWithoutExpectations]
|
||
|
|
class AuthenticationEntryPointTest extends TestCase
|
||
|
|
{
|
||
|
|
private $urlGenerator;
|
||
|
|
private $tokenStorage;
|
||
|
|
private $entryPoint;
|
||
|
|
|
||
|
|
protected function setUp(): void
|
||
|
|
{
|
||
|
|
$this->urlGenerator = $this->createMock(UrlGeneratorInterface::class);
|
||
|
|
$this->tokenStorage = $this->createMock(TokenStorageInterface::class);
|
||
|
|
$this->entryPoint = new AuthenticationEntryPoint($this->urlGenerator, $this->tokenStorage);
|
||
|
|
}
|
||
|
|
|
||
|
|
public function testStartJsonRequestReturnsForbidden()
|
||
|
|
{
|
||
|
|
$request = Request::create('/api/resource');
|
||
|
|
$request->headers->set('Accept', 'application/json');
|
||
|
|
|
||
|
|
$response = $this->entryPoint->start($request);
|
||
|
|
|
||
|
|
$this->assertInstanceOf(JsonResponse::class, $response);
|
||
|
|
$this->assertEquals(Response::HTTP_FORBIDDEN, $response->getStatusCode());
|
||
|
|
}
|
||
|
|
|
||
|
|
public function testStartCrmPathWithCustomerRedirectsToHome()
|
||
|
|
{
|
||
|
|
$request = Request::create('/crm/dashboard');
|
||
|
|
|
||
|
|
$customer = $this->createMock(Customer::class);
|
||
|
|
$token = $this->createMock(TokenInterface::class);
|
||
|
|
$token->method('getUser')->willReturn($customer);
|
||
|
|
$this->tokenStorage->method('getToken')->willReturn($token);
|
||
|
|
|
||
|
|
$this->urlGenerator->expects($this->once())
|
||
|
|
->method('generate')
|
||
|
|
->with('app_home')
|
||
|
|
->willReturn('/home');
|
||
|
|
|
||
|
|
$response = $this->entryPoint->start($request);
|
||
|
|
|
||
|
|
$this->assertInstanceOf(RedirectResponse::class, $response);
|
||
|
|
$this->assertEquals('/home', $response->getTargetUrl());
|
||
|
|
}
|
||
|
|
|
||
|
|
public function testStartCrmPathWithoutUserRedirectsToHome()
|
||
|
|
{
|
||
|
|
$request = Request::create('/crm/dashboard');
|
||
|
|
|
||
|
|
$this->tokenStorage->method('getToken')->willReturn(null);
|
||
|
|
|
||
|
|
$this->urlGenerator->expects($this->once())
|
||
|
|
->method('generate')
|
||
|
|
->with('app_home')
|
||
|
|
->willReturn('/home');
|
||
|
|
|
||
|
|
$response = $this->entryPoint->start($request);
|
||
|
|
|
||
|
|
$this->assertInstanceOf(RedirectResponse::class, $response);
|
||
|
|
$this->assertEquals('/home', $response->getTargetUrl());
|
||
|
|
}
|
||
|
|
|
||
|
|
public function testStartReservationPathWithoutUserRedirectsToReservationLogin()
|
||
|
|
{
|
||
|
|
$request = Request::create('/reservation/book');
|
||
|
|
|
||
|
|
$this->tokenStorage->method('getToken')->willReturn(null);
|
||
|
|
|
||
|
|
$this->urlGenerator->expects($this->once())
|
||
|
|
->method('generate')
|
||
|
|
->with('reservation_login')
|
||
|
|
->willReturn('/reservation/login');
|
||
|
|
|
||
|
|
$response = $this->entryPoint->start($request);
|
||
|
|
|
||
|
|
$this->assertInstanceOf(RedirectResponse::class, $response);
|
||
|
|
$this->assertEquals('/reservation/login', $response->getTargetUrl());
|
||
|
|
}
|
||
|
|
|
||
|
|
public function testStartReservationPathWithUserRedirectsToHomeOnlyBecauseDefaultFallback()
|
||
|
|
{
|
||
|
|
// Note: The logic in AuthenticationEntryPoint for /reservation only handles !$user.
|
||
|
|
// If user exists (Account or Customer), it falls through to the default return at the end.
|
||
|
|
|
||
|
|
$request = Request::create('/reservation/book');
|
||
|
|
|
||
|
|
$user = $this->createMock(Account::class);
|
||
|
|
$token = $this->createMock(TokenInterface::class);
|
||
|
|
$token->method('getUser')->willReturn($user);
|
||
|
|
$this->tokenStorage->method('getToken')->willReturn($token);
|
||
|
|
|
||
|
|
$this->urlGenerator->expects($this->once())
|
||
|
|
->method('generate')
|
||
|
|
->with('app_home')
|
||
|
|
->willReturn('/home');
|
||
|
|
|
||
|
|
$response = $this->entryPoint->start($request);
|
||
|
|
|
||
|
|
$this->assertInstanceOf(RedirectResponse::class, $response);
|
||
|
|
$this->assertEquals('/home', $response->getTargetUrl());
|
||
|
|
}
|
||
|
|
}
|