moodle-auth_jwt/tests/externallib_test.php

<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.

namespace auth_userkey;

use advanced_testcase;
use webservice_access_exception;
use auth_userkey_external;
use external_api;
use invalid_parameter_exception;
use required_capability_exception;
use context_system;

/**
 * Tests for externallib.php.
 *
 * @covers auth_userkey_external
 *
 * @package    auth_userkey
 * @copyright  2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 */
class externallib_test extends advanced_testcase {
    /**
     * User object.
     *
     * @var
     */
    protected $user = array();

    /**
     * Initial set up.
     */
    public function setUp(): void {
        global $CFG;

        require_once($CFG->libdir . "/externallib.php");
        require_once($CFG->dirroot . '/auth/userkey/externallib.php');

        $this->resetAfterTest();

        $user = array();
        $user['username'] = 'username';
        $user['email'] = 'exists@test.com';
        $user['idnumber'] = 'idnumber';
        $this->user = self::getDataGenerator()->create_user($user);
    }

    /**
     * Test call with incorrect required parameter.
     */
    public function test_throwing_plugin_disabled_exception() {
        $this->setAdminUser();

        $params = array(
            'bla' => 'exists@test.com',
        );

        $this->expectException(webservice_access_exception::class);
        $this->expectExceptionMessage('Access control exception (The userkey authentication plugin is disabled.)');

        // Simulate the web service server.
        $result = auth_userkey_external::request_login_url($params);
        $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
    }

    /**
     * Test successful web service calls.
     */
    public function test_successful_webservice_calls() {
        global $DB, $CFG;

        $CFG->auth = "userkey";
        $this->setAdminUser();

        // Email.
        $params = array(
            'email' => 'exists@test.com',
        );

        // Simulate the web service server.
        $result = auth_userkey_external::request_login_url($params);
        $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);

        $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
        $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;

        $this->assertTrue(is_array($result));
        $this->assertTrue(key_exists('loginurl', $result));
        $this->assertEquals($expectedurl, $result['loginurl']);

        // Username.
        set_config('mappingfield', 'username', 'auth_userkey');
        $params = array(
            'username' => 'username',
        );

        // Simulate the web service server.
        $result = auth_userkey_external::request_login_url($params);
        $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);

        $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
        $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;

        $this->assertTrue(is_array($result));
        $this->assertTrue(key_exists('loginurl', $result));
        $this->assertEquals($expectedurl, $result['loginurl']);

        // Idnumber.
        set_config('mappingfield', 'idnumber', 'auth_userkey');
        $params = array(
            'idnumber' => 'idnumber',
        );

        // Simulate the web service server.
        $result = auth_userkey_external::request_login_url($params);
        $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);

        $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
        $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;

        $this->assertTrue(is_array($result));
        $this->assertTrue(key_exists('loginurl', $result));
        $this->assertEquals($expectedurl, $result['loginurl']);

        // IP restriction.
        set_config('iprestriction', true, 'auth_userkey');
        set_config('mappingfield', 'idnumber', 'auth_userkey');
        $params = array(
            'idnumber' => 'idnumber',
            'ip' => '192.168.1.1',
        );

        // Simulate the web service server.
        $result = auth_userkey_external::request_login_url($params);
        $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);

        $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
        $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;

        $this->assertTrue(is_array($result));
        $this->assertTrue(key_exists('loginurl', $result));
        $this->assertEquals($expectedurl, $result['loginurl']);
    }

    /**
     * Test call with missing email required parameter.
     */
    public function test_exception_thrown_if_required_parameter_email_is_not_set() {
        global $CFG;

        $this->setAdminUser();
        $CFG->auth = "userkey";

        $params = array(
            'bla' => 'exists@test.com',
        );

        $this->expectException(invalid_parameter_exception::class);
        $this->expectExceptionMessage('Invalid parameter value detected (Required field "email" is not set or empty.)');

        auth_userkey_external::request_login_url($params);
    }

    /**
     * Test call with missing ip required parameter.
     */
    public function test_exception_thrown_if_required_parameter_op_is_not_set() {
        global $CFG;

        $this->setAdminUser();
        $CFG->auth = "userkey";

        set_config('iprestriction', true, 'auth_userkey');

        $params = array(
            'email' => 'exists@test.com',
        );

        $this->expectException(invalid_parameter_exception::class);
        $this->expectExceptionMessage('Invalid parameter value detected (Required parameter "ip" is not set.)');

        auth_userkey_external::request_login_url($params);
    }

    /**
     * Test request for a user who is not exist.
     */
    public function test_request_not_existing_user() {
        global $CFG;

        $this->setAdminUser();
        $CFG->auth = "userkey";

        $params = array(
            'email' => 'notexists@test.com',
        );

        $this->expectException(invalid_parameter_exception::class);
        $this->expectExceptionMessage('Invalid parameter value detected (User is not exist)');

        // Simulate the web service server.
        $result = auth_userkey_external::request_login_url($params);
        $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
    }

    /**
     * Test that permission exception gets thrown if user doesn't have required permissions.
     */
    public function test_throwing_of_permission_exception() {
        global $CFG;

        $this->setUser($this->user);
        $CFG->auth = "userkey";

        $params = array(
            'email' => 'notexists@test.com',
        );

        $this->expectException(required_capability_exception::class);
        $this->expectExceptionMessage('Sorry, but you do not currently have permissions to do that (Generate login user key)');

        // Simulate the web service server.
        $result = auth_userkey_external::request_login_url($params);
        $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
    }

    /**
     * Test request gets executed correctly if use has required permissions.
     */
    public function test_request_gets_executed_if_user_has_permission() {
        global $CFG, $DB;

        $this->setUser($this->user);
        $CFG->auth = "userkey";

        $context = context_system::instance();
        $studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
        assign_capability('auth/userkey:generatekey', CAP_ALLOW, $studentrole->id, $context->id);
        role_assign($studentrole->id, $this->user->id, $context->id);

        $params = array(
            'email' => 'exists@test.com',
        );

        // Simulate the web service server.
        $result = auth_userkey_external::request_login_url($params);
        $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);

        $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
        $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;

        $this->assertTrue(is_array($result));
        $this->assertTrue(key_exists('loginurl', $result));
        $this->assertEquals($expectedurl, $result['loginurl']);
    }
}
Add test for externallib.php 2016-08-17 07:44:18 +00:00			`<?php`
			`// This file is part of Moodle - http://moodle.org/`
			`//`
			`// Moodle is free software: you can redistribute it and/or modify`
			`// it under the terms of the GNU General Public License as published by`
			`// the Free Software Foundation, either version 3 of the License, or`
			`// (at your option) any later version.`
			`//`
			`// Moodle is distributed in the hope that it will be useful,`
			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`// GNU General Public License for more details.`
			`//`
			`// You should have received a copy of the GNU General Public License`
			`// along with Moodle. If not, see <http://www.gnu.org/licenses/>.`

Move test files 2022-08-19 00:56:39 +00:00			`namespace auth_userkey;`

			`use advanced_testcase;`
			`use webservice_access_exception;`
			`use auth_userkey_external;`
			`use external_api;`
			`use invalid_parameter_exception;`
			`use required_capability_exception;`
			`use context_system;`

Add test for externallib.php 2016-08-17 07:44:18 +00:00			`/**`
			`* Tests for externallib.php.`
			`*`
Add @covers to all tests 2022-08-19 01:16:11 +00:00			`* @covers auth_userkey_external`
			`*`
Add test for externallib.php 2016-08-17 07:44:18 +00:00			`* @package auth_userkey`
			`* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)`
			`* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later`
			`*/`
Move test files 2022-08-19 00:56:39 +00:00			`class externallib_test extends advanced_testcase {`
Add test for externallib.php 2016-08-17 07:44:18 +00:00			`/**`
			`* User object.`
			`*`
			`* @var`
			`*/`
			`protected $user = array();`

			`/**`
			`* Initial set up.`
			`*/`
Fix declaration issue in unit tests 2022-06-03 06:44:24 +00:00			`public function setUp(): void {`
Add test for externallib.php 2016-08-17 07:44:18 +00:00			`global $CFG;`

			`require_once($CFG->libdir . "/externallib.php");`
			`require_once($CFG->dirroot . '/auth/userkey/externallib.php');`

			`$this->resetAfterTest();`

			`$user = array();`
			`$user['username'] = 'username';`
			`$user['email'] = 'exists@test.com';`
			`$user['idnumber'] = 'idnumber';`
			`$this->user = self::getDataGenerator()->create_user($user);`
			`}`

Add throwing an error if the plugin is disabled 2016-08-18 11:47:56 +00:00			`/**`
			`* Test call with incorrect required parameter.`
			`*/`
			`public function test_throwing_plugin_disabled_exception() {`
			`$this->setAdminUser();`

			`$params = array(`
			`'bla' => 'exists@test.com',`
			`);`
Replace deprecated annotations 2022-08-19 00:08:02 +00:00
			`$this->expectException(webservice_access_exception::class);`
			`$this->expectExceptionMessage('Access control exception (The userkey authentication plugin is disabled.)');`

Add throwing an error if the plugin is disabled 2016-08-18 11:47:56 +00:00			`// Simulate the web service server.`
			`$result = auth_userkey_external::request_login_url($params);`
			`$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);`
			`}`

Add test for externallib.php 2016-08-17 07:44:18 +00:00			`/**`
			`* Test successful web service calls.`
			`*/`
			`public function test_successful_webservice_calls() {`
			`global $DB, $CFG;`

Add throwing an error if the plugin is disabled 2016-08-18 11:47:56 +00:00			`$CFG->auth = "userkey";`
Add 'Generate user key' permission 2016-08-18 08:10:38 +00:00			`$this->setAdminUser();`

Add test for externallib.php 2016-08-17 07:44:18 +00:00			`// Email.`
			`$params = array(`
			`'email' => 'exists@test.com',`
			`);`

			`// Simulate the web service server.`
			`$result = auth_userkey_external::request_login_url($params);`
			`$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);`

			`$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));`
			`$expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;`

			`$this->assertTrue(is_array($result));`
			`$this->assertTrue(key_exists('loginurl', $result));`
			`$this->assertEquals($expectedurl, $result['loginurl']);`

			`// Username.`
			`set_config('mappingfield', 'username', 'auth_userkey');`
			`$params = array(`
			`'username' => 'username',`
			`);`

			`// Simulate the web service server.`
			`$result = auth_userkey_external::request_login_url($params);`
			`$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);`

			`$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));`
			`$expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;`

			`$this->assertTrue(is_array($result));`
			`$this->assertTrue(key_exists('loginurl', $result));`
			`$this->assertEquals($expectedurl, $result['loginurl']);`

			`// Idnumber.`
			`set_config('mappingfield', 'idnumber', 'auth_userkey');`
			`$params = array(`
			`'idnumber' => 'idnumber',`
			`);`

			`// Simulate the web service server.`
			`$result = auth_userkey_external::request_login_url($params);`
			`$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);`

			`$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));`
			`$expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;`

			`$this->assertTrue(is_array($result));`
			`$this->assertTrue(key_exists('loginurl', $result));`
			`$this->assertEquals($expectedurl, $result['loginurl']);`
Fix ip restriction functionality 2016-08-19 06:01:08 +00:00
			`// IP restriction.`
			`set_config('iprestriction', true, 'auth_userkey');`
			`set_config('mappingfield', 'idnumber', 'auth_userkey');`
			`$params = array(`
			`'idnumber' => 'idnumber',`
			`'ip' => '192.168.1.1',`
			`);`

			`// Simulate the web service server.`
			`$result = auth_userkey_external::request_login_url($params);`
			`$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);`

			`$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));`
			`$expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;`

			`$this->assertTrue(is_array($result));`
			`$this->assertTrue(key_exists('loginurl', $result));`
			`$this->assertEquals($expectedurl, $result['loginurl']);`
Add test for externallib.php 2016-08-17 07:44:18 +00:00			`}`

			`/**`
Fix ip restriction functionality 2016-08-19 06:01:08 +00:00			`* Test call with missing email required parameter.`
Add test for externallib.php 2016-08-17 07:44:18 +00:00			`*/`
Fix test names of test functions 2020-05-08 09:39:22 +00:00			`public function test_exception_thrown_if_required_parameter_email_is_not_set() {`
Add throwing an error if the plugin is disabled 2016-08-18 11:47:56 +00:00			`global $CFG;`

Add 'Generate user key' permission 2016-08-18 08:10:38 +00:00			`$this->setAdminUser();`
Add throwing an error if the plugin is disabled 2016-08-18 11:47:56 +00:00			`$CFG->auth = "userkey";`
Add 'Generate user key' permission 2016-08-18 08:10:38 +00:00
Add test for externallib.php 2016-08-17 07:44:18 +00:00			`$params = array(`
			`'bla' => 'exists@test.com',`
			`);`
Fix ip restriction functionality 2016-08-19 06:01:08 +00:00
Replace deprecated annotations 2022-08-19 00:08:02 +00:00			`$this->expectException(invalid_parameter_exception::class);`
			`$this->expectExceptionMessage('Invalid parameter value detected (Required field "email" is not set or empty.)');`

Fix ip restriction functionality 2016-08-19 06:01:08 +00:00			`auth_userkey_external::request_login_url($params);`
			`}`

			`/**`
			`* Test call with missing ip required parameter.`
			`*/`
Fix test names of test functions 2020-05-08 09:39:22 +00:00			`public function test_exception_thrown_if_required_parameter_op_is_not_set() {`
Fix ip restriction functionality 2016-08-19 06:01:08 +00:00			`global $CFG;`

			`$this->setAdminUser();`
			`$CFG->auth = "userkey";`

			`set_config('iprestriction', true, 'auth_userkey');`

			`$params = array(`
			`'email' => 'exists@test.com',`
			`);`

Replace deprecated annotations 2022-08-19 00:08:02 +00:00			`$this->expectException(invalid_parameter_exception::class);`
			`$this->expectExceptionMessage('Invalid parameter value detected (Required parameter "ip" is not set.)');`

Fix ip restriction functionality 2016-08-19 06:01:08 +00:00			`auth_userkey_external::request_login_url($params);`
Add test for externallib.php 2016-08-17 07:44:18 +00:00			`}`

			`/**`
			`* Test request for a user who is not exist.`
			`*/`
			`public function test_request_not_existing_user() {`
Add throwing an error if the plugin is disabled 2016-08-18 11:47:56 +00:00			`global $CFG;`

Add 'Generate user key' permission 2016-08-18 08:10:38 +00:00			`$this->setAdminUser();`
Add throwing an error if the plugin is disabled 2016-08-18 11:47:56 +00:00			`$CFG->auth = "userkey";`

			`$params = array(`
			`'email' => 'notexists@test.com',`
			`);`

Replace deprecated annotations 2022-08-19 00:08:02 +00:00			`$this->expectException(invalid_parameter_exception::class);`
			`$this->expectExceptionMessage('Invalid parameter value detected (User is not exist)');`

Add throwing an error if the plugin is disabled 2016-08-18 11:47:56 +00:00			`// Simulate the web service server.`
			`$result = auth_userkey_external::request_login_url($params);`
			`$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);`
			`}`

			`/**`
			`* Test that permission exception gets thrown if user doesn't have required permissions.`
			`*/`
			`public function test_throwing_of_permission_exception() {`
			`global $CFG;`

			`$this->setUser($this->user);`
			`$CFG->auth = "userkey";`
Add 'Generate user key' permission 2016-08-18 08:10:38 +00:00
Add test for externallib.php 2016-08-17 07:44:18 +00:00			`$params = array(`
			`'email' => 'notexists@test.com',`
			`);`

Replace deprecated annotations 2022-08-19 00:08:02 +00:00			`$this->expectException(required_capability_exception::class);`
			`$this->expectExceptionMessage('Sorry, but you do not currently have permissions to do that (Generate login user key)');`

Add test for externallib.php 2016-08-17 07:44:18 +00:00			`// Simulate the web service server.`
			`$result = auth_userkey_external::request_login_url($params);`
			`$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);`
			`}`
Add throwing an error if the plugin is disabled 2016-08-18 11:47:56 +00:00
			`/**`
			`* Test request gets executed correctly if use has required permissions.`
			`*/`
			`public function test_request_gets_executed_if_user_has_permission() {`
			`global $CFG, $DB;`

			`$this->setUser($this->user);`
			`$CFG->auth = "userkey";`

			`$context = context_system::instance();`
Fix coing style issues 2016-08-18 13:30:58 +00:00			`$studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);`
Add throwing an error if the plugin is disabled 2016-08-18 11:47:56 +00:00			`assign_capability('auth/userkey:generatekey', CAP_ALLOW, $studentrole->id, $context->id);`
			`role_assign($studentrole->id, $this->user->id, $context->id);`

			`$params = array(`
			`'email' => 'exists@test.com',`
			`);`

			`// Simulate the web service server.`
			`$result = auth_userkey_external::request_login_url($params);`
			`$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);`

			`$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));`
			`$expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;`

			`$this->assertTrue(is_array($result));`
			`$this->assertTrue(key_exists('loginurl', $result));`
			`$this->assertEquals($expectedurl, $result['loginurl']);`
			`}`
Add test for externallib.php 2016-08-17 07:44:18 +00:00			`}`