/**
* Performs user logout
*/
protected function _logout()
{
$this->_auth->logout();
\Magento\TestFramework\Helper\Bootstrap::getObjectManager()->get(
'Magento\Backend\Model\UrlInterface'
)->turnOnSecretKey();
}
/**
* Disabled form security in order to prevent exit from the app
* @magentoConfigFixture current_store admin/security/session_lifetime 59
*/
public function testIsLoggedInWithIgnoredLifetime()
{
$this->_auth->login(\Magento\TestFramework\Bootstrap::ADMIN_NAME, \Magento\TestFramework\Bootstrap::ADMIN_PASSWORD);
$this->assertTrue($this->_model->isLoggedIn());
$this->_model->setUpdatedAt(time() - 101);
$this->assertTrue($this->_model->isLoggedIn());
}
/**
* @dataProvider loginDataProvider
*/
public function testIsLoggedIn($loggedIn)
{
if ($loggedIn) {
$this->auth->login(\Magento\TestFramework\Bootstrap::ADMIN_NAME, \Magento\TestFramework\Bootstrap::ADMIN_PASSWORD);
}
$this->assertEquals($loggedIn, $this->authSession->isLoggedIn());
}
/**
* Declare headers and content file in response for file download
*
* @param string $fileName
* @param string|array $content set to null to avoid starting output, $contentLength should be set explicitly in
* that case
* @param string $baseDir
* @param string $contentType
* @param int $contentLength explicit content length, if strlen($content) isn't applicable
* @return \Magento\Framework\App\ResponseInterface
*/
public function create($fileName, $content, $baseDir = DirectoryList::ROOT, $contentType = 'application/octet-stream', $contentLength = null)
{
if ($this->_auth->getAuthStorage()->isFirstPageAfterLogin()) {
return $this->_redirect($this->_backendUrl->getStartupPageUrl());
}
return parent::create($fileName, $content, $baseDir, $contentType, $contentLength);
}
protected function tearDown()
{
$this->_auth->getAuthStorage()->destroy(['send_expire_cookie' => false]);
$this->_auth = null;
$this->_session = null;
$this->_objectManager->get('Magento\\Backend\\Model\\UrlInterface')->turnOnSecretKey();
parent::tearDown();
}
/**
* @expectedException \Magento\Backend\Model\Auth\Exception
* @expectedExceptionMessage Please correct the user name or password.
*/
public function testLoginFailed()
{
$this->_modelFactoryMock->expects($this->once())->method('create')->with('Magento\\Backend\\Model\\Auth\\Credential\\StorageInterface')->will($this->returnValue($this->_credentialStorage));
$exceptionMock = new \Magento\Framework\Model\Exception();
$this->_credentialStorage->expects($this->once())->method('login')->with('username', 'password')->will($this->throwException($exceptionMock));
$this->_credentialStorage->expects($this->never())->method('getId');
$this->_eventManagerMock->expects($this->once())->method('dispatch')->with('backend_auth_user_login_failed');
$this->_model->login('username', 'password');
}
/**
* @expectedException \Magento\Framework\Exception\AuthenticationException
* @expectedExceptionMessage You did not sign in correctly or your account is temporarily disabled.
*/
public function testLoginFailed()
{
$this->_modelFactoryMock->expects($this->once())->method('create')->with('Magento\\Backend\\Model\\Auth\\Credential\\StorageInterface')->will($this->returnValue($this->_credentialStorage));
$exceptionMock = new \Magento\Framework\Exception\LocalizedException(__('You did not sign in correctly or your account is temporarily disabled.'));
$this->_credentialStorage->expects($this->once())->method('login')->with('username', 'password')->will($this->throwException($exceptionMock));
$this->_credentialStorage->expects($this->never())->method('getId');
$this->_eventManagerMock->expects($this->once())->method('dispatch')->with('backend_auth_user_login_failed');
$this->_model->login('username', 'password');
}
/**
* Test of prolong user action
*
* @magentoDbIsolation enabled
*/
public function testProcessProlong()
{
$this->auth->login(\Magento\TestFramework\Bootstrap::ADMIN_NAME, \Magento\TestFramework\Bootstrap::ADMIN_PASSWORD);
$sessionId = $this->authSession->getSessionId();
$dateInPast = $this->dateTime->formatDate($this->authSession->getUpdatedAt() - 100);
$this->adminSessionsManager->getCurrentSession()->setData('updated_at', $dateInPast)->save();
$this->adminSessionInfo->load($sessionId, 'session_id');
$oldUpdatedAt = $this->adminSessionInfo->getUpdatedAt();
$this->authSession->prolong();
$this->adminSessionInfo->load($sessionId, 'session_id');
$updatedAt = $this->adminSessionInfo->getUpdatedAt();
$this->assertGreaterThan($oldUpdatedAt, $updatedAt);
}
/**
* Check url keys. If non valid - redirect
*
* @return bool
*/
public function _processUrlKeys()
{
$_isValidFormKey = true;
$_isValidSecretKey = true;
$_keyErrorMsg = '';
if ($this->_auth->isLoggedIn()) {
if ($this->getRequest()->isPost()) {
$_isValidFormKey = $this->_formKeyValidator->validate($this->getRequest());
$_keyErrorMsg = __('Invalid Form Key. Please refresh the page.');
} elseif ($this->_backendUrl->useSecretKey()) {
$_isValidSecretKey = $this->_validateSecretKey();
$_keyErrorMsg = __('You entered an invalid Secret Key. Please refresh the page.');
}
}
if (!$_isValidFormKey || !$_isValidSecretKey) {
$this->_actionFlag->set('', self::FLAG_NO_DISPATCH, true);
$this->_actionFlag->set('', self::FLAG_NO_POST_DISPATCH, true);
if ($this->getRequest()->getQuery('isAjax', false) || $this->getRequest()->getQuery('ajax', false)) {
$this->getResponse()->representJson($this->_objectManager->get('Magento\\Framework\\Json\\Helper\\Data')->jsonEncode(['error' => true, 'message' => $_keyErrorMsg]));
} else {
$this->_redirect($this->_backendUrl->getStartupPageUrl());
}
return false;
}
return true;
}
/**
* @return int|bool
*/
public function getCurrentUserId()
{
if ($this->_auth->getUser()) {
return $this->_auth->getUser()->getId();
}
return false;
}
public function testGetUser()
{
$this->_model->login(\Magento\TestFramework\Bootstrap::ADMIN_NAME, \Magento\TestFramework\Bootstrap::ADMIN_PASSWORD);
$this->assertNotNull($this->_model->getUser());
$this->assertGreaterThan(0, $this->_model->getUser()->getId());
$this->assertInstanceOf('Magento\\Backend\\Model\\Auth\\Credential\\StorageInterface', $this->_model->getUser());
}
/**
* Test if other sessions were logged out if logoutOtherUserSessions() action was performed
*
* @magentoAdminConfigFixture admin/security/session_lifetime 100
* @magentoConfigFixture default_store admin/security/admin_account_sharing 1
* @magentoDbIsolation enabled
*/
public function testLogoutOtherUserSessions()
{
/** @var \Magento\Security\Model\AdminSessionInfo $session */
$session = $this->objectManager->create('Magento\\Security\\Model\\AdminSessionInfo');
$session->setSessionId('669e2e3d752e8')->setUserId(1)->setStatus(1)->setCreatedAt(time() - 50)->setUpdatedAt(time() - 49)->save();
$this->auth->login(\Magento\TestFramework\Bootstrap::ADMIN_NAME, \Magento\TestFramework\Bootstrap::ADMIN_PASSWORD);
$collection = $this->getCollectionForLogoutOtherUserSessions($session);
$this->assertGreaterThanOrEqual(1, $collection->getSize());
$this->adminSessionsManager->logoutOtherUserSessions();
$collection = $this->getCollectionForLogoutOtherUserSessions($session);
$this->assertEquals(0, $collection->getSize());
}
/**
* Autorisation url for OAUTH.
*
* @return string
*/
public function getAuthoriseUrl()
{
$clientId = $this->_scopeConfig->getValue(\Dotdigitalgroup\Email\Helper\Config::XML_PATH_CONNECTOR_CLIENT_ID);
//callback uri if not set custom
$redirectUri = $this->getRedirectUri();
$redirectUri .= 'connector/email/callback';
$adminUser = $this->auth->getUser();
//query params
$params = ['redirect_uri' => $redirectUri, 'scope' => 'Account', 'state' => $adminUser->getId(), 'response_type' => 'code'];
$authorizeBaseUrl = $this->configHelper->getAuthorizeLink();
$url = $authorizeBaseUrl . http_build_query($params) . '&client_id=' . $clientId;
return $url;
}
public function testIndexActionInstalled()
{
$this->deploymentConfig->expects($this->once())->method('isAvailable')->willReturn(true);
$this->objectManagerProvider->expects($this->once())->method('get')->willReturn($this->objectManager);
$this->appState->expects($this->once())->method('setAreaCode');
$this->auth->expects($this->once())->method('isLoggedIn');
$this->objectManager->expects($this->any())
->method('get')
->will(
$this->returnValueMap(
[
['Magento\Framework\App\State', $this->appState],
['Magento\Backend\Model\Auth', $this->auth]
]
)
);
/** @var $controller Index */
$controller = new Index($this->objectManagerProvider, $this->deploymentConfig);
$viewModel = $controller->indexAction();
$this->assertInstanceOf('Zend\View\Model\ViewModel', $viewModel);
$this->assertFalse($viewModel->terminate());
}
/**
* Performs login, if user submitted login form
*
* @param \Magento\Framework\App\RequestInterface $request
* @return bool
*/
protected function _performLogin(\Magento\Framework\App\RequestInterface $request)
{
$outputValue = true;
$postLogin = $request->getPost('login');
$username = isset($postLogin['username']) ? $postLogin['username'] : '';
$password = isset($postLogin['password']) ? $postLogin['password'] : '';
$request->setPostValue('login', null);
try {
$this->_auth->login($username, $password);
} catch (AuthenticationException $e) {
if (!$request->getParam('messageSent')) {
$this->messageManager->addError($e->getMessage());
$request->setParam('messageSent', true);
$outputValue = false;
}
}
return $outputValue;
}
/**
* @param string $actionName
* @return \Magento\Integration\Controller\Adminhtml\Integration
* @SuppressWarnings(PHPMD.ExcessiveMethodLength)
*/
protected function _createIntegrationController($actionName)
{
// Mock Layout passed into constructor
$this->_viewMock = $this->getMockBuilder('Magento\\Framework\\App\\ViewInterface')->getMock();
$this->_layoutMock = $this->getMock('Magento\\Framework\\View\\LayoutInterface');
$this->_layoutMergeMock = $this->getMockBuilder('Magento\\Framework\\View\\Model\\Layout\\Merge')->disableOriginalConstructor()->getMock();
$this->_layoutMock->expects($this->any())->method('getUpdate')->will($this->returnValue($this->_layoutMergeMock));
$testElement = new \Magento\Framework\Simplexml\Element('<test>test</test>');
$this->_layoutMock->expects($this->any())->method('getNode')->will($this->returnValue($testElement));
// for _setActiveMenu
$this->_viewMock->expects($this->any())->method('getLayout')->will($this->returnValue($this->_layoutMock));
$blockMock = $this->getMockBuilder('Magento\\Backend\\Block\\Menu')->disableOriginalConstructor()->getMock();
$menuMock = $this->getMock('Magento\\Backend\\Model\\Menu', [], [$this->getMock('Psr\\Log\\LoggerInterface')]);
$loggerMock = $this->getMockBuilder('Psr\\Log\\LoggerInterface')->getMock();
$loggerMock->expects($this->any())->method('critical')->will($this->returnSelf());
$menuMock->expects($this->any())->method('getParentItems')->will($this->returnValue([]));
$blockMock->expects($this->any())->method('getMenuModel')->will($this->returnValue($menuMock));
$this->_layoutMock->expects($this->any())->method('getMessagesBlock')->will($this->returnValue($blockMock));
$this->_layoutMock->expects($this->any())->method('getBlock')->will($this->returnValue($blockMock));
$this->_viewMock->expects($this->any())->method('getPage')->willReturn($this->resultPageMock);
$this->resultPageMock->expects($this->any())->method('getConfig')->willReturn($this->viewConfigMock);
$this->viewConfigMock->expects($this->any())->method('getTitle')->willReturn($this->pageTitleMock);
$this->_escaper->expects($this->any())->method('escapeHtml')->will($this->returnArgument(0));
$this->resultRedirectFactory = $this->getMockBuilder('Magento\\Backend\\Model\\View\\Result\\RedirectFactory')->disableOriginalConstructor()->setMethods(['create'])->getMock();
$this->resultFactory = $this->getMockBuilder('Magento\\Framework\\Controller\\ResultFactory')->disableOriginalConstructor()->setMethods(['create'])->getMock();
$this->_authMock->expects($this->any())->method('getUser')->will($this->returnValue($this->_userMock));
$this->_userMock->expects($this->any())->method('load')->willReturn($this->_userMock);
$this->_backendSessionMock->expects($this->any())->method('getIntegrationData')->willReturn(['all_resources' => 1]);
$contextParameters = ['view' => $this->_viewMock, 'objectManager' => $this->_objectManagerMock, 'session' => $this->_backendSessionMock, 'translator' => $this->_translateModelMock, 'request' => $this->_requestMock, 'response' => $this->_responseMock, 'messageManager' => $this->_messageManager, 'resultRedirectFactory' => $this->resultRedirectFactory, 'resultFactory' => $this->resultFactory, 'auth' => $this->_authMock, 'eventManager' => $this->_eventManagerMock];
$this->_backendActionCtxMock = $this->_objectManagerHelper->getObject('Magento\\Backend\\App\\Action\\Context', $contextParameters);
$integrationCollection = $this->getMockBuilder('\\Magento\\Integration\\Model\\ResourceModel\\Integration\\Collection')->disableOriginalConstructor()->setMethods(['addUnsecureUrlsFilter', 'getSize'])->getMock();
$integrationCollection->expects($this->any())->method('addUnsecureUrlsFilter')->will($this->returnValue($integrationCollection));
$integrationCollection->expects($this->any())->method('getSize')->will($this->returnValue(0));
$subControllerParams = ['context' => $this->_backendActionCtxMock, 'integrationService' => $this->_integrationSvcMock, 'oauthService' => $this->_oauthSvcMock, 'registry' => $this->_registryMock, 'logger' => $loggerMock, 'integrationData' => $this->_integrationHelperMock, 'escaper' => $this->_escaper, 'integrationCollection' => $integrationCollection];
/** Create IntegrationController to test */
$controller = $this->_objectManagerHelper->getObject('\\Magento\\Integration\\Controller\\Adminhtml\\Integration\\' . $actionName, $subControllerParams);
if ($actionName == 'Save') {
$reflection = new \ReflectionClass(get_class($controller));
$reflectionProperty = $reflection->getProperty('securityCookie');
$reflectionProperty->setAccessible(true);
$reflectionProperty->setValue($controller, $this->securityCookieMock);
}
return $controller;
}
/**
* @return mixed
*/
public function getCode()
{
return $this->auth->getUser()->getEmailCode();
}
/**
* {@inheritdoc}
*/
public function isLoggedIn()
{
$pluginInfo = $this->pluginList->getNext($this->subjectType, 'isLoggedIn');
if (!$pluginInfo) {
return parent::isLoggedIn();
} else {
return $this->___callPlugins('isLoggedIn', func_get_args(), $pluginInfo);
}
}