2FAuth/tests/Feature/Console/FixServiceFieldEncryptionTest.php
2024-09-26 23:50:01 +02:00

182 lines
6.1 KiB
PHP

<?php
namespace Tests\Feature\Console;
use App\Console\Commands\Maintenance\FixServiceFieldEncryption;
use App\Facades\Settings;
use App\Models\TwoFAccount;
use App\Models\User;
use Illuminate\Support\Facades\DB;
use PHPUnit\Framework\Attributes\CoversClass;
use PHPUnit\Framework\Attributes\Test;
use Tests\FeatureTestCase;
/**
* FixServiceFieldEncryptionTest test class
*/
#[CoversClass(FixServiceFieldEncryption::class)]
class FixServiceFieldEncryptionTest extends FeatureTestCase
{
/**
* The name of the migration that changed the data this command will try to fix
*/
protected string $relatedMigration = '2024_08_08_133136_encrypt_twofaccount_service_field';
/**
* @var \App\Models\User|\Illuminate\Contracts\Auth\Authenticatable
*/
protected $user;
/**
* @var string
*/
protected $command = '2fauth:fix-service-encryption';
public function setUp() : void
{
parent::setUp();
$this->user = User::factory()->create();
}
#[Test]
public function test_it_does_not_run_if_migration_has_not_been_run()
{
DB::table('migrations')->where('migration', $this->relatedMigration)->delete();
$this->artisan($this->command)
->assertFailed();
}
#[Test]
public function test_it_does_not_run_if_encryption_is_off()
{
Settings::set('useEncryption', false);
$this->artisan($this->command)
->assertFailed();
}
#[Test]
public function test_it_tells_the_field_is_fully_encrypted_when_it_is()
{
TwoFAccount::factory()->for($this->user)->count(3)->create();
Settings::set('useEncryption', true);
$this->artisan($this->command)
->expectsOutputToContain('The Service field is fully encrypted.')
->assertSuccessful();
}
#[Test]
public function test_it_encrypts_the_field_of_all_records()
{
TwoFAccount::factory()->for($this->user)->count(3)->create();
$expectedServiceName = 'unencrypted_text';
Settings::set('useEncryption', true);
DB::table('twofaccounts')->update(['service' => $expectedServiceName]);
$twofaccounts = TwoFAccount::all();
foreach ($twofaccounts as $twofaccount) {
$this->assertEquals(__('errors.indecipherable'), $twofaccount->service);
}
$this->artisan($this->command)
->expectsConfirmation('Do you want to fix encryption of those records?', 'yes')
->assertSuccessful();
foreach ($twofaccounts as $twofaccount) {
$twofaccount->refresh();
$this->assertEquals($expectedServiceName, $twofaccount->service);
}
}
#[Test]
public function test_it_does_not_encrypt_the_field_without_confirmation()
{
TwoFAccount::factory()->for($this->user)->count(3)->create();
$expectedServiceName = 'unencrypted_text';
Settings::set('useEncryption', true);
DB::table('twofaccounts')->update(['service' => $expectedServiceName]);
$twofaccounts = TwoFAccount::all();
foreach ($twofaccounts as $twofaccount) {
$this->assertEquals(__('errors.indecipherable'), $twofaccount->service);
}
$this->artisan($this->command)
->expectsConfirmation('Do you want to fix encryption of those records?', 'no')
->assertSuccessful();
foreach ($twofaccounts as $twofaccount) {
$twofaccount->refresh();
$this->assertEquals(__('errors.indecipherable'), $twofaccount->service);
}
}
#[Test]
public function test_it_encrypts_the_field_of_invalid_records_only()
{
Settings::set('useEncryption', true);
$expectedServiceName = 'myService';
$twofaccounts = TwoFAccount::factory()->for($this->user)->count(3)->create([
'service' => $expectedServiceName,
]);
$testedAccount = $twofaccounts[2];
DB::table('twofaccounts')->where('id', $testedAccount->id)->update(['service' => $expectedServiceName]);
$testedAccount->refresh();
$this->assertEquals($expectedServiceName, $twofaccounts[0]->service);
$this->assertEquals($expectedServiceName, $twofaccounts[1]->service);
$this->assertEquals(__('errors.indecipherable'), $testedAccount->service);
$this->artisan($this->command)
->expectsConfirmation('Do you want to fix encryption of those records?', 'yes')
->assertSuccessful();
$testedAccount->refresh();
$this->assertEquals($expectedServiceName, $twofaccounts[0]->service);
$this->assertEquals($expectedServiceName, $twofaccounts[1]->service);
$this->assertEquals($expectedServiceName, $testedAccount->service);
}
#[Test]
public function test_it_does_not_encrypt_the_record_if_encryption_is_not_consistent()
{
Settings::set('useEncryption', true);
$expectedServiceName = 'myService';
$twofaccounts = TwoFAccount::factory()->for($this->user)->count(3)->create([
'service' => $expectedServiceName,
]);
$testedAccount = $twofaccounts[2];
DB::table('twofaccounts')->where('id', $testedAccount->id)->update(['legacy_uri' => 'indecipherable_payload']);
DB::table('twofaccounts')->where('id', $testedAccount->id)->update(['service' => $expectedServiceName]);
$testedAccount->refresh();
$this->assertEquals($expectedServiceName, $twofaccounts[0]->service);
$this->assertEquals($expectedServiceName, $twofaccounts[1]->service);
$this->assertEquals(__('errors.indecipherable'), $testedAccount->service);
$this->artisan($this->command)
->expectsConfirmation('Do you want to fix encryption of those records?', 'yes')
->expectsOutput('1 record could not be fixed, see log above for details.');
$testedAccount->refresh();
$this->assertEquals($expectedServiceName, $twofaccounts[0]->service);
$this->assertEquals($expectedServiceName, $twofaccounts[1]->service);
$this->assertEquals(__('errors.indecipherable'), $testedAccount->service);
}
}