mirror of
https://github.com/Bubka/2FAuth.git
synced 2024-12-03 05:35:25 +01:00
182 lines
6.1 KiB
PHP
182 lines
6.1 KiB
PHP
<?php
|
|
|
|
namespace Tests\Feature\Console;
|
|
|
|
use App\Console\Commands\Maintenance\FixServiceFieldEncryption;
|
|
use App\Facades\Settings;
|
|
use App\Models\TwoFAccount;
|
|
use App\Models\User;
|
|
use Illuminate\Support\Facades\DB;
|
|
use PHPUnit\Framework\Attributes\CoversClass;
|
|
use PHPUnit\Framework\Attributes\Test;
|
|
use Tests\FeatureTestCase;
|
|
|
|
/**
|
|
* FixServiceFieldEncryptionTest test class
|
|
*/
|
|
#[CoversClass(FixServiceFieldEncryption::class)]
|
|
class FixServiceFieldEncryptionTest extends FeatureTestCase
|
|
{
|
|
/**
|
|
* The name of the migration that changed the data this command will try to fix
|
|
*/
|
|
protected string $relatedMigration = '2024_08_08_133136_encrypt_twofaccount_service_field';
|
|
|
|
/**
|
|
* @var \App\Models\User|\Illuminate\Contracts\Auth\Authenticatable
|
|
*/
|
|
protected $user;
|
|
|
|
/**
|
|
* @var string
|
|
*/
|
|
protected $command = '2fauth:fix-service-encryption';
|
|
|
|
public function setUp() : void
|
|
{
|
|
parent::setUp();
|
|
|
|
$this->user = User::factory()->create();
|
|
}
|
|
|
|
#[Test]
|
|
public function test_it_does_not_run_if_migration_has_not_been_run()
|
|
{
|
|
DB::table('migrations')->where('migration', $this->relatedMigration)->delete();
|
|
|
|
$this->artisan($this->command)
|
|
->assertFailed();
|
|
}
|
|
|
|
#[Test]
|
|
public function test_it_does_not_run_if_encryption_is_off()
|
|
{
|
|
Settings::set('useEncryption', false);
|
|
|
|
$this->artisan($this->command)
|
|
->assertFailed();
|
|
}
|
|
|
|
#[Test]
|
|
public function test_it_tells_the_field_is_fully_encrypted_when_it_is()
|
|
{
|
|
TwoFAccount::factory()->for($this->user)->count(3)->create();
|
|
|
|
Settings::set('useEncryption', true);
|
|
|
|
$this->artisan($this->command)
|
|
->expectsOutputToContain('The Service field is fully encrypted.')
|
|
->assertSuccessful();
|
|
}
|
|
|
|
#[Test]
|
|
public function test_it_encrypts_the_field_of_all_records()
|
|
{
|
|
TwoFAccount::factory()->for($this->user)->count(3)->create();
|
|
$expectedServiceName = 'unencrypted_text';
|
|
|
|
Settings::set('useEncryption', true);
|
|
|
|
DB::table('twofaccounts')->update(['service' => $expectedServiceName]);
|
|
$twofaccounts = TwoFAccount::all();
|
|
foreach ($twofaccounts as $twofaccount) {
|
|
$this->assertEquals(__('errors.indecipherable'), $twofaccount->service);
|
|
}
|
|
|
|
$this->artisan($this->command)
|
|
->expectsConfirmation('Do you want to fix encryption of those records?', 'yes')
|
|
->assertSuccessful();
|
|
|
|
foreach ($twofaccounts as $twofaccount) {
|
|
$twofaccount->refresh();
|
|
$this->assertEquals($expectedServiceName, $twofaccount->service);
|
|
}
|
|
}
|
|
|
|
#[Test]
|
|
public function test_it_does_not_encrypt_the_field_without_confirmation()
|
|
{
|
|
TwoFAccount::factory()->for($this->user)->count(3)->create();
|
|
$expectedServiceName = 'unencrypted_text';
|
|
|
|
Settings::set('useEncryption', true);
|
|
|
|
DB::table('twofaccounts')->update(['service' => $expectedServiceName]);
|
|
$twofaccounts = TwoFAccount::all();
|
|
foreach ($twofaccounts as $twofaccount) {
|
|
$this->assertEquals(__('errors.indecipherable'), $twofaccount->service);
|
|
}
|
|
|
|
$this->artisan($this->command)
|
|
->expectsConfirmation('Do you want to fix encryption of those records?', 'no')
|
|
->assertSuccessful();
|
|
|
|
foreach ($twofaccounts as $twofaccount) {
|
|
$twofaccount->refresh();
|
|
$this->assertEquals(__('errors.indecipherable'), $twofaccount->service);
|
|
}
|
|
}
|
|
|
|
#[Test]
|
|
public function test_it_encrypts_the_field_of_invalid_records_only()
|
|
{
|
|
Settings::set('useEncryption', true);
|
|
|
|
$expectedServiceName = 'myService';
|
|
$twofaccounts = TwoFAccount::factory()->for($this->user)->count(3)->create([
|
|
'service' => $expectedServiceName
|
|
]);
|
|
|
|
$testedAccount = $twofaccounts[2];
|
|
DB::table('twofaccounts')->where('id', $testedAccount->id)->update(['service' => $expectedServiceName]);
|
|
|
|
$testedAccount->refresh();
|
|
|
|
$this->assertEquals($expectedServiceName, $twofaccounts[0]->service);
|
|
$this->assertEquals($expectedServiceName, $twofaccounts[1]->service);
|
|
$this->assertEquals(__('errors.indecipherable'), $testedAccount->service);
|
|
|
|
$this->artisan($this->command)
|
|
->expectsConfirmation('Do you want to fix encryption of those records?', 'yes')
|
|
->assertSuccessful();
|
|
|
|
$testedAccount->refresh();
|
|
|
|
$this->assertEquals($expectedServiceName, $twofaccounts[0]->service);
|
|
$this->assertEquals($expectedServiceName, $twofaccounts[1]->service);
|
|
$this->assertEquals($expectedServiceName, $testedAccount->service);
|
|
}
|
|
|
|
#[Test]
|
|
public function test_it_does_not_encrypt_the_record_if_encryption_is_not_consistent()
|
|
{
|
|
Settings::set('useEncryption', true);
|
|
|
|
$expectedServiceName = 'myService';
|
|
$twofaccounts = TwoFAccount::factory()->for($this->user)->count(3)->create([
|
|
'service' => $expectedServiceName
|
|
]);
|
|
|
|
$testedAccount = $twofaccounts[2];
|
|
|
|
DB::table('twofaccounts')->where('id', $testedAccount->id)->update(['legacy_uri' => 'indecipherable_payload']);
|
|
DB::table('twofaccounts')->where('id', $testedAccount->id)->update(['service' => $expectedServiceName]);
|
|
|
|
$testedAccount->refresh();
|
|
|
|
$this->assertEquals($expectedServiceName, $twofaccounts[0]->service);
|
|
$this->assertEquals($expectedServiceName, $twofaccounts[1]->service);
|
|
$this->assertEquals(__('errors.indecipherable'), $testedAccount->service);
|
|
|
|
$this->artisan($this->command)
|
|
->expectsConfirmation('Do you want to fix encryption of those records?', 'yes')
|
|
->expectsOutput('1 record could not be fixed, see log above for details.');
|
|
|
|
$testedAccount->refresh();
|
|
|
|
$this->assertEquals($expectedServiceName, $twofaccounts[0]->service);
|
|
$this->assertEquals($expectedServiceName, $twofaccounts[1]->service);
|
|
$this->assertEquals(__('errors.indecipherable'), $testedAccount->service);
|
|
}
|
|
}
|