reivilibre/TaskBoard
Archived
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases 2 Wiki Activity

Users controller updates and unit tests

Browse Source
This commit is contained in:
kiswa 2016-07-31 19:50:59 +00:00
parent 8c1c68d792
commit e0a0cb4470
3 changed files with 95 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
src/api/controllers/Users.php
View File

@ -11,21 +11,7 @@ class Users extends BaseController {
}
$this->apiJson->setSuccess();
$userBeans = R::findAll('user');
$userIds = $this->getUserIdsByBoardAccess(Auth::GetUserId($request));
$actor = new User($this->container, Auth::GetUserId($request));
$isAdmin = ($actor->security_level->getValue() === SecurityLevel::Admin);
$data = [];
foreach($userBeans as $bean) {
$user = new User($this->container);
$user->loadFromBean($bean);
if (in_array($user->id, $userIds) || $isAdmin) {
$data[] = $this->cleanUser($user);
}
}
$data = $this->getAllUsersCleaned($request);
$this->apiJson->addData($data);
return $this->jsonResponse($response);
@ -71,8 +57,16 @@ class Users extends BaseController {
return $this->jsonResponse($response, $status);
}
$data = json_decode($request->getBody());
$user = new User($this->container);
$user->loadFromJson($request->getBody());
if (isset($data->password)) {
$data->password_hash =
password_hash($data->password, PASSWORD_BCRYPT);
unset($data->password);
unset($data->password_verify);
}
$user->loadFromJson(json_encode($data));
if (!$user->save()) {
$this->logger->addError('Add User: ', [$user]);
@ -90,6 +84,7 @@ class Users extends BaseController {
$this->apiJson->setSuccess();
$this->apiJson->addAlert('success',
'User ' . $user->username . ' added.');
$this->apiJson->addData($this->getAllUsersCleaned($request));
return $this->jsonResponse($response);
}
@ -133,6 +128,12 @@ class Users extends BaseController {
}
$data->active_token = $user->active_token;
if (isset($data->password)) {
$data->password_hash =
password_hash($data->password, PASSWORD_BCRYPT);
unset($data->password);
}
$update->loadFromJson(json_encode($data));
if ($user->id !== $update->id) {
@ -164,7 +165,7 @@ class Users extends BaseController {
$this->apiJson->setSuccess();
$this->apiJson->addAlert('success',
'User ' . $update->username . ' updated.');
$this->apiJson->addData(json_encode($update));
$this->apiJson->addData(json_encode($this->cleanUser($update)));
return $this->jsonResponse($response);
}
@ -210,6 +211,7 @@ class Users extends BaseController {
$this->apiJson->setSuccess();
$this->apiJson->addAlert('success', 'User options updated.');
$this->apiJson->addData(json_encode($update));
$this->apiJson->addData(json_encode($this->cleanUser($user)));
return $this->jsonResponse($response);
}
@ -243,10 +245,31 @@ class Users extends BaseController {
$this->apiJson->setSuccess();
$this->apiJson->addAlert('success',
'User ' . $before->username . ' removed.');
$this->apiJson->addData($this->getAllUsersCleaned($request));
return $this->jsonResponse($response);
}
private function getAllUsersCleaned($request) {
$userBeans = R::findAll('user');
$userIds = $this->getUserIdsByBoardAccess(Auth::GetUserId($request));
$actor = new User($this->container, Auth::GetUserId($request));
$isAdmin = ($actor->security_level->getValue() === SecurityLevel::Admin);
$data = [];
foreach($userBeans as $bean) {
$user = new User($this->container);
$user->loadFromBean($bean);
if (in_array($user->id, $userIds) || $isAdmin) {
$data[] = $this->cleanUser($user);
}
}
return $data;
}
private function getUserIdsByBoardAccess($userId) {
$userIds = [];

10
src/api/models/User.php
View File

@ -43,6 +43,16 @@ class User extends BaseModel {
return $retVal;
}
public function delete() {
$userOpts = new UserOptions($this->container, $this->user_option_id);
if ($userOpts->id === $this->user_option_id) {
$userOpts->delete();
}
parent::delete();
}
public function updateBean() {
$bean = $this->bean;

45
test/api/controllers/UsersTest.php
View File

@ -1,6 +1,9 @@
<?php
require_once __DIR__ . '/../Mocks.php';
/**
* @group single
*/
class UsersTest extends PHPUnit_Framework_TestCase {
private $users;
@ -118,6 +121,24 @@ class UsersTest extends PHPUnit_Framework_TestCase {
$actual->alerts[0]['text']);
}
public function testAddUserFrontend() {
$user = DataMock::getUser();
$user->id = 0;
$user->user_option_id = 0;
$user->default_board_id = 0;
$user->password = 'test';
$user->password_verify = 'test';
$request = new RequestMock();
$request->header = [DataMock::getJwt()];
$request->payload = $user;
$actual = $this->users->addUser($request,
new ResponseMock(), null);
$this->assertEquals('success', $actual->status);
}
public function testAddRemoveUser() {
$expected = new ApiJson();
@ -310,6 +331,30 @@ class UsersTest extends PHPUnit_Framework_TestCase {
$this->assertEquals('failure', $response->status);
}
public function testChangePasswordOverride() {
$this->createUser();
$tmp = RedBeanPHP\R::load('user', 2);
$this->assertEquals(2, $tmp->id);
$tmp->password_hash = password_hash('testpass', PASSWORD_BCRYPT);
RedBeanPHP\R::store($tmp);
$user = DataMock::getUser();
$user->password = 'newpassword';
$args = [];
$args['id'] = $user->id;
$request = new RequestMock();
$request->payload = $user;
$request->header = [DataMock::getJwt()];
$response = $this->users->updateUser($request,
new ResponseMock(), $args);
$this->assertEquals('success', $response->status);
}
public function testChangePassword() {
$this->createUser();