3
* Gallery - a web based photo album viewer and editor
4
* Copyright (C) 2000-2007 Bharat Mediratta
6
* This program is free software; you can redistribute it and/or modify
7
* it under the terms of the GNU General Public License as published by
8
* the Free Software Foundation; either version 2 of the License, or (at
9
* your option) any later version.
11
* This program is distributed in the hope that it will be useful, but
12
* WITHOUT ANY WARRANTY; without even the implied warranty of
13
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14
* General Public License for more details.
16
* You should have received a copy of the GNU General Public License
17
* along with this program; if not, write to the Free Software
18
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
21
GalleryCoreApi::requireOnce('modules/core/classes/helpers/GalleryUserHelper_medium.class');
26
* @package GalleryCore
28
* @author Bharat Mediratta <bharat@menalto.com>
29
* @version $Revision: 15759 $
31
class UserHelperTest extends GalleryTestCase {
37
$this->_phpVm = new UserHelperTestPhpVm();
38
$this->_storage = new UserHelperTestMockStorage();
39
$gallery->_storage =& $this->_storage;
40
$gallery->_phpVm =& $this->_phpVm;
41
$this->_saveSession = $gallery->_session;
46
$gallery->_session = $this->_saveSession;
51
function testGalleryLoginEvent() {
54
$gallery->_session = new UserHelperTestSession();
56
$event = GalleryCoreApi::newEvent('Gallery::Login');
57
$event->setEntity(new UserHelperTestMockUser());
58
list ($ret, $ignored) = GalleryUserHelper_medium::handleEvent($event);
60
return $this->failWithStatus($ret);
64
array(array('remove', 'FailedLoginsMap', array('userName' => 'MockUser'))),
65
$this->_storage->_operations);
67
$this->assert($gallery->_session->regenerateWasCalled(),
68
'Regenerate session was not called!');
71
function testGalleryFailedLoginEventFirstFailure() {
72
$event = GalleryCoreApi::newEvent('Gallery::FailedLogin');
73
$event->setData(array('userName' => 'MockUser'));
74
$this->_phpVm->_time = 'NOW';
75
list ($ret, $ignored) = GalleryUserHelper_medium::handleEvent($event);
77
return $this->failWithStatus($ret);
82
array('get', 'FailedLoginsMap', array('count', 'lastAttempt'),
83
array('userName' => 'MockUser')),
84
array('add', 'FailedLoginsMap',
85
array('userName' => 'MockUser', 'count' => 1, 'lastAttempt' => 'NOW'))),
86
$this->_storage->_operations);
89
function testGalleryFailedLoginEventMissingUsername() {
90
$event = GalleryCoreApi::newEvent('Gallery::FailedLogin');
91
list ($ret, $ignored) = GalleryUserHelper_medium::handleEvent($event);
93
return $this->failWithStatus($ret);
96
$this->assertEquals(array(), $this->_storage->_operations);
99
function testGalleryFailedLoginEventSecondFailure() {
101
$event = GalleryCoreApi::newEvent('Gallery::FailedLogin');
102
$event->setData(array('userName' => 'MockUser'));
103
$this->_storage->_count = 1;
104
$this->_storage->_lastAttempt = 1; /* way in the past */
105
$this->_phpVm->_time = 'NOW';
106
list ($ret, $ignored) = GalleryUserHelper_medium::handleEvent($event);
108
return $this->failWithStatus($ret);
113
array('get', 'FailedLoginsMap',
114
array('count', 'lastAttempt'), array('userName' => 'MockUser')),
115
array('remove', 'FailedLoginsMap', array('userName' => 'MockUser')),
116
array('add', 'FailedLoginsMap',
117
array('userName' => 'MockUser', 'count' => 2, 'lastAttempt' => 'NOW'))),
118
$this->_storage->_operations);
121
function testGalleryFailedLoginEventFailuresWhenDisabledAreIgnored() {
123
$event = GalleryCoreApi::newEvent('Gallery::FailedLogin');
124
$event->setData(array('userName' => 'MockUser'));
125
$this->_storage->_count = 100;
126
$this->_storage->_lastAttempt = time();
127
$this->_phpVm->_time = time();
128
list ($ret, $ignored) = GalleryUserHelper_medium::handleEvent($event);
130
return $this->failWithStatus($ret);
134
array(array('get', 'FailedLoginsMap',
135
array('count', 'lastAttempt'), array('userName' => 'MockUser'))),
136
$this->_storage->_operations);
139
function testIsDisabledUsernameNoRows() {
140
list ($ret, $disabled) = GalleryUserHelper_medium::isDisabledUsername('SomeBogusUser');
142
return $this->failWithStatus($ret);
146
array(array('get', 'FailedLoginsMap',
147
array('count', 'lastAttempt'), array('userName' => 'SomeBogusUser'))),
148
$this->_storage->_operations);
150
$this->assertEquals(false, $disabled);
153
function testIsDisabledUsernameBelowCutoff() {
154
$this->_storage->_count = 9;
155
$this->_storage->_lastAttempt = 10000;
156
list ($ret, $disabled) = GalleryUserHelper_medium::isDisabledUsername('MockUser');
158
return $this->failWithStatus($ret);
162
array(array('get', 'FailedLoginsMap',
163
array('count', 'lastAttempt'), array('userName' => 'MockUser'))),
164
$this->_storage->_operations);
165
$this->assertEquals(false, $disabled, 'should not be disabled');
168
function testIsDisabledUsernameAboveCutoffAndRecent() {
169
$this->_storage->_count = 10; /* disabled for an hour */
170
$this->_storage->_lastAttempt = 10000;
171
$this->_phpVm->_time = 10001;
172
list ($ret, $disabled) = GalleryUserHelper_medium::isDisabledUsername('MockUser');
174
return $this->failWithStatus($ret);
178
array(array('get', 'FailedLoginsMap',
179
array('count', 'lastAttempt'), array('userName' => 'MockUser'))),
180
$this->_storage->_operations);
181
$this->assertEquals(true, $disabled, 'should be disabled');
184
function testIsDisabledUsernameWayAboveCutoffAndTooRecent() {
185
$this->_storage->_count = 100; /* disabled for 10 hours */
186
$this->_storage->_lastAttempt = 10000;
187
$this->_phpVm->_time = 10000 + 9 * 3600; /* 9 hours since last attempt */
188
list ($ret, $disabled) = GalleryUserHelper_medium::isDisabledUsername('MockUser');
190
return $this->failWithStatus($ret);
194
array(array('get', 'FailedLoginsMap',
195
array('count', 'lastAttempt'), array('userName' => 'MockUser'))),
196
$this->_storage->_operations);
197
$this->assertEquals(true, $disabled, 'should be disabled');
200
function testIsDisabledUsernameAboveCutoffButNotRecent() {
201
$this->_storage->_count = 100; /* disabled for 10 hours */
202
$this->_storage->_lastAttempt = 10000;
203
$this->_phpVm->_time = 1000000; /* last attempt is in the distant past */
204
list ($ret, $disabled) = GalleryUserHelper_medium::isDisabledUsername('MockUser');
206
return $this->failWithStatus($ret);
210
array(array('get', 'FailedLoginsMap',
211
array('count', 'lastAttempt'), array('userName' => 'MockUser'))),
212
$this->_storage->_operations);
213
$this->assertEquals(false, $disabled, 'should not be disabled');
218
* Fake storage class, pretends to extend GalleryStorage
220
class UserHelperTestMockStorage {
225
function UserHelperTestMockStorage() {
226
$this->_operations = array();
227
$this->_count = null;
228
$this->_lastAttempt = null;
231
function addMapEntry($mapName, $params) {
232
$this->_operations[] = array('add', $mapName, $params);
236
function getMapEntry($mapName, $members, $match) {
237
$this->_operations[] = array('get', $mapName, $members, $match);
239
if (count($members) == 1) {
240
$results = new UserHelperTestMockStorageFakeResults($this->_count);
242
$results = new UserHelperTestMockStorageFakeResults($this->_count, $this->_lastAttempt);
244
return array(null, $results);
247
function removeMapEntry($mapName, $data) {
248
$this->_operations[] = array('remove', $mapName, $data);
253
* Fake search results class, pretends to extend GallerySearchResults
255
class UserHelperTestMockStorageFakeResults {
256
function UserHelperTestMockStorageFakeResults($count, $lastAttempt=null) {
257
$this->_count = $count;
258
$this->_lastAttempt = $lastAttempt;
261
function resultCount() {
262
if (isset($this->_count)) {
268
function nextResult() {
269
if ($this->_lastAttempt) {
270
$results = array($this->_count, $this->_lastAttempt);
272
$results = array($this->_count);
279
* Mock user, pretends to extend GalleryUser
281
class UserHelperTestMockUser {
282
function getUserName() {
288
* Fake PHP vm, pretends to extend GalleryPhpVm
290
class UserHelperTestPhpVm {
301
class UserHelperTestSession {
302
function UserHelperTestSession() {
303
$this->_regenerateWasCalled = false;
306
function regenerate() {
307
$this->_regenerateWasCalled = true;
310
function regenerateWasCalled() {
311
return $this->_regenerateWasCalled;