coregrade/CoreGradeLearning
1
0
Fork 0
Code Issues Pull Requests Releases Activity

first commit

Browse Source
This commit is contained in:
CHIEFSOFT\ameye
2024-09-30 18:11:26 -04:00
commit e592ca6823
27270 changed files with 5002257 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
auth/tests/behat/behat_auth.php
+76
View File
@@ -0,0 +1,76 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Basic authentication steps definitions.
*
* @package core_auth
* @category test
* @copyright 2012 David Monllaó
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
// NOTE: no MOODLE_INTERNAL test here, this file may be required by behat before including /config.php.
require_once(__DIR__ . '/../../../lib/behat/behat_base.php');
/**
* Log in log out steps definitions.
*
* @package core_auth
* @category test
* @copyright 2012 David Monllaó
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class behat_auth extends behat_base {
/**
* Logs in the user. There should exist a user with the same value as username and password.
*
* @Given /^I log in as "(?P<username_string>(?:[^"]|\\")*)"$/
* @Given I am logged in as :username
* @param string $username the user to log in as.
* @param moodle_url|null $wantsurl optional, URL to go to after logging in.
*/
public function i_log_in_as(string $username, moodle_url $wantsurl = null) {
// In the mobile app the required tasks are different (does not support $wantsurl).
if ($this->is_in_app()) {
$this->execute('behat_app::login', [$username]);
return;
}
$loginurl = new moodle_url('/auth/tests/behat/login.php', [
'username' => $username,
]);
if ($wantsurl !== null) {
$loginurl->param('wantsurl', $wantsurl->out_as_local_url());
}
// Visit login page.
$this->execute('behat_general::i_visit', [$loginurl]);
}
/**
* Logs out of the system.
*
* @Given /^I log out$/
* @Given I am not logged in
*/
public function i_log_out() {
$this->execute('behat_general::i_visit', [new moodle_url('/auth/tests/behat/logout.php')]);
}
}
auth/tests/behat/displayloginfailures.feature
+55
View File
@@ -0,0 +1,55 @@
@core @core_auth
Feature: Test the 'showlogfailures' feature works.
In order to see my recent login failures when logging in
As a user
I need to have at least one failed login attempt and then log in
Background:
Given the following "users" exist:
| username |
| teacher1 |
And the following config values are set as admin:
| displayloginfailures | 1 |
# Given the user has at least one failed login attempt, when they login, then they should see both header and footer notices.
Scenario: Check that 'displayloginfailures' works without javascript for teachers.
# Simulate a log in failure for the teacher.
Given I am on homepage
And I click on "Log in" "link" in the ".logininfo" "css_element"
And I set the field "Username" to "teacher1"
And I set the field "Password" to "wrongpass"
And I press "Log in"
And I should see "Invalid login, please try again"
# Now, log in with the correct credentials.
When I set the field "Username" to "teacher1"
And I set the field "Password" to "teacher1"
And I press "Log in"
# Confirm the notices are displayed.
Then I should see "1 failed logins since your last login" in the ".navbar" "css_element"
And I should see "1 failed logins since your last login" in the "page-footer" "region"
# Confirm the notices disappear when navigating to another page.
And I am on homepage
And I should not see "1 failed logins since your last login" in the ".navbar" "css_element"
And I should not see "1 failed logins since your last login" in the "page-footer" "region"
# Given the user has at least one failed login attempt, when they login, then they should see both header and footer notices.
Scenario: Check that 'displayloginfailures' works without javascript for admins.
# Simulate a log in failure for the teacher.
Given I am on homepage
And I click on "Log in" "link" in the ".logininfo" "css_element"
And I set the field "Username" to "admin"
And I set the field "Password" to "wrongpass"
And I press "Log in"
And I should see "Invalid login, please try again"
# Now, log in with the correct credentials.
When I set the field "Username" to "admin"
And I set the field "Password" to "admin"
And I press "Log in"
# Confirm the notices are displayed.
Then I should see "1 failed logins since your last login" in the ".navbar" "css_element"
And I should see "1 failed logins since your last login (Logs)" in the "page-footer" "region"
# Confirm that the link works and that the notices disappear when navigating to another page.
And I click on "Logs" "link" in the "page-footer" "region"
And I should see "User login failed" in the "table.reportlog" "css_element"
And I should not see "1 failed logins since your last login" in the ".navbar" "css_element"
And I should not see "1 failed logins since your last login (Logs)" in the "page-footer" "region"
auth/tests/behat/login.feature
+70
View File
@@ -0,0 +1,70 @@
@core @core_auth
Feature: Authentication
In order to validate my credentials in the system
As a user
I need to log into the system
Scenario: Log in with the predefined admin user with Javascript disabled
Given I log in as "admin"
Then I should see "You are logged in as Admin User" in the "page-footer" "region"
@javascript
Scenario: Log in with the predefined admin user with Javascript enabled
Given I log in as "admin"
Then I should see "You are logged in as Admin User" in the "page-footer" "region"
Scenario: Log in as an existing admin user filling the form
Given the following "users" exist:
| username | password | firstname | lastname | email |
| testuser | testuser | Test | User | moodle@example.com |
And I am on site homepage
When I follow "Log in"
And I set the field "Username" to "testuser"
And I set the field "Password" to "testuser"
And I press "Log in"
Then I should see "You are logged in as" in the "page-footer" "region"
Scenario: Log in as an unexisting user filling the form
Given the following "users" exist:
| username | password | firstname | lastname | email |
| testuser | testuser | Test | User | moodle@example.com |
And I am on site homepage
When I follow "Log in"
And I set the field "Username" to "testuser"
And I set the field "Password" to "unexisting"
And I press "Log in"
Then I should see "Invalid login, please try again"
Scenario: Log out using the Log out link
Given I log in as "admin"
When I click on "Log out" "link" in the "#page-footer" "css_element"
Then I should see "You are not logged in" in the "page-footer" "region"
@javascript @accessibility
Scenario: Login page must be accessible
When I am on site homepage
# The following tests are all provided to ensure that the accessibility tests themselves are tested.
# In normal tests only one of the following is required.
Then the page should meet accessibility standards
And the page should meet "wcag131, wcag141, wcag412" accessibility standards
And the page should meet accessibility standards with "wcag131, wcag141, wcag412" extra tests
And I follow "Log in"
And the page should meet accessibility standards
And the page should meet "wcag131, wcag141, wcag412" accessibility standards
And the page should meet accessibility standards with "wcag131, wcag141, wcag412" extra tests
@javascript @accessibility
Scenario: The login page must have sufficient colour contrast
Given the following config values are set as admin:
| custommenuitems | -This is a custom item\|/customurl/ |
When I am on site homepage
Then the page should meet "wcag143" accessibility standards
And the page should meet accessibility standards with "wcag143" extra tests
Scenario: Alternate login URL can be bypassed
Given the following config values are set as admin:
| alternateloginurl | https://www.google.com/ |
And I am on site homepage
When I visit "/login/index.php?loginredirect=0"
Then I should see "Log in to Acceptance test site"
auth/tests/behat/login.php
+89
View File
@@ -0,0 +1,89 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
// phpcs:disable moodle.Files.RequireLogin.Missing
// phpcs:disable moodle.PHP.ForbiddenFunctions.Found
/**
* Login end point for Behat tests only.
*
* @package core_auth
* @category test
* @author Guy Thomas
* @copyright 2021 Class Technologies Inc. {@link https://www.class.com/}
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
require(__DIR__.'/../../../config.php');
require_once("{$CFG->dirroot}/login/lib.php");
$behatrunning = defined('BEHAT_SITE_RUNNING') && BEHAT_SITE_RUNNING;
if (!$behatrunning) {
redirect(new moodle_url('/'));
}
$username = required_param('username', PARAM_ALPHANUMEXT);
$wantsurl = optional_param('wantsurl', null, PARAM_URL);
if (isloggedin()) {
// If the user is already logged in, log them out and redirect them back to login again.
require_logout();
redirect(new moodle_url('/auth/tests/behat/login.php', [
'username' => $username,
'wantsurl' => (new moodle_url($wantsurl))->out(false),
]));
}
// Note - with behat, the password is always the same as the username.
$password = $username;
$failurereason = null;
$user = authenticate_user_login($username, $password, true, $failurereason, false);
if ($failurereason) {
switch($failurereason) {
case AUTH_LOGIN_NOUSER:
$reason = get_string('invalidlogin');
break;
case AUTH_LOGIN_SUSPENDED:
$reason = 'User suspended';
break;
case AUTH_LOGIN_FAILED:
$reason = 'Login failed';
break;
case AUTH_LOGIN_LOCKOUT:
$reason = 'Account locked';
break;
case AUTH_LOGIN_UNAUTHORISED:
$reason = get_string('unauthorisedlogin', 'core', $username);
break;
default:
$reason = "Unknown login failure: '{$failurereason}'";
break;
}
// Note: Do not throw an exception here as we sometimes test that login does not work.
// Exceptions are automatic failures in Behat.
\core\notification::add($reason, \core\notification::ERROR);
redirect(new moodle_url('/'));
}
if (!complete_user_login($user)) {
throw new Exception("Failed to login as behat step for $username");
}
if (empty($wantsurl)) {
$wantsurl = core_login_get_return_url();
}
redirect(new moodle_url($wantsurl));
auth/tests/behat/loginform.feature
+121
View File
@@ -0,0 +1,121 @@
@auth @core_auth @javascript
Feature: Test if the login form provides the correct feedback
In order to check if the login form provides correct feedback
As a user
I need to go on login page and see feedback on incorrect username or password.
Background:
Given the following "users" exist:
| username |
| teacher1 |
Scenario: Check invalid login message
Given I follow "Log in"
And I set the field "Username" to "teacher1"
And I set the field "Password" to "incorrect"
When I press "Log in"
Then I should see "Invalid login, please try again"
Scenario: Test login language selector
Given remote langimport tests are enabled
And the following "language packs" exist:
| language |
| nl |
| es |
And the following config values are set as admin:
| langmenu | 1 |
And I follow "Log in"
And I open the action menu in "region-main" "region"
# The line below contains the unicode character U+200E before and after the brackets, please be very careful editing this line.
When I choose "Nederlands (nl)" in the open action menu
Then I should see "Gebruikersnaam"
@_file_upload
Scenario: Set logo for loginpage
Given I log in as "admin"
And I navigate to "Appearance > Logos" in site administration
And I upload "course/tests/fixtures/image.jpg" file to "Logo" filemanager
And I press "Save changes"
And I log out
And I follow "Log in"
Then "//img[@id='logoimage']" "xpath_element" should exist
Scenario: Add a custom welcome message
Given the following config values are set as admin:
| auth_instructions | Lorem ipsum dolor sit amet |
And I follow "Log in"
Then I should see "Lorem ipsum dolor sit amet"
Scenario: Show the maintenance mode message
Given the following config values are set as admin:
| maintenance_enabled | Disabled |
| maintenance_message | Back online tomorrow |
And I follow "Log in"
Then I should see "Back online tomorrow"
Scenario: User self registration
Given the following config values are set as admin:
| registerauth | Email-based self-registration |
And I follow "Log in"
Then I should see "Create new account"
Scenario: Set OAuth providers
Given I log in as "admin"
And I navigate to "Plugins > Authentication > Manage authentication" in site administration
And I click on "Enable" "link" in the "OAuth 2" "table_row"
And I navigate to "Server > OAuth 2 services" in site administration
And I press "Google"
And I set the field "Client ID" to "1234"
And I set the field "Client secret" to "1234"
And I press "Save changes"
And I press "Facebook"
And I set the field "Client ID" to "1234"
And I set the field "Client secret" to "1234"
And I press "Save changes"
And I press "Microsoft"
And I set the field "Client ID" to "1234"
And I set the field "Client secret" to "1234"
And I press "Save changes"
And I log out
And I follow "Log in"
Then I should see "Google"
And I should see "Facebook"
And I should see "Microsoft"
Scenario: Test the login page auto focus feature
Given the following config values are set as admin:
| loginpageautofocus | Enabled |
And I follow "Log in"
Then the focused element is "Username" "field"
And I set the field "Username" to "admin"
And I set the field "Password" to "admin"
And I press "Log in"
And I log out
And I follow "Log in"
Then the focused element is "Password" "field"
Scenario: Test the login page focus after error feature
Given I follow "Log in"
And I set the field "Username" to "admin"
And I set the field "Password" to "wrongpassword"
And I press "Log in"
And I press the tab key
Then the focused element is "Username" "field"
Scenario: Display the password visibility toggle icon
Given the following config values are set as admin:
| loginpasswordtoggle | 1 |
When I follow "Log in"
Then "Toggle sensitive" "button" should be visible
And the following config values are set as admin:
| loginpasswordtoggle | 0 |
And I reload the page
And "Toggle sensitive" "button" should not be visible
Scenario: Display the password visibility toggle icon for small screens only
Given the following config values are set as admin:
| loginpasswordtoggle | 2 |
When I follow "Log in"
Then "Toggle sensitive" "button" should not be visible
And I change the viewport size to "mobile"
And "Toggle sensitive" "button" should be visible
auth/tests/behat/logout.php
+41
View File
@@ -0,0 +1,41 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
// phpcs:disable moodle.Files.RequireLogin.Missing
// phpcs:disable moodle.PHP.ForbiddenFunctions.Found
/**
* Login end point for Behat tests only.
*
* @package core_auth
* @category test
* @copyright Andrew Lyons <andrew@nicols.co.uk>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
require(__DIR__.'/../../../config.php');
$behatrunning = defined('BEHAT_SITE_RUNNING') && BEHAT_SITE_RUNNING;
if (!$behatrunning) {
redirect(new moodle_url('/login/logout.php'));
}
require_logout();
$login = optional_param('loginpage', 0, PARAM_BOOL);
if ($login) {
redirect(get_login_url());
} else {
redirect(new moodle_url('/'));
}
auth/tests/behat/rememberusername.feature
+52
View File
@@ -0,0 +1,52 @@
@core @core_auth
Feature: Test the 'remember username' feature works.
In order for users to easily log in to the site
As a user
I need the site to remember my username when the feature is enabled
Background:
Given the following "users" exist:
| username |
| teacher1 |
# Given the user has logged in and selected 'Remember username', when they log in again, then their username should be remembered.
Scenario: Check that 'remember username' works without javascript for teachers.
# Log in the first time with $CFG->rememberusername set to Yes.
Given the following config values are set as admin:
| rememberusername | 1 |
And I am on homepage
And I click on "Log in" "link" in the ".logininfo" "css_element"
And I set the field "Username" to "teacher1"
And I set the field "Password" to "teacher1"
And I press "Log in"
And I log out
# Log out and check that the username was remembered.
When I am on homepage
And I click on "Log in" "link" in the ".logininfo" "css_element"
Then the field "username" matches value "teacher1"
# Given the user has logged in before and selected 'Remember username', when they log in again and unset 'Remember username', then
# their username should be forgotten for future log in attempts.
Scenario: Check that 'remember username' unsetting works without javascript for teachers.
# Log in the first time with $CFG->rememberusername set to Optional.
Given the following config values are set as admin:
| rememberusername | 2 |
And I am on homepage
And I click on "Log in" "link" in the ".logininfo" "css_element"
And I set the field "Username" to "teacher1"
And I set the field "Password" to "teacher1"
And I press "Log in"
And I log out
# Log in again, the username should have been remembered.
When I am on homepage
And I click on "Log in" "link" in the ".logininfo" "css_element"
Then the field "username" matches value "teacher1"
And I set the field "Password" to "teacher1"
And I press "Log in"
And I log out
And the following config values are set as admin:
| rememberusername | 0 |
# Check username has been forgotten.
And I am on homepage
And I click on "Log in" "link" in the ".logininfo" "css_element"
Then the field "username" matches value ""
auth/tests/behat/validateagedigitalconsentmap.feature
+68
View File
@@ -0,0 +1,68 @@
@core @verify_age_location
Feature: Test validation of 'Age of digital consent' setting.
In order to set the 'Age of digital consent' setting
As an admin
I need to provide valid data and valid format
Background:
Given I log in as "admin"
And I navigate to "Users > Privacy and policies > Privacy settings" in site administration
Scenario: Admin provides valid value for 'Age of digital consent'.
Given I set the field "s__agedigitalconsentmap" to multiline:
"""
*, 16
AT, 14
BE, 14
"""
When I press "Save changes"
Then I should see "Changes saved"
And I should not see "Some settings were not changed due to an error."
And I should not see "The digital age of consent is not valid:"
Scenario: Admin provides invalid format for 'Age of digital consent'.
# Try to set a value with missing space separator
Given I set the field "s__agedigitalconsentmap" to multiline:
"""
*16
AT, 14
BE, 14
"""
When I press "Save changes"
Then I should not see "Changes saved"
And I should see "Some settings were not changed due to an error."
And I should see "The digital age of consent is not valid: \"*16\" has more or less than one comma separator."
# Try to set a value with missing default age of consent
When I set the field "s__agedigitalconsentmap" to multiline:
"""
AT, 14
BE, 14
"""
And I press "Save changes"
Then I should not see "Changes saved"
And I should see "Some settings were not changed due to an error."
And I should see "The digital age of consent is not valid: Default (*) value is missing."
Scenario: Admin provides invalid age of consent or country for 'Age of digital consent'.
# Try to set a value containing invalid age of consent
Given I set the field "s__agedigitalconsentmap" to multiline:
"""
*, 16
AT, age
BE, 14
"""
When I press "Save changes"
Then I should not see "Changes saved"
And I should see "Some settings were not changed due to an error."
And I should see "The digital age of consent is not valid: \"age\" is not a valid value for age."
# Try to set a value containing invalid country
When I set the field "s__agedigitalconsentmap" to multiline:
"""
*, 16
COUNTRY, 14
BE, 14
"""
And I press "Save changes"
Then I should not see "Changes saved"
And I should see "Some settings were not changed due to an error."
And I should see "The digital age of consent is not valid: \"COUNTRY\" is not a valid value for country."
auth/tests/behat/verifyageofconsent.feature
+45
View File
@@ -0,0 +1,45 @@
@core @verify_age_location
Feature: Test the 'Digital age of consent verification' feature works.
In order to self-register on the site
As an user
I need be to be over the age of digital consent
Background:
Given the following config values are set as admin:
| registerauth | email |
| agedigitalconsentverification | 1 |
Scenario: User that is not considered a digital minor attempts to self-register on the site.
# Try to access the sign up page.
Given I am on homepage
When I click on "Log in" "link" in the ".logininfo" "css_element"
And I click on "Create new account" "link"
Then I should see "Age and location verification"
When I set the field "What is your age?" to "16"
And I set the field "In which country do you live?" to "DZ"
And I press "Proceed"
Then I should see "New account"
And I should see "Username"
# Try to access the sign up page again.
When I press "Cancel"
And I click on "Create new account" "link"
Then I should see "New account"
And I should see "Username"
Scenario: User that is considered a digital minor attempts to self-register on the site.
# Try to access the sign up page.
Given I am on homepage
When I click on "Log in" "link" in the ".logininfo" "css_element"
And I click on "Create new account" "link"
Then I should see "Age and location verification"
When I set the field "What is your age?" to "12"
And I set the field "In which country do you live?" to "AT"
And I press "Proceed"
Then I should see "You are too young to create an account on this site."
And I should see "Please ask your parent/guardian to contact:"
# Try to access the sign up page again.
When I click on "Back to the site home" "link"
And I click on "Log in" "link" in the ".logininfo" "css_element"
And I click on "Create new account" "link"
Then I should see "You are too young to create an account on this site."
And I should see "Please ask your parent/guardian to contact:"
auth/tests/digital_consent_test.php
+174
View File
@@ -0,0 +1,174 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace core_auth;
/**
* Digital consent helper testcase.
*
* @package core_auth
* @copyright 2018 Mihail Geshoski
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class digital_consent_test extends \advanced_testcase {
public function test_is_age_digital_consent_verification_enabled(): void {
global $CFG;
$this->resetAfterTest();
// Age of digital consent verification is enabled.
$CFG->agedigitalconsentverification = 0;
$isenabled = \core_auth\digital_consent::is_age_digital_consent_verification_enabled();
$this->assertFalse($isenabled);
}
public function test_is_minor(): void {
global $CFG;
$this->resetAfterTest();
$agedigitalconsentmap = implode(PHP_EOL, [
'*, 16',
'AT, 14',
'CZ, 13',
'DE, 14',
'DK, 13',
]);
$CFG->agedigitalconsentmap = $agedigitalconsentmap;
$usercountry1 = 'DK';
$usercountry2 = 'AU';
$userage1 = 12;
$userage2 = 14;
$userage3 = 16;
// Test country exists in agedigitalconsentmap and user age is below the particular digital minor age.
$isminor = \core_auth\digital_consent::is_minor($userage1, $usercountry1);
$this->assertTrue($isminor);
// Test country exists in agedigitalconsentmap and user age is above the particular digital minor age.
$isminor = \core_auth\digital_consent::is_minor($userage2, $usercountry1);
$this->assertFalse($isminor);
// Test country does not exists in agedigitalconsentmap and user age is below the particular digital minor age.
$isminor = \core_auth\digital_consent::is_minor($userage2, $usercountry2);
$this->assertTrue($isminor);
// Test country does not exists in agedigitalconsentmap and user age is above the particular digital minor age.
$isminor = \core_auth\digital_consent::is_minor($userage3, $usercountry2);
$this->assertFalse($isminor);
}
public function test_parse_age_digital_consent_map_valid_format(): void {
// Value of agedigitalconsentmap has a valid format.
$agedigitalconsentmap = implode(PHP_EOL, [
'*, 16',
'AT, 14',
'BE, 13'
]);
$ageconsentmapparsed = \core_auth\digital_consent::parse_age_digital_consent_map($agedigitalconsentmap);
$this->assertEquals([
'*' => 16,
'AT' => 14,
'BE' => 13
], $ageconsentmapparsed
);
}
public function test_parse_age_digital_consent_map_invalid_format_missing_spaces(): void {
// Value of agedigitalconsentmap has an invalid format (missing space separator between values).
$agedigitalconsentmap = implode(PHP_EOL, [
'*, 16',
'AT14',
]);
$this->expectException('moodle_exception');
$this->expectExceptionMessage(get_string('agedigitalconsentmapinvalidcomma', 'error', 'AT14'));
\core_auth\digital_consent::parse_age_digital_consent_map($agedigitalconsentmap);
}
public function test_parse_age_digital_consent_map_invalid_format_missing_default_value(): void {
// Value of agedigitalconsentmap has an invalid format (missing default value).
$agedigitalconsentmap = implode(PHP_EOL, [
'BE, 16',
'AT, 14'
]);
$this->expectException('moodle_exception');
$this->expectExceptionMessage(get_string('agedigitalconsentmapinvaliddefault', 'error'));
\core_auth\digital_consent::parse_age_digital_consent_map($agedigitalconsentmap);
}
public function test_parse_age_digital_consent_map_invalid_format_invalid_country(): void {
// Value of agedigitalconsentmap has an invalid format (invalid value for country).
$agedigitalconsentmap = implode(PHP_EOL, [
'*, 16',
'TEST, 14'
]);
$this->expectException('moodle_exception');
$this->expectExceptionMessage(get_string('agedigitalconsentmapinvalidcountry', 'error', 'TEST'));
\core_auth\digital_consent::parse_age_digital_consent_map($agedigitalconsentmap);
}
public function test_parse_age_digital_consent_map_invalid_format_invalid_age_string(): void {
// Value of agedigitalconsentmap has an invalid format (string value for age).
$agedigitalconsentmap = implode(PHP_EOL, [
'*, 16',
'AT, ten'
]);
$this->expectException('moodle_exception');
$this->expectExceptionMessage(get_string('agedigitalconsentmapinvalidage', 'error', 'ten'));
\core_auth\digital_consent::parse_age_digital_consent_map($agedigitalconsentmap);
}
public function test_parse_age_digital_consent_map_invalid_format_missing_age(): void {
// Value of agedigitalconsentmap has an invalid format (missing value for age).
$agedigitalconsentmap = implode(PHP_EOL, [
'*, 16',
'AT, '
]);
$this->expectException('moodle_exception');
$this->expectExceptionMessage(get_string('agedigitalconsentmapinvalidage', 'error', ''));
\core_auth\digital_consent::parse_age_digital_consent_map($agedigitalconsentmap);
}
public function test_parse_age_digital_consent_map_invalid_format_missing_country(): void {
// Value of agedigitalconsentmap has an invalid format (missing value for country).
$agedigitalconsentmap = implode(PHP_EOL, [
'*, 16',
', 12'
]);
$this->expectException('moodle_exception');
$this->expectExceptionMessage(get_string('agedigitalconsentmapinvalidcountry', 'error', ''));
\core_auth\digital_consent::parse_age_digital_consent_map($agedigitalconsentmap);
}
}
auth/tests/external/external_test.php
Vendored
+241
View File
@@ -0,0 +1,241 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Auth external functions tests.
*
* @package core_auth
* @category external
* @copyright 2016 Juan Leyva
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @since Moodle 3.2
*/
namespace core_auth\external;
use auth_email_external;
use core_auth_external;
use core_external\external_api;
use externallib_advanced_testcase;
defined('MOODLE_INTERNAL') || die();
global $CFG;
require_once($CFG->dirroot . '/webservice/tests/helpers.php');
/**
* External auth API tests.
*
* @package core_auth
* @copyright 2016 Juan Leyva
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @since Moodle 3.2
*/
class external_test extends externallib_advanced_testcase {
/** @var string Original error log */
protected $oldlog;
/**
* Set up for every test
*/
public function setUp(): void {
global $CFG;
$this->resetAfterTest(true);
$CFG->registerauth = 'email';
// Discard error logs.
$this->oldlog = ini_get('error_log');
ini_set('error_log', "$CFG->dataroot/testlog.log");
}
/**
* Tear down to restore old logging..
*/
protected function tearDown(): void {
ini_set('error_log', $this->oldlog);
parent::tearDown();
}
/**
* Test confirm_user
*/
public function test_confirm_user(): void {
global $DB;
$username = 'pepe';
$password = 'abcdefAª.ªª!!3';
$firstname = 'Pepe';
$lastname = 'Pérez';
$email = 'myemail@no.zbc';
// Create new user.
$result = auth_email_external::signup_user($username, $password, $firstname, $lastname, $email);
$result = external_api::clean_returnvalue(auth_email_external::signup_user_returns(), $result);
$this->assertTrue($result['success']);
$this->assertEmpty($result['warnings']);
$secret = $DB->get_field('user', 'secret', array('username' => $username));
// Confirm the user.
$result = core_auth_external::confirm_user($username, $secret);
$result = external_api::clean_returnvalue(core_auth_external::confirm_user_returns(), $result);
$this->assertTrue($result['success']);
$this->assertEmpty($result['warnings']);
$confirmed = $DB->get_field('user', 'confirmed', array('username' => $username));
$this->assertEquals(1, $confirmed);
// Try to confirm the user again.
$result = core_auth_external::confirm_user($username, $secret);
$result = external_api::clean_returnvalue(core_auth_external::confirm_user_returns(), $result);
$this->assertFalse($result['success']);
$this->assertCount(1, $result['warnings']);
$this->assertEquals('alreadyconfirmed', $result['warnings'][0]['warningcode']);
// Try to use an invalid secret.
$this->expectException('\moodle_exception');
$this->expectExceptionMessage(get_string('invalidconfirmdata', 'error'));
$result = core_auth_external::confirm_user($username, 'zzZZzz');
}
/**
* Test age digital consent not enabled.
*/
public function test_age_digital_consent_verification_is_not_enabled(): void {
global $CFG;
$CFG->agedigitalconsentverification = 0;
$result = core_auth_external::is_age_digital_consent_verification_enabled();
$result = external_api::clean_returnvalue(
core_auth_external::is_age_digital_consent_verification_enabled_returns(), $result);
$this->assertFalse($result['status']);
}
/**
* Test age digital consent is enabled.
*/
public function test_age_digital_consent_verification_is_enabled(): void {
global $CFG;
$CFG->agedigitalconsentverification = 1;
$result = core_auth_external::is_age_digital_consent_verification_enabled();
$result = external_api::clean_returnvalue(
core_auth_external::is_age_digital_consent_verification_enabled_returns(), $result);
$this->assertTrue($result['status']);
}
/**
* Test resend_confirmation_email.
*/
public function test_resend_confirmation_email(): void {
global $DB;
$username = 'pepe';
$password = 'abcdefAª.ªª!!3';
$firstname = 'Pepe';
$lastname = 'Pérez';
$email = 'myemail@no.zbc';
// Create new user.
$result = auth_email_external::signup_user($username, $password, $firstname, $lastname, $email);
$result = external_api::clean_returnvalue(auth_email_external::signup_user_returns(), $result);
$this->assertTrue($result['success']);
$this->assertEmpty($result['warnings']);
$result = core_auth_external::resend_confirmation_email($username, $password);
$result = external_api::clean_returnvalue(core_auth_external::resend_confirmation_email_returns(), $result);
$this->assertTrue($result['status']);
$this->assertEmpty($result['warnings']);
$confirmed = $DB->get_field('user', 'confirmed', array('username' => $username));
$this->assertEquals(0, $confirmed);
}
/**
* Test resend_confirmation_email invalid username.
*/
public function test_resend_confirmation_email_invalid_username(): void {
$username = 'pepe';
$password = 'abcdefAª.ªª!!3';
$firstname = 'Pepe';
$lastname = 'Pérez';
$email = 'myemail@no.zbc';
// Create new user.
$result = auth_email_external::signup_user($username, $password, $firstname, $lastname, $email);
$result = external_api::clean_returnvalue(auth_email_external::signup_user_returns(), $result);
$this->assertTrue($result['success']);
$this->assertEmpty($result['warnings']);
$_SERVER['HTTP_USER_AGENT'] = 'no browser'; // Hack around missing user agent in CLI scripts.
$this->expectException('\moodle_exception');
$this->expectExceptionMessage('error/invalidlogin');
$result = core_auth_external::resend_confirmation_email('abc', $password);
}
/**
* Test resend_confirmation_email invalid password.
*/
public function test_resend_confirmation_email_invalid_password(): void {
$username = 'pepe';
$password = 'abcdefAª.ªª!!3';
$firstname = 'Pepe';
$lastname = 'Pérez';
$email = 'myemail@no.zbc';
// Create new user.
$result = auth_email_external::signup_user($username, $password, $firstname, $lastname, $email);
$result = external_api::clean_returnvalue(auth_email_external::signup_user_returns(), $result);
$this->assertTrue($result['success']);
$this->assertEmpty($result['warnings']);
$_SERVER['HTTP_USER_AGENT'] = 'no browser'; // Hack around missing user agent in CLI scripts.
$this->expectException('\moodle_exception');
$this->expectExceptionMessage('error/invalidlogin');
$result = core_auth_external::resend_confirmation_email($username, 'abc');
}
/**
* Test resend_confirmation_email already confirmed user.
*/
public function test_resend_confirmation_email_already_confirmed_user(): void {
global $DB;
$username = 'pepe';
$password = 'abcdefAª.ªª!!3';
$firstname = 'Pepe';
$lastname = 'Pérez';
$email = 'myemail@no.zbc';
// Create new user.
$result = auth_email_external::signup_user($username, $password, $firstname, $lastname, $email);
$result = external_api::clean_returnvalue(auth_email_external::signup_user_returns(), $result);
$this->assertTrue($result['success']);
$this->assertEmpty($result['warnings']);
$secret = $DB->get_field('user', 'secret', array('username' => $username));
// Confirm the user.
$result = core_auth_external::confirm_user($username, $secret);
$result = external_api::clean_returnvalue(core_auth_external::confirm_user_returns(), $result);
$this->assertTrue($result['success']);
$this->expectException('\moodle_exception');
$this->expectExceptionMessage('error/alreadyconfirmed');
core_auth_external::resend_confirmation_email($username, $password);
}
}
auth/tests/privacy/provider_test.php
+104
View File
@@ -0,0 +1,104 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Data provider tests.
*
* @package core_auth
* @category test
* @copyright 2018 Frédéric Massart
* @author Frédéric Massart <fred@branchup.tech>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace core_auth\privacy;
defined('MOODLE_INTERNAL') || die();
global $CFG;
use core_privacy\tests\provider_testcase;
use core_privacy\local\request\transform;
use core_privacy\local\request\writer;
use core_auth\privacy\provider;
/**
* Data provider testcase class.
*
* @package core_auth
* @category test
* @copyright 2018 Frédéric Massart
* @author Frédéric Massart <fred@branchup.tech>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class provider_test extends provider_testcase {
public function setUp(): void {
$this->resetAfterTest();
}
public function test_export_user_preferences(): void {
$dg = $this->getDataGenerator();
$u1 = $dg->create_user();
$u2 = $dg->create_user();
$sysctx = \context_system::instance();
$now = time();
// Check nothing is there.
writer::reset();
provider::export_user_preferences($u1->id);
$prefs = writer::with_context($sysctx)->get_user_preferences('core_auth');
$this->assertEmpty((array) $prefs);
// Set some preferences.
set_user_preference('auth_forcepasswordchange', 1, $u1);
set_user_preference('create_password', 1, $u1);
set_user_preference('login_failed_count', 18, $u1);
set_user_preference('login_failed_count_since_success', 7, $u1);
set_user_preference('login_failed_last', $now - DAYSECS, $u1);
set_user_preference('login_lockout', $now - HOURSECS, $u1);
set_user_preference('login_lockout_ignored', 0, $u1);
set_user_preference('login_lockout_secret', 'Hello world!', $u1);
set_user_preference('auth_forcepasswordchange', 0, $u2);
set_user_preference('create_password', 0, $u2);
set_user_preference('login_lockout_ignored', 1, $u2);
// Check user 1.
writer::reset();
provider::export_user_preferences($u1->id);
$prefs = writer::with_context($sysctx)->get_user_preferences('core_auth');
$this->assertEquals(transform::yesno(true), $prefs->auth_forcepasswordchange->value);
$this->assertEquals(transform::yesno(true), $prefs->create_password->value);
$this->assertEquals(18, $prefs->login_failed_count->value);
$this->assertEquals(7, $prefs->login_failed_count_since_success->value);
$this->assertEquals(transform::datetime($now - DAYSECS), $prefs->login_failed_last->value);
$this->assertEquals(transform::datetime($now - HOURSECS), $prefs->login_lockout->value);
$this->assertEquals(transform::yesno(false), $prefs->login_lockout_ignored->value);
$this->assertEquals('Hello world!', $prefs->login_lockout_secret->value);
// Check user 2.
writer::reset();
provider::export_user_preferences($u2->id);
$prefs = writer::with_context($sysctx)->get_user_preferences('core_auth');
$this->assertEquals(transform::yesno(false), $prefs->auth_forcepasswordchange->value);
$this->assertEquals(transform::yesno(false), $prefs->create_password->value);
$this->assertObjectNotHasProperty('login_failed_count', $prefs);
$this->assertObjectNotHasProperty('login_failed_count_since_success', $prefs);
$this->assertObjectNotHasProperty('login_failed_last', $prefs);
$this->assertObjectNotHasProperty('login_lockout', $prefs);
$this->assertEquals(transform::yesno(true), $prefs->login_lockout_ignored->value);
$this->assertObjectNotHasProperty('login_lockout_secret', $prefs);
}
}