fix tests after changes

improve tests for new lti signing request removes un-necissary changes to session and cache drivers in test
ucfopen · Dec 31, 2022 · cf80cc2 · cf80cc2
1 parent a2f01ce
commit cf80cc2
Show file tree

Hide file tree

Showing 10 changed files with 183 additions and 91 deletions.
diff --git a/docker/docker-compose.override.test.yml b/docker/docker-compose.override.test.yml
@@ -16,8 +16,6 @@ services:
       - FUEL_ENV=test
       - FUEL_LOG_THRESHOLD=300
       - LOG_HANDLER=DEFAULT
-      - SESSION_DRIVER=file
-      - CACHE_DRIVER=file
     volumes:
       - ..:/var/www/html/
       # isolate test widget files just for test

diff --git a/docker/run_tests.sh b/docker/run_tests.sh
@@ -15,4 +15,4 @@ DCTEST="docker-compose -f docker-compose.yml -f docker-compose.override.test.yml
 set -e
 set -o xtrace
 
-$DCTEST run --rm app /wait-for-it.sh mysql:3306 -t 20 -- composer run testci -- "$@"
+$DCTEST run -T --rm app /wait-for-it.sh mysql:3306 -t 20 -- composer run testci -- "$@"
diff --git a/docker/run_tests_lint.sh b/docker/run_tests_lint.sh
@@ -10,4 +10,4 @@ DCTEST="docker-compose -f docker-compose.yml -f docker-compose.override.test.yml
 set -e
 set -o xtrace
 
-$DCTEST run --rm --no-deps app composer sniff-ci
+$DCTEST run -T --rm --no-deps app composer sniff-ci
diff --git a/fuel/app/classes/basetest.php b/fuel/app/classes/basetest.php
@@ -54,6 +54,13 @@ protected function tearDown(): void
 		}
 	}
 
+	protected static function remove_all_roles_for_user($user_id)
+	{
+		\DB::delete('perm_role_to_user')
+		->where('user_id', $user_id)
+		->execute();
+	}
+
 	protected static function clear_fuel_input()
 	{
 		// reset fuelphp's input class
@@ -196,6 +203,10 @@ protected function _as_student()
 			\Fuel\Tasks\Admin::new_user($uname, 'test', 'd', 'student', '[email protected]', $pword);
 			$user = \Model_User::find_by_username($uname);
 		}
+		else
+		{
+			static::remove_all_roles_for_user($user->id);
+		}
 
 		$login = \Service_User::login($uname, $pword);
 		$this->assertTrue($login);
@@ -215,13 +226,16 @@ protected function _as_author()
 		{
 			require_once(APPPATH.'/tasks/admin.php');
 			\Fuel\Tasks\Admin::new_user($uname, 'Prof', 'd', 'Author', '[email protected]', $pword);
-			\Fuel\Tasks\Admin::give_user_role($uname, 'basic_author');
 			$user = \Model_User::find_by_username($uname);
 		}
+		else
+		{
+			static::remove_all_roles_for_user($user->id);
+		}
 
+		\Materia\Perm_Manager::add_users_to_roles_system_only([$user->id], [\Materia\Perm_Role::AUTHOR]);
 		$login = \Service_User::login($uname, $pword);
 		$this->assertTrue($login);
-
 		$this->users_to_clean[] = $user;
 		return $user;
 	}
@@ -238,10 +252,14 @@ protected function _as_author_2()
 		{
 			require_once(APPPATH.'/tasks/admin.php');
 			\Fuel\Tasks\Admin::new_user($uname, 'test', 'd', 'author', '[email protected]', $pword);
-			\Fuel\Tasks\Admin::give_user_role($uname, 'basic_author');
 			$user = \Model_User::find_by_username($uname);
 		}
+		else
+		{
+			static::remove_all_roles_for_user($user->id);
+		}
 
+		\Materia\Perm_Manager::add_users_to_roles_system_only([$user->id], [\Materia\Perm_Role::AUTHOR]);
 		$login = \Service_User::login($uname, $pword);
 		$this->assertTrue($login);
 		$this->users_to_clean[] = $user;
@@ -260,10 +278,14 @@ protected function _as_author_3()
 		{
 			require_once(APPPATH.'/tasks/admin.php');
 			\Fuel\Tasks\Admin::new_user($uname, 'test', 'd', 'author', '[email protected]', $pword);
-			\Fuel\Tasks\Admin::give_user_role($uname, 'basic_author');
 			$user = \Model_User::find_by_username($uname);
 		}
+		else
+		{
+			static::remove_all_roles_for_user($user->id);
+		}
 
+		\Materia\Perm_Manager::add_users_to_roles_system_only([$user->id], [\Materia\Perm_Role::AUTHOR]);
 		$login = \Service_User::login($uname, $pword);
 		$this->assertTrue($login);
 		$this->users_to_clean[] = $user;
@@ -282,12 +304,14 @@ protected function _as_super_user()
 		{
 			require_once(APPPATH.'/tasks/admin.php');
 			\Fuel\Tasks\Admin::new_user($uname, 'test', 'd', 'su', '[email protected]', $pword);
-			// TODO: super_user should get all these rights inherently right??????!!!!
-			\Fuel\Tasks\Admin::give_user_role($uname, 'super_user');
-			\Fuel\Tasks\Admin::give_user_role($uname, 'basic_author');
 			$user = \Model_User::find_by_username($uname);
 		}
+		else
+		{
+			static::remove_all_roles_for_user($user->id);
+		}
 
+		\Materia\Perm_Manager::add_users_to_roles_system_only([$user->id], [\Materia\Perm_Role::AUTHOR, \Materia\Perm_Role::SU]);
 		$login = \Service_User::login($uname, $pword);
 		$this->assertTrue($login);
 		$this->users_to_clean[] = $user;
@@ -305,11 +329,14 @@ protected function _as_noauth()
 		{
 			require_once(APPPATH.'/tasks/admin.php');
 			\Fuel\Tasks\Admin::new_user($uname, 'test', 'd', 'noauth', '[email protected]', $pword);
-			// TODO: super_user should get all these rights inherently right??????!!!!
-			\Fuel\Tasks\Admin::give_user_role($uname, 'no_author');
 			$user = \Model_User::find_by_username($uname);
 		}
+		else
+		{
+			static::remove_all_roles_for_user($user->id);
+		}
 
+		\Materia\Perm_Manager::add_users_to_roles_system_only([$user->id], [\Materia\Perm_Role::NOAUTH]);
 		$login = \Service_User::login($uname, $pword);
 		$this->assertTrue($login);
 		$this->users_to_clean[] = $user;

diff --git a/fuel/app/classes/ltilaunch.php b/fuel/app/classes/ltilaunch.php
@@ -76,7 +76,7 @@ public static function config()
 		return static::$config;
 	}
 
-	public static function configFromKey($key)
+	public static function config_from_key($key)
 	{
 		// determine which config to use
 		$configs = \Config::get('lti.consumers');

diff --git a/fuel/app/classes/materia/api/v1.php b/fuel/app/classes/materia/api/v1.php
@@ -58,7 +58,13 @@ static public function widget_instances_get($inst_ids = null)
 
 	static public function lti_sign_content_item_selection(string $url, string $content_items, string $lti_key)
 	{
-		// if (\Service_User::verify_session() !== true) return Msg::no_login();
+		if (\Service_User::verify_session() !== true) return Msg::no_login();
+		if (\Materia\Perm_Manager::does_user_have_role([\Materia\Perm_Role::AUTHOR, \Materia\Perm_Role::SU]) !== true) return Msg::no_perm();
+		if (\Service_User::verify_session('no_author')) return Msg::no_perm();
+
+		$lti_config = \LtiLaunch::config_from_key($lti_key);
+
+		if (is_null($lti_config)) return Msg::invalid_input('Lti key not found.');
 
 		$params = [
 			'lti_message_type' => 'ContentItemSelection',
@@ -73,7 +79,6 @@ static public function lti_sign_content_item_selection(string $url, string $cont
 			'oauth_version' => '1.0',
 		];
 
-		$lti_config = \LtiLaunch::configFromKey($lti_key);
 		$secret = $lti_config['secret'] ?? false;
 		$hmc_sha1  = new \Eher\OAuth\HmacSha1();
 		$consumer = new \Eher\OAuth\Consumer('', $secret);
@@ -87,12 +92,12 @@ static public function lti_sign_content_item_selection(string $url, string $cont
 		// if duplicated here. (ex: Sakai will fail validation)
 		$query_str = parse_url($url, PHP_URL_QUERY);
 		parse_str($query_str, $query_params);
-		if(is_array($query_params))
+		if (is_array($query_params))
 		{
 			$keys = array_keys($query_params);
 			foreach ($keys as $key)
 			{
-				if(isset($results[$key]))
+				if (isset($results[$key]))
 				{
 					unset($results[$key]);
 				}

diff --git a/fuel/app/tests/api/v1.php b/fuel/app/tests/api/v1.php
@@ -21,8 +21,87 @@ public function test_allPublicAPIMethodsHaveTests()
 
 	public function test_lti_sign_content_item_selection()
 	{
-		// @TODO
-		$this->assertEquals(true, true);
+		$url = 'https://someurl.com/something?some_var=10&another_var=20';
+		$content_items = '{
+			"@context" : "http://purl.imsglobal.org/ctx/lti/v1/ContentItem",
+			"@graph" : [
+				{
+					"@type": "LtiLinkItem",
+					"mediaType": "application/vnd.ims.lti.v1.ltilink",
+					"@id": "https://materia.edu/play/3c@jd!",
+					"url": "https://materia.edu/play/3c@jd!",
+					"title": "The widgets name",
+					"text": "A Materia Crossword Activity",
+					"placementAdvice": {
+						"presentationDocumentTarget": "frame",
+					},
+				}
+			]
+		}';
+
+		$invalid_lti_key = "key_that_doesnt_exist";
+		$valid_lti_key = "materia-lti-key";
+
+		// ======= AS NO ONE ========
+		$output = Api_V1::lti_sign_content_item_selection($url, $content_items, $invalid_lti_key);
+		$this->assertInstanceOf('\Materia\Msg', $output);
+		$this->assertEquals('Invalid Login', $output->title);
+
+		$output = Api_V1::lti_sign_content_item_selection($url, $content_items, $valid_lti_key);
+		$this->assertInstanceOf('\Materia\Msg', $output);
+		$this->assertEquals('Invalid Login', $output->title);
+
+		// ======= STUDENT ========
+		$this->_as_student();
+		$output = Api_V1::lti_sign_content_item_selection($url, $content_items, $invalid_lti_key);
+		$this->assertInstanceOf('\Materia\Msg', $output);
+		$this->assertEquals('Permission Denied', $output->title);
+
+		$output = Api_V1::lti_sign_content_item_selection($url, $content_items, $valid_lti_key);
+		$this->assertInstanceOf('\Materia\Msg', $output);
+		$this->assertEquals('Permission Denied', $output->title);
+
+		// ======= AUTHOR ========
+		$this->_as_author();
+		$output = Api_V1::lti_sign_content_item_selection($url, $content_items, $invalid_lti_key);
+		$this->assertInstanceOf('\Materia\Msg', $output);
+		$this->assertEquals('Validation Error', $output->title);
+
+		$this->_as_author();
+		$output = Api_V1::lti_sign_content_item_selection($url, $content_items, $valid_lti_key);
+		$this->assertNotInstanceOf('\Materia\Msg', $output);
+		$this->assertIsArray($output);
+		$this->assertArrayHasKey('oauth_version', $output);
+		$this->assertArrayHasKey('oauth_nonce', $output);
+		$this->assertArrayHasKey('oauth_timestamp', $output);
+		$this->assertArrayHasKey('oauth_consumer_key', $output);
+		$this->assertArrayHasKey('lti_message_type', $output);
+		$this->assertArrayHasKey('lti_version', $output);
+		$this->assertArrayHasKey('data', $output);
+		$this->assertArrayHasKey('oauth_callback', $output);
+		$this->assertArrayHasKey('oauth_signature_method', $output);
+		$this->assertArrayHasKey('oauth_signature', $output);
+
+		// ======= SU ========
+		$this->_as_super_user();
+		$output = Api_V1::lti_sign_content_item_selection($url, $content_items, $invalid_lti_key);
+		$this->assertInstanceOf('\Materia\Msg', $output);
+		$this->assertEquals('Validation Error', $output->title);
+
+		$this->_as_super_user();
+		$output = Api_V1::lti_sign_content_item_selection($url, $content_items, $valid_lti_key);
+		$this->assertNotInstanceOf('\Materia\Msg', $output);
+		$this->assertIsArray($output);
+		$this->assertArrayHasKey('oauth_version', $output);
+		$this->assertArrayHasKey('oauth_nonce', $output);
+		$this->assertArrayHasKey('oauth_timestamp', $output);
+		$this->assertArrayHasKey('oauth_consumer_key', $output);
+		$this->assertArrayHasKey('lti_message_type', $output);
+		$this->assertArrayHasKey('lti_version', $output);
+		$this->assertArrayHasKey('data', $output);
+		$this->assertArrayHasKey('oauth_callback', $output);
+		$this->assertArrayHasKey('oauth_signature_method', $output);
+		$this->assertArrayHasKey('oauth_signature', $output);
 	}
 
 	public function test_widgets_get()