Bug 19531: When saving patron record do not redirect to circ if not authorised
[koha.git] / t / Auth_with_shibboleth.t
blob60bde6896ca177b260f5e2fabc661828bc3aaae7
1 #!/usr/bin/perl
3 # This file is part of Koha.
5 # Koha is free software; you can redistribute it and/or modify it
6 # under the terms of the GNU General Public License as published by
7 # the Free Software Foundation; either version 3 of the License, or
8 # (at your option) any later version.
10 # Koha is distributed in the hope that it will be useful, but
11 # WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
15 # You should have received a copy of the GNU General Public License
16 # along with Koha; if not, see <http://www.gnu.org/licenses>.
18 use Modern::Perl;
20 $| = 1;
21 use Module::Load::Conditional qw/check_install/;
22 use Test::More;
23 use Test::MockModule;
24 use Test::Warn;
26 use CGI;
27 use C4::Context;
29 BEGIN {
30 if ( check_install( module => 'Test::DBIx::Class' ) ) {
31 plan tests => 11;
32 } else {
33 plan skip_all => "Need Test::DBIx::Class"
37 use Test::DBIx::Class;
39 # Mock Variables
40 my $matchpoint = 'userid';
41 my $autocreate = 0;
42 my %mapping = (
43 'userid' => { 'is' => 'uid' },
44 'surname' => { 'is' => 'sn' },
45 'dateexpiry' => { 'is' => 'exp' },
46 'categorycode' => { 'is' => 'cat' },
47 'address' => { 'is' => 'add' },
48 'city' => { 'is' => 'city' },
50 $ENV{'uid'} = "test1234";
51 $ENV{'sn'} = undef;
52 $ENV{'exp'} = undef;
53 $ENV{'cat'} = undef;
54 $ENV{'add'} = undef;
55 $ENV{'city'} = undef;
57 # Setup Mocks
58 ## Mock Context
59 my $context = new Test::MockModule('C4::Context');
61 ### Mock ->config
62 $context->mock( 'config', \&mockedConfig );
64 ### Mock ->preference
65 my $OPACBaseURL = "testopac.com";
66 $context->mock( 'preference', \&mockedPref );
68 ## Mock Database
69 my $database = new Test::MockModule('Koha::Database');
71 ### Mock ->schema
72 $database->mock( 'schema', \&mockedSchema );
74 # Tests
75 ##############################################################
77 # Can module load
78 use C4::Auth_with_shibboleth;
79 require_ok('C4::Auth_with_shibboleth');
80 $C4::Auth_with_shibboleth::debug = '0';
82 # Subroutine tests
83 ## shib_ok
84 subtest "shib_ok tests" => sub {
85 plan tests => 5;
86 my $result;
88 # correct config, no debug
89 is( shib_ok(), '1', "good config" );
91 # bad config, no debug
92 $matchpoint = undef;
93 warnings_are { $result = shib_ok() }
94 [ { carped => 'shibboleth matchpoint not defined' }, ],
95 "undefined matchpoint = fatal config, warning given";
96 is( $result, '0', "bad config" );
98 $matchpoint = 'email';
99 warnings_are { $result = shib_ok() }
100 [ { carped => 'shibboleth matchpoint not mapped' }, ],
101 "unmapped matchpoint = fatal config, warning given";
102 is( $result, '0', "bad config" );
104 # add test for undefined shibboleth block
106 reset_config();
109 ## logout_shib
110 #my $query = CGI->new();
111 #is(logout_shib($query),"https://".$opac."/Shibboleth.sso/Logout?return="."https://".$opac,"logout_shib");
113 ## login_shib_url
114 my $query_string = 'language=en-GB';
115 $ENV{QUERY_STRING} = $query_string;
116 $ENV{SCRIPT_NAME} = '/cgi-bin/koha/opac-user.pl';
117 my $query = CGI->new($query_string);
119 login_shib_url($query),
120 'https://testopac.com'
121 . '/Shibboleth.sso/Login?target='
122 . 'https://testopac.com/cgi-bin/koha/opac-user.pl' . '%3F'
123 . $query_string,
124 "login shib url"
127 ## get_login_shib
128 subtest "get_login_shib tests" => sub {
129 plan tests => 4;
130 my $login;
132 # good config
133 ## debug off
134 $C4::Auth_with_shibboleth::debug = '0';
135 warnings_are { $login = get_login_shib() }[],
136 "good config with debug off, no warnings received";
137 is( $login, "test1234",
138 "good config with debug off, attribute value returned" );
140 ## debug on
141 $C4::Auth_with_shibboleth::debug = '1';
142 warnings_are { $login = get_login_shib() }[
143 "koha borrower field to match: userid",
144 "shibboleth attribute to match: uid",
145 "uid value: test1234"
147 "good config with debug enabled, correct warnings received";
148 is( $login, "test1234",
149 "good config with debug enabled, attribute value returned" );
151 # bad config - with shib_ok implemented, we should never reach this sub with a bad config
154 ## checkpw_shib
155 subtest "checkpw_shib tests" => sub {
156 plan tests => 18;
158 my $shib_login;
159 my ( $retval, $retcard, $retuserid );
161 # Setup Mock Database Data
162 fixtures_ok [
163 'Borrower' => [
164 [qw/cardnumber userid surname address city/],
165 [qw/testcardnumber test1234 renvoize myaddress johnston/],
167 'Category' => [ [qw/categorycode default_privacy/], [qw/S never/], ]
169 'Installed some custom fixtures via the Populate fixture class';
171 # debug off
172 $C4::Auth_with_shibboleth::debug = '0';
174 # good user
175 $shib_login = "test1234";
176 warnings_are {
177 ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
179 [], "good user with no debug";
180 is( $retval, "1", "user authenticated" );
181 is( $retcard, "testcardnumber", "expected cardnumber returned" );
182 is( $retuserid, "test1234", "expected userid returned" );
184 # bad user
185 $shib_login = 'martin';
186 warnings_are {
187 ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
189 [], "bad user with no debug";
190 is( $retval, "0", "user not authenticated" );
192 # autocreate user
193 $autocreate = 1;
194 $shib_login = 'test4321';
195 $ENV{'uid'} = 'test4321';
196 $ENV{'sn'} = "pika";
197 $ENV{'exp'} = "2017";
198 $ENV{'cat'} = "S";
199 $ENV{'add'} = 'Address';
200 $ENV{'city'} = 'City';
201 warnings_are {
202 ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
204 [], "new user added with no debug";
205 is( $retval, "1", "user authenticated" );
206 is( $retuserid, "test4321", "expected userid returned" );
207 ok my $new_user = ResultSet('Borrower')
208 ->search( { 'userid' => 'test4321' }, { rows => 1 } ), "new user found";
209 is_fields [qw/surname dateexpiry address city/], $new_user->next,
210 [qw/pika 2017 Address City/],
211 'Found $new_users surname';
212 $autocreate = 0;
214 # debug on
215 $C4::Auth_with_shibboleth::debug = '1';
217 # good user
218 $shib_login = "test1234";
219 warnings_exist {
220 ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
223 qr/checkpw_shib/,
224 qr/koha borrower field to match: userid/,
225 qr/shibboleth attribute to match: uid/,
226 qr/User Shibboleth-authenticated as:/
228 "good user with debug enabled";
229 is( $retval, "1", "user authenticated" );
230 is( $retcard, "testcardnumber", "expected cardnumber returned" );
231 is( $retuserid, "test1234", "expected userid returned" );
233 # bad user
234 $shib_login = "martin";
235 warnings_exist {
236 ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
239 qr/checkpw_shib/,
240 qr/koha borrower field to match: userid/,
241 qr/shibboleth attribute to match: uid/,
242 qr/User Shibboleth-authenticated as:/,
243 qr/not a valid Koha user/
245 "bad user with debug enabled";
246 is( $retval, "0", "user not authenticated" );
250 ## _get_uri
251 $OPACBaseURL = "testopac.com";
252 is( C4::Auth_with_shibboleth::_get_uri(),
253 "https://testopac.com", "https opac uri returned" );
255 $OPACBaseURL = "http://testopac.com";
256 my $result;
257 warning_like { $result = C4::Auth_with_shibboleth::_get_uri() }
258 [qr/Shibboleth requires OPACBaseURL to use the https protocol!/],
259 "improper protocol - received expected warning";
260 is( $result, "https://testopac.com", "https opac uri returned" );
262 $OPACBaseURL = "https://testopac.com";
263 is( C4::Auth_with_shibboleth::_get_uri(),
264 "https://testopac.com", "https opac uri returned" );
266 $OPACBaseURL = undef;
267 warning_like { $result = C4::Auth_with_shibboleth::_get_uri() }
268 [qr/OPACBaseURL not set!/],
269 "undefined OPACBaseURL - received expected warning";
270 is( $result, "https://", "https opac uri returned" );
272 ## _get_shib_config
273 # Internal helper function, covered in tests above
275 sub mockedConfig {
276 my $param = shift;
278 my %shibboleth = (
279 'autocreate' => $autocreate,
280 'matchpoint' => $matchpoint,
281 'mapping' => \%mapping
284 return \%shibboleth;
287 sub mockedPref {
288 my $param = $_[1];
289 my $return;
291 if ( $param eq 'OPACBaseURL' ) {
292 $return = $OPACBaseURL;
295 return $return;
298 sub mockedSchema {
299 return Schema();
302 ## Convenience method to reset config
303 sub reset_config {
304 $matchpoint = 'userid';
305 $autocreate = 0;
306 %mapping = (
307 'userid' => { 'is' => 'uid' },
308 'surname' => { 'is' => 'sn' },
309 'dateexpiry' => { 'is' => 'exp' },
310 'categorycode' => { 'is' => 'cat' },
311 'address' => { 'is' => 'add' },
312 'city' => { 'is' => 'city' },
314 $ENV{'uid'} = "test1234";
315 $ENV{'sn'} = undef;
316 $ENV{'exp'} = undef;
317 $ENV{'cat'} = undef;
318 $ENV{'add'} = undef;
319 $ENV{'city'} = undef;
321 return 1;