From e4669f02c427b452280cda8af7f564b732392cbf Mon Sep 17 00:00:00 2001
From: xdrm-brackets <doowap31@gmail.com>
Date: Sat, 13 Feb 2016 17:28:28 +0100
Subject: [PATCH] - [x] [phpunit/sessionManager] test unitaires du manager de
 session php

---
 manager/ManagerError.php              |  23 ++-
 manager/module/userDefault.php        |  37 +++-
 phpunit/phpunit.xml                   |  10 +-
 phpunit/tests/Database_check.php      |   4 +-
 phpunit/tests/Database_construct.php  |   4 +-
 phpunit/tests/Database_delNumeric.php |   4 +-
 phpunit/tests/ManagerError.php        | 107 +++++++++++
 phpunit/tests/sessionManager.php      | 251 ++++++++++++++++++++++++++
 todo.md                               |   1 +
 9 files changed, 426 insertions(+), 15 deletions(-)
 create mode 100644 phpunit/tests/ManagerError.php
 create mode 100644 phpunit/tests/sessionManager.php

diff --git a/manager/ManagerError.php b/manager/ManagerError.php
index 1988718..c85d962 100755
--- a/manager/ManagerError.php
+++ b/manager/ManagerError.php
@@ -41,18 +41,24 @@
 			// Erreur de parametre(s)
 			const ParamError          = 9;
 
+			// Erreur dans le traitement
+			const ModuleError         = 10;
+
 		/* Repo */
 
 			// Verification de la coherence du chemin (existe dans la conf)
-			const WrongPathRepo       = 10;
+			const WrongPathRepo       = 11;
 
 			// Module non specifie dans la conf
-			const UnknownRepo         = 11;
+			const UnknownRepo         = 12;
+
+			// Erreur dans le traitement
+			const RepoError           = 13;
 
 		/* Database */
 
 			// Erreur lors de la creation d'un objet PDO (connection)
-			const PDOConnection       = 12;
+			const PDOConnection       = 14;
 
 
 		/* EXPLICITE UN CODE D'ERREUR
@@ -65,7 +71,9 @@
 		public static function explicit($error){
 			switch($error){
 				case self::Success:             return "Tout s'est bien deroule";                                             break;
+
 				case self::ParsingFailed:       return "La lecture du fichier JSON a echoue";                                 break;
+				
 				case self::InvalidFlags:        return "Les specifications (drapeaux) sont incorrects";                       break;
 				case self::UnreachableResource: return "La ressource n'existe pas (404)";                                     break;
 				case self::MissingPath:         return "Le chemin de delegation n'a pas ete renseigne";                       break;
@@ -75,13 +83,18 @@
 				case self::UnknownRepo:         return "Le repo n'existe pas";                                                break;
 				case self::UnknownMethod:       return "Le methode n'existe pas";                                             break;
 				case self::UncallableMethod:    return "Le methode n'est pas amorcable";                                      break;
+
 				case self::ParamError:          return "Un ou plusieurs parametres sont manquants ou incorrects";             break;
+				case self::ModuleError:         return "Erreur lors du traitement du module";                                 break;
+				case self::RepoError:           return "Erreur lors du traitement du repo";                                   break;
+
 				case self::PDOConnection:       return "La connexion avec la base de donnees a echoue";                       break;
 
-				default:                        return "Erreur inconnue...";                                                  break;
+				// default:                        return "Erreur inconnue...";                                                  break;
 			}
 
-			return 'Aucune erreur trouvee';
+			// Erreur inconnue
+			return null;
 		}
 
 	}
diff --git a/manager/module/userDefault.php b/manager/module/userDefault.php
index a59e21a..db5885d 100755
--- a/manager/module/userDefault.php
+++ b/manager/module/userDefault.php
@@ -52,10 +52,41 @@
 				return array('ModuleError' => \manager\ManagerError::ParamError);
 
 
-			// $request = new \manager\Repo('user/create', array($code, $username, $firstname, $lastname, $mail, $password, $status) );
+			/* [2] Creation de l'utilisateur
+			=========================================================*/
+			$create_user = new \manager\Repo('user/create', array($code, $username, $firstname, $lastname, $mail, $password_hash, $status) );
+			$id_user     = $create_user->answer();
 
-			// return $request->answer();
-			return array('ModuleError' => \manager\ManagerError::Success);
+			// Si une erreur est retournee, on retourne une erreur
+			if( $id_user === false )
+				return array('ModuleError' => \manager\ManagerError::ModuleError);
+
+
+			/* [3] Creation du groupe de meme nom que l'username
+			=========================================================*/
+			$create_group = new \manager\Repo('group/create', array($username) );
+			$id_group     = $create_group->answer();
+
+			// Si une erreur est retournee, on retourne une erreur
+			if( $id_group === false )
+				return array('ModuleError' => \manager\ManagerError::ModuleError);
+
+
+			/* [4] Association au groupe
+			=========================================================*/
+			$assoc_goup = new \manager\Repo('group/associate', array($id_user, $id_group));
+			$id_assoc = $assoc_goup->answer();
+
+			// Si une erreur est retournee, on retourne une erreur
+			if( $id_assoc === false )
+				return array('ModuleError' => \manager\ManagerError::ModuleError);
+			
+			/* [5] Gestion du retour
+			=========================================================*/
+			return array(
+				'ModuleError' => \manager\ManagerError::Success,
+				'id_user'     => $id_user
+			);
 		}
 
 
diff --git a/phpunit/phpunit.xml b/phpunit/phpunit.xml
index bbe09a6..2c2d7f8 100755
--- a/phpunit/phpunit.xml
+++ b/phpunit/phpunit.xml
@@ -2,9 +2,17 @@
 
 	<testsuites>
 		
-		<testsuite name="\manager\Database">
+		<testsuite name="manager/Database">
 			<directory prefix="Database_" suffix=".php">./tests/</directory>
 		</testsuite>
+		
+		<testsuite name="manager/ManagerError">
+			<file>./tests/ManagerError.php</file>
+		</testsuite>
+		
+		<testsuite name="manager/sessionManager">
+			<file>./tests/sessionManager.php</file>
+		</testsuite>
 
 	</testsuites>
 
diff --git a/phpunit/tests/Database_check.php b/phpunit/tests/Database_check.php
index 39292ee..635b39f 100755
--- a/phpunit/tests/Database_check.php
+++ b/phpunit/tests/Database_check.php
@@ -1,6 +1,6 @@
-<?php 
+<?php namespace phpunit;
 
-	class Database_check extends PHPUnit_Framework_TestCase{
+	class Database_check extends \PHPUnit_Framework_TestCase{
 
 
 		/* [1] AUTO_INCREMENT
diff --git a/phpunit/tests/Database_construct.php b/phpunit/tests/Database_construct.php
index 10f0be6..8a1ee18 100755
--- a/phpunit/tests/Database_construct.php
+++ b/phpunit/tests/Database_construct.php
@@ -1,6 +1,6 @@
-<?php 
+<?php namespace phpunit;
 
-	class Database_construct extends PHPUnit_Framework_TestCase{
+	class Database_construct extends \PHPUnit_Framework_TestCase{
 
 		/* [1] Verification du chargement de la config
 		=========================================================*/
diff --git a/phpunit/tests/Database_delNumeric.php b/phpunit/tests/Database_delNumeric.php
index c81bb01..d815884 100755
--- a/phpunit/tests/Database_delNumeric.php
+++ b/phpunit/tests/Database_delNumeric.php
@@ -1,6 +1,6 @@
-<?php 
+<?php namespace phpunit;
 
-	class Database_delNumeric extends PHPUnit_Framework_TestCase{
+	class Database_delNumeric extends \PHPUnit_Framework_TestCase{
 
 		/* [1] Verification pour 2 dimensions
 		=========================================================*/
diff --git a/phpunit/tests/ManagerError.php b/phpunit/tests/ManagerError.php
new file mode 100644
index 0000000..5aab788
--- /dev/null
+++ b/phpunit/tests/ManagerError.php
@@ -0,0 +1,107 @@
+<?php namespace phpunit;
+
+	class ManagerError extends \PHPUnit_Framework_TestCase{
+
+		/* [1] Test de toutes les erreurs
+		=========================================================*/
+		public function testErrorSuccess(){
+			$error = \manager\ManagerError::Success;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorParsingFailed(){
+			$error = \manager\ManagerError::ParsingFailed;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorInvalidFlags(){
+			$error = \manager\ManagerError::InvalidFlags;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorUnreachableResource(){
+			$error = \manager\ManagerError::UnreachableResource;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorMissingPath(){
+			$error = \manager\ManagerError::MissingPath;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorWrongPathModule(){
+			$error = \manager\ManagerError::WrongPathModule;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorUnknownModule(){
+			$error = \manager\ManagerError::UnknownModule;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorUnknownMethod(){
+			$error = \manager\ManagerError::UnknownMethod;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorUncallableMethod(){
+			$error = \manager\ManagerError::UncallableMethod;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorParamError(){
+			$error = \manager\ManagerError::ParamError;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+		
+		public function testErrorModuleError(){
+			$error = \manager\ManagerError::ModuleError;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+		
+		public function testErrorWrongPathRepo(){
+			$error = \manager\ManagerError::WrongPathRepo;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+		
+		public function testErrorUnknownRepo(){
+			$error = \manager\ManagerError::UnknownRepo;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+		
+		public function testErrorRepoError(){
+			$error = \manager\ManagerError::RepoError;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+		
+		public function testErrorPDOConnection(){
+			$error = \manager\ManagerError::PDOConnection;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+
+		public function testErrorNotKnown(){
+			$error = 1239;
+
+			$this->assertNull( \manager\ManagerError::explicit($error) );
+		}
+
+	}
+
+
+?>
\ No newline at end of file
diff --git a/phpunit/tests/sessionManager.php b/phpunit/tests/sessionManager.php
new file mode 100644
index 0000000..c5cec2c
--- /dev/null
+++ b/phpunit/tests/sessionManager.php
@@ -0,0 +1,251 @@
+<?php namespace phpunit;
+
+
+	class sessionManager extends \PHPUnit_Framework_TestCase{
+
+		/* [1] Test de toutes les fonctions utilitaires
+		=========================================================*/
+		public function testSecureSHA1(){
+			$plain = 'montexteclair';
+			$hash  = \manager\sessionManager::secure_sha1($plain);
+
+			// Verification desuiee
+			$this->assertEquals(40, strlen($hash) );
+			$this->assertNotContains( $plain, $hash );
+		}
+
+		/* [2] Test de l'unicite et du prefix
+		=========================================================*/
+		public function testIdSessionUniq(){
+			// Premiere session
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$id_first = session_id();
+
+			// Seconde session
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$id_second = session_id();
+
+			$this->assertNotEquals( $id_first, $id_second );
+		}
+
+
+		public function testIdenticalPrefix(){
+			// Premiere session
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_prefix = substr(session_id(), 0, 5);
+
+			// Seconde session
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_prefix = substr(session_id(), 0, 5);
+
+			$this->assertEquals( $first_prefix, $second_prefix );
+		}
+
+
+		public function testCookieUniq(){
+			// Premiere session
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$token_first = $_COOKIE['session_token'];
+
+			// Seconde session
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$token_second = $_COOKIE['session_token'];
+
+			$this->assertNotEquals( $token_first, $token_second );
+		}
+
+		/* [3] REMOTE_ADDR different
+		=========================================================*/
+		public function testSessionIdTheftWithWrongIp(){
+			$default_remote_addr = $_SERVER['REMOTE_ADDR'];
+
+			// Hote n.1
+			$_SERVER['REMOTE_ADDR'] = 'a';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_prefix = substr(session_id(), 0, 5);
+
+			// Hote n.2
+			$_SERVER['REMOTE_ADDR'] = 'b';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_prefix = substr(session_id(), 0, 5);
+
+
+			$this->assertNotEquals( $first_prefix, $second_prefix );
+
+			$_SERVER['REMOTE_ADDR'] = $default_remote_addr;
+		}
+
+		public function testSessionTokenTheftWithWrongIp(){
+			$default_remote_addr = $_SERVER['REMOTE_ADDR'];
+
+			// Hote n.1
+			$_SERVER['REMOTE_ADDR'] = 'a';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_prefix = substr($_COOKIE['session_token'], 0, 5);
+
+			// Hote n.2
+			$_SERVER['REMOTE_ADDR'] = 'b';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_prefix = substr($_COOKIE['session_token'], 0, 5);
+
+
+			$this->assertNotEquals( $first_prefix, $second_prefix );
+
+			$_SERVER['REMOTE_ADDR'] = $default_remote_addr;
+		}
+
+
+
+		public function testSessionTokenTheftWithWrongIpThenWell(){
+			$default_remote_addr = $_SERVER['REMOTE_ADDR'];
+
+			// Hote n.1
+			$_SERVER['REMOTE_ADDR'] = 'a';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+			// Hote n.2
+			$_SERVER['REMOTE_ADDR'] = 'b';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+			// Hote n.1
+			$_SERVER['REMOTE_ADDR'] = 'a';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$third_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+
+			$this->assertEquals( $first_prefix, $third_prefix );
+			$this->assertNotEquals( $first_prefix, $second_prefix );
+
+			$_SERVER['REMOTE_ADDR'] = $default_remote_addr;
+		}
+
+		/* [4] HTTP_USER_AGENT different
+		=========================================================*/
+		public function testSessionIdTheftWithWrongUserAgent(){
+			$default_http_user_agent = $_SERVER['HTTP_USER_AGENT'];
+
+			// Hote n.1
+			$_SERVER['HTTP_USER_AGENT'] = 'a';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_prefix = substr(session_id(), 0, 5);
+
+			// Hote n.2
+			$_SERVER['HTTP_USER_AGENT'] = 'b';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_prefix = substr(session_id(), 0, 5);
+
+
+			$this->assertNotEquals( $first_prefix, $second_prefix );
+
+			$_SERVER['HTTP_USER_AGENT'] = $default_http_user_agent;
+		}
+
+		public function testSessionTokenTheftWithWrongUserAgent(){
+			$default_http_user_agent = $_SERVER['HTTP_USER_AGENT'];
+
+			// Hote n.1
+			$_SERVER['HTTP_USER_AGENT'] = 'a';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+			// Hote n.2
+			$_SERVER['HTTP_USER_AGENT'] = 'b';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+
+			$this->assertNotEquals( $first_prefix, $second_prefix );
+
+			$_SERVER['HTTP_USER_AGENT'] = $default_http_user_agent;
+		}
+
+
+
+		public function testSessionTokenTheftWithWrongUserAgentThenWell(){
+			$default_http_user_agent = $_SERVER['HTTP_USER_AGENT'];
+
+			// Hote n.1
+			$_SERVER['HTTP_USER_AGENT'] = 'a';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+			// Hote n.2
+			$_SERVER['HTTP_USER_AGENT'] = 'b';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+			// Hote n.1
+			$_SERVER['HTTP_USER_AGENT'] = 'a';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$third_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+
+			$this->assertEquals( $first_prefix, $third_prefix );
+			$this->assertNotEquals( $first_prefix, $second_prefix );
+
+			$_SERVER['HTTP_USER_AGENT'] = $default_http_user_agent;
+		}
+
+
+
+		/* [5] Regeneration du cookie 'session_token'
+		=========================================================*/
+		public function testRegeneratedToken(){
+
+			// Connection 1
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_token = $_COOKIE['session_token'];
+
+			// Connection 2
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_token = $_COOKIE['session_token'];
+
+
+			$this->assertNotEquals( $first_token, $second_token );
+		}
+
+		public function testSamePrefixToken(){
+
+			// Connection 1
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_token_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+			// Connection 2
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_token_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+			$this->assertEquals( $first_token_prefix, $second_token_prefix );
+		}
+
+		
+
+	}
+
+
+?>
\ No newline at end of file
diff --git a/todo.md b/todo.md
index 6961a1f..835a672 100755
--- a/todo.md
+++ b/todo.md
@@ -39,6 +39,7 @@
 ########
 # FAIT #
 ########
+- [x] [phpunit/sessionManager] test unitaires du manager de session php
 - [x] [ModuleAnswer] Gestion des erreurs au niveau interne des Modules
 - [x] [autoloader][phpunit/bootstrap.php] Correction des bugs de $_SERVER avec PHPUnit -> autoloader + bootstrap personnalise
 - [x] [sessionManager] Import de sessionManager