- [x] [phpunit/sessionManager] test unitaires du manager de session php

manager/ManagerError.php

@@ -41,18 +41,24 @@
 			// Erreur de parametre(s)
 			const ParamError          = 9;
 
+			// Erreur dans le traitement
+			const ModuleError         = 10;
+
 		/* Repo */
 
 			// Verification de la coherence du chemin (existe dans la conf)
-			const WrongPathRepo       = 10;
+			const WrongPathRepo       = 11;
 
 			// Module non specifie dans la conf
-			const UnknownRepo         = 11;
+			const UnknownRepo         = 12;
+
+			// Erreur dans le traitement
+			const RepoError           = 13;
 
 		/* Database */
 
 			// Erreur lors de la creation d'un objet PDO (connection)
-			const PDOConnection       = 12;
+			const PDOConnection       = 14;
 
 
 		/* EXPLICITE UN CODE D'ERREUR
@@ -65,7 +71,9 @@
 		public static function explicit($error){
 			switch($error){
 				case self::Success:             return "Tout s'est bien deroule";                                             break;
+
 				case self::ParsingFailed:       return "La lecture du fichier JSON a echoue";                                 break;
+				
 				case self::InvalidFlags:        return "Les specifications (drapeaux) sont incorrects";                       break;
 				case self::UnreachableResource: return "La ressource n'existe pas (404)";                                     break;
 				case self::MissingPath:         return "Le chemin de delegation n'a pas ete renseigne";                       break;
@@ -75,13 +83,18 @@
 				case self::UnknownRepo:         return "Le repo n'existe pas";                                                break;
 				case self::UnknownMethod:       return "Le methode n'existe pas";                                             break;
 				case self::UncallableMethod:    return "Le methode n'est pas amorcable";                                      break;
+
 				case self::ParamError:          return "Un ou plusieurs parametres sont manquants ou incorrects";             break;
+				case self::ModuleError:         return "Erreur lors du traitement du module";                                 break;
+				case self::RepoError:           return "Erreur lors du traitement du repo";                                   break;
+
 				case self::PDOConnection:       return "La connexion avec la base de donnees a echoue";                       break;
 
-				default:                        return "Erreur inconnue...";                                                  break;
+				// default:                        return "Erreur inconnue...";                                                  break;
 			}
 
-			return 'Aucune erreur trouvee';
+			// Erreur inconnue
+			return null;
 		}
 
 	}

manager/module/userDefault.php

@@ -52,10 +52,41 @@
 				return array('ModuleError' => \manager\ManagerError::ParamError);
 
 
-			// $request = new \manager\Repo('user/create', array($code, $username, $firstname, $lastname, $mail, $password, $status) );
+			/* [2] Creation de l'utilisateur
+			=========================================================*/
+			$create_user = new \manager\Repo('user/create', array($code, $username, $firstname, $lastname, $mail, $password_hash, $status) );
+			$id_user     = $create_user->answer();
 
-			// return $request->answer();
-			return array('ModuleError' => \manager\ManagerError::Success);
+			// Si une erreur est retournee, on retourne une erreur
+			if( $id_user === false )
+				return array('ModuleError' => \manager\ManagerError::ModuleError);
+
+
+			/* [3] Creation du groupe de meme nom que l'username
+			=========================================================*/
+			$create_group = new \manager\Repo('group/create', array($username) );
+			$id_group     = $create_group->answer();
+
+			// Si une erreur est retournee, on retourne une erreur
+			if( $id_group === false )
+				return array('ModuleError' => \manager\ManagerError::ModuleError);
+
+
+			/* [4] Association au groupe
+			=========================================================*/
+			$assoc_goup = new \manager\Repo('group/associate', array($id_user, $id_group));
+			$id_assoc = $assoc_goup->answer();
+
+			// Si une erreur est retournee, on retourne une erreur
+			if( $id_assoc === false )
+				return array('ModuleError' => \manager\ManagerError::ModuleError);
+			
+			/* [5] Gestion du retour
+			=========================================================*/
+			return array(
+				'ModuleError' => \manager\ManagerError::Success,
+				'id_user'     => $id_user
+			);
 		}
 
 

phpunit/phpunit.xml

@@ -2,10 +2,18 @@
 
 	<testsuites>
 		
-		<testsuite name="\manager\Database">
+		<testsuite name="manager/Database">
 			<directory prefix="Database_" suffix=".php">./tests/</directory>
 		</testsuite>
 		
+		<testsuite name="manager/ManagerError">
+			<file>./tests/ManagerError.php</file>
+		</testsuite>
+		
+		<testsuite name="manager/sessionManager">
+			<file>./tests/sessionManager.php</file>
+		</testsuite>
+
 	</testsuites>
 
 

phpunit/tests/Database_check.php

@@ -1,6 +1,6 @@
-<?php 
+<?php namespace phpunit;
 
-	class Database_check extends PHPUnit_Framework_TestCase{
+	class Database_check extends \PHPUnit_Framework_TestCase{
 
 
 		/* [1] AUTO_INCREMENT

phpunit/tests/Database_construct.php

@@ -1,6 +1,6 @@
-<?php 
+<?php namespace phpunit;
 
-	class Database_construct extends PHPUnit_Framework_TestCase{
+	class Database_construct extends \PHPUnit_Framework_TestCase{
 
 		/* [1] Verification du chargement de la config
 		=========================================================*/

phpunit/tests/Database_delNumeric.php

@@ -1,6 +1,6 @@
-<?php 
+<?php namespace phpunit;
 
-	class Database_delNumeric extends PHPUnit_Framework_TestCase{
+	class Database_delNumeric extends \PHPUnit_Framework_TestCase{
 
 		/* [1] Verification pour 2 dimensions
 		=========================================================*/

phpunit/tests/ManagerError.php

@@ -0,0 +1,107 @@
+<?php namespace phpunit;
+
+	class ManagerError extends \PHPUnit_Framework_TestCase{
+
+		/* [1] Test de toutes les erreurs
+		=========================================================*/
+		public function testErrorSuccess(){
+			$error = \manager\ManagerError::Success;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorParsingFailed(){
+			$error = \manager\ManagerError::ParsingFailed;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorInvalidFlags(){
+			$error = \manager\ManagerError::InvalidFlags;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorUnreachableResource(){
+			$error = \manager\ManagerError::UnreachableResource;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorMissingPath(){
+			$error = \manager\ManagerError::MissingPath;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorWrongPathModule(){
+			$error = \manager\ManagerError::WrongPathModule;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorUnknownModule(){
+			$error = \manager\ManagerError::UnknownModule;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorUnknownMethod(){
+			$error = \manager\ManagerError::UnknownMethod;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorUncallableMethod(){
+			$error = \manager\ManagerError::UncallableMethod;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+		public function testErrorParamError(){
+			$error = \manager\ManagerError::ParamError;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+		
+		public function testErrorModuleError(){
+			$error = \manager\ManagerError::ModuleError;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+		
+		public function testErrorWrongPathRepo(){
+			$error = \manager\ManagerError::WrongPathRepo;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+		
+		public function testErrorUnknownRepo(){
+			$error = \manager\ManagerError::UnknownRepo;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+		
+		public function testErrorRepoError(){
+			$error = \manager\ManagerError::RepoError;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+		
+		public function testErrorPDOConnection(){
+			$error = \manager\ManagerError::PDOConnection;
+
+			$this->assertNotNull( \manager\ManagerError::explicit($error) );
+		}
+
+
+		public function testErrorNotKnown(){
+			$error = 1239;
+
+			$this->assertNull( \manager\ManagerError::explicit($error) );
+		}
+
+	}
+
+
+?>

phpunit/tests/sessionManager.php

@@ -0,0 +1,251 @@
+<?php namespace phpunit;
+
+
+	class sessionManager extends \PHPUnit_Framework_TestCase{
+
+		/* [1] Test de toutes les fonctions utilitaires
+		=========================================================*/
+		public function testSecureSHA1(){
+			$plain = 'montexteclair';
+			$hash  = \manager\sessionManager::secure_sha1($plain);
+
+			// Verification desuiee
+			$this->assertEquals(40, strlen($hash) );
+			$this->assertNotContains( $plain, $hash );
+		}
+
+		/* [2] Test de l'unicite et du prefix
+		=========================================================*/
+		public function testIdSessionUniq(){
+			// Premiere session
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$id_first = session_id();
+
+			// Seconde session
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$id_second = session_id();
+
+			$this->assertNotEquals( $id_first, $id_second );
+		}
+
+
+		public function testIdenticalPrefix(){
+			// Premiere session
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_prefix = substr(session_id(), 0, 5);
+
+			// Seconde session
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_prefix = substr(session_id(), 0, 5);
+
+			$this->assertEquals( $first_prefix, $second_prefix );
+		}
+
+
+		public function testCookieUniq(){
+			// Premiere session
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$token_first = $_COOKIE['session_token'];
+
+			// Seconde session
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$token_second = $_COOKIE['session_token'];
+
+			$this->assertNotEquals( $token_first, $token_second );
+		}
+
+		/* [3] REMOTE_ADDR different
+		=========================================================*/
+		public function testSessionIdTheftWithWrongIp(){
+			$default_remote_addr = $_SERVER['REMOTE_ADDR'];
+
+			// Hote n.1
+			$_SERVER['REMOTE_ADDR'] = 'a';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_prefix = substr(session_id(), 0, 5);
+
+			// Hote n.2
+			$_SERVER['REMOTE_ADDR'] = 'b';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_prefix = substr(session_id(), 0, 5);
+
+
+			$this->assertNotEquals( $first_prefix, $second_prefix );
+
+			$_SERVER['REMOTE_ADDR'] = $default_remote_addr;
+		}
+
+		public function testSessionTokenTheftWithWrongIp(){
+			$default_remote_addr = $_SERVER['REMOTE_ADDR'];
+
+			// Hote n.1
+			$_SERVER['REMOTE_ADDR'] = 'a';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_prefix = substr($_COOKIE['session_token'], 0, 5);
+
+			// Hote n.2
+			$_SERVER['REMOTE_ADDR'] = 'b';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_prefix = substr($_COOKIE['session_token'], 0, 5);
+
+
+			$this->assertNotEquals( $first_prefix, $second_prefix );
+
+			$_SERVER['REMOTE_ADDR'] = $default_remote_addr;
+		}
+
+
+
+		public function testSessionTokenTheftWithWrongIpThenWell(){
+			$default_remote_addr = $_SERVER['REMOTE_ADDR'];
+
+			// Hote n.1
+			$_SERVER['REMOTE_ADDR'] = 'a';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+			// Hote n.2
+			$_SERVER['REMOTE_ADDR'] = 'b';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+			// Hote n.1
+			$_SERVER['REMOTE_ADDR'] = 'a';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$third_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+
+			$this->assertEquals( $first_prefix, $third_prefix );
+			$this->assertNotEquals( $first_prefix, $second_prefix );
+
+			$_SERVER['REMOTE_ADDR'] = $default_remote_addr;
+		}
+
+		/* [4] HTTP_USER_AGENT different
+		=========================================================*/
+		public function testSessionIdTheftWithWrongUserAgent(){
+			$default_http_user_agent = $_SERVER['HTTP_USER_AGENT'];
+
+			// Hote n.1
+			$_SERVER['HTTP_USER_AGENT'] = 'a';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_prefix = substr(session_id(), 0, 5);
+
+			// Hote n.2
+			$_SERVER['HTTP_USER_AGENT'] = 'b';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_prefix = substr(session_id(), 0, 5);
+
+
+			$this->assertNotEquals( $first_prefix, $second_prefix );
+
+			$_SERVER['HTTP_USER_AGENT'] = $default_http_user_agent;
+		}
+
+		public function testSessionTokenTheftWithWrongUserAgent(){
+			$default_http_user_agent = $_SERVER['HTTP_USER_AGENT'];
+
+			// Hote n.1
+			$_SERVER['HTTP_USER_AGENT'] = 'a';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+			// Hote n.2
+			$_SERVER['HTTP_USER_AGENT'] = 'b';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+
+			$this->assertNotEquals( $first_prefix, $second_prefix );
+
+			$_SERVER['HTTP_USER_AGENT'] = $default_http_user_agent;
+		}
+
+
+
+		public function testSessionTokenTheftWithWrongUserAgentThenWell(){
+			$default_http_user_agent = $_SERVER['HTTP_USER_AGENT'];
+
+			// Hote n.1
+			$_SERVER['HTTP_USER_AGENT'] = 'a';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+			// Hote n.2
+			$_SERVER['HTTP_USER_AGENT'] = 'b';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+			// Hote n.1
+			$_SERVER['HTTP_USER_AGENT'] = 'a';
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$third_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+
+			$this->assertEquals( $first_prefix, $third_prefix );
+			$this->assertNotEquals( $first_prefix, $second_prefix );
+
+			$_SERVER['HTTP_USER_AGENT'] = $default_http_user_agent;
+		}
+
+
+
+		/* [5] Regeneration du cookie 'session_token'
+		=========================================================*/
+		public function testRegeneratedToken(){
+
+			// Connection 1
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_token = $_COOKIE['session_token'];
+
+			// Connection 2
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_token = $_COOKIE['session_token'];
+
+
+			$this->assertNotEquals( $first_token, $second_token );
+		}
+
+		public function testSamePrefixToken(){
+
+			// Connection 1
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$first_token_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+			// Connection 2
+			session_destroy();
+			@\manager\sessionManager::session_start();
+			$second_token_prefix = substr($_COOKIE['session_token'], 0, 40);
+
+			$this->assertEquals( $first_token_prefix, $second_token_prefix );
+		}
+
+		
+
+	}
+
+
+?>

todo.md

@@ -39,6 +39,7 @@
 ########
 # FAIT #
 ########
+- [x] [phpunit/sessionManager] test unitaires du manager de session php
 - [x] [ModuleAnswer] Gestion des erreurs au niveau interne des Modules
 - [x] [autoloader][phpunit/bootstrap.php] Correction des bugs de $_SERVER avec PHPUnit -> autoloader + bootstrap personnalise
 - [x] [sessionManager] Import de sessionManager