add more page loading tests (#490)

Author: simonLeary42

deployment/overrides/phpunit/config/config.ini

@@ -4,6 +4,5 @@ custom_user_mappings_dir = "test/custom_user_mappings"
 [site]
 allow_die = false
 enable_verbose_error_log = false
-enable_redirect_message = false
 enable_exception_handler = false
 enable_error_handler = false

phpstan.neon

@@ -36,7 +36,6 @@ parameters:
         - '#Call to method PHPUnit\\Framework\\Assert::assertTrue\(\) with true will always evaluate to true.#'
       paths:
         - test/functional/InvalidEPPNTest.php
-        - test/functional/PageLoadTest.php
     # I cannot seem to make this error go away no matter how many functions I add @phpstan-impure to
     - messages:
         - '#Negated boolean expression is always false\.#'

resources/lib/UnityHTTPD.php

@@ -18,20 +18,15 @@ enum UnityHTTPDMessageLevel: string
 
 class UnityHTTPD
 {
-    public static function die(mixed $x = null, bool $show_user = false): never
+    public static function die(?string $x = null): never
     {
-        if (CONFIG["site"]["allow_die"] == false) {
-            if (is_null($x)) {
-                throw new NoDieException();
-            } else {
-                throw new NoDieException($x);
-            }
+        if ($x !== null) {
+            echo $x;
+        }
+        if (CONFIG["site"]["allow_die"]) {
+            die();
         } else {
-            if (!is_null($x) and $show_user) {
-                die($x);
-            } else {
-                die();
-            }
+            throw new NoDieException();
         }
     }
 
@@ -165,14 +160,15 @@ private static function throwableToArray(\Throwable $t): array
 
     public static function badRequest(
         string $log_message,
+        string $user_message = "",
         ?\Throwable $error = null,
         ?array $data = null,
     ): never {
         self::gracefulDie(
             "bad request",
             $log_message,
             "Invalid requested action or submitted data.",
-            "",
+            $user_message,
             error: $error,
             http_response_code: 400,
             data: $data,
@@ -181,14 +177,15 @@ public static function badRequest(
 
     public static function forbidden(
         string $log_message,
+        string $user_message = "",
         ?\Throwable $error = null,
         ?array $data = null,
     ): never {
         self::gracefulDie(
             "forbidden",
             $log_message,
             "Permission denied.",
-            "",
+            $user_message,
             error: $error,
             http_response_code: 403,
             data: $data,
@@ -197,14 +194,15 @@ public static function forbidden(
 
     public static function internalServerError(
         string $log_message,
+        string $user_message = "",
         ?\Throwable $error = null,
         ?array $data = null,
     ): never {
         self::gracefulDie(
             "internal server error",
             $log_message,
             "An internal server error has occurred.",
-            "",
+            $user_message,
             error: $error,
             http_response_code: 500,
             data: $data,

test/functional/PageLoadTest.php

@@ -7,24 +7,34 @@ class PageLoadTest extends UnityWebPortalTestCase
     public static function provider()
     {
         return [
-            ["Admin", __DIR__ . "/../../webroot/admin/pi-mgmt.php"],
-            ["Admin", __DIR__ . "/../../webroot/admin/user-mgmt.php"],
-            ["Admin", __DIR__ . "/../../webroot/admin/content.php"],
-            ["Admin", __DIR__ . "/../../webroot/admin/notices.php"],
-            ["NonExistent", __DIR__ . "/../../webroot/panel/new_account.php"],
-            ["Blank", __DIR__ . "/../../webroot/panel/account.php"],
-            ["Blank", __DIR__ . "/../../webroot/panel/groups.php"],
-            ["Blank", __DIR__ . "/../../webroot/panel/support.php"],
-            ["EmptyPIGroupOwner", __DIR__ . "/../../webroot/panel/pi.php"],
+            // normal page load
+            ["Admin", "admin/pi-mgmt.php", "/PI Management/"],
+            ["Admin", "admin/user-mgmt.php", "/User Management/"],
+            ["Admin", "admin/content.php", "/Page Content Management/"],
+            ["Admin", "admin/notices.php", "/Cluster Notice Management/"],
+            ["NonExistent", "panel/new_account.php", "/Register New Account/"],
+            ["Blank", "panel/account.php", "/Account Settings/"],
+            ["Blank", "panel/groups.php", "/My Principal Investigators/"],
+            ["Blank", "panel/support.php", "/Support/"],
+            ["EmptyPIGroupOwner", "panel/pi.php", "/My Users/"],
+            // normal user should not be able to access admin pages
+            ["Blank", "admin/pi-mgmt.php", "/You are not an admin/"],
+            ["Blank", "admin/user-mgmt.php", "/You are not an admin/"],
+            ["Blank", "admin/content.php", "/You are not an admin/"],
+            ["Blank", "admin/notices.php", "/You are not an admin/"],
+            // new_account.php should redirect to account.php if account already exists
+            ["Blank", "panel/new_account.php", "/panel\/account\.php/"],
+            // all pages should redirect to new_account.php if account does not exist
+            ["NonExistent", "panel/account.php", "/panel\/new_account\.php/"],
         ];
     }
 
     #[DataProvider("provider")]
-    public function testLoadPage($nickname, $path)
+    public function testLoadPage($nickname, $path, $regex)
     {
         global $USER, $SSO, $LDAP, $SQL, $MAILER, $WEBHOOK;
         $this->switchUser($nickname);
-        http_get($path);
-        $this->assertTrue(true); // assert there were no errors
+        $output = http_get(__DIR__ . "/../../webroot/" . $path);
+        $this->assertMatchesRegularExpression($regex, $output);
     }
 }

test/phpunit-bootstrap.php

@@ -109,7 +109,7 @@ function http_post(
     }
 }
 
-function http_get(string $phpfile, array $get_data = []): void
+function http_get(string $phpfile, array $get_data = []): string
 {
     global $LDAP,
         $SQL,
@@ -131,9 +131,9 @@ function http_get(string $phpfile, array $get_data = []): void
     try {
         include $phpfile;
     } finally {
-        ob_get_clean(); // discard output
         unset($_GET);
-        $_PREVIOUS_SERVER = $_SERVER;
+        $_SERVER = $_PREVIOUS_SERVER;
+        return ob_get_clean();
     }
 }
 

webroot/admin/ajax/get_group_members.php

@@ -7,7 +7,7 @@
 use UnityWebPortal\lib\UserFlag;
 
 if (!$USER->getFlag(UserFlag::ADMIN)) {
-    UnityHTTPD::forbidden("not an admin");
+    UnityHTTPD::forbidden("not an admin", "You are not an admin.");
 }
 
 $gid = UnityHTTPD::getQueryParameter("gid");

webroot/admin/ajax/get_page_contents.php

@@ -6,7 +6,7 @@
 use UnityWebPortal\lib\UserFlag;
 
 if (!$USER->getFlag(UserFlag::ADMIN)) {
-    UnityHTTPD::forbidden("not an admin");
+    UnityHTTPD::forbidden("not an admin", "You are not an admin.");
 }
 
 $pageid = UnityHTTPD::getQueryParameter("pageid");

webroot/admin/content.php

@@ -6,7 +6,7 @@
 use UnityWebPortal\lib\UserFlag;
 
 if (!$USER->getFlag(UserFlag::ADMIN)) {
-    UnityHTTPD::forbidden("not an admin");
+    UnityHTTPD::forbidden("not an admin", "You are not an admin.");
 }
 
 if ($_SERVER["REQUEST_METHOD"] == "POST") {

webroot/admin/notices.php

@@ -6,7 +6,7 @@
 use UnityWebPortal\lib\UserFlag;
 
 if (!$USER->getFlag(UserFlag::ADMIN)) {
-    UnityHTTPD::forbidden("not an admin");
+    UnityHTTPD::forbidden("not an admin", "You are not an admin.");
 }
 
 if ($_SERVER["REQUEST_METHOD"] == "POST") {

webroot/admin/pi-mgmt.php

@@ -9,7 +9,7 @@
 use UnityWebPortal\lib\UserFlag;
 
 if (!$USER->getFlag(UserFlag::ADMIN)) {
-    UnityHTTPD::forbidden("not an admin");
+    UnityHTTPD::forbidden("not an admin", "You are not an admin.");
 }
 
 $getUserFromPost = function () {