Merge pull request #65 from OrifInformatique:unit_tests

Add unit tests
OrifInformatique · Jan 17, 2024 · b1a4024 · b1a4024
2 parents a657575 + e215661
commit b1a4024
Show file tree

Hide file tree

Showing 30 changed files with 3,073 additions and 137 deletions.
diff --git a/.github/workflows/codeigniter.yml b/.github/workflows/codeigniter.yml
@@ -0,0 +1,64 @@
+name: CodeIgniter
+
+on:
+  push:
+    # branches: [ "master" ]
+  pull_request:
+    # branches: [ "master" ]
+  release:
+    types: [published]
+  workflow_dispatch: # to run manually
+
+permissions:
+  contents: read
+
+jobs:
+  codeigniter-test:
+    environment: unit_test
+    runs-on: ubuntu-latest
+    services:
+      db:
+        image: mariadb
+        env:
+          MYSQL_DATABASE: ci4_test
+          MYSQL_ROOT_PASSWORD: root
+        ports:
+          - 3306:3306
+        options: --health-cmd="mariadb-admin ping" --health-interval=10s --health-timeout=5s --health-retries=3
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Validate composer.json and composer.lock
+      run: composer validate --strict
+
+    - name: Cache Composer packages
+      id: composer-cache
+      uses: actions/cache@v3
+      with:
+        path: vendor
+        key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }}
+        restore-keys: |
+          ${{ runner.os }}-php-
+
+    - name: Install dependencies
+      run: composer install --prefer-dist --no-progress
+
+    # Add a test script to composer.json, for instance: "test": "vendor/bin/phpunit"
+    # Docs: https://getcomposer.org/doc/articles/scripts.md
+
+
+    - name: Execute tests (Unit and Feature tests) via PHPUnit
+      env:
+        database.tests.hostname: 127.0.0.1
+        database.tests.database: ci4_test
+        database.tests.username: root
+        database.tests.password: root
+        database.tests.DBDriver: MySQLi
+        database.tests.port: 3306
+        database.tests.DBPrefix:  
+        CLIENT_ID: ${{ secrets.CLIENT_ID }}
+        TENANT_ID: ${{ secrets.TENANT_ID }}
+        CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+        GRAPH_USER_SCOPES: ${{ secrets.GRAPH_USER_SCOPES }}
+        REDIRECT_URI: ${{ secrets.REDIRECT_URI }}
+      run: vendor/bin/phpunit
diff --git a/app/Config/App.php b/app/Config/App.php
@@ -42,7 +42,7 @@ class App extends BaseConfig
      * something else. If you are using mod_rewrite to remove the page set this
      * variable so that it is blank.
      */
-    public string $indexPage = 'index.php';
+    public string $indexPage = '';
 
     /**
      * --------------------------------------------------------------------------

diff --git a/app/Config/Boot/production.php b/app/Config/Boot/production.php
@@ -7,7 +7,13 @@
  | Don't show ANY in production environments. Instead, let the system catch
  | it and display a generic error message.
  */
-ini_set('display_errors', '0');
+# ini_set('display_errors', '0');
+ini_set('display_errors', 'Off'); # Workarounds for CodeIgniter4 vulnerable to
+# information disclosure when detailed error report is displayed in production
+# environment 
+# https://github.com/OrifInformatique/ci_packbase_v4/security/dependabot/2
+# When we update CodeIgniter to 4.4.3 or upper, change Off to 0
+
 error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT & ~E_USER_NOTICE & ~E_USER_DEPRECATED);
 
 /*

diff --git a/app/Controllers/BaseController.php b/app/Controllers/BaseController.php
@@ -10,6 +10,8 @@
 use Psr\Log\LoggerInterface;
 use CodeIgniter\HTTP\Response;
 
+use Common\Exceptions\AccessDeniedException;
+
 /**
  * Class BaseController
  *
@@ -71,10 +73,7 @@ public function initController(RequestInterface $request,
 
         // Check permission on construct
         if (!$this->check_permission()) {
-            echo $this->display_view('\User\errors\403error');
-            exit();
-            //throw new \Exception("some message here",403);
-            //show_error(lang('msg_err_access_denied_message'), 403, lang('msg_err_access_denied_header'));
+            throw AccessDeniedException::forPageAccessDenied();
         }
     }
 
@@ -109,7 +108,7 @@ protected function check_permission(
             // check if user is logged in, if not access is not allowed
             if ($_SESSION['logged_in'] != true) {
                 // The usual redirect()->to() doesn't work here. Keep this kind of redirect.
-                return $this->response->redirect(base_url('user/auth/login'));
+                return false;
             }
             // check if page is accessible for all logged in users
             elseif ($required_level == "@") {

diff --git a/app/Views/errors/html/error_403.php b/app/Views/errors/html/error_403.php
@@ -0,0 +1,88 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="utf-8">
+    <title><?= lang('user_lang.code_error_403') ?></title>
+
+    <style>
+        div.logo {
+            height: 200px;
+            width: 155px;
+            display: inline-block;
+            opacity: 0.08;
+            position: absolute;
+            top: 2rem;
+            left: 50%;
+            margin-left: -73px;
+        }
+        body {
+            height: 100%;
+            background: #fafafa;
+            font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
+            color: #777;
+            font-weight: 300;
+        }
+        h1 {
+            font-weight: lighter;
+            letter-spacing: normal;
+            font-size: 3rem;
+            margin-top: 0;
+            margin-bottom: 0;
+            color: #222;
+        }
+        .wrap {
+            max-width: 1024px;
+            margin: 5rem auto;
+            padding: 2rem;
+            background: #fff;
+            text-align: center;
+            border: 1px solid #efefef;
+            border-radius: 0.5rem;
+            position: relative;
+        }
+        pre {
+            white-space: normal;
+            margin-top: 1.5rem;
+        }
+        code {
+            background: #fafafa;
+            border: 1px solid #efefef;
+            padding: 0.5rem 1rem;
+            border-radius: 5px;
+            display: block;
+        }
+        p {
+            margin-top: 1.5rem;
+        }
+        .footer {
+            margin-top: 2rem;
+            border-top: 1px solid #efefef;
+            padding: 1em 2em 0 2em;
+            font-size: 85%;
+            color: #999;
+        }
+        a:active,
+        a:link,
+        a:visited {
+            color: #dd4814;
+        }
+    </style>
+</head>
+<body>
+    <div class="wrap">
+        <h1><?= lang('user_lang.code_error_403')?></h1>
+
+        <p>
+            <?php if (ENVIRONMENT !== 'production') : ?>
+                <?= nl2br(esc($message)) ?>
+            <?php else : ?>
+                <?= nl2br(esc($message)) ?>
+            <?php endif ?>
+        </p>
+    </div>
+    <?php if (ENVIRONMENT !== 'production') : ?>
+        <?= d($exception->getTrace()) ?>
+    <?php endif ?>
+
+</body>
+</html>
diff --git a/composer.json b/composer.json
@@ -6,12 +6,13 @@
     "license": "MIT",
     "require": {
         "php": "^8.0",
-        "codeigniter4/framework": "^4.0",
+        "codeigniter4/framework": "4.3.*",
         "codeigniter4/translations": "^4.3"
     },
     "require-dev": {
         "fakerphp/faker": "^1.9",
         "mikey179/vfsstream": "^1.6",
+        "phpunit/php-code-coverage": "^9.2",
         "phpunit/phpunit": "^9.1"
     },
     "config": {