Add PHP-Setup to behat CI

heiglandreas · Dec 26, 2023 · f274d84 · f274d84
1 parent 820f98e
commit f274d84
Show file tree

Hide file tree

Showing 2 changed files with 260 additions and 7 deletions.
diff --git a/.github/workflows/behat.yml b/.github/workflows/behat.yml
@@ -11,15 +11,9 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php-version: [ '7.4', '8.0', '8.1', '8.2', '8.3' ]
+        php-version: [ '8.0', '8.1', '8.2', '8.3' ]
         wordpress-version: ['6.1', '6.2', '6.3', '6.4']
         exclude:
-          - php-version: 7.4
-            wordpress-version: 6.2
-          - php-version: 7.4
-            wordpress-version: 6.3
-          - php-version: 7.4
-            wordpress-version: 6.4
           - php-version: 8.3
             wordpress-version: 6.1
           - php-version: 8.3
@@ -38,5 +32,14 @@ jobs:
         run: docker ps -a
       - name: Check logs
         run: docker compose logs openldap
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php-version }}
+          tools: phive
+      - name: install dependencies
+        run: composer install
+      - name: install tools
+        run: phive install --force-accept-unsigned behat/behat --copy
       - name: run behat
         run: docker compose exec wp bash -c "cd wp-content/plugins/authldap && ./tools/behat"
diff --git a/features/bootstrap/FeatureContext.php b/features/bootstrap/FeatureContext.php
@@ -0,0 +1,250 @@
+<?php
+
+declare(strict_types=1);
+
+use Behat\Behat\Tester\Exception\PendingException;
+use Behat\Behat\Context\Context;
+use Behat\Gherkin\Node\PyStringNode;
+use Behat\Gherkin\Node\TableNode;
+use GuzzleHttp\Client;
+use GuzzleHttp\Cookie\CookieJar;
+use GuzzleHttp\Psr7\Response;
+use Org_Heigl\AuthLdap\OptionFactory;
+use Org_Heigl\AuthLdap\Options;
+use Webmozart\Assert\Assert;
+
+class FeatureContext implements Context
+{
+	private ?Response $res = null;
+	/**
+	 * Initializes context.
+	 *
+	 * Every scenario gets its own context instance.
+	 * You can also pass arbitrary arguments to the
+	 * context constructor through behat.yml.
+	 */
+	public function __construct()
+	{
+	}
+
+
+	/**
+	 * @Given a default configuration
+	 */
+	public function aDefaultConfiguration()
+	{
+		$options = new Options();
+		$options->set(Options::URI, 'ldap://cn=admin,dc=example,dc=org:insecure@openldap:389/dc=example,dc=org');
+		$options->set(Options::ENABLED, true);
+		$options->set(Options::FILTER, 'uid=%1$s');
+		$options->set(Options::DEFAULT_ROLE, 'subscriber');
+		$options->set(Options::DEBUG, true);
+		$options->set(Options::NAME_ATTR, 'cn');
+
+		exec(sprintf(
+			'wp --allow-root option update --format=json authLDAPOptions \'%1$s\'',
+			json_encode($options->toArray())
+		));
+	}
+
+	/**
+	 * @Given configuration value :arg1 is set to :arg2
+	 */
+	public function configurationValueIsSetTo($arg1, $arg2)
+	{
+		exec(sprintf(
+			'wp --allow-root option patch update authLDAPOptions %1$s %2$s --format=json',
+			$arg1,
+			$arg2
+		));
+	}
+
+	/**
+	 * @Given an LDAP user :arg1 with name :arg2, password :arg3 and email :arg4 exists
+	 */
+	public function anLdapUserWithNamePasswordAndEmailExists($arg1, $arg2, $arg3, $arg4)
+	{
+		exec(sprintf(
+			'ldapadd -x -H %1$s -D "%2$s" -w %3$s <<LDIF
+%4$s
+LDIF',
+			'ldap://openldap',
+			'cn=admin,dc=example,dc=org',
+			'insecure',
+			<<<LDIF
+			dn: uid=$arg1,dc=example,dc=org
+			objectClass: inetOrgPerson
+			objectClass: organizationalPerson
+			objectClass: person
+			objectClass: top
+			objectClass: simpleSecurityObject
+			uid: $arg1
+			cn: $arg2
+			sn: $arg2
+			userPassword: $arg3
+			mail: $arg4
+			LDIF
+		));
+		exec(sprintf(
+			'ldappasswd -H ldap://openldap:389 -x -D "uid=admin,dc=example,dc=org" -w "%3$s" -s "%2$s" "uid=%1$s,dc=example,dc=org"',
+			$arg1,
+			$arg3,
+			'insecure'
+		));
+	}
+
+	/**
+	 * @Given an LDAP group :arg1 exists
+	 */
+	public function anLdapGroupExists($arg1)
+	{
+		exec(sprintf(
+			'ldapadd -x -H %1$s -D "%2$s" -w %3$s <<LDIF
+%4$s
+LDIF',
+			'ldap://openldap',
+			'cn=admin,dc=example,dc=org',
+			'insecure',
+			<<<LDIF
+			dn: cn=$arg1,dc=example,dc=org
+			objectClass: groupOfUniqueNames
+			cn: $arg1
+			uniqueMember: cn=admin,dc=example,dc=org
+			LDIF
+		));
+	}
+
+	/**
+	 * @Given a WordPress user :arg1 with name :arg2 and email :arg3 exists
+	 */
+	public function aWordpressUserWithNameAndEmailExists($arg1, $arg2, $arg3)
+	{
+		exec(sprintf(
+			'wp --allow-root user create %1$s %3$s --display_name=%2$s --porcelain',
+			$arg1,
+			$arg2,
+			$arg3
+		));
+	}
+
+	/**
+	 * @Given a WordPress role :arg1 exists
+	 */
+	public function aWordpressRoleExists($arg1)
+	{
+		exec(sprintf(
+			'wp --allow-root role create %1$s %1$s',
+			$arg1,
+		));
+	}
+
+	/**
+	 * @Given WordPress user :arg1 has role :arg2
+	 */
+	public function wordpressUserHasRole($arg1, $arg2)
+	{
+		exec(sprintf(
+			'wp --allow-root user add-role %1$s %2$s',
+			$arg1,
+			$arg2
+		));
+	}
+
+	/**
+	 * @When LDAP user :arg1 logs in with password :arg2
+	 */
+	public function ldapUserLogsInWithPassword($arg1, $arg2)
+	{
+		//  curl -i 'http://localhost/wp-login.php' -X POST -H 'Cookie: wordpress_test_cookie=test' --data-raw 'log=localadmin&pwd=P%40ssw0rd'
+		$client = new Client();
+
+		$this->res = $client->post('http://wp/wp-login.php', [
+			'cookies' => CookieJar::fromArray([
+				'wordpress_test_cookie' => 'test',
+				'XDEBUG_SESSION' => 'PHPSTORM',
+			], 'http://wp'),
+			'form_params' => [
+				'log' => $arg1,
+				'pwd' => $arg2,
+			],
+			'allow_redirects' => false
+		]);
+	}
+
+	/**
+	 * @Then the login suceeds
+	 */
+	public function theLoginSuceeds()
+	{
+		Assert::isInstanceOf($this->res, Response::class);
+		Assert::eq( $this->res->getStatusCode(), 302);
+		Assert::startsWith($this->res->getHeader('Location')[0], 'http://localhost/wp-admin');
+	}
+
+	/**
+	 * @Then a new WordPress user :arg1 was created with name :arg2 and email :arg3
+	 */
+	public function aNewWordpressUserWasCreatedWithNameAndEmail($arg1, $arg2, $arg3)
+	{
+		exec(sprintf(
+			'wp --allow-root user get %1$s --format=json 2> /dev/null',
+			$arg1,
+		), $output, $result);
+		Assert::eq(0, $result);
+		$user = json_decode($output[0], true);
+		Assert::eq($user['user_email'], $arg3);
+		Assert::eq($user['display_name'], $arg2);
+		Assert::greaterThan(
+			new DateTimeImmutable($user['user_registered']),
+			(new DateTimeImmutable())->sub(new DateInterval('PT1M')),
+		);
+	}
+
+	/**
+	 * @Then the WordPress user :arg1 is member of role :arg2
+	 */
+	public function theWordpressUserIsMemberOfRole($arg1, $arg2)
+	{
+		exec(sprintf(
+			'wp --allow-root user get %1$s --format=json 2> /dev/null',
+			$arg1,
+		), $output, $result);
+		Assert::eq(0, $result);
+		$user = json_decode($output[0], true);
+		$roles = array_map(function($item): string {
+			return trim($item);
+		}, explode(',', $user['roles']));
+		Assert::inArray($arg2, $roles);
+	}
+
+    /**
+     * @Given LDAP user :arg1 is member of LDAP group :arg2
+     */
+    public function ldapUserIsMemberOfLdapGroup($arg1, $arg2)
+    {
+	    exec(sprintf(
+		    'ldapmodify -x -H %1$s -D "%2$s" -w %3$s <<LDIF
+%4$s
+LDIF',
+		    'ldap://openldap',
+		    'cn=admin,dc=example,dc=org',
+		    'insecure',
+		    <<<LDIF
+			dn: cn=$arg2,dc=example,dc=org
+			changetype: modify
+			add: uniqueMember
+			uniqueMember: uid=$arg1,dc=example,dc=org
+			LDIF
+	    ));    }
+
+    /**
+     * @Given a WordPress user :arg1 does not exist
+     */
+    public function aWordpressUserDoesNotExist($arg1)
+    {
+	    exec(sprintf(
+		    'wp --allow-root user delete --yes %1$s',
+		    $arg1,
+	    ));
+    }
+}