Merge branch 'release-4.1'

module/VuFind/src/VuFind/Auth/ILS.php

@@ -202,7 +202,8 @@ class ILS extends AbstractBase
         }
 
         // Update the user and send it back to the caller:
-        $user = $this->getUserTable()->getByUsername($patron['cat_username']);
+        $username = $patron[$this->getUsernameField()];
+        $user = $this->getUserTable()->getByUsername($username);
         $user->saveCredentials($patron['cat_username'], $params['password']);
         return $user;
     }
@@ -219,9 +220,7 @@ class ILS extends AbstractBase
     {
         // Figure out which field of the response to use as an identifier; fail
         // if the expected field is missing or empty:
-        $config = $this->getConfig();
-        $usernameField = isset($config->Authentication->ILS_username_field)
-            ? $config->Authentication->ILS_username_field : 'cat_username';
+        $usernameField = $this->getUsernameField();
         if (!isset($info[$usernameField]) || empty($info[$usernameField])) {
             throw new AuthException('authentication_error_technical');
         }
@@ -289,4 +288,16 @@ class ILS extends AbstractBase
         $patron = $this->authenticator->storedCatalogLogin();
         return $patron ? $patron : null;
     }
+
+    /**
+     * Gets the configured username field.
+     *
+     * @return string
+     */
+    protected function getUsernameField()
+    {
+        $config = $this->getConfig();
+        return isset($config->Authentication->ILS_username_field)
+            ? $config->Authentication->ILS_username_field : 'cat_username';
+    }
 }

module/VuFind/tests/integration-tests/src/VuFindTest/Auth/ILSTest.php

@@ -29,6 +29,7 @@ namespace VuFindTest\Auth;
 
 use VuFind\Auth\ILS;
 use VuFind\Db\Table\User;
+use Zend\Stdlib\Parameters;
 
 /**
  * ILS authentication test class.
@@ -43,20 +44,6 @@ class ILSTest extends \VuFindTest\Unit\DbTestCase
 {
     use \VuFindTest\Unit\UserCreationTrait;
 
-    /**
-     * Object to test
-     *
-     * @var ILS
-     */
-    protected $auth;
-
-    /**
-     * Mock ILS driver
-     *
-     * @var \VuFind\ILS\Driver\Sample
-     */
-    protected $driver;
-
     /**
      * Standard setup method.
      *
@@ -78,23 +65,56 @@ class ILSTest extends \VuFindTest\Unit\DbTestCase
         if (!$this->continuousIntegrationRunning()) {
             return $this->markTestSkipped('Continuous integration not running.');
         }
-        $this->driver = $this->createMock('VuFind\ILS\Driver\Sample');
+    }
+
+    /**
+     * Get a mock ILS driver to test.
+     *
+     * @param string $type    Driver type to mock (default = Sample)
+     * @param array  $methods Methods to mock
+     *
+     * @return \VuFind\ILS\Driver\Sample
+     */
+    protected function getMockDriver($type = 'Sample', $methods = [])
+    {
+        return $this->getMockBuilder('VuFind\ILS\Driver\\' . $type)
+            ->disableOriginalConstructor()
+            ->setMethods($methods)
+            ->getMock();
+    }
+
+    /**
+     * Get the object to test.
+     *
+     * @param \VuFind\ILS\Driver\AbstractBase $driver Mock ILS driver to test with.
+     * @param array                           $patron Logged in patron for mock
+     * authenticator (null for none)
+     *
+     * @return \VuFind\Auth\ILS
+     */
+    protected function getAuth($driver = null, $patron = null)
+    {
+        if (empty($driver)) {
+            $driver = $this->getMockDriver();
+        }
+        $authenticator = $this->getMockILSAuthenticator($patron);
         $driverManager = new \VuFind\ILS\Driver\PluginManager();
-        $driverManager->setService('Sample', $this->driver);
+        $driverManager->setService('Sample', $driver);
         $mockConfigReader = $this->createMock('VuFind\Config\PluginManager');
         $mockConfigReader->expects($this->any())->method('get')
             ->will($this->returnValue(new \Zend\Config\Config([])));
-        $this->auth = new \VuFind\Auth\ILS(
+        $auth = new \VuFind\Auth\ILS(
             new \VuFind\ILS\Connection(
                 new \Zend\Config\Config(['driver' => 'Sample']),
                 $driverManager, $mockConfigReader
             ),
-            $this->getMockILSAuthenticator()
+            $authenticator
         );
-        $this->auth->setDbTableManager(
+        $auth->setDbTableManager(
             $this->getServiceManager()->get('VuFind\DbTablePluginManager')
         );
-        $this->auth->getCatalog()->setDriver($this->driver);
+        $auth->getCatalog()->setDriver($driver);
+        return $auth;
     }
 
     /**
@@ -104,7 +124,7 @@ class ILSTest extends \VuFindTest\Unit\DbTestCase
      */
     public function testCreateIsDisallowed()
     {
-        $this->assertFalse($this->auth->supportsCreation());
+        $this->assertFalse($this->getAuth()->supportsCreation());
     }
 
     /**
@@ -134,7 +154,7 @@ class ILSTest extends \VuFindTest\Unit\DbTestCase
     {
         $this->setExpectedException('VuFind\Exception\Auth');
         $request = $this->getLoginRequest(['username' => '']);
-        $this->auth->authenticate($request);
+        $this->getAuth()->authenticate($request);
     }
 
     /**
@@ -146,7 +166,7 @@ class ILSTest extends \VuFindTest\Unit\DbTestCase
     {
         $this->setExpectedException('VuFind\Exception\Auth');
         $request = $this->getLoginRequest(['password' => '']);
-        $this->auth->authenticate($request);
+        $this->getAuth()->authenticate($request);
     }
 
     /**
@@ -159,11 +179,12 @@ class ILSTest extends \VuFindTest\Unit\DbTestCase
         // VuFind requires the ILS driver to return a value in cat_username
         // by default -- if that is missing, we should fail.
         $response = [];
-        $this->driver->expects($this->once())->method('patronLogin')
+        $driver = $this->getMockDriver();
+        $driver->expects($this->once())->method('patronLogin')
             ->with($this->equalTo('testuser'), $this->equalTo('testpass'))
             ->will($this->returnValue($response));
         $this->setExpectedException('VuFind\Exception\Auth');
-        $this->auth->authenticate($this->getLoginRequest());
+        $this->getAuth($driver)->authenticate($this->getLoginRequest());
     }
 
     /**
@@ -177,14 +198,152 @@ class ILSTest extends \VuFindTest\Unit\DbTestCase
             'cat_username' => 'testuser', 'cat_password' => 'testpass',
             'email' => 'user@test.com'
         ];
-        $this->driver->expects($this->once())->method('patronLogin')
+        $driver = $this->getMockDriver();
+        $driver->expects($this->once())->method('patronLogin')
             ->with($this->equalTo('testuser'), $this->equalTo('testpass'))
             ->will($this->returnValue($response));
-        $user = $this->auth->authenticate($this->getLoginRequest());
+        $user = $this->getAuth($driver)->authenticate($this->getLoginRequest());
         $this->assertEquals('testuser', $user->username);
         $this->assertEquals('user@test.com', $user->email);
     }
 
+    /**
+     * Test failure caused by missing cat_id.
+     *
+     * @return void
+     *
+     * @expectedException        VuFind\Exception\Auth
+     * @expectedExceptionMessage authentication_error_technical
+     */
+    public function testLoginWithMissingCatId()
+    {
+        $response = [
+            'cat_username' => 'testuser', 'cat_password' => 'testpass',
+            'email' => 'user@test.com'
+        ];
+        $driver = $this->getMockDriver();
+        $driver->expects($this->once())->method('patronLogin')
+            ->with($this->equalTo('testuser'), $this->equalTo('testpass'))
+            ->will($this->returnValue($response));
+        $auth = $this->getAuth($driver);
+        // Configure the authenticator to look for a cat_id; since there is no
+        // cat_id in the response above, this will throw an exception.
+        $config = ['Authentication' => ['ILS_username_field' => 'cat_id']];
+        $auth->setConfig(new \Zend\Config\Config($config));
+        $auth->authenticate($this->getLoginRequest());
+    }
+
+    /**
+     * Test updating a user's password with mismatched new password values.
+     *
+     * @return void
+     *
+     * @expectedException        VuFind\Exception\Auth
+     * @expectedExceptionMessage Password cannot be blank
+     */
+    public function testUpdateUserPasswordWithEmptyValue()
+    {
+        $patron = ['cat_username' => 'testuser'];
+        $request = $this->getLoginRequest(
+            [
+                'oldpwd' => 'foo',
+                'password' => '',
+                'password2' => '',
+            ]
+        );
+        $this->getAuth(null, $patron)->updatePassword($request);
+    }
+
+    /**
+     * Test updating a user's password with mismatched new password values.
+     *
+     * @return void
+     *
+     * @expectedException        VuFind\Exception\Auth
+     * @expectedExceptionMessage authentication_error_technical
+     */
+    public function testUpdateUserPasswordWithoutLoggedInUser()
+    {
+        $request = $this->getLoginRequest(
+            [
+                'oldpwd' => 'foo',
+                'password' => 'bar',
+                'password2' => 'bar',
+            ]
+        );
+        $this->getAuth()->updatePassword($request);
+    }
+
+    /**
+     * Test updating a user's password with mismatched new password values.
+     *
+     * @return void
+     *
+     * @expectedException        VuFind\Exception\Auth
+     * @expectedExceptionMessage Passwords do not match
+     */
+    public function testUpdateUserPasswordWithMismatch()
+    {
+        $request = $this->getLoginRequest(
+            [
+                'oldpwd' => 'foo',
+                'password' => 'pass',
+                'password2' => 'fail',
+            ]
+        );
+        $patron = ['cat_username' => 'testuser'];
+        $this->getAuth(null, $patron)->updatePassword($request);
+    }
+
+    /**
+     * Test updating a user's password.
+     *
+     * @return void
+     */
+    public function testUpdateUserPassword()
+    {
+        $request = $this->getLoginRequest(
+            [
+                'oldpwd' => 'foo',
+                'password' => 'newpass',
+                'password2' => 'newpass',
+            ]
+        );
+        $driver = $this->getMockDriver('Demo', ['changePassword']);
+        $driver->expects($this->once())->method('changePassword')
+            ->will($this->returnValue(['success' => true]));
+        $patron = ['cat_username' => 'testuser'];
+        $user = $this->getAuth($driver, $patron)->updatePassword($request);
+        $this->assertEquals('testuser', $user->username);
+        $this->assertEquals('newpass', $user->getCatPassword());
+    }
+
+    /**
+     * Test updating a user's password (identifying user with cat_id field).
+     *
+     * @return void
+     */
+    public function testUpdateUserPasswordUsingCatIdField()
+    {
+        $request = $this->getLoginRequest(
+            [
+                'oldpwd' => 'foo',
+                'password' => 'newpass',
+                'password2' => 'newpass',
+            ]
+        );
+        $driver = $this->getMockDriver('Demo', ['changePassword']);
+        $driver->expects($this->once())->method('changePassword')
+            ->will($this->returnValue(['success' => true]));
+        $patron = ['cat_username' => 'testuser', 'cat_id' => '1234'];
+        $auth = $this->getAuth($driver, $patron);
+        $config = ['Authentication' => ['ILS_username_field' => 'cat_id']];
+        $auth->setConfig(new \Zend\Config\Config($config));
+        $user = $auth->updatePassword($request);
+        $this->assertEquals('1234', $user->username);
+        $this->assertEquals('newpass', $user->getCatPassword());
+    }
+
     /**
      * Standard teardown method.
      *
@@ -192,18 +351,24 @@ class ILSTest extends \VuFindTest\Unit\DbTestCase
      */
     public static function tearDownAfterClass()
     {
-        static::removeUsers('testuser');
+        static::removeUsers(['1234', 'testuser']);
     }
 
     /**
      * Get mock ILS authenticator
      *
+     * @param array $patron Logged in patron to simulate (null for none).
+     *
      * @return \VuFind\Auth\ILSAuthenticator
      */
-    protected function getMockILSAuthenticator()
+    protected function getMockILSAuthenticator($patron = null)
     {
-        return $this->getMockBuilder('VuFind\Auth\ILSAuthenticator')
+        $mock = $this->getMockBuilder('VuFind\Auth\ILSAuthenticator')
             ->disableOriginalConstructor()
+            ->setMethods(['storedCatalogLogin'])
             ->getMock();
+        $mock->expects($this->any())->method('storedCatalogLogin')
+            ->will($this->returnValue($patron));
+        return $mock;
     }
 }