test(security): cover tenant-scope, settings authz allow paths, auth gateways
Cluster 1 der Testabdeckungs-Initiative (.agents/runs/TEST-SEC-COVERAGE-001).
+38 Tests / +233 Assertions, nur tests/** veraendert.
- SettingsAuthorizationPolicyTest: Allow-Pfade fuer UPDATE/BRANDING_UPDATE/
TOKENS_REVOKE/USER_LIFECYCLE_RUN plus Unknown-Ability — schliesst die
Halb-Test-Luecke, die zuvor nur Deny-Pfade fuer 4 von 5 Abilities pruefte.
- AssignableRoleServiceTest: neu (GR-TEST-001, vorher nur transitiv via
UserAssignmentServiceTest gedeckt).
- AuthCryptoGatewayTest: neu (Roundtrip + Fehlerpfad, GR-SEC-005).
- AuthSettingsGatewayTest: neu (Delegation zu 5 Settings-Sub-Gateways).
- UserTenantContextServiceTest: neu, 18 Tests, Tenant-Scope-Logik
(GR-SEC-009) — current/primary/fallback, inactive-filter, assign-checks.
LdapConnectionGateway und OidcHttpGateway bleiben bewusst ohne Direkttests:
beide sind architektonische Test-Seams (dokumentiert im Docblock bzw. reiner
statischer Curl-Delegator). Ihre Logik ist ueber Konsumenten-Tests
(LdapAuthServiceTest, MicrosoftOidcServiceTest) bereits gedeckt.
Gates: QG-001 (1945 Tests) / QG-002 (PHPStan L5) / QG-003 (Architecture) /
QG-006 (php-cs-fixer) pass.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-22 18:57:43 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace MintyPHP\Tests\Service\Auth;
|
|
|
|
|
|
|
|
|
|
use MintyPHP\Service\Auth\AuthSettingsGateway;
|
|
|
|
|
use MintyPHP\Service\Settings\SettingsApiPolicyGateway;
|
|
|
|
|
use MintyPHP\Service\Settings\SettingsAppGateway;
|
|
|
|
|
use MintyPHP\Service\Settings\SettingsDefaultsGateway;
|
|
|
|
|
use MintyPHP\Service\Settings\SettingsLoginPersistenceGateway;
|
|
|
|
|
use MintyPHP\Service\Settings\SettingsMicrosoftGateway;
|
|
|
|
|
use PHPUnit\Framework\TestCase;
|
|
|
|
|
|
|
|
|
|
final class AuthSettingsGatewayTest extends TestCase
|
|
|
|
|
{
|
|
|
|
|
public function testMicrosoftAccessorsDelegateAndCastToString(): void
|
|
|
|
|
{
|
|
|
|
|
$microsoft = $this->createMock(SettingsMicrosoftGateway::class);
|
|
|
|
|
$microsoft->method('getMicrosoftSharedClientId')->willReturn('client-id');
|
|
|
|
|
$microsoft->method('getMicrosoftSharedClientSecret')->willReturn('secret');
|
|
|
|
|
$microsoft->method('getMicrosoftAuthority')->willReturn('https://login.microsoftonline.com/tenant');
|
|
|
|
|
|
|
|
|
|
$gateway = $this->makeGateway(microsoft: $microsoft);
|
|
|
|
|
|
|
|
|
|
$this->assertSame('client-id', $gateway->getMicrosoftSharedClientId());
|
|
|
|
|
$this->assertSame('secret', $gateway->getMicrosoftSharedClientSecret());
|
|
|
|
|
$this->assertSame('https://login.microsoftonline.com/tenant', $gateway->getMicrosoftAuthority());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testMicrosoftAccessorsReturnEmptyStringWhenUnconfigured(): void
|
|
|
|
|
{
|
|
|
|
|
$microsoft = $this->createMock(SettingsMicrosoftGateway::class);
|
|
|
|
|
$microsoft->method('getMicrosoftSharedClientId')->willReturn('');
|
|
|
|
|
$microsoft->method('getMicrosoftSharedClientSecret')->willReturn('');
|
|
|
|
|
$microsoft->method('getMicrosoftAuthority')->willReturn('');
|
|
|
|
|
|
|
|
|
|
$gateway = $this->makeGateway(microsoft: $microsoft);
|
|
|
|
|
|
|
|
|
|
$this->assertSame('', $gateway->getMicrosoftSharedClientId());
|
|
|
|
|
$this->assertSame('', $gateway->getMicrosoftSharedClientSecret());
|
|
|
|
|
$this->assertSame('', $gateway->getMicrosoftAuthority());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testApiTokenTtlAccessorsDelegate(): void
|
|
|
|
|
{
|
|
|
|
|
$apiPolicy = $this->createMock(SettingsApiPolicyGateway::class);
|
|
|
|
|
$apiPolicy->method('getApiTokenMaxTtlDays')->willReturn(90);
|
|
|
|
|
$apiPolicy->method('getApiTokenDefaultTtlDays')->willReturn(30);
|
|
|
|
|
|
|
|
|
|
$gateway = $this->makeGateway(apiPolicy: $apiPolicy);
|
|
|
|
|
|
|
|
|
|
$this->assertSame(90, $gateway->getApiTokenMaxTtlDays());
|
|
|
|
|
$this->assertSame(30, $gateway->getApiTokenDefaultTtlDays());
|
|
|
|
|
}
|
|
|
|
|
|
refactor(settings): remove global appearance settings — tenant is sole source
Removes the global app_theme, app_theme_user and app_primary_color settings
from the admin/settings area and the underlying service/cache/API/i18n/docs
layers. The tenant columns (tenants.primary_color, default_theme,
allow_user_theme) become the single source of truth for appearance.
Branding helpers are tenant-only and fall back to a hardcoded 'light' theme
with no brand color when no tenant context is available (login, error,
pre-session pages). The APP_THEME env var is removed.
Scope:
- UI: Appearance tab gone from /admin/settings; tenant edit form drops the
global-fallback color preview.
- Service: SettingsAppGateway no longer exposes setting-backed accessors
for theme/user-theme/primary-color. Theme catalog utilities (listThemes,
isAllowedTheme, normalizeTheme, resolveDefaultTheme) stay and are used
across Tenant / Auth / User flows; resolveDefaultTheme now hardcodes
'light' with a catalog fallback (no global/env lookup).
- AdminSettingsService: buildPageData, sanitization, audit snapshot, apply
step and cache payload are all stripped of the three keys. Dead helper
applyAppPrimaryColor + normalizePrimaryColor removed.
- Cache: SettingCacheService HOT_PATH_KEYS drops the three keys.
- API: /settings (GET/PUT) and /settings/public (GET) no longer expose
appearance fields; OpenAPI schemas pruned accordingly.
- Audit redaction list shortened.
- DB: db/init/init.sql seed rows removed. No migration for existing
installs — legacy rows stay inert.
- i18n + docs: setting.app_theme, setting.app_theme_user,
setting.app_primary_color removed from de+en locales; reference and
explanation docs updated.
- Tests: covering tests for the removed methods pruned; ThemeResolutionTest
rewritten for tenant-only semantics. One unrelated PHP-CS-Fixer issue in
UserRegistrar.php cleaned up to keep QG-006 green.
Workflow: .agents/runs/SETTINGS-APPEARANCE-TENANT-ONLY/ (gitignored).
Gates: QG-001..003, QG-006, QG-008 all pass (1985 tests, 28764 assertions).
Reviews: code, security, acceptance all pass.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-22 22:40:15 +02:00
|
|
|
public function testThemeHelpersDelegate(): void
|
test(security): cover tenant-scope, settings authz allow paths, auth gateways
Cluster 1 der Testabdeckungs-Initiative (.agents/runs/TEST-SEC-COVERAGE-001).
+38 Tests / +233 Assertions, nur tests/** veraendert.
- SettingsAuthorizationPolicyTest: Allow-Pfade fuer UPDATE/BRANDING_UPDATE/
TOKENS_REVOKE/USER_LIFECYCLE_RUN plus Unknown-Ability — schliesst die
Halb-Test-Luecke, die zuvor nur Deny-Pfade fuer 4 von 5 Abilities pruefte.
- AssignableRoleServiceTest: neu (GR-TEST-001, vorher nur transitiv via
UserAssignmentServiceTest gedeckt).
- AuthCryptoGatewayTest: neu (Roundtrip + Fehlerpfad, GR-SEC-005).
- AuthSettingsGatewayTest: neu (Delegation zu 5 Settings-Sub-Gateways).
- UserTenantContextServiceTest: neu, 18 Tests, Tenant-Scope-Logik
(GR-SEC-009) — current/primary/fallback, inactive-filter, assign-checks.
LdapConnectionGateway und OidcHttpGateway bleiben bewusst ohne Direkttests:
beide sind architektonische Test-Seams (dokumentiert im Docblock bzw. reiner
statischer Curl-Delegator). Ihre Logik ist ueber Konsumenten-Tests
(LdapAuthServiceTest, MicrosoftOidcServiceTest) bereits gedeckt.
Gates: QG-001 (1945 Tests) / QG-002 (PHPStan L5) / QG-003 (Architecture) /
QG-006 (php-cs-fixer) pass.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-22 18:57:43 +02:00
|
|
|
{
|
|
|
|
|
$app = $this->createMock(SettingsAppGateway::class);
|
|
|
|
|
$app->method('resolveDefaultTheme')->willReturn('light');
|
|
|
|
|
$app->expects($this->once())->method('normalizeTheme')->with('DARK')->willReturn('dark');
|
|
|
|
|
|
|
|
|
|
$gateway = $this->makeGateway(app: $app);
|
|
|
|
|
|
|
|
|
|
$this->assertSame('light', $gateway->defaultTheme());
|
|
|
|
|
$this->assertSame('dark', $gateway->normalizeTheme('DARK'));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testDefaultsAccessorsCastToInt(): void
|
|
|
|
|
{
|
|
|
|
|
$defaults = $this->createMock(SettingsDefaultsGateway::class);
|
|
|
|
|
$defaults->method('getDefaultRoleId')->willReturn(5);
|
|
|
|
|
$defaults->method('getDefaultDepartmentId')->willReturn(12);
|
|
|
|
|
|
|
|
|
|
$gateway = $this->makeGateway(defaults: $defaults);
|
|
|
|
|
|
|
|
|
|
$this->assertSame(5, $gateway->getDefaultRoleId());
|
|
|
|
|
$this->assertSame(12, $gateway->getDefaultDepartmentId());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testLoginPersistenceAccessorsDelegate(): void
|
|
|
|
|
{
|
|
|
|
|
$login = $this->createMock(SettingsLoginPersistenceGateway::class);
|
|
|
|
|
$login->method('isMicrosoftAutoRememberDefault')->willReturn(true);
|
|
|
|
|
$login->method('getRememberTokenLifetimeDays')->willReturn(14);
|
|
|
|
|
|
|
|
|
|
$gateway = $this->makeGateway(login: $login);
|
|
|
|
|
|
|
|
|
|
$this->assertTrue($gateway->isMicrosoftAutoRememberDefault());
|
|
|
|
|
$this->assertSame(14, $gateway->getRememberTokenLifetimeDays());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private function makeGateway(
|
|
|
|
|
?SettingsMicrosoftGateway $microsoft = null,
|
|
|
|
|
?SettingsApiPolicyGateway $apiPolicy = null,
|
|
|
|
|
?SettingsDefaultsGateway $defaults = null,
|
|
|
|
|
?SettingsAppGateway $app = null,
|
|
|
|
|
?SettingsLoginPersistenceGateway $login = null,
|
|
|
|
|
): AuthSettingsGateway {
|
|
|
|
|
return new AuthSettingsGateway(
|
|
|
|
|
$microsoft ?? $this->createMock(SettingsMicrosoftGateway::class),
|
|
|
|
|
$apiPolicy ?? $this->createMock(SettingsApiPolicyGateway::class),
|
|
|
|
|
$defaults ?? $this->createMock(SettingsDefaultsGateway::class),
|
|
|
|
|
$app ?? $this->createMock(SettingsAppGateway::class),
|
|
|
|
|
$login ?? $this->createMock(SettingsLoginPersistenceGateway::class),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|