OXDEV-9992 Add integration tests with fixtures for user model

TitaKoleva · TitaKoleva · commit b76cc70c5b6c · 2026-01-22T17:29:08.000+02:00
diff --git a/tests/Fixtures/testdata_ce.sql b/tests/Fixtures/testdata_ce.sql
@@ -1 +1,4 @@
 SET @@session.sql_mode = '';
+
+REPLACE INTO `oxuser` (`OXID`, `OXACTIVE`, `OXRIGHTS`, `OXSHOPID`, `OXUSERNAME`, `OXPASSWORD`, `OXPASSSALT`, `OXCUSTNR`, `OXUSTID`, `OXCOMPANY`, `OXFNAME`, `OXLNAME`, `OXSTREET`, `OXSTREETNR`, `OXADDINFO`, `OXCITY`, `OXCOUNTRYID`, `OXZIP`, `OXFON`, `OXFAX`, `OXSAL`, `OXBONI`, `OXCREATE`, `OXREGISTER`, `OXPRIVFON`, `OXMOBFON`, `OXBIRTHDATE`)
+VALUES ('testuser', 1, 'user', 1, 'user@oxid-esales.com', '$2y$10$b186f117054b700a89de9uXDzfahkizUucitfPov3C2cwF5eit2M2', 'b186f117054b700a89de929ce90c6aef', 8, '', 'UserCompany šÄßüл', 'UserNamešÄßüл', 'UserSurnamešÄßüл', 'Musterstr.šÄßüл', '1', 'User additional info šÄßüл', 'Musterstadt šÄßüл', 'testcountry_de', '79098', '0800 111111', '0800 111112', 'Mr', 500, '2008-02-05 14:42:42', '2008-02-05 14:42:42', '0800 111113', '0800 111114', '1980-01-01');
diff --git a/tests/Fixtures/testdata_ee.sql b/tests/Fixtures/testdata_ee.sql
@@ -1 +1,4 @@
 SET @@session.sql_mode = '';
+
+REPLACE INTO `oxuser` (`OXID`, `OXACTIVE`, `OXRIGHTS`, `OXSHOPID`, `OXUSERNAME`, `OXPASSWORD`, `OXPASSSALT`, `OXCUSTNR`, `OXUSTID`, `OXUSTIDSTATUS`, `OXCOMPANY`, `OXFNAME`, `OXLNAME`, `OXSTREET`, `OXSTREETNR`, `OXADDINFO`, `OXCITY`, `OXCOUNTRYID`, `OXSTATEID`, `OXZIP`, `OXFON`, `OXFAX`, `OXSAL`, `OXBONI`, `OXCREATE`, `OXREGISTER`, `OXPRIVFON`, `OXMOBFON`, `OXBIRTHDATE`, `OXURL`, `OXWRONGLOGINS`, `OXUPDATEKEY`, `OXUPDATEEXP`, `OXPOINTS`) VALUES
+    ('e7af1c3b786fd02906ccd75698f4e6b9', 1, 'user', 1, 'user@oxid-esales.com', '$2y$10$b186f117054b700a89de9uXDzfahkizUucitfPov3C2cwF5eit2M2', 'b186f117054b700a89de929ce90c6aef', 2, '', 1, '', 'Marc', 'Muster', 'Hauptstr.', '13', '', 'Freiburg', 'a7c40f631fc920687.20179984', '', '79098', '', '', 'MR', 1000, '2011-02-01 08:41:25', '2011-02-01 08:41:25', '', '', '1984-12-21', '', 0, '', 0, 0);
diff --git a/tests/Fixtures/testdata_pe.sql b/tests/Fixtures/testdata_pe.sql
@@ -1 +1,4 @@
 SET @@session.sql_mode = '';
+
+REPLACE INTO `oxuser` (`OXID`, `OXACTIVE`, `OXRIGHTS`, `OXSHOPID`, `OXUSERNAME`, `OXPASSWORD`, `OXPASSSALT`, `OXCUSTNR`, `OXUSTID`, `OXUSTIDSTATUS`, `OXCOMPANY`, `OXFNAME`, `OXLNAME`, `OXSTREET`, `OXSTREETNR`, `OXADDINFO`, `OXCITY`, `OXCOUNTRYID`, `OXSTATEID`, `OXZIP`, `OXFON`, `OXFAX`, `OXSAL`, `OXBONI`, `OXCREATE`, `OXREGISTER`, `OXPRIVFON`, `OXMOBFON`, `OXBIRTHDATE`, `OXURL`, `OXWRONGLOGINS`, `OXUPDATEKEY`, `OXUPDATEEXP`, `OXPOINTS`) VALUES
+    ('e7af1c3b786fd02906ccd75698f4e6b9', 1, 'user', 1, 'user@oxid-esales.com', '$2y$10$b186f117054b700a89de9uXDzfahkizUucitfPov3C2cwF5eit2M2', 'b186f117054b700a89de929ce90c6aef', 2, '', 1, '', 'Marc', 'Muster', 'Hauptstr.', '13', '', 'Freiburg', 'a7c40f631fc920687.20179984', '', '79098', '', '', 'MR', 1000, '2011-02-01 08:41:25', '2011-02-01 08:41:25', '', '', '1984-12-21', '', 0, '', 0, 0);
diff --git a/tests/Integration/IntegrationTestCase.php b/tests/Integration/IntegrationTestCase.php
@@ -0,0 +1,35 @@
+<?php
+
+/**
+ * Copyright © OXID eSales AG. All rights reserved.
+ * See LICENSE file for license details.
+ */
+
+namespace OxidEsales\SecurityModule\Tests\Integration;
+
+use OxidEsales\EshopCommunity\Internal\Container\ContainerFactory;
+use OxidEsales\EshopCommunity\Internal\Framework\Database\QueryBuilderFactoryInterface;
+use OxidEsales\EshopCommunity\Tests\Integration\IntegrationTestCase as EshopIntegrationTestCase;
+use OxidEsales\Facts\Facts;
+
+class IntegrationTestCase extends EshopIntegrationTestCase
+{
+    public function setUp(): void
+    {
+        $facts = new Facts();
+
+        $container = ContainerFactory::getInstance()->getContainer();
+        $connection = $container->get(QueryBuilderFactoryInterface::class)
+            ->create()
+            ->getConnection();
+
+        $connection->executeStatement(
+            file_get_contents(
+                __DIR__ . '/../Fixtures/testdata_'
+                . strtolower($facts->getEdition()) . '.sql'
+            )
+        );
+
+        parent::setUp();
+    }
+}
diff --git a/tests/Integration/Shared/Model/UserTest.php b/tests/Integration/Shared/Model/UserTest.php
@@ -14,10 +14,21 @@
 use OxidEsales\Eshop\Core\Exception\UserException;
 use OxidEsales\Eshop\Core\Registry;
 use OxidEsales\Eshop\Core\Request;
-use OxidEsales\EshopCommunity\Tests\Integration\IntegrationTestCase;
+use OxidEsales\Eshop\Core\Utils;
+use OxidEsales\EshopCommunity\Core\Di\ContainerFacade;
+use OxidEsales\EshopCommunity\Internal\Framework\Module\Facade\ModuleSettingServiceInterface;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\AuthorizeService;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\ModuleSettingsService;
+use OxidEsales\SecurityModule\Captcha\Service\ModuleSettingsServiceInterface as CaptchaSettingsServiceInterface;
+use OxidEsales\SecurityModule\Core\Module;
+use OxidEsales\SecurityModule\Tests\Integration\IntegrationTestCase;
 
 class UserTest extends IntegrationTestCase
 {
+    // Fixture users from tests/Fixtures/testdata_ce.sql (password: useruser)
+    private const OTP_USER_NAME = 'user@oxid-esales.com';
+    private const OTP_USER_PASSWORD = 'useruser';
+
     protected Request $requestMock;
 
     public function setUp(): void
@@ -34,6 +45,12 @@ public function setUp(): void
         Registry::getSession()->setVariable('captcha_expiration', time() + 60);
     }
 
+    public function tearDown(): void
+    {
+        $this->disableTwoFactorAuth();
+        parent::tearDown();
+    }
+
     public function testCheckValuesWithInvalidCaptcha()
     {
         $this->requestMock
@@ -100,20 +117,107 @@ public function testLoginWithEmptyCaptcha()
         $subject->login('', '');
     }
 
-    public function testLoginWithOtpEnabledAndInvalidPasswordThrows(): void
+    public function testLoginWithOTPEnabledAndValidCredentialsReturnsFalse(): void
     {
-        $this->requestMock
-            ->method('getRequestParameter')
-            ->willReturnCallback(function ($param) {
-                if ($param === 'captcha') {
-                    return 'valid_captcha';
-                }
-                return null;
-            });
+        $this->disableCaptcha();
+        $this->enableTwoFactorAuth();
+
+        $utilsMock = $this->createMock(Utils::class);
+        $utilsMock->expects($this->once())->method('redirect');
+        Registry::set(Utils::class, $utilsMock);
+
+        $subject = oxNew(User::class);
+        $result = $subject->login(self::OTP_USER_NAME, self::OTP_USER_PASSWORD);
+
+        $this->assertFalse($result);
+        $this->assertEquals(
+            self::OTP_USER_NAME,
+            Registry::getSession()->getVariable(AuthorizeService::USER_SESSION_KEY)
+        );
+    }
+
+    public function testLoginWithOTPEnabledAndInvalidCredentialsThrowsException(): void
+    {
+        $this->disableCaptcha();
+        $this->enableTwoFactorAuth();
+
+        $this->expectException(UserException::class);
+        $this->expectExceptionMessage('ERROR_MESSAGE_USER_NOVALIDLOGIN');
+
+        $subject = oxNew(User::class);
+        $subject->login(self::OTP_USER_NAME, uniqid());
+    }
+
+    public function testLoginWithOTPEnabledAndNonExistentUserThrowsException(): void
+    {
+        $this->disableCaptcha();
+        $this->enableTwoFactorAuth();
 
         $this->expectException(UserException::class);
+        $this->expectExceptionMessage('ERROR_MESSAGE_USER_NOVALIDLOGIN');
+
+        $subject = oxNew(User::class);
+        $subject->login('nonexistent@test.com', 'anypassword');
+    }
+
+    public function testLoginWithOTPDisabledCallsParentLogin(): void
+    {
+        $this->disableCaptcha();
+        $this->disableTwoFactorAuth();
 
         $subject = oxNew(User::class);
-        $subject->login(uniqid(), uniqid());
+        $result = $subject->login(self::OTP_USER_NAME, self::OTP_USER_PASSWORD);
+
+        $this->assertTrue($result);
+        $this->assertNull(
+            Registry::getSession()->getVariable(AuthorizeService::USER_SESSION_KEY)
+        );
+    }
+
+    public function testLoginWithOTPEnabledStoresUserInSession(): void
+    {
+        $this->disableCaptcha();
+        $this->enableTwoFactorAuth();
+
+        $utilsMock = $this->createMock(Utils::class);
+        $utilsMock->method('redirect');
+        Registry::set(Utils::class, $utilsMock);
+
+        $subject = oxNew(User::class);
+        $subject->login(self::OTP_USER_NAME, self::OTP_USER_PASSWORD);
+
+        $sessionUserName = Registry::getSession()->getVariable(AuthorizeService::USER_SESSION_KEY);
+        $this->assertEquals(self::OTP_USER_NAME, $sessionUserName);
+    }
+
+    private function enableTwoFactorAuth(): void
+    {
+        $moduleSettingService = ContainerFacade::get(ModuleSettingServiceInterface::class);
+        $moduleSettingService->saveBoolean(
+            ModuleSettingsService::ACTIVE,
+            true,
+            Module::MODULE_ID
+        );
+        $moduleSettingService->saveString(
+            ModuleSettingsService::TWO_FACTOR_TYPE,
+            'otp',
+            Module::MODULE_ID
+        );
+    }
+
+    private function disableTwoFactorAuth(): void
+    {
+        $moduleSettingService = ContainerFacade::get(ModuleSettingServiceInterface::class);
+        $moduleSettingService->saveBoolean(
+            ModuleSettingsService::ACTIVE,
+            false,
+            Module::MODULE_ID
+        );
+    }
+
+    private function disableCaptcha(): void
+    {
+        $captchaSettings = ContainerFacade::get(CaptchaSettingsServiceInterface::class);
+        $captchaSettings->saveIsCaptchaEnabled(false);
     }
 }
