NFS-616: refactor to allow deletion of own session

Ninerian · Ninerian · commit bca37ddf2a3e · 2020-04-17T10:15:35.000+02:00
diff --git a/src/PluginSession.php b/src/PluginSession.php
@@ -284,24 +284,32 @@ public function isUserView() {
 		return $this->userView;
 	}
 
-	/**
-	 * Destroy the session with the given id
-	 *
-	 * @param String $sessionId
-	 * @return bool true on success or false on failure.
-	 */
-	public function destroySession(String $sessionId) {
-		$currentId = session_id();
-		session_write_close();
-
-		session_id($this->createCompatibleSessionId($sessionId));
-		session_start();
-		$result = session_destroy();
-
-		session_id($currentId);
-		session_start();
-
-		return $result;
-	}
+    /**
+     * Destroy the session with the given id
+     *
+     * @param String $sessionId
+     * @return bool true on success or false on failure.
+     */
+    public function destroySession(String $sessionId = null) {
+
+        $sessionId = $sessionId ?: $this->sso->getSessionId();
+
+        // save the current session
+        $currentId = session_id();
+        session_write_close();
+
+        // switch to the target session and removes it
+        session_id($this->createCompatibleSessionId($sessionId));
+        session_start();
+        $result = session_destroy();
+
+        // switches back to the original session
+        if ($currentId !== $sessionId) {
+            session_id($currentId);
+            session_start();
+        }
+
+        return $result;
+    }
 
 }
diff --git a/test/PluginSessionTest.php b/test/PluginSessionTest.php
@@ -501,7 +501,49 @@ public function testDestroyOtherSession() {
 			->method('destroy')
 			->with($sessionId);
 
+		$handler->expects($this->exactly(2))
+            ->method('write')
+            ->with($this->logicalOr(
+                $this->equalTo($sessionId),
+                $this->equalTo($this->tokenData[PluginSession::CLAIM_SESSION_ID])
+            ));
+
+        $handler->expects($this->exactly(2))
+            ->method('open');
+
 		$session->destroySession($sessionHash);
 	}
 
+    public function testDestroyOwnSession() {
+
+	    $sessionId = $this->tokenData[PluginSession::CLAIM_SESSION_ID];
+        $this->setupEnvironment(null, $this->token, false);
+
+        // successfull remote call handler mock
+        $handler = $this->getMockBuilder(SessionHandlerInterface::class)
+            ->setMethodsExcept()
+            ->getMock();
+
+        $handler->method('close')->willReturn(true);
+        $handler->method('destroy')->willReturn(true);
+        $handler->method('open')->willReturn(true);
+        $handler->method('write')->willReturn(true);
+        $handler->method('read')->willReturn($sessionId);
+
+        /** @var PluginSession $session */
+        $session = new PluginSession($this->pluginId, $this->publicKey, $handler);
+
+        $handler->expects($this->once())
+            ->method('destroy')
+            ->with($sessionId);
+
+        $handler->expects($this->once())
+            ->method('write')
+            ->with($sessionId);
+
+        $handler->expects($this->once())
+            ->method('open');
+
+        $session->destroySession($sessionId);
+    }
 }
