dev #60742 La Souris Qui Raconte: implements SSO authentication

library/digital_resources/LaSourisQuiRaconte/Config.php

@@ -42,11 +42,6 @@ class LaSourisQuiRaconte_Config extends Class_DigitalResource_Config {
   }
 
 
-  public function hasRightAccess($user) {
-    return $user && $user->isAbonnementValid();
-  }
-
-
   public function isEnabled() {
     return '' != $this->getAdminVar('TOKEN');
   }

library/digital_resources/LaSourisQuiRaconte/tests/LaSourisQuiRaconteTest.php

@@ -27,6 +27,7 @@ class LaSourisQuiRaconteSSoTest extends AbstractControllerTestCase {
 
   public function setUp() {
     parent::setUp();
+    Storm_Cache::beVolatile();
     Class_AdminVar::set('LaSourisQuiRaconte_TOKEN', 'bokeh_export');
     $this->_tom = $this->fixture('Class_Users',
                                  ['id' => 1,
@@ -43,13 +44,16 @@ class LaSourisQuiRaconteSSoTest extends AbstractControllerTestCase {
   }
 
 
-  /** @test */
-  public function userWithRightPermissonsShouldBeRedirectedToLSQROnModulesAccess() {
+  protected function _logValidUser() {
     $group = $this->fixture('Class_UserGroup', ['id' => 1]);
 
     $this->_tom
       ->beAbonneSIGB()
       ->setDateFin('9999-01-01')
+      ->setIdabon('2345')
+      ->setBib($this->fixture('Class_Bib',
+                              ['id' => 2,
+                               'libelle' => 'Annecy']))
       ->setUserGroups([$group])
       ->save();
 
@@ -58,7 +62,12 @@ class LaSourisQuiRaconteSSoTest extends AbstractControllerTestCase {
                    ['id' => 1,
                     'code' => 'LaSourisQuiRaconte'])
          ->permitTo($group,  new Class_Entity());
+  }
 
+
+  /** @test */
+  public function userWithRightPermissonsShouldBeRedirectedToLSQROnModulesAccess() {
+    $this->_logValidUser();
     $ticket = (new Class_CasTicket())->getTicketForCurrentUser();
 
     $this->dispatch('/opac/modules/la-souris-qui-raconte', true);
@@ -72,4 +81,44 @@ class LaSourisQuiRaconteSSoTest extends AbstractControllerTestCase {
                                       $this->_response->getBody());
   }
 
+
+  /** @test */
+  public function validateAuthWithoutTicketShouldAnswerError() {
+    $this->dispatch('/LaSourisQuiRaconte_Plugin/auth/validate', true);
+    $this->assertEquals(['response' => ['success' => 'false',
+                                        'error' => 'Paramètre ticket non fourni']],
+                        json_decode($this->_response->getBody(), true));
+  }
+
+
+  /** @test */
+  public function validateAuthWithInvalidTicketShouldAnswerError() {
+    $this->dispatch('/LaSourisQuiRaconte_Plugin/auth/validate/ticket/666', true);
+    $this->assertEquals(['response' => ['success' => 'false',
+                                        'error' => 'Ticket invalide']],
+                        json_decode($this->_response->getBody(), true));
+  }
+
+
+  /** @test */
+  public function validateWithValidUserTicketShouldAnswerSuccessAndLibraryName() {
+    $this->_logValidUser();
+    $ticket = (new Class_CasTicket())->getTicketForCurrentUser();
+    $this->dispatch('/LaSourisQuiRaconte_Plugin/auth/validate/ticket/' . $ticket,
+                    true);
+    $this->assertEquals(['response' => ['success' => 'true',
+                                        'bibname' => 'Annecy']],
+                        json_decode($this->_response->getBody(), true));
+  }
+
+
+  /** @test */
+  public function validateWithUserWithoutPermissionShouldAnswerError() {
+     $ticket = (new Class_CasTicket())->getTicketForCurrentUser();
+    $this->dispatch('/LaSourisQuiRaconte_Plugin/auth/validate/ticket/' . $ticket,
+                    true);
+    $this->assertEquals(['response' => ['success' => 'false',
+                                        'error' => 'L\'utilisateur n\'est pas autorisé à accéder à cette ressource']],
+                        json_decode($this->_response->getBody(), true));
+  }
 }
\ No newline at end of file