diff --git a/src/User/UserActiveRecordModel.php b/src/User/UserActiveRecordModel.php index aca5659..c841cbe 100644 --- a/src/User/UserActiveRecordModel.php +++ b/src/User/UserActiveRecordModel.php @@ -68,7 +68,7 @@ public function updateUser(User $user) /** * Delete user. * - * @param integer $id, integer for userid. + * @param integer $id integer for userid. * * @return void */ diff --git a/src/User/UserController.php b/src/User/UserController.php index c2f3f43..110d8aa 100644 --- a/src/User/UserController.php +++ b/src/User/UserController.php @@ -108,6 +108,7 @@ public function getPostUpdateUser($id) if (!$loggedInUser) { $this->response->redirect("login"); + return false; } if ($loggedInUser->id != $id) { @@ -141,8 +142,13 @@ public function getPostDeleteUser($id) { $loggedInUser = $this->userService->getCurrentLoggedInUser(); - if (!$loggedInUser && !$loggedInUser->administrator) { + if (!$loggedInUser) { + $this->response->redirect("login"); + return false; + } + if (!$loggedInUser->administrator) { $this->response->redirect("login"); + return false; } $title = "Radera en användare"; diff --git a/src/User/UserService.php b/src/User/UserService.php index 1db5c60..f6ba5c8 100644 --- a/src/User/UserService.php +++ b/src/User/UserService.php @@ -135,10 +135,6 @@ public function login($username, $password) throw new Exception("Empty password field."); } - if (empty($user)) { - throw new Exception("Error, not valid credentials."); - } - if ($user->id === null) { throw new Exception("Error, not valid credentials."); } diff --git a/test/src/User/UserControllerTest.php b/test/src/User/UserControllerTest.php index 100cf51..424b04e 100644 --- a/test/src/User/UserControllerTest.php +++ b/test/src/User/UserControllerTest.php @@ -15,25 +15,40 @@ class UserControllerTest extends TestCase protected static $userController; - /** - * Setup before testing class. - */ - public static function setUpBeforeClass() + // /** + // * Setup before testing class. + // */ + // public static function setUpBeforeClass() + // { + // self::$di = new \Anax\DI\DIFactoryConfig("testDi.php"); + // self::$userController = new UserController(); + // self::$userController->setDi(self::$di); + // self::$userController->init(); + // self::$session = self::$di->get("session"); + // $user = new User(); + // $user->id = 2; + // $user->username = "admin"; + // $user->administrator = true; + // $user->enabled = true; + // + // self::$session->set("user", $user); + // } + + public function setUp() { self::$di = new \Anax\DI\DIFactoryConfig("testDi.php"); self::$userController = new UserController(); self::$userController->setDi(self::$di); self::$userController->init(); self::$session = self::$di->get("session"); - $user = new User(); - $user->username = "admin"; - $user->administrator = true; - $user->enabled = true; - - self::$session->set("user", $user); - } + $admin = new User(); + $admin->administrator = true; + $admin->enabled = true; + $admin->deleted = null; + self::$session->set("user", $admin); + } /** * Initiate the controller test. @@ -81,6 +96,18 @@ public function testGetPostCreateUser() public function testGetPostUpdateUser() { self::$userController->getPostUpdateUser(1); + + self::$session->delete("user"); + self::$userController->getPostUpdateUser(1); + + $user = new User(); + $user->id = 2; + $user->username = "admin"; + $user->administrator = false; + $user->enabled = true; + + self::$session->set("user", $user); + self::$userController->getPostUpdateUser(1); } @@ -88,6 +115,18 @@ public function testGetPostUpdateUser() public function testGetPostDeleteUser() { self::$userController->getPostDeleteUser(1); + + self::$session->delete("user"); + self::$userController->getPostDeleteUser(2); + + $user = new User(); + $user->id = 2; + $user->username = "admin"; + $user->administrator = false; + $user->enabled = true; + + self::$session->set("user", $user); + self::$userController->getPostDeleteUser(2); }