feat: add test for max sessions

2024-07-04 14:10:33 +12:00 · 2022-12-09 11:54:23 +00:00 · 2022-12-09 11:54:23 +00:00 · cda8e53386
parent cbcc17ded6
commit cda8e53386
2 changed files with 120 additions and 9 deletions
--- a/app/controllers/shared/api.php
+++ b/app/controllers/shared/api.php
@ -325,23 +325,29 @@ App::shutdown()
    ->inject('response')
    ->inject('project')
    ->inject('dbForProject')
-    ->action(function(App $utopia, Request $request, Response $response, Document $project, Database $dbForProject) {
+    ->action(function (App $utopia, Request $request, Response $response, Document $project, Database $dbForProject) {
        $route = $utopia->match($request);
        $event = $route->getLabel('event', '');
-        if($event === 'users.[userId].sessions.[sessionId].create' && $project->getId() != 'console') {
+        if ($event === 'users.[userId].sessions.[sessionId].create' && $project->getId() != 'console') {
            $sessionLimit = $project->getAttribute('auth', [])['maxSessions'] ?? APP_LIMIT_USER_SESSIONS;
            $session = $response->getPayload();
            $userId = $session['userId'] ?? '';
-            if(empty($userId)) return;
-            
+            if (empty($userId)) {
+                return;
+            }
+
            $user = $dbForProject->getDocument('users', $userId);
-            if($user->isEmpty()) return;
-            
+            if ($user->isEmpty()) {
+                return;
+            }
+
            $sessions = $user->getAttribute('sessions', []);
            $count = \count($sessions);
-            if($count <= $sessionLimit) return;
-            
-            for($i = 0; $i < ($count - $sessionLimit); $i++) {
+            if ($count <= $sessionLimit) {
+                return;
+            }
+
+            for ($i = 0; $i < ($count - $sessionLimit); $i++) {
                $session = array_pop($sessions);
                $dbForProject->deleteDocument('sessions', $session->getId());
            }
--- a/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php
+++ b/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php
@ -874,6 +874,111 @@ class ProjectsConsoleClientTest extends Scope
        return $data;
    }

+    /**
+     * @depends testUpdateProjectAuthLimit
+     */
+    public function testUpdateProjectAuthSessionLimit($data): array
+    {
+        $id = $data['projectId'] ?? '';
+
+        /**
+         * Test for failure
+         */
+        $response = $this->client->call(Client::METHOD_PATCH, '/projects/' . $id . '/auth/max-sessions', array_merge([
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $this->getProject()['$id'],
+        ], $this->getHeaders()), [
+            'limit' => 0,
+        ]);
+
+        $this->assertEquals(400, $response['headers']['status-code']);
+
+        /**
+         * Test for SUCCESS
+         */
+        $response = $this->client->call(Client::METHOD_PATCH, '/projects/' . $id . '/auth/max-sessions', array_merge([
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $this->getProject()['$id'],
+        ], $this->getHeaders()), [
+            'limit' => 1,
+        ]);
+
+        $this->assertEquals(200, $response['headers']['status-code']);
+        $this->assertNotEmpty($response['body']['$id']);
+
+        $email = uniqid() . 'user@localhost.test';
+        $password = 'password';
+        $name = 'User Name';
+
+        /**
+         * Create new user
+         */
+        $response = $this->client->call(Client::METHOD_POST, '/account', array_merge([
+            'origin' => 'http://localhost',
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $id,
+        ]), [
+            'userId' => ID::unique(),
+            'email' => $email,
+            'password' => $password,
+            'name' => $name,
+        ]);
+
+        $this->assertEquals($response['headers']['status-code'], 501);
+
+        /**
+         * create new session
+         */
+        $response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
+            'origin' => 'http://localhost',
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $id,
+        ]), [
+            'email' => $email,
+            'password' => $password,
+        ]);
+
+
+        $this->assertEquals(200, $response['headers']['status-code']);
+        $sessionId1 = $response['body']['$id'];
+
+        /**
+         * create new session
+         */
+        $response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', array_merge([
+            'origin' => 'http://localhost',
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $id,
+        ]), [
+            'email' => $email,
+            'password' => $password,
+        ]);
+
+
+        $this->assertEquals(200, $response['headers']['status-code']);
+        $sessionCookie = $response['headers']['set-cookie'];
+        $sessionId2 = $response['body']['$id'];
+
+        /**
+         * List sessions
+         */
+        $response = $this->client->call(Client::METHOD_GET, '/account/sessions', [
+            'origin' => 'http://localhost',
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $id,
+            'Cookie' => $sessionCookie,
+        ]);
+
+        $this->assertEquals(200, $response['headers']['status-code']);
+        $sessions = $response['body']['sessions'];
+
+        $this->assertEquals(1, count($sessions));
+        $this->assertEquals($sessionId2, $sessions[0]['$id']);
+
+
+        return $data;
+    }
+
    public function testUpdateProjectServiceStatusAdmin(): array
    {
        $team = $this->client->call(Client::METHOD_POST, '/teams', array_merge([