feat: support default login url expiry
This commit is contained in:
@@ -8,7 +8,7 @@ test('plugin metadata and packaging docs match project rules', function (): void
|
||||
assert_contains('name=mail-login', $conf);
|
||||
assert_contains('id=mail-login', $conf);
|
||||
assert_contains('type=user', $conf);
|
||||
assert_contains('version=1.0.11', $conf);
|
||||
assert_contains('version=1.0.12', $conf);
|
||||
assert_contains('user_run_as=root', $conf);
|
||||
assert_contains('/Users/marek/GPT/ChatGPT/da_plugins/mail-login/src', $packing);
|
||||
assert_contains('/Users/marek/GPT/ChatGPT/da_plugins/mail-login/archives/X.Y.Z/mail-login.tar.gz', $packing);
|
||||
|
||||
@@ -51,6 +51,20 @@ test('remote login url client builds helper ssh command when mode is helper', fu
|
||||
assert_same('1782810000', $command[$pos + 8]);
|
||||
});
|
||||
|
||||
test('remote login url client omits expiry when ttl is zero', function (): void {
|
||||
$settings = Settings::fromArray([
|
||||
'MAIL_LOGIN_TARGET_BASE_URL' => 'https://mx1.domena.pl:2222',
|
||||
'MAIL_LOGIN_SSH_HOST' => 'mx1.domena.pl',
|
||||
'MAIL_LOGIN_SSH_IDENTITY' => '/secure/key',
|
||||
'MAIL_LOGIN_SSH_KNOWN_HOSTS' => '/secure/known_hosts',
|
||||
'LOGIN_KEY_TTL' => '0',
|
||||
]);
|
||||
$request = new LoginUrlRequest('mxtest', 'h4.domena.pl', 'h4', 0, true, '198.51.100.10', '/', 1782810000);
|
||||
$command = RemoteLoginUrlClient::buildCommand($settings, $request);
|
||||
|
||||
assert_not_contains('--expiry=', implode(' ', $command));
|
||||
});
|
||||
|
||||
test('remote login url client validates helper output before returning it', function (): void {
|
||||
$settings = Settings::fromArray(['MAIL_LOGIN_TARGET_BASE_URL' => 'https://mx1.domena.pl:2222']);
|
||||
$request = new LoginUrlRequest('mxtest', 'h4.domena.pl', 'h4', 30, true, '198.51.100.10', '/', 1782810000);
|
||||
|
||||
@@ -6,7 +6,7 @@ require_once PLUGIN_ROOT . '/exec/lib/Settings.php';
|
||||
test('settings expose secure defaults from plugin-settings.conf', function (): void {
|
||||
$settings = Settings::fromArray([]);
|
||||
|
||||
assert_same(30, $settings->loginKeyTtl());
|
||||
assert_same(14400, $settings->loginKeyTtl());
|
||||
assert_true($settings->userIpBound());
|
||||
assert_true($settings->ipMask());
|
||||
assert_same('MASKED', $settings->auditClientIp('198.51.100.10'));
|
||||
@@ -22,7 +22,7 @@ test('settings runtime file is the directadmin plugin settings file', function (
|
||||
});
|
||||
|
||||
test('settings reject login key ttl outside production range', function (): void {
|
||||
foreach (['4', '301', 'abc'] as $ttl) {
|
||||
foreach (['4', '86401', 'abc'] as $ttl) {
|
||||
try {
|
||||
Settings::fromArray(['LOGIN_KEY_TTL' => $ttl]);
|
||||
throw new RuntimeException('Expected invalid TTL to fail: ' . $ttl);
|
||||
@@ -47,6 +47,12 @@ test('settings accept explicit ttl and user ip binding toggle', function (): voi
|
||||
assert_same(2, $settings->mxLoginMode());
|
||||
});
|
||||
|
||||
test('settings accept zero login key ttl as directadmin default expiry', function (): void {
|
||||
$settings = Settings::fromArray(['LOGIN_KEY_TTL' => '0']);
|
||||
|
||||
assert_same(0, $settings->loginKeyTtl());
|
||||
});
|
||||
|
||||
test('settings reject unsupported ip mask values', function (): void {
|
||||
foreach (['yes', '2', ''] as $mask) {
|
||||
try {
|
||||
|
||||
Reference in New Issue
Block a user