loginKeyTtl()); assert_true($settings->userIpBound()); assert_true($settings->defaultEnable()); assert_same('login_url', $settings->method()); assert_same('root', $settings->sshUser()); assert_same('https://mx1.mojserwer.pl:2222', $settings->targetBaseUrl()); }); test('settings reject login key ttl outside production range', function (): void { foreach (['4', '301', 'abc'] as $ttl) { try { Settings::fromArray(['LOGIN_KEY_TTL' => $ttl]); throw new RuntimeException('Expected invalid TTL to fail: ' . $ttl); } catch (InvalidArgumentException $e) { assert_contains('LOGIN_KEY_TTL', $e->getMessage()); } } }); test('settings accept explicit ttl and user ip binding toggle', function (): void { $settings = Settings::fromArray([ 'LOGIN_KEY_TTL' => '5', 'USER_IP_BOUND' => '0', ]); assert_same(5, $settings->loginKeyTtl()); assert_false($settings->userIpBound()); }); test('settings parse allowed source hosts as normalized hostnames', function (): void { $settings = Settings::fromArray([ 'MAIL_LOGIN_ALLOWED_SOURCE_HOSTS' => 'https://h4.domena.pl:2222, serwer2.example.net:2222', ]); assert_same(['h4.domena.pl', 'serwer2.example.net'], $settings->allowedSourceHosts()); }); test('settings reject disabled plugin and unsupported methods through access guard', function (): void { try { Settings::fromArray(['MAIL_LOGIN_METHOD' => 'password']); throw new RuntimeException('Expected unsupported method to fail'); } catch (InvalidArgumentException $e) { assert_contains('MAIL_LOGIN_METHOD', $e->getMessage()); } $settings = Settings::fromArray(['DEFAULT_ENABLE' => 'false']); assert_false($settings->defaultEnable()); });