Files
mxautologin/tests/settings_test.php
T
2026-06-30 20:40:41 +02:00

97 lines
3.6 KiB
PHP

<?php
declare(strict_types=1);
require_once PLUGIN_ROOT . '/exec/lib/Settings.php';
test('settings expose secure defaults from plugin-settings.conf', function (): void {
$settings = Settings::fromArray([]);
assert_same(14400, $settings->loginKeyTtl());
assert_true($settings->userIpBound());
assert_true($settings->ipMask());
assert_same('MASKED', $settings->auditClientIp('198.51.100.10'));
assert_true($settings->defaultEnable());
assert_same('login_url', $settings->method());
assert_same(1, $settings->mxLoginMode());
assert_same('root', $settings->sshUser());
assert_same('https://mx1.mojserwer.pl:2222', $settings->targetBaseUrl());
});
test('settings runtime file is the directadmin plugin settings file', function (): void {
assert_same('/usr/local/directadmin/plugins/mxautologin/plugin-settings.conf', Settings::EXTERNAL_SETTINGS);
});
test('settings reject login key ttl outside production range', function (): void {
foreach (['4', '86401', 'abc'] as $ttl) {
try {
Settings::fromArray(['LOGIN_KEY_TTL' => $ttl]);
throw new RuntimeException('Expected invalid TTL to fail: ' . $ttl);
} catch (InvalidArgumentException $e) {
assert_contains('LOGIN_KEY_TTL', $e->getMessage());
}
}
});
test('settings accept explicit ttl and user ip binding toggle', function (): void {
$settings = Settings::fromArray([
'LOGIN_KEY_TTL' => '5',
'USER_IP_BOUND' => '0',
'IP_MASK' => '0',
'MX_LOGIN_MODE' => '2',
]);
assert_same(5, $settings->loginKeyTtl());
assert_false($settings->userIpBound());
assert_false($settings->ipMask());
assert_same('198.51.100.10', $settings->auditClientIp('198.51.100.10'));
assert_same(2, $settings->mxLoginMode());
});
test('settings accept zero login key ttl as directadmin default expiry', function (): void {
$settings = Settings::fromArray(['LOGIN_KEY_TTL' => '0']);
assert_same(0, $settings->loginKeyTtl());
});
test('settings reject unsupported ip mask values', function (): void {
foreach (['yes', '2', ''] as $mask) {
try {
Settings::fromArray(['IP_MASK' => $mask]);
throw new RuntimeException('Expected invalid IP_MASK to fail: ' . $mask);
} catch (InvalidArgumentException $e) {
assert_contains('IP_MASK', $e->getMessage());
}
}
});
test('settings reject unsupported mx login mode values', function (): void {
foreach (['0', '3', 'helper', ''] as $mode) {
try {
Settings::fromArray(['MX_LOGIN_MODE' => $mode]);
throw new RuntimeException('Expected invalid MX_LOGIN_MODE to fail: ' . $mode);
} catch (InvalidArgumentException $e) {
assert_contains('MX_LOGIN_MODE', $e->getMessage());
}
}
});
test('source plugin settings do not expose local source host allowlist', function (): void {
$defaults = Settings::defaults();
$config = file_get_contents(PLUGIN_ROOT . '/plugin-settings.conf') ?: '';
assert_false(array_key_exists('MAIL_LOGIN_ALLOWED_SOURCE_HOSTS', $defaults));
assert_not_contains('MAIL_LOGIN_ALLOWED_SOURCE_HOSTS', $config);
});
test('settings reject disabled plugin and unsupported methods through access guard', function (): void {
try {
Settings::fromArray(['MAIL_LOGIN_METHOD' => 'password']);
throw new RuntimeException('Expected unsupported method to fail');
} catch (InvalidArgumentException $e) {
assert_contains('MAIL_LOGIN_METHOD', $e->getMessage());
}
$settings = Settings::fromArray(['DEFAULT_ENABLE' => 'false']);
assert_false($settings->defaultEnable());
});