<?php

/**
 * @file
 * Contains automated tests for Account Sentinel.
 */

/**
 * Provides test cases for Account Sentinel.
 */
class AccountSentinelTest extends DrupalWebTestCase {

  /**
   * Returns the test's metadata.
   *
   * @return array
   *   Information about the test.
   */
  public static function getInfo() {
    return array(
      'name' => 'Account Sentinel tests',
      'description' => 'Test the Account Sentinel module.',
      'group' => 'Account Sentinel',
    );
  }

  protected $admin;
  protected $subject;
  protected $role;

  /**
   * {@inheritdoc}
   */
  protected function setUp() {
    parent::setUp('account_sentinel');

    // Create an administrator and log in.
    $this->admin = $this->drupalCreateUser(array(
      'administer permissions',
      'administer users',
      'access account sentinel logs',
      'administer account sentinel',
    ));
    $this->drupalLogin($this->admin);

    // Create subject user.
    $this->subject = $this->drupalCreateUser();

    // Create role to monitor.
    $this->role = $this->drupalCreateRole(array());

    // Grant role to subject user.
    user_save($this->subject, array(
      'name' => 'name',
      'pass' => 'pass',
      'mail' => 'mail@example.com',
      'roles' => array($this->role => TRUE),
    ));

    // Configure the module.
    $edit = array(
      'account_sentinel_cron_method' => 'custom',
    );
    foreach (user_roles(TRUE) as $rid => $role) {
      $edit['account_sentinel_monitored_roles[' . $rid . ']'] = ($rid == $this->role);
    }
    $this->drupalPost('admin/config/system/account-sentinel', $edit, t('Save configuration'));
  }

  /**
   * User modification detection for changes made in Drupal.
   */
  public function testModifyInDrupal() {
    // Change name, pass and email of user, also block it and remove its roles.
    user_save($this->subject, array(
      'name' => 'name_',
      'pass' => 'pass_',
      'mail' => 'mail_@example.com',
      'status' => 0,
      'roles' => array(),
    ));
    // Update the $subject variable too.
    $this->subject = user_load($this->subject->uid);

    // Check the log for the changes made.
    $this->drupalGet('admin/reports/account-sentinel');
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_NAME, array(
      'old' => 'name',
      'new' => 'name_',
    )));
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_PASS, array()));
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_MAIL, array(
      'old' => 'mail@example.com',
      'new' => 'mail_@example.com',
    )));
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_ROLE_REMOVE, array(
      'rid' => $this->role,
    )));
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_USER_BLOCK, array(
      'rid' => $this->role,
    )));

    // Unblock the user and grant the monitored role.
    user_save($this->subject, array(
      'status' => 1,
      'roles' => array($this->role => TRUE),
    ));

    // Check the log for the changes made.
    $this->drupalGet('admin/reports/account-sentinel');
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_USER_UNBLOCK, array(
      'rid' => $this->role,
    )));
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_ROLE_ADD, array(
      'rid' => $this->role,
    )));

    // Delete the user.
    user_delete($this->subject->uid);

    // Check the log for the changes made.
    $this->drupalGet('admin/reports/account-sentinel');
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_USER_DELETE, array(
      'uid' => $this->subject->uid,
      'name' => $this->subject->name,
      'mail' => $this->subject->mail,
    )));

    // Readd the user.
    $this->subject->is_new = TRUE;
    user_save($this->subject);

    // Check the log for the changes made.
    $this->drupalGet('admin/reports/account-sentinel');
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_USER_ADD, array(
      'uid' => $this->subject->uid,
      'name' => $this->subject->name,
      'mail' => $this->subject->mail,
    )));
  }

  /**
   * Runs the database audit by accessing the custom cron URL.
   */
  protected function runAudit() {
    $this->drupalGet('system/account-sentinel-cron', array(
      'query' => array('key' => account_sentinel_get_cron_key()),
    ));
  }

  /**
   * User modification detection for changes made via database modification.
   */
  public function testModifyInDatabase() {
    // Change name, pass and mail of user, also block it.
    $update = db_update('users');
    $update->fields(array(
      'name' => 'name_',
      'pass' => 'pass_',
      'mail' => 'mail_@example.com',
      'status' => 0,
    ));
    $update->condition('uid', $this->subject->uid);
    $update->execute();
    // Update the $subject variable too.
    $this->subject = user_load($this->subject->uid);

    // Run the audit and check the log for the changes made.
    $this->runAudit();
    $this->drupalGet('admin/reports/account-sentinel');
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_NAME, array(
      'old' => 'name',
      'new' => 'name_',
    )));
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_PASS, array()));
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_MAIL, array(
      'old' => 'mail@example.com',
      'new' => 'mail_@example.com',
    )));
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_USER_BLOCK, array(
      'rid' => $this->role,
    )));

    // Remove the monitored role from the user.
    $remove_role = db_delete('users_roles');
    $remove_role->condition('uid', $this->subject->uid)
      ->condition('rid', $this->role);
    $remove_role->execute();

    // Run the audit and check the log for the changes made.
    $this->runAudit();
    $this->drupalGet('admin/reports/account-sentinel');
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_ROLE_REMOVE, array(
      'rid' => $this->role,
    )));
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_SNAPSHOT_MISSING, array()));

    // Grant the role to the user.
    $add_role = db_insert('users_roles');
    $add_role->fields(array(
      'uid' => $this->subject->uid,
      'rid' => $this->role,
    ));
    $add_role->execute();

    // Run the audit and check the log for the changes made.
    $this->runAudit();
    $this->drupalGet('admin/reports/account-sentinel');
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_ROLE_ADD, array(
      'rid' => $this->role,
    )));

    // Unblock the user.
    $update = db_update('account_sentinel_users');
    $update->fields(array(
      'status' => 1,
    ));
    $update->condition('uid', $this->subject->uid);
    $update->execute();

    // Run the audit and check the log for the changes made.
    $this->runAudit();
    $this->drupalGet('admin/reports/account-sentinel');
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_SNAPSHOT_INVALID, array()));

    // Delete the user.
    $remove_user = db_delete('users');
    $remove_user->condition('uid', $this->subject->uid);
    $remove_user->execute();

    // Run the audit and check the log for the changes made.
    $this->runAudit();
    $this->drupalGet('admin/reports/account-sentinel');
    $this->assertRaw(account_sentinel_get_event_message(ACCOUNT_SENTINEL_EVENT_TYPE_USER_DELETE, array(
      'uid' => $this->subject->uid,
      'name' => $this->subject->name,
      'mail' => $this->subject->mail,
    )));
  }

}