Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.0.x will end 8 May 2023 (12 months).
  • Bug fixes for security issues in 4.0.x will end 13 November 2023 (18 months).
  • PHP version: minimum PHP 7.3.0 Note: the minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is also supported.
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.

< /** < * Tests core_user class. < * < * @package core < * @copyright 2013 Rajesh Taneja <rajesh@moodle.com> < * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later < */
> namespace core;
/** * Test core_user class. * * @package core * @copyright 2013 Rajesh Taneja <rajesh@moodle.com> * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */
< class core_user_testcase extends advanced_testcase {
> class user_test extends \advanced_testcase {
/** * Setup test data. */
< protected function setUp() {
> protected function setUp(): void {
$this->resetAfterTest(true); } public function test_get_user() { global $CFG; // Create user and try fetach it with api. $user = $this->getDataGenerator()->create_user();
< $this->assertEquals($user, core_user::get_user($user->id, '*', MUST_EXIST));
> $this->assertEquals($user, \core_user::get_user($user->id, '*', MUST_EXIST));
// Test noreply user. $CFG->noreplyuserid = null;
< $noreplyuser = core_user::get_noreply_user();
> $noreplyuser = \core_user::get_noreply_user();
$this->assertEquals(1, $noreplyuser->emailstop);
< $this->assertFalse(core_user::is_real_user($noreplyuser->id));
> $this->assertFalse(\core_user::is_real_user($noreplyuser->id));
$this->assertEquals($CFG->noreplyaddress, $noreplyuser->email); $this->assertEquals(get_string('noreplyname'), $noreplyuser->firstname); // Set user as noreply user and make sure noreply propery is set.
< core_user::reset_internal_users();
> \core_user::reset_internal_users();
$CFG->noreplyuserid = $user->id;
< $noreplyuser = core_user::get_noreply_user();
> $noreplyuser = \core_user::get_noreply_user();
$this->assertEquals(1, $noreplyuser->emailstop);
< $this->assertTrue(core_user::is_real_user($noreplyuser->id));
> $this->assertTrue(\core_user::is_real_user($noreplyuser->id));
// Test support user.
< core_user::reset_internal_users();
> \core_user::reset_internal_users();
$CFG->supportemail = null; $CFG->noreplyuserid = null;
< $supportuser = core_user::get_support_user();
> $supportuser = \core_user::get_support_user();
$adminuser = get_admin(); $this->assertEquals($adminuser, $supportuser);
< $this->assertTrue(core_user::is_real_user($supportuser->id));
> $this->assertTrue(\core_user::is_real_user($supportuser->id));
// When supportemail is set.
< core_user::reset_internal_users();
> \core_user::reset_internal_users();
$CFG->supportemail = 'test@example.com';
< $supportuser = core_user::get_support_user(); < $this->assertEquals(core_user::SUPPORT_USER, $supportuser->id); < $this->assertFalse(core_user::is_real_user($supportuser->id));
> $supportuser = \core_user::get_support_user(); > $this->assertEquals(\core_user::SUPPORT_USER, $supportuser->id); > $this->assertFalse(\core_user::is_real_user($supportuser->id));
// Set user as support user and make sure noreply propery is set.
< core_user::reset_internal_users();
> \core_user::reset_internal_users();
$CFG->supportuserid = $user->id;
< $supportuser = core_user::get_support_user();
> $supportuser = \core_user::get_support_user();
$this->assertEquals($user, $supportuser);
< $this->assertTrue(core_user::is_real_user($supportuser->id));
> $this->assertTrue(\core_user::is_real_user($supportuser->id));
} /** * Test get_user_by_username method. */ public function test_get_user_by_username() { $record = array(); $record['username'] = 'johndoe'; $record['email'] = 'johndoe@example.com'; $record['timecreated'] = time(); // Create a default user for the test. $userexpected = $this->getDataGenerator()->create_user($record); // Assert that the returned user is the espected one.
< $this->assertEquals($userexpected, core_user::get_user_by_username('johndoe'));
> $this->assertEquals($userexpected, \core_user::get_user_by_username('johndoe'));
// Assert that a subset of fields is correctly returned.
< $this->assertEquals((object) $record, core_user::get_user_by_username('johndoe', 'username,email,timecreated'));
> $this->assertEquals((object) $record, \core_user::get_user_by_username('johndoe', 'username,email,timecreated'));
// Assert that a user with a different mnethostid will no be returned.
< $this->assertFalse(core_user::get_user_by_username('johndoe', 'username,email,timecreated', 2));
> $this->assertFalse(\core_user::get_user_by_username('johndoe', 'username,email,timecreated', 2));
// Create a new user from a different host. $record['mnethostid'] = 2; $userexpected2 = $this->getDataGenerator()->create_user($record); // Assert that the new user is returned when specified the correct mnethostid.
< $this->assertEquals($userexpected2, core_user::get_user_by_username('johndoe', '*', 2));
> $this->assertEquals($userexpected2, \core_user::get_user_by_username('johndoe', '*', 2));
// Assert that a user not in the db return false.
< $this->assertFalse(core_user::get_user_by_username('janedoe'));
> $this->assertFalse(\core_user::get_user_by_username('janedoe'));
} public function test_search() { global $DB; self::init_search_tests(); // Set up three courses for test. $generator = $this->getDataGenerator(); $course1 = $generator->create_course(); $course2 = $generator->create_course(); $course3 = $generator->create_course(); // Manager user in system level. $manager = $generator->create_user(['firstname' => 'Manager', 'lastname' => 'Person', 'email' => 'x@x.x']); $systemcontext = \context_system::instance(); $generator->role_assign($DB->get_field('role', 'id', ['shortname' => 'manager']), $manager->id, $systemcontext->id); // Teachers in one and two courses. $teacher1 = $generator->create_user(['firstname' => 'Alberto', 'lastname' => 'Unwin', 'email' => 'a.unwin@x.x']); $generator->enrol_user($teacher1->id, $course1->id, 'teacher'); $teacher2and3 = $generator->create_user(['firstname' => 'Alexandra', 'lastname' => 'Penguin', 'email' => 'sillypenguin@x.x']); $generator->enrol_user($teacher2and3->id, $course2->id, 'teacher'); $generator->enrol_user($teacher2and3->id, $course3->id, 'teacher'); // Students in each course and some on multiple courses. $student1 = $generator->create_user(['firstname' => 'Amanda', 'lastname' => 'Hodder', 'email' => 'hodder_a@x.x']); $generator->enrol_user($student1->id, $course1->id, 'student'); $student2 = $generator->create_user(['firstname' => 'Audrey', 'lastname' => 'Methuen', 'email' => 'audrey@x.x']); $generator->enrol_user($student2->id, $course2->id, 'student'); $student3 = $generator->create_user(['firstname' => 'Austin', 'lastname' => 'Bloomsbury', 'email' => 'a.bloomsbury@x.x']); $generator->enrol_user($student3->id, $course3->id, 'student'); $student1and2 = $generator->create_user(['firstname' => 'Augustus', 'lastname' => 'Random', 'email' => 'random@x.x']); $generator->enrol_user($student1and2->id, $course1->id, 'student'); $generator->enrol_user($student1and2->id, $course2->id, 'student'); $studentall = $generator->create_user(['firstname' => 'Amelia', 'lastname' => 'House', 'email' => 'house@x.x']); $generator->enrol_user($studentall->id, $course1->id, 'student'); $generator->enrol_user($studentall->id, $course2->id, 'student'); $generator->enrol_user($studentall->id, $course3->id, 'student'); // Special mixed user (name does not begin with A) is a teacher in one course and student // in another. $mixed = $generator->create_user(['firstname' => 'Xavier', 'lastname' => 'Harper', 'email' => 'xh1248@x.x']); $generator->enrol_user($mixed->id, $course1->id, 'student'); $generator->enrol_user($mixed->id, $course3->id, 'teacher'); // As admin user, try searching for somebody at system level by first name, checking the // results. $this->setAdminUser();
< $result = core_user::search('Amelia');
> $result = \core_user::search('Amelia');
$this->assertCount(1, $result); // Check some basic fields, and test other fields are present. $this->assertEquals($studentall->id, $result[0]->id); $this->assertEquals('Amelia', $result[0]->firstname); $this->assertEquals('House', $result[0]->lastname); $this->assertEquals('house@x.x', $result[0]->email); $this->assertEquals(0, $result[0]->deleted); $this->assertObjectHasAttribute('firstnamephonetic', $result[0]); $this->assertObjectHasAttribute('lastnamephonetic', $result[0]); $this->assertObjectHasAttribute('middlename', $result[0]); $this->assertObjectHasAttribute('alternatename', $result[0]); $this->assertObjectHasAttribute('imagealt', $result[0]); $this->assertObjectHasAttribute('username', $result[0]); // Now search by lastname, both names, and partials, case-insensitive.
< $this->assertEquals($result, core_user::search('House')); < $this->assertEquals($result, core_user::search('Amelia house')); < $this->assertEquals($result, core_user::search('amelI')); < $this->assertEquals($result, core_user::search('hoUs')); < $this->assertEquals($result, core_user::search('Amelia H'));
> $this->assertEquals($result, \core_user::search('House')); > $this->assertEquals($result, \core_user::search('Amelia house')); > $this->assertEquals($result, \core_user::search('amelI')); > $this->assertEquals($result, \core_user::search('hoUs')); > $this->assertEquals($result, \core_user::search('Amelia H'));
// Admin user can also search by email (full or partial).
< $this->assertEquals($result, core_user::search('house@x.x')); < $this->assertEquals($result, core_user::search('hOuse@'));
> $this->assertEquals($result, \core_user::search('house@x.x')); > $this->assertEquals($result, \core_user::search('hOuse@'));
// What if we just search for A? (They all begin with A except the manager.)
< $result = core_user::search('a');
> $result = \core_user::search('a');
$this->assertCount(7, $result); // Au gets us Audrey, Austin, and Augustus - in alphabetical order by surname.
< $result = core_user::search('au');
> $result = \core_user::search('au');
$this->assertCount(3, $result); $this->assertEquals('Austin', $result[0]->firstname); $this->assertEquals('Audrey', $result[1]->firstname); $this->assertEquals('Augustus', $result[2]->firstname); // But if we search within course 2 we'll get Audrey and Augustus first. $course2context = \context_course::instance($course2->id);
< $result = core_user::search('au', $course2context);
> $result = \core_user::search('au', $course2context);
$this->assertCount(3, $result); $this->assertEquals('Audrey', $result[0]->firstname); $this->assertEquals('Augustus', $result[1]->firstname); $this->assertEquals('Austin', $result[2]->firstname); // Try doing a few searches as manager - we should get the same results and can still // search by email too. $this->setUser($manager);
< $result = core_user::search('a');
> $result = \core_user::search('a');
$this->assertCount(7, $result);
< $result = core_user::search('au', $course2context);
> $result = \core_user::search('au', $course2context);
$this->assertCount(3, $result);
< $result = core_user::search('house@x.x');
> $result = \core_user::search('house@x.x');
$this->assertCount(1, $result); // Teacher 1. No site-level permission so can't see users outside the enrolled course. $this->setUser($teacher1);
< $result = core_user::search('au');
> $result = \core_user::search('au');
$this->assertCount(1, $result); $this->assertEquals('Augustus', $result[0]->firstname); // Can still search by email for that user.
< $result = core_user::search('random@x.x');
> $result = \core_user::search('random@x.x');
$this->assertCount(1, $result); // Search everyone - teacher can only see four users (including themself).
< $result = core_user::search('a');
> $result = \core_user::search('a');
$this->assertCount(4, $result); // Search within course 2 - you get the same four users (which doesn't include // everyone on that course) but the two on course 2 should be first.
< $result = core_user::search('a', $course2context);
> $result = \core_user::search('a', $course2context);
$this->assertCount(4, $result); $this->assertEquals('Amelia', $result[0]->firstname); $this->assertEquals('Augustus', $result[1]->firstname); // Other teacher. $this->setUser($teacher2and3);
< $result = core_user::search('au');
> $result = \core_user::search('au');
$this->assertCount(3, $result);
< $result = core_user::search('a');
> $result = \core_user::search('a');
$this->assertCount(5, $result); // Student can only see users on course 3. $this->setUser($student3);
< $result = core_user::search('a');
> $result = \core_user::search('a');
$this->assertCount(3, $result);
< $result = core_user::search('au');
> $result = \core_user::search('au');
$this->assertCount(1, $result); $this->assertEquals('Austin', $result[0]->firstname); // Student cannot search by email.
< $result = core_user::search('a.bloomsbury@x.x');
> $result = \core_user::search('a.bloomsbury@x.x');
$this->assertCount(0, $result); // Student on all courses can see all the A users. $this->setUser($studentall);
< $result = core_user::search('a');
> $result = \core_user::search('a');
$this->assertCount(7, $result); // Mixed user can see users on courses 1 and 3. $this->setUser($mixed);
< $result = core_user::search('a');
> $result = \core_user::search('a');
$this->assertCount(6, $result); // Mixed user can search by email for students on course 3 but not on course 1.
< $result = core_user::search('hodder_a@x.x');
> $result = \core_user::search('hodder_a@x.x');
$this->assertCount(0, $result);
< $result = core_user::search('house@x.x');
> $result = \core_user::search('house@x.x');
$this->assertCount(1, $result); } /** * Tests the search() function with limits on the number to return. */ public function test_search_with_count() { self::init_search_tests(); $generator = $this->getDataGenerator(); $course = $generator->create_course(); // Check default limit (30). for ($i = 0; $i < 31; $i++) { $student = $generator->create_user(['firstname' => 'Guy', 'lastname' => 'Xxx' . $i, 'email' => 'xxx@x.x']); $generator->enrol_user($student->id, $course->id, 'student'); } $this->setAdminUser();
< $result = core_user::search('Guy');
> $result = \core_user::search('Guy');
$this->assertCount(30, $result); // Check a small limit.
< $result = core_user::search('Guy', null, 10);
> $result = \core_user::search('Guy', null, 10);
$this->assertCount(10, $result); // Check no limit.
< $result = core_user::search('Guy', null, 0);
> $result = \core_user::search('Guy', null, 0);
$this->assertCount(31, $result); } /** * When course is in separate groups mode and user is a student, they can't see people who * are not in the same group. This is checked by the user profile permission thing and not * currently by the original query. */ public function test_search_group_permissions() { global $DB; self::init_search_tests(); // Create one user to do the searching. $generator = $this->getDataGenerator(); $course = $generator->create_course(['groupmode' => SEPARATEGROUPS]); $searcher = $generator->create_user(['firstname' => 'Searchy', 'lastname' => 'Sam', 'email' => 'xxx@x.x']); $generator->enrol_user($searcher->id, $course->id, 'student'); $group = $generator->create_group(['courseid' => $course->id]); groups_add_member($group, $searcher); // Create a large number of people so that we have to make multiple database reads. $targets = []; for ($i = 0; $i < 50; $i++) { $student = $generator->create_user(['firstname' => 'Guy', 'lastname' => 'Xxx' . $i, 'email' => 'xxx@x.x']); $generator->enrol_user($student->id, $course->id, 'student'); $targets[] = $student; } // The first and last people are in the same group. groups_add_member($group, $targets[0]); groups_add_member($group, $targets[49]); // As searcher, we only find the 2 in the same group. $this->setUser($searcher);
< $result = core_user::search('Guy');
> $result = \core_user::search('Guy');
$this->assertCount(2, $result); // If we change the course to visible groups though, we get the max number. $DB->set_field('course', 'groupmode', VISIBLEGROUPS, ['id' => $course->id]);
< $result = core_user::search('Guy');
> $result = \core_user::search('Guy');
$this->assertCount(30, $result); } /** * When course is in separate groups mode and user is a student, they can't see people who * are not in the same group. This is checked by the user profile permission thing and not * currently by the original query. */ public function test_search_deleted_users() { self::init_search_tests(); // Create one user to do the searching. $generator = $this->getDataGenerator(); $course = $generator->create_course(); $searcher = $generator->create_user(['firstname' => 'Searchy', 'lastname' => 'Sam', 'email' => 'xxx@x.x']); $generator->enrol_user($searcher->id, $course->id, 'student'); // Create another two users to search for. $student1 = $generator->create_user(['firstname' => 'Amelia', 'lastname' => 'Aardvark']); $student2 = $generator->create_user(['firstname' => 'Amelia', 'lastname' => 'Beetle']); $generator->enrol_user($student1->id, $course->id, 'student'); $generator->enrol_user($student2->id, $course->id, 'student'); // As searcher, we find both users. $this->setUser($searcher);
< $result = core_user::search('Amelia');
> $result = \core_user::search('Amelia');
$this->assertCount(2, $result); // What if one is deleted? delete_user($student1);
< $result = core_user::search('Amelia');
> $result = \core_user::search('Amelia');
$this->assertCount(1, $result); $this->assertEquals('Beetle', $result[0]->lastname); // Delete the other, for good measure. delete_user($student2);
< $result = core_user::search('Amelia');
> $result = \core_user::search('Amelia');
$this->assertCount(0, $result); } /** * Carries out standard setup for the search test functions. */ protected static function init_search_tests() { global $DB; // For all existing users, set their name and email to something stupid so we don't // accidentally find one, confusing the test counts. $DB->set_field('user', 'firstname', 'Zaphod'); $DB->set_field('user', 'lastname', 'Beeblebrox'); $DB->set_field('user', 'email', 'zaphod@beeblebrox.example.org'); // This is the default value, but let's set it just to be certain in case it changes later. // It affects what fields admin (and other users with the viewuseridentity permission) can // search in addition to the name. set_config('showuseridentity', 'email'); } /** * Test require_active_user */ public function test_require_active_user() { global $DB; // Create a default user for the test. $userexpected = $this->getDataGenerator()->create_user(); // Simple case, all good.
< core_user::require_active_user($userexpected, true, true);
> \core_user::require_active_user($userexpected, true, true);
// Set user not confirmed. $DB->set_field('user', 'confirmed', 0, array('id' => $userexpected->id)); try {
< core_user::require_active_user($userexpected); < } catch (moodle_exception $e) {
> \core_user::require_active_user($userexpected); > } catch (\moodle_exception $e) {
$this->assertEquals('usernotconfirmed', $e->errorcode); } $DB->set_field('user', 'confirmed', 1, array('id' => $userexpected->id)); // Set nologin auth method. $DB->set_field('user', 'auth', 'nologin', array('id' => $userexpected->id)); try {
< core_user::require_active_user($userexpected, false, true); < } catch (moodle_exception $e) {
> \core_user::require_active_user($userexpected, false, true); > } catch (\moodle_exception $e) {
$this->assertEquals('suspended', $e->errorcode); } // Check no exceptions are thrown if we don't specify to check suspended.
< core_user::require_active_user($userexpected);
> \core_user::require_active_user($userexpected);
$DB->set_field('user', 'auth', 'manual', array('id' => $userexpected->id)); // Set user suspended. $DB->set_field('user', 'suspended', 1, array('id' => $userexpected->id)); try {
< core_user::require_active_user($userexpected, true); < } catch (moodle_exception $e) {
> \core_user::require_active_user($userexpected, true); > } catch (\moodle_exception $e) {
$this->assertEquals('suspended', $e->errorcode); } // Check no exceptions are thrown if we don't specify to check suspended.
< core_user::require_active_user($userexpected);
> \core_user::require_active_user($userexpected);
// Delete user. delete_user($userexpected); try {
< core_user::require_active_user($userexpected); < } catch (moodle_exception $e) {
> \core_user::require_active_user($userexpected); > } catch (\moodle_exception $e) {
$this->assertEquals('userdeleted', $e->errorcode); } // Use a not real user.
< $noreplyuser = core_user::get_noreply_user();
> $noreplyuser = \core_user::get_noreply_user();
try {
< core_user::require_active_user($noreplyuser, true); < } catch (moodle_exception $e) {
> \core_user::require_active_user($noreplyuser, true); > } catch (\moodle_exception $e) {
$this->assertEquals('invaliduser', $e->errorcode); } // Get the guest user. $guestuser = $DB->get_record('user', array('username' => 'guest')); try {
< core_user::require_active_user($guestuser, true); < } catch (moodle_exception $e) {
> \core_user::require_active_user($guestuser, true); > } catch (\moodle_exception $e) {
$this->assertEquals('guestsarenotallowed', $e->errorcode); } } /** * Test get_property_definition() method. */ public function test_get_property_definition() { // Try to get a existing property.
< $properties = core_user::get_property_definition('id');
> $properties = \core_user::get_property_definition('id');
$this->assertEquals($properties['type'], PARAM_INT);
< $properties = core_user::get_property_definition('username');
> $properties = \core_user::get_property_definition('username');
$this->assertEquals($properties['type'], PARAM_USERNAME); // Invalid property. try {
< core_user::get_property_definition('fullname'); < } catch (coding_exception $e) { < $this->assertRegExp('/Invalid property requested./', $e->getMessage());
> \core_user::get_property_definition('fullname'); > } catch (\coding_exception $e) { > $this->assertMatchesRegularExpression('/Invalid property requested./', $e->getMessage());
} // Empty parameter. try {
< core_user::get_property_definition(''); < } catch (coding_exception $e) { < $this->assertRegExp('/Invalid property requested./', $e->getMessage());
> \core_user::get_property_definition(''); > } catch (\coding_exception $e) { > $this->assertMatchesRegularExpression('/Invalid property requested./', $e->getMessage());
} } /** * Test validate() method. */ public function test_validate() { // Create user with just with username and firstname. $record = array('username' => 's10', 'firstname' => 'Bebe Stevens');
< $validation = core_user::validate((object)$record);
> $validation = \core_user::validate((object)$record);
// Validate the user, should return true as the user data is correct. $this->assertTrue($validation); // Create user with incorrect data (invalid country and theme). $record = array('username' => 's1', 'firstname' => 'Eric Cartman', 'country' => 'UU', 'theme' => 'beise'); // Should return an array with 2 errors.
< $validation = core_user::validate((object)$record);
> $validation = \core_user::validate((object)$record);
$this->assertArrayHasKey('country', $validation); $this->assertArrayHasKey('theme', $validation); $this->assertCount(2, $validation); // Create user with malicious data (xss). $record = array('username' => 's3', 'firstname' => 'Kyle<script>alert(1);<script> Broflovski'); // Should return an array with 1 error.
< $validation = core_user::validate((object)$record);
> $validation = \core_user::validate((object)$record);
$this->assertCount(1, $validation); $this->assertArrayHasKey('firstname', $validation); } /** * Test clean_data() method. */ public function test_clean_data() { $this->resetAfterTest(false);
< $user = new stdClass();
> $user = new \stdClass();
$user->firstname = 'John <script>alert(1)</script> Doe'; $user->username = 'john%#&~%*_doe'; $user->email = ' john@testing.com '; $user->deleted = 'no'; $user->description = '<b>A description <script>alert(123);</script>about myself.</b>';
< $usercleaned = core_user::clean_data($user);
> $usercleaned = \core_user::clean_data($user);
// Expected results. $this->assertEquals('John alert(1) Doe', $usercleaned->firstname); $this->assertEquals('john@testing.com', $usercleaned->email); $this->assertEquals(0, $usercleaned->deleted); $this->assertEquals('<b>A description <script>alert(123);</script>about myself.</b>', $user->description); $this->assertEquals('john_doe', $user->username); // Try to clean an invalid property (userfullname). $user->userfullname = 'John Doe';
< core_user::clean_data($user);
> \core_user::clean_data($user);
$this->assertDebuggingCalled("The property 'userfullname' could not be cleaned."); } /** * Test clean_field() method. */ public function test_clean_field() { // Create a 'malicious' user object/
< $user = new stdClass();
> $user = new \stdClass();
$user->firstname = 'John <script>alert(1)</script> Doe'; $user->username = 'john%#&~%*_doe'; $user->email = ' john@testing.com '; $user->deleted = 'no'; $user->description = '<b>A description <script>alert(123);</script>about myself.</b>'; $user->userfullname = 'John Doe'; // Expected results.
< $this->assertEquals('John alert(1) Doe', core_user::clean_field($user->firstname, 'firstname')); < $this->assertEquals('john_doe', core_user::clean_field($user->username, 'username')); < $this->assertEquals('john@testing.com', core_user::clean_field($user->email, 'email')); < $this->assertEquals(0, core_user::clean_field($user->deleted, 'deleted')); < $this->assertEquals('<b>A description <script>alert(123);</script>about myself.</b>', core_user::clean_field($user->description, 'description'));
> $this->assertEquals('John alert(1) Doe', \core_user::clean_field($user->firstname, 'firstname')); > $this->assertEquals('john_doe', \core_user::clean_field($user->username, 'username')); > $this->assertEquals('john@testing.com', \core_user::clean_field($user->email, 'email')); > $this->assertEquals(0, \core_user::clean_field($user->deleted, 'deleted')); > $this->assertEquals('<b>A description <script>alert(123);</script>about myself.</b>', \core_user::clean_field($user->description, 'description'));
// Try to clean an invalid property (fullname).
< core_user::clean_field($user->userfullname, 'fullname');
> \core_user::clean_field($user->userfullname, 'fullname');
$this->assertDebuggingCalled("The property 'fullname' could not be cleaned."); } /** * Test get_property_type() method. */ public function test_get_property_type() { // Fetch valid properties and verify if the type is correct.
< $type = core_user::get_property_type('username');
> $type = \core_user::get_property_type('username');
$this->assertEquals(PARAM_USERNAME, $type);
< $type = core_user::get_property_type('email');
> $type = \core_user::get_property_type('email');
$this->assertEquals(PARAM_RAW_TRIMMED, $type);
< $type = core_user::get_property_type('timezone');
> $type = \core_user::get_property_type('timezone');
$this->assertEquals(PARAM_TIMEZONE, $type); // Try to fetch type of a non-existent properties. $nonexistingproperty = 'userfullname'; $this->expectException('coding_exception'); $this->expectExceptionMessage('Invalid property requested: ' . $nonexistingproperty);
< core_user::get_property_type($nonexistingproperty);
> \core_user::get_property_type($nonexistingproperty);
$nonexistingproperty = 'mobilenumber'; $this->expectExceptionMessage('Invalid property requested: ' . $nonexistingproperty);
< core_user::get_property_type($nonexistingproperty);
> \core_user::get_property_type($nonexistingproperty);
} /** * Test get_property_null() method. */ public function test_get_property_null() { // Fetch valid properties and verify if it is NULL_ALLOWED or NULL_NOT_ALLOWED.
< $property = core_user::get_property_null('username');
> $property = \core_user::get_property_null('username');
$this->assertEquals(NULL_NOT_ALLOWED, $property);
< $property = core_user::get_property_null('password');
> $property = \core_user::get_property_null('password');
$this->assertEquals(NULL_NOT_ALLOWED, $property);
< $property = core_user::get_property_null('imagealt');
> $property = \core_user::get_property_null('imagealt');
$this->assertEquals(NULL_ALLOWED, $property);
< $property = core_user::get_property_null('middlename');
> $property = \core_user::get_property_null('middlename');
$this->assertEquals(NULL_ALLOWED, $property); // Try to fetch type of a non-existent properties. $nonexistingproperty = 'lastnamefonetic'; $this->expectException('coding_exception'); $this->expectExceptionMessage('Invalid property requested: ' . $nonexistingproperty);
< core_user::get_property_null($nonexistingproperty);
> \core_user::get_property_null($nonexistingproperty);
$nonexistingproperty = 'midlename'; $this->expectExceptionMessage('Invalid property requested: ' . $nonexistingproperty);
< core_user::get_property_null($nonexistingproperty);
> \core_user::get_property_null($nonexistingproperty);
} /** * Test get_property_choices() method. */ public function test_get_property_choices() { // Test against country property choices.
< $choices = core_user::get_property_choices('country');
> $choices = \core_user::get_property_choices('country');
$this->assertArrayHasKey('AU', $choices); $this->assertArrayHasKey('BR', $choices); $this->assertArrayNotHasKey('WW', $choices); $this->assertArrayNotHasKey('TX', $choices); // Test against lang property choices.
< $choices = core_user::get_property_choices('lang');
> $choices = \core_user::get_property_choices('lang');
$this->assertArrayHasKey('en', $choices); $this->assertArrayNotHasKey('ww', $choices); $this->assertArrayNotHasKey('yy', $choices); // Test against theme property choices.
< $choices = core_user::get_property_choices('theme');
> $choices = \core_user::get_property_choices('theme');
$this->assertArrayHasKey('boost', $choices); $this->assertArrayHasKey('classic', $choices); $this->assertArrayNotHasKey('unknowntheme', $choices); $this->assertArrayNotHasKey('wrongtheme', $choices); // Try to fetch type of a non-existent properties. $nonexistingproperty = 'language'; $this->expectException('coding_exception'); $this->expectExceptionMessage('Invalid property requested: ' . $nonexistingproperty);
< core_user::get_property_null($nonexistingproperty);
> \core_user::get_property_null($nonexistingproperty);
$nonexistingproperty = 'coutries'; $this->expectExceptionMessage('Invalid property requested: ' . $nonexistingproperty);
< core_user::get_property_null($nonexistingproperty);
> \core_user::get_property_null($nonexistingproperty);
} /** * Test get_property_default().
< * < * < * @expectedException coding_exception < * @expectedExceptionMessage Invalid property requested, or the property does not has a default value.
*/ public function test_get_property_default() { global $CFG; $this->resetAfterTest();
< $country = core_user::get_property_default('country');
> $country = \core_user::get_property_default('country');
$this->assertEquals($CFG->country, $country); set_config('country', 'AU');
< core_user::reset_caches(); < $country = core_user::get_property_default('country');
> \core_user::reset_caches(); > $country = \core_user::get_property_default('country');
$this->assertEquals($CFG->country, $country);
< $lang = core_user::get_property_default('lang');
> $lang = \core_user::get_property_default('lang');
$this->assertEquals($CFG->lang, $lang); set_config('lang', 'en');
< $lang = core_user::get_property_default('lang');
> $lang = \core_user::get_property_default('lang');
$this->assertEquals($CFG->lang, $lang); $this->setTimezone('Europe/London', 'Pacific/Auckland');
< core_user::reset_caches(); < $timezone = core_user::get_property_default('timezone');
> \core_user::reset_caches(); > $timezone = \core_user::get_property_default('timezone');
$this->assertEquals('Europe/London', $timezone); $this->setTimezone('99', 'Pacific/Auckland');
< core_user::reset_caches(); < $timezone = core_user::get_property_default('timezone');
> \core_user::reset_caches(); > $timezone = \core_user::get_property_default('timezone');
$this->assertEquals('Pacific/Auckland', $timezone);
< core_user::get_property_default('firstname');
> $this->expectException(\coding_exception::class); > $this->expectExceptionMessage('Invalid property requested, or the property does not has a default value.'); > \core_user::get_property_default('firstname');
} /** * Ensure that the noreply user is not cached. */ public function test_get_noreply_user() { global $CFG; // Create a new fake language 'xx' with the 'noreplyname'. $langfolder = $CFG->dataroot . '/lang/xx'; check_dir_exists($langfolder); $langconfig = "<?php\n\defined('MOODLE_INTERNAL') || die();"; file_put_contents($langfolder . '/langconfig.php', $langconfig); $langconfig = "<?php\n\$string['noreplyname'] = 'XXX';"; file_put_contents($langfolder . '/moodle.php', $langconfig); $CFG->lang='en'; $enuser = \core_user::get_noreply_user(); $CFG->lang='xx'; $xxuser = \core_user::get_noreply_user(); $this->assertNotEquals($enuser, $xxuser); } /** * Test is_real_user method. */ public function test_is_real_user() { global $CFG, $USER; // Real users are real users. $auser = $this->getDataGenerator()->create_user(); $guest = guest_user(); $this->assertTrue(\core_user::is_real_user($auser->id)); $this->assertTrue(\core_user::is_real_user($auser->id, true)); $this->assertTrue(\core_user::is_real_user($guest->id)); $this->assertTrue(\core_user::is_real_user($guest->id, true)); // Non-logged in users are not real users. $this->assertSame(0, $USER->id, 'The non-logged in user should have an ID of 0.'); $this->assertFalse(\core_user::is_real_user($USER->id)); $this->assertFalse(\core_user::is_real_user($USER->id, true)); // Other types of logged in users are real users. $this->setAdminUser(); $this->assertTrue(\core_user::is_real_user($USER->id)); $this->assertTrue(\core_user::is_real_user($USER->id, true)); $this->setGuestUser(); $this->assertTrue(\core_user::is_real_user($USER->id)); $this->assertTrue(\core_user::is_real_user($USER->id, true)); $this->setUser($auser); $this->assertTrue(\core_user::is_real_user($USER->id)); $this->assertTrue(\core_user::is_real_user($USER->id, true)); // Fake accounts are not real users. $CFG->noreplyuserid = null;
< $this->assertFalse(\core_user::is_real_user(core_user::get_noreply_user()->id)); < $this->assertFalse(\core_user::is_real_user(core_user::get_noreply_user()->id, true));
> $this->assertFalse(\core_user::is_real_user(\core_user::get_noreply_user()->id)); > $this->assertFalse(\core_user::is_real_user(\core_user::get_noreply_user()->id, true));
$CFG->supportuserid = null; $CFG->supportemail = 'test@example.com';
< $this->assertFalse(\core_user::is_real_user(core_user::get_support_user()->id)); < $this->assertFalse(\core_user::is_real_user(core_user::get_support_user()->id, true));
> $this->assertFalse(\core_user::is_real_user(\core_user::get_support_user()->id)); > $this->assertFalse(\core_user::is_real_user(\core_user::get_support_user()->id, true));
}
> /** } > * Tests for the {@see \core_user::awaiting_action()} method. > */ > public function test_awaiting_action() { > global $CFG, $DB, $USER; > > $guest = \core_user::get_user($CFG->siteguest); > $student = $this->getDataGenerator()->create_user(); > $teacher = $this->getDataGenerator()->create_user(); > $manager = $this->getDataGenerator()->create_user(); > $admin = get_admin(); > > $this->getDataGenerator()->role_assign($DB->get_field('role', 'id', ['shortname' => 'manager']), > $manager->id, \context_system::instance()->id); > > // Scenario: Guests required to agree to site policy. > $this->assertFalse(\core_user::awaiting_action($guest)); > > $CFG->sitepolicyguest = 'https://example.com'; > $this->assertTrue(\core_user::awaiting_action($guest)); > > $guest->policyagreed = 1; > $this->assertFalse(\core_user::awaiting_action($guest)); > > // Scenario: Student required to fill their profile. > $this->assertFalse(\core_user::awaiting_action($student)); > > $student->firstname = ''; > $this->assertTrue(\core_user::awaiting_action($student)); > > $student->firstname = 'Alice'; > $this->assertFalse(\core_user::awaiting_action($student)); > > // Scenario: Teacher force to change their password. > $this->assertFalse(\core_user::awaiting_action($teacher)); > > set_user_preference('auth_forcepasswordchange', 1, $teacher); > $this->assertTrue(\core_user::awaiting_action($teacher)); > > unset_user_preference('auth_forcepasswordchange', $teacher); > $this->assertFalse(\core_user::awaiting_action($teacher)); > > // Scenario: Admins do not need to agree to the policy but others do. > $this->assertFalse(\core_user::awaiting_action($admin)); > $this->assertFalse(\core_user::awaiting_action($manager)); > $CFG->sitepolicy = 'https://example.com'; > $this->assertFalse(\core_user::awaiting_action($admin)); > $this->assertTrue(\core_user::awaiting_action($manager)); > }