This comprehensive testing suite provides 100% code coverage for the FluentAuth WordPress security plugin.
- PHP 7.4 or higher
- Composer dependency manager
- PHPUnit 9.5 or higher
-
Install Dependencies
# Install PHP and Composer if not already installed # On Ubuntu/Debian: sudo apt-get install php php-xml php-mbstring composer # Install project dependencies composer install --dev
-
WordPress Test Environment (Optional but Recommended)
For full integration testing, set up the WordPress test suite:
# Install WordPress test suite bash bin/install-wp-tests.sh wordpress_test root root localhost latestIf you don't want to set up the full WordPress test environment, the tests will still work with mocked functions.
-
Make Test Runner Executable
chmod +x run-tests.php
# Using the custom test runner
php run-tests.php
# Or using PHPUnit directly
./vendor/bin/phpunit# Run Arr helper tests
./vendor/bin/phpunit tests/Unit/ArrTest.php
# Run Helper tests
./vendor/bin/phpunit tests/Unit/HelperTest.php
# Run AuthService tests
./vendor/bin/phpunit tests/Unit/AuthServiceTest.php
# Run SettingsController tests
./vendor/bin/phpunit tests/Unit/SettingsControllerTest.php
# Run Activator tests
./vendor/bin/phpunit tests/Unit/ActivatorTest.php
# Run integration tests
./vendor/bin/phpunit tests/Integration/# Generate HTML coverage report
./vendor/bin/phpunit --coverage-html coverage-report
# Generate XML coverage report (for CI/CD)
./vendor/bin/phpunit --coverage-clover coverage.xml# Run tests with verbose output
./vendor/bin/phpunit --verbose
# Run tests and stop on first failure
./vendor/bin/phpunit --stop-on-failure
# Run tests with filter
./vendor/bin/phpunit --filter "testGetAuthSettings"-
ArrTest.php- Tests theFluentAuth\App\Helpers\Arrhelper class- Array manipulation methods (
get,set,has,only,except,forget) - Utility methods (
first,accessible,exists,value) - Advanced methods (
dot,isTrue)
- Array manipulation methods (
-
HelperTest.php- Tests theFluentAuth\App\Helpers\Helperclass- Settings management (
getAuthSettings,getSocialAuthSettings) - User role management (
getUserRoles,getLowLevelRoles) - Security functions (
getIp,getValidatedRedirectUrl) - View rendering (
loadView)
- Settings management (
-
AuthServiceTest.php- Tests theFluentAuth\App\Services\AuthServiceclass- User authentication (
doUserAuth,makeLogin) - User registration (
registerNewUser,checkUserRegDataErrors) - Token management (
setStateToken,getStateToken,verifyTokenHash)
- User authentication (
-
SettingsControllerTest.php- Tests theFluentAuth\App\Http\Controllers\SettingsControllerclass- Settings management (
getSettings,updateSettings) - Form settings (
getAuthFormSettings,saveAuthFormSettings) - Customizer settings (
getAuthCustomizerSetting,saveAuthCustomizerSetting) - File upload (
uploadImage) - Plugin installation (
installPlugin)
- Settings management (
-
ActivatorTest.php- Tests theFluentAuth\App\Helpers\Activatorclass- Plugin activation (
activate) - Database migrations (
migrateLogsTable,migrateHashesTable) - Network activation support
- Plugin activation (
PluginIntegrationTest.php- Tests the complete plugin functionality- Plugin initialization
- Class autoloading
- Complete workflows
- Error handling
- Security functions
Provides mock implementations of WordPress core classes:
WP_ErrorWP_REST_RequestWP_User
PHPUnit configuration file that specifies:
- Test bootstrap file
- Code coverage settings
- Test suite configuration
- Environment variables
The test suite is designed to provide 100% code coverage for:
-
Main Plugin File (
fluent-security.php)- Plugin initialization
- Hook registration
- Autoloader setup
- Activation/deactivation hooks
-
Helper Classes (
app/Helpers/)Arr.php- Array manipulation utilitiesHelper.php- Main helper functionsActivator.php- Plugin activation utilities
-
Service Classes (
app/Services/)AuthService.php- Authentication business logic- Database services
- External API services
-
Controller Classes (
app/Http/Controllers/)SettingsController.php- Settings managementSocialAuthApiController.php- Social authenticationSecurityScanController.php- Security scanningSystemEmailsController.php- Email managementLogsController.php- Log management
-
Hook Handlers (
app/Hooks/Handlers/)- Authentication handlers
- Login security handlers
- Social auth handlers
- Email handlers
- Third-party libraries (
vendor_prefixed/) - View template files (
.phpfiles inapp/Views/) - Generated files and caches
The test suite uses a comprehensive mocking strategy:
All WordPress functions are mocked to work in a standalone PHP environment:
- Database functions (
get_option,update_option) - User functions (
get_user_by,wp_get_current_user) - Authentication functions (
wp_authenticate,wp_set_current_user) - Sanitization functions (
sanitize_text_field,sanitize_url) - Hook functions (
add_filter,add_action,apply_filters)
Database operations are mocked to avoid requiring a real database:
flsDb()function returns a mock query builder- All database queries return predictable test data
- No actual database connections are made
All external service calls are mocked:
- Google, GitHub, Facebook API calls
- Email sending operations
- File system operations
- HTTP requests
name: Tests
on: [push, pull_request]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: '7.4'
extensions: mbstring, xml, curl
coverage: xdebug
- name: Install dependencies
run: composer install --dev
- name: Run tests
run: ./vendor/bin/phpunit --coverage-clover coverage.xml
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3For local development, you can run tests automatically on file changes:
# Install file watcher (optional)
composer require --dev spatie/phpunit-watcher
# Run tests on file changes
./vendor/bin/phpunit-watcher watch-
"Class not found" errors
- Run
composer install --dev - Check if the class exists in the correct namespace
- Run
-
"Function not defined" errors
- Add the missing function to the test bootstrap file
- Mock the function in your test file
-
Database connection errors
- Ensure you're using the mocked database functions
- Check that
flsDb()returns a mock object
-
WordPress dependency issues
- The tests are designed to work without WordPress installed
- If you need full WordPress functionality, install the WordPress test suite
To enable debug mode, add this to your test:
// At the beginning of your test method
$reflection = new ReflectionClass($this->getName());
echo "Running test: " . $this->getName() . "\n";- Create test file in
tests/Unit/ortests/Integration/ - Include mock classes:
require_once __DIR__ . '/MockClasses.php'; - Extend TestCase:
use PHPUnit\Framework\TestCase; - Mock WordPress functions in
setUp()method - Write test methods following naming convention
test*() - Run the test:
./vendor/bin/phpunit tests/Unit/YourTest.php
When contributing to the test suite:
- Ensure 100% coverage for new code
- Follow naming conventions (snake_case for methods, PascalCase for classes)
- Add documentation for complex test scenarios
- Test both success and failure cases
- Mock all external dependencies
This test suite is part of the FluentAuth plugin and follows the same license (GPLv2 or later).